Electrical computers and digital processing systems: support – Data processing protection using cryptography – Tamper resistant
Reexamination Certificate
2003-11-17
2009-02-03
Moazzami, Nasser (Department: 2136)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Tamper resistant
C713S189000, C711S163000, C711S152000
Reexamination Certificate
active
07487367
ABSTRACT:
The present invention provides a data processing apparatus and method for managing access to a memory within the data processing apparatus. The data processing apparatus comprises a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain and a non-secure domain, said plurality of modes including at least one non-secure mode being a mode in the non-secure domain and at least one secure mode being a mode in the secure domain, said processor being operable such that when executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode. Further, a memory is provided for storing data required by the processor, and consists of secure memory for storing secure data and non-secure memory for storing non-secure data. The memory further contains a non-secure table and a secure table, the non-secure table being within the non-secure memory and arranged to contain for each of a number of first memory regions an associated descriptor, and the secure table being within the secure memory and arranged to contain for each of a number of second memory regions an associated descriptor. When access to an item of data in the memory is required by the processor, the processor issues a memory access request, and a memory management unit is provided to perform one or more predetermined access control functions to control issuance of the memory access request to the memory. The memory management unit comprises an internal storage unit operable to store descriptors retrieved by the memory management unit from either the non-secure table or the secure table, and in accordance with the present invention the internal storage unit comprises a flag associated with each descriptor stored within the internal storage unit to identify whether that descriptor is from the non-secure table or the secure table. By this approach, when the processor is operating in a non-secure mode, the memory management unit is operable to perform the predetermined access control functions for the memory access request with reference to access control information derived from the descriptors in the internal storage unit retrieved from the non-secure table. In contrast, when the processor is operating in a secure mode, the memory management unit is operable to perform the predetermined access control functions for the memory access request with reference to access control information derived from the descriptors in the internal storage unit retrieved from the secure table. This approach enables different descriptors to be used for the control of accesses to memory in either the secure domain or the non-secure domain, whilst enabling such different descriptors to co-exist within the memory management unit's internal storage unit, thereby avoiding the requirement to flush the contents of such an internal storage unit when the operation of the processor changes from the secure domain to the non-secure domain, or vice versa.
REFERENCES:
patent: 4300192 (1981-11-01), Couleur et al.
patent: 4677546 (1987-06-01), Freeman et al.
patent: 5469556 (1995-11-01), Clifton
patent: 5481684 (1996-01-01), Richter et al.
patent: 5581722 (1996-12-01), Welland
patent: 5596735 (1997-01-01), Hervin et al.
patent: 5751996 (1998-05-01), Glew et al.
patent: 5805879 (1998-09-01), Hervin et al.
patent: 6397242 (2002-05-01), Devine et al.
patent: 6671791 (2003-12-01), McGrath
patent: 6678825 (2004-01-01), Ellison et al.
patent: 6715016 (2004-03-01), Ohno et al.
patent: 6772419 (2004-08-01), Sekiguchi et al.
patent: 6795905 (2004-09-01), Ellison et al.
patent: 6807616 (2004-10-01), McGrath et al.
patent: 6854039 (2005-02-01), Strongin et al.
patent: 7089418 (2006-08-01), Ellison et al.
patent: 0 288 606 (1988-11-01), None
patent: 0 574 032 (1993-12-01), None
patent: 574032 (1993-12-01), None
patent: 2 176 918 (1987-01-01), None
patent: A-4311233 (1992-04-01), None
patent: 2000-267932 (2000-02-01), None
patent: 2000-076087 (2000-03-01), None
patent: 97/36235 (1997-10-01), None
Related U.S. Appl. No. 10/714,518.
Related U.S. Appl. No. 10/714,563.
Related U.S. Appl. No. 10/714,519.
Related U.S. Appl. No. 10/714,565.
Related U.S. Appl. No. 10/714,561.
Related U.S. Appl. No. 10/714,520.
Related U.S. Appl. No. 10/714,483.
Related U.S. Appl. No. 10/714,178.
Related U.S. Appl. No. 10/714,480.
Related U.S. Appl. No. 10/714,562.
Related U.S. Appl. No. 10/714,560.
Related U.S. Appl. No. 10/714,516.
Related U.S. Appl. No. 10/714,482.
Related U.S. Appl. No. 10/714,484.
Related U.S. Appl. No. 10/713,454.
Related U.S. Appl. No. 10/713,303.
Related U.S. Appl. No. 10/713,456.
Related U.S. Appl. No. 10/714,481.
Japanese Office Action in corrsponding Japanese Application No. 2003-386037 mailed Aug. 5, 2008.
Belnet Lionel
Chaussade Nicolas
Middleton Peter Guy
Watt Simon Charles
ARM Limited
Moazzami Nasser
Nixon & Vanderhye P.C.
Shiferaw Eleni A
LandOfFree
Apparatus and method for managing access to a memory does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for managing access to a memory, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for managing access to a memory will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4054296