CN114490054A - Context switching method and device, accelerating unit, electronic equipment and system on chip - Google Patents

Context switching method and device, accelerating unit, electronic equipment and system on chip Download PDF

Info

Publication number
CN114490054A
CN114490054A CN202210067931.8A CN202210067931A CN114490054A CN 114490054 A CN114490054 A CN 114490054A CN 202210067931 A CN202210067931 A CN 202210067931A CN 114490054 A CN114490054 A CN 114490054A
Authority
CN
China
Prior art keywords
execution environment
physical memory
description data
protection unit
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210067931.8A
Other languages
Chinese (zh)
Inventor
赵思齐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou C Sky Microsystems Co Ltd
Original Assignee
Hangzhou C Sky Microsystems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou C Sky Microsystems Co Ltd filed Critical Hangzhou C Sky Microsystems Co Ltd
Priority to CN202210067931.8A priority Critical patent/CN114490054A/en
Publication of CN114490054A publication Critical patent/CN114490054A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • G06F9/5038Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals considering the execution order of a plurality of tasks, e.g. taking priority or time dependency constraints into consideration

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides a context switching method, a context switching device, an acceleration unit, electronic equipment and a system on a chip, wherein the method comprises the following steps: if the trusted execution environment performs context switching, reading at least one tag value stored in at least one control and state register, and recording at least one tag value corresponding to a target execution environment of the context switching by the at least one control and state register; searching the labels of a plurality of physical memory protection units according to at least one label value to obtain a physical memory protection unit corresponding to a target execution environment, wherein each physical memory protection unit is provided with an expanded label; and the CPU hardware acquires the memory description data from the physical memory protection unit corresponding to the target execution environment and acquires the memory data according to the memory description data so as to execute the target task. The method and the device can improve the efficiency of context switching of the trusted execution environment.

Description

Context switching method and device, accelerating unit, electronic equipment and system on chip
Technical Field
The embodiment of the application relates to the technical field of microcontrollers, in particular to a context switching method, a context switching device, an acceleration unit, electronic equipment and a system on a chip.
Background
Along with the gradual expansion of the application range of the equipment of the Internet of things, the processed data types are more and more diversified, and new requirements are provided for the safety characteristics of the equipment of the Internet of things. A physical memory protection unit (PMP) of a Microcontroller (MCU) employed by the internet of things device may be used to construct an independent Trusted Execution Environment (TEE). The security sensitive services are run in a Trusted Execution Environment (TEE) and the other services are run in an untrusted execution environment. The trusted execution environment is isolated from the untrusted execution environment, and the purpose of protecting the security sensitive service is achieved. However, switching between trusted and untrusted execution environments may incur additional performance overhead.
Therefore, how to reduce the performance overhead caused by switching between the trusted execution environment and the untrusted execution environment becomes an urgent technical problem to be solved.
Disclosure of Invention
Embodiments of the present application provide a context switching method, an apparatus, an acceleration unit, an electronic device, and a system on a chip to at least partially solve the above problem.
According to a first aspect of embodiments of the present application, a context switching method is provided, where the method includes: if the trusted execution environment performs context switching, reading at least one tag value stored in at least one control and state register, wherein the at least one control and state register records at least one tag value corresponding to a target execution environment of the context switching; searching tags of a plurality of physical memory protection units according to the at least one tag value to obtain physical memory protection units corresponding to the target execution environment, wherein each physical memory protection unit is provided with an expanded tag; and the CPU hardware acquires the memory description data from the physical memory protection unit corresponding to the target execution environment and acquires the memory data according to the memory description data so as to execute the target task.
According to a second aspect of embodiments of the present application, there is provided a context switching apparatus, the apparatus including: the register reading module is used for reading at least one label value stored in at least one control and state register when the trusted execution environment performs context switching, and the at least one control and state register records at least one label value corresponding to the target execution environment of the context switching; a tag value searching module, configured to search tags of multiple physical memory protection units according to the at least one tag value, and obtain a physical memory protection unit corresponding to the target execution environment, where each physical memory protection unit has an extended tag; and the data use module is used for acquiring the memory description data from the physical memory protection unit corresponding to the target execution environment by the CPU hardware and acquiring the memory data according to the memory description data so as to execute the target task.
According to a third aspect of embodiments of the present application, there is provided an acceleration unit comprising a context switching unit and a controller; the context switching unit is configured to execute the context switching method according to the first aspect; the controller is used for controlling the context switching unit to work.
According to a fourth aspect of embodiments of the present application, there is provided an electronic apparatus, including: the acceleration unit according to the third aspect described above; and the scheduling unit is used for scheduling the accelerating unit to execute the context switching task.
According to a fifth aspect of embodiments of the present application, there is provided a system on chip comprising the acceleration unit according to the third aspect described above.
According to the context switching scheme provided by the embodiment of the application, each physical memory protection unit is provided with an extended tag, and at least one control and state register is additionally arranged to record at least one tag value corresponding to each execution environment. When the trusted execution environment performs context switching, the tag in the physical memory protection unit is searched according to the tag value corresponding to the target execution environment recorded in the control and status register, the CPU hardware acquires the memory description data from the physical memory protection unit where the tag corresponding to the tag value is located, and then acquires the memory data according to the memory description data to execute the target task. When the target execution environment is switched, the tag values recorded by the control register and the state register only need to be switched, different memory description data corresponding to different execution environments can be obtained by inquiring the tag value of the target execution environment, and then corresponding memory data is obtained according to the memory description data to execute the target task, so that the trusted execution environment and the untrusted execution environment are isolated. According to the method and the device, only the label values in the control register and the status register need to be switched, and the performance cost is far lower than that of a physical memory protection unit for directly switching a plurality of entries, so that the context switching efficiency of the trusted execution environment is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present application, and other drawings can be obtained by those skilled in the art according to the drawings.
FIG. 1 is a schematic diagram of a system environment in which embodiments of the present application are implemented;
FIG. 2 is a diagram of a physical memory protection unit according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating steps of a context switching method according to an embodiment of the present application;
FIG. 4 is a diagram illustrating a physical memory protection unit according to another embodiment of the present application;
FIG. 5 is a flowchart of step 33 of a context switching method according to an embodiment of the present application;
FIG. 6 is a diagram illustrating an implementation of a context switching method according to yet another embodiment of the present application;
FIG. 7 is a diagram illustrating an implementation of a context switching method according to yet another embodiment of the present application;
FIG. 8 is a diagram illustrating an implementation of a context switching method according to yet another embodiment of the present application;
FIG. 9 is a diagram illustrating an implementation of a context switching method according to yet another embodiment of the present application;
FIG. 10 is a block diagram illustrating a context switch apparatus according to yet another embodiment of the present application.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the embodiments of the present application, the technical solutions in the embodiments of the present application will be described clearly and completely below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, but not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application shall fall within the scope of the protection of the embodiments in the present application.
The following further describes specific implementations of embodiments of the present application with reference to the drawings of the embodiments of the present application.
And a physical memory protection unit (PMP) which comprises rules for specifying the access authority of the CPU hardware for reading, writing and executing the specified memory address range. Different execution environments correspond to different rules, each trusted execution environment in a plurality of Trusted Execution Environments (TEE) corresponds to a set of rules, and an untrusted execution environment corresponds to a set of rules.
Context Switch (Context Switch) Context Switch refers to a kernel (core of an operating system) switching a process or thread on a CPU. The information during the context switch Process is stored in a Process Control Block (PCB — Process Control Block), which is also called a switch frame (SwitchFrame). The context switch information is kept in the CPU memory until it is used again. Context switching is a term in the field of operating systems, generally referring to the switching action of entities executing on various CPUs, in the embodiments of the present application context switching refers to switching between untrusted and trusted execution environments.
When switching between the trusted execution environments or between the trusted execution environment and the untrusted execution environment is required, the rules in the physical memory protection unit need to be switched by software in a high privilege state, or extra hardware overhead needs to be paid. For example, with TrustZone (ARM corporation special purpose processor technology) technology, the CPU core needs to design separate logic for the execution that distinguishes between trusted and untrusted execution environments.
Furthermore, there are hard limits on the entries of the physical memory protection units, especially in complex systems, which may face an insufficient number of limitations.
In particular, referring to fig. 1, non-sensitive traffic 11, which may be a Real Time Operating System (RTOS)11, is isolated from sensitive traffic 12. Trusted firmware and partition manager (SPM)13 executes software in a high privilege state and programs in other partitions execute software in a low privilege state. The trusted firmware and partition manager 13 is responsible for configuring and switching physical memory protection units, and dynamically managing access rights of the memory and devices.
Referring to fig. 2, three entries (211, 212, 213) of the physical memory protection unit corresponding to the trusted execution environment respectively correspond to access permissions of different CPU hardware, and referring to fig. 2, three entries (221, 222, 223) of the physical memory protection unit corresponding to the real-time operating system (the untrusted execution environment) respectively correspond to access permissions of different CPU hardware.
For example, when the trusted execution environment performs context switching and switches from the untrusted execution environment to the trusted execution environment, the trusted firmware and the software in the high privilege state executed by the partition manager 13 fill the memory description data corresponding to the trusted execution environment into the entry corresponding to the physical memory protection unit (211, 212, 213). When the trusted execution environment is switched to the real-time operating system (untrusted execution environment), the trusted firmware and the software in the high privilege state executed by the partition manager 13 fill the memory description data corresponding to the real-time operating system (untrusted execution environment) into the entry corresponding to the physical memory protection unit (221, 222, 223). Since the access right specified by the entry of the physical memory protection unit defines the access range of the CPU hardware, the trusted execution environment and the memory range accessible by the real-time operating system (untrusted execution environment) are isolated. Therefore, each time the trusted execution environment and the real-time operating system (untrusted execution environment) are switched, the entries corresponding to the physical memory protection units corresponding to the trusted execution environment and the real-time operating system (untrusted execution environment) need to be switched. There may be 32 entries of physical memory protection units, each entry of which is stored in a control and status register (CSR register). That software in the high privilege state executed by the trusted firmware and partition manager needs to switch the values of up to 32 control and status registers at a time, incurring a large performance overhead.
In order to reduce performance overhead caused by switching between a trusted execution environment and an untrusted execution environment, embodiments of the present application provide a context switching scheme, where an extended tag is set in each physical memory protection unit, and at least one control and state register is added to record at least one tag value corresponding to each execution environment. When the trusted execution environment performs context switching, the tag in the physical memory protection unit is searched according to the tag value corresponding to the target execution environment recorded in the control and status register, the CPU hardware acquires the memory description data from the physical memory protection unit where the tag corresponding to the tag value is located, and then acquires the memory data according to the memory description data to execute the target task. When the target execution environment is switched, the tag values recorded by the control register and the state register only need to be switched, different memory description data corresponding to different execution environments can be obtained by inquiring the tag value of the target execution environment, and then corresponding memory data is obtained according to the memory description data to execute the target task, so that the trusted execution environment and the untrusted execution environment are isolated. According to the method and the device, only the label values in the control register and the status register need to be switched, and the performance cost is far lower than that of a physical memory protection unit for directly switching a plurality of entries, so that the context switching efficiency of the trusted execution environment is improved.
Based on the above system, embodiments of the present application provide a context switching method, which is described below with reference to a plurality of embodiments.
In some implementations of the present application, referring to fig. 3, a method for context switching is provided, including:
step 31, if the trusted execution environment performs context switching, reading at least one tag value stored in at least one control and status register, where the at least one control and status register records at least one tag value corresponding to a target execution environment of context switching.
In some implementations of the embodiments of the present application, each control and status register stores a tag value corresponding to a target execution environment for context switching.
In particular, the control and status registers may be named activepmp's control and status registers, each storing a tag value.
Illustratively, referring to fig. 4, if there are two registers, activepmp0 and activepmp 1, the target execution environment for the context switch is corresponded according to the tag values stored in activepmp0 and activepmp 1.
And step 32, searching the tags of the plurality of physical memory protection units according to at least one tag value, and obtaining the physical memory protection unit corresponding to the target execution environment, wherein each physical memory protection unit has an extended tag.
Specifically, the tag has N bits, N being a positive integer.
The specific value of N can be set as desired by one skilled in the art.
For example, referring to fig. 4, according to the read tag values in activepmp0 and activepmp 1, the tags of the multiple physical memories are searched, and the physical memory protection unit where the tag corresponding to the tag value is located is obtained as the physical memory protection unit corresponding to the target execution environment.
For the convenience of inquiry, the tag is set in the extension bit of the physical memory protection unit.
Step 33, the CPU hardware obtains the memory description data from the physical memory protection unit corresponding to the target execution environment, and obtains the memory data according to the memory description data to execute the target task.
In the embodiment of the application, the CPU hardware only uses the entry of the physical memory protection unit where the tag with the same tag value stored in the activepmp0 and the activepmp 1 is located, and does not use other entries of the physical memory protection unit.
The physical memory protection unit is used for storing memory description data, the memory description data is used for indexing the memory data in the memory, and the CPU hardware can read corresponding memory data from the memory according to the memory description data so as to execute corresponding target tasks based on the read memory data.
According to the context switching method provided by the embodiment of the application, each physical memory protection unit is provided with an extended tag, and at least one control and state register is additionally arranged to record at least one tag value corresponding to each execution environment. When the trusted execution environment performs context switching, the tag in the physical memory protection unit is searched according to the tag value corresponding to the target execution environment recorded in the control and status register, the CPU hardware acquires the memory description data from the physical memory protection unit where the tag corresponding to the tag value is located, and then acquires the memory data according to the memory description data to execute the target task. When the target execution environment is switched, the tag values recorded by the control register and the state register only need to be switched, different memory description data corresponding to different execution environments can be obtained by inquiring the tag value of the target execution environment, and then corresponding memory data is obtained according to the memory description data to execute the target task, so that the trusted execution environment and the untrusted execution environment are isolated. According to the method and the device, only the label values in the control register and the status register need to be switched, and the performance cost is far lower than that of a physical memory protection unit for directly switching a plurality of entries, so that the context switching efficiency of the trusted execution environment is improved.
In some implementations of embodiments of the present application, referring to fig. 5, step 31 includes:
step 311, according to the context-switched target execution environment, switching the tag value corresponding to the original execution environment stored in the at least one control and status register to the tag value corresponding to the target execution environment.
Step 312, at least one tag value corresponding to the target execution environment stored in the at least one control and status register is read.
For example, referring to fig. 6, if switching from the trusted execution environment to the real-time operating system (untrusted execution environment), the tag value corresponding to the trusted execution environment is 0, and the tag value corresponding to the real-time operating system (untrusted execution environment) is 1. In the embodiment of the present application, 0 stored in one control and status register activepmp3 is switched to 1, and after 1 stored in the control and status register activepmp3 is read, a physical memory protection unit where a tag corresponding to the tag value 1 is located is searched to obtain a physical memory protection unit pmp entry 1, a pmp entry 2, and a pmp entry 3. The CPU hardware acquires the memory description data from the pmp items 1, 2 and 3 of the physical memory protection unit, and acquires the memory data based on the acquired memory description data to execute the target task. And if the real-time operating system (the non-trusted execution environment) is switched to the trusted execution environment. In the embodiment of the present application, 1 stored in the control and status register activepmp3 is switched to 0, and after 0 stored in the control and status register activepmp3 is read, a physical memory protection unit where a tag corresponding to the tag value 0 is located is searched to obtain a physical memory protection unit pmp entry 4, a pmp entry 5, and a pmp entry 6. The CPU hardware acquires the memory description data from the pmp items 4, 5 and 6 of the physical memory protection unit, and acquires the memory data based on the acquired memory description data to execute the target task. Switching between the trusted execution environment and the real-time operating system (untrusted execution environment) requires only switching of the tag values stored in the control and status registers activepmp3, and does not require switching of the physical memory protection units pmp entry 1, pmp entry 2, pmp entry 3 with the physical memory protection units pmp entry 4, pmp entry 5, pmp entry 6 at a time.
When the context is switched, the tag value corresponding to the original execution environment and stored in the at least one control and status register can be switched to the tag value corresponding to the target execution environment, so that the switching of the execution environments is reflected through the switching of the tag values. In the context switching of the embodiments of the present application, tag values in control and status registers are directly switched, where one tag value corresponds to one control and status register, but one tag value may correspond to at least one physical memory protection unit, and thus the value of the control and status register switched by the embodiments of the present application is far lower than the number of entries of the switched physical memory protection units.
In other specific implementations of the embodiments of the present application, at least one physical memory protection unit of the plurality of physical memory protection units directly stores the memory description data.
When the physical memory protection unit directly stores the memory description data, step 43 includes:
and the CPU hardware acquires the memory description data from the physical memory protection unit corresponding to the target execution environment and acquires the memory data according to the memory description data so as to execute the target task.
According to the embodiment of the application, the physical memory protection unit can be directly read to obtain the stored memory description data, and then the memory data can be obtained from the memory according to the read memory description data, so that the target task can be executed based on the obtained memory data. The memory description data is directly obtained from the physical memory protection unit, so that the time for reading the memory description data can be saved, and the reading efficiency is accelerated.
Exemplarily, referring to fig. 7, the CPU hardware may obtain the directly stored memory description data from the physical memory protection unit pmp entry 7, pmp entry 8, and pmp entry 9, then read the memory data from the memory according to the read memory description data, and then execute the target task based on the read memory data, thereby saving the reading time of the CPU hardware and accelerating the reading efficiency.
Specifically, in the embodiment of the present application, at least one physical memory protection unit may directly store the memory description data, that is, one physical memory protection unit directly stores the memory description data; or part of physical memory protection units directly store memory description data; or all physical memory protection units directly store the memory description data.
In some further specific implementations of the embodiments of the present application, at least one physical memory protection unit of the multiple physical memory protection units stores a base address and a length of memory description data in a memory, where the memory description data corresponds to the physical memory protection unit.
Specifically, the base address is a storage start address of the memory description data in the memory, and the length is a length of the memory description data, so that the corresponding memory description data can be obtained in the memory according to the base address and the length.
In some further specific implementations of the embodiment of the present application, when the physical memory protection unit stores the base address and the length of the memory description data, step 43 includes:
the CPU hardware acquires the base address and the length of the memory description data from the physical memory protection unit corresponding to the target execution environment, reads the memory description data of the physical memory protection unit corresponding to the target execution environment from the memory according to the acquired base address and length, and acquires the memory data according to the memory description data to execute the target task.
In this embodiment of the present application, the physical memory protection unit only stores the base address and the length of the memory description data corresponding to the physical memory protection unit, and the memory description data corresponding to the physical memory protection unit entry needs to be searched in the memory according to the base address and the length. Therefore, the data stored in the embodiment of the present application is not limited to the entry limit of the physical memory protection unit. When a large amount of data needs to be configured to the physical memory protection unit, a large amount of control and status registers are used for storing data corresponding to the physical memory protection unit, and by adopting the base address and the length of the memory description data stored in the physical memory protection unit only according to the embodiment of the application, the configuration of the physical memory protection unit does not need to pay larger chip area cost.
For example, referring to fig. 8, the CPU hardware may obtain the base address and the length of the memory description data from the pmp entry 10, the pmp entry 11, and the pmp entry 12 of the physical memory protection unit, further read the corresponding memory description data in the memory, and then read the memory data from the memory based on the memory description data.
Specifically, in the embodiments of the present application, at least one physical memory protection unit may store the base address and the length of the memory description data, that is, one physical memory protection unit may store the base address and the length of the memory description data; or partial physical memory protection unit saves the base address and length of memory description data; or all physical memory protection units store the base address and the length of the memory description data.
Specifically, in the embodiments of the present application, part(s) of the physical memory protection unit(s) may store the base address and the length of the memory description data, and part(s) of the physical memory protection unit(s) may directly store the memory description data.
In some further specific implementations of the embodiment of the present application, when the physical memory protection unit stores the base address and the length of the memory description data, step 43 further includes:
if the memory description data of the physical memory protection unit corresponding to the target execution environment is located in the cache, the CPU hardware reads the memory description data of the physical memory protection unit corresponding to the target execution environment from the cache.
According to the embodiment of the application, the memory description data corresponding to the physical memory protection unit is directly read in the cache, so that the memory description data does not need to be searched from the memory according to the base address and the length, the time for obtaining the memory description data is shortened, and the speed for loading the memory data from the memory can be increased.
It should be understood that, when the cache system operates, the cache content in the cache is replaced based on a preset rule, and when the CPU hardware reads and acquires the memory description data of the physical memory protection unit corresponding to the target execution environment, it first checks whether the memory description data to be read is included in the cache, and if the memory description data to be read is included in the cache, the memory description data is directly acquired from the cache, otherwise, the memory description data is read from the memory according to the base address and the length. The embodiment of the present application is not limited to the rule that the cache system replaces the cache data in the cache.
Illustratively, referring to fig. 9, the CPU hardware stores tag values using control and status registers activepmp4 and activepmp 5. The tag values for the first trusted execution environment are 2 and 3, the tag values for the second trusted execution environment are 4 and 5, and the tag values for the real-time operating system (untrusted execution environment) are 6 and 7.
And if the first trusted execution environment is switched to the real-time operating system (the non-trusted execution environment). In the embodiment of the application, 2 and 3 stored in the control and status registers activepmp4 and activepmp 5 are switched to 6 and 7, after 6 and 7 stored in the control and status registers activepmp4 and activepmp are read, the physical memory protection units where the tags corresponding to the tag values 6 and 7 are located are searched, and a physical memory protection unit pmp entry 13, a pmp entry 14, and a pmp entry 15 are obtained. The CPU hardware acquires the memory description data from the pmp items 13, 14 and 15 of the physical memory protection unit, and acquires the memory data according to the read memory description data to execute the target task.
And if the real-time operating system (the non-trusted execution environment) is switched to the second trusted execution environment. In the embodiment of the present application, 6 and 7 stored in the control and status registers activepmp4 and activepmp 5 are switched to 4 and 5, and after 4 and 5 stored in the control and status registers activepmp4 and activepmp are read, the physical memory protection units where the tags corresponding to the tag values 4 and 5 are located are searched to obtain the physical memory protection unit pmp entry 16, the pmp entry 17, and the pmp entry 18. The CPU hardware acquires the memory description data from the pmp items 16, 17 and 18 of the physical memory protection unit, and acquires the memory data according to the read memory description data to execute the target task.
And if the second trusted execution environment is not the second trusted execution environment, switching to the first trusted execution environment. In the embodiment of the application, 4 and 5 stored in the control and status registers activepmp4 and activepmp 5 are switched to 2 and 3, after 2 and 3 stored in the control and status registers activepmp4 and activepmp are read, the physical memory protection units where the tags corresponding to the tag values 2 and 3 are located are searched, and the physical memory protection unit pmp entry 19, the pmp entry 20, and the pmp entry 21 are obtained. The CPU hardware acquires the memory description data from the pmp items 19, 20 and 21 of the physical memory protection unit, and acquires the memory data according to the read memory description data to execute the target task.
Switching between the trusted execution environment and the real-time operating system (untrusted execution environment) requires only switching of the tag values stored in the control and status registers activepmp4 and activepmp 5, and does not require switching of the physical memory protection unit each time.
If the physical memory protection unit pmp entry 13, pmp entry 14, pmp entry 15, pmp entry 16, pmp entry 17, pmp entry 18, pmp entry 19, pmp entry 20, pmp entry 21, the pmp entry 13, pmp entry 21 holds the memory description data directly, and the pmp entry 14, pmp entry 15, pmp entry 16, pmp entry 17, pmp entry 18, pmp entry 19, pmp entry 20 holds the base address and length of the memory description data.
The CPU hardware can obtain the directly stored memory description data from the physical memory protection unit pmp entry 13 and pmp entry 21.
The CPU hardware may obtain the base address and length of the memory description data from the physical memory protection unit pmp entry 14, pmp entry 15, pmp entry 16, pmp entry 17, pmp entry 18, pmp entry 19, and pmp entry 20, and then read the corresponding memory description data in the memory according to the base address and length.
If the hardware uses a cache, and the memory description data corresponding to the physical memory protection unit pmp entry 14, pmp entry 15, pmp entry 16, pmp entry 17, pmp entry 18, pmp entry 19, and pmp entry 20 is directly stored in the cache, the memory description data corresponding to the physical memory protection unit pmp entry 14, pmp entry 15, pmp entry 16, pmp entry 17, pmp entry 18, pmp entry 19, and pmp entry 20 is searched from the cache.
Corresponding to the above method, referring to fig. 10, an embodiment of the present application further provides a context switching apparatus, including:
the register reading module 101 is configured to, when the trusted execution environment performs context switching, read at least one tag value stored in at least one control and status register, where the at least one control and status register records at least one tag value corresponding to a target execution environment of the context switching.
The tag value search module 102 is configured to search tags of multiple physical memory protection units according to at least one tag value, to obtain a physical memory protection unit corresponding to a target execution environment, where each physical memory protection unit has an extended tag.
The data using module 103 is configured to obtain, by the CPU hardware, the memory description data from the physical memory protection unit corresponding to the target execution environment, and obtain, according to the memory description data, the memory data to execute the target task.
According to the context switching device provided in the embodiment of the present application, each physical memory protection unit is provided with an extended tag, and at least one control and status register is further added to record at least one tag value corresponding to each execution environment. When the trusted execution environment performs context switching, the tag in the physical memory protection unit is searched according to the tag value corresponding to the target execution environment recorded in the control and status register, the CPU hardware acquires the memory description data from the physical memory protection unit where the tag corresponding to the tag value is located, and then acquires the memory data according to the memory description data to execute the target task. When the target execution environment is switched, the tag values recorded by the control register and the state register only need to be switched, different memory description data corresponding to different execution environments can be obtained by inquiring the tag value of the target execution environment, and then corresponding memory data is obtained according to the memory description data to execute the target task, so that the trusted execution environment and the untrusted execution environment are isolated. According to the method and the device, only the label values in the control register and the status register need to be switched, and the performance cost is far lower than that of a physical memory protection unit for directly switching a plurality of entries, so that the context switching efficiency of the trusted execution environment is improved.
An embodiment of the present application further provides an acceleration unit, where the acceleration unit includes a context switching unit and a controller, the context switching unit may execute the context switching method in any of the embodiments, and the controller may control the context switching unit to operate.
An embodiment of the present application further provides an electronic device, where the electronic device includes the accelerating unit and the scheduling unit in the foregoing embodiments, where the scheduling unit may schedule the accelerating unit to execute the context switching task.
The embodiment of the application also provides a system on chip, which comprises the acceleration unit in the embodiment.
It should be noted that, because of details of the acceleration unit, the electronic device, and the system on chip, details have been described in the context switching method embodiment, and specific implementation processes may refer to descriptions in the context switching method embodiment, which are not described herein again.
Those of ordinary skill in the art will appreciate that the various illustrative elements and method steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the embodiments of the present application.
The above embodiments are only used for illustrating the embodiments of the present application, and not for limiting the embodiments of the present application, and those skilled in the relevant art can make various changes and modifications without departing from the spirit and scope of the embodiments of the present application, so that all equivalent technical solutions also belong to the scope of the embodiments of the present application, and the scope of patent protection of the embodiments of the present application should be defined by the claims.

Claims (13)

1. A method of context switching, the method comprising:
if the trusted execution environment performs context switching, reading at least one tag value stored in at least one control and state register, wherein the at least one control and state register records at least one tag value corresponding to a target execution environment of the context switching;
searching tags of a plurality of physical memory protection units according to the at least one tag value to obtain physical memory protection units corresponding to the target execution environment, wherein each physical memory protection unit is provided with an expanded tag;
and the CPU hardware acquires the memory description data from the physical memory protection unit corresponding to the target execution environment and acquires the memory data according to the memory description data so as to execute the target task.
2. The context switch method of claim 1, wherein each of said control and status registers stores a tag value corresponding to a target execution environment for said context switch.
3. The method of claim 2, wherein reading at least one tag value stored in at least one control and status register if the trusted execution environment performs a context switch comprises:
switching the tag value corresponding to the original execution environment stored in the at least one control and status register to the tag value corresponding to the target execution environment according to the target execution environment of the context switch;
reading at least one tag value corresponding to the target execution environment stored in the at least one control and status register.
4. The context switching method of claim 3, wherein the tag has N bits, the N being a positive integer.
5. The context switch method of claim 4, wherein at least one of the plurality of physical memory protection units directly stores memory description data.
6. The context switching method according to any one of claims 1 to 5, wherein at least one of the plurality of physical memory protection units stores a base address and a length of memory description data in a memory corresponding to the physical memory protection unit.
7. The context switching method according to claim 6, wherein the step of acquiring, by the CPU hardware, the memory description data from the physical memory protection unit corresponding to the target execution environment includes:
and if the physical memory protection unit directly stores the memory description data, the CPU hardware acquires the memory description data from the physical memory protection unit corresponding to the target execution environment.
8. The context switching method according to claim 7, wherein the step of acquiring, by the CPU hardware, the memory description data from the physical memory protection unit corresponding to the target execution environment includes:
if the physical memory protection unit stores the base address and the length of the memory description data in the memory, the CPU hardware acquires the base address and the length of the memory description data from the physical memory protection unit corresponding to the target execution environment, and reads the memory description data stored by the physical memory protection unit corresponding to the target execution environment from the memory according to the base address and the length.
9. The context switching method according to claim 8, wherein the CPU hardware obtains a base address and a length of the memory description data from the physical memory protection unit corresponding to the target execution environment, and reads the memory description data of the physical memory protection unit corresponding to the target execution environment from the memory according to the base address and the length, and before the method further comprises:
and if the memory description data of the physical memory protection unit corresponding to the target execution environment is located in the cache, the CPU hardware reads the memory description data of the physical memory protection unit corresponding to the target execution environment from the cache.
10. A context switching apparatus, comprising:
the register reading module is used for reading at least one label value stored in at least one control and state register when the trusted execution environment performs context switching, and the at least one control and state register records at least one label value corresponding to the target execution environment of the context switching;
a tag value searching module, configured to search tags of multiple physical memory protection units according to the at least one tag value, and obtain a physical memory protection unit corresponding to the target execution environment, where each physical memory protection unit has an extended tag;
and the data use module is used for acquiring the memory description data from the physical memory protection unit corresponding to the target execution environment by the CPU hardware and acquiring the memory data according to the memory description data so as to execute the target task.
11. An acceleration unit, comprising: a context switching unit and a controller;
the context switching unit is configured to perform the context switching method according to any one of claims 1 to 9;
and the controller is used for controlling the context switching unit to work.
12. An electronic device, comprising:
an acceleration unit according to claim 11;
and the scheduling unit is used for scheduling the accelerating unit to execute the context switching task.
13. A system on a chip comprising an acceleration unit according to claim 11.
CN202210067931.8A 2022-01-20 2022-01-20 Context switching method and device, accelerating unit, electronic equipment and system on chip Pending CN114490054A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210067931.8A CN114490054A (en) 2022-01-20 2022-01-20 Context switching method and device, accelerating unit, electronic equipment and system on chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210067931.8A CN114490054A (en) 2022-01-20 2022-01-20 Context switching method and device, accelerating unit, electronic equipment and system on chip

Publications (1)

Publication Number Publication Date
CN114490054A true CN114490054A (en) 2022-05-13

Family

ID=81471838

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210067931.8A Pending CN114490054A (en) 2022-01-20 2022-01-20 Context switching method and device, accelerating unit, electronic equipment and system on chip

Country Status (1)

Country Link
CN (1) CN114490054A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116795494A (en) * 2023-08-23 2023-09-22 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116795494A (en) * 2023-08-23 2023-09-22 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium
CN116795494B (en) * 2023-08-23 2024-01-02 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium

Similar Documents

Publication Publication Date Title
JP4519738B2 (en) Memory access control device
EP2997477B1 (en) Page table data management
US7774561B2 (en) Key-controlled object-based memory protection
JP5647203B2 (en) Memory page management
US10255088B2 (en) Modification of write-protected memory using code patching
JP2017505492A (en) Area specification operation to specify the area of the memory attribute unit corresponding to the target memory address
JP2009516310A (en) Page coloring that maps memory pages to programs
CN105550029A (en) Process scheduling method and device
US7496722B2 (en) Memory mapped page priorities
US9372773B2 (en) User-level hardware branch records
CN114490054A (en) Context switching method and device, accelerating unit, electronic equipment and system on chip
CN112925606A (en) Memory management method, device and equipment
US20110153950A1 (en) Cache memory, cache memory system, and method program for using the cache memory
KR100770034B1 (en) Method and system for providing context switch using multiple register file
KR100791815B1 (en) Privilege promotion based on check of previous privilege level
JP2008532163A (en) Computer device and method of operation paged in real time
JP2008532163A5 (en)
CN111291383B (en) Physical address space access isolation method between any entities on SoC, SoC and computer equipment
CN114327769A (en) Operating system event recording method and device and computer system
JP4867451B2 (en) Cache memory device, cache memory control method used therefor, and program thereof
CN114217882A (en) Method and device for running application in process
CN115485668A (en) Memory page marking as a logging hint for processor-based execution tracing
KR100570731B1 (en) An Enhanced Second Chance Method for Selecting a Victim Buffer Page in a Multi-User Storage System
KR101412200B1 (en) Computer system, adress redirection method and system function monitoring method for thereof
CN115729694A (en) Resource management method and corresponding device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination