-
公开(公告)号:US20100306393A1
公开(公告)日:2010-12-02
申请号:US12472120
申请日:2009-05-26
IPC分类号: G06F15/16
CPC分类号: G06Q10/10
摘要: Embodiments disclosed herein extend to the use of external access objects in a multi-tenant environment. First and second tenants contract for operations that users of the second tenant will perform in the first tenant. Identity criteria for the users are determined. These users are mapped to an external access object that represents the second tenant users when performing the operations in the first tenant. The external access object is also associated with the resources and/or data that the users of the second tenant will be allowed access to when performing the operations. The users of the second tenant provide a request for access to the resources and/or data to perform operations. Identity criteria are determined and the users are mapped to an external access object based on the identity criteria. It is determined if the user has permission to access the resources and/or data and perform the operations.
摘要翻译: 本文公开的实施例扩展到在多租户环境中使用外部访问对象。 第一和第二租户合同第二租户的用户将在第一租户中履行业务。 确定用户的身份标准。 这些用户被映射到在第一租户执行操作时表示第二租户用户的外部访问对象。 外部访问对象也与在执行操作时允许第二租户的用户访问的资源和/或数据相关联。 第二租户的用户提供访问资源和/或数据以执行操作的请求。 确定身份标准,并且基于身份标准将用户映射到外部访问对象。 确定用户是否具有访问资源和/或数据并执行操作的许可。
-
12.发明申请Protecting the security of secure data sent from a central processor for processing by a further processing device 有权保护从中央处理器发送的安全数据的安全性,以便由另外的处理设备进行处理公开(公告)号:US20090172411A1
公开(公告)日:2009-07-02
申请号:US12003858
申请日:2008-01-02
IPC分类号: G06F12/14
CPC分类号: G06F21/53 , G06F21/74 , G06F2221/2105
摘要: A data processing apparatus comprising: a data processor for processing data in a secure and a non-secure mode, said data processor processing data in said secure mode having access to secure data that is not accessible to said data processor in said non-secure mode, and processing data in said secure mode being performed under control of a secure operating system and processing data in said non-secure mode being performed under control of a non-secure operating system; and a further processing device for performing a task in response to a request from said data processor, said task comprising processing data at least some of which is secure data; wherein said further processing device is responsive to receipt of a signal to suspend said task to initiate: processing of said secure data using a secure key; and storage of said processed secure data to a non-secure data store; and is responsive to receipt of a signal to resume said task to initiate: retrieval of said processed secure data from said non-secure data store; and restoring of said processed secure data using said secure key; wherein said secure key is securely stored such that it is not accessible to other processes operating in said non-secure mode.
摘要翻译: 一种数据处理装置,包括:用于以安全和非安全模式处理数据的数据处理器,所述数据处理器处理所述安全模式中的数据,以访问在所述非安全模式下所述数据处理器不可访问的安全数据 并且在安全操作系统的控制下执行所述安全模式中的处理数据,并且在非安全操作系统的控制下执行所述非安全模式中的数据处理; 以及用于响应于来自所述数据处理器的请求执行任务的另一处理装置,所述任务包括处理数据,其中至少一些是安全数据; 其中所述另外的处理设备响应于收到信号以暂停所述任务以启动:使用安全密钥处理所述安全数据; 以及将所述处理的安全数据存储到非安全数据存储器; 并且响应于接收到信号以恢复所述任务以启动:从所述非安全数据存储中检索所述处理的安全数据; 以及使用所述安全密钥恢复所述处理的安全数据; 其中所述安全密钥被安全地存储,使得对于在所述非安全模式中操作的其他进程是不可访问的。
-
13.发明授权Data processing apparatus and method for cache line replacement responsive to the operational state of memory 有权响应于存储器的操作状态的高速缓存行替换的数据处理装置和方法公开(公告)号:US06490655B1
公开(公告)日:2002-12-03
申请号:US09394424
申请日:1999-09-13
申请人: Daniel Kershaw
发明人: Daniel Kershaw
IPC分类号: G06F1200
CPC分类号: G06F12/127 , G06F12/0804 , G06F13/18
摘要: A data processing system 2 is described including a cache memory 8 and a plurality of DRAM banks 16, 18, 20, 22. A victim select circuit 32 within a cache controller 10 selects victim cache storage lines 28 upon a cache miss such that unlocked cache storage lines are selected in preference to locked cache storage lines, non-dirty cache storage lines are selected in preference to dirty cache storage lines, and cache storage lines requiring a write back to a non-busy DRAM bank are selected in preference to cached storage lines requiring a write back to a busy DRAM storage bank. A DRAM controller 24 is provided that continuously performs a background processing operation whereby dirty cache storage lines 28 within a cache memory 8 are written back to their respective DRAM banks 16, 18, 20, 22 when these are not busy performing other operations and when the cache storage line has a least recently used value below a certain threshold. A bus arbitration circuit 12 is provided that re-arbitrates bus master priorities in dependence upon determined latencies for respective memory access requests. As an example, if a high priority memory access request results a cache miss, with a lower priority memory access request resulting in a cache hit, then the lower priority memory access request will be re-arbitrated to be performed ahead of the normally higher priority memory access request and may be finished before that higher priority memory access request starts to return data words to a data bus 14.
摘要翻译: 描述了数据处理系统2,其包括高速缓存存储器8和多个DRAM组16,18,20,22。高速缓存控制器10内的受害者选择电路32在高速缓存未命中时选择受害者高速缓存存储线28,使得未锁定的高速缓存 存储线优先于锁定的高速缓存存储线,优先选择非脏高速缓冲存储器存储线,并且优先于缓存存储线选择需要写入非忙DRAM库的高速缓存存储线 需要写回繁忙的DRAM存储库的行。 提供DRAM控制器24,其连续执行后台处理操作,由此当高速缓存存储器8内的脏高速缓存存储线28在其不忙于执行其他操作时被写回到它们各自的DRAM存储体16,18,20,22,并且当 高速缓存存储线具有低于一定阈值的最近最近使用的值。 提供总线仲裁电路12,其根据对于各个存储器访问请求的确定的延迟重新仲裁总线主机优先级。 作为示例,如果高优先级存储器访问请求导致高速缓存未命中,则优先级较低的存储器访问请求导致高速缓存命中,则优先级较低的存储器访问请求将被重新仲裁以在正常较高优先级之前执行 存储器访问请求,并且可以在更高优先级的存储器访问请求开始将数据字返回到数据总线14之前完成。
-
公开(公告)号:US08700688B2
公开(公告)日:2014-04-15
申请号:US12379447
申请日:2009-02-23
CPC分类号: G06F9/3001 , G06F7/726
摘要: A data processing system 2 includes an instruction decoder 22 responsive to polynomial divide instructions DIVL.PN to generate control signals that control processing circuitry 26 to perform a polynomial division operation. The denominator polynomial is represented by a denominator value stored within a register with an assumption that the highest degree term of the polynomial always has a coefficient of “1” such that this coefficient need not be stored within the register storing the denominator value and accordingly the denominator polynomial may have a degree one higher than would be possible with the bit space within the register storing the denominator value alone. The polynomial divide instruction returns a quotient value and a remainder value respectively representing the quotient polynomial and the remainder polynomial.
摘要翻译: 数据处理系统2包括响应多项式除法指令DIVL.PN以产生控制处理电路26执行多项式除法运算的控制信号的指令译码器22。 分母多项式由存储在寄存器中的分母值表示,假设多项式的最高度项总是具有系数“1”,使得该系数不需要存储在存储分母值的寄存器中,因此 分母多项式可以具有比存储分母值的寄存器内的位空间更高的程度。 多项式除法指令返回分别表示商多项式和余数多项式的商值和余数值。
-
公开(公告)号:US07886098B2
公开(公告)日:2011-02-08
申请号:US11898640
申请日:2007-09-13
申请人: Daniel Kershaw , Stuart David Biles
发明人: Daniel Kershaw , Stuart David Biles
CPC分类号: G06F12/1416 , G06F12/1491
摘要: A data processing apparatus and method for generating access requests is provided. A bus master is provided which can operate either in a secure domain or a non-secure domain of the data processing apparatus, according to a signal received from external to the bus master. The signal is generated to be fixed during normal operation of the bus master. Control logic is provided which, when the bus master device is operating in a secure domain, is operable to generate a domain specifying signal associated with an access request generated by the bus master core indicating either secure or non-secure access, in dependence on either a default memory map or securely defined memory region descriptors. Thus, the bus master operating in a secure domain can generate both secure and non-secure accesses, without itself being able to switch between secure and non-secure operation.
摘要翻译: 提供了一种用于产生访问请求的数据处理装置和方法。 根据从总线主机外部接收的信号,提供可以在数据处理装置的安全域或非安全域中操作的总线主机。 在总线主机的正常工作期间,生成固定信号。 提供控制逻辑,当总线主设备在安全域中操作时,可以根据总线主机核心生成的指示安全或非安全访问的访问请求产生一个域指定信号, 默认内存映射或安全定义的内存区域描述符。 因此,在安全域中操作的总线主机可以生成安全和非安全访问,而无需在安全和非安全操作之间进行切换。
-
公开(公告)号:US07668897B2
公开(公告)日:2010-02-23
申请号:US10461880
申请日:2003-06-16
申请人: Daniel Kershaw
发明人: Daniel Kershaw
IPC分类号: G06F7/38
CPC分类号: G06F9/3001
摘要: Within a processor 2 providing single instruction multiple data (SIMD) type operation, single data processing instructions can serve to control processing logic 4, 6, 8, 10 to perform SIMD-type processing operations upon multiple independent input values to generate multiple independent result values having a greater data width than the corresponding input values. A repartitioner (FIG. 5) in the form of appropriately controlled multiplexers serves to partition these result data values into high order bit portions and low order bit portions that are stored into separate registers 38, 40. The required SIMD width preserved result values can be read from the desired high order 38 result register or low order result register 40 without further processing being required. Furthermore, the preservation of the full result facilitates improvements in accuracy, such as over extended accumulate operations and the like.
摘要翻译: 在提供单指令多数据(SIMD)类型操作的处理器2中,单个数据处理指令可以用于控制处理逻辑4,6,8,10以在多个独立输入值上执行SIMD型处理操作,以产生多个独立结果值 具有比相应的输入值更大的数据宽度。 以适当控制的多路复用器形式的重新分配器(图5)用于将这些结果数据值分割成存储在单独的寄存器38,40中的高位位部分和低位位部分。所需的SIMD宽度保留结果值可以是 从期望的高阶38结果寄存器或低阶结果寄存器40读取,而不需要进一步的处理。 此外,保持全部结果有助于提高精度,例如过度扩展累积操作等。
-
公开(公告)号:US20080046762A1
公开(公告)日:2008-02-21
申请号:US11889644
申请日:2007-08-15
IPC分类号: G06F12/14
摘要: A data processing apparatus and method for protecting system control registers is provided. Processing logic is providing for executing software routines and a plurality of system control registers are used to store access control information for a plurality of system resources available to the processing logic when executing at least some of those software routines. Additionally, at least one write control register is provided, with each field of that register being associated with one or more of the system control registers. Disable control logic is used to generate a disable signal, and when that disable signal is clear access control information can be written into the system control registers, and write restriction data can be written into each of the fields of the at least one write control register. Then, when the disable control logic sets the disable signal, the at least one write control register becomes read only, and for each field that has write restriction data therein those associated system control registers indicated by the write restriction data also become read only. This mechanism provides a very flexible approach for programming which system control registers are to be treated as read only registers.
摘要翻译: 提供一种用于保护系统控制寄存器的数据处理装置和方法。 处理逻辑正在提供执行软件程序,并且当执行这些软件程序中的至少一些时,多个系统控制寄存器用于存储可用于处理逻辑的多个系统资源的访问控制信息。 此外,提供至少一个写入控制寄存器,该寄存器的每个字段与一个或多个系统控制寄存器相关联。 禁止控制逻辑用于产生禁用信号,当禁用信号清除时,访问控制信息可以写入系统控制寄存器,写入限制数据可写入至少一个写入控制寄存器的每个字段 。 然后,当禁用控制逻辑设置禁止信号时,至少一个写入控制寄存器变为只读,并且对于其中具有写入限制数据的每个字段,由写入限制数据指示的那些相关联的系统控制寄存器也变为只读。 这种机制提供了非常灵活的编程方式,哪些系统控制寄存器被视为只读寄存器。
-
公开(公告)号:US20060294248A1
公开(公告)日:2006-12-28
申请号:US11168957
申请日:2005-06-28
申请人: Daniel Kershaw
发明人: Daniel Kershaw
IPC分类号: G06F15/16
CPC分类号: H04L67/34 , H04L65/1006
摘要: A communications server is provided that is able to receive a Session Initiation Protocol (SIP) message, and access SIP client-specific information within the SIP message. The client specific information can be provided in a user agent header. The server automatically adapts its interaction with the SIP client based on the client-specific information. A method of automatically configuring a communications server is also provided.
摘要翻译: 提供能够接收会话发起协议(SIP)消息并且在SIP消息内访问SIP客户端特定信息的通信服务器。 可以在用户代理头部中提供客户端特定信息。 服务器根据客户端特定的信息自动适应与SIP客户端的交互。 还提供了一种自动配置通信服务器的方法。
-
公开(公告)号:US20060242221A1
公开(公告)日:2006-10-26
申请号:US11114238
申请日:2005-04-26
申请人: Micah McDaniel , Ann Chin , Daniel Kershaw
发明人: Micah McDaniel , Ann Chin , Daniel Kershaw
IPC分类号: G06F7/50
摘要: A data processing apparatus operable to sum data values said data processing apparatus comprising: a plurality of adder logic stages arranged in parallel with each other; control logic operable in response to receipt of a request to sum two data values to forward portions of said two data values to respective ones of said plurality of adder logic stages, such that a first adder logic stage receives a predetermined number of lowest significant bits from each of said two data values and subsequent adder logic stages receive said predetermined number of successively higher significant bits from each of said two data values, each of said plurality of adder logic stages being operable to perform a carry propagate addition of said received portions to generate an intermediate sum, a propagate value and a carry; and further logic stages operable to receive said intermediate sums, carries and propagate values generated from said plurality of adder logic stages and to combine said received intermediate sums, carries and propagate values to produce a sum of said two data values; wherein said control logic is operable in response to receipt of a request to add a third data value to said sum of said two data values, received before said further logic has completed said sum, to forward portions of said third data value to respective ones of said plurality of adder logic stages and to feedback said intermediate sums generated by said plurality of adder logic stages and to selectively feedback a carry generated from a preceding adder logic stage; and said plurality of adder logic stages are operable to perform a carry propagate addition of said fedback intermediate sums and carrys with respective portions of said third data value to generate a plurality of further intermediate sums, further carrys and further propagate values; and wherein said further logic stages are operable to receive said plurality of further intermediate sums, further carries and further propagate values and to combine said received further intermediate sums, carries and propagate values to produce a sum of said three data values.
-
公开(公告)号:US07020751B2
公开(公告)日:2006-03-28
申请号:US10201955
申请日:2002-07-25
申请人: Daniel Kershaw
发明人: Daniel Kershaw
IPC分类号: G06F12/00
CPC分类号: G06F12/127 , G06F12/0804 , G06F13/18
摘要: A data processing system 2 is described including a cache memory 8 and a plurality of DRAM banks 16, 18, 20, 22. A victim select circuit 32 within a cache controller 10 selects victim cache storage lines 28 upon a cache miss such that unlocked cache storage lines are selected in preference to locked cache storage lines, non-dirty cache storage lines are selected in preference to dirty cache storage lines, and cache storage lines requiring a write back to a non-busy DRAM bank are selected in preference to cached storage lines requiring a write back to a busy DRAM storage bank. A DRAM controller 24 is provided that continuously performs a background processing operation whereby dirty cache storage lines 28 within a cache memory 8 are written back to their respective DRAM banks 16, 18, 20, 22 when these are not busy performing other operations and when the cache storage line has a least recently used value below a certain threshold. A bus arbitration circuit 12 is provided that re-arbitrates bus master priorities in dependence upon determined latencies for respective memory access requests. As an example, if a high priority memory access request results a cache miss, with a lower priority memory access request resulting in a cache hit, then the lower priority memory access request will be re-arbitrated to be performed ahead of the normally higher priority memory access request and may be finished before that higher priority memory access request starts to return data words to a data bus 14.
摘要翻译: 描述了数据处理系统2,其包括高速缓存存储器8和多个DRAM存储体18,18,20,22。 高速缓存控制器10内的受害者选择电路32在高速缓存未命中时选择受害者高速缓存存储线28,以便优先选择锁定的高速缓存存储线来解锁高速缓存存储线,优先选择非脏高速缓存存储线, 选择需要写入非忙DRAM库的高速缓存存储线,优先于需要向忙DRAM存储库写回的高速缓存存储线。 提供DRAM控制器24,其连续执行后台处理操作,由此当高速缓存存储器8内的脏高速缓存存储线28在其不忙于执行其他操作时被写回到它们各自的DRAM存储体16,18,20,22,并且当 高速缓存存储线具有低于一定阈值的最近最近使用的值。 提供总线仲裁电路12,其根据对于各个存储器访问请求的确定的延迟重新仲裁总线主机优先级。 作为示例,如果高优先级存储器访问请求导致高速缓存未命中,则优先级较低的存储器访问请求导致高速缓存命中,则优先级较低的存储器访问请求将被重新仲裁以在正常较高优先级之前执行 存储器访问请求,并且可以在更高优先级的存储器访问请求开始将数据字返回到数据总线14之前完成。
-
-
-
-
-
-
-
-
-
搜索结果
65 条记录 (耗时 0.02 秒)
