[go: up one dir, main page]

WO2017071429A1 - Data access method and bus - Google Patents

Data access method and bus Download PDF

Info

Publication number
WO2017071429A1
WO2017071429A1 PCT/CN2016/099411 CN2016099411W WO2017071429A1 WO 2017071429 A1 WO2017071429 A1 WO 2017071429A1 CN 2016099411 W CN2016099411 W CN 2016099411W WO 2017071429 A1 WO2017071429 A1 WO 2017071429A1
Authority
WO
WIPO (PCT)
Prior art keywords
host
slave
access
target slave
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/099411
Other languages
French (fr)
Chinese (zh)
Inventor
刘振军
王永
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sanechips Technology Co Ltd
Original Assignee
Sanechips Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sanechips Technology Co Ltd filed Critical Sanechips Technology Co Ltd
Publication of WO2017071429A1 publication Critical patent/WO2017071429A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/36Handling requests for interconnection or transfer for access to common bus or bus system
    • G06F13/362Handling requests for interconnection or transfer for access to common bus or bus system with centralised access control
    • G06F13/364Handling requests for interconnection or transfer for access to common bus or bus system with centralised access control using independent requests or grants, e.g. using separated request and grant lines

Definitions

  • the present invention relates to digital integrated circuit IC design techniques in the field of communications, and more particularly to a data access method and bus.
  • SoC System On Chip
  • SoC System On Chip
  • AMB Advanced Peripheral Bus
  • the prior art generally does not support the security function with a slave.
  • the currently commonly used method is to utilize the NIC301/400, but such a bus matrix code is complicated and it is not easy to find a problem;
  • the AHB bus is taken as an example.
  • the NIC301/400 converts the host-side protocol into an AXI (Advanced eXtensible Interface) and converts it into a slave-side protocol. After the protocol is transferred, the access efficiency is reduced. This is a big bottleneck for a multi-efficiency slave; and there is a GPV inside the NIC301/400, which is used to configure the security attributes of the slaves. It takes up 1M of address space, which is a waste of address space. Complex protocol conversion introduces more logic, making timing worse.
  • embodiments of the present invention are expected to provide a data access method and a total
  • the line can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.
  • An embodiment of the present invention provides a data access method, where the method includes:
  • the access request further includes a security access status of the first host, where the security access status of the first host includes: security and non-security; and determining that the first host corresponds to the target When it is determined, it is determined whether the access request of the first host to the target slave is legal, including:
  • the secure access status of the first host is non-secure, obtaining a secure address range of the target slave; when the access address of the first host is not in the When the target slave is within the secure address range, determining that the first host access request to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, Determining that the access request of the first host to the target slave is illegal.
  • the method further includes:
  • the determining whether the first host implements data access to the target slave includes:
  • the access request further carries a protocol type of the first host and a protocol type of the target slave; after determining the first host from the at least one host, the according to the first host
  • the method further includes: an access address and a preset address range of the at least one slave, and determining, by the at least one slave, whether the first host corresponds to the target slave, the method further includes:
  • An embodiment of the present invention provides a bus, where the bus includes:
  • An arbitration unit configured to receive an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and determine a first host from the at least one host, and output an access address of the first host to Address decoding unit;
  • the address decoding unit is configured to determine, according to an access address of the first host received by the arbitration unit and a preset address range of the at least one slave, whether the first host corresponds to the target from the at least one slave The access address of the first host is within the address range of the target slave, and outputs the determination result to the security management unit;
  • the security management unit is configured to determine, when the determination result is that the first host corresponds to the target slave, whether the access request of the first host to the target slave is legal, And determining whether the first host implements data access to the target slave.
  • the access request received by the arbitration unit further carries a security access status of the first host, and the security access status of the first host includes: security and non-security;
  • the security management unit is configured to determine, when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is secure, determine the first host The access request of the target slave is legal; and when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, acquiring the target slave a security address range, when the access address of the first host is not within the secure address range of the target slave, determining that the first host access request to the target slave is legal; when the first host When the access address is within the secure address range of the target slave, it is determined that the access request of the first host to the target slave is illegal.
  • the security management unit is further configured to: after determining, from the at least one slave, whether the first host corresponds to the target slave, when determining that the first host does not correspond to the target slave And determining that the access request of the first host to the slave is illegal, and interrupting data access by the first host to the slave.
  • the security management unit is further configured to: when it is determined that the access request of the first host to the target slave is legal, transmit the access data of the first host to the target slave; When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave.
  • the bus further includes: a protocol conversion unit; the access request further carries a protocol type of the first host and a protocol type of the target slave;
  • the protocol conversion unit is configured to: after the arbitration unit determines the first host from the at least one host, the address decoding unit is configured according to an access address of the first host and a preset address range of the at least one slave. Before determining, by the at least one slave, whether the first host corresponds to the target slave, when the protocol type of the first host is different from the protocol type of the target slave And converting the protocol type of the first host to a protocol type of the target slave.
  • the arbitration unit, the address decoding unit, the security management unit, and the protocol conversion unit may use a central processing unit (CPU) and a digital signal processor (DSP, Digital Singnal) when performing processing. Processor) or Field-Programmable Gate Array (FPGA) implementation.
  • CPU central processing unit
  • DSP digital signal processor
  • FPGA Field-Programmable Gate Array
  • the embodiment of the present invention provides a data access method and a bus.
  • the bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and the first host is determined from at least one host; Determining, by the at least one slave, whether the first host corresponds to the target slave, the access address of the host and the preset address range of the at least one slave, the access address of the first host being within the address range of the target slave; When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data access to the target slave.
  • the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.
  • FIG. 1 is a block diagram of a prior art bus system
  • FIG. 2 is a flowchart 1 of a data access method according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of dividing a slave address range according to an embodiment of the present invention.
  • FIG. 4 is a logic circuit diagram of an exemplary security management unit according to an embodiment of the present invention.
  • FIG. 5 is a diagram of generating a legal logic signal according to an embodiment of the present invention.
  • FIG. 6 is a block diagram of a bus access according to an embodiment of the present invention.
  • FIG. 7 is a second flowchart of a data access method according to an embodiment of the present invention.
  • FIG. 8 is a flowchart 3 of a data access method according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram 1 of a bus according to an embodiment of the present disclosure.
  • FIG. 10 is a schematic structural diagram 2 of a bus according to an embodiment of the present invention.
  • An embodiment of the present invention provides a data access method. As shown in FIG. 2, the method may include:
  • the bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host.
  • host-to-slave data access is performed based on the structure of the host, the bus, and the slave.
  • the embodiment of the present invention can be applied to a matrix/bus bridge, specifically a data access process between at least one master and at least one slave, that is, at least one host performs at least one slave through a bus. data access.
  • At least one host sends an access request to the bus, and the bus determines which host to select for access to the slave. That is, the bus receives an access request sent by at least one host, wherein the access request includes an access address of a slave that each of the at least one host wants to access.
  • arbitration unit in the bus performs the selection of the first host, and the specific selection process may be implemented by the prior art, and will not be described in detail herein.
  • the bus determines the first host from the at least one host.
  • the bus After the bus receives the access request sent by the at least one host, the bus selects one host from the at least one host as the first host to perform the first host-to-slave access request.
  • the bus determines a secure access status of the first host and the first host from the at least one host.
  • the arbitration unit of the bus determines the first host from the at least one host, and the first host obtains the access right.
  • each host has a security signal indicating whether the transmission initiated by the corresponding host is secure or not.
  • the security signal indication in the embodiment of the present invention may be a secure access status of the host.
  • the security access status of a host may be represented by 0 and 1.
  • 0 may indicate security
  • 1 may indicate non-security.
  • the security and non-secure representation of the security access status of the specific host is not limited in the embodiment of the present invention.
  • five hosts have to access data from the slave. Therefore, five hosts respectively send access requests to the bus.
  • the arbitration unit of the bus selects one of the five hosts by arbitration (first) The host) gains access to the slave.
  • the bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target slave from the at least one slave, and the access address of the first host is at the target Within the address range of the machine.
  • each slave in the embodiment of the present invention has an address range of the slave, and the address range of each slave is determined, that is, a slave corresponds to an address range, and access in the address range is The addresses correspond to the above one slave.
  • the bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the access address of the first host corresponds to the target slave from the at least one slave, and the access address of the first host Within the address range of the target slave, that is, the access address of the first host may correspond to an address range of one of the at least one slave's address range, the corresponding slave being the target slave.
  • the address decoding unit of the bus compares the access address of the first host with the preset address range of the at least one slave, and determines, from the at least one slave, whether the access address of the first host corresponds to the target slave, When the access address of the first host can correspond to the address range of one of the at least one slave address range, the corresponding slave is the target slave.
  • the address range of the slave is the target slave to be accessed by the first master.
  • the access address of the first host is not within the address range of any of the preset slaves of at least one slave (ie, not within the address range of any of the slaves)
  • the access address characterizing the first host is an empty address. The access address is not the address of the slave.
  • the access address of the first host is 10
  • the address range of the at least one slave includes a total of 15-50
  • the access address of the first host is not in the address range of the at least one slave, that is, the first The host's access address is empty.
  • the bus determines whether the access request of the first host to the target slave is legal, and further determines whether the first host implements data access to the target slave.
  • the bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target after determining whether the access address of the first host corresponds to the target slave from the at least one slave
  • the bus determines whether the access request of the first host to the target slave is legal, thereby determining whether the first host implements data access to the target slave.
  • each slave has a separate address range and a secure address range
  • the slave address range and the secure address range may be separately defined
  • the slave device may be configured to be all secure and all non-negative.
  • the secure address range of the configured slave can be made by the external system configuration module, and the range of the secure address of one slave is adjustable, that is, the range of the secure address of the slave in the address range of a slave is
  • the division of the non-secure address range of the machine is variable, as shown in Figure 3, which is a schematic diagram of the division of the slave address range.
  • the bus may be an AHB or an APB.
  • the address range of the slave in the embodiment of the present invention can be safe, all non-secure, and some security parts are non-secure, and the like.
  • the bus is an APB bus, the slave in the embodiment of the present invention
  • the address range of the machine can be safe, all non-secure, and other types of address ranges.
  • the security access status of the first host is included in the foregoing access request, and the security access status of the first host includes: security and non-security. Therefore, when it is determined that the first host corresponds to the target slave, the bus determines whether the access request of the first host to the target slave is legal: when determining that the first host corresponds to the target slave, and the first host has secure access. When the status is secure, the bus determines that the first host has a legitimate access request to the target slave.
  • the bus acquires a secure address range of the target slave; when the access address of the first host is not at the target slave When the security address is within the range, the bus determines that the access request of the first host to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, the bus determines that the first host The target slave's access request is illegal.
  • the determining result of the determining that the first host corresponds to the target slave may be marked by the address decoding unit of the bus in the form of a selection signal of the slave, and the selection signal of the specific slave may be 0 and 1 indicate that, exemplarily, 0 indicates that the first host corresponds to the target slave, the target slave is the slave to be accessed by the first host; and 1 indicates that the first host does not correspond to the target slave, that is, the first The access address to be accessed by a host does not belong to any one of the at least one slaves. Therefore, the access address of the first host is an empty address.
  • the representation mode of the slave selection signal is not limited in the embodiment of the present invention.
  • the bus determines whether the first host implements data access to the target slave, specifically: when determining that the first host access request to the target slave is legal, the bus transmits the first host. Access data to the target slave. When it is determined that the access request of the first host to the target slave is illegal, the bus interrupts the data access of the first host to the target slave.
  • the security management unit of the bus acquires the secure address range of the target slave, and determines the first host to target according to the secure address range of the target slave, the access address of the first host, and the secure access status of the first host. Whether the access request of the slave is legal, thereby determining whether the first host implements data access to the target slave.
  • the above process is in the bus security management unit
  • the logic circuit is implemented as shown in FIG. 4, which is a logic circuit diagram of an exemplary security management unit, Addrlegal outputs a signal for the logic circuit of the security management unit, and Legal_reg is a registered feedback signal.
  • Trans_req is used to indicate whether the first host transmission is normal, Represented by 0 and 1
  • the legal logic signal is determined by logical operation by the secure address range of the target slave, the access address of the first host, and the secure access state of the first host.
  • the legal logic signal may be represented by 0 and 1. exemplarily, when the legal logic signal is 0, it indicates that the first host has a legitimate access request to the target slave; when the legal logic signal is 1, it indicates that the first host pair The target slave's access request is illegal.
  • the specific legal logic signal representation manner is not limited in the embodiment of the present invention.
  • the true value relationship of the legal logic signal is determined by logical operation by the secure address range of the target slave, the access address of the first host, and the secure access state of the first host as follows:
  • the secure host (the secure access status of the host is secure) accesses the secure address (the access address of the host is within the secure address range of the slave), and the legal logic signal is legal;
  • the secure host accesses the non-secure address (the access address of the host is within the range of the non-secure address of the slave), and the legal logic signal is legal;
  • the non-secure host (the host's secure access status is non-secure) accesses the secure address, and the legal logic signal is illegal;
  • the non-secure host accesses the non-secure address, and the legal logic signal is legal.
  • the slave device's address range minus the slave's secure address range is the non-secure address range of the slave.
  • the security management unit of the bus outputs a legal logic signal, and the first host accesses the target slave through the logic circuit of FIG. Terminating the transmission of the data access of the first host to the target slave by the termination signal, that is, the first host can access the target slave through the "trapezoid", and the idle signal is given to the slave through the termination signal (ie, the termination is terminated). The first host accesses the target slave).
  • a data access method provided by an embodiment of the present invention may further include: S105. details as follows:
  • the bus determines that the access request of the first host to the target slave is illegal, and the bus interrupts data access of the first host to the target slave.
  • the bus determines that the access request of the first host to the slave is illegal, and the bus interrupts the first host pair.
  • the slave's data access When it is determined that the access address of the first host does not correspond to the target slave, that is, when the selection signal of the slave is 1, the bus determines that the access request of the first host to the slave is illegal, and the bus interrupts the first host pair. The slave's data access.
  • the data access method provided by the embodiment of the present invention may further include: S106. details as follows:
  • the bus converts the protocol type of the first host to the protocol type of the target slave.
  • the protocol type of the host needs to be the same as the protocol type of the target slave to be accessed. Therefore, when the protocol type of the first host and the protocol type of the target slave are used, If they are inconsistent, execute S106. If the protocol type of the first host is the same as the protocol type of the target slave, no protocol conversion is required.
  • each slave in the embodiment of the present invention has a separate address and a range of secure addresses, and the address range and the secure address range of the slave can be separately defined, and the slave can be configured to be all secure and all non-secure.
  • Part of the security part is not secure, and the security attributes are configured through the security management unit, which greatly facilitates the user's use and makes the bus wiring easier, reduces the chip area, and saves costs.
  • the bus receives at least one main The access request sent by the machine, the access request carrying the access address corresponding to the at least one host; determining the first host from the at least one host; according to the access address of the first host and the preset address range of the at least one slave, from at least Determining, by a slave, whether the first host corresponds to the target slave, the access address of the first host is within the address range of the target slave; when determining that the first host corresponds to the target slave, determining that the first host is the target slave Whether the access request is legal, and then determines whether the first host implements data access to the target slave.
  • the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.
  • an embodiment of the present invention provides a bus 1, which may include:
  • the arbitrating unit 10 is configured to receive an access request sent by at least one host, where the access request carries an access address corresponding to at least one host, and determine a first host from the at least one host, and output an access address of the first host To address decoding unit 11.
  • the address decoding unit 11 is configured to determine, according to the access address of the first host received by the arbitration unit 10 and the preset address range of the at least one slave, whether the first host corresponds to the at least one slave.
  • the target slave, the access address of the first host is within the address range of the target slave, and the determination result is output to the security management unit 12.
  • the security management unit 12 is configured to determine, when the determination result is that the first host corresponds to the target slave, whether the access request of the first host to the target slave is legal, and further determine the Whether the first host implements data access to the target slave.
  • the access request received by the arbitrating unit 10 further carries a security access status of the first host, and the security access status of the first host includes: security and non-security.
  • the security management unit 12 is specifically configured to determine, when the address decoding unit 11 determines the first When a host corresponds to the target slave, and the secure access status of the first host is secure, determining that the first host access request to the target slave is legal; and when the address decoding unit 11 determines When the first host corresponds to the target slave, and the secure access status of the first host is non-secure, the secure address range of the target slave is obtained, when the access address of the first host is not in the target When the slave device has a secure address range, it is determined that the access request of the first host to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, The access request of the first host to the target slave is illegal.
  • the security management unit 12 is further configured to: after determining, by the at least one slave, whether the first host corresponds to the target slave, when determining that the first host does not correspond to the target slave And determining that the access request of the first host to the slave is illegal, and interrupting data access by the first host to the slave.
  • the security management unit 12 is further configured to: when determining that the first host access request to the target slave is legal, transmitting, by the first host, access data of the target slave When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave.
  • the bus 1 further includes: a protocol conversion unit 13; the access request further carries a protocol type of the first host and a protocol type of the target slave.
  • the protocol conversion unit 13 is configured to: after the arbitration unit 10 determines the first host from the at least one host, the address decoding unit 11 is configured according to the access address of the first host and the preset at least one slave An address range, before determining, by the at least one slave, whether the first host corresponds to the target slave, when the protocol type of the first host is inconsistent with the protocol type of the target slave, the first host is The protocol type is converted to the protocol type of the target slave.
  • the access address of the first host can be sent to the address decoding unit 11, and therefore, when the protocol type and target of the first host are When the protocol types of the machines are inconsistent, there is a protocol conversion unit 13,
  • the cutting unit 10 transmits the access address of the first host to the address decoding unit 11 through the protocol conversion unit 13. If the protocol type of the first host matches the protocol type of the target slave, the protocol conversion unit 13 does not need to exist.
  • the bus provided by the embodiment of the present invention, the bus receives the access request sent by the at least one host, where the access request carries the access address corresponding to the at least one host; the first host is determined from the at least one host; Accessing the address and the preset address range of the at least one slave, determining, from the at least one slave, whether the first host corresponds to the target slave, and the access address of the first host is within the address range of the target slave; When a host corresponds to the target slave, it is determined whether the access request of the first host to the target slave is legal, and then it is determined whether the first host implements data access to the target slave.
  • the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the present invention may employ computer-usable storage media (including but not limited to disk storage and optical storage, etc.) or functional slaves, such as UART, in one or more of the register states including computer usable program code, data, and function registers. The registers of peripherals such as IIC, and the form of computer program products implemented on them.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • the embodiment of the present invention provides a data access method and a bus.
  • the bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and the first host is determined from at least one host; Determining, by the at least one slave, whether the first host corresponds to the target slave, the access address of the host and the preset address range of the at least one slave, the access address of the first host being within the address range of the target slave; When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data access to the target slave.
  • the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register units can reduce bus matrix logic and improve total The transmission efficiency of the line reduces the complexity of the bus system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A data access method, comprising: a bus receives an access request sent by at least one host device, the access request carrying an access address corresponding to the at least one host device (S101); the bus determines a first host device from among the least one host devices (S102); the bus determines, on the basis of the access address of the first host device and a preset range of addresses of at least one slave device, whether the first host device corresponds to a target slave device of the at least one slave devices, the access address of the first host device being within the range of addresses of the target slave device (S103); if it is determined that the first host device corresponds to the target slave device, the bus determines whether the access request by the first host device with respect to target slave device is valid, and then determines whether the first host device realizes data access with respect to target slave device (S104). The embodiment further provides a corresponding bus.

Description

一种数据访问方法及总线Data access method and bus 技术领域Technical field

本发明涉及通信领域中的数字集成电路IC设计技术,尤其涉及一种数据访问方法及总线。The present invention relates to digital integrated circuit IC design techniques in the field of communications, and more particularly to a data access method and bus.

背景技术Background technique

随着片上系统(SoC,System On Chip)技术的发展,一个芯片内集成的功能模块也越来越多,而各个模块对于存储器的访问要求也越来越高,因此,片上总线在芯片架构中显得非常重要,片上总线实现片上主机对各个从机的控制是片上系统不可缺少的一部分。目前很多芯片设计采用高级微控制器总线体系(AMBA,Advanced Microcontroller Bus Architecture)芯片内总线协议中的高级高性能总线(AHB,Advanced High Performance Bus)协议或高级外设总线(APB,Advanced Peripheral Bus)协议。With the development of SoC (System On Chip) technology, more and more functional modules are integrated in one chip, and each module has higher and higher access requirements for memory. Therefore, the on-chip bus is in the chip architecture. It is very important that the on-chip bus realizes the control of each slave on the on-chip host is an indispensable part of the system on chip. At present, many chip designs use the Advanced High Performance Bus (AHB) protocol or the Advanced Peripheral Bus (APB) in the on-chip bus protocol of the Advanced Microcontroller Bus Architecture (AMBA). protocol.

现有技术通常不支持具有从机的安全功能,要实现对AHB或APB协议的从机的管理,目前常用的方法为利用NIC301/400,但这类总线矩阵代码复杂,不容易查找问题;以AHB总线为例,如图1所示,NIC301/400会将主机端的协议转换成总线协议(AXI,Advanced eXtensible Interface),再转换成从机端的协议,经过协议中转,会引起访问效率的降低,这对于多效率要求高的从机来说是一大瓶颈;而且NIC301/400内部存在一个GPV,用来配置相关从机的安全属性等,要占据1M的地址空间,这是对地址空间的浪费;复杂的协议转换引入了更多的逻辑,使得时序变差。The prior art generally does not support the security function with a slave. To implement the management of the slave of the AHB or APB protocol, the currently commonly used method is to utilize the NIC301/400, but such a bus matrix code is complicated and it is not easy to find a problem; The AHB bus is taken as an example. As shown in Figure 1, the NIC301/400 converts the host-side protocol into an AXI (Advanced eXtensible Interface) and converts it into a slave-side protocol. After the protocol is transferred, the access efficiency is reduced. This is a big bottleneck for a multi-efficiency slave; and there is a GPV inside the NIC301/400, which is used to configure the security attributes of the slaves. It takes up 1M of address space, which is a waste of address space. Complex protocol conversion introduces more logic, making timing worse.

发明内容Summary of the invention

为解决上述技术问题,本发明实施例期望提供一种数据访问方法及总 线,能够减少总线矩阵逻辑,提高了总线的传输效率,减小了总线系统的复杂性。In order to solve the above technical problem, embodiments of the present invention are expected to provide a data access method and a total The line can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.

本发明实施例的技术方案是这样实现的:The technical solution of the embodiment of the present invention is implemented as follows:

本发明实施例提供一种数据访问方法,所述方法包括:An embodiment of the present invention provides a data access method, where the method includes:

接收至少一个主机发送的访问请求,所述访问请求中携带至少一个主机的访问地址;Receiving an access request sent by at least one host, where the access request carries an access address of at least one host;

从所述至少一个主机中确定第一主机;Determining a first host from the at least one host;

根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机,所述第一主机的访问地址在所述目标从机的地址范围内;Determining, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target slave from the at least one slave, and the access address of the first host is in the target Within the address range of the machine;

当确定所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,进而判断所述第一主机是否实现对所述目标从机的数据访问。When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data on the target slave access.

在上述方案中,所述访问请求中还携带第一主机的安全访问状态,所述第一主机的安全访问状态包括:安全和非安全;所述当确定所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,包括:In the foregoing solution, the access request further includes a security access status of the first host, where the security access status of the first host includes: security and non-security; and determining that the first host corresponds to the target When it is determined, it is determined whether the access request of the first host to the target slave is legal, including:

当确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为安全时,判断所述第一主机对所述目标从机的访问请求合法;When it is determined that the first host corresponds to the target slave, and the security access status of the first host is security, determining that the first host access request to the target slave is legal;

当确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为非安全时,获取目标从机的安全地址范围;当所述第一主机的访问地址未在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求合法;当所述第一主机的访问地址在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求非法。When it is determined that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, obtaining a secure address range of the target slave; when the access address of the first host is not in the When the target slave is within the secure address range, determining that the first host access request to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, Determining that the access request of the first host to the target slave is illegal.

在上述方案中,所述从至少一个从机中确定所述第一主机是否对应目 标从机之后,所述方法还包括:In the above solution, the determining, from the at least one slave, whether the first host corresponds to a destination After the slave machine, the method further includes:

当确定所述第一主机未对应所述目标从机时,判断所述第一主机对从机的访问请求为非法,中断所述第一主机对所述从机的数据访问。When it is determined that the first host does not correspond to the target slave, determining that the first host access request to the slave is illegal, and interrupting data access by the first host to the slave.

在上述方案中,所述判断所述第一主机是否实现对所述目标从机的数据访问,包括:In the above solution, the determining whether the first host implements data access to the target slave includes:

当判断所述第一主机对所述目标从机的访问请求为合法时,传输所述第一主机对所述目标从机的访问数据;Transmitting access data of the first host to the target slave when determining that the first host access request to the target slave is legal;

当判断所述第一主机对所述目标从机的访问请求为非法时,中断所述第一主机对所述目标从机的数据访问。When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave is interrupted.

在上述方案中,所述访问请求中还携带第一主机的协议类型和所述目标从机的协议类型;所述从所述至少一个主机中确定第一主机之后,所述根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机之前,所述方法还包括:In the above solution, the access request further carries a protocol type of the first host and a protocol type of the target slave; after determining the first host from the at least one host, the according to the first host The method further includes: an access address and a preset address range of the at least one slave, and determining, by the at least one slave, whether the first host corresponds to the target slave, the method further includes:

当所述第一主机的协议类型与所述目标从机的协议类型不一致时,将所述第一主机的协议类型转换为所述目标从机的协议类型。When the protocol type of the first host is inconsistent with the protocol type of the target slave, converting the protocol type of the first host to the protocol type of the target slave.

本发明实施例提供一种总线,所述总线包括:An embodiment of the present invention provides a bus, where the bus includes:

仲裁单元,配置为接收至少一个主机发送的访问请求,所述访问请求中携带至少一个主机对应的访问地址;并从所述至少一个主机中确定第一主机,以及输出第一主机的访问地址至地址译码单元;An arbitration unit, configured to receive an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and determine a first host from the at least one host, and output an access address of the first host to Address decoding unit;

所述地址译码单元,配置为根据所述仲裁单元接收的第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机,所述第一主机的访问地址在所述目标从机的地址范围内,并输出确定结果至安全管理单元;The address decoding unit is configured to determine, according to an access address of the first host received by the arbitration unit and a preset address range of the at least one slave, whether the first host corresponds to the target from the at least one slave The access address of the first host is within the address range of the target slave, and outputs the determination result to the security management unit;

所述安全管理单元,配置为当所述确定结果为所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,进 而判断所述第一主机是否实现对所述目标从机的数据访问。The security management unit is configured to determine, when the determination result is that the first host corresponds to the target slave, whether the access request of the first host to the target slave is legal, And determining whether the first host implements data access to the target slave.

在上述总线中,所述仲裁单元接收的所述访问请求中还携带第一主机的安全访问状态,所述第一主机的安全访问状态包括:安全和非安全;In the foregoing bus, the access request received by the arbitration unit further carries a security access status of the first host, and the security access status of the first host includes: security and non-security;

所述安全管理单元,配置为当所述地址译码单元确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为安全时,判断所述第一主机对所述目标从机的访问请求合法;以及当所述地址译码单元确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为非安全时,获取目标从机的安全地址范围,当所述第一主机的访问地址未在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求合法;当所述第一主机的访问地址在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求非法。The security management unit is configured to determine, when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is secure, determine the first host The access request of the target slave is legal; and when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, acquiring the target slave a security address range, when the access address of the first host is not within the secure address range of the target slave, determining that the first host access request to the target slave is legal; when the first host When the access address is within the secure address range of the target slave, it is determined that the access request of the first host to the target slave is illegal.

在上述总线中,所述安全管理单元,还配置为所述从至少一个从机中确定所述第一主机是否对应目标从机之后,当确定所述第一主机未对应所述目标从机时,判断所述第一主机对从机的访问请求为非法,中断所述第一主机对所述从机的数据访问。In the above bus, the security management unit is further configured to: after determining, from the at least one slave, whether the first host corresponds to the target slave, when determining that the first host does not correspond to the target slave And determining that the access request of the first host to the slave is illegal, and interrupting data access by the first host to the slave.

在上述总线中,所述安全管理单元,还配置为当判断所述第一主机对所述目标从机的访问请求为合法时,传输所述第一主机对所述目标从机的访问数据;当确定所述第一主机对所述目标从机的访问请求为非法时,中断所述第一主机对所述目标从机的数据访问。In the above bus, the security management unit is further configured to: when it is determined that the access request of the first host to the target slave is legal, transmit the access data of the first host to the target slave; When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave.

在上述总线中,所述总线还包括:协议转换单元;所述访问请求中还携带第一主机的协议类型和所述目标从机的协议类型;In the above bus, the bus further includes: a protocol conversion unit; the access request further carries a protocol type of the first host and a protocol type of the target slave;

所述协议转换单元,配置为所述仲裁单元从所述至少一个主机中确定第一主机之后,所述地址译码单元根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机之前,当所述第一主机的协议类型与所述目标从机的协议类型不一致 时,将所述第一主机的协议类型转换为所述目标从机的协议类型。The protocol conversion unit is configured to: after the arbitration unit determines the first host from the at least one host, the address decoding unit is configured according to an access address of the first host and a preset address range of the at least one slave. Before determining, by the at least one slave, whether the first host corresponds to the target slave, when the protocol type of the first host is different from the protocol type of the target slave And converting the protocol type of the first host to a protocol type of the target slave.

所述仲裁单元、所述地址译码单元、所述安全管理单元、所述协议转换单元在执行处理时,可以采用中央处理器(CPU,Central Processing Unit)、数字信号处理器(DSP,Digital Singnal Processor)或可编程逻辑阵列(FPGA,Field-Programmable Gate Array)实现。The arbitration unit, the address decoding unit, the security management unit, and the protocol conversion unit may use a central processing unit (CPU) and a digital signal processor (DSP, Digital Singnal) when performing processing. Processor) or Field-Programmable Gate Array (FPGA) implementation.

本发明实施例提供了一种数据访问方法及总线,总线通过接收至少一个主机发送的访问请求,该访问请求中携带至少一个主机对应的访问地址;从至少一个主机中确定第一主机;根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定第一主机是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内;当确定第一主机对应目标从机时,判断第一主机对目标从机的访问请求是否合法,进而判断第一主机是否实现对目标从机的数据访问。采用上述技术实现方案,由于总线中设置了安全管理功能,支持多组主机访问多组从机,主机和从机的数量和协议类型可以根据需要进行配置;总线可以自行进行安全管理,不需要内部多余的协议转换和寄存器单元,能够减少总线矩阵逻辑,提高了总线的传输效率,减小了总线系统的复杂性。The embodiment of the present invention provides a data access method and a bus. The bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and the first host is determined from at least one host; Determining, by the at least one slave, whether the first host corresponds to the target slave, the access address of the host and the preset address range of the at least one slave, the access address of the first host being within the address range of the target slave; When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data access to the target slave. With the above technical implementation scheme, since the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.

附图说明DRAWINGS

图1为现有技术的总线系统框图;1 is a block diagram of a prior art bus system;

图2为本发明实施例提供的一种数据访问方法的流程图一;2 is a flowchart 1 of a data access method according to an embodiment of the present invention;

图3为本发明实施例提供的从机地址范围的划分示意图;FIG. 3 is a schematic diagram of dividing a slave address range according to an embodiment of the present invention;

图4为本发明实施例提供的示例性的安全管理单元的逻辑电路图;4 is a logic circuit diagram of an exemplary security management unit according to an embodiment of the present invention;

图5为本发明实施例提供的合法逻辑信号的产生图;FIG. 5 is a diagram of generating a legal logic signal according to an embodiment of the present invention;

图6为本发明实施例提供的总线访问的框图;FIG. 6 is a block diagram of a bus access according to an embodiment of the present invention;

图7为本发明实施例提供的一种数据访问方法的流程图二;FIG. 7 is a second flowchart of a data access method according to an embodiment of the present invention;

图8为本发明实施例提供的一种数据访问方法的流程图三; FIG. 8 is a flowchart 3 of a data access method according to an embodiment of the present invention;

图9为本发明实施例提供的一种总线的结构示意图一;FIG. 9 is a schematic structural diagram 1 of a bus according to an embodiment of the present disclosure;

图10为本发明实施例提供的一种总线的结构示意图二。FIG. 10 is a schematic structural diagram 2 of a bus according to an embodiment of the present invention.

具体实施方式detailed description

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述。The technical solutions in the embodiments of the present invention will be clearly and completely described in the following with reference to the accompanying drawings.

实施例一Embodiment 1

本发明实施例提供一种数据访问方法,如图2所示,该方法可以包括:An embodiment of the present invention provides a data access method. As shown in FIG. 2, the method may include:

S101、总线接收至少一个主机发送的访问请求,该访问请求中携带至少一个主机对应的访问地址。S101. The bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host.

在本发明实施例中,基于主机、总线和从机的结构,进行主机对从机的数据访问。本发明实施例可以应用在矩阵/总线桥上的,具体为至少一个Master(主机)和至少一个Slave(从机)之间的数据访问过程,即至少一个主机通过总线,对至少一个从机进行数据访问。In the embodiment of the present invention, host-to-slave data access is performed based on the structure of the host, the bus, and the slave. The embodiment of the present invention can be applied to a matrix/bus bridge, specifically a data access process between at least one master and at least one slave, that is, at least one host performs at least one slave through a bus. data access.

具体的,至少一个主机发送访问请求至总线,总线确定选择哪个主机进行对从机的访问。即,总线接收至少一个主机发送的访问请求,其中,该访问请求中包括至少一个主机中的每个主机想要访问的从机的访问地址。Specifically, at least one host sends an access request to the bus, and the bus determines which host to select for access to the slave. That is, the bus receives an access request sent by at least one host, wherein the access request includes an access address of a slave that each of the at least one host wants to access.

需要说明的是,总线中的仲裁单元进行第一主机的选择,具体的选择过程可以由现有技术实现,在此不进行详细地描述。It should be noted that the arbitration unit in the bus performs the selection of the first host, and the specific selection process may be implemented by the prior art, and will not be described in detail herein.

S102、总线从至少一个主机中确定第一主机。S102. The bus determines the first host from the at least one host.

总线接收至少一个主机发送的访问请求之后,该总线从至少一个主机中选择一个主机作为第一主机,来进行第一主机对从机的访问请求。After the bus receives the access request sent by the at least one host, the bus selects one host from the at least one host as the first host to perform the first host-to-slave access request.

具体的,总线从至少一个主机中确定第一主机及第一主机的安全访问状态。其中,总线的仲裁单元从至少一个主机中确定第一主机,于是,该第一主机获得访问权。 Specifically, the bus determines a secure access status of the first host and the first host from the at least one host. The arbitration unit of the bus determines the first host from the at least one host, and the first host obtains the access right.

需要说明的是,每个主机都会有一个安全信号指示对应主机发起的传输是安全还是非安全的,在本发明实施例中的安全信号指示可以为主机的安全访问状态。It should be noted that each host has a security signal indicating whether the transmission initiated by the corresponding host is secure or not. The security signal indication in the embodiment of the present invention may be a secure access status of the host.

在本发明实施例一实施方式中,一个主机的安全访问状态可以由0和1表示,示例性的,0可以表示安全,1可以表示非安全。具体的主机的安全访问状态的安全与非安全的表示方式,本发明实施例不作限制。In an embodiment of the present invention, the security access status of a host may be represented by 0 and 1. Illustratively, 0 may indicate security, and 1 may indicate non-security. The security and non-secure representation of the security access status of the specific host is not limited in the embodiment of the present invention.

示例性的,5个主机要对从机进行数据访问,因此,5个主机分别发送访问请求至总线,这时,该总线的仲裁单元就通过仲裁选择5个主机中的其中一个主机(第一主机)获得访问从机的访问权。Exemplarily, five hosts have to access data from the slave. Therefore, five hosts respectively send access requests to the bus. At this time, the arbitration unit of the bus selects one of the five hosts by arbitration (first) The host) gains access to the slave.

S103、总线根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定该第一主机是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内。S103. The bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target slave from the at least one slave, and the access address of the first host is at the target Within the address range of the machine.

需要说明的是,本发明实施例中的每个从机都有从机的地址范围,每个从机的地址范围是确定的,即一个从机对应一个地址范围,在这个地址范围内的访问地址都对应上述一个从机。It should be noted that each slave in the embodiment of the present invention has an address range of the slave, and the address range of each slave is determined, that is, a slave corresponds to an address range, and access in the address range is The addresses correspond to the above one slave.

具体的,总线根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定该第一主机的访问地址是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内,即第一主机的访问地址可以与至少一个从机的地址范围中的一个从机的地址范围对应,该对应的从机为目标从机。Specifically, the bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the access address of the first host corresponds to the target slave from the at least one slave, and the access address of the first host Within the address range of the target slave, that is, the access address of the first host may correspond to an address range of one of the at least one slave's address range, the corresponding slave being the target slave.

总线的地址译码单元将第一主机的访问地址与预设的至少一个从机的地址范围进行逐个对比,从至少一个从机中确定该第一主机的访问地址是否对应目标从机,具体的,第一主机的访问地址可以与至少一个从机的地址范围中的一个从机的地址范围对应时,该对应的从机为目标从机。The address decoding unit of the bus compares the access address of the first host with the preset address range of the at least one slave, and determines, from the at least one slave, whether the access address of the first host corresponds to the target slave, When the access address of the first host can correspond to the address range of one of the at least one slave address range, the corresponding slave is the target slave.

在本发明实施例一实施方式中,当第一主机的访问地址在该预设的至 少一个从机的一个从机的地址范围内时,该一个从机的地址范围内为第一主机要访问的目标从机。当第一主机的访问地址未在该预设的至少一个从机的任意一个从机的地址范围内(即不在任意一个从机的地址范围内)时,表征第一主机的访问地址为空地址,该访问地址不是从机的地址。In an embodiment of the present invention, when the access address of the first host is in the preset to When there is one slave in the address range of one slave, the address range of the slave is the target slave to be accessed by the first master. When the access address of the first host is not within the address range of any of the preset slaves of at least one slave (ie, not within the address range of any of the slaves), the access address characterizing the first host is an empty address. The access address is not the address of the slave.

示例性的,当第一主机的访问地址为10时,由于至少一个从机的地址范围总共包括15-50,则第一主机的访问地址不在这至少一个从机的地址范围内,即第一主机的访问地址为空。Exemplarily, when the access address of the first host is 10, since the address range of the at least one slave includes a total of 15-50, the access address of the first host is not in the address range of the at least one slave, that is, the first The host's access address is empty.

S104、当确定第一主机对应所述目标从机时,总线判断第一主机对目标从机的访问请求是否合法,进而判断该第一主机是否实现对目标从机的数据访问。S104. When it is determined that the first host corresponds to the target slave, the bus determines whether the access request of the first host to the target slave is legal, and further determines whether the first host implements data access to the target slave.

总线根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定该第一主机的访问地址是否对应目标从机之后,当确定第一主机对应所述目标从机时,总线判断第一主机对目标从机的访问请求是否合法,从而判断该第一主机是否实现对目标从机的数据访问。The bus determines, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target after determining whether the access address of the first host corresponds to the target slave from the at least one slave When the slave is in the machine, the bus determines whether the access request of the first host to the target slave is legal, thereby determining whether the first host implements data access to the target slave.

可选的,在本发明实施例中,每个从机都具有单独的地址范围和安全地址范围,可以单独限定从机的地址范围和安全地址范围,可以将从机配置成全部安全、全部非安全、部分安全部分非安全等几类。具体的,配置从机的安全地址范围可以由外部系统配置模块来做,且一个从机的安全地址范围是可调节的,即在一个从机的地址范围内的从机的安全地址范围与从机的非安全地址范围的划分是可变的,如图3所示,为从机地址范围的划分示意图。Optionally, in the embodiment of the present invention, each slave has a separate address range and a secure address range, and the slave address range and the secure address range may be separately defined, and the slave device may be configured to be all secure and all non-negative. Safety, partial safety, non-security and other categories. Specifically, the secure address range of the configured slave can be made by the external system configuration module, and the range of the secure address of one slave is adjustable, that is, the range of the secure address of the slave in the address range of a slave is The division of the non-secure address range of the machine is variable, as shown in Figure 3, which is a schematic diagram of the division of the slave address range.

可选的,在本发明实施例中,总线可以为AHB,也可以为APB。其中,总线为AHB总线时,本发明实施例中的从机的地址范围可以安全、全部非安全、部分安全部分非安全等几类地址范围;总线为APB总线时,本发明实施例中的从机的地址范围可以安全、全部非安全等几类地址范围。 Optionally, in the embodiment of the present invention, the bus may be an AHB or an APB. When the bus is an AHB bus, the address range of the slave in the embodiment of the present invention can be safe, all non-secure, and some security parts are non-secure, and the like. When the bus is an APB bus, the slave in the embodiment of the present invention The address range of the machine can be safe, all non-secure, and other types of address ranges.

由于上述访问请求中还携带第一主机的安全访问状态,该第一主机的安全访问状态包括:安全和非安全。因此,当确定第一主机对应目标从机时,总线判断该第一主机对该目标从机的访问请求是否合法具体为:当确定第一主机对应目标从机,且该第一主机的安全访问状态为安全时,总线判断该第一主机对该目标从机的访问请求合法。The security access status of the first host is included in the foregoing access request, and the security access status of the first host includes: security and non-security. Therefore, when it is determined that the first host corresponds to the target slave, the bus determines whether the access request of the first host to the target slave is legal: when determining that the first host corresponds to the target slave, and the first host has secure access. When the status is secure, the bus determines that the first host has a legitimate access request to the target slave.

或者,当确定第一主机对应目标从机,且该第一主机的安全访问状态为非安全时,总线获取目标从机的安全地址范围;当第一主机的访问地址未在该目标从机的安全地址范围内时,总线判断该第一主机对该目标从机的访问请求合法;当该第一主机的访问地址在该目标从机的安全地址范围内时,总线判断该第一主机对该目标从机的访问请求非法。Alternatively, when it is determined that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, the bus acquires a secure address range of the target slave; when the access address of the first host is not at the target slave When the security address is within the range, the bus determines that the access request of the first host to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, the bus determines that the first host The target slave's access request is illegal.

在本发明实施例一实施方式中,上述确定第一主机对应目标从机的确定结果可以由总线的地址译码单元以从机的选择信号的形式来标记,具体的从机的选择信号可以由0和1表示,示例性的,0表示第一主机对应目标从机,该目标从机为该第一主机的要访问的从机;1表示第一主机未对应目标从机,也就是说第一主机要访问的访问地址不属于至少一个从机中的任意一个从机,因此,第一主机的访问地址是空地址;具体的,从机选择信号的表示方式,本发明实施例不作限制。In an embodiment of the present invention, the determining result of the determining that the first host corresponds to the target slave may be marked by the address decoding unit of the bus in the form of a selection signal of the slave, and the selection signal of the specific slave may be 0 and 1 indicate that, exemplarily, 0 indicates that the first host corresponds to the target slave, the target slave is the slave to be accessed by the first host; and 1 indicates that the first host does not correspond to the target slave, that is, the first The access address to be accessed by a host does not belong to any one of the at least one slaves. Therefore, the access address of the first host is an empty address. Specifically, the representation mode of the slave selection signal is not limited in the embodiment of the present invention.

在本发明实施例一实施方式中,总线判断该第一主机是否实现对目标从机的数据访问具体为:当判断第一主机对目标从机的访问请求为合法时,总线传输该第一主机对该目标从机的访问数据。当判断第一主机对目标从机的访问请求为非法时,总线中断该第一主机对该目标从机的数据访问。In an embodiment of the present invention, the bus determines whether the first host implements data access to the target slave, specifically: when determining that the first host access request to the target slave is legal, the bus transmits the first host. Access data to the target slave. When it is determined that the access request of the first host to the target slave is illegal, the bus interrupts the data access of the first host to the target slave.

需要说明的是,总线的安全管理单元获取目标从机的安全地址范围,并根据目标从机的安全地址范围、第一主机的访问地址及第一主机的安全访问状态,确定第一主机对目标从机的访问请求是否合法,从而判断第一主机是否实现对目标从机的数据访问。上述过程是在总线的安全管理单元 的逻辑电路来实现的,如图4所示,为示例性的安全管理单元的逻辑电路图,Addrlegal为安全管理单元的逻辑电路输出信号,Legal_reg为寄存回馈信号。It should be noted that the security management unit of the bus acquires the secure address range of the target slave, and determines the first host to target according to the secure address range of the target slave, the access address of the first host, and the secure access status of the first host. Whether the access request of the slave is legal, thereby determining whether the first host implements data access to the target slave. The above process is in the bus security management unit The logic circuit is implemented as shown in FIG. 4, which is a logic circuit diagram of an exemplary security management unit, Addrlegal outputs a signal for the logic circuit of the security management unit, and Legal_reg is a registered feedback signal.

具体的,总的来说,通过如图5所示的合法逻辑信号(legal)的产生图,可知:在当前的第一主机传输正常的情况下(Trans_req用于表征第一主机传输是否正常,由0和1表示),合法逻辑信号是由目标从机的安全地址范围、第一主机的访问地址及第一主机的安全访问状态通过逻辑运算确定的。其中,合法逻辑信号可以由0和1表示,示例性的,当合法逻辑信号为0时,表示第一主机对目标从机的访问请求合法;当合法逻辑信号为1时,表示第一主机对目标从机的访问请求非法。具体的合法逻辑信号的表示方式,本发明实施例不作限制。Specifically, in general, by generating a map of a legal logic signal as shown in FIG. 5, it can be known that when the current first host transmission is normal (Trans_req is used to indicate whether the first host transmission is normal, Represented by 0 and 1, the legal logic signal is determined by logical operation by the secure address range of the target slave, the access address of the first host, and the secure access state of the first host. The legal logic signal may be represented by 0 and 1. exemplarily, when the legal logic signal is 0, it indicates that the first host has a legitimate access request to the target slave; when the legal logic signal is 1, it indicates that the first host pair The target slave's access request is illegal. The specific legal logic signal representation manner is not limited in the embodiment of the present invention.

需要说明的是,从整体上来说,由目标从机的安全地址范围、第一主机的访问地址及第一主机的安全访问状态通过逻辑运算确定合法逻辑信号的真值关系如下:It should be noted that, as a whole, the true value relationship of the legal logic signal is determined by logical operation by the secure address range of the target slave, the access address of the first host, and the secure access state of the first host as follows:

(1)、安全主机(主机的安全访问状态为安全)访问安全地址(主机的访问地址在从机的安全地址范围内),合法逻辑信号为合法;(1) The secure host (the secure access status of the host is secure) accesses the secure address (the access address of the host is within the secure address range of the slave), and the legal logic signal is legal;

(2)、安全主机访问非安全地址(主机的访问地址在从机的非安全地址范围内),合法逻辑信号为合法;(2) The secure host accesses the non-secure address (the access address of the host is within the range of the non-secure address of the slave), and the legal logic signal is legal;

(3)、非安全主机(主机的安全访问状态为非安全)访问安全地址,合法逻辑信号为不合法;(3) The non-secure host (the host's secure access status is non-secure) accesses the secure address, and the legal logic signal is illegal;

(4)、非安全主机访问非安全地址,合法逻辑信号为合法。(4) The non-secure host accesses the non-secure address, and the legal logic signal is legal.

其中,从机的地址范围减去该从机的安全地址范围为该从机的非安全地址范围。The slave device's address range minus the slave's secure address range is the non-secure address range of the slave.

在本发明实施例一实施方式中,如图6所示,总线的安全管理单元输出合法逻辑信号,通过图4的逻辑电路实现第一主机对目标从机的访问, 通过终止信号来终止第一主机对目标从机的数据访问的传输,即合法则第一主机可以穿过“梯形”访问目标从机,非法则通过终止信号将空闲信号赋给从机(即终止第一主机访问目标从机)。In an embodiment of the present invention, as shown in FIG. 6, the security management unit of the bus outputs a legal logic signal, and the first host accesses the target slave through the logic circuit of FIG. Terminating the transmission of the data access of the first host to the target slave by the termination signal, that is, the first host can access the target slave through the "trapezoid", and the idle signal is given to the slave through the termination signal (ie, the termination is terminated). The first host accesses the target slave).

在本发明实施例一实施方式中,S103之后,如图7所示,本发明实施例提供的一种数据访问方法还可以包括:S105。具体如下:In an embodiment of the present invention, after S103, as shown in FIG. 7, a data access method provided by an embodiment of the present invention may further include: S105. details as follows:

S105、当确定第一主机未对应目标从机时,总线判断该第一主机对该目标从机的访问请求为非法,该总线中断该第一主机对该目标从机的数据访问。S105. When it is determined that the first host does not correspond to the target slave, the bus determines that the access request of the first host to the target slave is illegal, and the bus interrupts data access of the first host to the target slave.

当确定第一主机的访问地址未对应目标从机时,即从机的选择信号为1时,总线确定该第一主机对从机的访问请求为非法,于是,该总线中断该第一主机对该从机的数据访问。When it is determined that the access address of the first host does not correspond to the target slave, that is, when the selection signal of the slave is 1, the bus determines that the access request of the first host to the slave is illegal, and the bus interrupts the first host pair. The slave's data access.

在本发明实施例一实施方式中,S102之后,且S103之前,如图8所示,本发明实施例提供的数据访问方法还可以包括:S106。具体如下:In an embodiment of the present invention, after S102, and before S103, as shown in FIG. 8, the data access method provided by the embodiment of the present invention may further include: S106. details as follows:

S106、当第一主机的协议类型与目标从机的协议类型不一致时,总线将第一主机的协议类型转换为目标从机的协议类型。S106. When the protocol type of the first host is inconsistent with the protocol type of the target slave, the bus converts the protocol type of the first host to the protocol type of the target slave.

需要说明的是,主机通过总线与目标从机进行数据访问时,主机的协议类型需要与所访问的目标从机的协议类型一致,因此,当第一主机的协议类型与目标从机的协议类型不一致时,执行S106。若当第一主机的协议类型与目标从机的协议类型一致时,则不用进行协议转换了。It should be noted that when the host performs data access with the target slave through the bus, the protocol type of the host needs to be the same as the protocol type of the target slave to be accessed. Therefore, when the protocol type of the first host and the protocol type of the target slave are used, If they are inconsistent, execute S106. If the protocol type of the first host is the same as the protocol type of the target slave, no protocol conversion is required.

可以理解的是,本发明实施例中每个从机都具有单独的地址和安全地址范围,可以单独限定从机的地址范围和安全地址范围,可以将从机配置成全部安全、全部非安全、部分安全部分非安全,通过安全管理单元配置安全属性,从而大大方便用户使用还使得总线布线更加简便,缩减了芯片的面积,节省了成本。It can be understood that each slave in the embodiment of the present invention has a separate address and a range of secure addresses, and the address range and the secure address range of the slave can be separately defined, and the slave can be configured to be all secure and all non-secure. Part of the security part is not secure, and the security attributes are configured through the security management unit, which greatly facilitates the user's use and makes the bus wiring easier, reduces the chip area, and saves costs.

本发明实施例所提供的一种数据访问方法,总线通过接收至少一个主 机发送的访问请求,该访问请求中携带至少一个主机对应的访问地址;从至少一个主机中确定第一主机;根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定第一主机是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内;当确定第一主机对应目标从机时,判断第一主机对目标从机的访问请求是否合法,进而判断第一主机是否实现对目标从机的数据访问。采用上述技术实现方案,由于总线中设置了安全管理功能,支持多组主机访问多组从机,主机和从机的数量和协议类型可以根据需要进行配置;总线可以自行进行安全管理,不需要内部多余的协议转换和寄存器单元,能够减少总线矩阵逻辑,提高了总线的传输效率,减小了总线系统的复杂性。A data access method provided by an embodiment of the present invention, the bus receives at least one main The access request sent by the machine, the access request carrying the access address corresponding to the at least one host; determining the first host from the at least one host; according to the access address of the first host and the preset address range of the at least one slave, from at least Determining, by a slave, whether the first host corresponds to the target slave, the access address of the first host is within the address range of the target slave; when determining that the first host corresponds to the target slave, determining that the first host is the target slave Whether the access request is legal, and then determines whether the first host implements data access to the target slave. With the above technical implementation scheme, since the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.

实施例二Embodiment 2

如图9所示,本发明实施例提供一种总线1,该总线1可以包括:As shown in FIG. 9, an embodiment of the present invention provides a bus 1, which may include:

仲裁单元10,配置为接收至少一个主机发送的访问请求,所述访问请求中携带至少一个主机对应的访问地址;并从所述至少一个主机中确定第一主机,以及输出第一主机的访问地址至地址译码单元11。The arbitrating unit 10 is configured to receive an access request sent by at least one host, where the access request carries an access address corresponding to at least one host, and determine a first host from the at least one host, and output an access address of the first host To address decoding unit 11.

所示地址译码单元11,配置为根据所述仲裁单元10接收的第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机,所述第一主机的访问地址在所述目标从机的地址范围内,并输出确定结果至安全管理单元12。The address decoding unit 11 is configured to determine, according to the access address of the first host received by the arbitration unit 10 and the preset address range of the at least one slave, whether the first host corresponds to the at least one slave. The target slave, the access address of the first host is within the address range of the target slave, and the determination result is output to the security management unit 12.

所述安全管理单元12,配置为当所述确定结果为所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,进而判断所述第一主机是否实现对所述目标从机的数据访问。The security management unit 12 is configured to determine, when the determination result is that the first host corresponds to the target slave, whether the access request of the first host to the target slave is legal, and further determine the Whether the first host implements data access to the target slave.

可选的,所述仲裁单元10接收的所述访问请求中还携带第一主机的安全访问状态,所述第一主机的安全访问状态包括:安全和非安全。Optionally, the access request received by the arbitrating unit 10 further carries a security access status of the first host, and the security access status of the first host includes: security and non-security.

所述安全管理单元12,具体配置为当所述地址译码单元11确定所述第 一主机对应所述目标从机,且所述第一主机的安全访问状态为安全时,判断所述第一主机对所述目标从机的访问请求合法;以及当所述地址译码单元11确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为非安全时,获取目标从机的安全地址范围,当所述第一主机的访问地址未在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求合法;当所述第一主机的访问地址在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求非法。The security management unit 12 is specifically configured to determine, when the address decoding unit 11 determines the first When a host corresponds to the target slave, and the secure access status of the first host is secure, determining that the first host access request to the target slave is legal; and when the address decoding unit 11 determines When the first host corresponds to the target slave, and the secure access status of the first host is non-secure, the secure address range of the target slave is obtained, when the access address of the first host is not in the target When the slave device has a secure address range, it is determined that the access request of the first host to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, The access request of the first host to the target slave is illegal.

可选的,所述安全管理单元12,还配置为所述从至少一个从机中确定所述第一主机是否对应目标从机之后,当确定所述第一主机未对应所述目标从机时,判断所述第一主机对从机的访问请求为非法,中断所述第一主机对所述从机的数据访问。Optionally, the security management unit 12 is further configured to: after determining, by the at least one slave, whether the first host corresponds to the target slave, when determining that the first host does not correspond to the target slave And determining that the access request of the first host to the slave is illegal, and interrupting data access by the first host to the slave.

可选的,所述安全管理单元12,还具体配置为当判断所述第一主机对所述目标从机的访问请求为合法时,传输所述第一主机对所述目标从机的访问数据;当确定所述第一主机对所述目标从机的访问请求为非法,中断所述第一主机对所述目标从机的数据访问。Optionally, the security management unit 12 is further configured to: when determining that the first host access request to the target slave is legal, transmitting, by the first host, access data of the target slave When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave.

可选的,如图10所示,所述总线1还包括:协议转换单元13;所述访问请求中还携带第一主机的协议类型和所述目标从机的协议类型。Optionally, as shown in FIG. 10, the bus 1 further includes: a protocol conversion unit 13; the access request further carries a protocol type of the first host and a protocol type of the target slave.

所述协议转换单元13,配置为所述仲裁单元10从所述至少一个主机中确定第一主机之后,所述地址译码单元11根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机之前,当所述第一主机的协议类型与所述目标从机的协议类型不一致时,将所述第一主机的协议类型转换为所述目标从机的协议类型。The protocol conversion unit 13 is configured to: after the arbitration unit 10 determines the first host from the at least one host, the address decoding unit 11 is configured according to the access address of the first host and the preset at least one slave An address range, before determining, by the at least one slave, whether the first host corresponds to the target slave, when the protocol type of the first host is inconsistent with the protocol type of the target slave, the first host is The protocol type is converted to the protocol type of the target slave.

需要说明的是,因为第一主机的协议类型与目标从机的协议类型一致时,才能将第一主机的访问地址发送至地址译码单元11,因此,当第一主机的协议类型与目标从机的协议类型不一致时,存在协议转换单元13,仲 裁单元10通过协议转换单元13将第一主机的访问地址发送至地址译码单元11。若当第一主机的协议类型与目标从机的协议类型一致时,不需要存在协议转换单元13。It should be noted that, because the protocol type of the first host is consistent with the protocol type of the target slave, the access address of the first host can be sent to the address decoding unit 11, and therefore, when the protocol type and target of the first host are When the protocol types of the machines are inconsistent, there is a protocol conversion unit 13, The cutting unit 10 transmits the access address of the first host to the address decoding unit 11 through the protocol conversion unit 13. If the protocol type of the first host matches the protocol type of the target slave, the protocol conversion unit 13 does not need to exist.

本发明实施例所提供的一种总线,总线通过接收至少一个主机发送的访问请求,该访问请求中携带至少一个主机对应的访问地址;从至少一个主机中确定第一主机;根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定第一主机是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内;当确定第一主机对应目标从机时,判断第一主机对目标从机的访问请求是否合法,进而判断第一主机是否实现对目标从机的数据访问。采用上述技术实现方案,由于总线中设置了安全管理功能,支持多组主机访问多组从机,主机和从机的数量和协议类型可以根据需要进行配置;总线可以自行进行安全管理,不需要内部多余的协议转换和寄存器单元,能够减少总线矩阵逻辑,提高了总线的传输效率,减小了总线系统的复杂性。The bus provided by the embodiment of the present invention, the bus receives the access request sent by the at least one host, where the access request carries the access address corresponding to the at least one host; the first host is determined from the at least one host; Accessing the address and the preset address range of the at least one slave, determining, from the at least one slave, whether the first host corresponds to the target slave, and the access address of the first host is within the address range of the target slave; When a host corresponds to the target slave, it is determined whether the access request of the first host to the target slave is legal, and then it is determined whether the first host implements data access to the target slave. With the above technical implementation scheme, since the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register unit can reduce the bus matrix logic, improve the transmission efficiency of the bus, and reduce the complexity of the bus system.

本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码、数据、功能寄存器的寄存器状态的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)或者功能从机,比如UART、IIC等外设的寄存器,上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the present invention may employ computer-usable storage media (including but not limited to disk storage and optical storage, etc.) or functional slaves, such as UART, in one or more of the register states including computer usable program code, data, and function registers. The registers of peripherals such as IIC, and the form of computer program products implemented on them.

本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得 通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, a special purpose computer, an embedded processor or other programmable data processing device to produce a machine such that Instructions executed by a processor of a computer or other programmable data processing device generate means for implementing the functions specified in a block or blocks of a flow or a flow and/or a block diagram of the flowchart.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

工业实用性Industrial applicability

本发明实施例提供了一种数据访问方法及总线,总线通过接收至少一个主机发送的访问请求,该访问请求中携带至少一个主机对应的访问地址;从至少一个主机中确定第一主机;根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定第一主机是否对应目标从机,该第一主机的访问地址在该目标从机的地址范围内;当确定第一主机对应目标从机时,判断第一主机对目标从机的访问请求是否合法,进而判断第一主机是否实现对目标从机的数据访问。采用上述技术实现方案,由于总线中设置了安全管理功能,支持多组主机访问多组从机,主机和从机的数量和协议类型可以根据需要进行配置;总线可以自行进行安全管理,不需要内部多余的协议转换和寄存器单元,能够减少总线矩阵逻辑,提高了总 线的传输效率,减小了总线系统的复杂性。 The embodiment of the present invention provides a data access method and a bus. The bus receives an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and the first host is determined from at least one host; Determining, by the at least one slave, whether the first host corresponds to the target slave, the access address of the host and the preset address range of the at least one slave, the access address of the first host being within the address range of the target slave; When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data access to the target slave. With the above technical implementation scheme, since the security management function is set in the bus, multiple groups of hosts can be accessed to access multiple sets of slaves, and the number and protocol types of the master and slave can be configured as needed; the bus can perform security management on its own without internal Excess protocol conversion and register units can reduce bus matrix logic and improve total The transmission efficiency of the line reduces the complexity of the bus system.

Claims (10)

一种数据访问方法,所述方法包括:A data access method, the method comprising: 接收至少一个主机发送的访问请求,所述访问请求中携带至少一个主机的访问地址;Receiving an access request sent by at least one host, where the access request carries an access address of at least one host; 从所述至少一个主机中确定第一主机;Determining a first host from the at least one host; 根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机,所述第一主机的访问地址在所述目标从机的地址范围内;Determining, according to the access address of the first host and the preset address range of the at least one slave, whether the first host corresponds to the target slave from the at least one slave, and the access address of the first host is in the target Within the address range of the machine; 当确定所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,进而判断所述第一主机是否实现对所述目标从机的数据访问。When it is determined that the first host corresponds to the target slave, determining whether the access request of the first host to the target slave is legal, and determining whether the first host implements data on the target slave access. 根据权利要求1所述的方法,其中,所述访问请求中还携带第一主机的安全访问状态,所述第一主机的安全访问状态包括:安全和非安全;所述当确定所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,包括:The method of claim 1, wherein the access request further carries a secure access status of the first host, the secure access status of the first host includes: secure and non-secure; When the host corresponds to the target slave, it is determined whether the access request of the first host to the target slave is legal, including: 当确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为安全时,判断所述第一主机对所述目标从机的访问请求合法;When it is determined that the first host corresponds to the target slave, and the security access status of the first host is security, determining that the first host access request to the target slave is legal; 当确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为非安全时,获取目标从机的安全地址范围;当所述第一主机的访问地址未在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求合法;当所述第一主机的访问地址在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求非法。When it is determined that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, obtaining a secure address range of the target slave; when the access address of the first host is not in the When the target slave is within the secure address range, determining that the first host access request to the target slave is legal; when the access address of the first host is within the secure address range of the target slave, Determining that the access request of the first host to the target slave is illegal. 根据权利要求1所述的方法,其中,所述从至少一个从机中确定所述第一主机是否对应目标从机之后,所述方法还包括:The method of claim 1, wherein the method further comprises: after determining, by the at least one slave, whether the first host corresponds to a target slave, the method further comprising: 当确定所述第一主机未对应所述目标从机时,判断所述第一主机对从 机的访问请求为非法,中断所述第一主机对所述从机的数据访问。When it is determined that the first host does not correspond to the target slave, determining that the first host is slave The access request of the machine is illegal, and the data access of the first host to the slave is interrupted. 根据权利要求2所述的方法,其中,所述判断所述第一主机是否实现对所述目标从机的数据访问,包括:The method of claim 2, wherein the determining whether the first host implements data access to the target slave comprises: 当判断所述第一主机对所述目标从机的访问请求为合法时,传输所述第一主机对所述目标从机的访问数据;Transmitting access data of the first host to the target slave when determining that the first host access request to the target slave is legal; 当判断所述第一主机对所述目标从机的访问请求为非法时,中断所述第一主机对所述目标从机的数据访问。When it is determined that the access request of the first host to the target slave is illegal, interrupting data access by the first host to the target slave is interrupted. 根据权利要求1至4任一项所述的方法,其中,所述访问请求中还携带第一主机的协议类型和所述目标从机的协议类型;所述从所述至少一个主机中确定第一主机之后,所述根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机之前,所述方法还包括:The method according to any one of claims 1 to 4, wherein the access request further carries a protocol type of the first host and a protocol type of the target slave; the determining from the at least one host After a host, the method further includes: determining, according to the access address of the first host and the preset address range of the at least one slave, from the at least one slave, whether the first host corresponds to the target slave, the method further includes: 当所述第一主机的协议类型与所述目标从机的协议类型不一致时,将所述第一主机的协议类型转换为所述目标从机的协议类型。When the protocol type of the first host is inconsistent with the protocol type of the target slave, converting the protocol type of the first host to the protocol type of the target slave. 一种总线,所述总线包括:A bus, the bus comprising: 仲裁单元,配置为接收至少一个主机发送的访问请求,所述访问请求中携带至少一个主机对应的访问地址;并从所述至少一个主机中确定第一主机,以及输出第一主机的访问地址至地址译码单元;An arbitration unit, configured to receive an access request sent by at least one host, where the access request carries an access address corresponding to at least one host; and determine a first host from the at least one host, and output an access address of the first host to Address decoding unit; 所述地址译码单元,配置为根据所述仲裁单元接收的第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机,所述第一主机的访问地址在所述目标从机的地址范围内,并输出确定结果至安全管理单元;The address decoding unit is configured to determine, according to an access address of the first host received by the arbitration unit and a preset address range of the at least one slave, whether the first host corresponds to the target from the at least one slave The access address of the first host is within the address range of the target slave, and outputs the determination result to the security management unit; 所述安全管理单元,配置为当所述确定结果为所述第一主机对应所述目标从机时,判断所述第一主机对所述目标从机的访问请求是否合法,进而判断所述第一主机是否实现对所述目标从机的数据访问。 The security management unit is configured to determine, when the first host corresponds to the target slave, whether the access request of the first host to the target slave is legal, and further determine the Whether a host implements data access to the target slave. 根据权利要求6所述的总线,其中,所述仲裁单元接收的所述访问请求中还携带第一主机的安全访问状态,所述第一主机的安全访问状态包括:安全和非安全;The bus according to claim 6, wherein the access request received by the arbitration unit further carries a security access status of the first host, and the security access status of the first host includes: security and non-security; 所述安全管理单元,配置为当所述地址译码单元确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为安全时,判断所述第一主机对所述目标从机的访问请求合法;以及当所述地址译码单元确定所述第一主机对应所述目标从机,且所述第一主机的安全访问状态为非安全时,获取目标从机的安全地址范围,当所述第一主机的访问地址未在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求合法;当所述第一主机的访问地址在所述目标从机的安全地址范围内时,判断所述第一主机对所述目标从机的访问请求非法。The security management unit is configured to determine, when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is secure, determine the first host The access request of the target slave is legal; and when the address decoding unit determines that the first host corresponds to the target slave, and the secure access status of the first host is non-secure, acquiring the target slave a security address range, when the access address of the first host is not within the secure address range of the target slave, determining that the first host access request to the target slave is legal; when the first host When the access address is within the secure address range of the target slave, it is determined that the access request of the first host to the target slave is illegal. 根据权利要求6所述的总线,其中,The bus according to claim 6, wherein 所述安全管理单元,还配置为所述从至少一个从机中确定所述第一主机是否对应目标从机之后,当确定所述第一主机未对应所述目标从机时,判断所述第一主机对从机的访问请求为非法,中断所述第一主机对所述从机的数据访问。The security management unit is further configured to determine, after determining, by the at least one slave, whether the first host corresponds to the target slave, and when determining that the first host does not correspond to the target slave, determining the A host-to-slave access request is illegal, interrupting data access by the first host to the slave. 根据权利要求7所述的总线,其中,The bus according to claim 7, wherein 所述安全管理单元,还配置为当判断所述第一主机对所述目标从机的访问请求为合法时,传输所述第一主机对所述目标从机的访问数据;当确定所述第一主机对所述目标从机的访问请求为非法时,中断所述第一主机对所述目标从机的数据访问。The security management unit is further configured to: when determining that the first host access request to the target slave is legal, transmitting, by the first host, access data of the target slave; When a host's access request to the target slave is illegal, the data access of the first host to the target slave is interrupted. 根据权利要求6至9任一项所述的总线,其中,所述总线还包括:协议转换单元;所述访问请求中还携带第一主机的协议类型和所述目标从机的协议类型;The bus according to any one of claims 6 to 9, wherein the bus further comprises: a protocol conversion unit; the access request further carrying a protocol type of the first host and a protocol type of the target slave; 所述协议转换单元,配置为所述仲裁单元从所述至少一个主机中确定 第一主机之后,所述地址译码单元根据第一主机的访问地址和预设的至少一个从机的地址范围,从至少一个从机中确定所述第一主机是否对应目标从机之前,当所述第一主机的协议类型与所述目标从机的协议类型不一致时,将所述第一主机的协议类型转换为所述目标从机的协议类型。 The protocol conversion unit is configured to determine, by the arbitration unit, from the at least one host After the first host, the address decoding unit determines, according to the access address of the first host and the preset address range of the at least one slave, from the at least one slave, whether the first host corresponds to the target slave, When the protocol type of the first host is inconsistent with the protocol type of the target slave, the protocol type of the first host is converted to the protocol type of the target slave.
PCT/CN2016/099411 2015-10-27 2016-09-19 Data access method and bus Ceased WO2017071429A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510707927.3A CN106610906A (en) 2015-10-27 2015-10-27 Data access method and bus
CN201510707927.3 2015-10-27

Publications (1)

Publication Number Publication Date
WO2017071429A1 true WO2017071429A1 (en) 2017-05-04

Family

ID=58615131

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/099411 Ceased WO2017071429A1 (en) 2015-10-27 2016-09-19 Data access method and bus

Country Status (2)

Country Link
CN (1) CN106610906A (en)
WO (1) WO2017071429A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115408707A (en) * 2022-11-03 2022-11-29 山东云海国创云计算装备产业创新中心有限公司 Data transmission method, device and system, electronic equipment and storage medium
CN115695073A (en) * 2022-10-13 2023-02-03 Tcl空调器(中山)有限公司 Communication method, device, equipment and storage medium

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818980A (en) * 2019-03-21 2019-05-28 中国铁塔股份有限公司 A kind of communication means and device
CN113468098B (en) * 2020-03-30 2025-02-11 芯海科技(深圳)股份有限公司 A secure access method, integrated circuit and computer readable storage medium
CN116955265B (en) * 2023-09-20 2023-12-05 合肥创发微电子有限公司 I2C bus system communication method, device, equipment and medium
CN117171065B (en) * 2023-11-02 2024-03-01 摩尔线程智能科技(北京)有限责任公司 Address management method, address management device, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102591824A (en) * 2011-12-27 2012-07-18 深圳国微技术有限公司 DMA (direct memory access) controller for controlling security data transfer in SOC (system on a chip) chip system
CN103546354A (en) * 2013-10-22 2014-01-29 天津七一二通信广播有限公司 Communicating method being based on Internet of Things electric temperature measurement equipment and enabling RS485 bus and CAN bus to be compatible
CN104899175A (en) * 2014-03-04 2015-09-09 深圳市中兴微电子技术有限公司 Safety access control method and device based on on-chip bus protocol

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2894696A1 (en) * 2005-12-14 2007-06-15 Thomson Licensing Sas METHOD FOR ACCESSING A DATA TRANSMISSION BUS, DEVICE AND CORRESPONDING SYSTEM
CN101937412B (en) * 2010-09-14 2013-03-20 硅谷数模半导体(北京)有限公司 System on chip and access method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102591824A (en) * 2011-12-27 2012-07-18 深圳国微技术有限公司 DMA (direct memory access) controller for controlling security data transfer in SOC (system on a chip) chip system
CN103546354A (en) * 2013-10-22 2014-01-29 天津七一二通信广播有限公司 Communicating method being based on Internet of Things electric temperature measurement equipment and enabling RS485 bus and CAN bus to be compatible
CN104899175A (en) * 2014-03-04 2015-09-09 深圳市中兴微电子技术有限公司 Safety access control method and device based on on-chip bus protocol

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115695073A (en) * 2022-10-13 2023-02-03 Tcl空调器(中山)有限公司 Communication method, device, equipment and storage medium
CN115408707A (en) * 2022-11-03 2022-11-29 山东云海国创云计算装备产业创新中心有限公司 Data transmission method, device and system, electronic equipment and storage medium
CN115408707B (en) * 2022-11-03 2023-03-24 山东云海国创云计算装备产业创新中心有限公司 Data transmission method, device and system, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN106610906A (en) 2017-05-03

Similar Documents

Publication Publication Date Title
WO2017071429A1 (en) Data access method and bus
US10726120B2 (en) System, apparatus and method for providing locality assertion between a security processor and an enclave
EP3159802B1 (en) Sharing method and device for pcie i/o device and interconnection system
CN104298628B (en) A kind of data storage arbitration circuit and referee method for concurrently accessing
CN104021104B (en) A kind of cooperative system and its communication means based on dual-bus structure
KR20230164152A (en) Seamlessly integrated microcontroller chip
CN101303677B (en) Method, system and controller for direct memory access control
US20230297725A1 (en) Technologies for filtering memory access transactions received from one or more i/o devices
KR102805364B1 (en) Application Processor and Integrated Circuit Including Interrupt Controller
CN111352697B (en) Flexible physical function and virtual function mapping
WO2018218954A1 (en) Verification platform and verification method, and computer storage medium
CN114707140A (en) Kernel architecture based on PKS system
US20190228159A1 (en) Technologies for filtering memory access transactions received from one or more accelerators via coherent accelerator link
CN103246623B (en) SOC calculates device extension system
US9170963B2 (en) Apparatus and method for generating interrupt signal that supports multi-processor
JP2025131826A (en) Integrated circuit with debugger and arbitration interface
US20220004635A1 (en) Computing peripheral interface management mechanism
US20150378944A1 (en) A method of and circuitry for controlling access by a master to a peripheral, a method of configuring such circuitry, and associated computer program products
US9047264B2 (en) Low pin count controller
US12341890B2 (en) Token-based zero-touch enrollment for provisioning edge computing applications
WO2021077917A1 (en) Memory configuration method and device, and storage medium
CN104899502B (en) Apparatus and method for software-enabled access to protected hardware resources
US20160224486A1 (en) Interrupt-driven i/o arbiter for a microcomputer system
WO2012103768A1 (en) Method and apparatus for data processing, pci-e bus system and server
CN102708079B (en) Be applied to the method and system of the control data transmission of microcontroller

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16858865

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16858865

Country of ref document: EP

Kind code of ref document: A1