CN110008148A - Memory Controller and for accessing the method for control to memory module - Google Patents

Memory Controller and for accessing the method for control to memory module Download PDF

Info

Publication number
CN110008148A
CN110008148A CN201810929033.2A CN201810929033A CN110008148A CN 110008148 A CN110008148 A CN 110008148A CN 201810929033 A CN201810929033 A CN 201810929033A CN 110008148 A CN110008148 A CN 110008148A
Authority
CN
China
Prior art keywords
data
memory
encryption
memory module
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810929033.2A
Other languages
Chinese (zh)
Other versions
CN110008148B (en
Inventor
山岗
杨崇和
李毅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lanqi Technology Co Ltd
Montage Technology Shanghai Co Ltd
Original Assignee
Lanqi Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lanqi Technology Co Ltd filed Critical Lanqi Technology Co Ltd
Priority to US16/239,549 priority Critical patent/US10936212B2/en
Publication of CN110008148A publication Critical patent/CN110008148A/en
Application granted granted Critical
Publication of CN110008148B publication Critical patent/CN110008148B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/16Handling requests for interconnection or transfer for access to memory bus
    • G06F13/1668Details of memory controller
    • G06F13/1673Details of memory controller using buffers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0658Controller construction arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]

Abstract

This application discloses a kind of Memory Controller and for accessing the method for control to memory module.Memory Controller is coupled in the access between memory module and master controller to control master controller to memory module, Memory Controller includes: central buffer, it is couple to the master controller, for receiving data access command from master controller, and it is couple to memory module, for providing the data access command of encryption to memory module;Wherein, central buffer includes visit order processing module, is used to that data access command to be encrypted to generate the data access command of encryption with predetermined command Encryption Algorithm;Data channel is coupled between the memory module and the master controller, and the memory module and the master controller are via the data channel interaction data under the control of the data access command of the encryption.

Description

Memory Controller and for accessing the method for control to memory module
Technical field
This application involves memory technology fields, more particularly, to a kind of Memory Controller and for storage Module accesses the method for control.
Background technique
The rapid development of Internet technology enables the network equipments such as computer, mobile terminal to be interconnected and is led to Letter.By these interconnected network equipments, people can easily obtain information.However, in convenient acquisition of information While, data and information security issue are also increasingly prominent.The equipment of networking be easy to due to accidental or malice the reason of by The attack of unauthorized external equipment, to cause the destruction of internal data, leakage or change.
Therefore, it is necessary to existing computer or other electronic equipments be improved, to improve its Information Security.
Summary of the invention
One of the application is designed to provide a kind of Memory Controller and for accessing control to memory module The method of system, to improve its Information Security.
According to the one aspect of the application, a kind of Memory Controller is provided, memory module and main control are coupled in To control access of the master controller to the memory module between device, the Memory Controller includes: central buffer, It is couple to the master controller, for receiving data access command from the master controller, and is couple to the storage mould Block, for providing the data access command of encryption to the memory module;Wherein, the central buffer includes at visit order Module is managed, with predetermined command Encryption Algorithm, the visit order processing module is used for the predetermined command Encryption Algorithm The data access command is encrypted to generate the data access command of the encryption;And the wherein storage mould Block is mutually coupled with the master controller by data channel, the storage under the control of the data access command of the encryption Module and the master controller are via the data channel interaction data.
In some embodiments, the data access command and the data access command of the encryption include respective access Address, the encryption make the access address for including in the data access command of the encryption be different from the data access The access address for including in order.
In some embodiments, the central buffer receiving algorithm configuration order is come to the visit order processing module In the predetermined command Encryption Algorithm configured, wherein the central buffer is for receiving the algorithm configuration order Interface is the interface or system management bus interface of visit order for receiving data.
In some embodiments, the predetermined command Encryption Algorithm in the visit order processing module is deposited described What memory controller was arranged when starting.
In some embodiments, the visit order processing module also has predetermined command decipherment algorithm, the memory The received data access command of controller is the data access command of pre-encrypt, and the Memory Controller is also used to described pre- Determine order decipherment algorithm the data access command of the pre-encrypt is decrypted, thus later further with described predetermined The data access command of decryption is encrypted in order Encryption Algorithm.
In some embodiments, the Memory Controller further include: data buffer is coupled in the data channel In, and the central buffer is couple to receive the data access command of the encryption from the central buffer, thus The master controller and the memory module are via slow including the data under the control of the data access command of the encryption Rush the data channel interaction data of device.
In some embodiments, the data buffer includes data processing module, and the data processing module has pre- Determine at least one of data encryption algorithm and tentation data decipherment algorithm;The data processing module is used for from the main control Device or the memory module receive data, and the data are encrypted with the tentation data Encryption Algorithm, and will The data of encryption are sent to the master controller or the memory module;Or the data processing module is used for from the master control Device processed or the memory module receive the data of encryption, are solved with the tentation data decipherment algorithm to the data of the encryption Close processing, and the data of decryption are sent to the master controller or the memory module.
In some embodiments, there is the data processing module tentation data Encryption Algorithm and tentation data decryption to calculate Method;The data processing module is used to receive the data of pre-encrypt from the master controller, with the tentation data decipherment algorithm The data of the pre-encrypt are decrypted, later further with the tentation data Encryption Algorithm to the data of decryption into Row encryption, and the data of encryption are sent to the memory module.
In some embodiments, the central buffer passes through data buffer control bus phase with the data buffer Mutually coupling, the data processing module is by the data buffer control bus receiving algorithm configuration order, wherein the calculation Method configuration order is for matching at least one of the tentation data Encryption Algorithm and the tentation data decipherment algorithm It sets.
In some embodiments, the tentation data Encryption Algorithm and the tentation data in the data processing module Decipherment algorithm is arranged in Memory Controller starting.
In some embodiments, it is synchronous dynamic with the Memory Controller to meet JEDEC Double Data Rate for the memory module State random access memory standard, the central buffer are integrated in deposit clock driver.
According to the another aspect of the application, a kind of Memory Controller is additionally provided, memory module and master control are coupled in To control access of the master controller to the memory module between device processed, the Memory Controller includes: central buffer Device is couple to the master controller, for receiving data access command from the master controller, and is couple to the storage Module, for providing data access command to the memory module;Data buffer is couple to the central buffer, uses In receiving the data access command from the central buffer, and be coupled in the master controller and the memory module it Between, under the control of the data access command between the master controller and the memory module interaction data;With And wherein, the data buffer includes data processing module, the data processing module have tentation data Encryption Algorithm and At least one of tentation data decipherment algorithm;The data processing module is used for from the master controller or the memory module Data are received, the data are encrypted with the tentation data Encryption Algorithm, and the data of encryption are sent to The master controller or the memory module;Or the data processing module is used for from the master controller or the storage mould Block receives the data of encryption, and the data of the encryption are decrypted with the tentation data decipherment algorithm, and will solution Close data are sent to the master controller or the memory module.
At the another aspect of the application, additionally provide it is a kind of for accessing the method for control to memory module, it is described Memory module is couple to master controller by Memory Controller, and is couple to the master controller, institute by data channel Stating Memory Controller includes the central buffer with visit order processing module, wherein the visit order processing module has There is the predetermined command Encryption Algorithm for data visit order to be encrypted;The described method includes: being delayed by the center It rushes device and receives data access command;The data access command is encrypted described in generation as the central buffer The data access command of encryption;The data access command of the encryption is supplied to the storage mould by the central buffer Block;And via the data channel according to the data access command of the encryption in the master controller and the memory module Between interaction data.
The application's in another aspect, additionally provide it is a kind of for accessing the method for control to memory module, it is described Memory module is couple to master controller by Memory Controller, and the Memory Controller includes central buffer and has The data buffer of data processing module, wherein the data processing module has tentation data Encryption Algorithm and tentation data solution At least one of close algorithm;The described method includes: receiving data access command by the central buffer;According to the data Visit order, the central buffer control the data buffer and receive number from the master controller or the memory module According to, the data are encrypted with the tentation data Encryption Algorithm by the data processing module, and will encryption Data be sent to the master controller or the memory module;Or according to the data access command, the central buffer Device controls the data that the data buffer receives encryption from the master controller or the memory module, by the data processing Module is decrypted the data of the encryption with the tentation data decipherment algorithm, and the data of decryption are sent to The master controller or the memory module.
The above are the general introductions of the application, may there is the case where simplification, summary and omission details, therefore those skilled in the art Member is it should be appreciated that the part is only Illustrative, and is not intended to restriction the application range in any way.This general introduction portion Point be both not intended to determine the key features or essential features of claimed subject, nor be intended as determination it is claimed The supplementary means of the range of theme.
Detailed description of the invention
By following description and appended claims and in conjunction with attached drawing, it will be more fully clearly understood that this Apply for the above and other feature of content.It is appreciated that these attached drawings depict only several embodiments of teachings herein, because This is not considered as the restriction to teachings herein range.By using attached drawing, teachings herein will obtain definitely and It explains in detail.
Fig. 1 a shows the storage system 100 according to the application one embodiment;
Fig. 1 b shows the storage system 100 ' according to the application one embodiment;
Fig. 1 c shows the storage system 100 " according to the application one embodiment;
Fig. 2 shows a kind of exemplary structures according to the central buffer 200 of the application one embodiment;
Fig. 3 shows a kind of exemplary structure of the data buffer 300 according to the application one embodiment;
Fig. 4 shows the storage system 400 according to the application one embodiment;
Fig. 5 shows the method 500 of the control that is used to access to memory module according to the application one embodiment;
Fig. 6 shows the method 600 of the control that is used to access to memory module according to the application one embodiment.
Specific embodiment
In the following detailed description, with reference to the part thereof of attached drawing of composition.In the accompanying drawings, the usual table of similar symbol Show similar component part, unless otherwise indicated by context.Illustrative reality described in detailed description, drawings and claims The mode of applying is not intended to limit.It, can be using other implementations without departing from the spirit or scope of the theme of the application Mode, and other variations can be made.It is appreciated that can describing to generality in the application, diagram is said in the accompanying drawings The various aspects of bright teachings herein carry out a variety of differently composed configurations, replacement, combination, design, and all these all bright Really constitute a part of teachings herein.
Fig. 1 a shows the storage system 100 according to the application one embodiment.
As shown in Figure 1a, which includes memory module 102, is configured to store in the present embodiment Mould group, for storing data.In some embodiments, memory module 102 can be meet JEDEC Double Data Rate synchronous dynamic with Machine accesses the memory module of memory (SDRAM) standard, for example including JEDEC DDR, DDR2, DDR3, DDR4 and other pairs Times rate memory standards.In addition, memory module 102 is also possible to meet the internal storage of other standards or agreement, such as SDRAM or RAMBUS internal storage is also possible to meet the memory of future memory standard or agreement.In some embodiments In, memory module 102 may include volatile memory (such as dynamic RAM), nonvolatile memory (flash memory Reservoir, such as NAND or NOR flash memory) or combination of the two.In further embodiments, memory module 102 is gone back It can be the novel memory devices manufactured using different production technologies, including but not limited to: reluctance type memory, phase change memory Device, resistance-type memory, half floating-gate memory or other any type of memories.It is appreciated that memory module 102 can To be made of a type of memory, perhaps also may include it is aforementioned or other types memory a variety of or whole or More other types memories.
Furthermore it should be noted that memory module described herein 102 can be a memory particle, also may include Two or more memory particles.Further, the structure of memory module 102 is included storage array or memory particle Various suitable interconnection structures can be used.For example, multiple memory particles can constitute a memory module in parallel;Substitution Ground, multiple memory particles can also use multilevel interconnection structure (such as two-stage).For example, one or more memory particles are made It is stored for the first order, and other one or more memory particles can be used as second level storage, provide depositing for different levels Storage.And the second storage level of lower layer grade can store the external interaction data with memory module entirety by the first order.Specifically Memory hierarchy will be explained further below.
As shown in Figure 1a, storage system 100 further includes Memory Controller 104, with 106 sum number of central buffer According to buffer (DB_P) 108.Specifically, central buffer 106 is coupled between master controller 110 and memory module 102, can To receive the data access command for including access address and access type from master controller 110.For example, data access command can be with It is the life of (such as read or write-in) of accessing to an address data memory (i.e. access address) in memory module 102 It enables.Data buffer 108 is coupled between memory module 102 and master controller 110, for the control in central buffer 106 Under between memory module 102 and master controller 110 interaction data.For the storage system of DDR3 or DDR4 standard, center Buffer can be integrated in deposit clock driver (RCD).Correspondingly, central buffer passes through command/address (Command/Address, C/A) bus is couple to master controller 110 to receive data access command.For meeting DDR4 standard Storage system, which may include pin A0-A17, pin BG0-BG1 And/or pin BA0-BA1.Wherein, pin BG0-BG1 is used to which memory bank group (Memory in memory module 102 to be determined Bank Group) it is processed, such as be written into or be read;Pin BA0-BA1 is for determining which of memory module 102 is deposited It is processed to store up body (Memory Bank);And pin A0-A17 is then used to address and determine which of memory bank to store Unit is processed.In addition, the input of A16 (RAS_n), A15 (CAS_n) and A14 (WE_n) these three pins can be used for really Surely the data access command being entered, such as reading order, writing commands and other control commands being predefined.
Different from existing central buffer, visit order processing module (CA_P) is provided in central buffer 106 112, it is constructed with the module of data processing and operational capability.In some embodiments, visit order handles mould Block 112 can be realized by software, hardware, firmware or combinations thereof.For example, visit order processing module 112 can be dedicated collection At circuit or Field Programmable Logic Array chip.Visit order processing module 112 can be to the number for receiving autonomous control device 110 It is handled according to visit order, to generate the data access command of modification.
Further, the data access command of modification can be supplied to memory module 102 by visit order processing module 112 With data buffer 108, so that the two can continue to execute data access operation according to the data access command of modification.Example Such as, visit order processing module 112 can be via the command/address bus between central buffer 106 and memory module 102 QCA provides the data access command and other control commands of modification, and via central buffer 106 and data buffer 108 Between data buffer control bus BCOM come provide modification data access command and other control commands.In some implementations In example, visit order processing module 112 can generate one or more according to the access address for including in data access command Access address, these access address can be provided to memory module 102 with the addressing use in access.For example, command/address Bus QCA can be configured between memory module 102 and central buffer 106, with signal and command interaction therebetween. Meanwhile visit order processing module 112 generates corresponding access type also according to the access type of data access command, this Sample, data buffer 108 can be controlled according to access type generated in memory module 102 be accessed storage unit with Data interaction between master controller 110.
Visit order processing module 112 can generate the data access command of modification in various required modes.One In a little embodiments, visit order processing module can be encoded the access address in data access command, so that repairing The data access command changed includes encoded access address.In further embodiments, visit order processing module can be with Presumptive address Processing Algorithm handles the access address in data access command, to generate one based on the access address Group access address.Each access address in the newly-generated access address of the group can correspond to the data access of a modification Order.Optionally, the data access command of these modifications can have access type identical with original data access command. For example, the data access command received from master controller 110 may be to read an access address in memory module 102 The data access command taken, then the data access command of newly-generated modification can be to multiple visits relevant to the access address Ask the data access command that address is read out.
In some embodiments, visit order processing module 112 can have predetermined command Encryption Algorithm and/or predetermined life Enable decipherment algorithm.Wherein, by order Encryption Algorithm, visit order processing module 112 can be to received data access command In include access address be encrypted so that the access address of encryption is different from (clear-text way) before encrypting Access address.The access address of encryption can be included in the data access command of modification, namely the data as encryption are visited Ask order.In this way, the data access command of encryption can be provided to memory module 102 and data buffer 108 in turn, with control Data buffer 108 processed interaction data between memory module 102 and master controller 110.It is appreciated that described herein mentioned The data access command of the encryption of supply memory module 102 and data buffer 108 can be complete order, or complete A part in visit order.For example, data access command usually may include access address and access type.For storing mould For block 102, for the needs of addressing, only needs to obtain in the data access command of encryption from central buffer 106 and include Encrypted access address.For example, the storage unit for corresponding to the access address of encryption in memory module 102 can be by Addressing is to carry out data access.Similarly, it for data buffer 108, needs to obtain access type from central buffer 106 The information of (such as read or be written).In this way, memory module 102 and data buffer 108 are provided in central buffer 106 Encryption data access command control under, complete data access.It should be noted that the access of encryption described herein Location is different from access address before encrypting and is not meant to the inevitable difference of the two, and refers in statistical significance (big absolutely The two is different in most cases).In some cases, the encryption rule depending on order Encryption Algorithm exists certain Probability, the access address of the encryption and access address of unencryption is identical (for example, for 50 access address, has one adding The address of close front and back is identical).
It should be noted that the processing that data and/or address are encrypted or decrypted and the place for being scrambled or being descrambled Reason is substantially similar, therefore the encryption mentioned in this application includes scrambling, and decrypting includes descrambling.
For example, the data access that master controller 110 carries out memory module 102 for example may include read operation and Write operation.When carrying out write operation, the write operation order of unencryption is sent to central buffer by master controller 110 106.Wherein, the first address in memory module 102 is directed toward in the write operation order of unencryption.Correspondingly, central buffer 106 The write operation order is encrypted with predetermined command Encryption Algorithm, to generate the write operation order of encryption.Its In, the second address in memory module 102 is directed toward in the write operation order of encryption.Based on second address, autonomous control is received The data of device 110 are written in memory module 102 via data buffer 108.On the other hand, when being read, The read operation order of unencryption is sent to central buffer 106 by master controller 110, and the read operation order is for example for reading Take the corresponding data in the first address.Correspondingly, central buffer 106 with predetermined command Encryption Algorithm to the read operation order into Row encryption, to generate the read operation order of encryption.Wherein, due to read operation order and write operation order into Row encryption is using identical order Encryption Algorithm, therefore memory module 102 is similarly directed toward in the read operation order encrypted In the second address.In this way, the data being written in the second address in write operation can be properly read out.
As can be seen that visit during above-mentioned encrypted access, between Memory Controller 104 and memory module 102 Ask it is encrypted.In the case where not knowing the information of predetermined command Encryption Algorithm, master controller 110 can not know Which address in memory module 102 stores desired data.Therefore, the illegal program run on master controller 110, or Other illegal programs can not be accessed in desired memory module 102 by sending the address of specified memory module Data, which greatly enhances the safeties of data access.
In some embodiments, the data access command received from master controller 110 can be the data access of pre-encrypt Order.Such as master controller 110 can use predetermined order Encryption Algorithm A and encrypt to data access command, and And generate the data access command of pre-encrypt.Correspondingly, central buffer 106 the data access command for receiving pre-encrypt it It afterwards, can be with the data access command of corresponding order decipherment algorithm A ' Lai Xiemi pre-encrypt, so that the data for obtaining unencryption are visited Ask order.Then, central buffer 106 carrys out the data access life to unencryption further with order Encryption Algorithm B therein Order is encrypted, to obtain the data access command of secondary encryption.Based on the data access command of the secondary encryption, connect The data for receiving autonomous control device 110 can be written in memory module 102.As can be seen that this method is to master controller 110 Command communication between Memory Controller 104 has also carried out encryption, and which further improves the safety of storage system Property.
Visit order processing module 112 has scheduled order Encryption Algorithm and/or order decipherment algorithm.These algorithms can To be configured by the configuration information stored in register table.Just it has been observed that master controller 110 can be via command/address (Command/Address, C/A) bus to send data access command to central buffer 106.In some embodiments, main Controller 110 can be by identical bus come to 106 transmission algorithm configuration order of central buffer, which can With for in visit order processing module 112 order Encryption Algorithm or decipherment algorithm configure.In this way, at visit order Reason module 112 can be loaded in order Encryption Algorithm and/or order decipherment algorithm or visit order processing module 112 Some order Encryption Algorithm and/or order decipherment algorithm can be modified or be configured.For example, can use command/address bus In for certain signal wires of sending mode configuration order (Mode Register Set, MRS) carry out transmission algorithm configuration order. In further embodiments, master controller 110 can be matched with different interface/buses to 106 transmission algorithm of central buffer Set order.For example, can be come by System Management Bus (System Management Bus, SMBus) interface to central buffer 106 transmission algorithm configuration order of device.Since these dedicated interfaces often can not be accessed by illegal program, these are used Interface carrys out the safety that transmission algorithm configuration order helps to improve system.
In some embodiments, the load or modification of order Encryption Algorithm and/or order decipherment algorithm can be dynamically, Namely when Memory Controller 104 starts (powering on), these algorithms are loaded into visit order processing module 112;And work as When 104 power down of Memory Controller, or when central buffer 106 resets, the data of these algorithms and configuration will be clear It removes.
In the embodiment shown in Fig. 1 a, in addition at central buffer 106 be provided with visit order processing module 112 it Outside, data processing module (D_P) 114 is provided with also in data buffer 108.The data processing module 114 can be from its institute The master controller 110 and/or memory module 102 of coupling receive data, and with tentation data Processing Algorithm to received data It is handled, processed data is sent to master controller 110 and/or memory module 102 again later.In some embodiments In, when the instruction of master controller 110 reads data from memory module 102, data buffer 108 can be buffered from memory module 102 received data, and the data are handled by data processing module 114.In this way, the number that master controller 110 obtains According to being processed data.In further embodiments, when master controller 110 indicates that data are written to memory module 102, number Can also buffer according to buffer 108 from the received data of master controller 110, and by data processing module 114 to the data into Row processing, is then written memory module 102 again.In this way, the data being stored in memory module 102 are processed datas.
In some embodiments, data processing module 114 can from memory module 102 receive data and to the data into Row processing, so that processed data is sent to memory module 102.In other words, have benefited from the number in data buffer 108 According to processing module 114, data can be directly processed in Memory Controller 104, without being transferred to master controller 110 In handled, this dramatically reduces the data interactions between master controller 110 and memory module 102, and can have Improve data-handling efficiency in effect ground.
It is similar with visit order processing module 112, data processing module 114 can have tentation data Encryption Algorithm and/ Or tentation data decipherment algorithm.Wherein, data encryption algorithm can be encrypted data, and data deciphering algorithm can be with The data encrypted are decrypted.It, can using data processing module 114 depending on the source of data and the difference of whereabouts To realize complicated encryption/decryption process, to improve the safety of entire memory module.
In some embodiments, data processing module 114 can have matched data encryption algorithm and data deciphering is calculated Method.When carrying out write operation, data buffer 108 can receive data from master controller 110, and by data processing module 114 are encrypted the data with data encryption algorithm, and the data of encryption are written in memory module 102.Phase Ying Di, when being read, data buffer 108 can read the data of encryption from memory module 102, and with number It is decrypted according to data of the decipherment algorithm to the encryption, and the data of decryption is sent to master controller 110.It can see Out, also difficult even if illegal program obtains these data since the data being stored in memory module 102 are encryption datas Decrypted to it to obtain correct data content, this improves the safety of storage system.
In other embodiments, data processing module 114 can only have data encryption algorithm, be used for from storage mould The data read in block 102 are encrypted, so that the data of encryption can be sent to master controller 110 by data buffer 108. Correspondingly, master controller 110 can have matched data deciphering algorithm, so that the data to encryption are decrypted.Change speech It, master controller 110 is encryption to the read operation of memory module 102, and only legal procedure (has or can call matching Data deciphering algorithm) to the data deciphering of reading and correct data content can be obtained.
In further embodiments, data processing module 114 can have multiple data encryption algorithm and data deciphering is calculated Method.For example, the data that the data that master controller 110 is sent in Memory Controller 104 can be pre-encrypt (use a kind of number According to Encryption Algorithm C).When carrying out write operation, data buffer 108 receives the data of pre-encrypt from master controller 110, and The data of pre-encrypt are decrypted with matched data deciphering algorithm C ' by data processing module 114, thus decrypted Data.Meanwhile data processing module 114 also has other data encryption algorithm D and data decipherment algorithm D '.Further, Data processing module 114 can carry out encryption again with data of the data encryption algorithm D to decryption to obtain again The data of encryption, so that the data of re-encrypted can be written in memory module 102 by data buffer 108.Correspondingly, when When being read, data buffer 108 receives the data of encryption from memory module 102, and to data deciphering algorithm The data of encryption are decrypted in D ', thus the data decrypted.Later, data buffer 108 can be again by decryption Data be sent to master controller 110.
Data processing module 114 can also carry out rewriting operation to data in yet other embodiments,.In the case, Place can be decrypted to the encryption data stored in memory module 102 with tentation data decipherment algorithm in data processing module 114 Reason, and modified later with data of the scheduled data processing algorithm to decryption.Later, data processing module 114 may be used also Encryption is re-started with scheduled data encryption algorithm with the data to modification, and the data of encryption are write back into storage In module 102.
In some embodiments, data buffer 108 may include multiple data buffer unit group 108i, and every number Correspond to a data processing submodule 114i according to buffer cell group 108i.Each data processing submodule 114i is in addition to being coupled in Except in the link of data buffer unit group 108i where it, different data processing submodule 114i also passes through bidirectional interface BOP (such as BOP01, BOP12 ... BOP67 and BOP70 in Fig. 1 a) is mutually coupled, so as in multiple data buffering lists Interaction data between tuple 108i.Interaction data can satisfy various data operations between different data buffer unit group 108i The demand of operation.In some embodiments, BOP interface can be the bidirectional bus structure of two lines, include a clock and 1 Bidirectional data line carries out bidirectional data interaction by the agreement of agreement.In further embodiments, which is also possible to three lines Bus structures, including a clock, a transmission direction indication signal and 1 bidirectional data line.The bandwidth of BOP interface can To be increased by the quantity for increasing bidirectional data line.
The operational order that data processing module 114 can be provided with responsing center's buffer 106.For example, the operational order can To be transmitted by the data buffer control bus (BCOM) between central buffer 106 and data buffer 108.Some In the storage system for meeting DDR4 standard, for example, billows rise M88DDR4DB02 that scientific and technological (Shanghai) Co., Ltd. provides and M88DDR4RCD02 chip (about the technical information of these chips, can refer to its product technology handbook, these product technology hands The full content of volume is incorporated herein by reference), data buffer control bus can be 4 signal wires.
In some embodiments, data processing module 114 can be configured by data buffer control bus receiving algorithm Order, wherein algorithm configuration order is used to carry out at least one of tentation data Encryption Algorithm and tentation data decipherment algorithm Configuration.
In some embodiments, the load or modification of data encryption algorithm and/or data deciphering algorithm can be dynamically, Namely when Memory Controller 104 starts (powering on), these algorithms are loaded into visit order processing module 112;And work as When 104 power down of Memory Controller, or when data buffer 108 resets, the data of these algorithms and configuration will be clear It removes.
It include simultaneously visit order processing module 112 and data processing module 114 in embodiment shown in Fig. 1 a, therefore After visit order processing module 112 encrypts data access command, data processing module 114 can be according to the data of encryption Visit order to carry out encryption/decryption process to data, and in turn by encryption/decryption data in memory module 102 and master It is interacted between controller 110.In some embodiments, central buffer 106 handles data access command or encryption Data access command can determine the encryption and/or decryption oprerations that data processing module 114 will be executed specifically.Correspondingly, in Heart buffer 106 can provide the encryption or decryption algorithms or instruction that will specifically execute to data processing module 114, at data Reason module 114 can be handled data according to obtained relevant information.
It is appreciated that in practical applications, Memory Controller can only include visit order processing module 112 and data One in processing module 114.For example, Memory Controller can only include visit order processing module 112, add to generate The data access command of close data access command, these modifications can not modify to data with designation date buffer 108 And only carry out the operation such as conventional reading, write-in.For another example Memory Controller can also only include data processing module 114, Encryption or decryption process is carried out to the data to buffering, the type of specific data manipulation can be led to by central buffer 106 The data access command of BCOM bus offer is crossed to determine.
Fig. 2 shows a kind of exemplary structures according to the central buffer 200 of the application one embodiment.
As shown in Fig. 2, the central buffer 200 includes two be coupled between receiving side (side D) and outlet side (side Q) Signal road warp, respectively buffer 202 and visit order processing module 204.For this path of buffer 202, receiving To after the data access command (CMD&ADDR) including access address and access type, which will not be to data access Order carries out additional processing, and is only to buffer the order, and later export it from outlet side.And for visit order Processing module 204 comprising computing unit 206 and control unit 208.It is issued when it is received by main control module (not shown) After data access command, it can judge whether to need to carry out address process and corresponding operational order by pre-set trigger condition It generates, namely whether needs to modify to data access command.After meeting trigger condition, visit order processing module 204 It is encrypted using computing unit 206, and generates the data access command of encryption.Later, control unit 208 can lead to It crosses multiple selector (MUX) and the output of central buffer 200 is switched to visit order processing module 204 by buffer 202 Output, at the same sent by BCOM bus corresponding control signal to data buffer each data processing module (in figure It is not shown), to indicate that these data processing modules execute corresponding data processing operation.
In some embodiments, buffer 202 and visit order processing module 204 can be matched by what is stored in register table Confidence breath is configured, and the configuration information of register table can be modified by SMBus interface.
Fig. 3 shows a kind of exemplary structure of the data buffer 300 according to the application one embodiment.
As shown in figure 3, the data buffer 300 includes two numbers being coupled between master controller side and memory module side According to path, respectively via bidirectional buffer 302 and via data processing module 304.For bidirectional buffer 302 this all the way Diameter will not be handled the data received, and only buffered data.And for data processing module 304 comprising Computing unit 306 and control unit 308.Wherein, computing unit 306 also passes through the number of BOP interface and adjacent data buffer According to processing module interaction data.Therefore, the control that computing unit 306 can be received from BCOM bus according to control unit 308 System order encrypts data and/or decryption processing accordingly.When operation needs the data of other data buffers, number BOP interface and adjacent data buffer can be passed through according to processing module 304 and carry out data interaction, wherein BOP_L interface be used for and The data buffer in left side carries out data interaction, and BOP_R interface is used for and the data buffer on right side carries out data interaction.
In some embodiments, bidirectional buffer 302 and data processing module 304 can be matched by what is stored in register table Confidence breath is configured.
It should be noted that the circuit structure of Fig. 2 and central buffer shown in Fig. 3 and data buffer is only example Property, in practical applications, it can according to need and modify to these circuit structures.
In the storage system 100 shown in Fig. 1 a, the data interaction between memory module 102 and master controller 110 is It is carried out via data buffer 108, such as low-load double in-line memory module/mould group (LRDIMM, Load Reduced Dual-Inline-Memory-Modules).In other words, data buffer 108 is by as memory module 102 and master controller A part of data channel between 110.In the embodiment of some replacements, between memory module 102 and master controller 110 Data channel can not also include data buffer 108.
Fig. 4 shows the storage system 400 according to the application one embodiment.As shown in figure 4, in the storage system In 400, memory module 402 and master controller 410 are mutually coupled by data channel 405, thus interaction data therebetween.With figure The storage system 100 of 1a and Fig. 1 b is different, is not coupled with data buffer between data channel 405.In some embodiments, Storage system 400 for example can be using deposit dual-in-line storage mould group/module (RDIMM, Registered DIMM).
In addition, storage system 400 further includes central buffer 406, master is couple to via command/address bus DCA Controller 410, and the command/address bus QCA by buffering is couple to memory module 402.It is slow with center shown in Fig. 1 a Rush that device 106 is similar, central buffer 406 may include the visit order processing module with predetermined command Encryption Algorithm.Center Buffer 406 can receive data access command from master controller 410, and be encrypted data access command with life At the data access command of encryption.Then, central buffer 406 can be via the command/address bus QCA of buffering by encryption Data access command is sent to memory module 402.In this way, central buffer 406 is direct according to the data access command of the encryption The addressing of memory module 402 is controlled, so that data can be written from master controller 410 or to master controller 410 for memory module 402 Read data.In some embodiments, algorithm configuration order can be sent to central buffering by System Management Bus (SMBus) Device 406.
It, can be with reference to slow to center in embodiment shown in Fig. 1 a about the more multi-functional and characteristic of central buffer 406 The description of device 106 is rushed, details are not described herein.
On the other hand, the Memory Controller of the embodiment of the present application can also be applied to the storage of various types and structure In device.Fig. 1 b is the storage system 100 ' shown according to another embodiment of the application, storage system 100 ' and Fig. 1 a institute The structure for the storage system 100 shown is roughly the same, and difference essentially consists in memory module 102 ' different from the storage mould in Fig. 1 a Block 102.In Figure 1b, Memory Controller be applied to include two-level memory submodule memory module 102 '.It can manage Solution, in some embodiments, Memory Controller can be applied similarly to the storage system with more storage levels.Storage Structure identical with storage system 100 shown in Fig. 1 a, principle or mechanism, just repeat no more herein in device system 100 '.
As shown in Figure 1 b, which includes multiple first order sub-module stored 102a ', the storage of these first order Submodule 102a ' is couple to master controller 110 ' by the data buffer 108i ' of difference, to interact data.The storage Module 102 ' further includes second level sub-module stored 102b ', passes through data/address bus 102c ' and multiple first order sub-module storeds 102a ' is mutually coupled with interaction data.In addition, all first order sub-module stored 102a ' and second level sub-module stored 102b ' Central buffer 106 ' is couple to by command/address bus QCA, to be grasped under the control of central buffer 106 ' Make.In embodiment as shown in Figure 1 b, second level sub-module stored 102b ' passes through the signal wire CON being separately provided and is couple to Central buffer 106 ', to be operated under the control of central buffer 106 '.In further embodiments, the second level stores Submodule 102b ' can also be couple to central buffer 106 ' by other signal wires, for example, by BCOM bus or order/ Address bus QCA is couple to central buffer 106 ';Or central buffer can also be couple to by the combination of aforementioned signal line Device 106 '.That is, the sub-module stored of different stage can be couple to central buffer by identical or different signal wire Device.
Fig. 1 c is the storage system 100 " shown according to another embodiment of the application.As illustrated in figure 1 c, the memory First order sub-module stored 102a " and second level sub-module stored 102b " in the memory module 102 " of system 100 " passes through Command/address bus QCA is couple to central buffer 106 ".The other parts and Fig. 1 b of storage system 100 " shown in Fig. 1 c Shown in storage system 100 ' it is essentially identical, details are not described herein.
Referring still to shown in Fig. 1 b, it will be understood that first order sub-module stored 102a ' can be with second level sub-module stored 102b ' has different type of memory.For example, first order sub-module stored 102a ' can be volatile memory, and second Grade sub-module stored 102b ' can be nonvolatile memory (such as solid-state memory or magnetic storage).It is appreciated that In embodiment shown in Fig. 1 b, second level sub-module stored 102b ' is single memory particle.In some other embodiments In, second level sub-module stored 102b ' may include multiple memory particles, and each first order sub-module stored 102a ' Accordingly it is couple to the memory particle of one or more second level sub-module stored 102b '.
When data are written, central buffer 106b ' can send order, indicate first to first order sub-module stored Data are written in 102a ', and then further instruction second level sub-module stored 102b ' is obtained from first order sub-module stored 102a ' Data, data at this moment are safe.Alternatively, central buffer 106b ' can also send order, indicate first to the first order Data are written in sub-module stored 102a ', then further indicate sub-module stored 102b ' in the second level from first order sub-module stored 102a ' obtains data and designation date storage address, and the data of moment address field are safe.
The process for reading data from memory module is similar with write-in, and details are not described herein.
The Memory Controller of embodiments herein can be applied in memory, and this storage system It can be used in different computer systems.
Fig. 5 shows the method 500 of the control that is used to access to memory module according to the application one embodiment.It should Method 500 can the Memory Controller shown in such as Fig. 1 a or Fig. 1 b, 1c deposited to execute, or by for example shown in Fig. 4 Memory controller executes.
As shown in figure 5, method 500 includes:
Step 502, data access command is received by central buffer;
Step 504, data access command is encrypted by central buffer to generate the data access of encryption and order It enables;
Step 506, the data access command of encryption is supplied to memory module by central buffer;And
Step 508, it is handed between master controller and memory module via data channel according to the data access command of encryption Mutual data.
In some embodiments, data buffer is coupled in data channel.
In some embodiments, the data access command and the data access command of the encryption include respective access Address, the encryption make the access address for including in the data access command of the encryption be different from the data access The access address for including in order.
In some embodiments, the predetermined command Encryption Algorithm in the visit order processing module is deposited described What memory controller was arranged when starting.
In some embodiments, the visit order processing module also has predetermined command decipherment algorithm, and the center is slow The data access command that the received data access command of device is pre-encrypt is rushed, the method also includes:
The data access command is being encrypted by the central buffer to generate the data of the encryption Before the step of visit order, visited by the central buffer with data of the predetermined command decipherment algorithm to the pre-encrypt Ask that order is decrypted.
Fig. 6 shows the method 600 of the control that is used to access to memory module according to the application one embodiment.It should Method 600 can shown in such as Fig. 1 a or 1b, 1c Memory Controller execute.
As shown in fig. 6, in step 602, receiving data access command by central buffer;And
In step 604, according to data access command, central buffer controls data buffer from master controller or storage Module receives data, and data are encrypted with tentation data Encryption Algorithm by data processing module, and by encryption Data are sent to master controller or the memory module;Or
According to the data access command, the central buffer controls data buffer from master controller or memory module The data for receiving encryption, are decrypted by the processing module with data of the tentation data decipherment algorithm to encryption, and The data of decryption are sent to master controller or the memory module.
In some embodiments, the step of the data of decryption are sent to the master controller or the memory module it Before, the method also includes:
The data of the decryption are encrypted with the tentation data Encryption Algorithm, and later by the number of encryption According to being sent to the master controller or the memory module.
In some embodiments, the tentation data Encryption Algorithm and the tentation data in the data processing module Decipherment algorithm is arranged in Memory Controller starting.
About the more details of the application embodiment of the method, the associated description of the application Installation practice can be referred to.
It should be noted that although being in the above detailed description referred to for accessing the method for control to memory module Several modules or submodule of several steps and Memory Controller, but this division is only exemplary and optional Property.In fact, according to an embodiment of the present application, the feature and function of two or more above-described modules can be at one It is embodied in module.Conversely, the feature and function of an above-described module can with further division be by multiple modules Lai It embodies.
The those skilled in the art of the art can pass through research specification, disclosure and attached drawing and appended power Sharp claim understands and implements other changes to the embodiment of disclosure.In the claims, word " comprising " is not excluded for it His element and step, and wording " one ", "one" be not excluded for plural number.In the practical application of the application, a part can The function of cited multiple technical characteristics in energy perform claim requirement.Any appended drawing reference in claim should not be construed as Limitation to range.

Claims (36)

1. a kind of Memory Controller is coupled between memory module and master controller to control the master controller to described The access of memory module, the Memory Controller include:
Central buffer is couple to the master controller, for receiving data access command, and coupling from the master controller It is connected to the memory module, for providing the data access command of encryption to the memory module;Wherein, the central buffer Including visit order processing module, with predetermined command Encryption Algorithm, the visit order processing module is used for described pre- Determine order Encryption Algorithm the data access command to be encrypted to generate the data access command of the encryption;And
Wherein, the memory module is mutually coupled with the master controller by data channel, in the data access of the encryption The memory module and the master controller are via the data channel interaction data under the control of order.
2. Memory Controller according to claim 1, which is characterized in that the data access command and the encryption Data access command includes respective access address, the encryption make include in the data access command of the encryption Access address is different from the access address in the data access command included.
3. Memory Controller according to claim 1, which is characterized in that the central buffer receiving algorithm configuration life It enables to be configured to the predetermined command Encryption Algorithm in the visit order processing module, wherein the central buffer Interface for receiving the algorithm configuration order is the interface or System Management Bus of visit order for receiving data Interface.
4. Memory Controller according to claim 1, which is characterized in that described in the visit order processing module Predetermined command Encryption Algorithm is arranged in Memory Controller starting.
5. Memory Controller according to claim 1, which is characterized in that the visit order processing module also has pre- Determine order decipherment algorithm, the received data access command of Memory Controller is the data access command of pre-encrypt, described Memory Controller is also used to that place is decrypted to the data access command of the pre-encrypt with the predetermined command decipherment algorithm Reason, so that further the data access command of decryption be encrypted with the predetermined command Encryption Algorithm later.
6. Memory Controller according to claim 1, which is characterized in that the Memory Controller further include:
Data buffer is coupled in the data channel, and is couple to the central buffer with slow from the center The data access command that device receives the encryption is rushed, thus the main control under the control of the data access command of the encryption Device and the memory module are via the data channel interaction data including the data buffer.
7. Memory Controller according to claim 6, which is characterized in that the data buffer includes data processing mould Block, the data processing module have at least one of tentation data Encryption Algorithm and tentation data decipherment algorithm;
The data processing module is used to receive data from the master controller or the memory module, is added with the tentation data The data are encrypted in close algorithm, and the data of encryption are sent to the master controller or the storage mould Block;Or
The data processing module is used to receive the data of encryption from the master controller or the memory module, with described predetermined The data of the encryption are decrypted in data deciphering algorithm, and by the data of decryption be sent to the master controller or The memory module.
8. Memory Controller according to claim 7, which is characterized in that the data processing module has tentation data Encryption Algorithm and tentation data decipherment algorithm;
The data processing module is used to receive the data of pre-encrypt from the master controller, with the tentation data decipherment algorithm The data of the pre-encrypt are decrypted, later further with the tentation data Encryption Algorithm to the data of decryption into Row encryption, and the data of encryption are sent to the memory module.
9. Memory Controller according to claim 7, which is characterized in that the central buffer and the data buffering Device is mutually coupled by data buffer control bus, and the data processing module is connect by the data buffer control bus Algorithm configuration order is received, wherein the algorithm configuration order is used for the tentation data Encryption Algorithm and the tentation data solution At least one of close algorithm is configured.
10. Memory Controller according to claim 7, which is characterized in that described pre- in the data processing module Determine data encryption algorithm and the tentation data decipherment algorithm is arranged in Memory Controller starting.
11. Memory Controller according to claim 1, which is characterized in that the memory module and the memory control Device processed meets JEDEC Double Data Rate Synchronous Dynamic Random Access Memory standard, when the central buffer is integrated in deposit In clock driver.
12. a kind of Memory Controller is coupled between memory module and master controller to control the master controller to institute The access of memory module is stated, the Memory Controller includes:
Central buffer is couple to the master controller, for receiving data access command, and coupling from the master controller It is connected to the memory module, for providing data access command to the memory module;
Data buffer is couple to the central buffer, for receiving the data access life from the central buffer Enable, and be coupled between the master controller and the memory module, under the control of the data access command Interaction data between the master controller and the memory module;And
Wherein, the data buffer includes data processing module, and the data processing module has tentation data Encryption Algorithm At least one of with tentation data decipherment algorithm;
The data processing module is used to receive data from the master controller or the memory module, is added with the tentation data The data are encrypted in close algorithm, and the data of encryption are sent to the master controller or the storage mould Block;Or
The data processing module is used to receive the data of encryption from the master controller or the memory module, with described predetermined The data of the encryption are decrypted in data deciphering algorithm, and by the data of decryption be sent to the master controller or The memory module.
13. Memory Controller according to claim 12, which is characterized in that the data processing module has predetermined number According to Encryption Algorithm and tentation data decipherment algorithm;
The data processing module is used to receive the data of pre-encrypt from the master controller, with the tentation data decipherment algorithm The data of the pre-encrypt are decrypted, later further with the tentation data Encryption Algorithm to the data of decryption into Row encryption, and the data of encryption are sent to the memory module.
14. Memory Controller according to claim 12, which is characterized in that the central buffer and the data are slow It rushes device to be mutually coupled by data buffer control bus, the data processing module passes through the data buffer control bus Receiving algorithm configuration order, wherein the algorithm configuration order is used for the tentation data Encryption Algorithm and the tentation data At least one of decipherment algorithm is configured.
15. Memory Controller according to claim 12, which is characterized in that described pre- in the data processing module Determine data encryption algorithm and the tentation data decipherment algorithm is arranged in Memory Controller starting.
16. a kind of memory, including according to claim 1 to Memory Controller and memory module described in any one of 15.
17. memory according to claim 16, which is characterized in that the memory module includes volatile memory and non- One or more of volatile memory.
18. memory according to claim 16, which is characterized in that the memory module includes one in following memories Kind is a variety of: flash memory, reluctance type memory, phase transition storage, resistance-type memory and half floating-gate memory.
19. memory according to claim 16, which is characterized in that the memory module is multilevel interconnection structure.
20. memory according to claim 19, which is characterized in that the storage submodule of different stage in the memory module Block is couple to central buffer by different signal wires.
21. a kind of computer system, including memory described according to claim 1 any one of 6 to 20.
22. a kind of for accessing the method for control to memory module, the memory module passes through Memory Controller and couples It is couple to the master controller to master controller, and by data channel, the Memory Controller includes having access life The central buffer of processing module is enabled, wherein the visit order processing module has for encrypting to data access command The predetermined command Encryption Algorithm of processing;The described method includes:
Data access command is received by the central buffer;
The data access command is encrypted by the central buffer to generate the data access of encryption life It enables;
The data access command of the encryption is supplied to the memory module by the central buffer;And
Via the data channel according to the data access command of the encryption the master controller and the memory module it Between interaction data.
23. according to the method for claim 22, which is characterized in that be coupled with data buffer in the data channel.
24. according to the method for claim 22, which is characterized in that the data access command and the data of the encryption are visited Ask that order includes respective access address, the encryption makes the access for including in the data access command of the encryption Location is different from the access address in the data access command included.
25. according to the method for claim 22, which is characterized in that the predetermined life in the visit order processing module Enabling Encryption Algorithm is arranged in Memory Controller starting.
26. according to the method for claim 22, which is characterized in that the visit order processing module also has predetermined command Decipherment algorithm, the received data access command of central buffer are the data access commands of pre-encrypt, and the method is also wrapped It includes:
The data access command is being encrypted by the central buffer to generate the data access of the encryption Before the step of order, ordered by the central buffer with data access of the predetermined command decipherment algorithm to the pre-encrypt Order is decrypted.
27. according to the method for claim 22, which is characterized in that the memory module includes volatile memory and Fei Yi One or more of the property lost memory.
28. according to the method for claim 22, which is characterized in that the memory module includes one of following memories It is or a variety of: flash memory, reluctance type memory, phase transition storage, resistance-type memory and half floating-gate memory.
29. according to the method for claim 22, which is characterized in that the memory module is multilevel interconnection structure.
30. a kind of for accessing the method for control to memory module, the memory module passes through Memory Controller and couples To master controller, the Memory Controller includes central buffer and the data buffer with data processing module, Described in data processing module have at least one of tentation data Encryption Algorithm and tentation data decipherment algorithm;The method Include:
Data access command is received by the central buffer;
According to the data access command, the central buffer controls the data buffer from the master controller or described Memory module receives data, carries out encryption to the data with the tentation data Encryption Algorithm by the data processing module Reason, and the data of encryption are sent to the master controller or the memory module;Or
According to the data access command, the central buffer controls the data buffer from the master controller or described Memory module receives the data of encryption, by the data processing module with the tentation data decipherment algorithm to the number of the encryption According to being decrypted, and the data of decryption are sent to the master controller or the memory module.
31. according to the method for claim 30, which is characterized in that by the data of decryption be sent to the master controller or Before the step of memory module, the method also includes:
The data of the decryption are encrypted with the tentation data Encryption Algorithm, and later send out the data of encryption Give the master controller or the memory module.
32. according to the method for claim 30, which is characterized in that the tentation data in the data processing module adds Close algorithm and the tentation data decipherment algorithm are arranged in Memory Controller starting.
33. according to the method for claim 30, which is characterized in that the memory module includes volatile memory and Fei Yi One or more of the property lost memory.
34. according to the method for claim 30, which is characterized in that the memory module includes one of following memories It is or a variety of: flash memory, reluctance type memory, phase transition storage, resistance-type memory and half floating-gate memory.
35. according to the method for claim 30, which is characterized in that the memory module is multilevel interconnection structure.
36. according to the method for claim 35, which is characterized in that the sub-module stored of different stage in the memory module Central buffer is couple to by different signal wires.
CN201810929033.2A 2018-01-04 2018-08-15 Memory controller and method for access control of memory module Active CN110008148B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/239,549 US10936212B2 (en) 2018-01-04 2019-01-04 Memory controller, method for performing access control to memory module

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201810008762 2018-01-04
CN2018100087624 2018-01-04
CN2018100645885 2018-01-23
CN201810064588 2018-01-23

Publications (2)

Publication Number Publication Date
CN110008148A true CN110008148A (en) 2019-07-12
CN110008148B CN110008148B (en) 2021-03-12

Family

ID=67164770

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201810321501.8A Active CN110007849B (en) 2018-01-04 2018-04-11 Memory controller and method for access control of memory module
CN201810929033.2A Active CN110008148B (en) 2018-01-04 2018-08-15 Memory controller and method for access control of memory module

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201810321501.8A Active CN110007849B (en) 2018-01-04 2018-04-11 Memory controller and method for access control of memory module

Country Status (1)

Country Link
CN (2) CN110007849B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110007849A (en) * 2018-01-04 2019-07-12 澜起科技股份有限公司 Memory Controller and for accessing the method for control to memory module
US10936212B2 (en) 2018-01-04 2021-03-02 Montage Technology Co., Ltd. Memory controller, method for performing access control to memory module
US10983711B2 (en) 2018-01-04 2021-04-20 Montage Technology Co., Ltd. Memory controller, method for performing access control to memory module

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1536311A1 (en) * 2003-11-28 2005-06-01 Bull S.A. Modular cryptographic system with high flow rate
CN103154963A (en) * 2010-10-05 2013-06-12 惠普发展公司,有限责任合伙企业 Scrambling an address and encrypting write data for storing in a storage device
US20150235056A1 (en) * 2012-02-28 2015-08-20 Samsung Electronics Co., Ltd. Storage device and memory controller thereof
CN105868125A (en) * 2015-01-23 2016-08-17 澜起科技(上海)有限公司 Buffer memory as well as apparatus and method used for controlling internal memory data access
CN110007849A (en) * 2018-01-04 2019-07-12 澜起科技股份有限公司 Memory Controller and for accessing the method for control to memory module

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1536311A1 (en) * 2003-11-28 2005-06-01 Bull S.A. Modular cryptographic system with high flow rate
CN103154963A (en) * 2010-10-05 2013-06-12 惠普发展公司,有限责任合伙企业 Scrambling an address and encrypting write data for storing in a storage device
US20150235056A1 (en) * 2012-02-28 2015-08-20 Samsung Electronics Co., Ltd. Storage device and memory controller thereof
CN105868125A (en) * 2015-01-23 2016-08-17 澜起科技(上海)有限公司 Buffer memory as well as apparatus and method used for controlling internal memory data access
CN110007849A (en) * 2018-01-04 2019-07-12 澜起科技股份有限公司 Memory Controller and for accessing the method for control to memory module

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110007849A (en) * 2018-01-04 2019-07-12 澜起科技股份有限公司 Memory Controller and for accessing the method for control to memory module
US10936212B2 (en) 2018-01-04 2021-03-02 Montage Technology Co., Ltd. Memory controller, method for performing access control to memory module
CN110007849B (en) * 2018-01-04 2021-03-12 澜起科技股份有限公司 Memory controller and method for access control of memory module
US10983711B2 (en) 2018-01-04 2021-04-20 Montage Technology Co., Ltd. Memory controller, method for performing access control to memory module

Also Published As

Publication number Publication date
CN110007849B (en) 2021-03-12
CN110007849A (en) 2019-07-12
CN110008148B (en) 2021-03-12

Similar Documents

Publication Publication Date Title
US9489540B2 (en) Memory controller with encryption and decryption engine
US9483664B2 (en) Address dependent data encryption
US9904804B2 (en) Layout-optimized random mask distribution system and method
US10936212B2 (en) Memory controller, method for performing access control to memory module
CN110007850A (en) Memory Controller and method for accessing to memory module
CN110008148A (en) Memory Controller and for accessing the method for control to memory module
CN104364760B (en) Using the parallel computation of multiple memory devices
US20120030421A1 (en) Maintaining states for the request queue of a hardware accelerator
US11481337B2 (en) Securing data direct I/O for a secure accelerator interface
US20170093823A1 (en) Encrypting Observable Address Information
US10146701B2 (en) Address-dependent key generation with a substitution-permutation network
US20200241768A1 (en) Configurable security memory region
CN104115230A (en) Efficient PCMS refresh mechanism background
US10983711B2 (en) Memory controller, method for performing access control to memory module
KR102588600B1 (en) Data Storage Device and Operation Method Thereof, Storage System Having the Same
US11050569B2 (en) Security memory scheme
US20230325326A1 (en) Memory encryption
US11907120B2 (en) Computing device for transceiving information via plurality of buses, and operating method of the computing device
US11636046B1 (en) Latency free data encryption and decryption between processor and memory
CN109753821A (en) data access device and method
US11288406B1 (en) Fast XOR interface with processor and memory
US11226768B2 (en) Memory controller and method for accessing memory module
KR20200059494A (en) Memory system
US20230133922A1 (en) Electroinc devices and electroinc systems for transmitting bit stream including programming data
CN113448891B (en) Memory controller and method for monitoring access to memory modules

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant