| CPC G06F 12/1458 (2013.01) [G06F 21/72 (2013.01)] | 20 Claims |
|
1. An integrated circuit comprising:
a processor core configured to execute instructions;
a first data store configured to store a first hardware security identifier;
a marker circuitry configured to tag memory requests transmitted on a bus of the integrated circuit by the processor core with the first hardware security identifier;
a checker circuitry configured to check memory requests for one or more memory mapped resources that are received via the bus that have been tagged with a hardware security identifier to determine whether to allow or reject access based on the tagged hardware security identifier; and
a second data store configured to store an address field, an address range configuration field that indicates whether the address field specifies an upper bound of an address range for a resource or the address field specifies a lower bound and a size of the address range for the resource, and a hardware security list for the resource that specifies which hardware security identifiers supported by the integrated circuit are authorized for access to the resource, wherein the checker circuitry is configured to determine the address range for the resource based on the address field and the address range configuration field and compare the tagged hardware security identifier of a memory request to the hardware security list when an address of the memory request is within the address range for the resource.
|