CN107851138A - 用于图形处理单元的硬件强制内容保护 - Google Patents

用于图形处理单元的硬件强制内容保护 Download PDF

Info

Publication number
CN107851138A
CN107851138A CN201680042506.6A CN201680042506A CN107851138A CN 107851138 A CN107851138 A CN 107851138A CN 201680042506 A CN201680042506 A CN 201680042506A CN 107851138 A CN107851138 A CN 107851138A
Authority
CN
China
Prior art keywords
memory
secure
gpu
unsecure
mode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201680042506.6A
Other languages
English (en)
Chinese (zh)
Inventor
科林·克里斯托弗·夏普
拉梅什·维斯瓦纳坦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN107851138A publication Critical patent/CN107851138A/zh
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1011Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1081Address translation for peripheral access to main memory, e.g. direct memory access [DMA]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0634Configuration or reconfiguration of storage systems by changing the state or mode of one or more devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/20Processor architectures; Processor configuration, e.g. pipelining
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/60Memory management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2200/00Indexing scheme for image data processing or generation, in general
    • G06T2200/28Indexing scheme for image data processing or generation, in general involving image processing hardware

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Image Generation (AREA)
CN201680042506.6A 2015-08-07 2016-07-25 用于图形处理单元的硬件强制内容保护 Pending CN107851138A (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/821,174 2015-08-07
US14/821,174 US10102391B2 (en) 2015-08-07 2015-08-07 Hardware enforced content protection for graphics processing units
PCT/US2016/043903 WO2017027196A1 (en) 2015-08-07 2016-07-25 Hardware enforced content protection for graphics processing units

Publications (1)

Publication Number Publication Date
CN107851138A true CN107851138A (zh) 2018-03-27

Family

ID=56609956

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201680042506.6A Pending CN107851138A (zh) 2015-08-07 2016-07-25 用于图形处理单元的硬件强制内容保护

Country Status (7)

Country Link
US (1) US10102391B2 (https=)
EP (1) EP3332346B1 (https=)
JP (1) JP2018523876A (https=)
KR (1) KR20180036970A (https=)
CN (1) CN107851138A (https=)
BR (1) BR112018002466A2 (https=)
WO (1) WO2017027196A1 (https=)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110706147A (zh) * 2019-09-29 2020-01-17 百度在线网络技术(北京)有限公司 图像处理的环境确定方法、装置、电子设备和存储介质
WO2020154924A1 (zh) * 2019-01-29 2020-08-06 华为技术有限公司 电子设备和地址访问方法
WO2020252791A1 (zh) * 2019-06-21 2020-12-24 华为技术有限公司 一种集成芯片及数据处理方法
CN113344764A (zh) * 2021-05-11 2021-09-03 中天恒星(上海)科技有限公司 安全图形处理器、处理器芯片、显示卡、装置、方法及存储介质
CN114995912A (zh) * 2022-06-09 2022-09-02 江苏安超云软件有限公司 支持gpu多模式运行的方法和装置、电子设备和存储介质

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3050847B1 (fr) * 2016-05-02 2019-04-05 Morpho Procede d'optimisation d'ecritures en memoire dans un dispositif
US10380039B2 (en) * 2017-04-07 2019-08-13 Intel Corporation Apparatus and method for memory management in a graphics processing environment
EP3651020A1 (en) * 2017-11-20 2020-05-13 Shanghai Cambricon Information Technology Co., Ltd Computer equipment, data processing method, and storage medium
US11379135B2 (en) * 2020-08-04 2022-07-05 Honeywell International Inc. Memory protection unit
US20230153146A1 (en) * 2021-11-12 2023-05-18 Nvidia Corporation Direct user mode work submission in secure computing enabled processors

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020163522A1 (en) * 2001-05-07 2002-11-07 Porter Allen J.C. Method and apparatus for maintaining secure and nonsecure data in a shared memory system
CN1711525A (zh) * 2002-11-18 2005-12-21 Arm有限公司 具有安全域和非安全域的数据处理系统内的虚拟至物理存储器地址映射
CN101084505A (zh) * 2004-11-12 2007-12-05 索尼计算机娱乐公司 用于保护数据处理和传送安全的方法和设备
US7681077B1 (en) * 2006-11-03 2010-03-16 Nvidia Corporation Graphics system with reduced shadowed state memory requirements
CN101950262A (zh) * 2010-10-20 2011-01-19 深圳市开立科技有限公司 在嵌入式系统中实现安全模式的方法及装置
CN102804153A (zh) * 2010-02-17 2012-11-28 Arm有限公司 在安全与非安全存储器区域内存储安全模式页表数据
US20130132735A1 (en) * 2011-05-10 2013-05-23 Qualcomm Corporation Apparatus and method for hardware-based secure data processing using buffer memory address range rules
CN103154913A (zh) * 2010-08-06 2013-06-12 英特尔公司 支持用于预启动和安全模式操作的安全可读存储区域
US20130166922A1 (en) * 2011-12-23 2013-06-27 Ati Technologies Ulc Method and system for frame buffer protection
US20130305388A1 (en) * 2012-05-10 2013-11-14 Qualcomm Incorporated Link status based content protection buffers
CN103430185A (zh) * 2011-03-22 2013-12-04 瑞典爱立信有限公司 用于在虚拟化系统操作与非虚拟化系统操作之间切换的方法
US20140237609A1 (en) * 2013-02-18 2014-08-21 Qualcomm Incorporated Hardware enforced content protection for graphics processing units
CN104050420A (zh) * 2013-03-15 2014-09-17 辉达公司 用于保护数据的系统和方法
US20150052325A1 (en) * 2013-08-16 2015-02-19 Arm Limited Data processing systems

Family Cites Families (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4184201A (en) 1978-04-26 1980-01-15 Sperry Rand Corporation Integrating processor element
US6986052B1 (en) 2000-06-30 2006-01-10 Intel Corporation Method and apparatus for secure execution using a secure memory partition
US7065651B2 (en) 2002-01-16 2006-06-20 Microsoft Corporation Secure video card methods and systems
EP1495401B1 (en) 2002-04-18 2007-01-24 Advanced Micro Devices, Inc. Initialization of a computer system including a secure execution mode-capable processor
DE60322366D1 (de) 2002-04-18 2008-09-04 Advanced Micro Devices Inc Rechnersystem mit einem für einen sicheren ausführungsmodus geeigneten cpu und einem sicherheitsdienst-prozessor die über einen gesicherten kommunikationsweg miteinander verbunden sind
KR20040000348A (ko) 2002-06-24 2004-01-03 마이크로소프트 코포레이션 비디오 카드 출력을 보호하기 위한 시스템 및 방법
GB2402785B (en) 2002-11-18 2005-12-07 Advanced Risc Mach Ltd Processor switching between secure and non-secure modes
US7474312B1 (en) 2002-11-25 2009-01-06 Nvidia Corporation Memory redirect primitive for a secure graphics processing unit
US7444523B2 (en) 2004-08-27 2008-10-28 Microsoft Corporation System and method for using address bits to signal security attributes of data in the address space
US7782329B2 (en) 2004-12-10 2010-08-24 Rockwell Collins, Inc. Method and apparatus for protected graphics generation
US8473750B2 (en) 2004-12-15 2013-06-25 Nvidia Corporation Chipset security offload engine
GB0427973D0 (en) 2004-12-21 2005-01-26 Falanx Microsystems As Microprocessor systems
KR100893980B1 (ko) 2005-12-14 2009-04-20 엔비디아 코포레이션 칩세트 보안 오프로드 엔진
US7610464B2 (en) 2006-02-22 2009-10-27 Sony Computer Entertainment Inc. Methods and apparatus for providing independent logical address space and access management
AU2007252841B2 (en) 2006-05-24 2012-06-28 Safend Ltd. Method and system for defending security application in a user's computer
US20080077793A1 (en) 2006-09-21 2008-03-27 Sensory Networks, Inc. Apparatus and method for high throughput network security systems
US7809934B2 (en) 2006-10-13 2010-10-05 Texas Instruments Incorporated Security measures for preventing attacks that use test mechanisms
US20090079746A1 (en) 2007-09-20 2009-03-26 Apple Inc. Switching between graphics sources to facilitate power management and/or security
US8478959B1 (en) 2007-11-13 2013-07-02 Nvidia Corporation Method and system for protecting content in graphics memory
US20090150631A1 (en) 2007-12-06 2009-06-11 Clifton Labs, Inc. Self-protecting storage device
US8156565B2 (en) 2008-04-28 2012-04-10 Microsoft Corporation Hardware-based protection of secure data
US8393008B2 (en) 2008-05-21 2013-03-05 Microsoft Corporation Hardware-based output protection of multiple video streams
US8578483B2 (en) 2008-07-31 2013-11-05 Carnegie Mellon University Systems and methods for preventing unauthorized modification of an operating system
US8243088B2 (en) 2009-02-26 2012-08-14 Presagis Two dimensional memory access controller
US9804866B2 (en) 2009-12-14 2017-10-31 Citrix Systems, Inc. Methods and systems for securing sensitive information using a hypervisor-trusted client
JP5631334B2 (ja) 2009-12-14 2014-11-26 パナソニック株式会社 情報処理装置
US8296538B2 (en) 2010-02-17 2012-10-23 Arm Limited Storing secure mode page table data in secure and non-secure regions of memory
JP5485055B2 (ja) 2010-07-16 2014-05-07 パナソニック株式会社 共有メモリシステム及びその制御方法
GB2482700A (en) 2010-08-11 2012-02-15 Advanced Risc Mach Ltd Memory access control
US20120079270A1 (en) 2010-09-29 2012-03-29 Navin Patel Hardware-Assisted Content Protection for Graphics Processor
GB2484717B (en) 2010-10-21 2018-06-13 Advanced Risc Mach Ltd Security provision for a subject image displayed in a non-secure domain
US9086989B2 (en) 2011-07-01 2015-07-21 Synopsys, Inc. Extending processor MMU for shared address spaces
US8631212B2 (en) * 2011-09-25 2014-01-14 Advanced Micro Devices, Inc. Input/output memory management unit with protection mode for preventing memory access by I/O devices
JP5664530B2 (ja) 2011-11-17 2015-02-04 トヨタ自動車株式会社 制御装置およびメモリ保護装置の動作確認方法
GB2501274B (en) 2012-04-17 2020-05-13 Advanced Risc Mach Ltd Management of data processing security in a secondary processor
DE112013004065B4 (de) * 2012-08-15 2022-03-24 Synopsys, Inc. Integrierte Schaltung
US9633230B2 (en) 2012-10-11 2017-04-25 Intel Corporation Hardware assist for privilege access violation checks
JP6067449B2 (ja) 2013-03-26 2017-01-25 株式会社東芝 情報処理装置、情報処理プログラム
US9507961B2 (en) 2013-07-01 2016-11-29 Qualcomm Incorporated System and method for providing secure access control to a graphics processing unit
US9483653B2 (en) 2014-10-29 2016-11-01 Square, Inc. Secure display element
US9767320B2 (en) 2015-08-07 2017-09-19 Qualcomm Incorporated Hardware enforced content protection for graphics processing units

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020163522A1 (en) * 2001-05-07 2002-11-07 Porter Allen J.C. Method and apparatus for maintaining secure and nonsecure data in a shared memory system
CN1711525A (zh) * 2002-11-18 2005-12-21 Arm有限公司 具有安全域和非安全域的数据处理系统内的虚拟至物理存储器地址映射
CN101084505A (zh) * 2004-11-12 2007-12-05 索尼计算机娱乐公司 用于保护数据处理和传送安全的方法和设备
US7681077B1 (en) * 2006-11-03 2010-03-16 Nvidia Corporation Graphics system with reduced shadowed state memory requirements
CN102804153A (zh) * 2010-02-17 2012-11-28 Arm有限公司 在安全与非安全存储器区域内存储安全模式页表数据
CN103154913A (zh) * 2010-08-06 2013-06-12 英特尔公司 支持用于预启动和安全模式操作的安全可读存储区域
CN101950262A (zh) * 2010-10-20 2011-01-19 深圳市开立科技有限公司 在嵌入式系统中实现安全模式的方法及装置
CN103430185A (zh) * 2011-03-22 2013-12-04 瑞典爱立信有限公司 用于在虚拟化系统操作与非虚拟化系统操作之间切换的方法
US20130132735A1 (en) * 2011-05-10 2013-05-23 Qualcomm Corporation Apparatus and method for hardware-based secure data processing using buffer memory address range rules
US20130166922A1 (en) * 2011-12-23 2013-06-27 Ati Technologies Ulc Method and system for frame buffer protection
US20130305388A1 (en) * 2012-05-10 2013-11-14 Qualcomm Incorporated Link status based content protection buffers
US20140237609A1 (en) * 2013-02-18 2014-08-21 Qualcomm Incorporated Hardware enforced content protection for graphics processing units
CN104050420A (zh) * 2013-03-15 2014-09-17 辉达公司 用于保护数据的系统和方法
US20150052325A1 (en) * 2013-08-16 2015-02-19 Arm Limited Data processing systems

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JOHANNES WINTER: "Experimenting with ARM TrustZone -- Or: How I Met Friendly Piece of Trusted Hardware", 《EXPERIMENTING WITH ARM TRUSTZONE -- OR: HOW I MET FRIENDLY PIECE OF TRUSTED HARDWARE》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020154924A1 (zh) * 2019-01-29 2020-08-06 华为技术有限公司 电子设备和地址访问方法
CN113168380A (zh) * 2019-01-29 2021-07-23 华为技术有限公司 电子设备和地址访问方法
CN113168380B (zh) * 2019-01-29 2022-09-09 华为技术有限公司 电子设备和地址访问方法
WO2020252791A1 (zh) * 2019-06-21 2020-12-24 华为技术有限公司 一种集成芯片及数据处理方法
CN114041133A (zh) * 2019-06-21 2022-02-11 华为技术有限公司 一种集成芯片及数据处理方法
US12306769B2 (en) 2019-06-21 2025-05-20 Huawei Technologies Co., Ltd. Integrated chip and data processing method
CN114041133B (zh) * 2019-06-21 2026-04-21 华为技术有限公司 一种集成芯片及数据处理方法
CN110706147A (zh) * 2019-09-29 2020-01-17 百度在线网络技术(北京)有限公司 图像处理的环境确定方法、装置、电子设备和存储介质
CN110706147B (zh) * 2019-09-29 2023-08-11 阿波罗智联(北京)科技有限公司 图像处理的环境确定方法、装置、电子设备和存储介质
CN113344764A (zh) * 2021-05-11 2021-09-03 中天恒星(上海)科技有限公司 安全图形处理器、处理器芯片、显示卡、装置、方法及存储介质
CN113344764B (zh) * 2021-05-11 2024-04-19 中天恒星(上海)科技有限公司 安全图形处理器、处理器芯片、显示卡、装置、方法及存储介质
CN114995912A (zh) * 2022-06-09 2022-09-02 江苏安超云软件有限公司 支持gpu多模式运行的方法和装置、电子设备和存储介质

Also Published As

Publication number Publication date
US10102391B2 (en) 2018-10-16
BR112018002466A2 (pt) 2018-09-18
EP3332346A1 (en) 2018-06-13
JP2018523876A (ja) 2018-08-23
US20170039381A1 (en) 2017-02-09
EP3332346B1 (en) 2021-02-24
WO2017027196A1 (en) 2017-02-16
KR20180036970A (ko) 2018-04-10

Similar Documents

Publication Publication Date Title
CN107851139B (zh) 用于图形处理单元的硬件强制内容保护
CN104981811B (zh) 用于图形处理单元的硬件强制内容保护
US10102391B2 (en) Hardware enforced content protection for graphics processing units
US9134954B2 (en) GPU memory buffer pre-fetch and pre-back signaling to avoid page-fault
US20250363063A1 (en) Reserving a secure address range
US20180349165A1 (en) Direct doorbell ring in virtualized processing device
US9779471B2 (en) Transparent pixel format converter
WO2022047136A1 (en) Shader core instruction to invoke depth culling

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20210702