公开(公告)号：US09122890B2

公开(公告)日：2015-09-01

申请号：US14019580

申请日：2013-09-06

Applicant: ARM LIMITED

Inventor： Thomas Christopher Grocutt ,  Stuart David Biles ,  Simon John Craske

IPC: G06F21/00 ,  G06F21/62 ,  G06F21/50 ,  G06F21/52 ,  G06F21/54 ,  G06F21/55

CPC classification number: G06F21/629 ,  G06F21/50 ,  G06F21/52 ,  G06F21/54 ,  G06F21/554 ,  G06F21/74 ,  G06F2221/2105

Abstract: A data processing apparatus including processing circuitry having a secure domain and a further different secure domain and a data store for storing data and instructions. The data store includes a plurality of regions each corresponding to a domain, and at least one secure region for storing sensitive data accessible by the data processing circuitry operating in the secure domain and not accessible by the data processing circuitry operating in the further different secure domain and a less secure region for storing less sensitive data. The processing circuitry is configured to verify that a region of the data store storing the program instruction corresponds to a current domain of operation of the processing circuitry and, if not, to verify whether the program instruction includes a guard instruction and, if so, to switch to the domain corresponding to the region of the data store storing the program instruction.

Abstract translation: 一种数据处理装置，包括具有安全域和另一不同安全域的处理电路以及用于存储数据和指令的数据存储。 数据存储器包括多个区域，每个区域各自对应于域，以及至少一个安全区域，用于存储由安全域中操作的数据处理电路可访问的敏感数据，并且不能由在另外不同的安全域中操作的数据处理电路访问 以及用于存储较不敏感数据的较不安全的区域。 处理电路被配置为验证存储程序指令的数据存储区域对应于处理电路的当前操作区域，如果不是，则验证程序指令是否包括保护指令，并且如果是，则 切换到与存储程序指令的数据存储区域对应的域。