CN114741740B - Physical memory protection method, system and related equipment based on RISC-V - Google Patents

Physical memory protection method, system and related equipment based on RISC-V Download PDF

Info

Publication number
CN114741740B
CN114741740B CN202210647182.6A CN202210647182A CN114741740B CN 114741740 B CN114741740 B CN 114741740B CN 202210647182 A CN202210647182 A CN 202210647182A CN 114741740 B CN114741740 B CN 114741740B
Authority
CN
China
Prior art keywords
memory
mode
cpu
access
physical memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210647182.6A
Other languages
Chinese (zh)
Other versions
CN114741740A (en
Inventor
胡伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruisixinke Shenzhen Technology Co ltd
Original Assignee
Ruisixinke Shenzhen Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruisixinke Shenzhen Technology Co ltd filed Critical Ruisixinke Shenzhen Technology Co ltd
Priority to CN202210647182.6A priority Critical patent/CN114741740B/en
Publication of CN114741740A publication Critical patent/CN114741740A/en
Application granted granted Critical
Publication of CN114741740B publication Critical patent/CN114741740B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/0223User address space allocation, e.g. contiguous or non contiguous base addressing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/06Addressing a physical block of locations, e.g. base addressing, module addressing, memory dedication
    • G06F12/0646Configuration or reconfiguration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5011Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
    • G06F9/5016Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention is suitable for the application program safety field, has provided a physical memory protection method, system and relevant apparatus based on RISC-V, the said method includes: configuring a memory protection table for recording the access authority of the CPU to the physical memory, wherein the memory protection table is defined by a PMC register, and both the memory protection table and the PMC register can only be accessed under Machine Mode; running an application program through a CPU (central processing unit) and requesting to access a physical memory; the PMC unit judges whether the access of the CPU has an access right through a memory protection table, wherein: if the CPU has the access right, the CPU is allowed to access the physical memory; if the CPU does not have the access authority, the request access of the CPU is determined to be illegal, the access is terminated, and meanwhile, the access abnormity is fed back. The invention adopts a physical memory protection table mode to configure the physical space, and solves the problem of limitation of the physical memory space protected by the PMP.

Description

Physical memory protection method, system and related equipment based on RISC-V
Technical Field
The invention belongs to the field of application program safety, and particularly relates to a physical memory protection method, a physical memory protection system and related equipment based on RISC-V.
Background
The RISC-V architecture is an open Instruction Set architecture based on the principle of Reduced Instruction Set Computer (RISC) proposed by the university of california berkeley in 2010, and unlike general commercial Instruction Set architectures such as X86 and ARM, the RISC-V as an open Instruction Set architecture can be freely and freely applied to any purpose and scene, and allows developers or chip manufacturers to freely design, expand, manufacture and sell RISC-V chips.
The RISC-V framework is provided with a hardware design for Physical Memory Protection, namely PMP (Physical Memory Protection), the PMP divides the authority of the RISC-V into three privilege levels of User-mode, Supervisor-mode and Machine-mode, the privilege levels are sequentially increased, the high authority can access all resources with low authority, but the low authority cannot access the resources with high authority. PMP defines several sets of registers that are accessible only to programs running under Machine-mode privilege, whereas programs running under User-mode and Supervisor-mode privilege do not have access to the registers defined by PMP, and each set of PMP registers may be used to indicate access privileges to a block of contiguous physical memory.
When a CPU running in a non-Machine-mode authority initiates access to a memory, hardware can check each group of PMP registers in sequence, when a physical memory interval represented by a certain group of PMP registers contains a physical address of the memory to be accessed by the CPU, the CPU can stop traversing the PMP registers, determine whether the current memory access operation is legal according to the access authority represented by the group of PMP registers, and then perform normal access or throw out abnormal information. By means of PMP technology, the program running in Machine-mode authority can protect the memory where its code and data are located, and can limit the access of the kernel of the operating system running in Superhost-mode to specific memory and the access of the application running in User-mode to specific memory.
TEE (Trusted Execution environment) refers to a secure and non-intrusive or non-hacked program Execution environment, and the program running in it is called EAPP (Enclave App). Some common server operating systems, such as Linux, have its kernel code running in the privilege level of the hypervisor-Mode, so that a system User of Linux can freely access the program code and memory running in User-Mode, which means that the vulnerability of the Linux kernel may cause security problems for the User's applications. Compared with the operating environment such as a Linux operating system, the TEE is based on a trusted base which reduces the number of bugs as much as possible and proves the safety of the operating environment through formal verification and other methods, and provides a safe and reliable operating environment for an upper-layer application program by using software and hardware in the trusted base.
Keystone is a TEE system on a RISC-V framework, and configures a PMP register through an SM (Security Monitor) running in a Machine-mode, isolates a physical memory which cannot be accessed by an operating system kernel, is used for storing and protecting codes of a Security sensitive EAPP (easy access point), and is responsible for saving and restoring registers of a TEE program when processes are switched, so that the untrusted operating system kernel is prevented from snooping or modifying context. In the design of Keystone, the SM isolates the host operating system and the TEE program through PMP technology, and since the host operating system is not trusted, the SM needs to configure a set of PMP registers for each TEE program before executing the host operating system program, and set the authority to be in an inaccessible state, so as to prevent the corresponding physical memory interval from being accessed by the operating system.
The problem is that, since the number of PMP register sets is limited and the number of physical memory intervals that the Keystone can partition for protecting EAPP programs is limited, the number of EAPP programs that can be simultaneously supported is limited. In the RISC-V specification, PMPs are specified to be 64 groups at most, while most existing chips are limited in cost and conventional usage scenarios, and only 8 or 16 groups are implemented, for example, the latest P650 chip produced and sold by the site corporation also implements 8 groups of PMPs, where 1 group is used to protect SM, 1 group is used to protect os kernel, and only 6 groups are left to protect EAPP, that is, the chip can protect 6 EAPPs at most. This means that most RISC-V chips in the existing TEE environment are difficult to satisfy the requirement of multi-user EAPP to implement multi-task, and because of the nature of PMP register set, it cannot partition the continuous physical space into continuous memory space for EAPP running, and there is more limitation on the level of physical memory space to be protected.
Disclosure of Invention
Embodiments of the present invention provide a RISC-V based physical memory protection method, system and related device, which aim to solve the problem that the PMP number is limited when the existing PMP register protects the physical space.
In a first aspect, an embodiment of the present invention provides a RISC-V based physical memory protection method, where the method includes the following steps:
configuring a memory protection table, wherein the memory protection table is used for recording the access authority of a CPU (central processing unit) to the physical memory, the memory protection table is defined by a PMC (physical cell management controller) register of the CPU, and both the memory protection table and the PMC register can only be accessed under a Machine Mode;
running an application program through a CPU (central processing unit) and requesting to access the physical memory where the application program is located;
accessing the physical memory through the CPU, and judging whether the access of the CPU to the physical memory has an access right through the memory protection table, wherein:
if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
if the CPU does not have the access authority to the physical memory, the request access of the CPU is determined to be illegal, the access of the CPU is stopped, and meanwhile, the access abnormality is fed back.
Further, the memory protection table is stored in the physical memory.
Still further, the PMC register includes:
a page size register, configured to define a size of each memory page in the physical memory protected by the memory protection table;
the page number register is used for defining the number of the memory pages;
a protection start address register for defining a start address of the physical memory protected by the memory protection table;
the protection mode register is used for defining the analysis mode of the memory protection table when the physical memory is protected;
and the base address register is used for defining the storage address of the memory protection table in the physical memory.
Furthermore, the resolution of the protection mode register is divided into:
in the non-limiting mode, access of all memory addresses in the physical memory is set as allowed;
a first parsing mode, which marks the memory page with 1bit of data, wherein when the data is marked as 0, the memory page can be accessed in a User-mode and a super-mode, and when the data is marked as 1, the memory page cannot be accessed in the User-mode and the super-mode;
and a second analysis mode, corresponding to the first analysis mode, marking the memory page by using 1bit of data, wherein when the data is marked as 0, the memory page cannot be accessed in the User-mode and the super-mode, and when the data is marked as 1, the memory page can be accessed in the User-mode and the super-mode.
Furthermore, the protection mode register switches between the first analysis mode and the second analysis mode rapidly according to different running of the application program by the CPU.
Furthermore, when the CPU accesses the physical memory, a memory protection table cache is maintained and established according to the memory protection table.
In a second aspect, an embodiment of the present invention further provides a RISC-V based physical memory protection system, including:
a memory protection table initialization module, configured to configure a memory protection table, where the memory protection table is used to record access permission of a CPU to the physical memory, where the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed in Machine Mode;
the address conversion module is used for running an application program through a CPU and requesting to access the physical memory where the application program is located;
the memory protection module is used for accessing the physical memory through the CPU and judging whether the access of the CPU to the physical memory has an access right or not through the memory protection table, wherein:
if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
if the CPU does not have the access right to the physical memory, the request access of the CPU is determined to be illegal, the access process of the CPU is terminated, and the access exception is fed back.
In a third aspect, an embodiment of the present invention further provides a computer device, including: a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the RISC-V based physical memory protection method as described in any of the above embodiments when executing the computer program.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the RISC-V based physical memory protection method according to any one of the foregoing embodiments.
The beneficial effect achieved by the invention is that the physical space of the operating system is configured by adopting the physical Memory protection table, so that a larger protection range can be provided compared with PMP, and meanwhile, the Memory protection table and the Memory Management Unit (MMC for short) have similar logic structures and can be simply deployed in the operating system, thereby improving the adaptability of the method.
Drawings
FIG. 1 is a block diagram of the steps of a physical memory protection method based on RISC-V according to an embodiment of the present invention;
fig. 2 is a logic diagram of a memory protection table according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a memory protection table according to an embodiment of the present invention;
fig. 4 is a representation of memory protection during EAPP operation according to an embodiment of the present invention;
fig. 5 is a representation of memory protection during the operation of an operating system program according to an embodiment of the present invention;
FIG. 6 is a block diagram of a RISC-V based physical memory protection system 200 according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a block diagram of a flow of steps of a RISC-V based physical memory protection method according to an embodiment of the present invention, where the method includes the following steps:
s101, configuring a memory protection table, wherein the memory protection table is used for recording the access authority of the CPU to the physical memory, the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed under a Machine Mode.
For example, referring to fig. 2 and fig. 3, fig. 2 is a logic diagram of a memory protection table provided in an embodiment of the present invention, fig. 3 is a structural diagram of the memory protection table provided in the embodiment of the present invention, the memory protection table corresponds to a memory management unit in a CPU, and the memory management unit is an address mapping table used for converting a logical address of the CPU when accessing the physical memory into a physical address of a target memory unit.
The PMC (Physical Memory Control) register is a register in the CPU for defining each parameter of the Memory protection table, and the PMC register includes:
a page size register, configured to define a size of each memory page in the physical memory protected by the memory protection table;
the page number register is used for defining the number of the memory pages;
a protection start address register for defining a start address of the physical memory protected by the memory protection table;
the protection mode register is used for defining the analysis mode of the memory protection table when the physical memory is protected;
and the base address register is used for defining the storage address of the memory protection table in the physical memory.
For example, for the above registers, a typical configuration illustrated in fig. 3 includes, for the page size register, the page number register, and the protection start address register:
setting the page size register to be 12, and actually generating a page with the size of 2 to the power of 12, namely 4 Kbytes;
setting the number of pages register to 256K, actually generating 256K pages, which in the embodiment of the present invention means that the size of the space of the physical memory protected by the memory protection table is 4K × 256K, that is, 1 gbyte;
and setting the protection initial address register as a 2G address, and combining the parameters of the page size register and the page number register, wherein the space range of the physical memory protected by the memory protection table is a part of 2G to 3G.
In this embodiment of the present invention, the parsing method of the protection mode register is divided into:
in the non-limiting mode, access of all memory addresses in the physical memory is set as allowed;
the memory page is marked by using 1bit of data in a first analysis mode, wherein when the data is marked as 0, the memory page can be accessed in a User-mode and a Supervisor-mode, and when the data is marked as 1, the memory page cannot be accessed in the User-mode and the Supervisor-mode;
and a second analysis mode, corresponding to the first analysis mode, marking the memory page by using 1bit of data, wherein when the data is marked as 0, the memory page cannot be accessed in the User-mode and the super-mode, and when the data is marked as 1, the memory page can be accessed in the User-mode and the super-mode.
The base address register is used for determining a storage starting position of the memory protection table in the physical memory, and both the memory protection table and the PMC register can only be accessed under a Machine Mode, so that the safety problem caused by the fact that the register and the content of the memory protection table are accessed when an unauthorized application program runs is avoided.
Illustratively, the base address register is set to 0, which indicates that the memory protection table is stored in a memory space beginning from an address 0 of the physical memory, in the embodiment of the present invention, 256K pages of the memory protection table occupy 1bit space for each page, that is, the space occupied by the memory protection table is a space beginning from an address 0 of the physical memory and continuing 32 kbytes.
Under the action of the memory protection table, more entries of the memory protection table can be set, because each entry for determining the memory space is stored in the physical memory space, and the physical memory space is large enough, so that the entries of the memory protection table can cover more application programs relative to the PMP.
And S102, running an application program through a CPU, and requesting to access the physical memory where the application program is located.
For example, taking a scenario running in a TEE (trusted execution environment) as an example, in a common usage environment, the applications include an EAPP and an operating system program, which are two types of applications commonly used in the TEE, so as to ensure the security of the EAPP or the operating system program, and the EAPP or the operating system program is protected by running different EAPP or operating system programs in a specific memory space respectively, and the memory space used by different applications is also different.
In a typical operation logic, when a CPU runs the EAPP or the operating system program (one process can only correspond to one application program), the CPU firstly queries the memory management unit to obtain an address of a physical memory corresponding to the EAPP or the operating system program, and generally, to accelerate the query speed of the memory management unit, the CPU also establishes and maintains a memory management unit cache in which a commonly used converted address stored according to a certain algorithm policy is mainly used for the CPU to access quickly.
S103, accessing the physical memory through the CPU, and judging whether the access of the CPU to the physical memory has an access right or not through the memory protection table.
Judging whether the CPU has access authority to the physical memory according to the analysis mode of the memory protection table, and further comprising the following steps:
s103a, if the CPU has the access right to the physical memory, allowing the CPU to access the physical memory.
Referring to fig. 4, fig. 4 is a memory protection representation intention of an EAPP runtime according to an embodiment of the present invention, in the case of fig. 4, the EAPP runtime uses a memory area marked as 1, that is, the analysis manner of the protection mode register at this time corresponds to the second analysis mode, and in the second analysis mode, the CPU has access right to the area of the physical memory marked as 1, and runs the EAPP in these areas.
Furthermore, the protection mode register switches between the first analysis mode and the second analysis mode rapidly according to different running of the application program by the CPU.
Referring to fig. 5, fig. 5 is a diagram illustrating memory protection during running of an operating system program according to an embodiment of the present invention, where if the operating system program needs to be run again during running of the EAPP, according to characteristics of the operating system, the EAPP is suspended first, the CPU runs the operating system program and accesses an area different from an area where the EAPP runs, and at this time, the protection mode register switches the second analysis mode to the first analysis mode, and in this case, the CPU cannot access an area where the EAPP runs and which is originally marked as 1, but can access an area where the EAPP runs and which is originally marked as 0. Through the switching of the first analysis mode and the second analysis mode, the protected space can be quickly reversed, and a quick scheme is provided for switching between the operating system program and the EAPP.
It should be noted that the first parsing mode and the second parsing mode included in the parsing mode of the protection mode register in the embodiment of the present invention are only a conventional setting, and in practical applications, the parsing mode may include more modes, and specifically, the mode change and expansion may be implemented by defining the flag thereof and the number of bits used for determining the serial number of the parsing mode.
S103b, if the CPU does not have access authority to the physical memory, the request access of the CPU is determined to be illegal, the access of the CPU is terminated, and meanwhile, the abnormal access is fed back.
Correspondingly, referring to fig. 4 and 5 again, if the CPU does not have access right to the physical memory, when the EAPP or the operating system program is running, the CPU accesses a space that is not occupied by the current program, and the CPU does not have right to a region other than the space used by the EAPP or the operating system program, the CPU determines that the request access of the CPU is illegal, and terminates the access process of the CPU.
The beneficial effect achieved by the invention is that the physical space of the operating system is configured by adopting the physical memory protection table, so that a larger protection range can be provided compared with PMP, and meanwhile, the memory protection table and the memory management unit have similar logic structures and can be simply deployed in the operating system, thereby improving the adaptability of the method.
Referring to fig. 6, fig. 6 is a schematic structural diagram of a physical memory protection system 200 based on RISC-V according to an embodiment of the present invention, where the physical memory protection system 200 includes:
a memory protection table initialization module 201, configured to configure a memory protection table, where the memory protection table is used to record access permission of a CPU to the physical memory, and the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed under a Machine Mode;
the address translation module 202 is configured to run an application program through a CPU and request access to the physical memory where the application program is located;
a memory protection module 203, configured to access the physical memory through the CPU, and determine whether the access of the CPU to the physical memory has an access right through the memory protection table, where:
if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
if the CPU does not have the access authority to the physical memory, the request access of the CPU is determined to be illegal, the access process of the CPU is stopped, and the access exception is fed back.
The RISC-V based physical memory protection system 200 can implement the steps of the RISC-V based physical memory protection method in the above embodiments, and can implement the same technical effects, and the description in the above embodiments is omitted here for brevity.
Referring to fig. 7, fig. 7 is a schematic structural diagram of a computer device provided in an embodiment of the present invention, where the computer device 300 includes: a memory 302, a processor 301 and a computer program stored on the memory 302 and executable on the processor 301.
The processor 301 calls the computer program stored in the memory 302 to execute the steps in the RISC-V based physical memory protection method according to the embodiment of the present invention, and with reference to fig. 1, the method specifically includes:
s101, configuring a memory protection table, wherein the memory protection table is used for recording the access authority of the CPU to the physical memory, the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed under a Machine Mode.
And S102, running an application program through a CPU, and requesting to access the physical memory where the application program is located.
S103, accessing the physical memory through the CPU, and judging whether the access of the CPU to the physical memory has an access right or not through the memory protection table, wherein:
s103a, if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
s103b, if the CPU does not have access authority to the physical memory, the request access of the CPU is determined to be illegal, the access of the CPU is terminated, and meanwhile, the abnormal access is fed back.
Further, the memory protection table is stored in the physical memory.
Still further, the PMC register includes:
a page size register, configured to define a size of each memory page in the physical memory protected by the memory protection table;
the page number register is used for defining the number of the memory pages;
a protection start address register for defining a start address of the physical memory protected by the memory protection table;
the protection mode register is used for defining the analysis mode of the memory protection table when the physical memory is protected;
and the base address register is used for defining the storage address of the memory protection table in the physical memory.
Further, the base address register in the memory protection table is set to be accessible only when the Machine-Mode is active.
Further, the parsing manner of the protection mode register is divided into:
in the non-limiting mode, access of all memory addresses in the physical memory is set as allowed;
a first parsing mode, which marks the memory page with 1bit of data, wherein when the data is marked as 0, the memory page can be accessed in a User-mode and a super-mode, and when the data is marked as 1, the memory page cannot be accessed in the User-mode and the super-mode;
and a second analysis mode, corresponding to the first analysis mode, marking the memory page by using 1bit of data, wherein when the data is marked as 0, the memory page cannot be accessed in the User-mode and the super-mode, and when the data is marked as 1, the memory page can be accessed in the User-mode and the super-mode.
Furthermore, the protection mode register performs fast switching between the first analysis mode and the second analysis mode according to different running of the application program by the CPU.
Furthermore, when the CPU accesses the physical memory, a memory protection table cache is maintained and established according to the memory protection table.
The computer device 300 according to the embodiment of the present invention can implement the steps in the RISC-V based physical memory protection method according to the above embodiment, and can achieve the same technical effects, and reference is made to the description in the above embodiment, which is not described herein again.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements each process and step in the RISC-V based physical memory protection method provided in the embodiment of the present invention, and can implement the same technical effects, and in order to avoid repetition, the detailed description is omitted here.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the methods according to the embodiments of the present invention.
While the present invention has been described in connection with the preferred embodiments of the present invention, as illustrated and described in the accompanying drawings, it is to be understood that the invention is not limited to the disclosed embodiments, but is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (7)

1. A physical memory protection method based on RISC-V, characterized in that, the method comprises the following steps:
configuring a memory protection table, where the memory protection table is used to record access permissions of a CPU on the physical memory, where the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed under Machine Mode, and the PMC register includes:
a page size register, configured to define a size of each memory page in the physical memory protected by the memory protection table;
the page number register is used for defining the number of the memory pages;
a protection start address register for defining a start address of the physical memory protected by the memory protection table;
the protection mode register is used for defining the analysis mode of the memory protection table when the physical memory is protected;
the base address register is used for defining the storage address of the memory protection table in the physical memory;
running an application program through a CPU (central processing unit) and requesting to access the physical memory where the application program is located;
accessing the physical memory through the CPU, and judging whether the access of the CPU to the physical memory has an access right through the memory protection table, wherein:
if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
if the CPU does not have access authority to the physical memory, the request access of the CPU is determined to be illegal, the access of the CPU is terminated, and meanwhile, the access abnormity is fed back;
wherein the analysis mode of the protection mode register is divided into:
in the non-limiting mode, access of all memory addresses in the physical memory is set as allowed;
a first parsing mode, which marks the memory page with 1bit of data, wherein when the data is marked as 0, the memory page can be accessed in a User-mode and a super-mode, and when the data is marked as 1, the memory page cannot be accessed in the User-mode and the super-mode;
and a second analysis mode, corresponding to the first analysis mode, marking the memory page by using 1bit of data, wherein when the data is marked as 0, the memory page cannot be accessed in the User-mode and the super-mode, and when the data is marked as 1, the memory page can be accessed in the User-mode and the super-mode.
2. A RISC-V based physical memory protection method as claimed in claim 1, wherein said memory protection table is stored in said physical memory.
3. A RISC-V based physical memory protection method as claimed in claim 1, wherein said protection mode register switches between said first resolution mode and said second resolution mode rapidly according to the difference of running said application program by CPU.
4. The RISC-V based physical memory protection method of claim 1, wherein a memory protection table cache is maintained and established according to said memory protection table when a CPU accesses said physical memory.
5. A RISC-V based physical memory protection system, comprising:
a memory protection table initialization module, configured to configure a memory protection table, where the memory protection table is used to record access permission of a CPU to the physical memory, where the memory protection table is defined by a PMC register of the CPU, and both the memory protection table and the PMC register can only be accessed in Machine Mode, and the PMC register includes:
a page size register, configured to define a size of each memory page in the physical memory protected by the memory protection table;
the page number register is used for defining the number of the memory pages;
a protection start address register for defining a start address of the physical memory protected by the memory protection table;
a protection mode register for defining a resolution mode of the memory protection table when the physical memory is protected;
the base address register is used for defining the storage address of the memory protection table in the physical memory;
the address conversion module is used for running an application program through a CPU and requesting to access the physical memory where the application program is located;
the memory protection module is used for accessing the physical memory through the CPU and judging whether the access of the CPU to the physical memory has an access right or not through the memory protection table, wherein:
if the CPU has access authority to the physical memory, allowing the CPU to access the physical memory;
if the CPU does not have access authority to the physical memory, the request access of the CPU is determined to be illegal, the access process of the CPU is terminated, and meanwhile, the access abnormity is fed back;
wherein the analysis mode of the protection mode register is divided into:
in the non-limiting mode, access of all memory addresses in the physical memory is set as allowed;
a first parsing mode, which marks the memory page with 1bit of data, wherein when the data is marked as 0, the memory page can be accessed in a User-mode and a super-mode, and when the data is marked as 1, the memory page cannot be accessed in the User-mode and the super-mode;
and a second analysis mode, corresponding to the first analysis mode, marking the memory page by using 1bit of data, wherein when the data is marked as 0, the memory page cannot be accessed in the User-mode and the super-mode, and when the data is marked as 1, the memory page can be accessed in the User-mode and the super-mode.
6. A computer device, comprising: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the RISC-V based physical memory protection method according to any one of claims 1 to 4 when executing the computer program.
7. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, implements the steps in a RISC-V based physical memory protection method according to any one of claims 1 to 4.
CN202210647182.6A 2022-06-09 2022-06-09 Physical memory protection method, system and related equipment based on RISC-V Active CN114741740B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210647182.6A CN114741740B (en) 2022-06-09 2022-06-09 Physical memory protection method, system and related equipment based on RISC-V

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210647182.6A CN114741740B (en) 2022-06-09 2022-06-09 Physical memory protection method, system and related equipment based on RISC-V

Publications (2)

Publication Number Publication Date
CN114741740A CN114741740A (en) 2022-07-12
CN114741740B true CN114741740B (en) 2022-09-02

Family

ID=82287138

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210647182.6A Active CN114741740B (en) 2022-06-09 2022-06-09 Physical memory protection method, system and related equipment based on RISC-V

Country Status (1)

Country Link
CN (1) CN114741740B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115238297B (en) * 2022-09-23 2023-01-31 北京安帝科技有限公司 Multi-level authority control memory protection method and device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7047394B1 (en) * 1999-01-28 2006-05-16 Ati International Srl Computer for execution of RISC and CISC instruction sets
CN103488588A (en) * 2013-10-09 2014-01-01 中国科学院计算技术研究所 Memory protection method and system and network interface controller
CN111651778A (en) * 2020-05-26 2020-09-11 上海交通大学 Physical memory isolation method based on RISC-V instruction architecture
CN112749397A (en) * 2019-10-29 2021-05-04 阿里巴巴集团控股有限公司 System and method
CN113722246A (en) * 2021-11-02 2021-11-30 超验信息科技(长沙)有限公司 Method and device for realizing physical memory protection mechanism in processor
CN113722247A (en) * 2021-08-06 2021-11-30 平头哥(上海)半导体技术有限公司 Physical memory protection unit, physical memory authority control method and processor
CN114579482A (en) * 2022-01-17 2022-06-03 上海交通大学 Hybrid physical memory protection method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7047394B1 (en) * 1999-01-28 2006-05-16 Ati International Srl Computer for execution of RISC and CISC instruction sets
CN103488588A (en) * 2013-10-09 2014-01-01 中国科学院计算技术研究所 Memory protection method and system and network interface controller
CN112749397A (en) * 2019-10-29 2021-05-04 阿里巴巴集团控股有限公司 System and method
CN111651778A (en) * 2020-05-26 2020-09-11 上海交通大学 Physical memory isolation method based on RISC-V instruction architecture
CN113722247A (en) * 2021-08-06 2021-11-30 平头哥(上海)半导体技术有限公司 Physical memory protection unit, physical memory authority control method and processor
CN113722246A (en) * 2021-11-02 2021-11-30 超验信息科技(长沙)有限公司 Method and device for realizing physical memory protection mechanism in processor
CN114579482A (en) * 2022-01-17 2022-06-03 上海交通大学 Hybrid physical memory protection method and system

Also Published As

Publication number Publication date
CN114741740A (en) 2022-07-12

Similar Documents

Publication Publication Date Title
US20210194696A1 (en) System and method for high performance secure access to a trusted platform module on a hardware virtualization platform
US10447728B1 (en) Technique for protecting guest processes using a layered virtualization architecture
JP5249450B2 (en) Protection agent and privileged mode
US11443034B2 (en) Trust zone-based operating system and method
CN107066311B (en) Kernel data access control method and system
TWI570589B (en) Apparatus for providing trusted computing
TWI470471B (en) Protecting operating-system resources
US6938164B1 (en) Method and system for allowing code to be securely initialized in a computer
US8364973B2 (en) Dynamic generation of integrity manifest for run-time verification of software program
US7380049B2 (en) Memory protection within a virtual partition
US7984304B1 (en) Dynamic verification of validity of executable code
JP4759059B2 (en) Page coloring that maps memory pages to programs
EP1966706B1 (en) Identifier associated with memory locations for managing memory accesses
CN108205502B (en) Lightweight trusted transaction
US20080077767A1 (en) Method and apparatus for secure page swapping in virtual memory systems
CN110383256B (en) Kernel integrity protection method and device
US8327415B2 (en) Enabling byte-code based image isolation
US10545851B2 (en) Breakpoint insertion into kernel pages
CN111353162B (en) TrustZone kernel-based asynchronous execution active trusted computing method and system
JP6370098B2 (en) Information processing apparatus, information processing monitoring method, program, and recording medium
WO2008112629A1 (en) Policy-based direct memory access control
US10108800B1 (en) ARM processor-based hardware enforcement of providing separate operating system environments for mobile devices with capability to employ different switching methods
CN112818327A (en) TrustZone-based user-level code and data security credibility protection method and device
CN114741740B (en) Physical memory protection method, system and related equipment based on RISC-V
KR102579861B1 (en) In-vehicle software update system and method for controlling the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant