CN111984410A - Memory protection system with low resource occupation in embedded system - Google Patents
Memory protection system with low resource occupation in embedded system Download PDFInfo
- Publication number
- CN111984410A CN111984410A CN202010834638.0A CN202010834638A CN111984410A CN 111984410 A CN111984410 A CN 111984410A CN 202010834638 A CN202010834638 A CN 202010834638A CN 111984410 A CN111984410 A CN 111984410A
- Authority
- CN
- China
- Prior art keywords
- memory
- applet
- memory protection
- parameter
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5016—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a memory protection system with low resource occupation in an embedded system, which is used for solving the problem of large resource occupation caused by starting a plurality of MPU programmable memory areas due to discontinuous distribution of small program memories. The method mainly comprises the following steps: a memory protection unit; a code segment unit; a data segment unit; and a parameter section unit. By adopting the memory protection system with low resource occupation in the embedded system, the parameter area applied by the small program in the dynamic memory heap can be spliced with the data area of the small memory, so that the number of MPU programmable memory areas is reduced, the resource occupation of the embedded software system is reduced, and the convenience of small program memory protection is improved.
Description
Technical Field
The present disclosure relates to the field of embedded systems and real-time operating systems, and more particularly, to a memory protection system with low resource occupation in an embedded system.
Background
On a traditional embedded real-time operating system, an operating system kernel and an applet run at the same privilege level, and design defects of any part of the applet can jeopardize the stability of the whole system. To ensure the reliability and robustness of the system, MPU protection needs to be set for the operating space of the applet, that is, MPU protection is set for the code segment, data segment, and parameter end of the applet. This design concept puts higher demands on developers.
However, the data section of the applet is continuous, the parameter section dynamically allocates space in the dynamic memory heap during the applet running process, and the data section cannot be continuously arranged in a continuous memory space, and when the MPU is set for memory protection, an MPU programmable storage area is often required to be additionally set for the parameter section of the applet. MPUs in the Cortex-M3 and Cortex-M4 processors only support 8 programmable memory areas, and it is clear that using one parameter section alone is somewhat wasteful. The memory protection system with low resource occupation in the embedded system enables the data section and the parameter section of the applet to be continuously arranged in a section of continuous memory space, so that the use number of MPUs is reduced, and the system resource occupation is reduced.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a memory protection system with low resource occupation in an embedded system, so as to solve the problem of high resource occupation in memory protection in the existing embedded system.
The invention provides a memory protection system for low resource occupation in an embedded system, which comprises:
a code segment unit for storing code data of the applet;
a data segment unit for storing stack data of the applet and a global variable to which an initial value is assigned;
a parameter section unit for storing parameter data of the applet;
a memory protection unit for defining memory access rights (e.g. supporting only privileged access and full access) and memory attributes (e.g. cacheable, cacheable) for different memory regions.
Furthermore, the code segment unit is arranged on Flash in the embedded chip and can be set with the access authority of the memory protection unit.
Furthermore, the data segment unit is arranged in a space on the Flash in the chip after the small program is downloaded to the embedded chip, and can be carried to the RAM from the Flash in the chip in the running process of the small program, and the access authority of the memory protection unit can also be set for the small program.
Furthermore, the parameter section unit is a section of address space dynamically allocated in the dynamic memory heap during the running process of the applet, and the references of the applet are arranged on the parameter section unit, and the address space of the data section unit are often not in a continuous address space, but may be in a continuous address space, but the probability is very little.
Furthermore, the memory protection unit can set the access authority of the storage area accessible by the applet, so that data in other areas cannot be accessed beyond the border in the running process of the applet, the stability of the whole system cannot be influenced when the applet breaks down due to problems, and the system can be more robust.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings needed in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present disclosure, and therefore should not be considered as a limitation of the present invention, and those skilled in the art can also obtain the drawings related to the present disclosure from the drawings without creative efforts.
Fig. 1 is a block diagram of a memory protection system with low resource consumption in an embedded system according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of parameter segment address space splicing and MPU memory protection area setting in an applet loading process according to an embodiment of the present invention.
FIG. 3 is a diagram illustrating the data layout of the memory and the MPU protection setting during the applet running process according to an embodiment of the present invention.
Fig. 4 is a schematic diagram of storage area data arrangement and MPU protection setting after parameter sections are spliced according to an embodiment of the present invention.
Detailed Description
The technical solutions in the present invention will be described clearly and completely with reference to the accompanying drawings, and it is obvious that the described embodiments are only some embodiments of the present invention, not all embodiments. The embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All the embodiments obtained by the person skilled in the art without any inventive step are within the scope of the present invention.
An embodiment of the present invention provides a description of a memory protection system with low resource occupation in an embedded system, as shown in fig. 1, the method is composed of a code segment unit 11, a data segment unit 12, a parameter segment unit 13, and a memory protection unit 14.
A code segment unit 11 for storing code data of an applet;
a data segment unit 12 for storing stack data of the applet and a global variable to which an initial value is assigned;
a parameter section unit 13 for storing parameter data of the applet;
a memory protection unit 14 for defining memory access rights (e.g. supporting only privileged access and full access) and memory attributes (e.g. cacheable, cacheable) for different memory regions.
Fig. 2 is a schematic diagram of parameter segment address space splicing and MPU memory protection area setting in an applet loading process according to an embodiment of the present invention. The flow starts at step S201.
In step S201, before the applet is loaded, the system sets the initial address of the user mode applet for storing the code segment data and the data segment data.
In step S202, the system sets the MPU memory protection area according to the first address of the applet and the required space size to define an address space that the applet can access.
In step S203, the system will count the number of parameters of the applet, so that the following system can transmit parameter data to the applet with the spliced parameter segments.
In step S204, the system calculates the initial address of the applet parameter segment area, so that the later system can calculate the offset of the parameter segment.
In step S205, the system calculates an offset from the applet code segment to the parameter segment, so as to facilitate splicing the parameter segment data allocated in the dynamic memory heap by the offset.
In step S206, the system splices the applet parameter segment allocated by the applet in the dynamic memory heap into the applet code segment.
In step S207, the system will pass the parameter data to the spliced new parameter section.
FIG. 3 is a diagram illustrating the data layout of the memory and the MPU protection setting during the applet running process according to an embodiment of the present invention. The flow starts at step S301.
In step S301, the distribution of the Flash of the code segment in the chip after the small program is programmed is shown;
in step S302, the distribution condition of Flash in the chip of the data segment after the small program is programmed is shown; protected by the MPU together with the code segment shown in the above-described step S301;
in step S303, the distribution of the data segments in the memory during the running of the applet is shown, from top to bottom, the data, stack, heap, and bss are respectively, and the data is protected by the MPU in the memory;
in step S304, it is shown that the space for storing the parameter data allocated by the parameter section in the dynamic memory heap during the running process of the applet needs to be separately provided with an MPU for protection before splicing, and unlike step S303, the MPUs required by them are not the same.
Fig. 4 is a schematic diagram of storage area data arrangement and MPU protection setting after parameter sections are spliced according to an embodiment of the present invention. The flow starts at step S401.
In step S401, the distribution of Flash of the code segment in the chip after the applet is programmed is shown;
in step S402, the distribution of Flash in the chip of the data segment after the small program programming is shown; protected by a gatekeeper MPU together with the code segment shown in the above-described step S401;
in step S403, the distribution of the data segments in the memory during the running of the applet is shown, from top to bottom, the data, stack, heap, and bss are respectively, and the data is protected by the MPU in the memory;
in step S404, it is shown that the parameter segments of the applet are allocated in the dynamic memory heap to store the parameter data space during the operation process, and at this time, the applet has been spliced, so that the memory space of the applet is continuous, and only one MPU protection area needs to be set, so that the resource occupation of the system is reduced.
Claims (5)
1. A memory protection system with low resource occupation in an embedded system is characterized in that a parameter area and a data area of a small program are spliced together in a memory space of the small program, so that the address space of the small program is continuous, the small program is convenient to protect by using only one MPU, the using number of the MPUs is further reduced, and the resource occupation of the embedded system is further reduced.
2. The memory protection system according to claim 1, wherein the memory protection system comprises: the applet parameter field is stitched to the data field so that their address space is contiguous, which is done when the system loads the applet.
3. The memory protection system according to claim 1, wherein the memory protection system comprises: the memory area defined by using the MPU for protection is performed after splicing the small program parameter area and the data area together, and is completed before the system loads the small program.
4. The memory protection system according to claim 1, wherein the memory protection system comprises: the size of the parameter area of the applet needs to be calculated from the number of parameters and the size of each parameter.
5. The memory protection system according to claim 1, wherein the memory protection system comprises: data in the applet parameter area needs to be transferred from the system kernel to the applet running space.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010834638.0A CN111984410A (en) | 2020-08-18 | 2020-08-18 | Memory protection system with low resource occupation in embedded system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010834638.0A CN111984410A (en) | 2020-08-18 | 2020-08-18 | Memory protection system with low resource occupation in embedded system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111984410A true CN111984410A (en) | 2020-11-24 |
Family
ID=73434040
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010834638.0A Pending CN111984410A (en) | 2020-08-18 | 2020-08-18 | Memory protection system with low resource occupation in embedded system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111984410A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112463263A (en) * | 2020-12-03 | 2021-03-09 | 北京元心科技有限公司 | Program running method and device, electronic equipment and computer readable storage medium |
CN117234729A (en) * | 2023-09-25 | 2023-12-15 | 镁佳(北京)科技有限公司 | Dynamic memory protection method, device, computer equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1545023A (en) * | 2003-11-21 | 2004-11-10 | 苏州国芯科技有限公司 | Flushbonding CPU for information safety |
WO2016107082A1 (en) * | 2014-12-30 | 2016-07-07 | 中国人民解放军装备学院 | Processor instruction check method during program execution |
CN107636622A (en) * | 2015-07-10 | 2018-01-26 | 株式会社东芝 | Information processor, method and program |
CN109783145A (en) * | 2018-12-18 | 2019-05-21 | 潘润宇 | A method of multi-functional embedded system of the creation based on multi-mapping |
-
2020
- 2020-08-18 CN CN202010834638.0A patent/CN111984410A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1545023A (en) * | 2003-11-21 | 2004-11-10 | 苏州国芯科技有限公司 | Flushbonding CPU for information safety |
WO2016107082A1 (en) * | 2014-12-30 | 2016-07-07 | 中国人民解放军装备学院 | Processor instruction check method during program execution |
CN107636622A (en) * | 2015-07-10 | 2018-01-26 | 株式会社东芝 | Information processor, method and program |
CN109783145A (en) * | 2018-12-18 | 2019-05-21 | 潘润宇 | A method of multi-functional embedded system of the creation based on multi-mapping |
Non-Patent Citations (1)
Title |
---|
胡丽辉;张建泉;李楠;席隆;: "带内存保护的FreeRTOS在TMS570上的移植", 单片机与嵌入式系统应用, no. 02 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112463263A (en) * | 2020-12-03 | 2021-03-09 | 北京元心科技有限公司 | Program running method and device, electronic equipment and computer readable storage medium |
CN117234729A (en) * | 2023-09-25 | 2023-12-15 | 镁佳(北京)科技有限公司 | Dynamic memory protection method, device, computer equipment and storage medium |
CN117234729B (en) * | 2023-09-25 | 2024-03-12 | 镁佳(北京)科技有限公司 | Dynamic memory protection method, device, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20070180187A1 (en) | Reducing power consumption by disabling refresh of unused portions of DRAM during periods of device inactivity | |
US10157008B2 (en) | Systems and methods for optimizing memory power consumption in a heterogeneous system memory | |
CN111796856B (en) | Differential upgrading method and device, storage medium and computer equipment | |
CN100367306C (en) | Nonvolatile memory card | |
CN103246610B (en) | Dynamic storage management method based on the embedded system of single type memory | |
CN111984410A (en) | Memory protection system with low resource occupation in embedded system | |
CN111324461B (en) | Memory allocation method, memory allocation device, computer equipment and storage medium | |
CN108241516B (en) | Embedded system program loading method and device, computer equipment and storage medium | |
CN115421909A (en) | Memory management method and device, electronic equipment and storage medium | |
CN108255526B (en) | System starting and running method and device | |
US10318188B2 (en) | Method of controlling memory cell access based on safe address mapping | |
JP4703753B2 (en) | Information processing apparatus, semiconductor memory device, and program | |
CN101714120A (en) | Data storage system and method | |
US6883078B2 (en) | Microcomputer with reduced memory usage and associated method | |
CN110825421A (en) | Firmware upgrading method and system and readable storage medium | |
CN114138176A (en) | Nor Flash erasing and upgrading method and device, computer equipment and storage medium | |
KR101342074B1 (en) | Computer system and control method thereof | |
US20120026795A1 (en) | Electronic Apparatus and Data Reading Method | |
KR100811559B1 (en) | Method and apparatus managing data storage partitions for non-volatile memory | |
CN113569231B (en) | Multiprocess MPU protection method and device and electronic equipment | |
CN112732449B (en) | Video memory resource allocation method, device and equipment based on GPU virtualization technology | |
CN115495392B (en) | Memory multiplexing method and device in multi-stage starting, storage medium and processor | |
CN114706628B (en) | Data processing method and device of distributed storage system based on one pool and multiple cores | |
CN115328823A (en) | Memory mapping method, device, chip, storage medium and program product | |
CN114297135A (en) | Method, device and storage medium for dynamically adjusting high-speed input/output channel allocation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |