[go: up one dir, main page]

CN108460287A - The division methods in user's control region and memory protect system in memory protection location - Google Patents

The division methods in user's control region and memory protect system in memory protection location Download PDF

Info

Publication number
CN108460287A
CN108460287A CN201810236110.6A CN201810236110A CN108460287A CN 108460287 A CN108460287 A CN 108460287A CN 201810236110 A CN201810236110 A CN 201810236110A CN 108460287 A CN108460287 A CN 108460287A
Authority
CN
China
Prior art keywords
area
access
user
encryption
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810236110.6A
Other languages
Chinese (zh)
Inventor
景为平
钱波
景欧
景一欧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nantong University
Original Assignee
Nantong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nantong University filed Critical Nantong University
Priority to CN201810236110.6A priority Critical patent/CN108460287A/en
Publication of CN108460287A publication Critical patent/CN108460287A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

The division methods in user's control region in the memory protection location of the present invention; on the basis of C0 MCU are the SoC systems that kernel is developed; zone permission management provided with chip interior memory FLASH; user is associated with the corresponding region of FLASH structure according to the setting of user; form the region with user property; and set the independent access rights in each region; when receiving access privilege; if the corresponding authority of region and user mismatch; error message then is returned to C0 MCU, prevents incongruent access.Advantageous effect:The ownership for ensureing system resource from hardware, does not provide a kind of good mechanism by unauthorized access for resource, effectively realizes the protection to chip interior memory.

Description

内存保护单元中用户控制区域的划分方法及内存保护系统Method for dividing user control area in memory protection unit and memory protection system

技术领域technical field

本发明涉及嵌入式系统领域,尤其涉及一种内存保护单元中用户控制区域的划分方法及内存保护系统。The invention relates to the field of embedded systems, in particular to a method for dividing user control areas in a memory protection unit and a memory protection system.

背景技术Background technique

在嵌入式系统经常会遇到多任务的操作和控制在,任务运行的时候,系统中必须提供一种机制来保证正在运行的任务不被其他任务破坏或者影响其他任务的操作。实现上述目的通常有软件保护和硬件保护两种途径。软件保护是指仅靠软件的维护来实现来保护系统资源的作用。在多任务的系统中,通过运行操作系统来达到任务间的同步与通信,以实现软件保护的作用。然而,利用软件来协调多任务的运行,一般会出现一些不可避免的问题。比如,当CPU想要对一个通信串口寄存器进行访问时,如果有其他的任务正在使用该串口,那么这种方式是没有办法来阻止该项操作,若想成功使用此串口,必须通过操作系统来协调,合理控制任务的运行。此类的非法访问一般很容易破坏经过该串口的通信,造成一定的资源浪费和不合理的使用。Embedded systems often encounter multi-task operation and control. When a task is running, the system must provide a mechanism to ensure that the running task is not destroyed by other tasks or affects the operation of other tasks. There are usually two ways to achieve the above purpose: software protection and hardware protection. Software protection refers to the function of protecting system resources only by software maintenance. In a multi-task system, the synchronization and communication between tasks are achieved by running the operating system to realize the function of software protection. However, using software to coordinate the operation of multi-tasking generally leads to some unavoidable problems. For example, when the CPU wants to access a communication serial port register, if other tasks are using the serial port, there is no way to prevent this operation in this way. If you want to use this serial port successfully, you must use the operating system to Coordinate and reasonably control the operation of tasks. This kind of illegal access is generally easy to destroy the communication through the serial port, resulting in a certain waste of resources and unreasonable use.

另一方面来说,如果该系统有专门的硬件来检测和限制系统的资源使其不被非法访问,在一定程度上可以保证资源的所有权。在执行操作任务时,需要遵循硬件维护的规则,对其区域进行合理地配置访问权限,在硬件程度上实现了资源的保护。当CPU访问没有权限的区域时,会主动监视其操作,对于非法访问则会屏蔽。On the other hand, if the system has special hardware to detect and restrict system resources from being illegally accessed, the ownership of resources can be guaranteed to a certain extent. When performing operation tasks, it is necessary to follow the rules of hardware maintenance, reasonably configure access rights to its areas, and realize resource protection at the hardware level. When the CPU accesses an area without permission, it will actively monitor its operation, and will block illegal access.

发明内容Contents of the invention

本发明目的在于克服上述现有技术的不足,提供了一种内存保护单元中用户控制区域的划分方法及内存保护系统,并主要针对用户控制区域的实现作了一定的验证,具体由以下技术方案实现:The purpose of the present invention is to overcome the above-mentioned deficiencies in the prior art, provide a method for dividing the user-controlled area in the memory protection unit and a memory protection system, and mainly perform a certain verification on the realization of the user-controlled area, specifically by the following technical solutions accomplish:

所述内存保护单元中用户控制区域的划分方法,在C0 MCU为内核开发出的SoC系统的基础上,设置了芯片内部存储器FLASH的区域权限管理,根据用户的设定将用户与FLASH的相应区域构建关联,形成具有用户属性的区域,并设定各区域的独立的访问权限,在接收用户访问权限时,若区域与用户的对应权限不匹配,则向C0 MCU返回错误信息,阻止不符合的访问。The method for dividing the user control area in the memory protection unit, on the basis of the SoC system developed by the C0 MCU as the kernel, the area authority management of the chip internal memory FLASH is set, and the user and the corresponding area of the FLASH are set according to the user's setting. Build associations, form areas with user attributes, and set independent access rights for each area. When receiving user access rights, if the area does not match the corresponding rights of the user, an error message will be returned to the C0 MCU to prevent non-compliant access.

所述内存保护单元中用户控制区域的划分方法的进一步设计在于,FLASH区域的数据根据用户设定可设置加解密存储,加解密存储操作由对应的使能信号来控制。The further design of the division method of the user-controlled area in the memory protection unit is that the data in the FLASH area can be encrypted and decrypted according to user settings, and the encryption and decryption storage operation is controlled by the corresponding enable signal.

所述内存保护单元中用户控制区域的划分方法的进一步设计在于,所述具有用户属性的区域用户代码区UC和用户数据区UD,不同用户之间可以通过寄存器配置是否允许对应用户的读、写、执行,是否允许其他用户读、写、执行。The further design of the method for dividing the user control area in the memory protection unit is that the user code area UC and the user data area UD in the area with user attributes can be configured by registers between different users to allow the corresponding user to read and write , Execution, whether to allow other users to read, write, and execute.

采用所述的内存保护单元中用户控制区域的划分方法的内存保护系统,包括存储器、内存保护单元以及微处理器,所述存储器通过内存保护单元与微处理器通信连接,其特征在于所述内存保护单元包括控制部分、加解密部分、输出部分以及访问违反机制判定部分:The memory protection system adopting the division method of the user control area in the memory protection unit includes a memory, a memory protection unit and a microprocessor, the memory is connected to the microprocessor through the memory protection unit, and it is characterized in that the memory The protection unit includes a control part, an encryption and decryption part, an output part, and an access violation mechanism determination part:

所述控制部分包括:The control section includes:

程序指针比较单元,实现程序指针和各区域配置边界地址的比较,以确定程序所在的区域;The program pointer comparison unit realizes the comparison between the program pointer and the configuration boundary address of each area, so as to determine the area where the program is located;

地址比较单元,实现访问地址和各区域配置边界地址的比较,以确定访问地址所在的区域;The address comparison unit realizes the comparison between the access address and the configuration boundary address of each area, so as to determine the area where the access address is located;

访问权限判定单元,以确定实际发生的访问是否符合设定的访问权限;An access right judging unit to determine whether the actual access meets the set access right;

访问违规判定单元,根据各区域的访问地址和访问权限有效的判定结果,确定用户对目标地址访问是否有效;The access violation determination unit determines whether the user's access to the target address is valid according to the access address of each area and the valid determination result of the access authority;

所述加解密部分,通过寄存器设定各个区域是否实行加密存储;The encryption and decryption part sets whether each area implements encrypted storage through registers;

所述输出部分,根据控制部分和加解密部分处理的结果,确定是否向周边总线输出访问信息;The output part determines whether to output the access information to the peripheral bus according to the processing results of the control part and the encryption and decryption part;

所述访问违反机制判定部分,对当前访问的权限进行识别判定,若果当前的权限允许,则可以继续通过总线访问对应的内存单元;如果当前区域的访问权限不允许当前操作,那么就会产生访问权限违反错误。The access violation mechanism judgment part identifies and judges the current access authority, if the current authority permits, it can continue to access the corresponding memory unit through the bus; if the current area access authority does not allow the current operation, then a Access rights violation error.

所述内存保护系统的进一步设计在于,所述加解密部分包括地址加密与数据加密,地址加密实行乱序加密规则,只处理偏移地址部分。A further design of the memory protection system is that the encryption and decryption part includes address encryption and data encryption, address encryption implements out-of-order encryption rules, and only processes the offset address part.

所述内存保护系统的进一步设计在于,地址加密的算法中采用了s盒的模板;数据加解密采用SPECK32算法,并对所有数据进行加密。The further design of the memory protection system is that the address encryption algorithm uses the s-box template; the data encryption and decryption uses the SPECK32 algorithm, and all data is encrypted.

所述内存保护系统的进一步设计在于,所述输出部分与控制部分信息交互为:若控制部分判定此次访问有效,则输出访问信息;若控制部分判定访问违规,则阻止此次访问。A further design of the memory protection system is that the information interaction between the output part and the control part is as follows: if the control part determines that the access is valid, then output the access information; if the control part determines that the access is illegal, then block the access.

本发明的优点如下:The advantages of the present invention are as follows:

本发明的内存保护单元中用户控制区域的划分方法及内存保护系统从硬件上保证系统资源的所有权,对于资源不被非法访问提供了一种很好的机制,有效的实现了对芯片内部存储器的保护。另外,增加在其中添加了加解密处理模块,增强了数据的机密性。The method for dividing the user-controlled area in the memory protection unit and the memory protection system of the present invention guarantee the ownership of system resources from the hardware, provide a good mechanism for preventing resources from being illegally accessed, and effectively realize the protection of the internal memory of the chip. Protect. In addition, an encryption and decryption processing module is added to enhance the confidentiality of data.

附图说明Description of drawings

图1为MPU在整个SoC系统中的结构示意图。Figure 1 is a schematic diagram of the structure of the MPU in the entire SoC system.

图2为内存保护单元的功能示意图。FIG. 2 is a functional schematic diagram of a memory protection unit.

图3为UC区域权限违反的仿真示意图。FIG. 3 is a schematic diagram of a simulation of a UC region authority violation.

图4为UD区域权限违反的仿真示意图。FIG. 4 is a schematic diagram of a simulation of violation of authority in the UD area.

图5为FLASH区域数据加密的仿真示意图。FIG. 5 is a schematic diagram of simulation of data encryption in the FLASH area.

图6为FLASH区域地址加密的仿真示意图。FIG. 6 is a schematic diagram of simulation of address encryption in the FLASH area.

具体实施方式Detailed ways

以下结合附图,对本发明的技术方案进行详细说明。The technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings.

如图1,本实施例的内存保护单元中用户控制区域的划分方法,在C0 MCU为内核开发出的SoC系统的基础上,设置了芯片内部存储器FLASH的区域权限管理,在整个MPU模块的设计中,引入了用户来实现管理,每个用户有自己对应的区域,对应的区域设置独立的访问权限,在出现区域与权限不匹配的时候,则会产生对应的违反错误,并且阻止不符合的访问。另外,还设置了独立的加密保护模块,FLASH区域的数据在必要的时候也可以设置加解密存储,其加解密存储有对应的使能信号来控制。在整个模块的设计中,最主要的是各个区域的划分以及对应的控制寄存器的配置,必须保持用户与区域的相对独立,以便于在验证的阶段可以很好的触发错误条件来实现相关功能的验证。下文主要对于用户控制区域的设计做了详细的介绍。As shown in Fig. 1, the division method of the user control area in the memory protection unit of the present embodiment, on the basis of the SoC system that C0 MCU develops as the core, the area authority management of the chip internal memory FLASH is set, in the design of the whole MPU module In , users are introduced to realize management. Each user has its own corresponding area, and the corresponding area sets independent access rights. When the area does not match the rights, a corresponding violation error will be generated and the non-compliant ones will be blocked. access. In addition, an independent encryption protection module is also set up, and the data in the FLASH area can also be encrypted and decrypted for storage when necessary, and the encryption and decryption storage is controlled by a corresponding enable signal. In the design of the entire module, the most important thing is the division of each area and the configuration of the corresponding control registers. The relative independence between the user and the area must be kept, so that the error condition can be well triggered in the verification stage to realize the relevant functions. verify. The following mainly introduces the design of the user control area in detail.

本实施例运用了软硬件协同设计的方法,作为其中的内存保护单元,其内部设计架构采用硬件的方式设计,其配置信息采用软件的方式来实现。MPU在整个SoC系统中的作用就是负责保护芯片内部的存储器,当CPU要访问存储器区域时,需要首先经过MPU模块来判断是否有权限去访问该区域。This embodiment adopts the software-hardware collaborative design method, as the memory protection unit, its internal design structure is designed by hardware, and its configuration information is realized by software. The role of the MPU in the entire SoC system is to protect the internal memory of the chip. When the CPU wants to access the memory area, it needs to first pass through the MPU module to determine whether it has permission to access the area.

对于用户区域来说,其主要是指有控制权限的FLASH区域。对FLASH区域保护:具有用户属性的区域;用户代码区UC和用户数据区UD。不同用户之间可以通过寄存器配置是否允许本用户读、写、执行,是否允许其他用户读、写、执行。FLASH各用户区域范围可灵活配置,各用户之间范围不允许越界,可以配置FLASH区域是否加密存储。For the user area, it mainly refers to the FLASH area with control authority. Protection of the FLASH area: areas with user attributes; user code area UC and user data area UD. Different users can configure whether to allow this user to read, write, and execute through registers, and whether to allow other users to read, write, and execute. The range of each user area of FLASH can be flexibly configured, and the range of each user is not allowed to cross the boundary. It can be configured whether the FLASH area is encrypted and stored.

本实施例的内存保护系统,包括存储器、内存保护单元以及微处理器,存储器通过内存保护单元与微处理器通信连接。内存保护单元包括控制部分、加解密部分、输出部分以及访问违反机制判定部分。The memory protection system of this embodiment includes a memory, a memory protection unit, and a microprocessor, and the memory is connected to the microprocessor through the memory protection unit. The memory protection unit includes a control part, an encryption and decryption part, an output part and an access violation mechanism judgment part.

进一步的,控制部分主要由程序指针比较单元、地址比较单元、访问权限判定单元以及访问违规判定单元组成。程序指针比较单元,实现程序指针和各区域配置边界地址的比较,以确定程序所在的区域。地址比较单元,实现访问地址和各区域配置边界地址的比较,以确定访问地址所在的区域。访问权限判定单元,以确定实际发生的访问是否符合设定的访问权限。访问违规判定单元,根据各区域的访问地址一致性和访问权限有效的判定结果,确定用户对目标地址访问是否有效。Further, the control part is mainly composed of a program pointer comparison unit, an address comparison unit, an access authority determination unit and an access violation determination unit. The program pointer comparison unit realizes the comparison between the program pointer and the configuration boundary address of each area, so as to determine the area where the program is located. The address comparison unit realizes the comparison between the access address and the configuration boundary address of each area, so as to determine the area where the access address is located. The access right judging unit is used to determine whether the actual access meets the set access right. The access violation judging unit determines whether the user's access to the target address is valid according to the consistency of the access addresses in each area and the valid judgment results of the access authority.

加解密部分,可以灵活设计各个区域是否实行加密存储。对于地址部分实行乱序加密规则,由于基地址都是一样的,所以对于地址的加密只处理其偏移地址部分。本实施例在地址加密的算法中采用了s盒,这种s盒的设计模板类似于一种查表算法,每一个数据都有固定的值与其对应。另外,当CPU向存储区域写入数据的时候,可以对其进行相关的加密操作,同样读取数据的时候则进行解密操作。数据加解密采用SPECK32算法,该算法整体采用轮函数结构, F函数包含密钥的线性和非线性的变化。区域的加解密功能由控制寄存器设定。In the encryption and decryption part, it is possible to flexibly design whether to implement encrypted storage in each area. The out-of-order encryption rules are implemented for the address part. Since the base address is the same, only the offset address part is processed for the encryption of the address. In this embodiment, an s-box is used in the address encryption algorithm. The design template of this s-box is similar to a look-up table algorithm, and each data has a fixed value corresponding to it. In addition, when the CPU writes data to the storage area, it can perform related encryption operations, and also perform decryption operations when reading data. The data encryption and decryption adopts the SPECK32 algorithm, which adopts a round function structure as a whole, and the F function includes linear and nonlinear changes of the key. The encryption and decryption function of the area is set by the control register.

输出部分,根据控制部分和加解密部分处理的结果,确定是否向周边总线输出访问信息。若控制部分判定此次访问有效,则输出访问信息,实现访问目的;若控制部分判定访问违规,则阻止此次访问信息。The output part determines whether to output the access information to the peripheral bus according to the processing results of the control part and the encryption and decryption part. If the control part judges that the access is valid, it will output the access information to achieve the purpose of the access; if the control part judges that the access is illegal, it will block the access information.

访问违反机制判定部分,当芯片通过AHB总线访问内存时,MPU通过比对每个区域的高低地址来确定,当前所要访问的地址所属于哪个区域。当对应的地址匹配的时候,当前执行的读写信号就会根据对应区域的访问权限来确定是否可以执行当前的操作。若果当前的权限语序,则可以继续通过总线访问对应的内存单元;如果当前区域的访问权限不允许当前操作,那么就会产生访问权限违反错误(violation)。In the judgment part of the access violation mechanism, when the chip accesses the memory through the AHB bus, the MPU compares the high and low addresses of each area to determine which area the address to be accessed currently belongs to. When the corresponding address matches, the currently executed read/write signal will determine whether the current operation can be performed according to the access authority of the corresponding area. If the current permission sequence is correct, you can continue to access the corresponding memory unit through the bus; if the access permission of the current area does not allow the current operation, then an access permission violation error (violation) will occur.

用户代码区UC和用户数据区UD的总体功能的实现为:首先配置用户控制寄存器,将对应区域的权限以及相关边界方位设定好,当CPU发起访问,其访问信息首先通过AHB总线进入到MPU模块,然后经过UC、UD模块的控制部分进行有效判定,最终通过输出部分向周边总线输出或屏蔽该次访问信息。The realization of the overall function of the user code area UC and the user data area UD is as follows: first configure the user control register, set the authority of the corresponding area and the relevant boundary orientation, when the CPU initiates an access, its access information first enters the MPU through the AHB bus module, and then through the control part of the UC and UD modules to make an effective judgment, and finally output or shield the access information to the peripheral bus through the output part.

表1 UC、UD区域信号描述Table 1 UC, UD area signal description

信号名称signal name 信号描述Signal description 信号类型signal type core_HADDRcore_HADDR 当前执行的区域currently executing region 输入enter core_pccore_pc 代码所在的区域the region where the code resides 输入enter acce_permacce_perm 当前执行的操作current action 输入enter uc/ud_validuc/ud_valid UC/UD区域有效的标识Signs valid for UC/UD regions 输入enter uc_sc_pc_matchuc_sc_pc_match 本用户区域匹配This user locale matches 输入enter uc/ud_regn_permuc/ud_regn_perm UC/UD区域的权限Permissions for UC/UD areas 输入enter ucrh/l_reg, udrh/l_regucrh/l_reg, udrh/l_reg UC/UD区域的范围Scope of UC/UD area 输入enter uc_pc_matchuc_pc_match 确定代码是否在UC区域Determine if code is in UC area 输出output uc/ud_regn_violtuc/ud_regn_violt 访问UC/UD区域权限违反Violation of permission to access UC/UD area 输出output uc/ud_addr_matchuc/ud_addr_match 地址比对匹配Address comparison and matching 输出output

具体实现功能及寄存器描述:Specific implementation functions and register description:

1.根据代码所在的区域与UC/UD区域范围比较,产生match信号,确定代码运行的区域,即确定执行该段代码的用户。1. According to the comparison between the area where the code is located and the UC/UD area, a match signal is generated to determine the area where the code runs, that is, to determine the user who executes the code.

2.根据地址与UC/UD区域范围比较,产生地址match信号,确定访问的地址是否在该UC/UD区域。2. According to the comparison between the address and the UC/UD area, an address match signal is generated to determine whether the accessed address is in the UC/UD area.

3.根据当前操作类型acce_perm以及处理后的匹配信号,比较该区域允许的操作类型regn_perm,产生权限违反错误(violt)。3. According to the current operation type acce_perm and the processed matching signal, compare the operation type regn_perm allowed in this area, and generate a permission violation error (violt).

4.当访问该区域地址匹配并且访问权限错误时,将产生区域违反信号,输出到MPU寄存器模块。4. When the address of the access area matches and the access authority is wrong, an area violation signal will be generated and output to the MPU register module.

对于用户数据区及用户代码区来说,用户寄存器由控制寄存器和状态寄存器组成。控制寄存器主要是用户写入,用来配置对应的区域的访问权限。状态寄存器则反映访问权限错误的信息,当发生访问错误的时候,错误标志位将会被置起,一旦被置为1后便无法再更新为0,必须等到本用户将该错误状态清除后,才能重新恢复为0,从而继续使用。For the user data area and user code area, the user registers are composed of control registers and status registers. The control register is mainly written by the user to configure the access rights of the corresponding area. The status register reflects the information of access rights error. When an access error occurs, the error flag will be set. Once it is set to 1, it cannot be updated to 0. It must wait until the user clears the error status. Only then can it be restored to 0 again, so as to continue to use.

以下对用户区域进行仿真验证The simulation verification of the user area is as follows

UC、UD区域的仿真及验证也就是用户对UC、UD区域的访问权限的验证以及加解密的验证。The simulation and verification of the UC and UD areas are the verification of the user's access rights to the UC and UD areas and the verification of encryption and decryption.

用户可以合理设置UC、UD、区域,可以配置4个具有用户属性的区域,用户代码区UC和用户数据区UD各4个。对于UC、UD区域的权限设置及配置有效标识(valid)则由用户控制寄存器分配。对于用户控制寄存器来说,当对应的valid无效时,可直接由CPU配置。用户设置权限配置,不同的用户访问自己和其他用户区域。测试对应用户区是否被安全保护,可通过查询MPU状态寄存器中的状态来判断。The user can reasonably set UC, UD, and area, and can configure 4 areas with user attributes, 4 user code areas UC and 4 user data areas UD each. The permission setting and configuration valid flag (valid) of UC and UD areas are assigned by the user control register. For the user control register, when the corresponding valid is invalid, it can be directly configured by the CPU. User settings permission configuration, different users access their own and other user areas. To test whether the corresponding user area is protected by security, it can be judged by querying the status in the MPU status register.

1.权限违反的验证1. Verification of permission violations

在验证UC、UD区域功能的时候,首先将验证代码放入到事先设置好的用户区域,并对每个用户的代码区和数据区的权限作相关的设定,执行访问其他区域的代码。仿真结果如下面图3与图4所示。由图3、图4可知,将UC和UD区域的权限设置为仅本用户可以读写,其他用户不可以对其进行操作;当其他用户访问该UC/UD区域时,会产生权限错误,阻止此次访问,从而实现保护FLASH的作用。When verifying the functions of the UC and UD areas, first put the verification code into the pre-set user area, and make relevant settings for the authority of each user's code area and data area, and execute the code to access other areas. The simulation results are shown in Figure 3 and Figure 4 below. As can be seen from Figure 3 and Figure 4, the permissions of the UC and UD areas are set so that only the user can read and write, and other users cannot operate on them; when other users access the UC/UD area, a permission error will occur, preventing This access, thus realizing the function of protecting FLASH.

2.加解密的验证2. Verification of encryption and decryption

FLASH区域的加密则是可以控制的,当需要加密的时候,只需要将加密控制位使能信号置上即可。波形如下图5和图6所示:可以看到地址只加密其中[6:2]几位,数据则是全部加密。The encryption of the FLASH area can be controlled. When encryption is required, it is only necessary to set the enable signal of the encryption control bit. The waveforms are shown in Figure 5 and Figure 6 below: It can be seen that only bits [6:2] of the address are encrypted, and all data is encrypted.

以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求的保护范围为准。The above is only a preferred embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Any person skilled in the art within the technical scope disclosed in the present invention can easily think of changes or Replacement should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be determined by the protection scope of the claims.

Claims (7)

1.一种内存保护单元中用户控制区域的划分方法,其特征在于在C0 MCU为内核开发出的SoC系统的基础上,设置了芯片内部存储器FLASH的区域权限管理,根据用户的设定将用户与FLASH的相应区域构建关联,形成具有用户属性的区域,并设定各区域的独立的访问权限,在接收用户访问权限时,若区域与用户的对应权限不匹配,则向C0 MCU返回错误信息,阻止不符合的访问。1. a division method of user control area in a memory protection unit, it is characterized in that on the basis of the SoC system that kernel develops on C0 MCU, the area authority management of chip internal memory FLASH is set, according to the setting of user, user Create an association with the corresponding area of FLASH to form an area with user attributes, and set independent access rights for each area. When receiving user access rights, if the area does not match the corresponding rights of the user, an error message will be returned to the C0 MCU , to block non-compliant access. 2.根据权利要求1所述的内存保护单元中用户控制区域的划分方法,其特征在于FLASH区域的数据根据用户设定可设置加解密存储,加解密存储操作由对应的使能信号来控制。2. The method for dividing the user-controlled area in the memory protection unit according to claim 1, wherein the data in the FLASH area can be encrypted and decrypted according to user settings, and the encryption and decryption storage operation is controlled by a corresponding enabling signal. 3.根据权利要求1所述的内存保护单元中用户控制区域的划分方法,其特征在于所述具有用户属性的区域用户代码区UC和用户数据区UD,不同用户之间可以通过寄存器配置是否允许对应用户的读、写、执行,是否允许其他用户读、写、执行。3. the method for dividing the user control area in the memory protection unit according to claim 1, it is characterized in that the area user code area UC and user data area UD with user attribute, can be allowed by register configuration between different users Corresponding to the user's read, write, and execute, whether to allow other users to read, write, and execute. 4.采用如权利要求1-3任一项所述的内存保护单元中用户控制区域的划分方法的内存保护系统,包括存储器、内存保护单元以及微处理器,所述存储器通过内存保护单元与微处理器通信连接,其特征在于所述内存保护单元包括控制部分、加解密部分、输出部分以及访问违反机制判定部分:4. adopt the memory protection system of the division method of user control area in the memory protection unit as described in any one of claim 1-3, comprise memory, memory protection unit and microprocessor, described memory is by memory protection unit and microprocessor The processor communication connection is characterized in that the memory protection unit includes a control part, an encryption and decryption part, an output part and an access violation mechanism determination part: 所述控制部分包括:The control section includes: 程序指针比较单元,实现程序指针和各区域配置边界地址的比较,以确定程序所在的区域;The program pointer comparison unit realizes the comparison between the program pointer and the configuration boundary address of each area, so as to determine the area where the program is located; 地址比较单元,实现访问地址和各区域配置边界地址的比较,以确定访问地址所在的区域;The address comparison unit realizes the comparison between the access address and the configuration boundary address of each area, so as to determine the area where the access address is located; 访问权限判定单元,以确定实际发生的访问是否符合设定的访问权限;An access right judging unit to determine whether the actual access meets the set access right; 访问违规判定单元,根据各区域的访问地址和访问权限有效的判定结果,确定用户对目标地址访问是否有效;The access violation determination unit determines whether the user's access to the target address is valid according to the access address of each area and the valid determination result of the access authority; 所述加解密部分,通过寄存器设定各个区域是否实行加密存储;The encryption and decryption part sets whether each area implements encrypted storage through registers; 所述输出部分,根据控制部分和加解密部分处理的结果,确定是否向周边总线输出访问信息;The output part determines whether to output the access information to the peripheral bus according to the processing results of the control part and the encryption and decryption part; 所述访问违反机制判定部分,对当前访问的权限进行识别判定,若果当前的权限允许,则可以继续通过总线访问对应的内存单元;如果当前区域的访问权限不允许当前操作,那么就会产生访问权限违反错误。The access violation mechanism judgment part identifies and judges the current access authority, if the current authority permits, it can continue to access the corresponding memory unit through the bus; if the current area access authority does not allow the current operation, then a Access rights violation error. 5.根据权利要求4所述的内存保护系统,其特征在于所述加解密部分包括地址加密与数据加密,地址加密实行乱序加密规则,只处理偏移地址部分。5. The memory protection system according to claim 4, wherein the encryption and decryption part includes address encryption and data encryption, address encryption implements out-of-order encryption rules, and only processes offset address parts. 6.根据权利要求5所述的内存保护系统,其特征在于地址加密的算法中采用了s盒的模板;数据加解密采用SPECK32算法,并对所有数据进行加密。6. The memory protection system according to claim 5, characterized in that the address encryption algorithm adopts the s-box template; the data encryption and decryption adopts the SPECK32 algorithm, and all data is encrypted. 7.根据权利要求4所述的内存保护系统,其特征在于所述输出部分与控制部分信息交互为:若控制部分判定此次访问有效,则输出访问信息;若控制部分判定访问违规,则阻止此次访问。7. The memory protection system according to claim 4, wherein the information interaction between the output part and the control part is as follows: if the control part judges that the access is valid, then output the access information; if the control part judges that the access is illegal, then prevent this visit.
CN201810236110.6A 2018-03-21 2018-03-21 The division methods in user's control region and memory protect system in memory protection location Pending CN108460287A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810236110.6A CN108460287A (en) 2018-03-21 2018-03-21 The division methods in user's control region and memory protect system in memory protection location

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810236110.6A CN108460287A (en) 2018-03-21 2018-03-21 The division methods in user's control region and memory protect system in memory protection location

Publications (1)

Publication Number Publication Date
CN108460287A true CN108460287A (en) 2018-08-28

Family

ID=63236701

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810236110.6A Pending CN108460287A (en) 2018-03-21 2018-03-21 The division methods in user's control region and memory protect system in memory protection location

Country Status (1)

Country Link
CN (1) CN108460287A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109446755A (en) * 2018-09-30 2019-03-08 龙芯中科技术有限公司 The guard method of kernel hooking function, device, equipment and storage medium
CN109766165A (en) * 2018-11-22 2019-05-17 海光信息技术有限公司 A memory access control method, device, memory controller and computer system
CN109947673A (en) * 2019-03-26 2019-06-28 北京经纬恒润科技有限公司 A kind of method for protecting EMS memory, protective device and single-chip microcontroller
CN110008726A (en) * 2019-04-09 2019-07-12 杨力祥 A runtime access control apparatus and method
CN110162965A (en) * 2019-04-09 2019-08-23 杨力祥 Access control method and computing device when a kind of operation
CN112163214A (en) * 2020-09-22 2021-01-01 杭州数梦工场科技有限公司 Data access method and device
CN112182548A (en) * 2020-09-23 2021-01-05 博流智能科技(南京)有限公司 Chip system
CN113496016A (en) * 2020-04-08 2021-10-12 深圳市中兴微电子技术有限公司 Memory access method, system-on-chip and electronic equipment
CN113987589A (en) * 2021-12-27 2022-01-28 飞天诚信科技股份有限公司 Method and device for processing data
CN115794661A (en) * 2023-01-19 2023-03-14 苏州浪潮智能科技有限公司 Processor abnormal access positioning method and device, electronic equipment and storage medium
CN116595594A (en) * 2023-05-19 2023-08-15 无锡摩芯半导体有限公司 FLASH safety control method based on UCB
CN116795494A (en) * 2023-08-23 2023-09-22 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101952809A (en) * 2007-10-23 2011-01-19 郑基悦 Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface
CN102843366A (en) * 2012-08-13 2012-12-26 北京百度网讯科技有限公司 Network resource access permission control method and device
CN103150524A (en) * 2013-01-30 2013-06-12 华中科技大学 Safe memory chip, system and authentication method of safe memory chip
CN103617404A (en) * 2013-12-17 2014-03-05 天津赢达信科技有限公司 Storing device of safety partitions
CN106657052A (en) * 2016-12-16 2017-05-10 湖南国科微电子股份有限公司 Access management method and system for storage data
CN106897635A (en) * 2017-02-28 2017-06-27 广东虹勤通讯技术有限公司 Removable storage device and method of operation thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101952809A (en) * 2007-10-23 2011-01-19 郑基悦 Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface
CN102843366A (en) * 2012-08-13 2012-12-26 北京百度网讯科技有限公司 Network resource access permission control method and device
CN103150524A (en) * 2013-01-30 2013-06-12 华中科技大学 Safe memory chip, system and authentication method of safe memory chip
CN103617404A (en) * 2013-12-17 2014-03-05 天津赢达信科技有限公司 Storing device of safety partitions
CN106657052A (en) * 2016-12-16 2017-05-10 湖南国科微电子股份有限公司 Access management method and system for storage data
CN106897635A (en) * 2017-02-28 2017-06-27 广东虹勤通讯技术有限公司 Removable storage device and method of operation thereof

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109446755B (en) * 2018-09-30 2021-03-30 龙芯中科技术股份有限公司 Kernel hook function protection method, device, equipment and storage medium
CN109446755A (en) * 2018-09-30 2019-03-08 龙芯中科技术有限公司 The guard method of kernel hooking function, device, equipment and storage medium
CN109766165A (en) * 2018-11-22 2019-05-17 海光信息技术有限公司 A memory access control method, device, memory controller and computer system
CN109947673A (en) * 2019-03-26 2019-06-28 北京经纬恒润科技有限公司 A kind of method for protecting EMS memory, protective device and single-chip microcontroller
CN110008726B (en) * 2019-04-09 2021-08-20 杨力祥 A runtime access control apparatus and method
CN110162965A (en) * 2019-04-09 2019-08-23 杨力祥 Access control method and computing device when a kind of operation
CN110008726A (en) * 2019-04-09 2019-07-12 杨力祥 A runtime access control apparatus and method
CN113496016A (en) * 2020-04-08 2021-10-12 深圳市中兴微电子技术有限公司 Memory access method, system-on-chip and electronic equipment
WO2021203767A1 (en) * 2020-04-08 2021-10-14 中兴通讯股份有限公司 Memory access method, system-on-chip, and electronic device
CN112163214A (en) * 2020-09-22 2021-01-01 杭州数梦工场科技有限公司 Data access method and device
CN112182548B (en) * 2020-09-23 2024-04-16 博流智能科技(南京)有限公司 Chip system
CN112182548A (en) * 2020-09-23 2021-01-05 博流智能科技(南京)有限公司 Chip system
CN113987589A (en) * 2021-12-27 2022-01-28 飞天诚信科技股份有限公司 Method and device for processing data
CN113987589B (en) * 2021-12-27 2022-03-18 飞天诚信科技股份有限公司 Method and device for processing data, computer readable storage medium and device
CN115794661A (en) * 2023-01-19 2023-03-14 苏州浪潮智能科技有限公司 Processor abnormal access positioning method and device, electronic equipment and storage medium
CN116595594A (en) * 2023-05-19 2023-08-15 无锡摩芯半导体有限公司 FLASH safety control method based on UCB
CN116795494A (en) * 2023-08-23 2023-09-22 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium
CN116795494B (en) * 2023-08-23 2024-01-02 北京紫光芯能科技有限公司 Memory protection unit information processing method, system and readable medium

Similar Documents

Publication Publication Date Title
CN108460287A (en) The division methods in user's control region and memory protect system in memory protection location
US20230128711A1 (en) Technologies for trusted i/o with a channel identifier filter and processor-based cryptographic engine
CN109828827B (en) Detection method, detection device and related equipment
US10572689B2 (en) Method and apparatus for secure execution using a secure memory partition
US10095890B2 (en) Secure processor and a program for a secure processor
CN100354786C (en) Open type general-purpose attack-resistant CPU and application system thereof
Basak et al. A flexible architecture for systematic implementation of SoC security policies
US8191155B2 (en) Microprocessor
CN103377349A (en) Security controlled multi-processor system
CN103455756B (en) A kind of course control method based on trust computing
JP2008047129A (en) Data processing apparatus and system control register protecting method
CN108090366B (en) Data protection method and device, computer device and readable storage medium
TWI608378B (en) An interface between a device and a secure processing environment
EP4086802A1 (en) Dynamic memory protection device system and method
Schrammel et al. Spear-v: Secure and practical enclave architecture for risc-v
CN115905108A (en) IOPMP architecture implementation method for RISC-V chip
Stajnrod Attacking ARM TrustZone using Hardware vulnerability
Weiser Enclave Security and Address-based Side Channels
Moolman et al. Extending RISC-V Keystone to Include Efficient Secure Memory
Platte A security architecture for microprocessors

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180828