CN116185894A - Memory management method and device, chip, electronic equipment and storage medium - Google Patents
Memory management method and device, chip, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116185894A CN116185894A CN202310164881.XA CN202310164881A CN116185894A CN 116185894 A CN116185894 A CN 116185894A CN 202310164881 A CN202310164881 A CN 202310164881A CN 116185894 A CN116185894 A CN 116185894A
- Authority
- CN
- China
- Prior art keywords
- entry
- encrypted
- processing mechanism
- memory
- security processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/06—Addressing a physical block of locations, e.g. base addressing, module addressing, memory dedication
- G06F12/0646—Configuration or reconfiguration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/0223—User address space allocation, e.g. contiguous or non contiguous base addressing
- G06F12/0292—User address space allocation, e.g. contiguous or non contiguous base addressing using tables or multilevel address translation means
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The application provides a memory management method and device, a chip, electronic equipment and a storage medium. The memory management method comprises the following steps: configuring a memory access security processing mechanism; and responding to the memory access request, triggering the currently configured memory access security processing mechanism to operate so as to prevent illegal programs from touching the translation process from the virtual address to the physical address. The method and the device realize reliable safe memory access, particularly in a small memory system, avoid the situation that the whole machine is required to be configured with larger local memory capacity to cope with the safe memory access, reduce the cost and flexibly configure a memory access safe processing mechanism according to the balance of the safety and the system overhead.
Description
Technical Field
The present disclosure relates to the field of memory management technologies, and in particular, to a memory management method and apparatus, a chip, an electronic device, and a storage medium.
Background
The embedded terminal has the requirement of playing the safe video, and the video stream which is required to be played online in authentication cannot be copied and propagated. The core of ensuring video security is that the local memory holding the video content is set to secure access. To address this need, the prior art has provided a series of firewall-like mechanisms that can configure any region of local memory for secure access. With the expansion of the local memory capacity, various controllers needing to perform secure access are increased, and the memory is more and more scattered, the security control mechanism of the local memory is required to be thinned, and the more thinned memory represents that more data lines are required to control the security attribute of the memory in the chip. In the extreme case, assuming that if a 4MB secure online video needs to be played, the local memory fragmentation is severe, to the point that it is 4KB, the security control of the local memory must be refined to each 4KB memory adding a set of control lines, and it is attempted that if used in a machine supporting 8GB local memory, so many control lines are not acceptable for chip design.
To overcome the above-mentioned drawbacks, a continuous large memory (256 MB for example) is reserved in the system and configured into a secure access mode. Only the local memory for these 256MB needs to be added with a security control line at this time. Or for example, a configurable scheme of 16 groups is provided, the local memory is divided, and whether the local memory belongs to the safe memory is freely divided according to 16 areas at most. The definition of the secure memory needs to be configured when the system operates in a secure environment. The prior art thus has a technical disadvantage in that it is not usable by other modules in the embedded system in the presence of non-use within a continuum configured to be secure, although it has both flexibility and security. In a small memory system, the problem is that the local memory consumption is contracted, and the performance of the whole machine is seriously affected. In order to overcome the above-mentioned defect, the whole machine must be configured with a larger local memory capacity to cope with the problem, and the cost is increased.
Disclosure of Invention
The application provides a memory management method and device, a chip, electronic equipment and a storage medium, which can solve the defects in the prior art.
In a first aspect, the present application provides a memory management method. The memory management method comprises the following steps: configuring a memory access security processing mechanism; and responding to the memory access request, triggering the currently configured memory access security processing mechanism to operate so as to prevent illegal programs from touching the translation process from the virtual address to the physical address.
In an implementation manner of the first aspect, the triggering the operation of the currently configured memory access security processing mechanism includes any one or a combination of any more of the following: triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing; triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address; triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
In one implementation manner of the first aspect, the placing the page table for mapping between the virtual address and the physical address in the trusted computing environment for processing includes: the page table is created in the trusted computing environment.
In one implementation manner of the first aspect, the placing the page table for mapping between the virtual address and the physical address in the trusted computing environment for processing further includes: querying the page table in the trusted computing environment.
In an implementation manner of the first aspect, the translating the physical address based on the encrypted virtual address includes: inquiring a page table for mapping between the virtual address and the physical address, and acquiring an encrypted physical address corresponding to the encrypted virtual address; and decrypting the encrypted physical address to obtain a real physical address.
In one implementation manner of the first aspect, encrypting an entry in a page table for mapping between a virtual address and a physical address includes: all entries in the first level entry DTE and/or all entries in the second level entry PTE are encrypted.
In one implementation manner of the first aspect, encrypting an entry in a page table for mapping between a virtual address and a physical address includes: partial entries in the first level entry DTE and/or partial entries in the second level entry PTE are selectively encrypted.
In an implementation manner of the first aspect, under the third level security processing mechanism, if an entry of the query is an encrypted entry, the query result is decrypted and the next level of query is performed based on the decrypted result, and if the entry of the query is a non-encrypted entry, the next level of query is performed directly based on the query result.
In a second aspect, the present application provides a memory management device. The memory management device includes: the policy configuration module is configured to configure a memory access security processing mechanism; and the access management module is configured to respond to the memory access request and trigger the currently configured memory access security processing mechanism to operate so as to prevent illegal programs from touching the virtual address to the physical address translation process.
In an implementation manner of the second aspect, the access management module is configured to perform any one or a combination of any of the following: triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing; triggering a second-level security processing mechanism to operate, distributing encrypted virtual addresses to the access equipment, and translating physical addresses based on the encrypted virtual addresses; triggering a third level secure processing mechanism to operate, configured to include encrypting an entry in a page table for mapping between virtual addresses and physical addresses for progressive querying based on the encrypted entry in a virtual address to physical address translation process.
In a third aspect, the present application provides a chip. The chip comprises a memory management device according to the second aspect of the application.
In a fourth aspect, the present application provides an electronic device. The electronic device includes a memory configured to store a computer program; and a processor configured to execute the computer program to cause the electronic device to perform the memory management method according to the first aspect of the present application.
In a fifth aspect, the present application provides a computer-readable storage medium. The computer readable storage medium has stored thereon a computer program that is executed to implement the memory management method according to the first aspect of the present application.
In the memory management method and device, the chip, the electronic equipment and the storage medium, the security of the memory access is managed by configuring the memory access security processing mechanism, and the configured memory access security processing mechanism enables an illegal program to not touch the translation process from the virtual address to the physical address. In this way, reliable safe memory access is realized, especially in a small memory system, so that the situation that the whole machine has to be configured with larger local memory capacity to cope with the safe memory access is avoided, and the cost is reduced. The security processing mechanism comprises a three-level security processing mechanism, and comprises the steps of performing security processing on a page table running environment mapped by virtual addresses, performing confidential processing on virtual addresses of a memory, and performing encryption processing on entries of the page table mapped by the virtual addresses. The three-level security processing mechanisms are mutually independent, can be used independently or in combination, and can be flexibly configured according to the balance of security and system overhead.
Drawings
Fig. 1 is a schematic diagram of path control of a chip access memory according to an embodiment of the present application.
FIG. 2 is a diagram illustrating the path control of the IOMMU accessing the memory according to one embodiment of the present application.
FIG. 3 is a flow chart of an embodiment of the management method.
FIG. 4A is a flow chart illustrating creation of a page table for mapping between virtual addresses and physical addresses when executing a first level security processing mechanism in one embodiment of the present application.
Fig. 4B is a schematic flow chart of translating a physical address corresponding to a virtual address when executing a first level security processing mechanism according to an embodiment of the present application.
FIG. 5 is a flow chart illustrating a memory access performed when the second level security processing mechanism is executed according to an embodiment of the present application.
Fig. 6 is a schematic flow chart of memory access when executing the third class a security processing mechanism according to an embodiment of the present application.
FIG. 7 is a flow chart illustrating memory access when a third class B security processing mechanism is executed according to an embodiment of the present application.
Fig. 8 is a schematic structural diagram of a memory management device according to an embodiment of the present application.
Fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Other advantages and effects of the present application will become apparent to those skilled in the art from the present disclosure, when the following description of the embodiments is taken in conjunction with the accompanying drawings. The present application may be embodied or carried out in other specific embodiments, and the details of the present application may be modified or changed from various points of view and applications without departing from the spirit of the present application. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.
It should be noted that, the illustrations provided in the following embodiments merely illustrate the basic concepts of the application by way of illustration, and only the components related to the application are shown in the illustrations, not according to the number, shape and size of the components in actual implementation, and the form, number and proportion of each component in actual implementation may be arbitrarily changed, and the layout of the components may be more complex. Moreover, relational terms such as "first," "second," and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The following embodiments of the present invention provide a memory management method and apparatus, a chip, an electronic device, and a storage medium, and provide a plurality of different memory access security processing mechanisms, where security of memory access is managed by configuring the memory access security processing mechanisms, and the configured memory access security processing mechanisms enable an illegal program to fail to touch a virtual address to physical address translation process, so as to implement reliable secure memory access in a small memory system.
The following describes the technical solutions in the embodiments of the present application in detail with reference to the drawings in the embodiments of the present application.
First, terms of art referred to in this application are explained.
IOMMU: input/output memory management unit, an input/output memory management unit, provides address mapping and translation services.
DTE base: for maintaining the physical address where the first level table (i.e., DTE) is located for the IOMMU to query.
DTE: device table entry, first-stage entries, each of which holds the physical address of the PTE entry of the next stage (second stage).
PTE: and the page table entry and the second-level table entry each store the physical address of the managed data page.
Page: and (5) page, and finally physical memory of the small block.
Fig. 1 is a schematic diagram of path control of a chip access memory according to an embodiment of the present application. As shown in fig. 1, the chip 1 includes a policy configuration module 11 and an access management module 12, the policy configuration module 11 configures a memory access security processing mechanism, the access management module 12 includes an input/output memory management unit (IOMMU), and the IOMMU provides address mapping and translation services for splicing discontinuous physical addresses into continuous virtual addresses, and provides consistent access to external devices. When the external device sends out the access request of the memory, the mapped continuous virtual addresses are transmitted, and the IOMMU obtains the physical addresses corresponding to the virtual addresses through translation, so that the secure memory 21 in the local memory 2 is accessed. The access management module 12 triggers the currently configured memory access security processing mechanism to operate after receiving a memory access request, so that an illegal program cannot touch the translation process from a virtual address to a physical address in the process of accessing the secure memory 21.
FIG. 2 is a diagram illustrating the path control of the IOMMU accessing the memory according to one embodiment of the present application. When an external device initiates an access, it is the mapped, consecutive virtual addresses a that are passed into the IOMMU. At this time, the IOMMU queries the DTE base address from the DTE base register, finds the physical address of the DTE of the first-stage entry DTE from the DTE base address, queries the next-stage PET position where the virtual address a is located by using the DTE entry, jumps to the second-stage entry of the PTE, and finally finds the physical address page corresponding to the virtual address a. The external device may thus initiate a large segment of consecutive virtual addresses a, whose corresponding final physical address may be any discrete state physical address, assuming a large size.
In the memory access process in the embodiments provided in fig. 1 and fig. 2, the memory is managed by configuring a memory access security processing mechanism to implement reliable secure memory access. Thus, the application provides a memory management method and device for secure memory access.
FIG. 3 is a flow chart of an embodiment of the management method. As shown in fig. 3, the internal management method includes step S1 and step S2.
In step S1, a memory access security handling mechanism is configured.
In some embodiments, the memory access security processing mechanism may include at least one of a first level security processing mechanism, a second level security processing mechanism, and a third level security processing mechanism. The first level secure processing mechanism is configured to place page tables for mapping between virtual addresses and physical addresses into a trusted computing environment for processing. The second level security handling mechanism is configured to assign an encrypted virtual address to the access device and to translate the physical address based on the encrypted virtual address. The third level security processing mechanism is configured to encrypt entries in a page table for mapping between virtual addresses and physical addresses for progressive querying based on the encrypted entries in a virtual address to physical address translation process.
In step S2, in response to the memory access request, the currently configured memory access security processing mechanism is triggered to operate, so as to prevent the illegal program from touching the virtual address to physical address translation process.
In some embodiments, triggering the operation of the currently configured memory access security handling mechanism may include at least one of: triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing; triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address; triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
In some embodiments, the first level security mechanism places a page table for mapping between virtual addresses and physical addresses in a trusted computing environment for processing includes creating the page table in the trusted computing environment and querying the page table in the trusted computing environment.
FIG. 4A is a flow chart illustrating creation of a page table for mapping between virtual addresses and physical addresses when executing a first level security processing mechanism in one embodiment of the present application. As shown in fig. 4A, the process of creating a page table for mapping between virtual addresses and physical addresses includes step S111 and step S112.
In step S111, initialization of the IOMMU is performed in an Operating System (OS). In step S112, a page table for mapping between virtual addresses and physical addresses is established in a trusted computing environment (Trusted Execution Environment, TEE), the page table comprising a first level entry DTE and a second level entry PTE. Because the entries are built in the trusted computing environment (Trusted Execution Environment, TEE), the external program cannot acquire the page table for mapping between virtual addresses and physical addresses, and therefore, even if a virtual address is taken, it cannot be restored to all discontinuous physical addresses by using the mapping relationship, and then the contents in the addresses are spliced.
Fig. 4B is a schematic flow chart of translating a physical address corresponding to a virtual address when executing a first level security processing mechanism according to an embodiment of the present application. As shown in fig. 4B, the process of translating the physical address corresponding to the obtained virtual address includes step S121 and step S122.
In step S121, the IOMMU receives an IP access of an external device, and acquires a Virtual Address (VA). In step S122, a page table for mapping between virtual addresses and Physical addresses is queried in a trusted computing environment (Trusted Execution Environment, TEE), translating the virtual addresses into real Physical Addresses (PA). Therefore, the translation from the virtual address VA to the physical address PA is realized in the trusted computing environment, so that the external illegal program cannot intervene in the process of translating from the virtual address to the physical address, and the secure memory access of step S123 is executed.
In some embodiments, the second level security processing mechanism is configured to encrypt the virtual address of the memory, assign the encrypted virtual address to the access device, and translate the physical address based on the encrypted virtual address.
FIG. 5 is a flow chart illustrating a memory access performed when the second level security processing mechanism is executed according to an embodiment of the present application. As shown in fig. 5, performing memory access while executing the second level security processing mechanism includes step S211 and steps S221 to S223.
In step S211, the encrypted virtual address VAM is assigned to the access device.
In step S221, the IOMMU receives the access request of the access device, obtains the encrypted virtual address VAM, and translates the encrypted virtual address VAM to obtain the encrypted physical address PAM, where the translation process specifically includes: the IOMMU queries a page table for mapping between virtual addresses and physical addresses, and obtains encrypted physical addresses corresponding to the encrypted virtual addresses.
In step S222, the encrypted physical address PAM is decrypted to obtain the real physical address PA.
In step S223, the memory is accessed based on the real physical address PA.
And encrypting the allocated virtual address under the second-level security processing mechanism, wherein when an external program invades, the virtual address corresponding to the memory acquired by the external program is the encrypted virtual address, the original virtual address cannot be pushed back, and only when the secure access is performed under the second-level security processing mechanism, the real physical address PA can be obtained by translating the encrypted physical address PAM and performing anti-encryption (decryption) on the encrypted physical address PAM, so that the secure access of the memory is realized.
In some embodiments, the third level security processing mechanism includes two types, a third level class a security processing mechanism and a third level class B security processing mechanism, respectively. Encrypting entries in a page table for mapping between virtual addresses and physical addresses in a third level class a security processing mechanism includes: all entries in the first level entry DTE and/or all entries in the second level entry PTE are encrypted. Encrypting entries in a page table for mapping between virtual addresses and physical addresses in a third level class B security processing mechanism includes: partial entries in the first level entry DTE and/or partial entries in the second level entry PTE are selectively encrypted. And under the third-level security processing mechanism, if the item entry of the query is an encrypted entry, decrypting the query result and performing the next-level query based on the decrypted result, and if the item entry of the query is a non-encrypted entry, performing the next-level query directly based on the query result.
Fig. 6 is a schematic flow chart of memory access when executing the third class a security processing mechanism according to an embodiment of the present application. As shown in fig. 6, performing the memory access when the third level class a security processing mechanism is performed includes steps S311 to S316.
In step S311, the IOMMU receives an access request from the access device, obtains the virtual address VA, queries the DTE base address from the DTE base register, and finds the physical address of the first level entry DTE from the DTE base address.
In step S312, the next-stage PET location where the virtual address VA is located is queried based on the physical address of the first-stage entry DTE, and in this embodiment, all entries in the DTE are encrypted, so that an encrypted DTE query result is obtained, and the encrypted DTE query result is the encrypted PTE address.
In step S313, the encrypted DTE query result is decrypted to obtain a real DTE query result, which is the real PTE address.
In step S314, the physical address PA corresponding to the virtual address VA is queried in the second stage table entries PTE based on the real DTE query result (real PTE address), and in this embodiment, all entries in the PTE are encrypted, so that an encrypted PTE query result is obtained, and the encrypted PTE query result is the encrypted physical address.
In step S315, the encrypted PTE query result (encrypted physical address) is decrypted to obtain a real PTE query result, which is the real physical address PA.
In step S316, the memory is accessed based on the real PTE query result (i.e., physical address PA).
In this embodiment, since the entries in the first-stage table entry DTE and the second-stage table entry PTE are both encrypted, the addresses of the respective next-stage table entries stored in the first-stage table entry DTE and the second-stage table entry PTE are encrypted, and the original next-stage table entry address cannot be pushed back. Only after receiving the encrypted address, the IOMMU performs the anti-encryption (decryption) process to obtain the real address of the next stage. In this embodiment, two decryption processes are involved, step S313 and step S314, respectively.
In other embodiments, only the first stage table item DTE may be encrypted, and the second stage table item PTE is not encrypted, so that the address of the next stage table item stored in the first stage table item DTE is an encrypted address, and the next stage address stored in the second stage table item PTE is not encrypted, so that only the physical address PA corresponding to the query virtual address VA needs to be decrypted when the first stage table item DTE is queried to obtain the encrypted DTE query result.
Alternatively, in other embodiments, only the second-level table entry PTE may be encrypted, and the first-level table entry DTE is not encrypted, and similarly, in the query process, the real DTE query result is directly obtained through the first-level table entry DTE, and the real DTE query result is utilized to query the physical address PA corresponding to the virtual address VA in the second-level table entry PTE, in this embodiment, all the entries in the PTE are encrypted, so that an encrypted PTE query result is obtained, further, the encrypted PTE query result is decrypted to obtain the real PTE query result, and the memory is accessed based on the real PTE query result (i.e., the physical address PA).
FIG. 7 is a flow chart illustrating memory access when a third class B security processing mechanism is executed according to an embodiment of the present application. In this embodiment, encryption processing is not performed for the entire first-stage entry DTE and second-stage entry PTE, but encryption processing may be performed by configuring any entry of the two entries separately. So that, for example, the same second level entry PTE entry has both the secure address encrypted and the original address not encrypted. For example, in the present embodiment, DTE1 mapping entry and DTE3 mapping entry in the first level table entry DTE are encrypted entries, and DTE2 mapping entry is unencrypted entries; the PTE1 mapping entry and PTE3 mapping entry in the second level entry PTE are encrypted entries, while the PTE2 mapping entry is an unencrypted entry. Based on this, as shown in fig. 7, the memory access performed when the third class B security processing mechanism is executed in the present embodiment includes steps S321 to S324.
In step S321, the IOMMU receives the access request of the access device, obtains the virtual addresses VA1 and VA2, queries the DTE base address from the DTE base register, and finds the physical address of the first-level entry DTE from the DTE base address, if the physical address of the first-level entry DTE corresponding to the virtual address VA1 is DTE1 and the physical address of the first-level entry DTE corresponding to the virtual address VA2 is DTE2.
In step S322, the next stage PET position where the virtual address VA is located is queried based on the physical addresses DTE1, DTE2 of the first stage entry DTE. In this embodiment, the DTE1 mapping entry in the first-level table item DTE is an encrypted entry, and the DTE2 mapping entry is an unencrypted entry, so that a DTE1 encrypted query result is obtained based on the DTE1 mapping entry, a true DTE1 query result is obtained by decrypting the DTE1 encrypted query result, the true DTE1 query result is PTE1, a true DTE2 query result is directly obtained based on the DTE2 mapping entry, and the true DTE2 query result is PTE2.
In step S323, the physical addresses PA1 and PA2 corresponding to the virtual addresses VA1 and VA2 are queried from the real DTE1 query result and the real DTE2 query (i.e., PTE1 and PTE 2) to the second-level table entry PTE. In this embodiment, the PTE1 mapping entry in the second level table entry PTE is an encrypted entry, and the PTE2 mapping entry is an unencrypted entry, so that the PTE1 encrypted query result is obtained based on the PTE1 mapping entry, the PTE1 encrypted query result is decrypted to obtain the real PTE1 query result, the real PTE1 query result is the physical address PA1 corresponding to the virtual address VA1, the real PTE2 query result is directly obtained based on the PTE2 mapping entry, and the real PTE2 query result is the physical address PA2 corresponding to the virtual address VA 2.
In step S324, the secure memory is accessed based on the physical addresses PA1, PA2.
In the above, the key point of the third level security processing mechanism (including the third level class a security processing mechanism and the third level class B security processing mechanism) for performing the secure memory access is to encrypt the entry in the page table for mapping the virtual address and the physical address, thereby implementing the secure access. The third class A security processing mechanism is used for encrypting the integral first-level table item DTE and/or second-level table item PTE so as to realize secure memory access, and the third class B security processing mechanism is used for selectively encrypting the table items in the first-level table item DTE and/or second-level table item PTE, so that mixed use is more convenient, and flexibility is improved.
Furthermore, in some embodiments, the memory access security processing mechanism includes a combination of any of the above-described first level security processing mechanism, second level security processing mechanism, and third level security processing mechanism, where the third level security processing mechanism may be any of the above-described third level class a security processing mechanism and third level class B security processing mechanism. Thus, in some embodiments the triggering of the currently configured operation of the memory access security processing mechanism comprises a combination of any of the following: triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing; triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address; triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
For example, if the second level security processing mechanism is executed, the first level security processing mechanism may be executed in combination with the product regarding the need for more security. Similarly, for example, both the second-level security processing mechanism and the third-level security processing mechanism (third-level class a security processing mechanism or third-level class B security processing mechanism) are also executed in combination. For example, the first level security processing mechanism, the second level security processing mechanism, and the third level security processing mechanism (third level a security processing mechanism or third level B security processing mechanism) are executed in combination. The factor of the switching of the three security processing mechanisms is that security and system overhead considerations, the safer means that each step on the access path is encrypted, and also that the delay is large. The common point is that an illegal program cannot touch the translation process from the virtual address VA to the physical address PA, so that the safety of the PA is protected.
The protection scope of the memory management method according to the embodiment of the present application is not limited to the execution sequence of the steps listed in the embodiment, and all the schemes implemented by adding or removing steps and replacing steps according to the prior art made by the principles of the present application are included in the protection scope of the present application.
The embodiment of the present application further provides a memory management device, where the memory management device may implement the memory management method described in the present application, but the implementation device of the memory management method described in the present application includes, but is not limited to, the structure of the memory management device listed in the present embodiment, and all structural modifications and substitutions made according to the principles of the present application in the prior art are included in the protection scope of the present application.
Fig. 8 is a schematic structural diagram of a memory management device according to an embodiment of the present application. As shown in fig. 8, the memory management device 3 includes a policy configuration module 31 and an access management module 32. The policy configuration module 31 is configured to configure a memory access security handling mechanism, and the access management module 32 is configured to trigger the currently configured memory access security handling mechanism to operate in response to a memory access request, so as to prevent an illegal program from touching the virtual address to physical address translation process.
In some embodiments, the memory access security handling mechanism configured in policy configuration module 31 includes any one or a combination of any of the following: a first level secure processing mechanism configured to include placing a page table for mapping between virtual addresses and physical addresses in a trusted computing environment for processing; a second-level security processing mechanism configured to include assigning an encrypted virtual address to the access device and performing a translation of a physical address based on the encrypted virtual address; a third level security handling mechanism configured to include encrypting entries in a page table for mapping between virtual addresses and physical addresses for progressive lookup based on the encrypted entries in a virtual address to physical address translation process.
In some embodiments, the access management module 32 is configured to execute the memory access security processing mechanism including any one or a combination of any of the following: triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing; triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address; triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
The specific implementation manners of the first-level security processing mechanism, the second-level security processing mechanism and the third-level security processing mechanism are the same as those in some of the above specific embodiments, and are not repeated here.
The embodiment of the application also provides a chip, comprising a memory management device, wherein the memory management device comprises a policy configuration module and an access management module. The policy configuration module is configured to configure the memory access security processing mechanism, and the access management module is configured to trigger the currently configured memory access security processing mechanism to operate in response to a memory access request so as to prevent an illegal program from touching the translation process from the virtual address to the physical address.
In the several embodiments provided in this application, it should be understood that the disclosed method or apparatus may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of modules/units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple modules or units may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or modules or units, which may be in electrical, mechanical or other forms.
The modules/units illustrated as separate components may or may not be physically separate, and components shown as modules/units may or may not be physical modules, i.e., may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules/units may be selected according to actual needs to achieve the purposes of the embodiments of the present application. For example, functional modules/units in various embodiments of the present application may be integrated into one processing module, or each module/unit may exist alone physically, or two or more modules/units may be integrated into one module/unit.
Those of ordinary skill would further appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The embodiment of the application also provides electronic equipment. Fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 9, the electronic device 4 includes a processor 41 and a memory 42. The memory 42 is used for storing a computer program. The processor 41 is connected to the memory 42, and is configured to execute a computer program stored in the memory 42, so that the electronic device executes the memory management method described above.
In some embodiments, the memory may include: various media capable of storing program codes, such as ROM, RAM, magnetic disk, U-disk, memory card, or optical disk.
In some embodiments, the processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), and the like. In other embodiments, the processor may also be a digital signal processor (Digital Signal Processor, DSP for short), application specific integrated circuit (Application Specific Integrated Circuit, ASIC for short), field programmable gate array (Field Programmable Gate Array, FPGA for short), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components.
Embodiments of the present application also provide a computer-readable storage medium having stored thereon a computer program that is executed by a processor to implement a memory management method according to the present application. Those of ordinary skill in the art will appreciate that all or part of the steps in the method implementing the above embodiments may be implemented by a program to instruct a processor, where the program may be stored in a computer readable storage medium, where the storage medium is a non-transitory (non-transitory) medium, such as a random access memory, a read only memory, a flash memory, a hard disk, a solid state disk, a magnetic tape (magnetic tape), a floppy disk (floppy disk), an optical disk (optical disk), and any combination thereof. The storage media may be any available media that can be accessed by a computer or a data storage device such as a server, data center, or the like that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a digital video disc (digital video disc, DVD)), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
Embodiments of the present application may also provide a computer program product comprising one or more computer instructions. When the computer instructions are loaded and executed on a computing device, the processes or functions described in accordance with the embodiments of the present application are produced in whole or in part. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, or data center to another website, computer, or data center by a wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.).
The computer program product is executed by a computer, which performs the method according to the preceding method embodiment. The computer program product may be a software installation package, which may be downloaded and executed on a computer in case the aforementioned method is required.
The descriptions of the processes or structures corresponding to the drawings have emphasis, and the descriptions of other processes or structures may be referred to for the parts of a certain process or structure that are not described in detail.
The foregoing embodiments are merely illustrative of the principles of the present application and their effectiveness, and are not intended to limit the application. Modifications and variations may be made to the above-described embodiments by those of ordinary skill in the art without departing from the spirit and scope of the present application. Accordingly, it is intended that all equivalent modifications and variations which may be accomplished by persons skilled in the art without departing from the spirit and technical spirit of the disclosure be covered by the claims of this application.
Claims (13)
1. A memory management method, comprising:
configuring a memory access security processing mechanism; and
and responding to the memory access request, triggering the currently configured memory access security processing mechanism to operate so as to prevent illegal programs from touching the virtual address to physical address translation process.
2. The memory management method according to claim 1, wherein the triggering the operation of the currently configured memory access security processing mechanism comprises any one or a combination of any of the following:
triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing;
triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address;
triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
3. The memory management method of claim 2, wherein the placing the page table for mapping between virtual addresses and physical addresses in a trusted computing environment for processing comprises: the page table is created in the trusted computing environment.
4. The memory management method of claim 3 wherein said placing the page table for mapping between virtual addresses and physical addresses in a trusted computing environment for processing further comprises: querying the page table in the trusted computing environment.
5. The memory management method according to claim 2, wherein the translating of the physical address based on the encrypted virtual address includes:
inquiring a page table for mapping between the virtual address and the physical address, and acquiring an encrypted physical address corresponding to the encrypted virtual address; and
decrypting the encrypted physical address to obtain a real physical address.
6. The memory management method of claim 2, wherein encrypting an entry in a page table for mapping between a virtual address and a physical address comprises: all entries in the first level entry DTE and/or all entries in the second level entry PTE are encrypted.
7. The memory management method of claim 2, wherein encrypting an entry in a page table for mapping between a virtual address and a physical address comprises: partial entries in the first level entry DTE and/or partial entries in the second level entry PTE are selectively encrypted.
8. The memory management method according to claim 6 or 7, wherein under the third level security processing mechanism, if the queried entry is an encrypted entry, the query result is decrypted and the next level of query is performed based on the decrypted result, and if the queried entry is an unencrypted entry, the next level of query is performed directly based on the query result.
9. A memory management device, comprising:
the policy configuration module is configured to configure a memory access security processing mechanism; and
and the access management module is configured to respond to the memory access request and trigger the currently configured memory access security processing mechanism to operate so as to prevent illegal programs from touching the virtual address to physical address translation process.
10. The memory management device of claim 9, wherein the access management module is configured to perform any one or a combination of any of the following:
triggering a first-level security processing mechanism to operate so as to place a page table for mapping between a virtual address and a physical address into a trusted computing environment for processing;
triggering a second-level security processing mechanism to operate so as to distribute the encrypted virtual address to the access equipment and translating the physical address based on the encrypted virtual address;
triggering a third-level security processing mechanism to operate so as to encrypt an entry in a page table for mapping between a virtual address and a physical address, and performing step-by-step query based on the encrypted entry in the process of translating the virtual address to the physical address.
11. A chip comprising the memory management device according to claim 9.
12. An electronic device, comprising:
a memory configured to store a computer program; and
a processor configured to execute the computer program to cause the electronic device to perform the memory management method according to any one of claims 1 to 8.
13. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program is executed to implement the memory management method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310164881.XA CN116185894A (en) | 2023-02-24 | 2023-02-24 | Memory management method and device, chip, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310164881.XA CN116185894A (en) | 2023-02-24 | 2023-02-24 | Memory management method and device, chip, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116185894A true CN116185894A (en) | 2023-05-30 |
Family
ID=86445999
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310164881.XA Pending CN116185894A (en) | 2023-02-24 | 2023-02-24 | Memory management method and device, chip, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116185894A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117851291A (en) * | 2024-03-07 | 2024-04-09 | 北京象帝先计算技术有限公司 | Memory access system, electronic component and electronic equipment |
-
2023
- 2023-02-24 CN CN202310164881.XA patent/CN116185894A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117851291A (en) * | 2024-03-07 | 2024-04-09 | 北京象帝先计算技术有限公司 | Memory access system, electronic component and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5164290B2 (en) | Information flow tracking and protection | |
| US20130013889A1 (en) | Memory management unit using stream identifiers | |
| US10474816B2 (en) | Secure memory implementation for secure execution of Virtual Machines | |
| US10303621B1 (en) | Data protection through address modification | |
| EP3504837B1 (en) | Thread ownership of keys for hardware-accelerated cryptography | |
| US9418220B1 (en) | Controlling access to memory using a controller that performs cryptographic functions | |
| US9183391B2 (en) | Managing device driver cross ring accesses | |
| US10181027B2 (en) | Interface between a device and a secure processing environment | |
| US20200089628A1 (en) | Soc chip and method for controlling bus access | |
| WO2022132184A1 (en) | System, method and apparatus for total storage encryption | |
| CN116185894A (en) | Memory management method and device, chip, electronic equipment and storage medium | |
| US11048644B1 (en) | Memory mapping in an access device for non-volatile memory | |
| US20220308756A1 (en) | Performing Memory Accesses for Input-Output Devices using Encryption Keys Associated with Owners of Pages of Memory | |
| CN112514320A (en) | Dynamic cryptography key expansion | |
| CN111382429B (en) | Instruction execution method and device and storage medium | |
| US20230236870A1 (en) | Safe entropy source for encrypted virtual machines | |
| US11698996B2 (en) | Secure transient buffer management | |
| US20190163657A1 (en) | Technologies for stable secure channel identifier mapping for static and dynamic devices | |
| US11734197B2 (en) | Methods and systems for resilient encryption of data in memory | |
| US20180307626A1 (en) | Hardware-assisted memory encryption circuit | |
| US11397834B2 (en) | Methods and systems for data backup and recovery on power failure | |
| CN113614703B (en) | Apparatus for core specific memory mapping | |
| WO2016166134A1 (en) | Device for managing multiple accesses to a secure module of a system on chip of an apparatus | |
| US8615600B2 (en) | Communication between a host operating system and a guest operating system | |
| US20230342306A1 (en) | Methods and systems for processor agnostic encryption management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |