公开(公告)号：US20210397714A1

公开(公告)日：2021-12-23

申请号：US16903982

申请日：2020-06-17

Applicant: QUALCOMM INCORPORATED

Inventor： Steven HALTER ,  Samar ASBE ,  Miguel BALLESTEROS ,  Girish BHAT ,  Mahadevamurty NEMANI

IPC: G06F21/57 ,  G06F9/445 ,  G06F9/50 ,  G06F21/62

Abstract: Resource access control in a system-on-chip (“SoC”) may employ an agent executing on a processor of the SoC and a trust management engine of the SoC. The agent, such as, for example, a high-level operating system or a hypervisor, may be configured to allocate a resource comprising a memory region to an access domain and to load a software image associated with the access domain into the memory region. The trust management engine may be configured to lock the resource against access by any entity other than the access domain, to authenticate the software image associated with the access domain, and to initiate booting of the access domain in response to a successful authentication of the software image associated with the access domain.

公开(公告)号：US20210149686A1

公开(公告)日：2021-05-20

申请号：US16689666

申请日：2019-11-20

Applicant: QUALCOMM Incorporated

Inventor： Matthew SEVERSON ,  Kangmin LEE ,  Cristian DUROIU ,  Simon Peter William BOOTH ,  Steven HALTER

IPC: G06F9/445 ,  G06F1/04

Abstract: In some aspects, the present disclosure provides a method for bandgap voting. In some configurations, the method includes receiving: (i) a first set of votes from a first client of a system, and (ii) a second set of votes from a second client of the system, wherein the first set of votes indicate a first desired set of operational parameters for controlling a plurality of physical resources in the system, wherein the second set of votes indicate a second desired set of operational parameters for controlling the plurality of physical resources, and wherein the plurality of physical resources are shared by the first client and the second client.

公开(公告)号：US20210365557A1

公开(公告)日：2021-11-25

申请号：US16880819

申请日：2020-05-21

Applicant: QUALCOMM Incorporated

Inventor： Jaydeep CHOKSHI ,  Miguel BALLESTEROS ,  Mahadevamurty NEMANI ,  Samar ASBE ,  Girish BHAT ,  Alan YOUNG ,  Victor WONG ,  Steven HALTER

IPC: G06F21/57 ,  G06F21/44 ,  G06F11/36 ,  G06F13/42

Abstract: A method for external access control to protect system-on-chip (SoC) subsystems and stored subsystem assets is described. The method includes sensing, during a cold boot of an SoC hardware system, a debug fuse vector for access to SoC subsystems of an SoC owner and/or third-party subsystems of an SoC hardware architecture. The method also includes disabling access to each SoC subsystem with a blown fuse in the debug fuse vector. The method further includes re-enabling, by a secure root of trust, access to an SoC subsystem and/or a third-party subsystem for an external debugger when authentication of one or more debug certificates of a third-party owner of the external debugger is successful.