DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 01/26/2026. Claims 1, 5, 7 , 13, 17, and 19 are amended. Claims 6, and 18 are cancelled. Claims 1-5, 7-17, and 19-24 are pending in this examination.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. This examination is in response to US Patent Application No. 18/500,876.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission has been entered.
Examiner notes
Applicant is encouraged to review the relevant references for the new amendment mentioned at the conclusion section of this office action.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION. —The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-5, 7-17, and 19-24 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
The independent claims 1, and 13 recite limitation “at least one other access control parameter” renders the claim indefinite because the claim does not indicate whether there was an access control parameter in advanced, and this limitation is not clearly explained in the applicant specification of what the parameters are?
Claims 1-5, 7-14, and claims 14-17, 19-24 do not cure the deficiency of claims 1, and 13 and are rejected under 35 USC 112, 2nd paragraph, for their dependency upon claims 1, and 13.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL. —The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-5, 7-17, and 19-24 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.
The dependent claims, 1, and 13 contain “at least one other access control parameter” which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for pre-AIA the inventor(s), at the time the application was filed, had possession of the claimed invention.
Applicant is kindly requested to show the examiner support in the original disclosure for the new or amended claims. See MPEP 714.02 and 2163.06 (“Applicant should specifically point out the support for any amendments made to the disclosure").
Claims 1-5, 7-14, and claims 14-17, 19-24 do not cure the deficiency of claims 1, and 13 and are rejected under 35 USC 112, 1st paragraph, for their dependency upon claims 1, and 13.
Response to Argument
Applicant’s arguments with respect to claims 1, and 13 for newly added limitation have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
First set of rejection:
Claims 1-2, 5, 7-10, 12-14, 17, and 19-22, and 24 are rejected under 35 U.S.C. 103 as being unpatentable over US (2022/0066839) (BEHL et al.) hereinafter referred to as “BEHL” (filed in IDS 11/02/2023), and in view of US Patent No. ( US9317443)issued to Bybell.
Regarding claims 1, and 13, BEHL discloses a plurality of processing cores [e.g. 100 in Figure 1]; and
a target shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus [ see Fig. 1, a plurality of processing cores (e.g. 102); a target (e.g. 108) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 104); and
and access control logic configured to (e.g. 106; see also Figure 2), based on access configuration settings associated with the target, control initial access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores [e.g. 216 in Figure 2; paragraph [0039]; and
in order to dynamically allocate and re-allocate the target among the plurality of processing cores in accordance with the privilege levels and to dynamically utilize the target in accordance with the privilege levels [¶39, “The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n.”)]; and
wherein the access control logic is further configured to override an access mode of at least one processing core of the plurality of processing cores with at least one other access control parameter, wherein the access mode indicates whether the requests are privileged or non-privileged, and wherein controlling the initial access of requests from each of the plurality of processing cores based on the privilege level of each of the plurality of processing cores comprises controlling initial access from the at least one processing core based on the at least one other access control parameter
While BEHL discloses: [¶¶39-40, The first sub-circuit 204 is coupled to the set of communication buses 104 and includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, that is configured to control a first level of access privilege of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. The first sub-circuit 204 stores therein a first set of rules 216 associated with the first level of access privilege. The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n. This implies that the first processor core 102a is allowed to read from or write to only the plurality of peripheral registers 112a-112n of the first peripheral 108a. A second rule of the first set of rules 216 may indicate that the second processor core 102b is allowed access (e.g., read-access and write-access) to each of the plurality of peripherals 108a-108n. This implies that the second processor core 102b is allowed to read from or write to any peripheral register (e.g., the plurality of peripheral registers 112a-112n) included in the plurality of peripherals 108a-108n. It will be apparent to those of skill in the art that the first set of rules 216 may store various types of rules. For example, a rule may define, for each processor core, one or more peripherals of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core only for reading data (i.e., executing read operations). Another rule, may define, for each processor core, one or more peripherals of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core for writing data (i.e., executing write operations). Another rule may define, for each processor core, specific peripheral registers within each of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core for both reading and writing data], and [ see FIG 2 and corresponding text for more details, ¶¶36-37].
BEHL does not explicitly disclose, however, Bybell discloses [Col. 5 lines 3-28, Within computer system 100, events may occur that shift which LPAR, and which processes within an LPAR, are in control of threads of processor core 102, where these shifts are referred to as a context switch. A context may represent one or more of an application, an operating system, or a hypervisor, or a hypervisor application, sending a request to processor core 102 that requires a memory access, while operating in one or more privileged modes. A context switch may occur, for example, when guest OS 174 stops running one application from among applications 172 and begins running another application within applications 172 or when guest OS 174 stops running an application and runs a process of the operating system. In another example, a context switch may occur when hypervisor 166 switches control of processor core 102 from LPAR 170 to LPAR 176. In another example, a context switch may occur during a mode switch that occurs when a machine state for processor core 102 is shifted to set processor core 102 to operate in a hypervisor mode, which is a highest privilege mode that allows access to all of address space 154, or not to operate in a hypervisor mode, in a less privileged mode that allows access to limited portions of address space 154. In additional or alternate embodiments, other shifts between the process requesting control, the partition requesting controlling, and the privilege mode of the processor may represent context switches within processor core 102.
[ Col. 6 lines 65-67, Col. 7 lines 1-61)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of BEHL by incorporating “translation lookaside buffer (TLB) controller”, as taught by Bybell. One could have been motivated to do so in order in order to provide a current context in control of a processor requesting access to a particular address which the controller specifies a virtual address with a logical partition identifier value indicating a privilege setting of the current context , wherein each at least one entry within the TLB including entries directed to multiple privilege levels and to multiple types of address spaces.[Bybell, Abstract, Col. 1 lines 10-12].
Regarding claims 2, and 14, BEHL discloses wherein the plurality of processing cores, the target, and the access control logic are fabricated within the same multicore processor integrated circuit [¶24, FIG. 1 illustrates a schematic block diagram of a system-on-chip (SoC) 100 in accordance with an embodiment of the present disclosure. The SoC 100 includes a set of processor cores 102 of which first and second processor cores 102a and 102b are shown. The SoC 100 further includes a set of communication buses 104, a set of centralized access control circuits 106 of which first and second centralized access control circuits 106a and 106b are shown. The SoC 100 further includes first through n.sup.th peripherals 108a-108n associated with the first centralized access control circuit 106a and an (n+1). sup.th peripheral 110 associated with the second centralized access control circuit 106b].
Regarding claims 5,and 17, BEHL discloses, wherein controlling access of requests from each of the plurality of processing cores based on the privilege level of each of the plurality of processing cores comprises controlling access from at least one processing core of the plurality of processing cores to the target based on an access mode of the at least one processing core [¶39, The first sub-circuit 204 is coupled to the set of communication buses 104 and includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, that is configured to control a first level of access privilege of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. The first sub-circuit 204 stores therein a first set of rules 216 associated with the first level of access privilege. The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n. This implies that the first processor core 102a is allowed to read from or write to only the plurality of peripheral registers 112a-112n of the first peripheral 108a. A second rule of the first set of rules 216 may indicate that the second processor core 102b is allowed access (e.g., read-access and write-access) to each of the plurality of peripherals 108a-108n. This implies that the second processor core 102b is allowed to read from or write to any peripheral register (e.g., the plurality of peripheral registers 112a-112n) included in the plurality of peripherals 108a-108n].
Regarding claims 7, and 19, BEHL discloses, wherein controlling access of requests from each of the plurality of processing cores based on the privilege level of each of the plurality of processing cores comprises controlling access from at least one processing core of the plurality of processing cores to the target based on an identifier of the at least one processing core [¶39, The first sub-circuit 204 is coupled to the set of communication buses 104 and includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, that is configured to control a first level of access privilege of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. The first sub-circuit 204 stores therein a first set of rules 216 associated with the first level of access privilege. The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n. This implies that the first processor core 102a is allowed to read from or write to only the plurality of peripheral registers 112a-112n of the first peripheral 108a. A second rule of the first set of rules 216 may indicate that the second processor core 102b is allowed access (e.g., read-access and write-access) to each of the plurality of peripherals 108a-108n. This implies that the second processor core 102b is allowed to read from or write to any peripheral register (e.g., the plurality of peripheral registers 112a-112n) included in the plurality of peripherals 108a-108n], and [¶62].
Regarding claims 8,, and 20, BEHL discloses, wherein the access control logic is further configured to generate an error signal responsive to disallowing a request from a processing core to the target in accordance with the access configuration settings [¶41, The first sub-circuit 204 is configured to grant or deny the first level of access privilege to the first and second processor cores 102a and 102b for accessing a peripheral, based on a received access request and the first set of rules 216…], and [¶¶30, 45].
Regarding claims 9, and 21, BEHL discloses, wherein the access control logic may generate the error signal as an interrupt to one or more of the plurality of processing cores [¶62, Based on the first set of rules 216, the first sub-circuit 204 determines whether the first processor core 102a is allowed to access the first peripheral 108a (i.e., any of the plurality of peripheral registers 112a 112n) for executing write operations. In other words, the first sub-circuit 204 determines whether the first processor core 102a is to be granted the first level of access privilege for accessing the first peripheral 108a. In one embodiment, based on the first set of rules 216, the first sub-circuit 204 may determine that the first processor core 102a having the first identifier is not allowed to access the plurality of peripheral registers 112a-112n. Consequently, the first sub-circuit 204 may terminate the first access request and generate an error event to indicate that the first level of access privilege is denied to the first processor core 102a. Consequently, the first sub-circuit 204 may communicate a message to the first processor core 102a by way of the set of communication buses 104. The message is indicative of the generated error event].
Regarding claims 10,and 22, BEHL discloses, wherein the interrupt is communicated via one of Inter-Integrated Circuit protocol or master state machine protocol [¶29, The set of communication buses 104 is configured to facilitate communication between the set of processor cores 102, the set of centralized access control circuits 106, the plurality of peripherals 108a-108n, the (n+1).sup.th peripheral 110, and any other component on the SoC 100. For example, the set of communication buses 104 receives access requests (e.g., the first and second access requests) from the set of processor cores 102 and communicates each access request to the first or second centralized access control circuit 106a or 106b. The set of communication buses 104 may include a set of system buses, a set of peripheral buses, a set of address buses, a set of data buses, a set of control buses, a set of user buses, or a combination thereof. The set of communication buses 104 may be compliant with various bus protocols. The bus protocols may include, but not are limited to, an advanced microcontroller bus architecture (AMBA) protocol, an advanced high performance (AHB) bus protocol, or the like. The bus protocols may further include an advanced system bus (ASB) protocol, an advanced peripheral bus (APB) protocol, an advanced extensible interface (AXI) protocol, or the like.
Regarding claims 12, and 24, BEHL discloses, wherein a privilege level of at least one of the plurality of processing cores is indicated by a core identifier of the at least one of the plurality of processing cores [¶39, The first sub-circuit 204 is coupled to the set of communication buses 104 and includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, that is configured to control a first level of access privilege of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. The first sub-circuit 204 stores therein a first set of rules 216 associated with the first level of access privilege. The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n. This implies that the first processor core 102a is allowed to read from or write to only the plurality of peripheral registers 112a-112n of the first peripheral 108a. A second rule of the first set of rules 216 may indicate that the second processor core 102b is allowed access (e.g., read-access and write-access) to each of the plurality of peripherals 108a-108n. This implies that the second processor core 102b is allowed to read from or write to any peripheral register (e.g., the plurality of peripheral registers 112a-112n) included in the plurality of peripherals 108a-108n], and [[0062] Based on the first set of rules 216, the first sub-circuit 204 determines whether the first processor core 102a is allowed to access the first peripheral 108a (i.e., any of the plurality of peripheral registers 112a 112n) for executing write operations. In other words, the first sub-circuit 204 determines whether the first processor core 102a is to be granted the first level of access privilege for accessing the first peripheral 108a. In one embodiment, based on the first set of rules 216, the first sub-circuit 204 may determine that the first processor core 102a having the first identifier is not allowed to access the plurality of peripheral registers 112a-112n. Consequently, the first sub-circuit 204 may terminate the first access request and generate an error event to indicate that the first level of access privilege is denied to the first processor core 102a. Consequently, the first sub-circuit 204 may communicate a message to the first processor core 102a by way of the set of communication buses 104. The message is indicative of the generated error event.].
Claims 3-4, and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over US (2022/0066839) (BEHL et al.) hereinafter referred to as “BEHL” (filed in IDS 11/02/2023), and in view of US Patent No. ( US9317443)issued to Bybell, and further in view of US Patent No. (US2004/0177266) issued to Moyer (filed in IDS 11/02/2023).
Regarding claims 3, and 15, BEHL, and Bybell do not explicitly disclose. However, Moyer discloses, wherein at least one of the processing cores and the target are fabricated on different integrated circuits [ see FIG 1 and corresponding text for more details, ¶14, FIG. 1 illustrates one embodiment of a data processing system 10. Data processing system 10 includes a bus slave 26, a bus master 14, a bus master 15, bus arbitration logic 28, a system bus 16, a bus interface 18, a peripheral bus 20, and peripherals 22 and 24. Bus slave 26, bus master 14, bus master 15, bus arbitration logic 28, and bus interface 18 are all bidirectionally coupled to system bus 16. Bus interface 18, peripheral 22, and peripheral 24 are all bidirectionally coupled to peripheral bus 20. Peripheral 22 includes peripheral circuitry 19 and peripheral registers 21, and peripheral 24 includes peripheral circuitry 23 and peripheral registers 25].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of BEHL, and Bybell by incorporating “BUS master, and BUS slave coupled to SYSTEM bus, BUS interface and Peripherals coupled to Peripheral BUS as shown in FIG. 1”, as taught by Moyer. One could have been motivated to do so in order for implementing a data processing system with peripheral access protection [ Moyer, ¶1, see FIG.1].
Regarding claims 4, and 16, BEHL, and Bybell do not explicitly disclose. However, Moyer discloses, the target is fabricated on a first integrated circuit; a processing core is fabricated on a second integrated circuit coupled to the first integrated circuit via an inter-chip communications link [ see FIG 1 and corresponding text for more details, ¶14, FIG. 1 illustrates one embodiment of a data processing system 10. Data processing system 10 includes a bus slave 26, a bus master 14, a bus master 15, bus arbitration logic 28, a system bus 16, a bus interface 18, a peripheral bus 20, and peripherals 22 and 24. Bus slave 26, bus master 14, bus master 15, bus arbitration logic 28, and bus interface 18 are all bidirectionally coupled to system bus 16. Bus interface 18, peripheral 22, and peripheral 24 are all bidirectionally coupled to peripheral bus 20. Peripheral 22 includes peripheral circuitry 19 and peripheral registers 21, and peripheral 24 includes peripheral circuitry 23 and peripheral registers 25]; and
and the first integrated circuit and the second integrated circuit are configured such that a privilege level of the second integrated circuit is controlled by the first integrated circuit and such that the second integrated circuit is able to overwrite the privilege level [¶13, Through the use of a bus master identifier, trust attributes, and privilege levels, access to the requested peripheral can either be allowed or denied based on the permissions established by the trusted bus master. For example, in one embodiment, each master within the data processing system includes a corresponding privilege level modifier and corresponding trust attributes for particular bus access types (such as read and write accesses). Also, in one embodiment, each peripheral within the data processing system includes a corresponding trust attribute, write protect indicator, and a privilege protect indicator. Therefore, in one embodiment, a bus access by a bus master to a peripheral is allowed when the bus master has the appropriate privilege level and appropriate level of trust required by the peripheral (and the peripheral is not write protected, if the bus access is a write access). Also, through the use of privilege level modifiers, a bus master can be forced to a particular privilege level for a particular bus access], and [ see FIGs 2-5 and corresponding text for more detail].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of BEHL, and Bybell by incorporating “BUS master, and BUS slave coupled to SYSTEM bus, BUS interface and Peripherals coupled to Peripheral BUS as shown in FIG. 1”, as taught by Moyer. One could have been motivated to do so in order for implementing a data processing system with peripheral access protection [ Moyer, ¶1, see FIG.1].
Claims 11, and 23 are rejected under 35 U.S.C. 103 as being unpatentable over US (2022/0066839) (BEHL et al.) hereinafter referred to as “BEHL” (filed in IDS 11/02/2023), and in view of US Patent No. ( US9317443)issued to Bybell, and further in view of US Patent No. (US7089462) issued to Floyd.
Regarding claims 11, and 23, BEHL, Bybell do not explicitly disclose, however, Floyd wherein one or more of the plurality of processing cores may be configured to shut down the system in response to the error signal [Abstract, an early clock fault detection method and circuit for detecting clock faults in a multiprocessing system provides an error system that can be used to shut down the multiprocessing system or a processor before errors caused by loss of synchronization between multiple processors can propagate from the processor causing storage or other systems to be corrupted. The detection circuit counts cycles of a high-frequency internal processor clock generated by multiplying an external master clock signal and detects whether or not a predetermined number of clock cycles have elapsed between transitions of the external master clock signal. The detection circuit provides a clock fault output within less than a master clock cycle, which can be used to shut down the processor, system or interconnect between processors, preventing loss or corruption of data before the high-frequency clock can drift enough to cause errors].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of BEHL, and Bybell by incorporating “early clock fault detection circuit”, as taught by Floyd. One could have been motivated to do so in order for detecting clock faults in a multiprocessing system provides an error system that can be used to shut down the multiprocessing system or a processor before errors caused by loss of synchronization between multiple processors can propagate from the processor causing storage or other systems to be corrupted [ Floyd, Abstract, ¶3].
Second set of rejection:
Claims 1, and 13 are rejected under 35 U.S.C. 103 as being unpatentable over US (2022/0066839) (BEHL et al.) hereinafter referred to as “BEHL” (filed in IDS 11/02/2023), and in view of US Patent No. ( US9645949) )issued to Morfey.
Regarding claims 1, and 13, BEHL discloses a plurality of processing cores [e.g. 100 in Figure 1]; and
a target shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus [ see Fig. 1, a plurality of processing cores (e.g. 102); a target (e.g. 108) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 104); and
and access control logic configured to (e.g. 106; see also Figure 2), based on access configuration settings associated with the target, control initial access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores [e.g. 216 in Figure 2; paragraph [0039]; and
in order to dynamically allocate and re-allocate the target among the plurality of processing cores in accordance with the privilege levels and to dynamically utilize the target in accordance with the privilege levels [¶39, “The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n.”)]; and
wherein the access control logic is further configured to override an access mode of at least one processing core of the plurality of processing cores with at least one other access control parameter, wherein the access mode indicates whether the requests are privileged or non-privileged, and wherein controlling the initial access of requests from each of the plurality of processing cores based on the privilege level of each of the plurality of processing cores comprises controlling initial access from the at least one processing core based on the at least one other access control parameter
While BEHL discloses: [¶¶39-40, The first sub-circuit 204 is coupled to the set of communication buses 104 and includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, that is configured to control a first level of access privilege of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. The first sub-circuit 204 stores therein a first set of rules 216 associated with the first level of access privilege. The first set of rules 216 may be implemented in the form of a look-up-table (LUT) and may indicate access privileges of each of the set of processor cores 102 for accessing the plurality of peripherals 108a-108n. For example, a first rule of the first set of rules 216 may indicate that the first processor core 102a is allowed access (e.g., read-access or write-access) to only the first peripheral 108a from the plurality of peripherals 108a-108n. This implies that the first processor core 102a is allowed to read from or write to only the plurality of peripheral registers 112a-112n of the first peripheral 108a. A second rule of the first set of rules 216 may indicate that the second processor core 102b is allowed access (e.g., read-access and write-access) to each of the plurality of peripherals 108a-108n. This implies that the second processor core 102b is allowed to read from or write to any peripheral register (e.g., the plurality of peripheral registers 112a-112n) included in the plurality of peripherals 108a-108n. It will be apparent to those of skill in the art that the first set of rules 216 may store various types of rules. For example, a rule may define, for each processor core, one or more peripherals of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core only for reading data (i.e., executing read operations). Another rule, may define, for each processor core, one or more peripherals of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core for writing data (i.e., executing write operations). Another rule may define, for each processor core, specific peripheral registers within each of the plurality of peripherals 108a-108n that may be accessed by a corresponding processor core for both reading and writing data], and [ see FIG 2 and corresponding text for more details, ¶¶36-37].
BEHL does not explicitly disclose, however, Morfey discloses:
[Col. 1 lines 54-61, There is great deal of interest in high-performance microprocessors for ASIC (application-specific integrated circuit) applications. These are often provided as pre-packaged multi-purpose processor cores, intended to be further integrated with dedicated circuitry in a system-on-a-chip configuration. There are ongoing requirements to provide increasingly advanced features, increased speed and reduced power consumption—all at minimal cost].
[Col. 2 lines 7-67, Col. 3 lines 1-20, In one aspect of the present invention there is provided data processing apparatus including a processor adapted to operate under control of an executable comprising instructions, and in any of a plurality of operating modes including a non-privileged mode (e.g. User mode) and a privileged mode (e.g. Trusted mode), the apparatus comprising: means (in the form of a processor and associated memory) for storing a plurality of stacks; a first stack pointer register (e.g. SP0) for storing a pointer to an address in a first of said stacks; a second stack pointer register (e.g. SP1) for storing a pointer to an address in a second of said stacks, wherein said processing apparatus is adapted to use said second stack pointer when said processor is operating in either the non-privileged mode or the privileged mode; and means (in the form of a processor and associated memory) for transferring operation of said processor from the non-privileged mode to the privileged mode in response to at least one of said instructions… The provision of two stack pointers can allow one to be used as a stack pointer for an ‘OS’ stack (for privileged access) and one to be used as a stack pointer for a task stack (for direct access by both privileged and non-privileged code). The provision of a non-privileged mode and a privileged mode which both use the stack pointer for the task stack, and of means for transitioning directly from the non-privileged mode to the privileged mode, allows for efficient transfer between the modes and avoids the need to place large amounts of task data on the ‘OS’ stack. This arrangement also allows far greater flexibility for the design of efficient real time operating systems…The processor may be adapted to use a plurality of the stacks stored by the storing means as general (for example, task, process and/or thread) stacks. The second stack may therefore be a current of the plurality of general stacks. Each of the plurality of general stacks may be used to store data for a different task. The processor may thus be adapted to switch between one task and another task by changing the pointer in the second stack pointer register to point to an address in the general (task, process and/or thread) stack for the other task. The non-privileged mode may be configured for running non-privileged code preferably comprising a subset of the instructions from the instruction set. A plurality of status registers may be provided, and access of the processor to the status registers may be restricted when operating in the non-privileged mode. The privileged mode is preferably configured for running privileged (and preferably non-privileged) code. The plurality of operating modes may comprise at least one further privileged mode. The processor may be adapted to use the first stack pointer register when in the at least one further privileged mode. The plurality of operating modes may comprise a plurality of the further privileged modes. The processor may be adapted to use the first stack pointer register when in each (or any) of the further privileged modes. The plurality of operating modes may comprise at least three privileged modes and/or may comprise at least one non-privileged mode. The transferring means may be configured for transferring operation from the non-privileged mode to the, each, or at least one further privileged mode in response to an event.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of BEHL by incorporating “pre-packaged multi-purpose processor cores”, as taught by Morfey . One could have been motivated to do so in order in order to implement transferring operation of the processor from the non-privileged mode to the privileged mode in response to at least one of the instructions would allow far greater flexibility for the design of efficient real time operating systems. [ Morfey, Abstract, Col. 1 lines 10-12].
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Kelley ( US2005/0097345) [ Abstract, System for selectively enabling operating modes of a device. The system includes a method for selectively enabling operating modes of a device during a device initialization, wherein the operating modes comprise a privileged mode and a non-privileged mode. The method includes determining during the device initialization whether the device is to operate in the privileged mode or in both the privileged and non-privileged modes and enabling the privileged mode if it is determined that the device is to operate only in the privileged mode. The method also includes enabling both the privileged and the non-privileged modes if it is determined that the device is to operate in both the privileged and the non-privileged modes].
Kelley ( US2005/0097252) [ Abstract, System for providing transitions between operating modes of a device. The system includes a method for providing transitions between a privileged and a non-privileged operating mode. The method comprises executing an application in the non-privileged mode, generating an interrupt to request the services of a privileged function, and transitioning to the privileged mode to execute the privileged function, wherein the privileged function is executed as part of the same thread of execution as the application].
Hildesheim ( US2018/0060250)[0018] An application program may be associated with a privilege level that determines its access mode (e.g., as a user or as a supervisor) to memory. For example, a user application may have a low privilege of a user-mode, and a system application (such as the kernel) may have a high privilege of a supervisor-mode. A memory management unit in the processor may translate virtual addresses to physical addresses for accessing the memory.[0023] Embodiments of the present disclosure provide a new set of access permission bits stored in page table entries that may specify the access permissions with respect to an additional attribute (e.g., the privilege level of the user mode or the supervisor mode) of pages of the virtual address space. Thus, the operating system may decouple the user and supervisor specific access permissions. In one embodiment, the privilege-level specific access permissions can be selectively enabled by a configuration bit stored in a control register associated with a processor. For example, if the configuration bit is set to “1,” the W and XD bits may be used under the supervisor mode, and new W′ and XD′ bits may be added to the page table entries and used under the user mode. If the configuration bit is set to “0,” the legacy W and XD bits are used for both supervisor and user modes. In this way, embodiments of the present disclosure allow the operating system to set precise and targeted access permissions for user-level software applications and supervisor-level software applications at a granularity of memory pages.[0106] The following examples pertain to further embodiments. Example 1 is a processor including a processing core and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store a page table entry (PTE) comprising a mapping from a virtual memory page referenced by an application running on the processing core to an identifier of a memory frame of a memory, a first plurality of access permission flags associated with accessing the memory frame under a first privilege mode, and a second plurality of access permission flags associated with accessing the memory under a second privilege mode, wherein the memory management unit is to allow accessing the memory frame based on one of the first plurality of access permission flags or the second plurality of access permission flags.0107] In Example 2, the subject matter of Example 1 can optionally provide that the first privilege mode is a supervisor mode, and wherein the first plurality of access permission flags comprises at least one of a read access flag, a write access flag, or an execute-disable access flag associated with accessing the memory frame under the supervisor mode.[0109] In Example 4, the subject matter of Example 1 can optionally provide that the second privilege mode is a user mode, and wherein the second plurality of access permission flags comprises at least one of a read access flag, a write access flag, or an execute-disable access flag associated with accessing the memory frame under the user mode. [0124] Example 19 is a method comprising receiving, by a processor executing an application, a request to access a memory frame of a memory, determining whether the application generating the request is associated with a first privilege mode or a second privilege mode, responsive to determining that the application is associated with the first privilege mode, allowing accessing the memory frame based on a first plurality of access permission flags associated with the first privilege mode, and responsive to determining that the application is associated with the second privilege mode, allowing accessing the memory frame based on a second plurality of access permission flags associated with the second privilege mode, wherein the first plurality of access permission flags and the second plurality of access permission flags are stored in a page table entry in the memory.
Circello ( US2015/0332069) IDS [0005] Data processing systems generally include master and slave devices, where master devices can generate access requests to read or write information to retrieve or store information at a slave device, such as a memory. An access protection unit can qualify access requests to various slave devices to make sure the requesting device has a sufficient level of privilege and security, which can be an indication of trust. If not, the access request is prevented. A Direct Memory Access (DMA) controller can be programmed by a master device to move data, usually a block of data, from one slave location to another.[0015] FIG. 1 illustrates an embodiment of a data processing device 10 having an integrated circuit 11, a global memory 92, and an interconnect 91. The interconnect 91 is connected to the integrated circuit 11 and to the global memory 92. During operation, access requests generated at the integrated circuit 11 can be provided to interconnect 91 to access information stored at global memory 92, or other peripherals (not shown) connected to interconnect 91.[0025] For example, in response to operating in privileged mode, the data processor core 21 will provide an access request to the interconnect 16 that includes a security indicator corresponding to privileged mode. For convenience, the state of the security indicator that corresponds to privileged mode is referred to herein as [P,X], which is the same designator used to refer to the state of storage location 61 when data processor core 21 is operating in privileged mode. In response to operating in user secure mode, the data processor core 21 will provide an access request to the interconnect 16 that includes a security indicator corresponding to user secure mode. The state of the security indicator that corresponds to user secure mode is referred to herein as [U,S], which is the same designator used to refer to the state of storage location 61 when data processor core 21 is operating in user secure mode. In response to operating in user nonsecure mode, the data processor core 21 will provide an access request to the interconnect 16 that includes a security indicator corresponding to user nonsecure mode. The state of the security indicator that corresponds to user nonsecure mode is referred to herein as [U,N], which is the same designator used to refer to the state of storage location 61 when data processor core 21 is operating in user nonsecure mode.[0044] FIG. 4 illustrates a flow diagram of a method 100 that describes integrated circuit 11 operating in a particular manner. At block 111, the data processor core 21 is configured to operate in privileged mode, where it remains during method 100 unless indicated otherwise ( equated to overriding the access mode to un-privileged mode).[0045] At block 112, data processor core 21 provides a privileged write access request to interconnect 16 requesting information data to be written to a location of memory 23. At block 113, the write access request of block 112 is qualified by access protection unit 33 of memory 23 based upon the security indicator of the write access request. Thus, the access request of block 112 is allowed because its security indicator is greater than or equal to user secure mode, as required (see TABLE 1). It will be appreciated that the access request of block 112 would have been prevented had it been a user nonsecure access request[0049] Based upon CHARS1_M being initialized to [P,X], channel 41 will masquerade as data processor core 21 operating in privileged mode, and therefore will provide privileged access requests when servicing a DMA transfer request. The privileged access requests generated by channel 41 will be qualified by destination devices as though they were privileged access requests generated by data processor core 21.[0055] At block 116, the access request of block 115 is qualified by the access control module 34 based upon the security indicator of the access request, defined as [P,X], and the programmed state of CHARS1_S, as described previously at TABLE 2 and FIG. 5. Thus, the access request of block 115 will be allowed to continue, resulting the information DTI_D(M23) being written to the field DEST1, because the security indicator of the access request is [P,X], which is greater than or equal to the security indicator [CHARS1_S], which is also [P,X].[0057] A read access request of the DMA transfer initiated at block 117 is represented at block 118, where a privileged read access request is sent to interconnect 16 from channel 41. In particular, the read access request of block 118 is a privileged read access request from DMA 24 requesting information from an address of memory 23 (M23(Addr1)) that is based upon the value DTI_S(M23) stored at field SOURCE1 as described at block 117. It will be appreciated that in the present example, the access request of block 117 is a privileged access request by virtue of field CHARS1_M storing state [P,X]. Thus, at block 118 the DMA controller 24 is said to be masquerading as data processor core 21 operating in privileged mode.[0058] At block 119, the access request of block 118 is qualified at access protection unit 33 based upon the security indicator of the access request. Thus, the qualification criteria of TABLE 1 is applied, which results in the access request of block 118 being allowed to proceed by virtue of being a privileged access. Upon successful completion of the read access request of block 119, the requested information is provided from the requested location of memory 23 to the DMA controller via the DATA lines of interconnect 16.[0064] The method 100 of FIG. 4 described privileged access requests that were allowed to access DCR1, by virtue of field CHARS1_S having state [P,X]. According to an embodiment, however, by setting the value of CHARS1_S to a lower-level security indicator, as described in greater detail at FIG. 6, access requests that are less secure can also be allowed to configure and initiate channels of the DMA controller 24.[0065] FIG. 6 illustrates a flow diagram representing a method 300 that changes the security mode at which data processor core 21 needs to operate in order to configure various locations of DMA 24. At block 311, a privileged write access request is sent from data processor core 21 to store the state value [U,S] at CHARS1_S. It will be appreciated that DMA transfer requests by channel 41 will be able to be configured and initiated by access requests that are less secure than [P,X] if this write access request is completed], and [0021. 0023, 0034].
Tune ( US2005/0114616) [Abstract], and [0272] Returning to the previously discussed example embodiment, the apparatus has a processor core 10 which defines the modes and defines the privilege levels of the modes, i.e. the set of functions which any mode allows. Thus, the processor core 10 is arranged in known manner to allow the secure modes and the monitor mode access to secure and non-secure memory and the secure modes access to all memory to which the monitor mode allows access and to allow a process operating in any privileged secure mode to switch directly to monitor mode and vice versa. The processor core 10 is preferably arranged to allow the following.[0273] In one example of the apparatus, the memory is partitioned into secure memory and non-secure memory, and both secure and non-secure memory is accessible only in the monitor and secure modes. Preferably, the non-secure memory is accessible in monitor mode, a secure mode and a non-secure mode.[0274] In another example of the apparatus, in the monitor mode and one or more of the secure modes, access to the non-secure memory is denied to the secure mode; and in non-secure mode access to the non-secure memory is denied to the secure and monitor modes. Thus, secure memory is accessed only in monitor and secure modes and non-secure memory is accessed only by non-secure modes increasing security.[0275] In examples of the apparatus, resetting or booting of the apparatus may be performed in the monitor mode which may be regarded as a mode which is more privileged than a secure mode, privileged mode. However, in many examples of the apparatus are arranged to provide resetting or booting in a secure mode which is possible because of the direct switching allowed between the secure mode and the monitor mode.
US 2018/0060250 discloses enhance memory access permission based on per-page current privilege level. It provides a system comprising: a plurality of processing cores (e.g. 110 in Figure 1); a target (e.g. 104) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 108); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores (e.g. Figure 4). This document anticipates independent claims | and 9.
US 2015/0269396 discloses a system and method for security-aware master. It provides a system comprising: a plurality of processing cores (e.g. 20 in Figure 1; paragraph [0011]: “masters (such as core processors)”); a target (e.g. 30) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 40); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores (e.g. paragraph [0011]: “a security mechanism that enables each master to access resources of the slaves depending on its security state”, where the security state performs essentially the same role as a privilege level). This document anticipates independent claims 1 and 9.
US 2018/0039508 discloses a safety hypervisor function. It provides a system comprising: a plurality of processing cores (e.g. 102 in Figure 1, and claim 15): a target (e.g. 112) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 108); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores (e.g. paragraph [0009], and claim 1: “the register MPU determines access to the one or more peripherals based on the safety privilege level”). This document appears to anticipate independent claims 1 and 9, or otherwise render them obvious.
WO 2016/068962 discloses indicating a privilege level. It provides a system comprising: a plurality of processing cores (e.g. 202 in Figure 2, with a plurality being obvious); a target (e.g. 206) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 204); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level (e.g. 224) of each of the plurality of processing cores (e.g. Figure 4, and paragraph [0046]). This document renders obvious independent claims 1 and 9.
US 2015/0332069 discloses programmable direct memory access channels. It provides a system comprising: a plurality of processing cores (e.g. 21 in Figure 1, with a plurality being obvious); a target (e.g. 25) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 16); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores (e.g. “security indicator” in Figure 2; paragraph [0019]: “The lines labeled P/U... indicative ofa level of trust of an access request... corresponds to privilege level... of the data processor core”; see also 223 in Figure 5). This document renders obvious independent claims 1 and 9.
US 9262340 discloses privileged mode methods and circuits for processor systems. It provides a system comprising: a plurality of processing cores (e.g. 802 in Figure 8, with a plurality being obvious); a target (e.g. 832) shared among the plurality of processing cores and coupled to the plurality of processing cores via a shared bus (e.g. 806); and access control logic configured to, based on access configuration settings associated with the target, control access of requests from each of the plurality of processing cores based on a privilege level of each of the plurality of processing cores (e.g. lines 6 to 9 of column 8: “Access to peripheral devices (832-00 to -1N) can be restricted based on both protection mode, and mode of operation (e.g., privileged or non-privileged).”). This document renders obvious independent claims 1 and 9.
Andreasen (US2010/0318751) [0019] Passing error messages and efficient processing of error messages is an important part of multiprocessor systems and becomes increasingly important as the size of the system becomes very large. Some errors are recoverable by using error correction codes or other methods, while others are detectable but cannot be recovered. Error conditions are also used to determine the operational state of various components of the multiprocessor system, such as to shut down a malfunctioning processor node, network link, or memory location].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHAHRIAR ZARRINEH/Primary Examiner, Art Unit 2496