CN117539615A - Memory protection method and memory of operating system - Google Patents
Memory protection method and memory of operating system Download PDFInfo
- Publication number
- CN117539615A CN117539615A CN202311317209.6A CN202311317209A CN117539615A CN 117539615 A CN117539615 A CN 117539615A CN 202311317209 A CN202311317209 A CN 202311317209A CN 117539615 A CN117539615 A CN 117539615A
- Authority
- CN
- China
- Prior art keywords
- memory
- processing thread
- data
- partition
- thread
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000005192 partition Methods 0.000 claims abstract description 92
- 238000013507 mapping Methods 0.000 claims abstract description 14
- 230000002093 peripheral effect Effects 0.000 claims description 3
- 230000001960 triggered effect Effects 0.000 claims 2
- 230000000694 effects Effects 0.000 abstract description 6
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 230000008569 process Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 5
- 238000001514 detection method Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5016—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data processing, in particular to a memory protection method and a memory of an operating system, comprising the following steps: step S1: the method comprises the steps that access rights are predetermined for processing threads to be created when an application program in an operating system runs; step S2: constructing a permission mapping table of the processing thread corresponding to the memory area according to the access permission so as to determine the memory partition which can be actually used by the processing thread; step S3: and running the processing thread, wherein the processing thread only accesses the data in the memory partition when running. The beneficial effects are that: the corresponding access rights are configured for the processing thread in advance, and when the processing thread runs, the memory partition corresponding to the specific data category is configured according to the access rights and the mapping is established, so that the processing thread only resets the access rights of the specific area of the partition corresponding to the right table to which the thread belongs when switching, a better memory protection effect is realized, the power consumption is saved, and the instantaneity is improved.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a memory protection method and a memory for an operating system.
Background
In an embedded system, a memory is used to temporarily store operation data in a CPU and data exchanged with an external memory such as a hard disk. When the corresponding application program needs to be run, the operating system can call corresponding codes, data and the like from the storage to be stored in the memory so as to read, execute and write the application program when the application program runs. In order to achieve better security, stability and reliability of the embedded system, a corresponding memory protection mechanism is generally required to be configured to manage access and operation authority of the memory, so that erroneous access is avoided.
In the prior art, there are many technical solutions for memory protection, for example, chinese patent CN201811619460.7 discloses a memory access method, a memory access controller and a system on chip, and the method includes: a receiving step, namely receiving a memory access request from a memory access module through a bus, wherein the memory access request comprises an identification of the memory access module and a domain name of a memory area to be accessed; and a detection processing step, namely detecting the memory access request according to the currently stored memory access request and a preset memory access control table, correspondingly processing the memory access request according to a detection result, obtaining an updated memory access request, detecting the updated memory access request, and transmitting an access result of the memory access request to a corresponding memory access module according to the detection result. The invention can effectively protect the memory, avoid the leakage of sensitive information and can efficiently access the memory.
However, in the practical implementation process, the inventor finds that the technical scheme is large in time consumption and affects instantaneity because the software layer is relied on to intercept the memory access request, process the data of the appointed page, determine that the memory access request can be accessed and then released, and reset the whole memory protection unit when the threads are switched.
Disclosure of Invention
Aiming at the problems in the prior art, a memory protection method of an operating system is provided; in another aspect, a memory for implementing the memory protection method is also provided.
The specific technical scheme is as follows:
a memory protection method for an operating system, comprising:
step S1: determining access rights in advance for a processing thread to be created when an application program in the operating system runs;
step S2: constructing a permission mapping table of the processing thread corresponding to the memory area according to the access permission so as to determine the memory partition which can be actually used by the processing thread;
the memory partitions are determined according to the data types of the memory data to be accessed by the processing threads, and each memory partition is used for storing the memory data of one data type;
step S3: and running the processing thread, wherein the processing thread only accesses the data in the specific memory partition according to the authority mapping table during running.
On the other hand, the step S1 includes:
step S11: acquiring an application to which the processing thread belongs for the processing thread;
step S12: acquiring classification information of the application;
the classification information includes: untrusted applications and trusted applications;
step S13: and determining the access rights of the processing threads according to the classification information.
On the other hand, the access rights comprise a plurality of groups of data category rights, each group of data category rights respectively corresponds to one data category, and each group of data category rights also respectively comprises task access rights and interrupt access rights;
when the processing thread runs through a task, determining the actual access authority of the processing thread to the memory partition corresponding to each data category based on the task access authority;
when the processing thread runs through interruption, determining the actual access authority of the processing thread to the memory partition corresponding to each data type based on the interruption access authority;
the actual access authority is as follows: no rights or read-only or execute or read-write.
In another aspect, the data categories include: the code outside the application, the data outside the application, the private data of the application, the code of the processing thread, the data of the processing thread, the stack of the processing thread, the code of the other threads of the application, the data of the other threads, the stack of the other threads, and the peripheral interface.
On the other hand, a plurality of memory partitions form a memory partition group, and each memory partition group is respectively constructed for the memory data of one application.
On the other hand, after the step S3, the method further includes:
step S4: and acquiring the running state of the processing thread, and when the running state is switched, re-determining the access authority of the processing thread and adjusting the memory partition.
On the other hand, the step S4 includes:
step S41: acquiring the running state and judging whether thread switching occurs or not;
if yes, go to step S42;
if not, returning to the step S41;
step S42: determining the update application category of the processing thread according to the partition number to be accessed by the processing thread after the thread is switched;
the update application category includes: switching from the trusted application to another one of the trusted applications, from the untrusted application to another one of the untrusted applications, from the trusted application to the untrusted application, from the untrusted application to the trusted application;
step S43: determining a partition to be initialized according to the updated application category, and then initializing the partition to be initialized to form an available memory partition;
and the processing thread after the thread switching accesses the available memory partition to acquire memory data.
On the other hand, the process of executing the step S43 further includes:
judging whether the processing thread needs to cross the memory partition group or not, and adjusting the partition to be initialized according to a judging result.
A memory having stored therein computer instructions adapted to be executed in a computer device, which when executed by the computer device, performs the memory protection method described above.
The technical scheme has the following advantages or beneficial effects:
aiming at the problems of larger load and poorer timeliness of a memory protection mechanism in the prior art, in the scheme, the corresponding access authority is pre-configured around a processing thread which is created when an application program runs, and when the processing thread runs, a memory partition corresponding to a specific data category is configured according to the access authority and a mapping is established, so that the processing thread only resets the access authority of a specific area of a partition corresponding to the authority table to which the thread belongs when switching, thereby realizing better memory protection effect, saving power consumption and improving instantaneity.
Drawings
Embodiments of the present invention will now be described more fully with reference to the accompanying drawings. The drawings, however, are for illustration and description only and are not intended as a definition of the limits of the invention.
FIG. 1 is an overall schematic of an embodiment of the present invention;
FIG. 2 is a schematic diagram of the substep of step S1 in the embodiment of the invention;
FIG. 3 is a schematic diagram of step S4 in an embodiment of the present invention;
fig. 4 is a schematic diagram of the substep of step S4 in the embodiment of the invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that, without conflict, the embodiments of the present invention and features of the embodiments may be combined with each other.
The invention is further described below with reference to the drawings and specific examples, which are not intended to be limiting.
The invention comprises the following steps:
as shown in fig. 1, a memory protection method of an operating system includes:
step S1: the method comprises the steps that access rights are predetermined for processing threads to be created when an application program in an operating system runs;
step S2: constructing a permission mapping table of the processing thread corresponding to the memory area according to the access permission so as to determine the memory partition which can be actually used by the processing thread;
the memory partitions are determined according to the data types of the memory data to be accessed by the processing threads, and each memory partition is used for storing the memory data of one data type;
step S3: and running the processing thread, wherein the processing thread only accesses the data in the specific memory partition according to the authority mapping table when running.
Specifically, in the embodiment, corresponding access rights are pre-allocated for processing threads generated by an operating system during running, where the access rights are associated with data types accessible by the processing threads during running, for example, codes outside the application, data outside the application, and the like. Then, when the application program is actually running, the physical memory can be divided according to the data types of the related data contained in the application program, and a plurality of memory partitions can be configured, wherein each memory partition is used for storing the memory data of one data type, such as codes, private data, stacks and the like. It should be noted that, according to the data required by the application program, multiple memory partitions may be established, where the memory partitions correspond to actual physical memory addresses, and not all the memory partitions are accessible or operable by the current processing thread. After the memory partition is established, the memory partition which can be accessed by the processing thread can be determined based on the access right configured for the current processing thread, and a corresponding mapping relation is established to form a right mapping table. During actual running, the processing thread can only execute specific operations, such as read-only, execution, writing and the like, on specific memory partitions through the permission mapping table, so that a finer memory protection mechanism is realized, other data are not easy to leak, meanwhile, the thread only resets the access permission of the specific area of the partition corresponding to the permission table to which the thread belongs during switching, the permission table is calculated well when an operating system is started, and subsequent threads are directly read and used during switching. .
In the implementation process, as shown in fig. 2, step S1 includes:
step S11: acquiring an application of a processing thread aiming at the processing thread;
step S12: acquiring classification information of the application;
the classification information includes: untrusted applications and trusted applications;
step S13: and determining the access rights of the processing threads according to the classification information.
The access rights comprise a plurality of groups of data category rights, and each group of data category rights corresponds to one data category respectively;
the data categories include: code outside of the application, data outside of the application, private data of the application, code of a processing thread, data of a processing thread, a stack of a processing thread, code of other threads of the application, data of other threads, stacks of other threads, and a peripheral device interface.
In the operating system, the configuration of the threads is static configuration, and the threads are not dynamically created in the running process of the system, so that the overall memory layout and the thread position are determined. Each processing thread has its own application, which can be classified into untrusted and trusted applications according to a pre-defined hierarchy. The data types which can be accessed by the processing threads and are generated by each type of application can be configured aiming at the untrusted application and the trusted application, and in the subsequent process of creating the memory partition, the corresponding memory partition is respectively built around the data types so as to control the memory data which can be operated by the processing threads.
It should be noted that the above classification information is only a simpler embodiment, and other partitions may be also included in the implementation process, for example, the trusted application may be subdivided into a trusted application with protection, a trusted application without protection, and the like.
Further, in order to achieve a more accurate control effect, each group of data category authorities also respectively comprises a task access authority and an interrupt access authority;
when the processing thread runs through the task, determining the actual access authority of the processing thread to the memory partition corresponding to each data category based on the task access authority;
when the processing thread runs through the interrupt, determining the actual access authority of the processing thread to the memory partition corresponding to each data category based on the interrupt access authority;
the actual access rights are: no rights or read-only or execute or read-write.
Specifically, considering that the actual system is executing, the corresponding application program needs to be started and the processing thread is created by means of Task scheduling (Task) or interrupt trigger (ISR). Therefore, by selecting to control the access rights by further combining with the application scene when the process thread is created when the access rights are configured for each data category, more accurate configuration effect can be realized.
According to the above mechanism, a more complete authority configuration table can be formed, as shown in table 1:
TABLE 1
According to the authority configuration table, after the memory partition corresponding to the data category is created, the access authority of the thread to the memory partition of the specific data category can be processed under the condition that different triggers are configured according to the authority configuration table. Meanwhile, after the memory partitions are created, a plurality of memory partitions form a memory partition group, and each memory partition group is respectively constructed for memory data of one application, so that a processing thread can access the data in a specific memory partition and execute corresponding operation.
In one embodiment, as shown in fig. 3, after step S3, the method further includes:
step S4: acquiring the running state of the processing thread, and when the running state is switched, re-determining the access authority of the processing thread and adjusting the memory partition.
Specifically, considering the problem that the processing thread may be switched during the actual running process, and thus the memory management mechanism is invalid, in this embodiment, after the mapping relationship between the processing thread and the memory partition is established, the state of the processing thread is further monitored, so as to obtain the running state of the processing thread, and when the thread is switched, the corresponding memory partition is redetermined, so that a better protection effect is achieved, and meanwhile, as the operation process of the thread itself is not required to be identified, the occupation of resources is reduced.
In one embodiment, as shown in fig. 4, step S4 includes:
step S41: acquiring an operation state and judging whether thread switching occurs or not;
if yes, go to step S42;
if not, returning to step S41;
step S42: determining the update application category of the processing thread according to the partition number to be accessed by the processing thread after the thread is switched;
updating the application category includes: switching from a trusted application to another trusted application, from an untrusted application to another untrusted application, from a trusted application to an untrusted application, from an untrusted application to a trusted application;
step S43: determining a partition to be initialized according to the update application category, and then initializing the partition to be initialized to form an available memory partition;
and the processing thread after the thread switching accesses the available memory partition to acquire the memory data.
Specifically, in order to achieve a better allocation effect, in this embodiment, the identification process is further constructed, after the processing thread is switched according to the partition number to be accessed by the processing thread after the thread is switched, the change of the theoretical security level is determined, and then the memory area needing to be initialized and the access authority and the mapping relation are selected, so that the security of the memory data in the switching process is improved.
The identification process is a parallel process performed by the processing thread when the processing thread normally executes corresponding processing, and judges whether specific initialization operation is needed by monitoring the running state and judging whether thread switching occurs or not; when there is no thread switch, only the monitoring of the running state is maintained without processing the memory partition until the processing thread exits or shuts down.
In one embodiment, the step S43 further includes:
judging whether the processing thread needs to cross the memory partition group or not, and adjusting the partition to be initialized according to the judging result.
Specifically, in the process of determining the memory partition to be initialized, in order to achieve better memory security, whether the processing thread needs to access the memory partition outside the current memory partition group is further determined, if yes, the memory partition to be initialized is increased to improve the security.
In one embodiment, 1 st to 13 th memory partitions, respectively 1 st and code starting sections, are sequentially arranged in a memory partition group of a certain application program; 2. an application code start section; 3. the application code segment; 4. an application code ending section; 5. a code ending section; 6. a data start section; 7. a private data start segment; 8. applying the private data segment; 9. a thread data start segment; 10. a thread data segment; 11. a thread data end segment; 12. application data end section and 13, external device section.
When triggering thread switching, the partition numbers before and after switching are firstly identified and classified into the following categories:
switching from a trusted application to another trusted application, from an untrusted application to another untrusted application, from a trusted application to an untrusted application, from an untrusted application to a trusted application;
and then judging whether the switching of the threads is to cross the memory partition group or not, and finally generating the memory partition which needs to be initialized.
For example, when switching from a trusted application to another trusted application:
if the thread switching needs to cross the partition, the 9, thread data initial segment needs to be reinitialized at most; 10. a thread data segment; 11. a thread data end segment;
if the partition is not needed to be crossed, only initializing 10 and thread data segments;
upon switching from an untrusted application to another untrusted application:
if the thread switching needs to cross the partition, 4 is needed to be reinitialized at most, and the code ending section is applied; 5. a code ending section; 6. a data start section; 9. a thread data start segment; 10. a thread data segment; 11. a thread data end segment;
if the partition is not needed to be crossed, only initializing 10 and thread data segments;
when switching from a trusted application to an untrusted application, or vice versa, all of the memory partitions of 2-11 need to be initialized.
A memory having stored therein computer instructions adapted to be executed in a computer device, which when executed by the computer device, performs the memory protection method described above.
When the computer device reads the computer instruction, the operating system loads the instruction, and controls the processing thread of the application program and creates the memory partition according to the memory protection method.
The memory may be a computer readable signal medium or a computer readable storage medium. The computer-readable storage medium includes, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing, such as Random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable read-only memory (CD-ROM).
A processor in the computer reads the computer instructions stored in the memory so that the processor can perform the functional actions specified in each step in the flowchart, or a combination of steps; a means for generating a functional action specified in each block of the block diagram or a combination of blocks.
It should be appreciated that a processor in a computer may be understood as one or more Application Specific Integrated Circuits (ASICs), DSPs, programmable Logic Devices (PLDs), complex Programmable Logic Devices (CPLDs), field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, micro-controllers (MCUs), microprocessors (microprocessors), or other electronic element implementations for executing the aforementioned computer instructions.
The computer instructions may execute entirely on the user's local computer, partly on the user's local computer, as a stand-alone software package, partly on the user's local computer and partly on a remote computer or entirely on the remote computer or server. It should also be noted that in some alternative implementations, the functions noted in the flowchart steps or blocks in the block diagrams may occur out of the order noted in the figures. For example, two steps or blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
The foregoing is merely illustrative of the preferred embodiments of the present invention and is not intended to limit the embodiments and scope of the present invention, and it should be appreciated by those skilled in the art that equivalent substitutions and obvious variations may be made using the description and illustrations of the present invention, and are intended to be included in the scope of the present invention.
Claims (9)
1. A memory protection method for an operating system, comprising:
step S1: determining access rights in advance for a processing thread to be created when an application program in the operating system runs;
step S2: constructing a permission mapping table of the processing thread corresponding to the memory area according to the access permission so as to determine the memory partition which can be actually used by the processing thread;
the memory partitions are determined according to the data types of the memory data to be accessed by the processing threads, and each memory partition is used for storing the memory data of one data type;
step S3: and running the processing thread, wherein the processing thread only accesses the data in the specific memory partition according to the authority mapping table during running.
2. The memory protection method according to claim 1, wherein the step S1 includes:
step S11: acquiring an application to which the processing thread belongs for the processing thread;
step S12: acquiring classification information of the application;
step S13: and determining the access rights of the processing threads according to the classification information.
3. The memory protection method according to claim 2, wherein the access rights include a plurality of sets of data category rights, each set of data category rights corresponding to a data category, each set of data category rights further including a task access right and an interrupt access right, respectively;
when the processing thread is triggered by task scheduling, determining the actual access authority of the processing thread to the memory partition corresponding to each data category based on the task access authority;
when the processing thread is triggered by the interrupt, determining the actual access authority of the processing thread to the memory partition corresponding to each data type based on the interrupt access authority.
4. The memory protection method of claim 2, wherein the data class comprises: the code outside the application, the data outside the application, the private data of the application, the code of the processing thread, the data of the processing thread, the stack of the processing thread, the code of the other threads of the application, the data of the other threads, the stack of the other threads, and the peripheral interface.
5. The memory protection method of claim 2, wherein a plurality of said memory partitions form a memory partition group, each said memory partition group being constructed for memory data of one said application.
6. The memory protection method according to claim 5, further comprising, after the step S3:
step S4: and acquiring the running state of the processing thread, and when the running state is switched, re-determining the access authority of the processing thread and adjusting the memory partition.
7. The memory protection method according to claim 6, wherein the step S4 includes:
step S41: acquiring the running state and judging whether thread switching occurs or not;
if yes, go to step S42;
if not, returning to the step S41;
step S42: determining the update application category of the processing thread according to the partition number to be accessed by the processing thread after the thread is switched;
step S43: determining a partition to be initialized according to the updated application category, and then initializing the partition to be initialized to form an available memory partition;
and the processing thread after the thread switching accesses the available memory partition to acquire memory data.
8. The memory protection method according to claim 7, further comprising, in performing the step S43:
judging whether the processing thread needs to cross the memory partition group or not, and adjusting the partition to be initialized according to a judging result.
9. A memory having stored therein computer instructions adapted to be executed in a computer device, wherein the memory protection method according to any of claims 1-8 is performed when the computer device executes the computer instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311317209.6A CN117539615A (en) | 2023-10-11 | 2023-10-11 | Memory protection method and memory of operating system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311317209.6A CN117539615A (en) | 2023-10-11 | 2023-10-11 | Memory protection method and memory of operating system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117539615A true CN117539615A (en) | 2024-02-09 |
Family
ID=89784983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311317209.6A Pending CN117539615A (en) | 2023-10-11 | 2023-10-11 | Memory protection method and memory of operating system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117539615A (en) |
-
2023
- 2023-10-11 CN CN202311317209.6A patent/CN117539615A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI655643B (en) | Area identification operation for identifying an area of a memory attribute unit corresponding to a target memory address | |
| JP3023425B2 (en) | Data processing device | |
| TW201015323A (en) | Secure information processing | |
| CN112639779A (en) | Security configuration for translation of memory addresses from object-specific virtual address space to physical address space | |
| JP5433349B2 (en) | Data processor | |
| US11586779B2 (en) | Embedded system and method | |
| JPH08272625A (en) | Device and method for multiprogram execution control | |
| EP2996043B1 (en) | Debugging in a data processing apparatus | |
| KR20160019454A (en) | Security protection of software libraries in a data processing apparatus | |
| US8850601B2 (en) | Systems and methods of determining a trust level from system management mode | |
| CN116578341A (en) | Processor, interrupt isolation method, instruction simulation method, system on chip and device | |
| CN117234729B (en) | Dynamic memory protection method, device, computer equipment and storage medium | |
| CN113449292B (en) | Running method, device and equipment of trusted application | |
| KR102646630B1 (en) | Method to issue write protect commands on dynamic random-access memory(dram) cells in a system run-time environment | |
| CN114282206A (en) | Stack overflow detection method, device, embedded system and storage medium | |
| CN114641769A (en) | Safety measuring device and method for processor | |
| CN117539615A (en) | Memory protection method and memory of operating system | |
| US20180260563A1 (en) | Computer system for executing analysis program, and method of monitoring execution of analysis program | |
| JP7569307B2 (en) | Apparatus and method for handling exception cause events - Patents.com | |
| CN114201752B (en) | Page table management method and device for security isolation virtual machine and related equipment | |
| EP4095725A1 (en) | Electronic device and security protection method | |
| RU2780973C2 (en) | Response with processor function identifier for virtualization | |
| US20230066447A1 (en) | Execution of code in system memory | |
| CN109190383B (en) | Access instruction processing method, device and equipment | |
| EP4372551A1 (en) | Virtual machine management method and related system, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |