Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-04-16
2001-03-13
Beausoliel, Jr., Robert W. (Department: 2785)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C711S163000
Reexamination Certificate
active
06202154
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to a memory protection function (or data protection function) in a data transfer control apparatus, such as a DMAC (Direct Memory Access Controller), and, more specifically, to technology which is effective for application, for example, to a microcomputer (processor or microprocessor) and a data processing system having a memory management unit.
The load on a microcomputer, processor or CPU (Central Processing Unit) for effecting data transfer can be eased by use of a DMAC. In data transfer using a DMAC, a processor or CPU initially sets the transfer destination address or transfer source address into a transfer destination address register and transfer source address register in the DMAC, and the DMAC, having completed initial setting thereof, upon receiving the data transfer request, executes a data transfer by acquiring the bus right from the processor or CPU. As is obvious from this explanation, when a DMAC is provided, one access route is provided for the memory and register.
Nowadays, many computer systems support a virtual memory and provide substantial memory protection by means of a memory management unit (MMU). Therefore, when the processor and CPU make access to a register and memory, memory protection by the memory management unit can be realized. However, when the computer system includes a DMAC, since the CPU and processor set the data transfer destination address and transfer source address by direct memory access to the register in the DMAC as data, the memory protection is not effectuated in the course of an address conversion by the memory management unit. In other words, when a DMAC is provided between the MMU and an external input/output circuit, the transfer destination and transfer source address set in the DMAC are used directly as a physical address without passing through the MMU, and thereby the protection function performed by the MMU cannot be realized. Thereby, when the access route is provided by the DMAC, there is a fear that data or a program may be corrupted unexpectedly by an erroneous access to an access prohibited region or that security cannot be maintained because the OS (Operating System) and system data can be read freely.
The Japanese Patent Application Laid-open No. SHO 62-191950 describes a technique for memory protection which involves comparing an output address of the DMAC with a protection address, and the Japanese Patent Application Laid-open No. HEI 1-250162 describes a control system for write protection of a memory which involves comparing an output address of a DMAC with a write protect address. Moreover, the Japanese Patent Application Laid-open No. HEI 6-266648 describes a technique for intercepting an access to the main memory by a direct memory access control mechanism when the address output from the direct memory access control mechanism exceeds a data transfer allowable range on the main memory.
In addition, the Japanese Patent Application Laid-open No. HEI 2-297235 describes a technique involving a memory data protection circuit having region information indicating whether a relevant address region is a program region or a data region corresponding to an address of the main memory, making it possible to identify an irregular evens when the region information corresponding to the program fetch address of the main memory indicates a data region or to control a write request when the region information corresponding to the write address to the main memory indicates a program region.
Finally, Japanese Patent Application Laid-open No. HEI 6-119250 describes a technique for memory protection which involves forcibly setting a part of the output address signal of the device for DMA transfer control to a constant value.
SUMMARY OF THE INVENTION
However, the techniques mentioned above are intended to realize memory protection from outside of the device after the device, such as a DMAC, has started data transfer to output an address signal. That is, even if an access violates the memory protection, the device itself, such as a DMAC, first starts the data transfer operation. Since it is impossible in this case to control an operation of the DMAC itself which violates the memory protection, this operation of the circuit, such as a DMAC, is to a certain degree useless.
Moreover, since memory protection is executed to a particularly set address range, like a protection address or write protect address, if the protection address, etc. is undesirably updated because the setting is done erroneously for the protection addresses and the CPU operates under an uncontrollable condition, memory protection cannot be realized and the reliability of the memory protection becomes rather low. As described in the Japanese Patent Application Laid-open No. HEI 6-119250, even when a part of the output address signal of the device for DMA transfer control is updated to a constant value, the situation is the same, if an error exists in the setting of the constant value information.
It is therefore a first object of the present invention to provide a data transfer controller which can control a data transfer operation by itself when a violation of memory protection occurs.
It is a second object of the present invention to provide a data transfer controller which can improve the reliability of memory protection.
It is a third object of the present invention to provide a microcomputer, microprocessor and moreover a data processing system, which can reduce the possibility of useless data transfer as much as possible by a data transfer controller even if a data transfer request which violates memory protection is issued, thereby to contribute to improvement of the data processing efficiency.
It is a fourth object of the present invention to provide a microcomputer, microprocessor and moreover a data processing system, which can improve safe system operation as it relates to memory protection by a data transfer controller.
The aforementioned and other objects and novel characteristics of the present invention will become more apparent from the following description and the accompanying drawings.
Typical features of the present invention disclosed in this application will be explained briefly.
That is, the data transfer control circuit (
8
) has a storing region, in a control register (CHCRn), for resource select information (RS
0
to RS
3
) to designate with a plurality of bits a mode of operation involving a combination of the data transfer source area and data transfer destination. This data transfer control circuit (
8
) refers to the transfer source address, transfer destination address and resource select information initially set to the address register (SARn, DARn) and detects, with an address error detector (
96
), an address error indicating that at least one of the transfer source address and data transfer destination address is deviated from the mode operation for the combination of the data transfer source area and data transfer destination designated by the resource select information in order to determine permission/prohibition of the data transfer. When data transfer is to be permitted, the data transfer controller asserts a signal, such as a bus right request signal (BREQ) to obtain the bus right from the other bus master, such as the CPU, and thereafter starts the data transfer operation. When data transfer is to be prohibited, the data transfer controller does not assert the bus right request signal, but asserts, for example, an address error interruption signal, in place of such bus right request signal, and transfers the process for dealing with such address error, for example, to the central processing unit (
3
).
The features explained above detects a memory protection violation specified by the data transfer controller as an address error. The application for data transfer(combination of the data transfer source area and transfer destination) of only one data transfer channel formed by the address register and control register is determined by the resource select information. W
Nakagawa Norio
Suzuki Takaaki
Takasuga Tomoya
Antonelli Terry Stout & Kraus LLP
Beausoliel, Jr. Robert W.
Hitachi,Ltd.
Revak Christopher
LandOfFree
Data transfer controller, microcomputer and data processing... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Data transfer controller, microcomputer and data processing..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Data transfer controller, microcomputer and data processing... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2543017