公开(公告)号：US20240201874A1

公开(公告)日：2024-06-20

申请号：US18540739

申请日：2023-12-14

Applicant: MEDIATEK INC.

Inventor： Yu-Tien Chang ,  Lin-Ming Hsu ,  Chun-Ming Chou

IPC: G06F3/06

CPC classification number: G06F3/0622 ,  G06F3/0655 ,  G06F3/0673

Abstract: A system on chip includes a dynamic random access memory (DRAM) controller, a secure range (SR) permission checker, a plurality of intellectual property (IP) cores. The DRAM controller includes a SR table configured to store a start address, an end address, and enabled registers of each SR and an access identification (AID) permission table configured to store access permissions of SRs of each AID. The SR permission checker is embedded in the DRAM controller or a bus and linked to the SR table and the AID permission table, and configured to check the access permissions of the SRs according to the AID permission table. The plurality of IP cores linked to the DRAM controller, and comprising a translation lookaside buffer (TLB) comprising an input-output memory management unit (IOMMU) table or an input-output memory protection unit (IOMPU) table to store SR information.

公开(公告)号：US12253960B2

公开(公告)日：2025-03-18

申请号：US17225185

申请日：2021-04-08

Applicant: MEDIATEK Inc.

Inventor： Yu-Tien Chang ,  Lin-Ming Hsu ,  Chun-Ming Chou

IPC: G06F12/00 ,  G06F12/14 ,  G06F21/10 ,  G06F21/74

Abstract: The invention provides method and system for improving efficiency of protecting multi-content process. The system may cooperate with a memory, and may comprise one or more hardware IPs (intellectual properties) for content processing, one of the one or more IPs may be associated with multiple access identities. The memory may comprise multiple different ranges, each range may register an access of one of the multiple access identities as a permissible access. The method may comprise: selecting one of the access identities for processing a first content, and using the selected access identity when said IP accesses the memory during processing of the first content; selecting a different one of the access identities for processing a second content, and using the selected different access identity when said IP accesses the memory during processing of the second content.

公开(公告)号：US20210192056A1

公开(公告)日：2021-06-24

申请号：US17103927

申请日：2020-11-24

Applicant: MediaTek Inc.

Inventor： Yu-Tien Chang ,  Chih-Pin Su ,  Hungwen Li

IPC: G06F21/57 ,  G06F21/53 ,  G06F21/79

Abstract: A system is provided to perform secure operations. The system includes an I/O subsystem, a memory subsystem and processors. The processors are operative to execute processes in trusted execution environments (TEEs) and rich execution environments (REEs). Each of the TEEs and the REEs is identified by a corresponding access identifier (AID) and protected by a corresponding system resource protection unit (SRPU). The corresponding SRPU of a TEE includes instructions, when executed by a corresponding processor, cause the corresponding processor to control access to the TEE using a data structure including allowed AIDs and pointers to memory locations accessible by the allowed AIDs.

公开(公告)号：US11556654B2

公开(公告)日：2023-01-17

申请号：US17103927

申请日：2020-11-24

Applicant: MediaTek Inc.

Inventor： Yu-Tien Chang ,  Chih-Pin Su ,  Hungwen Li

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/53 ,  G06F21/79

Abstract: A system is provided to perform secure operations. The system includes an I/O subsystem, a memory subsystem and processors. The processors are operative to execute processes in trusted execution environments (TEEs) and rich execution environments (REEs). Each of the TEEs and the REEs is identified by a corresponding access identifier (AID) and protected by a corresponding system resource protection unit (SRPU). The corresponding SRPU of a TEE includes instructions, when executed by a corresponding processor, cause the corresponding processor to control access to the TEE using a data structure including allowed AIDs and pointers to memory locations accessible by the allowed AIDs.

公开(公告)号：US11386019B1

公开(公告)日：2022-07-12

申请号：US17223062

申请日：2021-04-06

Applicant: MEDIATEK Inc.

Inventor： Yu-Tien Chang ,  Ching-Ming Chen ,  Wei-Hsun Lin ,  Lin-Ming Hsu ,  Tsung-Wei Hung

IPC: G06F12/14 ,  G06F13/16 ,  G06F12/02 ,  G06F12/0891

Abstract: The present invention discloses data secure method, applied to a storage device, and performed by a controller of the storage device. The data secure method comprises: receiving a buffer clear command from an external processing unit, wherein the buffer clear command indicates that a first secure area corresponding to a first physical address range of a buffer memory of the storage device is required to be cleared, and a first secure key is corresponding to the first secure area for accessing the first secure area; and in response to the buffer clear command, configuring a secure unit of the storage device to cause the secure unit to use one or more second keys different from the first secure key when accessing the first physical address range.