• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    data processing apparatus and method a data processing apparatus (2) includes a processor (8), a memory (6) and a set of memory control circuits (12). the processor (8) operates in a plurality of hardware modes, including a privileged mode and a user mode. when operating in privileged mode, the processor (8) is blocked by the memory control circuitry (12) against retrieving instructions from memory address regions (34, 38, 42) inside the memory (6), which are writable within user mode, if a security marker within a register (46) is set to indicate that this locking mechanism is active.
    公开号:BR112012017703B1
    申请号:R112012017703-6
    申请日:2010-12-16
    公开日:2020-12-15
    发明作者:Richard Roy Grisenthwaite
    申请人:Arm Limited;
    IPC主号:
    专利说明:

    [0001] This invention relates to the field of data processing systems. More particularly, this invention relates to data processing systems that have a plurality of hardware modes of operation and memory access control depending on a current hardware mode.
    [0002] It is known to provide data processing systems in which the processor has a plurality of hardware operating modes. For example, the processor can operate in hardware modes, including a privileged mode and a user mode. There may also be additional hardware modes for other purposes. The privileged mode will normally be used for more reliable program code, such as an operating system kernel, and will have access to more memory areas than when the processor is operating in user mode. User mode will typically be used for less reliable programs, such as application programs. In this way, malicious or accidental access from a program to predetermined areas of memory can be prevented using a memory management unit or a memory protection unit that is sensitive to the processor's current operating mode and prevents access to the areas memory if the processor is not in privileged mode. The model within such systems is that the privileged mode of operation has access to more of the system's resources, for example areas within memory, than the user mode.
    [0003] One type of malicious security attack, or unfortunate erroneous operation, that can occur is that the system is improperly required to execute program instructions stored within areas of memory that are writable in user mode while running in mode privileged. In this way, as an example, a person can record malicious program instructions in areas of memory that are accessible in user mode and then switch the processor to privileged mode where access to secure regions of memory can be done during execution of malicious program instructions read from the user-accessible memory area.
    [0004] Seen from one aspect, the present invention provides an apparatus for data processing, comprising: a processor responsive to a flow of program instructions to perform processing operations, and a set of memory control circuits coupled to said processor and a memory and configured to control access to said memory by said processor; wherein said processor has a plurality of hardware operating modes, including at least a first mode and a second mode; said set of memory control circuits controls access to said memory in such a way that: (i) when said processor is in said first mode, said set of memory control circuits allows write access to a first portion of said memory and does not at least allow write access to a second portion of said memory, and (ii) when said processor is in said second mode, said set of memory control circuits allows write access to said first portion of said memory and allows write access to a second portion of said memory; and said set of memory control circuits is responsive to a security marker having an adjusted value to give said processor in said first mode a right not conferred on said processor in a second mode preventing said processor from reading from said first portion, program instructions said memory for execution by said processor in said second mode, wherein when said security marker has said adjusted value and said processor is in said second mode, said set of memory control circuits allows said processor to read data values from said first portion of said memory.
    [0005] The present technique recognizes that, in practice, there is little reason for a system to legitimately execute program instructions in privileged mode when those program instructions are read from a region of memory that can be written in user mode. Code to be executed in privileged mode is usually stored in memory, which is only writable in privileged mode. This protects program instructions from being executed in the privileged mode of inappropriate accidental alteration as well as malicious change. Consequently, the present technique moves against the general technical prejudice in this field of giving the privileged mode more access rights than the user mode using the memory control circuitry to prevent the processor from reading program instructions for execution in the privileged mode from memory areas that can be saved in user mode. This action of the memory control circuitry can be globally activated and deactivated by the safety marker, in such a way that the hardware is capable of supporting systems in which the designer does not wish to execute in privileged mode, program instructions that are stored within of user-recordable memory areas, while providing a simple way to disable this feature with a safety marker controlling a hardware execution mechanism provided by the memory control circuitry. It will be appreciated that above, the hardware modes have been referred to as a privileged mode and a user mode, but that the present technique is not restricted to use within systems that have these modes and, more generally can be used within systems that have a first mode and a second mode, where the second mode has access to more memory regions than the first mode and is still selectively prevented from executing program instructions read from memory regions that can be written in the first mode. When the safety marker has an adjusted value, the processor operating in the second mode can be authorized by the memory control circuitry to read data values from the first portion of memory since such data values are not retrieved as instructions to be executed, but are instead retrieved in a data path as data values to be manipulated.
    [0006] The memory control circuitry can be responsive to control data to identify one or more memory address regions within memory as part of the first portion and one or more memory address regions within memory as part of second portion. Thus, the first portion and the second portion need not be contiguous in memory and can be defined by the control data read by the memory control circuitry. In some embodiments this may be data from the memory page table as read by a memory management unit.
    [0007] The present technique is particularly useful on systems where the first mode is a user mode for running application programs and the second mode is a privileged mode for running at least one operating system core program.
    [0008] It will be appreciated that the memory control circuitry can take a variety of different forms. Some examples of memory control circuitry are a memory management unit and a memory protection unit.
    [0009] The safety marker can be conveniently recorded under program instructions control when the processor is in second mode and the safety marker cannot be recorded under program instructions control when the processor is in first mode. In this way, the security provided by the security marker cannot be circumvented, changing the value of the safety marker when operating in the first mode.
    [00010] Seen from another aspect, the present invention provides an apparatus for data processing, comprising: a processing means for performing processing operations in response to a flow of program instructions, and a circuit set of control means memory coupled to said processor means and to a memory means for storing data to control access to said memory means by said processor means; wherein said processor means has a plurality of hardware operating modes, including at least a first mode and a second mode; said memory control means controls access to said memory means such that: (i) when said processor means is in said first mode, said memory control means allows write access to a first portion of said memory means and does not allow at least write access to a second portion of said memory means, and (ii) when said processor means is in said second mode, said memory control means allows write access to said first portion of said memory means memory and allows write access to a second portion of said memory medium, and said memory control means is responsive to a security marker having a value adjusted to give said processing medium in said first mode a right not conferred on said processor half in a second mode preventing said processor half from reading from said first portion of said memory medium, program instructions for execution by said processor half in said second mod o, wherein when said security marker has said adjusted value and said processor means is in said second mode, said memory control means allows said processor means to read data values from said first portion of said memory means.
    [00011] Seen from another aspect, the present invention provides a method of data processing, said method comprising the steps of: performing processing operations with a processor in response to a flow of program instructions, and controlling access to a memory by said processor using a set of memory control circuits coupled to said processor and said memory; wherein said processor has a plurality of hardware operating modes, including at least a first mode and a second mode; said set of memory control circuits controls access to said memory in such a way that: (i) when said processor is in said first mode, said set of memory control circuits allows write access to a first portion of said memory and does not at least allow write access to a second portion of said memory; and (ii) when said processor is in said second mode, said set of memory control circuits exchanges write access to said first portion of said memory and allows write access to a second portion of said memory; and said set of memory control circuits is responsive to a security marker having an adjusted value to give said processor in said first mode a right not conferred on said processor in a second mode preventing said processor from reading from said first portion of said memory, program instructions for execution by said processor in said second mode, in which when said security marker has said adjusted value and said processor is in said second mode, said set of memory control circuits allows said processor read data values from said first portion of said memory.
    [00012] The invention can also be implemented in the form of a virtual machine having the above characteristics.
    [00013] Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which: Figure 1 schematically illustrates a data processing system, including a processor and a memory; Figure 2 is a flow chart schematically illustrating the control of a memory read operation depending on: the processor's hardware mode; whether the reading is an instruction retrieval, and whether the reading is from a memory location that is accessible in a user mode; Figure 3 schematically illustrates multiple hardware modes for operation and their associated access rights and typical uses; and Figure 4 schematically illustrates a virtual machine implementation.
    [00014] Figure 1 schematically illustrates a data processing system 2, including an integrated circuit 4 coupled to a memory 6. The integrated circuit 4 includes a processor 8, a memory interface circuit 10 and a memory management unit 12. A general purpose register bank 14, a multiplier 16, a displacer 18 and an adder 20 are provided within processor 8, which form a data path to perform processing operations on D data values retrieved from memory. 6 under control of program instructions I. Program instructions I retrieved from memory 6 by an instruction pre-recovery unit 22 are provided to an instruction pipeline 24. Instruction pipeline 24 controls an instruction decoder 26 to generate control signals for data path 14, 16, 18, 20 to configure and control data path 14, 16, 18, 20 to perform the desired processing operation (s) date (s) specified by the program instruction being decoded. It will be appreciated by those in this technical field that processor 8 will typically contain many more circuit elements, which have been omitted from Figure 1 for the sake of clarity.
    [00015] Also included within the integrated circuit 4 are the circuit memory interface 10 and the memory management unit 12. The memory interface circuit 10 is responsible for generating the memory access signals (which can be read) and recording) sent from integrated circuit 4 to memory 6. These memory access signals use physical addresses within memory 6. Processor 8 operates using virtual addresses, although this arrangement is just one example of a system where the present techniques can be used. The memory management unit 12 translates the virtual addresses to physical addresses using the data from the page table 30. This page table data is control data for the memory management unit 12. The region page table data Recently accessed memory is stored within a repertoire of active pages 28 within memory management unit 12. If the page table data of a particular memory access is not present within the repertoire of active pages 28, then the appropriate page table data is retrieved from the full storage of page table data 30 into memory 6.
    [00016] Memory 6 provides a memory address space addressed using the physical addresses generated by the memory interface circuit 10. Memory 6 may not provide storage corresponding to all possible memory address space. The memory address space is divided into memory address regions 32, 34, 36, 38, 40, 42 etc. Each of these memory address regions 32 to 42 has associated page table data, which is used by memory management unit 12 to control access to these memory regions. As will be understood by those in this technical field, this page table data may include data indicating whether the memory address region in question can be accessed or not (either read-only or read / write), if processor 8 is operating in privileged mode or is operating in either privileged mode or user mode. This portion of the page table data is indicated by the P / U marker data 44 illustrated as part of the repertoire of active pages 28. The page table data also includes R / W marker data 43, which indicates whether access is allowed is read-only or read / write. The table shown in Figure 1 gives an example of different values of P / U 44 marker data and R / W 43 marker data mapping to different access rights. The memory address regions 32, 34, 36, 40 together form a second portion of memory 6, which is not writable when processor 8 is in user mode. The memory regions of address 32, 36 and 40 are only accessible in privileged mode. The memory address region 34 is accessible as read-only in user mode, but cannot be written in user mode. The memory address regions 38 and 42 form a first portion of memory 6, which can be written and read when the processor is in user mode, can be written when processor 8 is in privileged mode, can be read for values of data when processor 8 is in privileged mode, but cannot be read for instruction values when processor 8 is in privileged mode.
    [00017] This behavior is reinforced in this embodiment by memory management unit 12. Memory management unit 12 receives a P / U input signal from processor 8 indicating whether processor 8 is currently in privileged mode or in user mode. The memory management unit 12 also receives an input I / D signal from the memory interface circuit 10 indicating whether a memory access being performed refers to an instruction retrieval or a data access operation. Using these input signals and a safety marker value stored within register 46 within memory management unit 12, the prevention of executing program instructions in privileged mode read from the first portion 38 and 42 of memory 6, can be applied.
    [00018] Figure 2 is a flow chart schematically illustrating part of the operation of the memory management unit 12. It will be appreciated that the memory management unit 12 can also be provided in the form of a memory protection unit. In step 48 processing waits until a memory read request operation is received on the memory interface circuit 10 from processor 8. Step 50 then determines whether processor 8 is currently in privileged mode using the input signal. P / U for memory management unit 12. If processor 8 is not in privileged mode, then processor 8 will, in this simple example, be in user mode and processing proceeds to step 52. Step 52 determines whether or not the memory address to which a read access is being attempted is marked within the data table on page 30 as accessible only when in privileged mode. If the memory address is not marked as privileged only, then processing proceeds to step 54 where read access is allowed. However, if the memory address is marked as a privileged address only, then step 56 prevents access.
    [00019] If the determination in step 50 is that processor 8 is currently in privileged mode, then processing proceeds to step 58. Step 58 determines whether or not the security marker stored within register 46 is currently set. If the security marker is set (has an adjusted value), then the policy execution of not allowing processor 8 to execute program instructions read from the first portion 38 and 42 of memory 6 will be applied. If the determination in step 58 is that the security marker is not set, then processing proceeds to step 60, where access is allowed.
    [00020] If the security marker is set, as determined in step 58, then processing proceeds to step 62 where a determination is made as to whether or not the access being performed is an instruction retrieval or data access. This determination can be made using the input I / D signal to the memory management unit 12. If the memory access being performed is data access, then processing proceeds to step 60 where access is again allowed . However, if the security marker is set as determined in step 58 and the access operation is an instruction retrieval as determined in step 62, then processing proceeds to step 64 where a determination is made as to whether or not the address memory in question is part of the first portion of memory 6, that is, in this example it is one of the memory regions 38 and 42, as indicated by the page table data (that is, the P / U marker data 44 and the R / W marker data 43) for the address to which read access is being attempted. If the memory address is not within the first portion, then the instruction retrieval operation may be allowed and processing proceeds to steps 60. However, if the instruction retrieval operation is being attempted from the first portion of memory 38 and 42, then processing proceeds to step 66, where access in question is prevented.
    [00021] When access to memory is prevented, as in any of steps 56 or 66, then an abort memory can be triggered in such a way that an abort memory exception handling program code is executed. This type of memory-aborting processing will be familiar to those in this technical field.
    [00022] Figure 3 schematically illustrates multiple processor 8 hardware modes (or modes emulating such hardware modes in a virtual machine implementation). In this example, only two modes are illustrated, namely, a privileged mode and a user mode. It will be appreciated that the present techniques can be used with processors having a greater number of modes. The privileged mode allows access or read-only or read / write to memory address regions marked as privileged. The privileged mode also allows read-only or read / write access via the data path to memory address regions marked as accessible in read / write user mode. In privileged mode, if the security marker inside register 46 is set, then the execution of instructions from the memory accessible in user read / write mode is not allowed. However, read-only or read / write access to the aforementioned privileged memory allows retrieved instructions obtained from a privileged memory to be executed when in privileged mode.
    [00023] When operating in user mode, no read-only or read / write access is allowed to memory address regions marked as privileged mode memory address regions. However, read-only or read / write access is allowed for memory address regions marked as memory address regions in user mode.
    [00024] It will be appreciated that different types of programs will typically be run in different hardware modes. More reliable programs, such as an operating system kernel program, will typically operate in privileged mode. Application programs will typically operate in user mode.
    [00025] The security marker within register 46, which controls whether or not the execution in privileged mode of program instructions stored within the user-recordable memory is allowed, is set under program instructions control. Register 46 can be configured as a coprocessor register that can be written to adjust the security marker using a coprocessor instruction. In order to preserve the security of the mechanism being provided using the security marker, the security marker can only be recorded when in privileged mode. This prevents a program in malicious, or at least unauthorized, user mode from deconfiguring the security marker, thereby allowing the execution of program instructions stored in user-mode recordable memory in privileged mode.
    [00026] Figure 4 illustrates such a virtual machine implementation that can be used. Although the previously described embodiments implement the present invention in terms of devices and methods for operating specific processing hardware supporting the techniques in question, it is also possible to provide for so-called virtual machine implementations of hardware devices. These implementations of virtual machines run on a central processor 530 running a central operating system 520 supporting a virtual machine program 510. Typically, powerful large processors are required to provide implementations of virtual machines that operate at a reasonable speed, but such an approach it can be justified in certain circumstances, such as when there is a desire to run native code for another processor for reasons of compatibility or reuse. The virtual machine program 510 provides an application program interface for an application program 500, which is the same as the application program interface that would be predicted by the actual hardware that is the device being modeled by the virtual machine program 510. Thus, the Program instructions, including the memory access control described above, can be executed from application program 500 using virtual machine program 510 to model its interaction with the virtual machine hardware.
    权利要求:
    Claims (12)
    [0001]
    1. Data processing apparatus (4), comprising: a processor (8) responsive to a flow of program instructions to perform processing operations, and a set of memory control circuits (12) coupled to said processor (8 ) and a memory (6) and configured to control access to said memory (6) by said processor (8); wherein said processor (8) has a plurality of hardware operating modes, including at least a first mode and a second mode; said set of memory control circuits (12) controls access to said memory (6) in such a way that: (i) when said processor (8) is in said first mode, said set of memory control circuits (12 ) allows write access to a first portion of said memory (6) and does not at least allow write access to a second portion of said memory (6); and (ii) when said processor (8) is in said second mode, said set of memory control circuits (12) allows write access to said first portion of said memory (6) and allows write access to a second portion said memory (6); and said set of memory control circuits (12) is responsive to a security marker (46) having a value adjusted to give said processor (8) in said first mode a right not conferred to said processor (8) in a second mode preventing said processor (8) from reading from said first portion, program instructions from said memory (6) for execution by said processor (6) in said second mode, characterized by the fact that when said security marker (46 ) has said adjusted value and said processor (8) is in said second mode, said set of memory control circuits (12) allows said processor (8) to read data values from said first portion of said memory (8 ).
    [0002]
    Apparatus (4) according to claim 1, characterized by the fact that said processor (8) reads program instructions for execution from said second portion of said memory (6).
    [0003]
    Apparatus (4) according to either of claims 1 or 2, characterized in that said set of memory control circuits (12) is responsive to control data to identify one or more regions of memory address ( 38, 42) within said memory (6) as part of said first portion and one or more regions of memory address (32, 34, 36, 38) within said memory (6) as part of said second portion.
    [0004]
    Apparatus (4) according to any one of claims 1 to 3, characterized in that said first mode is a user mode for running application programs and said second mode is a privileged way to run at least one application program. core of the operating system.
    [0005]
    Apparatus (4) according to any one of claims 1 to 4, characterized in that said set of memory control circuits (12) comprises one of: a memory management unit, and a protection unit from memory.
    [0006]
    Apparatus (4) according to any one of claims 1 to 5, characterized in that said security marker (46) is recorded under control of program instructions when said processor (8) is in said second mode and said security marker (46) cannot be recorded under control of program instructions when said processor (8) is in said first mode.
    [0007]
    7. Data processing apparatus (4), comprising: a processor means (8) to perform processing operations in response to a flow of program instructions, and a set of memory control means (12) coupled to said means processor (8) and a memory means (6) for storing data to control access to said memory means (6) by said processor means (8); wherein said processor means (8) has a plurality of hardware operating modes, including at least a first mode and a second mode; said memory control means (12) controls access to said memory means (6) such that: (i) when said processing means (8) is in said first mode, said memory control means (12 ) allow write access to a first portion of said memory medium (6) and do not at least allow write access to a second portion of said memory medium (6), and (ii) when said processor medium (8) is in said second mode, said memory control means (12) allows write access to said first portion of said memory means (6) and allows write access to a second portion of said memory means (6), and said memory control means (12) is responsive to a security marker (46) having a value adjusted to give said processing means (8) in said first mode a right not conferred to said processing means (8) in a second mode preventing said processor means (8) from reading from said first portion of said memory means (6), inst program resolutions for execution by said processor (8) in said second mode, characterized by the fact that when said security marker (46) has said adjusted value and said processor means (8) it is in said second mode, said control means memory (12) allows said processor means (8) to read data values from said first portion of said memory means (6).
    [0008]
    8. Data processing method implemented by computer, said method comprising the steps: performing processing operations with a processor (8) in response to a flow of program instructions, and controlling access to a memory (6) by said processor (8) using a memory control circuitry (12) coupled to said processor (8) and said memory (6); wherein said processor (6) has a plurality of hardware operating modes, including at least one mode and a second mode; said set of memory control circuits (12) controls access to said memory (6) in such a way that: (i) when said processor (6) is in said first mode, said set of memory control circuits (12 ) allows write access to a first portion of said memory (6) and does not at least allow write access to a second portion of said memory (6); and (ii) when said processor (8) is in said second mode, said set of memory control circuits (12) allows write access to said first portion of said memory (6) and allows write access to a second said memory portion (6); and said set of memory control circuits (12) is responsive to a security marker (46) having a value adjusted to give said processor (8) in said first mode a right not conferred to said processor (8) in a second mode preventing said processor (8) from reading from said first portion of said memory (6), program instructions for execution by said processor (8) in said second mode, characterized by the fact that when said security marker ( 46) has said adjusted value and said processor (8) is in said second mode, said set of memory control circuits (12) allows said processor (8) to read data values from said first portion of said memory ( 6).
    [0009]
    Method according to claim 8, characterized in that said processor (8) reads program instructions for execution from said second portion of said memory (6).
    [0010]
    Method according to either of claims 8 or 9, characterized by identifying, via the memory control circuit set (12), said memory control circuit set (12) being responsive to control data, one or more regions of memory address (38, 42) within said memory as part of said first portion and one or more regions of memory address within said memory as part of said second portion (32, 34, 36, 40 ).
    [0011]
    Method according to any one of claims 8 to 10, characterized in that said first mode is a user mode for running application programs and said second mode is a privileged mode for running at least one system core program operational.
    [0012]
    12. Data processing apparatus (4) characterized by the fact that it has a set of processing circuits (8) controlled by computer-readable instructions to provide a virtual machine apparatus to carry out a method according to any one of claims 8 to 11.
    类似技术:
    公开号 | 公开日 | 专利标题
    BR112012017703B1|2020-12-15|DATA PROCESSING APPARATUS AND METHOD
    US10977190B2|2021-04-13|Dynamic address translation with access control in an emulator environment
    KR101253394B1|2013-04-15|Managing use of storage by multiple pageable guests of a computing environment
    JP5581403B2|2014-08-27|Store secure mode page table data in secure and non-secure areas of memory
    EP2997477B1|2021-09-01|Page table data management
    JP5602638B2|2014-10-08|Dynamic address translation with format control
    KR20160119140A|2016-10-12|Region identifying operation for identifying region of a memory attribute unit corresponding to a target memory address
    BRPI0906426B1|2020-12-01|TRANSLATION OF DYNAMIC ADDRESS WITH FRAMEWORK MANAGEMENT
    US8549325B2|2013-10-01|Reducing information leakage between processes sharing a cache
    GB2440968A|2008-02-20|Protecting system control registers in a data processing apparatus
    US10824350B2|2020-11-03|Handling contingent and non-contingent memory access program instructions making use of disable flag
    JP6902029B2|2021-07-14|Devices and methods for managing bounded pointers
    TWI725059B|2021-04-21|An apparatus and method for controlling use of bounded pointers
    KR20200010308A|2020-01-30|Devices and methods for managing entitlement domains
    JP2020521222A|2020-07-16|Apparatus and method for interpreting permissions associated with a function
    KR100791815B1|2008-01-04|Privilege promotion based on check of previous privilege level
    JP2020523680A|2020-08-06|Apparatus and method for controlling changes in instruction set
    JP2022505011A|2022-01-14|Devices and methods for controlling memory access
    GB2591490A|2021-08-04|An Apparatus and method for controlling access to a set of memory mapped control registers
    同族专利:
    公开号 | 公开日
    DE112010005269T5|2013-04-25|
    JP5571201B2|2014-08-13|
    RU2513909C1|2014-04-20|
    JP2013519934A|2013-05-30|
    BR112012017703A2|2016-04-05|
    CN102763092B|2015-08-12|
    US20110202739A1|2011-08-18|
    GB2488938B|2017-03-08|
    CN102763092A|2012-10-31|
    WO2011101609A1|2011-08-25|
    US8301856B2|2012-10-30|
    GB201210574D0|2012-08-01|
    RU2012139625A|2014-03-27|
    IL220417A|2015-02-26|
    KR101799261B1|2017-11-20|
    IL220417D0|2012-08-30|
    KR20130036189A|2013-04-11|
    GB2488938A|2012-09-12|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US5522075A|1991-06-28|1996-05-28|Digital Equipment Corporation|Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces|
    US6895479B2|2000-11-15|2005-05-17|Texas Instruments Incorporated|Multicore DSP device having shared program memory with conditional write protection|
    US6907600B2|2000-12-27|2005-06-14|Intel Corporation|Virtual translation lookaside buffer|
    AU2003264781A1|2002-09-03|2004-03-29|Sap Aktiengesellschaft|Dynamic access to data|
    JP2004145605A|2002-10-24|2004-05-20|Matsushita Electric Ind Co Ltd|Processor|
    JP4347582B2|2003-02-04|2009-10-21|パナソニック株式会社|Information processing device|
    US20040243783A1|2003-05-30|2004-12-02|Zhimin Ding|Method and apparatus for multi-mode operation in a semiconductor circuit|
    WO2006056988A2|2004-11-24|2006-06-01|Discretix Technologies Ltd.|System, method and apparatus of securing an operating system|
    WO2006126686A1|2005-05-26|2006-11-30|Matsushita Electric Industrial Co., Ltd.|Data processing device|
    US20070192826A1|2006-02-14|2007-08-16|Microsoft Corporation|I/O-based enforcement of multi-level computer operating modes|
    JP4818793B2|2006-04-20|2011-11-16|ルネサスエレクトロニクス株式会社|Microcomputer and memory access control method|
    CN101154212B|2006-09-29|2012-01-25|上海海尔集成电路有限公司|Eight-digit compatible C51 instruction set microcontroller|
    KR101396831B1|2007-03-30|2014-05-21|삼성전자주식회사|Method of Controlling Memory Access|
    US8051263B2|2007-05-04|2011-11-01|Atmel Corporation|Configurable memory protection|
    CN201177809Y|2008-04-11|2009-01-07|吴治杰|Memory apparatus with read-write state adjustable|US9588803B2|2009-05-11|2017-03-07|Microsoft Technology Licensing, Llc|Executing native-code applications in a browser|
    US9323921B2|2010-07-13|2016-04-26|Microsoft Technology Licensing, Llc|Ultra-low cost sandboxing for application appliances|
    US9495183B2|2011-05-16|2016-11-15|Microsoft Technology Licensing, Llc|Instruction set emulation for guest operating systems|
    US9389933B2|2011-12-12|2016-07-12|Microsoft Technology Licensing, Llc|Facilitating system service request interactions for hardware-protected applications|
    US9413538B2|2011-12-12|2016-08-09|Microsoft Technology Licensing, Llc|Cryptographic certification of secure hosted execution environments|
    US9672164B2|2012-05-31|2017-06-06|Nxp Usa, Inc.|Methods and systems for transitioning between a user state and a supervisor state based on a next instruction fetch address|
    WO2014002079A2|2012-06-29|2014-01-03|Happy Cloud Inc.|Managing the writing of a dataset to a data storage device|
    CN102799489B|2012-07-19|2014-04-16|腾讯科技(深圳)有限公司|Method and device for controlling terminal, and terminal|
    US9489316B2|2013-03-15|2016-11-08|Freescale Semiconductor, Inc.|Method and device implementing execute-only memory protection|
    US10275593B2|2013-04-01|2019-04-30|Uniquesoft, Llc|Secure computing device using different central processing resources|
    US10061940B2|2013-07-09|2018-08-28|Andes Technology Corporation|Secure protection processor and method including comparing an instruction security attribute of an instruction and a security attribute of an operational event|
    JP5920595B2|2013-07-16|2016-05-18|横河電機株式会社|Electronic device, operating system, and access management method|
    US20150254145A1|2014-03-07|2015-09-10|Microsoft Corporation|Operating system/hypervisor efficiencies for sub-divided privilege levels|
    GB2525596B|2014-04-28|2021-05-26|Arm Ip Ltd|Access control and code scheduling|
    US10489309B2|2014-10-21|2019-11-26|Intel Corporation|Memory protection key architecture with independent user and supervisor domains|
    US9594687B2|2015-04-14|2017-03-14|Google Inc.|Virtualization-aware prefetching|
    US10114768B2|2016-08-29|2018-10-30|Intel Corporation|Enhance memory access permission based on per-page current privilege level|
    US10713177B2|2016-09-09|2020-07-14|Intel Corporation|Defining virtualized page attributes based on guest page attributes|
    GB2554940B|2016-10-14|2020-03-04|Imagination Tech Ltd|Out-of-bounds recovery circuit|
    FR3065553B1|2017-04-20|2019-04-26|Idemia Identity And Security|METHOD OF EXECUTING A PROGRAM TO BE INTERPRETED BY A VIRTUAL MACHINE PROTECTED AGAINST FAULT INJECTION ATTACKS|
    CN108154032B|2017-11-16|2021-07-30|中国科学院软件研究所|Computer system trust root construction method with memory integrity guarantee function|
    US10635831B1|2018-01-06|2020-04-28|Ralph Crittenden Moore|Method to achieve better security using a memory protection unit|
    法律状态:
    2019-01-08| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|
    2019-08-06| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|
    2020-05-19| B06A| Notification to applicant to reply to the report for non-patentability or inadequacy of the application [chapter 6.1 patent gazette]|
    2020-09-01| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|
    2020-12-15| B16A| Patent or certificate of addition of invention granted|Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 16/12/2010, OBSERVADAS AS CONDICOES LEGAIS. |
    优先权:
    申请号 | 申请日 | 专利标题
    US12/656,786|US8301856B2|2010-02-16|2010-02-16|Restricting memory areas for an instruction read in dependence upon a hardware mode and a security flag|
    US12/656786|2010-02-16|
    PCT/GB2010/052105|WO2011101609A1|2010-02-16|2010-12-16|Restricting memory areas for an instruction read in dependence upon a hardware mode and a security flag|
    [返回顶部]