| CPC G06F 21/629 (2013.01) | 17 Claims |
|
1. A processor, comprising:
a logic circuit configured to execute instructions retrieved from a memory; and
a plurality of registers, wherein the processor is operable to store, in the plurality of registers respectively, locations of a plurality of domain access tables, each respective domain access table in the plurality of domain access tables associated with a respective domain among a predefined set of domains of instructions loadable from the memory for execution in the logic circuit, the respective domain access table having one or more entries configured to identify one or more entry points of the respective domain;
a first register configured to store an identifier of a current domain among the predefined set of domains, wherein instructions of a routine currently being executed in the processor are classified to be in the current domain;
wherein in response to a transition of instruction execution from a first domain, among the plurality of domains of instructions, to a second domain different from the first domain, the processor is configured to validate a permission to enter the second domain using data specified for an entry point in a domain access table associated with the second domain;
wherein in response to an instruction configured to request crossing of instruction execution from the current domain to a destination domain, the process is configured to update the first register to store an identifier of the destination domain specified in the instruction;
wherein in response to the instruction, the processor is configured to determine, whether to isolate resources of a calling routine and a called routine.
|