公开(公告)号：US10019288B2

公开(公告)日：2018-07-10

申请号：US15262710

申请日：2016-09-12

Applicant: MediaTek Inc.

Inventor： Ching-Fu Kung ,  Sheng-Yu Chiu

IPC: G06F9/50 ,  G06F12/02 ,  G06F9/455 ,  G06F3/06 ,  G06F12/00 ,  G06F12/06

CPC classification number: G06F9/5016 ,  G06F3/0604 ,  G06F3/0631 ,  G06F3/0662 ,  G06F9/45558 ,  G06F12/00 ,  G06F12/02 ,  G06F12/0223 ,  G06F12/023 ,  G06F12/0292 ,  G06F12/06 ,  G06F12/1009 ,  G06F12/1483 ,  G06F2009/4557 ,  G06F2009/45583 ,  G06F2212/1044

Abstract: A hypervisor hosted by a computing system performs a method to allocate a contiguous physical memory space to a device. A given region of physical memory is marked as migratable. From an operating system (OS) kernel, the hypervisor receives a request for memory allocation to the device, the request indicating a first set of available virtualized pages in a virtualized memory. In response to the request, the hypervisor identifies a set of contiguous frames in the given region to be allocated to the device. The set of contiguous frames are mapped to a second set of virtualized pages. The hypervisor disables the mapping for the first set of available virtualized pages and the second set of virtualized pages. Then one or more occupied frames in the set of contiguous frames are migrated out of the given region to allow for allocation of the set of contiguous frames to the device.

公开(公告)号：US20180074863A1

公开(公告)日：2018-03-15

申请号：US15262710

申请日：2016-09-12

Applicant: MediaTek Inc.

Inventor： Ching-Fu Kung ,  Sheng-Yu Chiu

IPC: G06F9/50 ,  G06F12/02 ,  G06F9/455

CPC classification number: G06F9/5016 ,  G06F3/0604 ,  G06F3/0631 ,  G06F3/0662 ,  G06F9/45558 ,  G06F12/00 ,  G06F12/02 ,  G06F12/0223 ,  G06F12/023 ,  G06F12/0292 ,  G06F12/06 ,  G06F12/1009 ,  G06F12/1483 ,  G06F2009/4557 ,  G06F2009/45583 ,  G06F2212/1044

Abstract: A hypervisor hosted by a computing system performs a method to allocate a contiguous physical memory space to a device. A given region of physical memory is marked as migratable. From an operating system (OS) kernel, the hypervisor receives a request for memory allocation to the device, the request indicating a first set of available virtualized pages in a virtualized memory. In response to the request, the hypervisor identifies a set of contiguous frames in the given region to be allocated to the device. The set of contiguous frames are mapped to a second set of virtualized pages. The hypervisor disables the mapping for the first set of available virtualized pages and the second set of virtualized pages. Then one or more occupied frames in the set of contiguous frames are migrated out of the given region to allow for allocation of the set of contiguous frames to the device.

公开(公告)号：US20170060783A1

公开(公告)日：2017-03-02

申请号：US15064601

申请日：2016-03-09

Applicant: MEDIATEK INC.

Inventor： Sheng-Yu Chiu ,  Ching-Fu Kung ,  Chih-Pin Su ,  Ming-Hsien Hsieh

IPC: G06F12/14 ,  G06F12/10 ,  G06F3/06

CPC classification number: G06F12/1483 ,  G06F12/1009 ,  G06F12/145 ,  G06F2212/1052

Abstract: An apparatus for performing secure memory allocation control in an electronic device and an associated method are provided. The electronic device may include a plurality of bus master circuits, each of which has capability of accessing data through a bus of the electronic device, and may further include a plurality of master side memory address filters (MAFs) that are coupled between the bus and the bus master circuits, where the apparatus may include a control circuit that is coupled to the master side MAFs. In addition, the control circuit may be arranged for controlling secure memory allocation of the electronic device through the master side MAFs, to restrict any unauthorized access to any portion of secure data within the electronic device. Additionally, the master side MAFs may be arranged for selectively restricting data accessing activities of the bus master circuits through memory address filtering.

Abstract translation: 提供一种用于在电子设备中执行安全存储器分配控制的装置和相关联的方法。 电子设备可以包括多个总线主电路，每个总线主电路具有通过电子设备的总线访问数据的能力，并且还可以包括多个主侧存储器地址过滤器（MAF），其耦合在总线与 总线主电路，其中装置可以包括耦合到主侧MAF的控制电路。 此外，控制电路可以被布置用于通过主侧MAF来控制电子设备的安全存储器分配，以限制对电子设备内的任何安全数据部分的未经授权的访问。 此外，主侧MAF可以被布置用于通过存储器地址过滤来选择性地限制总线主控电路的数据访问活动。