CN108460287A - The division methods in user's control region and memory protect system in memory protection location - Google Patents
The division methods in user's control region and memory protect system in memory protection location Download PDFInfo
- Publication number
- CN108460287A CN108460287A CN201810236110.6A CN201810236110A CN108460287A CN 108460287 A CN108460287 A CN 108460287A CN 201810236110 A CN201810236110 A CN 201810236110A CN 108460287 A CN108460287 A CN 108460287A
- Authority
- CN
- China
- Prior art keywords
- region
- user
- access
- memory
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The division methods in user's control region in the memory protection location of the present invention; on the basis of C0 MCU are the SoC systems that kernel is developed; zone permission management provided with chip interior memory FLASH; user is associated with the corresponding region of FLASH structure according to the setting of user; form the region with user property; and set the independent access rights in each region; when receiving access privilege; if the corresponding authority of region and user mismatch; error message then is returned to C0 MCU, prevents incongruent access.Advantageous effect:The ownership for ensureing system resource from hardware, does not provide a kind of good mechanism by unauthorized access for resource, effectively realizes the protection to chip interior memory.
Description
Technical field
The present invention relates to a kind of divisions in user's control region in embedded system field more particularly to memory protection location
Method and memory protect system.
Background technology
It is frequently encountered the operation of multitask in embedded system and control exists, it is necessary in system when task run
A kind of mechanism is provided to ensure that the operation of other tasks is not destroyed or influenced to being currently running for task by other tasks.In realization
Stating purpose usually has two kinds of approach of software protection and hardware protection.Software protection refers to the maintenance only by software to be protected to realize
The effect of system resource.In the system of multitask, reach the synchronization and communication between task by running operating system, with reality
The effect of existing software protection.However, coordinating the operation of multitask using software, it generally will appear some and inevitably ask
Topic.For example, when CPU wants to access to a communication serial port register, if there is the string is used in other tasks
Mouthful, then this mode be have no idea prevent this operate, if be thought of as work(use this serial ports, it is necessary to by operating system come
Coordinate, the operation of reasonable control task.Such unauthorized access is generally easy to destroy the communication by the serial ports, causes certain
The wasting of resources and unreasonable use.
For another aspect, keep it not illegal to detect and limit the resource of system if the system has special hardware
It accesses, can ensure the ownership of resource to a certain extent.When executing operation task, the rule for following hardware maintenance are needed
Then, reasonably configuration access permission is carried out to its region, the protection of resource is realized in hardware degree.When CPU access does not have
When the region of permission, its operation can be actively monitored, unauthorized access can then be shielded.
Invention content
Present invention aims to overcome that above-mentioned the deficiencies in the prior art, user's control in a kind of memory protection location is provided
The division methods and memory in region protect system, and have made certain verification mainly for the realization in user's control region, specifically
It is realized by following technical scheme:
The division methods in user's control region in the memory protection location are the SoC systems that kernel is developed in C0 MCU
On the basis of, it is provided with the zone permission management of chip interior memory FLASH, according to the setting of user by user and FLASH
Corresponding region structure association, forms the region with user property, and set the independent access rights in each region, is used receiving
When the access rights of family, if the corresponding authority of region and user mismatch, error message is returned to C0 MCU, is prevented incongruent
It accesses.
The further design of the division methods in user's control region is in the memory protection location, the regions FLASH
Encryption and decryption storage can be arranged according to user's setting in data, and encryption and decryption storage operation is controlled by corresponding enable signal.
The further design of the division methods in user's control region is in the memory protection location, described to have user
Whether the zone user code area UC and user data area UD of attribute, can be allowed between different user pair by register configuration
It using the reading and writing at family, executes, if allow other users reading and writing, execute.
System, including storage are protected using the memory of the division methods in user's control region in the memory protection location
Device, memory protection location and microprocessor, the memory are connect by memory protection location with microprocessor communication, special
Sign is that the memory protection location includes control section, encryption and decryption part, output par, c and accesses violation mechanism determination unit
Point:
The control section includes:
Program pointer comparing unit realizes the comparison of program pointer and each region configuration boundary address, where determining program
Region;
Address comparing unit realizes the comparison of access address and each region configuration boundary address, where determining access address
Region;
Access rights judging unit, to determine whether the access actually occurred meets the access rights of setting;
Access violation judging unit effectively judges according to the access address in each region and access rights as a result, determining user couple
Whether destination address accesses effective;
The encryption and decryption part sets whether each region carries out encryption storage by register;
The output par, c is visited according to what control section and encryption and decryption part were handled as a result, determining whether that peripheral bus exports
Ask information;
Access violation mechanism judging section, judgement is identified to the permission of current accessed, if the permission permission that fruit is current,
The corresponding internal storage location of bus access can then be continued through;If the access rights of current region do not allow current operation, that
It just will produce access rights and violate mistake.
The further design of the memory protection system is that the encryption and decryption part includes that address encryption adds with data
Close, address encryption carries out out of order encryption rule, only handles offset address part.
The further design of the memory protection system is, the template of s boxes is used in the algorithm of address encryption;Data
Encryption and decryption uses SPECK32 algorithms, and all data are encrypted.
The further design of the memory protection system is that the output par, c is with control section information exchange:If
Control section judges that this visit is effective, then output access information;If control section judges access violation, prevent this time to visit
It asks.
Advantages of the present invention is as follows:
The division methods in user's control region and memory protection system ensure system from hardware in the memory protection location of the present invention
The ownership for resource of uniting, does not provide a kind of good mechanism by unauthorized access for resource, effectively realizes in chip
The protection of portion's memory.It is added to encryption and decryption processing module wherein in addition, increasing, enhances the confidentiality of data.
Description of the drawings
Fig. 1 is structural schematic diagrams of the MPU in entire SoC systems.
Fig. 2 is the functional schematic of memory protection location.
Fig. 3 is the emulation schematic diagram that UC zone permissions violate.
Fig. 4 is the emulation schematic diagram that UD zone permissions violate.
Fig. 5 is the encrypted emulation schematic diagram of FLASH area datas.
Fig. 6 is the encrypted emulation schematic diagram of FLASH regional address.
Specific implementation mode
Below in conjunction with attached drawing, technical scheme of the present invention is described in detail.
Such as Fig. 1, the division methods in user's control region, are opened in C0 MCU for kernel in the memory protection location of the present embodiment
On the basis of the SoC systems sent out, it is provided with the zone permission management of chip interior memory FLASH, in entire MPU modules
In design, user is introduced to realize that management, each user have oneself corresponding region, corresponding region that independent access is arranged
Permission then will produce corresponding violation mistake, and prevent incongruent visit when region and permission are unmatched
It asks.In addition, being also provided with independent encipherment protection module, the data in the regions FLASH can also be arranged when necessary plus solution
Close storage, encryption and decryption are stored with corresponding enable signal to control.In the design of entire module, most importantly each area
The division in domain and the configuration of corresponding control register, it is necessary to the relatively independent of user and region is kept, in order to verify
Stage can be very good triggering error condition and realize the verification of correlation function.Hereafter setting mainly for user's control region
Meter has been described in detail.
The method that the present embodiment has used Hardware/Software Collaborative Design, as memory protection location therein, interior design
Framework is designed by the way of hardware, and configuration information is realized by the way of software.Works of the MPU in entire SoC systems
It needs to first pass around MPU modules when CPU will access memory area with the memory for being just responsible for protection chip interior
Permission is judged whether there is to go to access the region.
For user area, it is primarily referred to as the regions FLASH of control authority.To FLASH locality protections:Have
The region of user property;Personal code work area UC and user data area UD.Between different user can by register configuration whether
Allow this user reading and writing, execute, if allows other users reading and writing, executes.Each user area ranges of FLASH can flexibly match
It sets, range does not allow to cross the border between each user, can configure whether the regions FLASH encrypt storage.
The memory of the present embodiment protects system, including memory, memory protection location and microprocessor, memory to pass through
Memory protection location is connect with microprocessor communication.Memory protection location include control section, encryption and decryption part, output par, c with
And access violation mechanism judging section.
Further, control section is mainly by program pointer comparing unit, address comparing unit, access rights judging unit
And access violation judging unit composition.Program pointer comparing unit realizes that program pointer and each region configure boundary address
Compare, to determine the region where program.Address comparing unit realizes the ratio of access address and each region configuration boundary address
Compared with to determine the region where access address.Access rights judging unit, to determine whether the access actually occurred meets setting
Access rights.Access violation judging unit effectively judges to tie according to the access address consistency and access rights in each region
Fruit determines whether user accesses destination address effective.
Whether encryption and decryption part can carry out encryption storage with flexible design each region.Address part is carried out out of order
Encryption rule, since base address is the same, so only handling its offset address part for the encryption of address.The present embodiment
S boxes are used in the algorithm of address encryption, the design template of this s boxes is similar to a kind of inquiring arithmetic, each data
There is fixed value corresponding.In addition, when data are written to storage region in CPU, relevant encryption can be carried out to it
Operation is then decrypted when equally reading data in operation.Data encrypting and deciphering uses SPECK32 algorithms, the algorithm integrally to adopt
With round function structure, F functions include the variation of the linear and nonlinear of key.The encryption and decryption functions in region are by control register
Setting.
Output par, c is visited according to what control section and encryption and decryption part were handled as a result, determining whether that peripheral bus exports
Ask information.If control section judges that this visit is effective, output access information is realized and accesses purpose;If control section judges
Access violation then prevents this visit information.
Violation mechanism judging section is accessed, when chip accesses memory by ahb bus, MPU is by comparing each region
High low address determine, current which belonging region of the address to be accessed.When corresponding address matching, currently
The read-write of execution will determine whether to execute current operation according to the access rights of corresponding region.If fruit is current
Permission word order, then can continue through the corresponding internal storage location of bus access;If the access rights of current region do not allow
Current operation, then just will produce access rights violates mistake(violation).
The general function of personal code work area UC and user data area UD are embodied as:User's control register is configured first,
The permission of corresponding region and relevant border direction setting is good, and when CPU initiates to access, access information is total by AHB first
Line enters MPU modules, and then the control section Jing Guo UC, UD module is effectively judged, eventually by output par, c to week
Side bus output shields the secondary access information.
1 UC, UD regional signal of table describes
Signal name | Signal description | Signal type |
core_HADDR | Currently performed region | Input |
core_pc | Region where code | Input |
acce_perm | Currently performed operation | Input |
uc/ud_valid | The regions UC/UD effectively identify | Input |
uc_sc_pc_match | This user area matches | Input |
uc/ud_regn_perm | The permission in the regions UC/UD | Input |
ucrh/l_reg, udrh/l_reg | The range in the regions UC/UD | Input |
uc_pc_match | Determine code whether in the regions UC | Output |
uc/ud_regn_violt | UC/UD zone permissions are accessed to violate | Output |
uc/ud_addr_match | Address compares matching | Output |
Implement function and register description:
1. according to the region where code compared with UC/UD regional extents, match signals are generated, determine the region of code operation,
Determine the user for executing this section of code.
2. according to address compared with UC/UD regional extents, generate address match signals, determine the address that accesses whether
The regions UC/UD.
3. according to current operation type acce_perm and treated matched signal, compare the operation of region permission
Type regn_perm generates rights violation mistake(violt).
4. when accessing regional address matching and access rights mistake, by generating region violation signal, it is output to MPU
Register module.
For user data area and personal code work area, user register is by control register and status register group
At.Control register is mainly user's write-in, for configuring the access rights in corresponding region.Status register then reflects access
The information of permission error, when access errors occur, error flag position will be set to, and just can not after being set to 1
It is updated to 0 again, it is necessary to after this user removes the error condition, 0 could be reverted to again, to be continuing with.
Simulating, verifying is carried out to user area below
The emulation and verification in the region UC, UD i.e. user are to the verification of the access rights in the region UC, UD and testing for encryption and decryption
Card.
UC, UD, region can be rationally arranged in user, can configure 4 regions with user property, personal code work area UC
Each 4 with user data area UD.Priority assignation for the region UC, UD and know configured with criterion(valid)Then by user's control
Register distributes.For user's control register, when corresponding valid is invalid, can directly it be configured by CPU.User sets
Authority configuration is set, different users accesses oneself and other users region.Whether the corresponding user area of test can lead to by safeguard protection
The state crossed in inquiry MPU status registers judges.
1. the verification of rights violation
When verifying UC, UD regional function, Validation Code is put into the user area set in advance first, and to every
The code area of a user and the permission of data field make relevant setting, execute the code for accessing other regions.Simulation result is as follows
Shown in face Fig. 3 and Fig. 4.By Fig. 3, Fig. 4 it is found that the priority assignation in the regions UC and UD can be read and write for only this user, other use
Family cannot operate on it;When other users access the regions UC/UD, permission error is will produce, prevents this visit,
To realize the effect of protection FLASH.
2. the verification of encryption and decryption
The encryption in the regions FLASH can then control, when needing encryption, it is only necessary to by control extension position enable signal
It sets.Shown in waveform following Fig. 5 and Fig. 6:It can be seen that address only encrypts wherein [6:2] several, data are then all to add
It is close.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto,
Any one skilled in the art in the technical scope disclosed by the present invention, the change or replacement that can be readily occurred in,
It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims
Subject to.
Claims (7)
1. the division methods in user's control region in a kind of memory protection location, it is characterised in that developed for kernel in C0 MCU
SoC systems on the basis of, be provided with chip interior memory FLASH zone permission management, will be used according to the setting of user
Family is associated with the corresponding region of FLASH structure, forms the region with user property, and set the independent access right in each region
Limit, if the corresponding authority of region and user mismatch, error message is returned to C0 MCU when receiving access privilege,
Prevent incongruent access.
2. the division methods in user's control region in memory protection location according to claim 1, it is characterised in that FLASH
Encryption and decryption storage can be arranged according to user's setting in the data in region, and encryption and decryption storage operation is controlled by corresponding enable signal.
3. the division methods in user's control region in memory protection location according to claim 1, it is characterised in that described
Zone user code area UC with user property and user data area UD can be by register configuration between different user
It is no to allow the reading and writing of corresponding user, execute, if to allow other users reading and writing, execute.
4. using the memory of the division methods in user's control region in memory protection location as described in any one of claims 1-3
Protection system, including memory, memory protection location and microprocessor, the memory pass through memory protection location and Wei Chu
Manage device communication connection, it is characterised in that the memory protection location includes control section, encryption and decryption part, output par, c and visit
Ask violation mechanism judging section:
The control section includes:
Program pointer comparing unit realizes the comparison of program pointer and each region configuration boundary address, where determining program
Region;
Address comparing unit realizes the comparison of access address and each region configuration boundary address, where determining access address
Region;
Access rights judging unit, to determine whether the access actually occurred meets the access rights of setting;
Access violation judging unit effectively judges according to the access address in each region and access rights as a result, determining user couple
Whether destination address accesses effective;
The encryption and decryption part sets whether each region carries out encryption storage by register;
The output par, c is visited according to what control section and encryption and decryption part were handled as a result, determining whether that peripheral bus exports
Ask information;
Access violation mechanism judging section, judgement is identified to the permission of current accessed, if the permission permission that fruit is current,
The corresponding internal storage location of bus access can then be continued through;If the access rights of current region do not allow current operation, that
It just will produce access rights and violate mistake.
5. memory according to claim 4 protects system, it is characterised in that the encryption and decryption part include address encryption with
Data encryption, address encryption carry out out of order encryption rule, only handle offset address part.
6. memory according to claim 5 protects system, it is characterised in that use the mould of s boxes in the algorithm of address encryption
Plate;Data encrypting and deciphering uses SPECK32 algorithms, and all data are encrypted.
7. memory according to claim 4 protects system, it is characterised in that the output par, c is handed over control section information
Each other:If control section judges that this visit is effective, output access information;If control section judges access violation, prevent
This visit.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810236110.6A CN108460287A (en) | 2018-03-21 | 2018-03-21 | The division methods in user's control region and memory protect system in memory protection location |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810236110.6A CN108460287A (en) | 2018-03-21 | 2018-03-21 | The division methods in user's control region and memory protect system in memory protection location |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108460287A true CN108460287A (en) | 2018-08-28 |
Family
ID=63236701
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810236110.6A Pending CN108460287A (en) | 2018-03-21 | 2018-03-21 | The division methods in user's control region and memory protect system in memory protection location |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108460287A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109446755A (en) * | 2018-09-30 | 2019-03-08 | 龙芯中科技术有限公司 | The guard method of kernel hooking function, device, equipment and storage medium |
CN109766165A (en) * | 2018-11-22 | 2019-05-17 | 海光信息技术有限公司 | A kind of memory access control method, device, Memory Controller Hub and computer system |
CN109947673A (en) * | 2019-03-26 | 2019-06-28 | 北京经纬恒润科技有限公司 | A kind of method for protecting EMS memory, protective device and single-chip microcontroller |
CN110008726A (en) * | 2019-04-09 | 2019-07-12 | 杨力祥 | Access control apparatus and method when a kind of operation |
CN110162965A (en) * | 2019-04-09 | 2019-08-23 | 杨力祥 | Access control method and computing device when a kind of operation |
CN112163214A (en) * | 2020-09-22 | 2021-01-01 | 杭州数梦工场科技有限公司 | Data access method and device |
CN112182548A (en) * | 2020-09-23 | 2021-01-05 | 博流智能科技(南京)有限公司 | Chip system |
WO2021203767A1 (en) * | 2020-04-08 | 2021-10-14 | 中兴通讯股份有限公司 | Memory access method, system-on-chip, and electronic device |
CN113987589A (en) * | 2021-12-27 | 2022-01-28 | 飞天诚信科技股份有限公司 | Method and device for processing data |
CN115794661A (en) * | 2023-01-19 | 2023-03-14 | 苏州浪潮智能科技有限公司 | Processor abnormal access positioning method and device, electronic equipment and storage medium |
CN116595594A (en) * | 2023-05-19 | 2023-08-15 | 无锡摩芯半导体有限公司 | FLASH safety control method based on UCB |
CN116795494A (en) * | 2023-08-23 | 2023-09-22 | 北京紫光芯能科技有限公司 | Memory protection unit information processing method, system and readable medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101952809A (en) * | 2007-10-23 | 2011-01-19 | 郑基悦 | Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface |
CN102843366A (en) * | 2012-08-13 | 2012-12-26 | 北京百度网讯科技有限公司 | Network resource access permission control method and device |
CN103150524A (en) * | 2013-01-30 | 2013-06-12 | 华中科技大学 | Safe memory chip, system and authentication method of safe memory chip |
CN103617404A (en) * | 2013-12-17 | 2014-03-05 | 天津赢达信科技有限公司 | Storing device of safety partitions |
CN106657052A (en) * | 2016-12-16 | 2017-05-10 | 湖南国科微电子股份有限公司 | Access management method and system for storage data |
CN106897635A (en) * | 2017-02-28 | 2017-06-27 | 广东虹勤通讯技术有限公司 | Movable memory equipment and its operating method |
-
2018
- 2018-03-21 CN CN201810236110.6A patent/CN108460287A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101952809A (en) * | 2007-10-23 | 2011-01-19 | 郑基悦 | Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface |
CN102843366A (en) * | 2012-08-13 | 2012-12-26 | 北京百度网讯科技有限公司 | Network resource access permission control method and device |
CN103150524A (en) * | 2013-01-30 | 2013-06-12 | 华中科技大学 | Safe memory chip, system and authentication method of safe memory chip |
CN103617404A (en) * | 2013-12-17 | 2014-03-05 | 天津赢达信科技有限公司 | Storing device of safety partitions |
CN106657052A (en) * | 2016-12-16 | 2017-05-10 | 湖南国科微电子股份有限公司 | Access management method and system for storage data |
CN106897635A (en) * | 2017-02-28 | 2017-06-27 | 广东虹勤通讯技术有限公司 | Movable memory equipment and its operating method |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109446755B (en) * | 2018-09-30 | 2021-03-30 | 龙芯中科技术股份有限公司 | Kernel hook function protection method, device, equipment and storage medium |
CN109446755A (en) * | 2018-09-30 | 2019-03-08 | 龙芯中科技术有限公司 | The guard method of kernel hooking function, device, equipment and storage medium |
CN109766165A (en) * | 2018-11-22 | 2019-05-17 | 海光信息技术有限公司 | A kind of memory access control method, device, Memory Controller Hub and computer system |
CN109947673A (en) * | 2019-03-26 | 2019-06-28 | 北京经纬恒润科技有限公司 | A kind of method for protecting EMS memory, protective device and single-chip microcontroller |
CN110008726B (en) * | 2019-04-09 | 2021-08-20 | 杨力祥 | Runtime access control device and method |
CN110162965A (en) * | 2019-04-09 | 2019-08-23 | 杨力祥 | Access control method and computing device when a kind of operation |
CN110008726A (en) * | 2019-04-09 | 2019-07-12 | 杨力祥 | Access control apparatus and method when a kind of operation |
WO2021203767A1 (en) * | 2020-04-08 | 2021-10-14 | 中兴通讯股份有限公司 | Memory access method, system-on-chip, and electronic device |
CN112163214A (en) * | 2020-09-22 | 2021-01-01 | 杭州数梦工场科技有限公司 | Data access method and device |
CN112182548A (en) * | 2020-09-23 | 2021-01-05 | 博流智能科技(南京)有限公司 | Chip system |
CN113987589A (en) * | 2021-12-27 | 2022-01-28 | 飞天诚信科技股份有限公司 | Method and device for processing data |
CN113987589B (en) * | 2021-12-27 | 2022-03-18 | 飞天诚信科技股份有限公司 | Method and device for processing data, computer readable storage medium and device |
CN115794661A (en) * | 2023-01-19 | 2023-03-14 | 苏州浪潮智能科技有限公司 | Processor abnormal access positioning method and device, electronic equipment and storage medium |
CN116595594A (en) * | 2023-05-19 | 2023-08-15 | 无锡摩芯半导体有限公司 | FLASH safety control method based on UCB |
CN116795494A (en) * | 2023-08-23 | 2023-09-22 | 北京紫光芯能科技有限公司 | Memory protection unit information processing method, system and readable medium |
CN116795494B (en) * | 2023-08-23 | 2024-01-02 | 北京紫光芯能科技有限公司 | Memory protection unit information processing method, system and readable medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108460287A (en) | The division methods in user's control region and memory protect system in memory protection location | |
US10572689B2 (en) | Method and apparatus for secure execution using a secure memory partition | |
CN109844751B (en) | Method and processor for providing information isolation | |
US8191155B2 (en) | Microprocessor | |
JP4073913B2 (en) | Open general-purpose attack-resistant CPU and its application system | |
US8473754B2 (en) | Hardware-facilitated secure software execution environment | |
Basak et al. | A flexible architecture for systematic implementation of SoC security policies | |
CN110825672B (en) | High performance autonomous hardware engine for online encryption processing | |
CN103377349A (en) | Security controlled multi-processor system | |
CN108090366B (en) | Data protection method and device, computer device and readable storage medium | |
CN202110552U (en) | Software protection device based on multi-body interleaved storage technology | |
Xu et al. | RegVault: hardware assisted selective data randomization for operating system kernels | |
US20240073013A1 (en) | High performance secure io | |
US20240054071A1 (en) | Hardware mechanism to extend mktme protections to sgx data outside epc | |
Xu et al. | Data Enclave: A Data-Centric Trusted Execution Environment | |
CN115905108A (en) | IOPMP architecture implementation method for RISC-V chip | |
Walsh et al. | Trust in a Principled Filesystem |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180828 |
|
RJ01 | Rejection of invention patent application after publication |