| CPC G06F 21/71 (2013.01) [G06F 8/65 (2013.01)] | 30 Claims |
|
1. A hardware-based lock mechanism configured to support firmware security, comprising:
a hardware-based lock unit associated with a resource, wherein the hardware-based lock unit is configured to maintain a locked state and a lock identification for the resource;
an arbitrator configured to
accept a request to access the resource by a first agent;
create a first lock identification and set the locked state for the resource if the resource is in an unlocked state, indicating that the resource is locked;
store the first lock identification and/or the lock state in the hardware-based lock unit;
provide the first lock identification to the first agent to have an exclusive lock to access and control the resource;
accept a second lock identification from a second agent requesting access to the same resource;
grant access to the resource by the second agent if the resource is in the locked state by the first agent and the second lock identification provided by the second agent matches a third lock identification that is stored on the hardware-based lock unit;
deny access by the second agent to the resource responsive to a mismatch between the second lock identification provided by the second agent and the third lock identification stored on the hardware-based lock unit.
|