CA2010069A1 - Lock for register data in computer systems - Google Patents
Lock for register data in computer systemsInfo
- Publication number
- CA2010069A1 CA2010069A1 CA 2010069 CA2010069A CA2010069A1 CA 2010069 A1 CA2010069 A1 CA 2010069A1 CA 2010069 CA2010069 CA 2010069 CA 2010069 A CA2010069 A CA 2010069A CA 2010069 A1 CA2010069 A1 CA 2010069A1
- Authority
- CA
- Canada
- Prior art keywords
- data
- address
- registers
- function code
- memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 230000006870 function Effects 0.000 claims abstract description 36
- 239000013598 vector Substances 0.000 claims abstract description 7
- 238000000034 method Methods 0.000 claims description 10
- 230000005540 biological transmission Effects 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 6
- 230000002401 inhibitory effect Effects 0.000 claims description 5
- 230000002093 peripheral effect Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 230000002939 deleterious effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001902 propagating effect Effects 0.000 description 1
Landscapes
- Detection And Correction Of Errors (AREA)
Abstract
ABSTRACT OF THE DISCLOSURE
A locking circuit controls the flow of data to registers of a computer element. The related computer generates an alert signal prior to supplying the address, function code and data for storage in the registers. The alert signal is one or more combinations of address and function code which does not occur in the normal functioning of the computer system. One candidate for an alert signal includes a command to write to portions of the processor memory which are known to be read-only memory. one such portion of the processor memory includes the boot vectors. A further candidate includes a command to write to instruction space. When the lock recognizes the alert signal, it enables the transfer of data to the protected registers during the next predetermined number of machine cycles, and then inhibits further transfer pending receipt of the next alert signal.
A locking circuit controls the flow of data to registers of a computer element. The related computer generates an alert signal prior to supplying the address, function code and data for storage in the registers. The alert signal is one or more combinations of address and function code which does not occur in the normal functioning of the computer system. One candidate for an alert signal includes a command to write to portions of the processor memory which are known to be read-only memory. one such portion of the processor memory includes the boot vectors. A further candidate includes a command to write to instruction space. When the lock recognizes the alert signal, it enables the transfer of data to the protected registers during the next predetermined number of machine cycles, and then inhibits further transfer pending receipt of the next alert signal.
Description
:
' ~ :' .' ' ~
.
- LOCK FOR REGISTER DATA IN COMPUTER SYSTEMS
BACKGROUND OF THE INVENTION
The present invention relates to computers.
A computer such as, for example, a microprocessor, conventionally includes a central processing unit (CPU) plus, among other things, one or more internal or external controllers. The controllers include registers within which data is stored, useable by the CPU, or other elements within the computer for performing their tasks.
The data stored in the registers of some controIlers is so critical that, if it is corrupted ~,- .
by a rampant write, the entire operation of significant portions of the computer system can be -~ 15 adversely affected. A rampant write is one that is ~ out of control and capable of writing incorrect data, `~ or nonsense, to one or more of the registers in the controller. Incorrect data can include correct data stored at incorrect addresses or incorrect data stored at correct addresses. When a rampant write occurs, the errors produced by corrupted data in one or more registers can propagate in ways that defies technical detective work to determine its cause.
.
", ~
~ . .
~ 10(:~69 OBJECTS AND SUMMARY OF THE INVENTION
It is an object of the invention to protect critical registers from the writing of incorrect data.
It is a further object of the invention to provide a lock protecting registers in a controller from the writing of incorrect data, except in response to a specific combination of signals which are statistically highly unlikely to occur by chance.
It is a further object of the invention to -~ 10 provide a lock protecting registers in a controller from new data until a designated unlocking signal is received. Then the lock monitors the subsequent data transmission. At the conclusion of the data transmission, the lock resumes its locked condition 15 ~ until~again opened by the designated unlocking signal.
Briefly stated, the present invention provides a locking circuit which controls the flow of data to registers of a computer element. The related computer generates an alert signal prior to supplying the address, function code and data for storage in the registers. The alert signal is one or more combinations of address and function code which do not occur in the normal functioning of the computer system. One candidate for an alert signal includes a command to write to portions of the processor memory which are known to be read-only memory. One such portion of the processor memory includes the boot vectors. A further candidate includes a command to 2~)~0069 write to instruction space. When the lock recognizes the alert signal, it enables the transfer of data to the protected registers during the next predetermined number of machine cycles, and then inhibits further transfer pending receipt of the next alert signal.
According to an embodiment of the invention, there is provided apparatus for preventing corruption of data stored in registers, comprising: means for producing address, function code and data signals, a lock, logic means for controlling transmission of the data signals to the registers, the lock including means for selectively enabling the logic means in response to a particular combination of at least one of the address and function code signals, the lock including means for maintaining the logic means enabled only long enough to permit the transmission, and then for inhibiting the logic means pending receipt of a next one of the particular combination, and the particular combination being a combination that does not occur during normal operation of the means for producing.
According to a feature of the invention, there is provided a method for preventing corruption of data stored in registers, comprising: producing address, function code and data signals, selectively enabling storage of data in the registers in~response to a particular combination of at least one of the address and function code signals, inhibiting the storage pending receipt of a next one of the particular combination, and the particular combination being a combination that does not occur during normal operation of the means for producing.
~:- . ' .
26~1~0~)6~
The above, and other objects, features and advantages of the present invention will become apparent from the following description read in conjunction with the accompanying drawings, in which like reference numerals designate the same elements.
BRIEF DESCRIPTION OF THE DRAWINGS -Fig. 1 is a simplified block diagram of a computer system according to the prior art.
Fig. 2 is a simplified block diagram of a computer system including a lock and a locked controller according to an embodiment of the invention.
Fig. 3 is a simplified logic diagram of the lock of Fig. 2.
~; 15 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Referring first to Fig. 1, there is shown, generally at 10, a computer system according to an embodiment of the invention. A central processing unit 12 receives data from a data line 14 connected to a controller 16,~ as we~ a~s to and from other peripherals 18 making up the remainder of computer system 10. It will be assumed that the other peripherals 18 are completely conventional, and thus require no further discussion.
Central processing unit 12 generates three kinds of signals, namely data signal, address signals, and .
2~)~L006~ ~
function code signals. An address signal indicates an address to which data is to ~e written, or from which data is to be read. A function code indicates which function (read, write or any other) is to be perf write signal is normally paired with a data signal containing the data to be written.
Central processing unit 12 provides data signals to controller 16 on a data line 20. In addition, central processing unit 12 provides address signals to controller 16 on a line 22, indicating the location from which data is to be read, or to which data is to be written. Also, line 22 conveys a function code to controller 16 indicating which function (reading or writing) is required with respect to the specified address. Other function codes may exist, an advantage may be taken of the~ in the manner described for read and write function ~odes. Address, data and function-code signals are also transmitted to, and data signals are received from, other peripherals 18, but such signals are not of concern to the present invention.
The problem to be solved is the possibility of corrupting register data in controlIer 16. That is, controller 16 normally contains data that was previously received on data line 20 from central processing unit 12, or from elsewhere under control of central processing unit 12, that is used to determine the operations that controller 16 performs.
When such data is received, at least part of such data rewrites registers (not shown) in controller 16.
I have noted that, when registers in a controller 16 are rewritten with data containing errors, such .
2~ 069 : -.
errors are capable of propagating, thus causing the writing of further incorrect data to registers originally receiving corrupted dated, as well as to -~
additional register. As a rPsult, a failure of computer system 10 can occur whose original cause is partly or totally obscured by the subsequent corrupted contents of the registers in controller 16.
There are many potential sources of corrupted data. For example, one bit changed by noise in central processing unit 12 can change any one of the three types of signals produced. If, for example, the error occurs in the address portion of the signal on line 22, data intended for other peripherals 18 may be written to an address in controller 16.
Another source of error could be an incorrect function code on line 22. For example, the correct function code may be a command to read data from a particular address in controller 16. If a "read"
function code, for an address in controller 16, is corrupted to a "write" function code, instead of reading data from that address, an attempt is made to write data to that address. The data which is incorrectly written following such an error may be anything including, for example, a string of zeros, a string of ones, a noise string, or a string of whatever data was produced in a prior cycle by central processing unit 12 and which coincidentally exists on data line 20.
Although the present invention need not be limited by the particular function of controller 16, for completeness, one could consider that controller 16 is a device which controls, for example, a X~ 006~3 high-speed cache memory, a disk drive or a memory.
It is well known that microprocessor chips of a modern version of central processing unit 12 such as, for example, Motorola 68020 or 68030 chips, contain registers in which can be stored data for control of internal and/or external functions. The present invention is indifferent to whether the registers to be protected are located within central processing unit 12, or external to central processing unit 12.
Referring now to Fig. 2, a computer system 24 is shown, according to an embodiment of the present invention. Data signals on data line 20 are connected to one input of an AND gate 26, rather than directly to controller 16, as in the prior-art embodiment. A
lock circuit 28 receives all address and function code signals on line 22 in parallel with controller 16 and other peripherals 18. An output of lock circuit 28 is connected on an enable line 30 to a second input of AND gate 26. As in the prior-art embodiment, data from controller 16 is connected to an input of central processing unit 12 on data line 14.
Data line 20 may be a single pair of wires carrying serial data or, alternatively, may be a plurality of parallel wires consisting of, for example, 8l 16 or 32 conquctors. In the case of parallel data, AND gate 26 operates to enable or inhibit more than one signal line. In addition, although AND gate 26 is shown as an isolated element, it may, in fact, be integrated as an enable mechanism in controller 16. One skilled in the art is well aware that the enable function can be implemented ` ;~
2~0069 :
using hardware elements other than AND gates. The present invention is intended to cover all such implementations.
In operation, lock circuit 28 normally applies an inhibit signal on enable line 30 to its input of AND gate 26. Accordingly, AND gate 26 normally remains inhibited, whereby registers controller 16 remain unchanged, and thus uncorrupted.
When it is desired to change data in controller lo 16, central processing unit 12 is programmed to produce an alert signal having a unique combination of address and function codes that are recognized by lock circuit 28 a enabling the generation of an unlocking enable signal. Lock circuit 28 then produces an enable signal on enable line 30 which enables the transfer of data during the next operating cycle of central processing unit 12. Upon completion of the transfer of data, lock circuit 28 reverts to its inhibiting condition, thus preventing the transfer of data through AND gate 26 into controller 16.
.
In some systems, a data transfer into controller 16 takes place during a single cycle of central processing unit 12. In other systems, two, four or more cycles of central processing unit 12 are required to complete a transfer. This latter situation can occur when the number of bits transferred in a single cycle is less that the total word length that is to be transferred. For example, if the length of a word to be transferred is 32 bits, and the number of bits which can be transferred during a cycle is 8, then four cycles are required to -Z~1.0~69 transmit the 32-bit word. This situation is quite common in systems having 32-bit internal data paths within chips, but 8-bit or 16-bit data paths between chips. When more than one cycle is required for a complete transfer of data to controller 16, the enable signal on enable line 30 remains active for the required number of cycles, and then is removed.
To provide a very high level of protection against accidentally writing incorrect, or nonsense, data to controller 16, a combination of address and function code should be chosen which is unique to the alert signal. Optimally, the alert signal should be one which is never generated by central processing unit 12 for any other purpose. Further, such a lS combination should be innocent of peril to the remainder of the system. Such a combination is available, but has not been uied by others. ;
Before power is applied, most microprocessors, including those listed above, contain nothing but an extremely fundamental program in read-only memory ~ROM) which tells the microprocessor how to find the remainder of the information that it requires to begin operation. In the early days of digital computers, this process was likened to "pulling oneself up by ones bootstraps". From this early usage, the;initial steps pf bringing a computer into operation is called a "bootstrap" process.
Locations in the memory of a typical digital processor are identified by addresses, beginning with zero, and continuing to a maximum number whose value depends on the memory size. The addresses in the vicinity of zero conventionally refer to those in ROM
26~006~3 that are used for the bootstrap process. These addresses are known as the boot vectors.
It is well known that read-only memory is usually non-volatile, and cannot be changed by normal write commands during the normal operation of a computer. It is thus highly unlikely that central processing unit 12 would ever generate a signal indicating an address in the boot vectors, combined with a function code indicating a write function. However, since the data in the boot vectors is non-volatile and cannot be changed by normal write commands, an attempt to write to the boot vectors has no effect. Thus, such a combination of signals can be generated in central 15 processing unit 12 for the specific purpose of -~
triggering an alert signal, without deleterious effect elsewhere in computer system 24. Thus, this combination of signals is considered to represent the preferred embodiment of the invention.
Those skilled in the art are well aware of techniques for forcing the generation of a specific address and function code. Thus, it is considered redundant to further detail such techniques.
~ A further candidate for an alert signal includes an address in the instruction space in central processing unit 12,~ accompanied by a function code indicating a write cycle. As is well known, such a combination does not occur naturally, and causes no harm.
Other combinations of addresses and function codes, which do not occur for any other rational purpose, may be employed as an alert signal. For 2~0~69 example, both of the above combinations may be used together, or sequentially, to serve as the alert signal.
A not-shown memory-management unit (MMU) is a well-known device whose intended purpose is to protect memory devices in central processing unit 12, as well as controller 16 and other peripherals 18.
One might consider that the addition of a memory-management unit to the prior-art system of Fig. 1 would eliminate the need for the lock of the present invention. In fact, however, a memory-management unit on data stored in registers in a manner analogous to the manner in which data is stored in register in controller 16 (Figs. 1 and 2).
The lock circuit 28 of the present invention may be profitably employed to prevent corruption of register data in a memory-management unit in exactly the same ~ ;
way that it prevents corruption of data in controller 16.
Lock circuit 28 may be implemented using any convenient technology. Referring to Fig. 3, for example, lock circuit 28 may ~ontain a decoder 32 receiving all of the signals on line 22. As is well known, decoder 32 may be hard-wired, or programmed, -to respond to one or more particular combinations of input, and to remain unresponsive to all others.
Thus, decoder 32 is programmed to produce a trigger signal on a line 34 only in response to the particular one or more specific alert signals on line 22. The trigger signal is connected to an input of a flip flop 36. The direct output Q of flip flop 36 is connected to enable line 30 as the enable signal ~ ;
~, ..:. : , :
26~ V69 required to permit transmission of data through AND
gate 26 to controller 16 (Fig. 2). The signals on line 22 are also connect to a reset input R of flip flop 36 for resetting flip flop 36 at the end of the next address and function code appearing on line 22 following the alert signal. In this manner, AND
gate 26 is enable during the single cycle following the receipt of an alert signal and is then inhibited pending receipt of a further alert signal.
It should be clear to one skilled in the art that computer system 24 could be implemented using -~
any convenient technology. In particular, computer system 24 and AND gate 26 could be implemented using discrete logic components as shown. It is also within the contemplation of the inventor that these elements could be implemented as logic processes within a progra D ed digital computer. Both ;
possibilities, as well as others, should be considered to fall within the spirit and scope of the invention.
Having described preferred embodiments of the invention with reference to the accompanying ~ -drawings, it is to be understood that the invention is not limited to those precise embodiments, and that various changes and modifications may be effected therein by one skillçd in the art without dqparting from the scope or spirit of the invention as defined in the appended claims.
, ,
' ~ :' .' ' ~
.
- LOCK FOR REGISTER DATA IN COMPUTER SYSTEMS
BACKGROUND OF THE INVENTION
The present invention relates to computers.
A computer such as, for example, a microprocessor, conventionally includes a central processing unit (CPU) plus, among other things, one or more internal or external controllers. The controllers include registers within which data is stored, useable by the CPU, or other elements within the computer for performing their tasks.
The data stored in the registers of some controIlers is so critical that, if it is corrupted ~,- .
by a rampant write, the entire operation of significant portions of the computer system can be -~ 15 adversely affected. A rampant write is one that is ~ out of control and capable of writing incorrect data, `~ or nonsense, to one or more of the registers in the controller. Incorrect data can include correct data stored at incorrect addresses or incorrect data stored at correct addresses. When a rampant write occurs, the errors produced by corrupted data in one or more registers can propagate in ways that defies technical detective work to determine its cause.
.
", ~
~ . .
~ 10(:~69 OBJECTS AND SUMMARY OF THE INVENTION
It is an object of the invention to protect critical registers from the writing of incorrect data.
It is a further object of the invention to provide a lock protecting registers in a controller from the writing of incorrect data, except in response to a specific combination of signals which are statistically highly unlikely to occur by chance.
It is a further object of the invention to -~ 10 provide a lock protecting registers in a controller from new data until a designated unlocking signal is received. Then the lock monitors the subsequent data transmission. At the conclusion of the data transmission, the lock resumes its locked condition 15 ~ until~again opened by the designated unlocking signal.
Briefly stated, the present invention provides a locking circuit which controls the flow of data to registers of a computer element. The related computer generates an alert signal prior to supplying the address, function code and data for storage in the registers. The alert signal is one or more combinations of address and function code which do not occur in the normal functioning of the computer system. One candidate for an alert signal includes a command to write to portions of the processor memory which are known to be read-only memory. One such portion of the processor memory includes the boot vectors. A further candidate includes a command to 2~)~0069 write to instruction space. When the lock recognizes the alert signal, it enables the transfer of data to the protected registers during the next predetermined number of machine cycles, and then inhibits further transfer pending receipt of the next alert signal.
According to an embodiment of the invention, there is provided apparatus for preventing corruption of data stored in registers, comprising: means for producing address, function code and data signals, a lock, logic means for controlling transmission of the data signals to the registers, the lock including means for selectively enabling the logic means in response to a particular combination of at least one of the address and function code signals, the lock including means for maintaining the logic means enabled only long enough to permit the transmission, and then for inhibiting the logic means pending receipt of a next one of the particular combination, and the particular combination being a combination that does not occur during normal operation of the means for producing.
According to a feature of the invention, there is provided a method for preventing corruption of data stored in registers, comprising: producing address, function code and data signals, selectively enabling storage of data in the registers in~response to a particular combination of at least one of the address and function code signals, inhibiting the storage pending receipt of a next one of the particular combination, and the particular combination being a combination that does not occur during normal operation of the means for producing.
~:- . ' .
26~1~0~)6~
The above, and other objects, features and advantages of the present invention will become apparent from the following description read in conjunction with the accompanying drawings, in which like reference numerals designate the same elements.
BRIEF DESCRIPTION OF THE DRAWINGS -Fig. 1 is a simplified block diagram of a computer system according to the prior art.
Fig. 2 is a simplified block diagram of a computer system including a lock and a locked controller according to an embodiment of the invention.
Fig. 3 is a simplified logic diagram of the lock of Fig. 2.
~; 15 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Referring first to Fig. 1, there is shown, generally at 10, a computer system according to an embodiment of the invention. A central processing unit 12 receives data from a data line 14 connected to a controller 16,~ as we~ a~s to and from other peripherals 18 making up the remainder of computer system 10. It will be assumed that the other peripherals 18 are completely conventional, and thus require no further discussion.
Central processing unit 12 generates three kinds of signals, namely data signal, address signals, and .
2~)~L006~ ~
function code signals. An address signal indicates an address to which data is to ~e written, or from which data is to be read. A function code indicates which function (read, write or any other) is to be perf write signal is normally paired with a data signal containing the data to be written.
Central processing unit 12 provides data signals to controller 16 on a data line 20. In addition, central processing unit 12 provides address signals to controller 16 on a line 22, indicating the location from which data is to be read, or to which data is to be written. Also, line 22 conveys a function code to controller 16 indicating which function (reading or writing) is required with respect to the specified address. Other function codes may exist, an advantage may be taken of the~ in the manner described for read and write function ~odes. Address, data and function-code signals are also transmitted to, and data signals are received from, other peripherals 18, but such signals are not of concern to the present invention.
The problem to be solved is the possibility of corrupting register data in controlIer 16. That is, controller 16 normally contains data that was previously received on data line 20 from central processing unit 12, or from elsewhere under control of central processing unit 12, that is used to determine the operations that controller 16 performs.
When such data is received, at least part of such data rewrites registers (not shown) in controller 16.
I have noted that, when registers in a controller 16 are rewritten with data containing errors, such .
2~ 069 : -.
errors are capable of propagating, thus causing the writing of further incorrect data to registers originally receiving corrupted dated, as well as to -~
additional register. As a rPsult, a failure of computer system 10 can occur whose original cause is partly or totally obscured by the subsequent corrupted contents of the registers in controller 16.
There are many potential sources of corrupted data. For example, one bit changed by noise in central processing unit 12 can change any one of the three types of signals produced. If, for example, the error occurs in the address portion of the signal on line 22, data intended for other peripherals 18 may be written to an address in controller 16.
Another source of error could be an incorrect function code on line 22. For example, the correct function code may be a command to read data from a particular address in controller 16. If a "read"
function code, for an address in controller 16, is corrupted to a "write" function code, instead of reading data from that address, an attempt is made to write data to that address. The data which is incorrectly written following such an error may be anything including, for example, a string of zeros, a string of ones, a noise string, or a string of whatever data was produced in a prior cycle by central processing unit 12 and which coincidentally exists on data line 20.
Although the present invention need not be limited by the particular function of controller 16, for completeness, one could consider that controller 16 is a device which controls, for example, a X~ 006~3 high-speed cache memory, a disk drive or a memory.
It is well known that microprocessor chips of a modern version of central processing unit 12 such as, for example, Motorola 68020 or 68030 chips, contain registers in which can be stored data for control of internal and/or external functions. The present invention is indifferent to whether the registers to be protected are located within central processing unit 12, or external to central processing unit 12.
Referring now to Fig. 2, a computer system 24 is shown, according to an embodiment of the present invention. Data signals on data line 20 are connected to one input of an AND gate 26, rather than directly to controller 16, as in the prior-art embodiment. A
lock circuit 28 receives all address and function code signals on line 22 in parallel with controller 16 and other peripherals 18. An output of lock circuit 28 is connected on an enable line 30 to a second input of AND gate 26. As in the prior-art embodiment, data from controller 16 is connected to an input of central processing unit 12 on data line 14.
Data line 20 may be a single pair of wires carrying serial data or, alternatively, may be a plurality of parallel wires consisting of, for example, 8l 16 or 32 conquctors. In the case of parallel data, AND gate 26 operates to enable or inhibit more than one signal line. In addition, although AND gate 26 is shown as an isolated element, it may, in fact, be integrated as an enable mechanism in controller 16. One skilled in the art is well aware that the enable function can be implemented ` ;~
2~0069 :
using hardware elements other than AND gates. The present invention is intended to cover all such implementations.
In operation, lock circuit 28 normally applies an inhibit signal on enable line 30 to its input of AND gate 26. Accordingly, AND gate 26 normally remains inhibited, whereby registers controller 16 remain unchanged, and thus uncorrupted.
When it is desired to change data in controller lo 16, central processing unit 12 is programmed to produce an alert signal having a unique combination of address and function codes that are recognized by lock circuit 28 a enabling the generation of an unlocking enable signal. Lock circuit 28 then produces an enable signal on enable line 30 which enables the transfer of data during the next operating cycle of central processing unit 12. Upon completion of the transfer of data, lock circuit 28 reverts to its inhibiting condition, thus preventing the transfer of data through AND gate 26 into controller 16.
.
In some systems, a data transfer into controller 16 takes place during a single cycle of central processing unit 12. In other systems, two, four or more cycles of central processing unit 12 are required to complete a transfer. This latter situation can occur when the number of bits transferred in a single cycle is less that the total word length that is to be transferred. For example, if the length of a word to be transferred is 32 bits, and the number of bits which can be transferred during a cycle is 8, then four cycles are required to -Z~1.0~69 transmit the 32-bit word. This situation is quite common in systems having 32-bit internal data paths within chips, but 8-bit or 16-bit data paths between chips. When more than one cycle is required for a complete transfer of data to controller 16, the enable signal on enable line 30 remains active for the required number of cycles, and then is removed.
To provide a very high level of protection against accidentally writing incorrect, or nonsense, data to controller 16, a combination of address and function code should be chosen which is unique to the alert signal. Optimally, the alert signal should be one which is never generated by central processing unit 12 for any other purpose. Further, such a lS combination should be innocent of peril to the remainder of the system. Such a combination is available, but has not been uied by others. ;
Before power is applied, most microprocessors, including those listed above, contain nothing but an extremely fundamental program in read-only memory ~ROM) which tells the microprocessor how to find the remainder of the information that it requires to begin operation. In the early days of digital computers, this process was likened to "pulling oneself up by ones bootstraps". From this early usage, the;initial steps pf bringing a computer into operation is called a "bootstrap" process.
Locations in the memory of a typical digital processor are identified by addresses, beginning with zero, and continuing to a maximum number whose value depends on the memory size. The addresses in the vicinity of zero conventionally refer to those in ROM
26~006~3 that are used for the bootstrap process. These addresses are known as the boot vectors.
It is well known that read-only memory is usually non-volatile, and cannot be changed by normal write commands during the normal operation of a computer. It is thus highly unlikely that central processing unit 12 would ever generate a signal indicating an address in the boot vectors, combined with a function code indicating a write function. However, since the data in the boot vectors is non-volatile and cannot be changed by normal write commands, an attempt to write to the boot vectors has no effect. Thus, such a combination of signals can be generated in central 15 processing unit 12 for the specific purpose of -~
triggering an alert signal, without deleterious effect elsewhere in computer system 24. Thus, this combination of signals is considered to represent the preferred embodiment of the invention.
Those skilled in the art are well aware of techniques for forcing the generation of a specific address and function code. Thus, it is considered redundant to further detail such techniques.
~ A further candidate for an alert signal includes an address in the instruction space in central processing unit 12,~ accompanied by a function code indicating a write cycle. As is well known, such a combination does not occur naturally, and causes no harm.
Other combinations of addresses and function codes, which do not occur for any other rational purpose, may be employed as an alert signal. For 2~0~69 example, both of the above combinations may be used together, or sequentially, to serve as the alert signal.
A not-shown memory-management unit (MMU) is a well-known device whose intended purpose is to protect memory devices in central processing unit 12, as well as controller 16 and other peripherals 18.
One might consider that the addition of a memory-management unit to the prior-art system of Fig. 1 would eliminate the need for the lock of the present invention. In fact, however, a memory-management unit on data stored in registers in a manner analogous to the manner in which data is stored in register in controller 16 (Figs. 1 and 2).
The lock circuit 28 of the present invention may be profitably employed to prevent corruption of register data in a memory-management unit in exactly the same ~ ;
way that it prevents corruption of data in controller 16.
Lock circuit 28 may be implemented using any convenient technology. Referring to Fig. 3, for example, lock circuit 28 may ~ontain a decoder 32 receiving all of the signals on line 22. As is well known, decoder 32 may be hard-wired, or programmed, -to respond to one or more particular combinations of input, and to remain unresponsive to all others.
Thus, decoder 32 is programmed to produce a trigger signal on a line 34 only in response to the particular one or more specific alert signals on line 22. The trigger signal is connected to an input of a flip flop 36. The direct output Q of flip flop 36 is connected to enable line 30 as the enable signal ~ ;
~, ..:. : , :
26~ V69 required to permit transmission of data through AND
gate 26 to controller 16 (Fig. 2). The signals on line 22 are also connect to a reset input R of flip flop 36 for resetting flip flop 36 at the end of the next address and function code appearing on line 22 following the alert signal. In this manner, AND
gate 26 is enable during the single cycle following the receipt of an alert signal and is then inhibited pending receipt of a further alert signal.
It should be clear to one skilled in the art that computer system 24 could be implemented using -~
any convenient technology. In particular, computer system 24 and AND gate 26 could be implemented using discrete logic components as shown. It is also within the contemplation of the inventor that these elements could be implemented as logic processes within a progra D ed digital computer. Both ;
possibilities, as well as others, should be considered to fall within the spirit and scope of the invention.
Having described preferred embodiments of the invention with reference to the accompanying ~ -drawings, it is to be understood that the invention is not limited to those precise embodiments, and that various changes and modifications may be effected therein by one skillçd in the art without dqparting from the scope or spirit of the invention as defined in the appended claims.
, ,
Claims (8)
1. Apparatus for preventing corruption of data stored in registers, comprising:
means for producing address, function code and data signals;
a lock;
logic means for controlling transmission of said data signals to said registers;
said lock including means for selectively enabling said logic means in response to a particular combination of at least one of said address and function code signals;
said lock including means for maintaining said logic means enabled only long enough to permit said transmission, and then for inhibiting said logic means pending receipt of a next one of said particular combination; and said particular combination being a combination that does not occur during normal operation of said means for producing.
means for producing address, function code and data signals;
a lock;
logic means for controlling transmission of said data signals to said registers;
said lock including means for selectively enabling said logic means in response to a particular combination of at least one of said address and function code signals;
said lock including means for maintaining said logic means enabled only long enough to permit said transmission, and then for inhibiting said logic means pending receipt of a next one of said particular combination; and said particular combination being a combination that does not occur during normal operation of said means for producing.
2. Apparatus according to claim 1, wherein said logic means includes an AND gate.
3. Apparatus according to claim 1, wherein said particular combination includes a write command to a portion of memory which is known to be read-only memory.
4. Apparatus according to claim 1, wherein said portion of memory includes boot vectors.
5. Apparatus according to claim 1, wherein said particular combination includes a write command to a portion of memory which is known to be instruction space.
6. A method for preventing corruption of data stored in registers of an apparatus, comprising:
producing address, function code and data signals;
selectively enabling storage of data in said registers in response to a particular combination of at least one of said address and function code signals;
inhibiting said storage pending receipt of a next one of said particular combination; and said particular combination being a combination that does not occur during normal operation of said means for producing.
producing address, function code and data signals;
selectively enabling storage of data in said registers in response to a particular combination of at least one of said address and function code signals;
inhibiting said storage pending receipt of a next one of said particular combination; and said particular combination being a combination that does not occur during normal operation of said means for producing.
7. A method according to claim 6, wherein at least one of said address, function code and data signals specifies an action of which said apparatus is incapable during operation of said apparatus.
8. A method according to claim 7, wherein said action includes specifying writing to a read only memory.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US31909289A | 1989-03-06 | 1989-03-06 | |
| US319,092 | 1989-03-06 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2010069A1 true CA2010069A1 (en) | 1990-09-06 |
Family
ID=23240824
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 2010069 Abandoned CA2010069A1 (en) | 1989-03-06 | 1990-02-14 | Lock for register data in computer systems |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2010069A1 (en) |
-
1990
- 1990-02-14 CA CA 2010069 patent/CA2010069A1/en not_active Abandoned
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US4388695A (en) | Hardware memory write lock circuit | |
| US6453417B1 (en) | Microcontroller with secure signature extraction | |
| US8397042B2 (en) | Secure memory interface | |
| US4959860A (en) | Power-on password functions for computer system | |
| US5305460A (en) | Data processor | |
| US4523271A (en) | Software protection method and apparatus | |
| US4332009A (en) | Memory protection system | |
| US4903194A (en) | Storage addressing error detection circuitry | |
| US5155829A (en) | Memory system and method for protecting the contents of a ROM type memory | |
| US7891556B2 (en) | Memory access controller and method for memory access control | |
| JP2002508569A (en) | Memory protection system for multitasking system | |
| EP1066567B1 (en) | Method and apparatus for secure address re-mapping | |
| US5687354A (en) | Memory system and method for protecting the contents of a ROM type memory | |
| CA2010069A1 (en) | Lock for register data in computer systems | |
| EP0171456A1 (en) | Computer software protection system | |
| JPH0244431A (en) | Protection order retrieval device | |
| JP2972805B2 (en) | Memory write protection circuit | |
| KR20000009381A (en) | Memory writing protection apparatus of computer system | |
| JPH01123342A (en) | Writing protecting circuit for memory | |
| JPS58184656A (en) | Program storage system | |
| JPS63250753A (en) | Memory access check method | |
| JPH0454656A (en) | Electronics | |
| JP2000207235A (en) | Information processor | |
| JPS6084638A (en) | memory card | |
| JPS62266602A (en) | Setting guard device for system parameter |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Dead |