Method and apparatus for managing a peripheral port of a computer system
First Claim
Patent Images
1. A method of managing a peripheral port of a computer system comprising:
- identifying, within the computer system, a descriptor list for communicating data with a peripheral device, wherein the descriptor list comprises transfer commands generated by a bus controller driver of a Central Processing Unit (CPU) of the computer system and executable by a bus controller for the peripheral port; and
manipulating the descriptor list to manage communications via the peripheral port between the peripheral device and resources of the CPU of the computer system, wherein manipulating the descriptor list comprises altering information in the descriptor list to selectively prevent the communication of the data, wherein the peripheral device is located at a remote computer and the resources of the CPU of the computer system are located at a host computer, wherein the remote computer and the host computer are coupled to one another through a network, and wherein the remote computer comprises the peripheral port, wherein manipulating comprises managing a shadow list in the remote computer, the shadow list associated with the descriptor list.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for managing a peripheral port of a computer system by identifying, within the computer system, a descriptor list for a peripheral device and manipulating the descriptor list to manage communications between a peripheral device and resources of the computer system via the peripheral port.
84 Citations
37 Claims
-
1. A method of managing a peripheral port of a computer system comprising:
-
identifying, within the computer system, a descriptor list for communicating data with a peripheral device, wherein the descriptor list comprises transfer commands generated by a bus controller driver of a Central Processing Unit (CPU) of the computer system and executable by a bus controller for the peripheral port; and manipulating the descriptor list to manage communications via the peripheral port between the peripheral device and resources of the CPU of the computer system, wherein manipulating the descriptor list comprises altering information in the descriptor list to selectively prevent the communication of the data, wherein the peripheral device is located at a remote computer and the resources of the CPU of the computer system are located at a host computer, wherein the remote computer and the host computer are coupled to one another through a network, and wherein the remote computer comprises the peripheral port, wherein manipulating comprises managing a shadow list in the remote computer, the shadow list associated with the descriptor list. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of managing a peripheral port of a computer system comprising:
-
intercepting, between a bus controller for the peripheral port and a bus driver, the bus driver for the bus controller and executed on a Central Processing Unit (CPU) of the computer system, peripheral identification information communicated from a peripheral device, through the peripheral port, to the bus controller; associating the peripheral identification information with at least one authorization criterion to establish a device authorization; and managing communications between the peripheral port and resources of the computer system, the managing communications comprising altering, based on the device authorization, information in a descriptor list generated by the bus driver, wherein the descriptor list comprises commands executable by the bus controller for transferring data with the peripheral device through the peripheral port, wherein the intercepting comprises, responsive to a hub status change, performing a hub emulation to at least partially enumerate the peripheral device, and the managing step further comprises emulating a peripheral device attachment by presenting the hub status change to the bus controller only if the device authorization is granted, and wherein performing the hub emulation further comprises managing at least one shadow descriptor list, the at least one shadow descriptor list for filtering communications with the peripheral port. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. Apparatus for managing a peripheral port of a computer system comprising:
-
a descriptor firewall coupled to memory, the memory comprising (i) secure descriptor lists generated by bus controller driver software and comprising data transfer commands for the peripheral port, and (ii) unsecure descriptor lists, executable by a bus controller to transfer data via the peripheral port; wherein the descriptor firewall is enabled to generate at least part of the unsecure descriptor lists, the at least part of the unsecure descriptor lists defined by (iii) devices coupled to the peripheral port, (iv) management criteria, and (v) at least part of the data transfer commands of the secure descriptor lists altered to prevent data transfers related to an unauthorized peripheral device; and
wherein the descriptor firewall is further enabled to process at least part of the secure descriptor lists based on the unsecure descriptor lists executed by the bus controller. - View Dependent Claims (28, 29)
-
-
30. Apparatus for managing a peripheral port of a computer system comprising:
-
a bus controller coupled between the peripheral port and a memory, wherein the memory stores at least one descriptor list comprising altered data transfer commands and the bus controller is enabled to execute the altered data transfer commands of the at least one descriptor list to transfer data via the peripheral port; and a descriptor firewall coupled between the memory and a CPU sub-system of the computer system, the descriptor firewall enabled to manage the at least one descriptor list according to authorization criteria to prevent data transfers related to an unauthorized peripheral device by generating the altered data transfer commands from original data transfer commands generated by the CPU sub-system. - View Dependent Claims (31, 32, 33)
-
-
34. A computer readable storage medium for storing computer instructions that, when executed by a processor within a computer system, cause the processor to perform a method comprising:
-
generating at least part of unsecure descriptor lists, the unsecure descriptor lists defined by (i) devices coupled to a peripheral port, (ii) management criteria, and (iii) data transfer commands of secure descriptor lists altered to prevent data transfers related to an unauthorized peripheral device; and processing at least part of the secure descriptor lists in relation to the at least part of the unsecure descriptor lists executed to transfer data via the peripheral port and the management criteria. - View Dependent Claims (35, 36, 37)
-
Specification