公开(公告)号：US11205021B2

公开(公告)日：2021-12-21

申请号：US16403259

申请日：2019-05-03

Applicant: Apple Inc.

Inventor： Loukas Kalenderidis ,  Ivan Krstic ,  Brian J. Dawbin ,  Filip Stoklas ,  Carmen A. Bovalino, III ,  Shyam S. Toprani ,  Christopher B. Zimmermann ,  Libor Sykora ,  Arnold S. Liu ,  Lucia E. Ballard

IPC: G06F21/85 ,  G06F1/28 ,  G06F21/32

Abstract: Techniques are disclosed relating to securing an accessory interface on a computing device. In various embodiments, a computing device detects a connection of an accessory device to an accessory interface port and, in response to the detected connection, evaluates a policy defining one or more criteria for restricting unauthorized access to the accessory interface port. Based on the evaluating, the computing device determines whether to disable the accessory interface port to prevent communication with the connected accessory device. In some embodiments, the computing device includes an interconnect coupled between the processor and the accessory interface port, and the interconnect includes a hub circuit configured to facilitate communication between a plurality of devices via the interconnect. In some embodiments, the computing device, in response to determining to disable the accessory interface port, instructs the hub circuit to prevent traffic from being conveyed from the accessory interface port.

公开(公告)号：US11086800B2

公开(公告)日：2021-08-10

申请号：US16882087

申请日：2020-05-22

Applicant: Apple Inc.

Inventor： Jeremy C. Andrus ,  Joseph R. Auricchio ,  Russell A. Blaine ,  Daniel A. Chimene ,  Simon M. Douglas ,  Landon J. Fuller ,  Yevgen Goryachok ,  John K. Kim-Biggs ,  Arnold S. Liu ,  James M. Magee ,  Daniel A. Steffen ,  Roberto G. Yepez

IPC: G06F12/14 ,  G06F13/10 ,  G06F13/40 ,  G06F9/54 ,  G06F9/445 ,  G06F13/16

Abstract: Embodiments described herein provide techniques to manage drivers in a user space in a data processing system. One embodiment provides a data processing system configured perform operations, comprising discovering a hardware device communicatively coupled to the communication bus, launching a user space driver daemon, establishing an inter-process communication (IPC) link between a first proxy interface for the user space driver daemon and a second proxy interface for a server process in a kernel space, receiving, at the first proxy interface, an access right to enable access to a memory buffer in the kernel space, and relaying an access request for the memory buffer from the user space driver daemon via a third-party proxy interface to enable the user space driver daemon to access the memory buffer, the access request based on the access right.

公开(公告)号：US20200233984A1

公开(公告)日：2020-07-23

申请号：US16403259

申请日：2019-05-03

Applicant: Apple Inc.

Inventor： Loukas Kalenderidis ,  Ivan Krstic ,  Brian J. Dawbin ,  Filip Stoklas ,  Carmen A. Bovalino, III ,  Shyam S. Toprani ,  Christopher B. Zimmermann ,  Libor Sykora ,  Arnold S. Liu ,  Lucia E. Ballard

IPC: G06F21/85 ,  G06F21/32 ,  G06F1/28

Abstract: Techniques are disclosed relating to securing an accessory interface on a computing device. In various embodiments, a computing device detects a connection of an accessory device to an accessory interface port and, in response to the detected connection, evaluates a policy defining one or more criteria for restricting unauthorized access to the accessory interface port. Based on the evaluating, the computing device determines whether to disable the accessory interface port to prevent communication with the connected accessory device. In some embodiments, the computing device includes an interconnect coupled between the processor and the accessory interface port, and the interconnect includes a hub circuit configured to facilitate communication between a plurality of devices via the interconnect. In some embodiments, the computing device, in response to determining to disable the accessory interface port, instructs the hub circuit to prevent traffic from being conveyed from the accessory interface port.

公开(公告)号：US11860796B2

公开(公告)日：2024-01-02

申请号：US17397966

申请日：2021-08-09

Applicant: Apple Inc.

Inventor： Jeremy C. Andrus ,  Joseph R. Auricchio ,  Russell A. Blaine ,  Daniel A. Chimene ,  Simon M. Douglas ,  Landon J. Fuller ,  Yevgen Goryachok ,  John K. Kim-Biggs ,  Arnold S. Liu ,  James M. Magee ,  Daniel A. Steffen ,  Roberto G. Yepez

IPC: G06F9/54 ,  G06F21/57 ,  G06F13/10 ,  G06F13/40 ,  G06F9/445 ,  G06F13/16

CPC classification number: G06F13/102 ,  G06F9/44505 ,  G06F9/545 ,  G06F9/546 ,  G06F13/1673 ,  G06F13/4072

Abstract: Embodiments described herein provide techniques to manage drivers in a user space in a data processing system. One embodiment provides a data processing system configured perform operations, comprising discovering a hardware device communicatively coupled to the communication bus, launching a user space driver daemon, establishing an inter-process communication (IPC) link between a first proxy interface for the user space driver daemon and a second proxy interface for a server process in a kernel space, receiving, at the first proxy interface, an access right to enable access to a memory buffer in the kernel space, and relaying an access request for the memory buffer from the user space driver daemon via a third-party proxy interface to enable the user space driver daemon to access the memory buffer, the access request based on the access right.

公开(公告)号：US20200379925A1

公开(公告)日：2020-12-03

申请号：US16882087

申请日：2020-05-22

Applicant: Apple Inc.

Inventor： Jeremy C. Andrus ,  Joseph R. Auricchio ,  Russell A. Blaine ,  Daniel A. Chimene ,  Simon M. Douglas ,  Landon J. Fuller ,  Yevgen Goryachok ,  John K. Kim-Biggs ,  Arnold S. Liu ,  James M. Magee ,  Daniel A. Steffen ,  Roberto G. Yepez

IPC: G06F13/10 ,  G06F13/40 ,  G06F9/54 ,  G06F9/445 ,  G06F13/16

Abstract: Embodiments described herein provide techniques to manage drivers in a user space in a data processing system. One embodiment provides a data processing system configured perform operations, comprising discovering a hardware device communicatively coupled to the communication bus, launching a user space driver daemon, establishing an inter-process communication (IPC) link between a first proxy interface for the user space driver daemon and a second proxy interface for a server process in a kernel space, receiving, at the first proxy interface, an access right to enable access to a memory buffer in the kernel space, and relaying an access request for the memory buffer from the user space driver daemon via a third-party proxy interface to enable the user space driver daemon to access the memory buffer, the access request based on the access right.