Method and apparatus for determining access permission

US 20040243823A1
Filed: 05/29/2003
Published: 12/02/2004
Est. Priority Date: 05/29/2003
Status: Active Grant

First Claim

Patent Images

1. Access permission circuitry, comprising:

first access protection circuitry which stores first access permission information corresponding to a first bus master;

second access protection circuitry which stores second access permission information corresponding to a second bus master;

access modification circuitry, coupled to the first and second access protection circuitry; and

an access allowed indicator provided by the access modification circuitry, wherein in response to a first access by the first bus master, the access modification circuitry receives first state information and receives the first access permission information, wherein based upon the first state information, the access modification circuitry selectively modifies the first access permission information to produce first modified access permission information, wherein the first modified access permission information is used to determine whether the access allowed indicator will allow the first access;

wherein in response to a second access by the second bus master, the access modification circuitry receives second state information and receives the second access permission information, wherein based upon the second state information, the access modification circuitry selectively modifies the second access permission information to produce second modified access permission information, and wherein the second modified access permission information is used to determine whether the access allowed indicator will allow the second access.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for determining access protection (96) includes receiving a plurality of access requests (84) corresponding to a plurality of masters (12, 14), determining access permissions (86), providing state information (60), determining access permissions (86) based on the access request (84), and selectively modifying the access permissions based on the state information (90). The state information (60) may relate to debug operation, operation from unsecure or unverified memories, memory programming, direct memory access operation, boot operation, software security verification, security levels, security monitor operation, operating mode, fault monitor, external bus interface, etc (88).

107 Citations

View as Search Results

20 Claims

1. Access permission circuitry, comprising:
- first access protection circuitry which stores first access permission information corresponding to a first bus master;
  
  second access protection circuitry which stores second access permission information corresponding to a second bus master;
  
  access modification circuitry, coupled to the first and second access protection circuitry; and
  
  an access allowed indicator provided by the access modification circuitry, wherein in response to a first access by the first bus master, the access modification circuitry receives first state information and receives the first access permission information, wherein based upon the first state information, the access modification circuitry selectively modifies the first access permission information to produce first modified access permission information, wherein the first modified access permission information is used to determine whether the access allowed indicator will allow the first access;
  
  wherein in response to a second access by the second bus master, the access modification circuitry receives second state information and receives the second access permission information, wherein based upon the second state information, the access modification circuitry selectively modifies the second access permission information to produce second modified access permission information, and wherein the second modified access permission information is used to determine whether the access allowed indicator will allow the second access.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. Access permission circuitry as in claim 1, wherein the first state information and the second state information are provided by different sources.
  - 3. Access permission circuitry as in claim 1, wherein the first state information is provided to the access permission circuitry from a source external to the access permission circuitry.
  - 4. Access permission circuitry as in claim 3, wherein the second state information is generated within the access permission circuitry.
  - 5. Access permission circuitry of claim 1, wherein the first state information indicates trustworthiness of the first bus master.
  - 6. The access permission circuitry of claim 1, wherein the first state information relates to boot operation.
  - 7. Access permission circuitry as in claim 1, wherein the access permission circuitry comprises a portion of a data processing system.
  - 8. A data processing system as in claim 7, further comprising:
    - debug circuitry for providing the first state information.
  - 9. A data processing system as in claim 7, further comprising:
    - direct memory access (DMA) circuitry for providing the first state information.
  - 10. A data processing system as in claim 7, further comprising:
    - external bus interface circuitry for providing the first state information.
  - 11. Access permission circuitry as in claim 1, wherein the first access is to a non-volatile memory.
  - 12. Access permission circuitry as in claim 1, wherein the first access protection circuitry is software programmable.
  - 13. A method as in claim 1, wherein the first bus master comprises at least one of a master that executes an instruction, a master that performs a direct memory access (DMA) operation, and a master that performs a debug operation.

14. A method for determining access protection, comprising:
- receiving a first access request corresponding to a first master;
  
  determining first access permissions corresponding to the first master;
  
  receiving first state information;
  
  selectively modifying the first access permissions based on the first state information;
  
  receiving a second access request from a second master;
  
  determining second access permissions corresponding to the second master;
  
  receiving second state information; and
  
  selectively modifying the second access permissions based on the second state information, wherein the first state information is provided from a different source than the second state information.
- View Dependent Claims (15)
- - 15. A method as in claim 14, wherein the first state information indicates trustworthiness of the first bus master.

16. A method for determining access protection, comprising:
- receiving a first access request corresponding to a first master;
  
  providing first state information;
  
  determining first access permissions based on said first access request;
  
  selectively modifying said first access permissions based on said first state information;
  
  receiving a second access request corresponding to a second master;
  
  providing second state information;
  
  determining second access permissions based on said second access request;
  
  selectively modifying said second access permissions based on said second state information.
- View Dependent Claims (17, 18, 19, 20)
- - 17. A method as in claim 16, wherein said first and second access requests are to a memory.
  - 18. A method as in claim 17, wherein said memory is non-volatile.
  - 19. A method as in claim 16, wherein said first master comprises at least one of a master that executes instructions, a master that performs direct memory access, and a master that performs a debug operation.
  - 20. A method as in claim 16, wherein said first state information relates to at least one of a debug operation, a memory operation, a direct memory access operation, a boot operation, software security verification, a security monitor operation, an operating mode, and a fault monitor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MOSAID Technologies Inc. (f/k/a Conversant Intellectual Property Management)
Original Assignee
Freescale Semiconductor, Inc. (NXP Semiconductors NV)
Inventors
Moyer, William C., Malik, Afzal M.

Granted Patent

US 7,444,668 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/62   Protecting access to data v...

G06F 21/78   to assure secure storage of...

G06F 21/82   Protecting input, output or...

Method and apparatus for determining access permission

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

107 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for determining access permission

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

107 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links