TW201821998A - Memory protection logic - Google Patents

Memory protection logic Download PDF

Info

Publication number
TW201821998A
TW201821998A TW106142391A TW106142391A TW201821998A TW 201821998 A TW201821998 A TW 201821998A TW 106142391 A TW106142391 A TW 106142391A TW 106142391 A TW106142391 A TW 106142391A TW 201821998 A TW201821998 A TW 201821998A
Authority
TW
Taiwan
Prior art keywords
memory
access
microcontroller
memory protection
resettable
Prior art date
Application number
TW106142391A
Other languages
Chinese (zh)
Inventor
法蘭克 奧爾尼
Original Assignee
挪威商諾迪克半導體股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 挪威商諾迪克半導體股份有限公司 filed Critical 挪威商諾迪克半導體股份有限公司
Publication of TW201821998A publication Critical patent/TW201821998A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

A resettable microcontroller (1) comprising a processor (7), a memory (11, 13), a memory bus, and memory protection logic (9). The microcontroller (1) is arranged to clear a set of memory-protection configuration registers (26) whenever the microcontroller (1) is reset. The memory protection logic (9) is arranged to access the set of memory-protection configuration registers (26) and is configured to monitor memory access requests on the bus; detect when a memory access request attempts to access a memory address in a protectable region of the memory (11, 13); determine whether the memory access request satisfies an access criterion for the protectable region, the access criterion depending on data stored in the set of memory-protection configuration registers (26); block the memory access request when the access criterion is not satisfied; and prevent writing to any memory-protection configuration register (26) unless the memory-protection configuration register (26) is in a cleared state.

Description

記憶體保護邏輯  Memory protection logic  

本發明有關於控制微控制器上之記憶體存取。 The invention relates to controlling memory access on a microcontroller.

已知須限制對微控制器上之記憶體存取的讀取、寫入或執行以防止對資料或程式之未授權的存取。 It is known to limit the reading, writing or execution of memory accesses on the microcontroller to prevent unauthorized access to data or programs.

通常,在先前技術中,某些受信任的碼總可取得對限制或無限制之記憶體區域的完全存取-例如,藉由令微控制器上的處理器進入特權模式並接著存取限制的記憶體區域。 Typically, in the prior art, certain trusted codes always have full access to restricted or unrestricted memory regions - for example, by having the processor on the microcontroller enter privileged mode and then access restrictions. Memory area.

申請人認知到如此會造成安全風險。例如,若攻擊者能夠以相同升高的安全許可執行攻擊者本身的惡意碼,攻擊者可從限制記憶體讀取敏感的資料,比如加密鑰匙。 Applicants recognize that this poses a security risk. For example, if an attacker is able to execute the attacker's own malicious code with the same elevated security permissions, the attacker can read sensitive data, such as an encryption key, from the restricted memory.

本發明嘗試解決此缺點。 The present invention attempts to address this shortcoming.

從第一態樣來看,本發明提供一種可重設微控制器,包含一處理器、一記憶體、一記憶體匯流排及一記憶體保護邏輯,其中:該微控制器配置成每當該微控制器重設時清除一組記憶體保護組態暫存器;該記憶體保護邏輯配置成存取該組記憶體保護組態暫存器並組態成:監視該匯流排上的記憶體存取請求; 偵測何時一記憶體存取請求嘗試存取該記憶體之一可保護區域中的一記憶體位址;判斷該記憶體存取請求是否滿足針對該可保護區域之一存取標準,該存取標準取決於儲存在該組記憶體保護組態暫存器中之資料;當未滿足該存取標準時阻擋該記憶體存取請求;以及防止寫入至任何記憶體保護組態暫存器,除非該記憶體保護組態暫存器處於一清除狀態中。 The first aspect of the present invention provides a resettable microcontroller including a processor, a memory, a memory bus, and a memory protection logic, wherein the microcontroller is configured to be Clearing a set of memory protection configuration registers when the microcontroller is reset; the memory protection logic is configured to access the set of memory protection configuration registers and configured to: monitor memory on the bus An access request; detecting when a memory access request attempts to access a memory address in a protected area of the memory; determining whether the memory access request satisfies an access standard for the protected area The access standard depends on the data stored in the set of memory protection configuration registers; blocks the memory access request when the access criteria are not met; and prevents writing to any memory protection configuration The memory, unless the memory protection configuration register is in a cleared state.

因此,熟悉此技藝人士可知,根據本發明,可安全地限制對記憶體之可保護區域的存取,藉由儲存適當的值在該組記憶體保護組態暫存器中以限制或阻擋對可保護區域的存取。即使當處理器正在安全或特權模式中執行指令時,此限制也無法被超控,直到微控制器下一次重設。此多功能機制因此讓程式設計人員能夠得到許多不同情況中的增進安全性之保證。 Thus, it will be apparent to those skilled in the art that, in accordance with the present invention, access to a protected area of a memory can be safely restricted by storing an appropriate value in the set of memory protection configuration registers to limit or block the pair. Protects access to areas. Even when the processor is executing an instruction in secure or privileged mode, this limit cannot be overridden until the next reset by the microcontroller. This versatile mechanism thus allows programmers to be assured of increased security in many different situations.

例如,一些實施例讓程式設計人員能夠防止對記憶體之可保護區域的所有寫入存取,藉由安裝引導程序使得每當微控制器重設時可儲存存取標準於該組記憶體保護組態暫存器中以防止對該區域之寫入存取。 For example, some embodiments allow a programmer to prevent all write access to a protected area of memory by storing a boot program that allows storage criteria to be stored in the set of memory protection groups whenever the microcontroller is reset. The state register is used to prevent write access to the area.

作為另一個實例,一些實施例讓引導程序得以從可保護區域讀取敏感的加密資料並且用其來驗證微控制器的完整性,並因此,一旦使用過加密資料後,引導程序可設定存取標準來防止對敏感的加密資料的任何進一步的讀取或寫入存取直到微控制器下一次重設。 As another example, some embodiments allow the bootloader to read sensitive encrypted data from the protected area and use it to verify the integrity of the microcontroller, and thus, once the encrypted material has been used, the bootloader can set access. Standards to prevent any further read or write access to sensitive encrypted data until the next reset by the microcontroller.

可理解到微控制器重設可藉由硬體重設機制(例如藉由暫時移除至RAM的電源)或藉由寫入內定值至該組記憶體保護組態暫存器來清除該組記憶體保護組態暫存器。因此,只有當記憶體保護組態暫存器被清 除時,它們才可被設定來儲存用於控制對可保護區域之存取的存取標準。 It can be appreciated that the microcontroller reset can clear the set of memory by a hard weight setting mechanism (for example, by temporarily removing power to the RAM) or by writing a default value to the set of memory protection configuration registers. Body protection configuration register. Therefore, only when the memory protection configuration registers are cleared, they can be set to store access criteria for controlling access to the protected area.

在一些實施例中,微控制器亦可防止周邊設備或甚至匯流排主控器對組態暫存器的修改,且其可防止或限制外部除錯器的修改。 In some embodiments, the microcontroller can also prevent modification of the configuration register by the peripheral device or even the bus master, and it can prevent or limit modification of the external debugger.

可藉由記憶體保護邏輯內的重寫控制器實施記憶體保護組態暫存器的寫入保護。在當有寫入至記憶體保護組態暫存器的請求時,重寫控制器可配置成判斷組態暫存器內含的資料是否與清除或內定值不同。當重寫控制器判斷有差別時,重寫控制器可組態成阻擋寫入請求。當重寫控制器判斷沒有差別時,重寫控制器可組態成允許寫入請求。 The write protection of the memory protection configuration register can be implemented by a rewrite controller within the memory protection logic. When there is a request to write to the memory protection configuration register, the rewrite controller can be configured to determine if the data contained in the configuration register is different from the cleared or default value. When the rewrite controller determines that there is a difference, the rewrite controller can be configured to block the write request. The rewrite controller can be configured to allow write requests when the rewrite controller determines that there is no difference.

因此,重寫控制器可提供存取給引導程序以在微控制器重設之後,於該組記憶體保護組態暫存器中設定存取標準。 Thus, the rewrite controller can provide access to the bootstrap program to set access criteria in the set of memory protection configuration registers after the microcontroller is reset.

可由儲存在該組記憶體保護組態暫存器中的一或多個值來界定可保護區域。例如,可保護區域之基礎位址可儲存在記憶體保護組態暫存器之一者中。另一個記憶體保護組態暫存器可儲存該可保護區域之結束位址或長度。可保護區域可由單一記憶體位址範圍界定,或可包含複數記憶體位址範圍或記憶體之區塊。 The protectable area may be defined by one or more values stored in the set of memory protection configuration registers. For example, the base address of the protected area can be stored in one of the memory protection configuration registers. Another memory protection configuration register can store the end address or length of the protected area. The protectable area may be defined by a single memory address range or may comprise a plurality of memory address ranges or blocks of memory.

儲存在記憶體保護組態暫存器中的值可界定記憶體中的複數可保護區域,其可各具有一或多個關聯的存取標準。可設置邏輯來解決區域重疊處的衝突。較佳地,藉由如果至少一個組態暫存器設定成防止區域存取的話(即便另一個暫存器允許存取)則防止存取該區域來解決衝突。 The values stored in the memory protection configuration register may define complex protected areas in the memory, each of which may have one or more associated access criteria. Logic can be set to resolve conflicts at regional overlaps. Preferably, conflicts are resolved by preventing access to the area if at least one configuration register is set to prevent zone access (even if another register allows access).

存取標準可指明或判斷針對一可保護區域被允許的記憶體存取請求的類型。在一些實施例中,其可指明針對可保護區域被允許的讀取存取、寫入存取、抹除存取及執行存取之一或多個(或相反地,其可指明這種存取被禁止)。在一些實施例中,存取標準可額外或替代地要求處理器或微控制器處於一組特定狀態之一者,比如處於安全模式中或特權模式 中,或者存取請求來自外部除錯器,以允許對可保護區域的存取。在一些實施例中,一區域可能與安全模式存取許可相關之組態暫存器及非安全模式存取許可相關之另外的組態暫存器關聯。存取標準可額外或替代地要求記憶體存取請求係由儲存在微控制器上之一或多個記憶體的特定區域中的指令所產生。存取標準可額外或替代地要求記憶體存取請求係由一特定組的構件之一所產生,比如由處理器,或由一特定的周邊設備(例如,串列介面、數位至類比轉換器、或諸如外部除錯器的服務單元)或周邊設備組。在一些實施例中,存取標準可額外或替代地要求存取請求具有安全或特權狀態,或其與一特定程序關聯(例如韌體程序或第三方軟體程序)。 The access criteria may indicate or determine the type of memory access request that is allowed for a protected area. In some embodiments, it may indicate one or more of read access, write access, erase access, and execute access allowed for the protected area (or conversely, it may indicate such a save Take is prohibited). In some embodiments, the access criteria may additionally or alternatively require the processor or microcontroller to be in one of a set of specific states, such as in a secure mode or a privileged mode, or an access request from an external debugger, To allow access to protected areas. In some embodiments, an area may be associated with a configuration register associated with a secure mode access grant and an additional configuration register associated with a non-secure mode access grant. The access criteria may additionally or alternatively require that the memory access request be generated by instructions stored in a particular area of one or more memories on the microcontroller. The access criteria may additionally or alternatively require that the memory access request be generated by one of a particular set of components, such as by a processor, or by a particular peripheral device (eg, a serial interface, a digital to analog converter) Or a service unit such as an external debugger or a peripheral device group. In some embodiments, the access criteria may additionally or alternatively require the access request to have a secure or privileged state, or it may be associated with a particular program (eg, a firmware or third party software program).

較佳地,針對記憶體保護組態暫存器之至少一或多者,組態暫存器的值在清除狀態中代表比一替代值或任何其他值所代表還要寬鬆的存取。例如,一清除值(例如零位元)可界定特定記憶體存取類型(如當處理氣在非安全狀態中時的讀取存取)之無限制存取,而一替代值(例如一位元)則代表特定記憶體存取類型之被阻擋的存取。 Preferably, for at least one or more of the memory protection configuration registers, the value of the configuration register in the clear state represents a looser access than represented by a substitute value or any other value. For example, a clear value (eg, a zero bit) may define unrestricted access to a particular memory access type (eg, read access when processing gas is in an unsecured state), and a substitute value (eg, one bit) Meta) represents a blocked access of a particular memory access type.

記憶體保護邏輯可組態成藉由觸發匯流排故障例外來阻擋記憶體存取請求。 The memory protection logic can be configured to block memory access requests by triggering bus fault exceptions.

記憶體保護邏輯較佳可配置成偵測記憶體存取指令而不論其來源為何,亦即來自任何匯流排主控器。這允許其被用來偵測來自周邊設備(例如來自外部除錯器)之直接記憶體存取(DMA)指令,還有來自處理器之指令。 The memory protection logic is preferably configurable to detect memory access instructions regardless of their source, ie from any bus master. This allows it to be used to detect direct memory access (DMA) instructions from peripheral devices (such as from an external debugger), as well as instructions from the processor.

記憶體保護組態暫存器較佳為可由處理器,例如,透過記憶體匯流排,定址。較佳可藉由處理器寫入至其及/或從其讀取。依此,引導程序可在重設之後設定組態暫存器。每一個暫存器可佔據記憶體的一連續區域,或可分裂在多個位置。在此所用之暫存器可為單位元長(可能在較 大位元欄位內),或可包含複數位元(例如32位元的字)。 The memory protection configuration register is preferably addressable by a processor, for example, via a memory bus. Preferably, it can be written to and/or read by the processor. In this way, the boot program can set the configuration register after resetting. Each register can occupy a contiguous area of memory or can be split at multiple locations. A scratchpad as used herein may be a unit long (possibly within a larger bit field) or may contain a plurality of bits (e.g., a 32-bit word).

在微控制器上的記憶體可儲存一或多個軟體構件,像是引導程序及/或韌體模組及/或用戶應用。處理器較佳配置成在重設後從一預定記憶體位址執行指令-較佳在執行任何其他指令之前。在一些實施例中,引導程序儲存在該預定記憶體位址,其可在記憶體的可保護區域中。該引導程序可包含用於寫入存取標準至一或多個記憶體保護組態暫存器的指令,以防止寫入至該預定記憶體位址及/或至含有該引導程序之可保護區域。依此,可令該引導程序為唯讀,這可增強微控制器的安全性。尤其,這防止攻擊者修改引導程序來防止其在下一次重設之後寫入正確的存取標準至記憶體保護組態暫存器。 The memory on the microcontroller can store one or more software components, such as bootloaders and/or firmware modules and/or user applications. The processor is preferably configured to execute instructions from a predetermined memory address after resetting - preferably before executing any other instructions. In some embodiments, the bootstrap program is stored at the predetermined memory address, which may be in a protectable area of the memory. The boot program can include instructions for writing an access standard to one or more memory protection configuration registers to prevent writing to the predetermined memory address and/or to a protected area containing the boot program . In this way, the boot program can be read-only, which enhances the security of the microcontroller. In particular, this prevents an attacker from modifying the bootstrap to prevent it from writing the correct access criteria to the memory protection configuration register after the next reset.

在一些實施例中,記憶體保護邏輯亦可配置成存取一組非安全模式寫入保護的記憶體保護組態暫存器。這些非安全模式寫入保護的記憶體保護組態暫存器可如同其他記憶體保護組態暫存器般作用,亦即其界定並控制對記憶體之一或多個可保護區域的存取。然而,重寫控制器較佳組態成,當處理器在安全模式中時,允許處理器變更非安全模式寫入保護的記憶體保護組態暫存器任何次數,而不需重設微控制器。較佳地,當處理器並非處於安全模式中時,重寫控制器阻止寫入到非安全模式寫入保護的記憶體保護組態暫存器中,除非其處於清除狀態中。如同其他記憶體保護組態暫存器,記憶體保護邏輯可組態成根據儲存在該組非安全模式寫入保護的記憶體保護組態暫存器中之資料來判斷記憶體存取請求是否滿足存取標準。記憶體保護邏輯可在存取標準未被滿足時阻擋記憶體存取請求。可能希望有這種非安全模式寫入保護的記憶體保護組態暫存器,因其可由軟體而非僅引導程序所使用,並可在裝置的正常操作期間被改變(只要處理器處於安全模式中)。 In some embodiments, the memory protection logic can also be configured to access a set of memory protection configuration registers for non-secure mode write protection. These non-secure mode write-protected memory protection configuration registers can function like other memory protection configuration registers, ie they define and control access to one or more protected areas of memory. . However, the rewrite controller is preferably configured to allow the processor to change the non-secure mode write protected memory protection configuration register any number of times while the processor is in the secure mode, without resetting the micro control Device. Preferably, when the processor is not in the secure mode, the rewrite controller blocks writing to the memory protection configuration register of the non-secure mode write protection unless it is in the cleared state. Like other memory protection configuration registers, the memory protection logic can be configured to determine whether the memory access request is based on data stored in the memory protection configuration register of the set of non-safe mode write protections. Meet the access criteria. The memory protection logic can block memory access requests when the access criteria are not met. It may be desirable to have this non-secure mode write protected memory protection configuration register as it can be used by the software rather than just the bootloader and can be changed during normal operation of the device (as long as the processor is in safe mode) in).

在一組實施例中,非安全模式寫入保護的記憶體保護組態暫存器用來儲存當處理器處於非安全模式中時所執行但當處理器處於安全模式中時不執行的存取標準。在這些實施例的一些中,標準的記憶體保護組態暫存器(針對其無論處理器在安全模式或非安全模式中重寫保護皆適用)用來儲存存取標準,其不論處理器在安全模式或非安全模式中都會被執行。 In one set of embodiments, the non-secure mode write protected memory protection configuration register is used to store access criteria that are executed when the processor is in non-secure mode but are not executed when the processor is in secure mode. . In some of these embodiments, a standard memory protection configuration register (for which the processor is rewritten in either safe mode or non-secure mode) is used to store access standards regardless of the processor Both safe mode and non-secure mode are executed.

記憶體(包括一或多個可保護區域)可包含依電性及/或非依電性記憶體,比如RAM及/或快閃記憶體。記憶體可儲存程式碼。記憶體較佳可由處理器透過記憶體匯流排定址。記憶體保護組態暫存器可包含非依電性記憶體(例如快閃),但較佳包含依電性記憶體,因為其可免除用來在重設之後清除記憶體保護組態暫存器之專用電路。 The memory (including one or more protectable regions) may comprise an electrical and/or non-electrical memory such as RAM and/or flash memory. The memory can store the code. The memory is preferably addressable by the processor through the memory bus. The memory protection configuration register may include non-electrical memory (eg, flash), but preferably includes an electrical memory because it is exempt from the memory protection configuration temporary memory after resetting. Special circuit for the device.

處理器可為任何適當的處理器。在一些實施例中,其可為來自ARMTM的處理器,比如來自ARMTM的CortexTM系列的處理器。在此所使用的安全模式在一些實施例中可為根據ARMTM的TrustZoneTM規格之安全模式或狀態。微控制器可包含連接至記憶體匯流排的一或多個其他的處理器。 The processor can be any suitable processor. In some embodiments, it may be a processor from the ARM TM, such as a processor from Cortex TM family of ARM TM. In the secure mode as used herein may in some embodiments according to the specifications of the ARM TM TrustZone TM secure mode or state. The microcontroller can include one or more other processors connected to the memory bus.

記憶體匯流排可為位址或指令匯流排,其可承載指令及資料兩者。該微控制器可包含複數匯流排,比如處理器匯流排或周邊設備匯流排。該記憶體保護邏輯可配置成監視複數匯流排上的記憶體存取指令。 The memory bus can be an address or an instruction bus that can carry both instructions and data. The microcontroller can include a plurality of busses, such as a processor bus or a peripheral bus. The memory protection logic can be configured to monitor memory access instructions on the plurality of busses.

記憶體保護邏輯較佳與處理器無關地操作。其較佳包含與處理器分開之不同的邏輯閘。依此,惡意或無心的程式設計人員無法在處理器上執行繞過記憶體保護邏輯的碼。出於同樣的原因,記憶體保護邏輯較佳完全以硬體為基礎,亦即其不包含用於執行軟體指令的通用處理器。在記憶體保護邏輯內的重寫控制器較佳亦為部份或全部以硬體為基礎,亦即包含與處理器的不同之邏輯閘。應可理解到記憶體保護邏輯不限於任何特定實體形狀或微控制器上的位置,並可包含任何數量之分別的邏輯構件。 The memory protection logic preferably operates independently of the processor. It preferably includes a different logic gate separate from the processor. Accordingly, a malicious or unintentional programmer cannot execute a code that bypasses the memory protection logic on the processor. For the same reason, the memory protection logic is preferably entirely hardware-based, that is, it does not include a general purpose processor for executing software instructions. Preferably, the rewriting controller within the memory protection logic is also partially or wholly hardware based, that is, includes a different logic gate than the processor. It should be understood that the memory protection logic is not limited to any particular physical shape or location on the microcontroller, and may include any number of separate logical components.

微控制器較佳為積體裝置,例如整合在矽上。在一些實施例中,其可包含無線電傳送器或接收器,例如所謂的單晶片上無線電裝置。從另一態樣來看,本發明提供包含如此所揭露之微控制器的積體無線電裝置。 The microcontroller is preferably an integrated device, for example integrated on a crucible. In some embodiments, it may include a radio transmitter or receiver, such as a so-called on-wafer radio. Viewed from another aspect, the present invention provides an integrated radio device including the microcontroller as disclosed.

1‧‧‧微控制器 1‧‧‧Microcontroller

3‧‧‧時脈邏輯 3‧‧‧ clock logic

5‧‧‧電力管理電路 5‧‧‧Power Management Circuit

7‧‧‧處理器 7‧‧‧ Processor

9‧‧‧記憶體保護邏輯 9‧‧‧ Memory Protection Logic

11‧‧‧RAM 11‧‧‧RAM

13‧‧‧快閃記憶體 13‧‧‧Flash memory

15‧‧‧周邊設備 15‧‧‧ Peripherals

17‧‧‧無線電通訊邏輯 17‧‧‧ Radio Communication Logic

18‧‧‧除錯介面 18‧‧‧Debugging interface

19‧‧‧輸入/輸出電路 19‧‧‧Input/Output Circuit

20‧‧‧快閃記憶體控制器 20‧‧‧Flash Memory Controller

22‧‧‧重設事件 22‧‧‧Reset event

24‧‧‧引導程序 24‧‧‧ Bootstrap

26‧‧‧記憶體保護組態暫存器 26‧‧‧Memory Protection Configuration Register

茲參照附圖以例示方式說明本發明之某些較佳實施例,其中:第1圖為本發明之微控制器的示意圖;第2圖為微控制器的記憶體保護邏輯內之重寫控制器所採取的操作之示意圖;以及第3圖為繪示第1圖之微控制器的啟動順序連同存取請求程序的一些實例之流程圖。 BRIEF DESCRIPTION OF THE DRAWINGS Some preferred embodiments of the present invention are illustrated by way of example with reference to the accompanying drawings in which: FIG. 1 is a schematic diagram of a microcontroller of the present invention; and FIG. 2 is a rewrite control in a memory protection logic of a microcontroller A schematic diagram of the operations taken by the device; and FIG. 3 is a flow chart showing some examples of the startup sequence of the microcontroller of FIG. 1 along with the access request procedure.

第1圖顯示積體電路微控制器1或單晶片上無線電(radio-on-a-chip),其包含可包括電阻器-電容器振盪器且/或可從晶片外的晶體振盪器(未圖示)接收輸入之時脈邏輯3、電力管理電路5、處理器7(如ARMTMCortex-M0)、記憶體保護邏輯9、RAM 11、快閃記憶體控制器20、快閃記憶體13、無線電通訊邏輯17、一或多個周邊設備15及輸入/輸出電路19。 Figure 1 shows an integrated circuit microcontroller 1 or a radio-on-a-chip that includes a crystal oscillator that can include a resistor-capacitor oscillator and/or can be external to the wafer (not shown) Clock logic 3 for receiving input, power management circuit 5, processor 7 (such as ARM TM Cortex-M0), memory protection logic 9, RAM 11, flash memory controller 20, flash memory 13, Radio communication logic 17, one or more peripheral devices 15, and input/output circuits 19.

使用適當的線及/或匯流排(未圖示)來互連這些構件。該微控制器1可使用哈佛(Harvard)架構或馮.諾依曼(von Neumann)架構。該記憶體保護邏輯9配置成攔截至RAM 11及至快閃記憶體控制器20的所有記憶體存取。因此,來自該處理器7及周邊設備15之記憶體存取指令都會被該記憶體保護邏輯9攔截。 These components are interconnected using appropriate wires and/or bus bars (not shown). The microcontroller 1 can use the Harvard architecture or Feng. Von Neumann architecture. The memory protection logic 9 is configured to block all memory accesses to the RAM 11 and to the flash memory controller 20. Therefore, the memory access instructions from the processor 7 and the peripheral device 15 are intercepted by the memory protection logic 9.

該微控制器1亦具有除錯介面18,其可用來將資料載入快閃 記憶體13中並用來除錯處理器7。預期在將微控制器1運送至終端用戶之前會完全禁能除錯介面18。該微控制器1可包含用於限制或阻擋從除錯介面18對快閃記憶體13及RAM 11之存取的一種可組態機制。 The microcontroller 1 also has a debug interface 18 which can be used to load data into the flash memory 13 and to debug the processor 7. It is expected that the debug interface 18 will be completely disabled before the microcontroller 1 is shipped to the end user. The microcontroller 1 can include a configurable mechanism for limiting or blocking access to the flash memory 13 and RAM 11 from the debug interface 18.

在使用上,微控制器1可連接到數個外部構件,比如電源供應器、無線電天線、晶體振盪器、感測器、輸出裝置等等。 In use, the microcontroller 1 can be connected to a number of external components such as a power supply, a radio antenna, a crystal oscillator, a sensor, an output device, and the like.

該記憶體保護邏輯9可組態成使得快閃記憶體13具有至少一個記憶體保護區域及至少一個記憶體無保護區域。(該等)保護區域儲存韌體資料及碼,還有引導程序(bootloader)。(該等)無保護區域儲存第三方軟體。在其他實施例中,第三方軟體亦可儲存於保護區域中。該記憶體保護邏輯9亦可組態成使得RAM 11具有至少一個保護區域及至少一個無保護區域。 The memory protection logic 9 can be configured such that the flash memory 13 has at least one memory protected area and at least one memory unprotected area. (These) protected areas store firmware data and code, as well as a bootloader. (These) unprotected areas store third-party software. In other embodiments, the third party software may also be stored in the protected area. The memory protection logic 9 can also be configured such that the RAM 11 has at least one protected area and at least one unprotected area.

對快閃記憶體13或RAM 11之給定區域(例如保護區域)的存取係由記憶體保護邏輯9控制,並僅若那個區域的存取標準得到滿足的話才准予。存取標準可界定快閃記憶體13或RAM 11之保護區域(例如藉由記憶體起始位址和長度值)並可針對每一個讀取、寫入及執行操作指明系統程序(例如韌體程序或軟體程序)及周邊設備15是否被准予存取那個記憶體區域。在一些實施例中,亦可由存取標準直接控制對抹除功能的存取。當超控(override)暫存器為設定時,該除錯介面18可超控記憶體保護邏輯9(除非已經禁能微控制器1之除錯),但除此例外之外,已組態的保護適用存取記憶體匯流排之所有構件。 Access to a given area (e.g., protected area) of flash memory 13 or RAM 11 is controlled by memory protection logic 9 and is granted only if the access criteria for that area are met. The access criteria may define the protected area of flash memory 13 or RAM 11 (eg, by memory start address and length values) and may specify system programs (eg, firmware for each read, write, and execute operation). Whether the program or software program) and peripheral device 15 are granted access to that memory area. In some embodiments, access to the erase function can also be directly controlled by the access criteria. When the override register is set, the debug interface 18 can override the memory protection logic 9 (unless the debug of the microcontroller 1 is disabled), but with the exception of this configuration The protection applies to all components of the memory bus.

存取標準儲存在至少一個記憶體保護組態暫存器26中。記憶體保護組態暫存器26可為RAM 11記憶體或快閃記憶體13的一部分。在此實施例中,它們為RAM 11的一部分。這樣是有利的,因為這可確保當微控制器1重設時會立即清除記憶體保護組態暫存器26。若記憶體保護組態暫存器 26為快閃記憶體13的一部分的話,微控制器1(例如快閃記憶體控制器20)會需要配置成當重設事件22發生時,自動抹除有關於記憶體保護組態暫存器26之一或多個快閃記憶體區塊。 The access criteria are stored in at least one memory protection configuration register 26. The memory protection configuration register 26 can be part of the RAM 11 memory or flash memory 13. In this embodiment, they are part of the RAM 11. This is advantageous because it ensures that the memory protection configuration register 26 is immediately cleared when the microcontroller 1 is reset. If the memory protection configuration register 26 is part of the flash memory 13, the microcontroller 1 (e.g., the flash memory controller 20) would need to be configured to automatically erase when the reset event 22 occurs. One or more flash memory blocks are associated with the memory protection configuration register 26.

可有複數組的記憶體保護組態暫存器26,每一組有關於一個別的可保護區域。例如,一組記憶體保護組態暫存器26可具有用於界定一個保護區域的起始位址暫存器和大小暫存器、用於在安全模式中致能或禁能對該區域的執行存取之二元旗標、用於在安全模式中致能或禁能對該區域的讀取存取之二元旗標、用於在安全模式中致能或禁能對該區域的寫入存取之二元旗標、用於在非安全模式中致能或禁能對該區域的執行存取之二元旗標、用於在非安全模式中致能或禁能對該區域的讀取存取之二元旗標、以及用於在非安全模式中致能或禁能對該區域的寫入存取之二元旗標。在一組實施例中,有八組這樣的記憶體保護組態暫存器26。每一個二元旗標可視為一個分別的暫存器,或者一群旗標(例如所有安全模式旗標,或所有非安全模式旗標、或所有安全及非安全模式旗標)可一同視為單一暫存器。 There may be a complex array of memory protection configuration registers 26, each group having an additional protected area. For example, a set of memory protection configuration registers 26 may have a start address register and a size register for defining a protected area, for enabling or disabling the area in a secure mode. enabled or disabled in the secure mode can be written into Dual performing an access flag, it applied to binary enabling or disabling the security mode can be accessed in the reading area of the flag, for the region of enter into dual access flag for enabling or disabling the non-secure execution mode, you can access the area of a binary flag for enabling or disabling energy in a non-secure mode to the region A binary flag for read access, and a binary flag for enabling or disabling write access to the region in non-secure mode. In one set of embodiments, there are eight such sets of memory protection configuration registers 26. Each binary flag can be treated as a separate register, or a group of flags (such as all security mode flags, or all non-secure mode flags, or all secure and non-secure mode flags) can be treated together as a single Register.

在一些實施例中,二元旗標中的清除值(例如「0」)指示該個別的區域允許關聯的存取類型。因此,在重設後寫入一替代值(例如「1」)至該二元旗標代表限制對該區域的存取。 In some embodiments, a clear value (eg, "0") in the binary flag indicates that the individual region allows the associated access type. Therefore, a substitute value (e.g., "1") is written after the reset to the binary flag to restrict access to the area.

該記憶體保護邏輯9對記憶體保護組態暫存器26有讀取存取權。一重寫控制器形成記憶體保護邏輯9之一部份。當記憶體保護邏輯9攔截到對記憶體保護組態暫存器26寫入之請求時,重寫控制器配置成判斷記憶體保護組態暫存器26是否處於一清除狀態中或其含有與清除或內定值不同的資料-亦即其判斷自從上一次重設起暫存器26是否已被寫入過。當重寫控制器判斷有差異時,則重寫控制器組態成阻擋修改組態暫存器26之請 求。當重寫控制器判斷沒有差異時,重寫控制器允許組態暫存器26被寫入。依照此方式,重寫控制器確保記憶體保護組態暫存器26在每一次重設後僅被寫入一次。如果清除值代表較寬鬆的設定的話,則重寫控制器藉由將暫存器回復到一清除值來防止軟體放鬆對記憶體存取之限制。 The memory protection logic 9 has read access to the memory protection configuration register 26. A rewrite controller forms part of the memory protection logic 9. When the memory protection logic 9 intercepts a request to write to the memory protection configuration register 26, the rewrite controller is configured to determine whether the memory protection configuration register 26 is in a cleared state or contains Clearing or different data with the default value - that is, it determines whether the register 26 has been written since the last reset. When the rewrite controller determines that there is a difference, the rewrite controller is configured to block the request to modify the configuration register 26. When the rewrite controller judges that there is no difference, the rewrite controller allows the configuration register 26 to be written. In this manner, the rewrite controller ensures that the memory protection configuration register 26 is only written once after each reset. If the clear value represents a looser setting, the overwrite controller prevents the software from relaxing the memory access restrictions by reverting the scratchpad to a clear value.

因此,可理解到當重設事件22之後啟動微控制器1時(例如在手動重新啟動裝置之後、在安裝新的電池到裝置中之後、或當監視計時器觸發重設時等等),記憶體保護組態暫存器26會被清除,且引導程序軟體會對組態暫存器26有寫入存取權。更一般地說,每當微控制器1開始從位址零執行時,記憶體保護組態暫存器26將會重設。正常上,引導程序將接著寫入適當的值到記憶體保護組態暫存器26,這將會有防止裝置上的其他軟體對那些暫存器26之任何變更的效果。若引導程序不需組態如組態暫存器26可支援一般多的不同保護區域的話(例如其僅需界定五個區域,而暫存器26可支援八個區域),引導程序較佳在空餘組的組態暫存器26中複製一或多個的區域設定,以防止它們被任何其他軟體寫入直到下一次重設為止。因此,可防止攻擊者使用惡意碼來變更記憶體保護組態暫存器26以改變存取標準,並藉此取得記憶體的保護區域之存取。類似地,防止非惡意碼中的錯誤無意地寫入RAM 11或快閃記憶體13的保護區域。 Therefore, it can be understood that when the microcontroller 1 is started after resetting the event 22 (for example, after manually restarting the device, after installing a new battery into the device, or when the watchdog timer triggers resetting, etc.), the memory The body protection configuration register 26 is cleared and the bootstrap software has write access to the configuration register 26. More generally, each time the microcontroller 1 begins executing from address zero, the memory protection configuration register 26 will be reset. Normally, the bootloader will then write the appropriate value to the memory protection configuration register 26, which will have the effect of preventing any other software on the device from making any changes to those registers 26. If the boot program does not need to be configured, such as the configuration register 26 can support a large number of different protection areas (for example, it only needs to define five areas, and the register 26 can support eight areas), the boot program is preferably One or more of the zone settings are copied from the configuration register 26 of the spare group to prevent them from being written by any other software until the next reset. Therefore, the attacker can be prevented from using the malicious code to change the memory protection configuration register 26 to change the access standard, and thereby access the protected area of the memory. Similarly, errors in the non-malicious code are prevented from being unintentionally written into the protected area of the RAM 11 or the flash memory 13.

引導程序本身(包括其之資料)可儲存在快閃記憶體13的一區域中,在重設之後引導程序可立即寫入保護該區域。這防止任何其他軟體無意或惡意地操縱引導程序以防止其在每一次重設之後設定正確的存取標準。 The bootloader itself (including its data) can be stored in an area of the flash memory 13, and the bootloader can immediately write to protect the area after resetting. This prevents any other software from inadvertently or maliciously manipulating the bootstrap to prevent it from setting the correct access criteria after each reset.

處理器7可具有安全操作模式及非安全操作模式。一般而言,即使處理器7處於安全模式中,記憶體保護邏輯9中的重寫控制器仍防止重寫至組態暫存器26。然而,在一些實施例中,當處理器7處於安全模式 中時,重寫控制器允許重寫有關於非安全模式許可之特定的暫存器(其可為二元旗標)(但其總是防止有關於安全模式許可之二元旗標的重寫)。 The processor 7 can have a safe operating mode and a non-secure operating mode. In general, the rewrite controller in the memory protection logic 9 prevents rewriting to the configuration register 26 even if the processor 7 is in the secure mode. However, in some embodiments, when the processor 7 is in the secure mode, the rewrite controller allows rewriting of a particular scratchpad (which may be a binary flag) with respect to the non-secure mode license (but its total) It is to prevent the rewriting of the binary flag regarding the security mode license).

第2圖更詳細繪示記憶體保護邏輯9中之重寫控制器的各種主要操作。 Figure 2 illustrates in more detail the various main operations of the rewrite controller in the memory protection logic 9.

當記憶體保護邏輯9從處理器7接收到「重設」信號時,其所有組態暫存器設定成內定值-例如,針對字長度的暫存器,設定成0×0000 0000(具有零的32位元字),或針對單一位元的暫存器設定成零位元。 When the memory protection logic 9 receives a "reset" signal from the processor 7, all of its configuration registers are set to a default value - for example, for a word length register, set to 0x0000 0000 (with Zero 32-bit words), or a scratch for a single bit is set to zero.

當記憶體保護邏輯9偵測到記憶體存取嘗試,其判斷該嘗試是否為寫入安全組態暫存器(亦即有關於在安全模式中之處理器的許可之暫存器)。若是,則其檢查安全組態暫存器的值是否為內定值。若為內定值,其允許寫入;否則,其拒絕寫入(例如藉由觸發「匯流排故障」例外)。 When the memory protection logic 9 detects a memory access attempt, it determines if the attempt is to write to the secure configuration register (i.e., the scratchpad with respect to the processor in the secure mode). If yes, it checks if the value of the safety configuration register is a default value. If it is a default value, it allows writing; otherwise, it rejects writing (for example by triggering a "bus fault" exception).

如果記憶體存取嘗試並非為安全組態暫存器的話,記憶體保護邏輯9判斷該嘗試是否寫入非安全組態暫存器(亦即有關於在非安全模式中之處理器的許可之暫存器)。若是,則其檢查來自處理器7的一條線,其指示處理器7是否正處於安全或非安全狀態,並判斷處理器7目前正處於之狀態。若處理器7處於安全狀態,則重寫控制器允許寫入。若處理器7並非處於安全狀態,則重寫控制器檢查非安全組態暫存器的值是否為內定值。若為內定值,則允許寫入;否則,其拒絕寫入(例如藉由觸發「匯流排故障」例外)。 If the memory access attempt is not to configure the scratchpad for security, the memory protection logic 9 determines whether the attempt is written to the non-secure configuration register (ie, there is permission for the processor in the non-secure mode) Register). If so, it checks a line from processor 7 indicating whether processor 7 is in a safe or non-secure state and determines that processor 7 is currently in the state. If the processor 7 is in a safe state, the rewrite controller allows writing. If the processor 7 is not in a safe state, the rewrite controller checks if the value of the non-secure configuration register is a default value. If it is a default value, write is allowed; otherwise, it refuses to write (for example, by triggering a "bus fault" exception).

第3圖繪示在重設之後微控制器1的操作,連同記憶體保護邏輯9會如何回應於來自從記憶體11及13的無保護區域運行之軟體程序、從記憶體11及13的保護區域運行之韌體程序及周邊設備15之資料存取請求的一些實例。 Figure 3 illustrates the operation of the microcontroller 1 after resetting, along with how the memory protection logic 9 responds to the software program running from the unprotected areas of the memory 11 and 13 from the memory 11 and 13 Some examples of data access requests for the area running firmware program and peripheral devices 15.

當微控制器1重設時,清楚記憶體保護組態暫存器26並且於 步驟200引發引導程序24以開始啟動順序(boot sequence)。引導程序24儲存在特別的位址,其為處理器7重設後開始執行的首個位址。引導程序24可因此在任何軟體程序或韌體程序做出資料存取請求之前執行。於步驟202,引導程序24讀取其本身的資料,代表希望的存取標準,還有直接來自快閃記憶體13之即將受保護的區域的加密資料,並執行以加密資料執行完整性檢查來確保微控制器1沒被破壞。於步驟204,引導程序24接著發出寫入請求以寫入存取標準到記憶體保護組態暫存器26中。寫入請求被記憶體保護邏輯9攔截並由記憶體保護邏輯9內的重寫控制器處理。重寫控制器判斷被請求的組態暫存器26是否處於清除狀態中。如上述般藉由讀取暫存器26來完成此步驟。不過,在其他實施例中,重寫控制器可檢查代表組態暫存器26之狀態的一或多個不同的旗標(例如指示它們是否已被寫入過)。 When the microcontroller 1 is reset, the memory protects the configuration register 26 and the boot program 24 is initiated in step 200 to begin the boot sequence. The boot program 24 is stored at a special address, which is the first address that is executed after the processor 7 is reset. The boot program 24 can thus be executed before any software program or firmware program makes a data access request. In step 202, the bootstrap program 24 reads its own data, representing the desired access criteria, as well as the encrypted data directly from the upcoming protected area of the flash memory 13, and performs an integrity check with the encrypted data. Make sure that the microcontroller 1 is not destroyed. At step 204, the boot program 24 then issues a write request to write the access criteria to the memory protection configuration register 26. The write request is intercepted by the memory protection logic 9 and processed by the rewrite controller within the memory protection logic 9. The rewrite controller determines if the requested configuration register 26 is in the cleared state. This step is accomplished by reading the register 26 as described above. However, in other embodiments, the rewrite controller may check one or more different flags representing the state of the configuration register 26 (e.g., indicating whether they have been written).

在第3圖的實例中,自步驟206發現被請求的組態暫存器26處於其之清除狀態中,因為微控制器從重設事件啟動。因此,於步驟206,引導程序24被允許將存取標準寫入至被請求的組態暫存器。較佳地,存取標準界定加密資料擷係取自哪個記憶體的區域並指明資料無法再次被讀取或寫入。若加密資料包括私鑰資料的話,讀取保護尤其珍貴。它們亦可寫入保護含有引導程序本身的區域。在此階段,引導程序亦可界定其他的保護區域-例如,用於保護韌體碼被覆寫。因此,這些記憶體區域的保護有效,直到下一次重設為止。 In the example of Figure 3, the requested configuration register 26 is found to be in its cleared state from step 206 because the microcontroller is booted from the reset event. Thus, at step 206, the boot program 24 is allowed to write access criteria to the requested configuration register. Preferably, the access criteria define the area in which the encrypted data is taken from and indicates that the data cannot be read or written again. Read protection is especially valuable if the encrypted data includes private key data. They can also be written to protect areas that contain the bootloader itself. At this stage, the bootloader can also define other protected areas - for example, to protect the firmware code from being overwritten. Therefore, the protection of these memory areas is effective until the next reset.

應可理解一旦這些組態暫存器26被寫入過,它們將不會再處於清除狀態,因此記憶體保護邏輯9的重寫控制器之後將不會允許任何寫入那些組態暫存器26之進一步的請求。依此,組態暫存器26中的資料受保護而不會被變更直到下一次重設。此外,藉由使用硬體重寫控制器來判斷組態暫存器26是否在其清除狀態中,來自任何類型的程序(例如安全或保護) 之所有寫入請求或周邊設備會被拒絕,且無法藉由軟體繞過此機制。 It should be understood that once these configuration registers 26 have been written, they will no longer be in a cleared state, so the memory protection logic 9's rewrite controller will not allow any writes to those configuration registers. 26 further requests. Accordingly, the data in the configuration register 26 is protected from being changed until the next reset. In addition, by using the hardware rewrite controller to determine if the configuration register 26 is in its clear state, all write requests or peripherals from any type of program (eg, security or protection) are rejected and cannot be This mechanism is bypassed by software.

一旦該引導程序24完成寫入存取標準至組態暫存器26,該記憶體保護邏輯9會依據存取標準來管理(亦即准予或拒絕)所有記憶體存取請求。 Once the boot program 24 completes the write access criteria to the configuration register 26, the memory protection logic 9 manages (i.e., grants or denies) all memory access requests in accordance with the access criteria.

於步驟210,自儲存在快閃記憶體13之無保護區域中的碼所運行之第三方軟體程序發送寫入資料至快閃記憶體13的保護區域之寫入請求,接著為讀取來自相同保護區域之資料的請求。由記憶體保護邏輯9攔截並處理這些請求。於步驟212,記憶體保護邏輯9從記憶體保護組態暫存器擷取有關於記憶體的被請求區域之存取標準。存取標準指明允許記憶體之保護區域的哪些操作(例如寫入、讀取或執行)。在此實例中,存取標準指明不允許軟體程序寫入資料至記憶體的保護區域,但允許其從保護區域讀取資料。依此,基於存取標準,記憶體保護邏輯9於步驟214拒絕寫入請求,並於步驟216允許讀取請求。這防止軟體程序非故意或惡意的寫入至記憶體的保護區域(例如分配給韌體資料及碼之保護記憶體位置),藉此增加穩健性及安全性。當拒絕存取時,該記憶體保護邏輯9可觸發「匯流排故障」例外。 In step 210, a third-party software program running from a code stored in the unprotected area of the flash memory 13 sends a write request to write to the protected area of the flash memory 13, followed by reading from the same Request for information on protected areas. These requests are intercepted and processed by the memory protection logic 9. At step 212, the memory protection logic 9 retrieves access criteria for the requested region of the memory from the memory protection configuration register. The access criteria indicate which operations (eg, write, read, or execute) of the protected area of the memory are allowed. In this example, the access criteria indicate that the software program is not allowed to write data to the protected area of the memory, but allows it to read data from the protected area. Accordingly, based on the access criteria, the memory protection logic 9 rejects the write request at step 214 and allows the read request at step 216. This prevents the software program from being unintentionally or maliciously written to the protected area of the memory (eg, the location of the protected memory assigned to the firmware data and code), thereby increasing robustness and security. The memory protection logic 9 can trigger a "bus fault" exception when access is denied.

於步驟220,從儲存在快閃記憶體13的保護區域之碼所運行的安全模式韌體程序發送寫入存取標準至記憶體保護組態暫存器26之請求。該記憶體保護邏輯9攔截此請求。該記憶體保護邏輯9中的重寫控制器判斷被請求的組態暫存器26中之資料與清除狀態不同-這是因為在重設後的啟動順序期間引導程序已經寫入至組態暫存器26。依此,於步驟222,該記憶體保護邏輯9拒絕寫入請求。 At step 220, a request to write the access standard to the memory protection configuration register 26 is sent from the secure mode firmware program running on the code stored in the protected area of the flash memory 13. The memory protection logic 9 intercepts the request. The rewrite controller in the memory protection logic 9 determines that the data in the requested configuration register 26 is different from the clear state - this is because the boot program has been written to the configuration temporarily during the reset sequence after the reset. Memory 26. Accordingly, at step 222, the memory protection logic 9 rejects the write request.

於步驟230,周邊設備15試圖透過直接記憶體存取(DMA)請求從快閃記憶體13的保護區域讀取資料。由記憶體保護邏輯9攔截此請求。於步驟232,記憶體保護邏輯9從記憶體保護組態暫存器26擷取有關於被 請求的記憶體區域之存取標準。該存取標準指明該周邊設備15是否被允許讀取被請求的記憶體區域中之資料。在此實例中,存取標準指明不允許周邊設備15讀取資料並因此記憶體保護邏輯9藉由觸發匯流排故障例外來拒絕該讀取請求。 In step 230, the peripheral device 15 attempts to read data from the protected area of the flash memory 13 through a direct memory access (DMA) request. This request is intercepted by the memory protection logic 9. At step 232, the memory protection logic 9 retrieves access criteria from the memory protection configuration register 26 regarding the requested memory region. The access criteria indicate whether the peripheral device 15 is allowed to read the data in the requested memory region. In this example, the access criteria indicate that the peripheral device 15 is not allowed to read the data and thus the memory protection logic 9 rejects the read request by triggering a bus fault exception.

於步驟240,周邊設備15發送寫入存取標準至記憶體保護組態暫存器26之請求。該記憶體保護邏輯9攔截此請求。該重寫控制器判斷被請求的組態暫存器26中之資料與清除狀態不同-這是因為在重設後的啟動順序期間引導程序已經寫入至組態暫存器26。依此,於步驟242,該記憶體保護邏輯9拒絕該寫入請求。 At step 240, peripheral device 15 sends a request to write access criteria to memory protection configuration register 26. The memory protection logic 9 intercepts the request. The rewrite controller determines that the data in the requested configuration register 26 is different from the clear state - this is because the boot program has been written to the configuration register 26 during the reset sequence after the reset. Accordingly, in step 242, the memory protection logic 9 rejects the write request.

因此,已描述的裝置,其具有可用於多種用途之多功能的記憶體保護機制,且其採用硬體邏輯讓裝置得以在受控的啟動順序期間使用受信任的引導程序來準備存取許可。惡意碼之後將無法變更啟動順序或許可方案。 Thus, the described device has a versatile memory protection mechanism that can be used for a variety of purposes, and it employs hardware logic to allow the device to use a trusted boot program to prepare access permissions during a controlled boot sequence. The boot order or licensing scheme cannot be changed after the malicious code.

Claims (15)

一種可重設微控制器,包含一處理器、一記憶體、一記憶體匯流排及一記憶體保護邏輯,其中:該微控制器配置成每當該微控制器重設時清除一組記憶體保護組態暫存器;該記憶體保護邏輯配置成存取該組記憶體保護組態暫存器並組態成:監視該匯流排上的記憶體存取請求;偵測何時一記憶體存取請求嘗試存取該記憶體之一可保護區域中的一記憶體位址;判斷該記憶體存取請求是否滿足針對該可保護區域之一存取標準,該存取標準取決於儲存在該組記憶體保護組態暫存器中之資料;當未滿足該存取標準時阻擋該記憶體存取請求;以及防止寫入至任何記憶體保護組態暫存器,除非該記憶體保護組態暫存器處於一清除狀態中。  A resettable microcontroller comprising a processor, a memory, a memory bus, and a memory protection logic, wherein: the microcontroller is configured to clear a set of memory each time the microcontroller is reset Protecting the configuration register; the memory protection logic is configured to access the set of memory protection configuration registers and configured to: monitor memory access requests on the bus; detect when a memory is stored Retrieving a request to access a memory address in a protected area of the memory; determining whether the memory access request satisfies an access criterion for the one of the protectable areas, the access criterion being dependent on the group being stored in the group Memory protection configuration data in the scratchpad; block the memory access request when the access standard is not met; and prevent writing to any memory protection configuration register unless the memory protection configuration is temporarily The memory is in a cleared state.   如請求項1所述之可重設微控制器,其中該記憶體保護邏輯包含一重寫控制器,其配置成,當有寫入至一記憶體保護組態暫存器之請求時,判斷包含在該記憶體保護組態暫存器內的該資料是否與該清除值不同,並且當有差別時阻擋該寫入請求。  The resettable microcontroller of claim 1, wherein the memory protection logic includes a rewrite controller configured to determine when there is a request to write to a memory protection configuration register Whether the material contained in the memory protection configuration register is different from the clear value, and blocks the write request when there is a difference.   如請求項2所述之可重設微控制器,其中該記憶體保護邏輯亦配置成存取一組非安全模式寫入保護的記憶體保護組態暫存器,其中該重寫控制器組態成當該處理器不在一安全模式中時防止寫入至該等非安全模式寫入保護的記憶體保護組態暫存器,除非該等非安全模式寫入保護的記 憶體保護組態暫存器處於一清除狀態中。  The resettable microcontroller of claim 2, wherein the memory protection logic is further configured to access a set of memory protection configuration registers of non-secure mode write protection, wherein the rewrite controller group The memory protection configuration register is prevented from being written to the non-secure mode write protection when the processor is not in a secure mode, unless the non-safe mode write protection memory protection configuration is temporarily suspended. The memory is in a cleared state.   如請求項3所述之可重設微控制器,其中該微控制器配置成每當該微控制器重設時清除該組非安全模式寫入保護的記憶體保護組態暫存器。  The resettable microcontroller of claim 3, wherein the microcontroller is configured to clear the set of non-secure mode write protected memory protection configuration registers each time the microcontroller is reset.   如上述請求項中任一項所述之可重設微控制器,其中該記憶體保護邏輯組態成藉由觸發一匯流排故障例外來阻擋一記憶體存取請求。  A resettable microcontroller as claimed in any one of the preceding claims, wherein the memory protection logic is configured to block a memory access request by triggering a bus fault exception.   如上述請求項中任一項所述之可重設微控制器,其中該記憶體保護邏輯組態成偵測來自任何匯流排主控器的一記憶體存取請求。  A resettable microcontroller as claimed in any of the preceding claims, wherein the memory protection logic is configured to detect a memory access request from any bus master.   如上述請求項中任一項所述之可重設微控制器,其中:該記憶體的一預定位址儲存一引導程序(bootloader),其包含用以寫入存取標準至一或多個記憶體保護組態暫存器之指令;以及該處理器配置成在執行任何其他指令之前執行該引導程序。  A resettable microcontroller as claimed in any one of the preceding claims, wherein: a predetermined address of the memory stores a bootloader including one or more The memory protects the instructions of the configuration register; and the processor is configured to execute the boot program before executing any other instructions.   如請求項7所述之可重設微控制器,其中該引導程序配置成從該可保護區域讀取加密資料並且在一啟動程序期間使用其來驗證該微控制器的完整性,並因此,一旦使用過該加密資料後,設定一存取標準來防止對該加密資料的任何進一步的讀取或寫入存取,直到該微控制器下一次重設。  A resettable microcontroller as claimed in claim 7, wherein the boot program is configured to read the encrypted material from the protectable area and use it during a boot procedure to verify the integrity of the microcontroller, and thus, Once the encrypted material has been used, an access standard is set to prevent any further read or write access to the encrypted material until the next reset by the microcontroller.   如上述請求項中任一項所述之可重設微控制器,其中該等記憶體保護組態暫存器包含依電性記憶體。  The resettable microcontroller of any one of the preceding claims, wherein the memory protection configuration registers comprise electrical memory.   如上述請求項中任一項所述之可重設微控制器,其中該記憶體保護邏輯包含與該處理器的邏輯閘不同的邏輯閘。  A resettable microcontroller as claimed in any of the preceding claims, wherein the memory protection logic comprises a logic gate different from a logic gate of the processor.   如上述請求項中任一項所述之可重設微控制器,其中該存取標準指明或判斷針對一可保護區域之被允許的記憶體存取請求的類型。  A resettable microcontroller as claimed in any of the preceding claims, wherein the access criteria indicates or determines the type of allowed memory access request for a protectable area.   如上述請求項中任一項所述之可重設微控制器,其中該存取標準要求該處理器或微控制器處於一組特定狀態中之一者中,或者該存取請求係來 自一外部除錯器,以允許對該可保護區域的存取。  A resettable microcontroller as claimed in any one of the preceding claims, wherein the access standard requires the processor or microcontroller to be in one of a set of specific states, or the access request is from a An external debugger to allow access to the protected area.   如上述請求項中任一項所述之可重設微控制器,其中藉由該組記憶體保護組態暫存器中所儲存的一或多個值來界定該可保護區域。  A resettable microcontroller as claimed in any of the preceding claims, wherein the protectable area is defined by one or more values stored in the set of memory protection configuration registers.   如請求項13所述之可重設微控制器,其中該組記憶體保護組態暫存器儲存界定該記憶體中複數個可保護區域的值,以及針對每一個可保護區域之一或多個存取標準。  The resettable microcontroller of claim 13, wherein the set of memory protection configuration registers stores values defining a plurality of protectable regions in the memory, and one or more for each of the protectable regions Access standards.   一種包含如上述請求項中任一項所述之可重設微控制器的積體無線電裝置。  An integrated radio device comprising a resettable microcontroller as claimed in any of the preceding claims.  
TW106142391A 2016-12-05 2017-12-04 Memory protection logic TW201821998A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1620684.9A GB2557305A (en) 2016-12-05 2016-12-05 Memory protection logic
??1620684.9 2016-12-05

Publications (1)

Publication Number Publication Date
TW201821998A true TW201821998A (en) 2018-06-16

Family

ID=58159856

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106142391A TW201821998A (en) 2016-12-05 2017-12-04 Memory protection logic

Country Status (3)

Country Link
GB (1) GB2557305A (en)
TW (1) TW201821998A (en)
WO (1) WO2018104711A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI688861B (en) * 2018-09-18 2020-03-21 新唐科技股份有限公司 Data processing apparatus and data protection method thereof
TWI777842B (en) * 2021-04-06 2022-09-11 聯發科技股份有限公司 Data protection method and storage device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB201810533D0 (en) * 2018-06-27 2018-08-15 Nordic Semiconductor Asa Hardware protection of files in an intergrated-circuit device
CN109739673B (en) * 2018-12-05 2023-05-09 新华三技术有限公司合肥分公司 Register write-in protection method, logic device and communication equipment
GB2596103B (en) 2020-06-17 2022-06-15 Graphcore Ltd Dual level management
GB2596102B (en) 2020-06-17 2022-06-29 Graphcore Ltd Processing device comprising control bus
WO2022157467A1 (en) * 2021-01-19 2022-07-28 Cirrus Logic International Semiconductor Limited Integrated circuit with asymmetric access privileges
US11809334B2 (en) * 2021-01-19 2023-11-07 Cirrus Logic Inc. Integrated circuit with asymmetric access privileges

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5778444A (en) * 1996-05-06 1998-07-07 Motorola, Inc. Method and apparatus for reset-sensitive and controlled register write accesses in a data processing system with user and test modes
EP1276033B1 (en) * 2001-07-10 2012-03-14 Trident Microsystems (Far East) Ltd. Memory device with data protection in a processor
US7313705B2 (en) * 2002-01-22 2007-12-25 Texas Instrument Incorporated Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory
GB2402785B (en) * 2002-11-18 2005-12-07 Advanced Risc Mach Ltd Processor switching between secure and non-secure modes
US20080263256A1 (en) * 2007-04-20 2008-10-23 Motorola, Inc. Logic Device with Write Protected Memory Management Unit Registers
GB2513727B (en) * 2012-06-27 2015-06-24 Nordic Semiconductor Asa Memory protection
CN102929674B (en) * 2012-11-02 2016-02-10 威盛电子股份有限公司 Electronic installation and starting-up method
US9875358B2 (en) * 2014-06-20 2018-01-23 Microsoft Technology Licensing, Llc Preventing code modification after boot

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI688861B (en) * 2018-09-18 2020-03-21 新唐科技股份有限公司 Data processing apparatus and data protection method thereof
CN110908932A (en) * 2018-09-18 2020-03-24 新唐科技股份有限公司 Data processing apparatus and data protection method thereof
US11455401B2 (en) 2018-09-18 2022-09-27 Nuvoton Technology Corporation Data-processing device and data-protection method thereof
TWI777842B (en) * 2021-04-06 2022-09-11 聯發科技股份有限公司 Data protection method and storage device

Also Published As

Publication number Publication date
WO2018104711A1 (en) 2018-06-14
GB2557305A (en) 2018-06-20
GB201620684D0 (en) 2017-01-18

Similar Documents

Publication Publication Date Title
TW201821998A (en) Memory protection logic
JP6306578B2 (en) Memory protection device and protection method
US8132254B2 (en) Protecting system control registers in a data processing apparatus
US9389793B2 (en) Trusted execution and access protection for embedded memory
US7444668B2 (en) Method and apparatus for determining access permission
EP3238070B1 (en) Memory protection with non-readable pages
US11675526B2 (en) Memory-access control
WO2011076464A1 (en) Method and system for protecting an operating system against unauthorized modification
US11188321B2 (en) Processing device and software execution control method
CN110020561B (en) Semiconductor device and method of operating semiconductor device
US11188640B1 (en) Platform firmware isolation
Vaduva et al. Observations over SPROBES mechanism on the TrustZone architecture
JP2003223362A (en) Memory protecting circuit
CN110569205A (en) Security system single chip and method of operation thereof
JP2011141888A (en) Single chip microcomputer