TW201701162A - Semiconductor device - Google Patents

Abstract

Provided are semiconductor devices. A semiconductor device includes processors performing an operation using data stored in a memory; and a memory protector dividing the memory into a first window area and a second window area. The first window area including a first fragment page, which is of a first size. The second window area including a second fragment page, which is of a second size, wherein the second size is smaller than the first size. The memory protector configured to protect the first fragment page and the second fragment page from being accessed by the processors.

Description

Semiconductor device

The inventive concept is related to a semiconductor device.

To provide a secure execution environment for mobile applications, the mobile application can be configured to provide a secure area (or security) for a central processing unit (CPU) without the use of additional secure hardware chips. World)) and normal area (or normal world). Here, general applications can be operated in the normal world, and applications requiring security can be safely operated in the security world.

At least some aspects of the inventive concept provide a semiconductor device that can securely obtain a security buffer of security material.

However, aspects of the inventive concept are not limited to one described herein. The above and other aspects of the inventive concept will become more apparent from the detailed description of the embodiments of the invention.

According to at least some example embodiments of the inventive concepts, there is provided a semiconductor device including: a processor to perform operations using data stored in a memory; and a memory protector to The memory is divided into a first window area including a first fragment page having a first size, and a second window area including a second fragment page having a second size. The second size is smaller than the first size, and the memory protector is configured to prevent the first fragmentation page if the request from the processor is not at least one of a secure read and a secure write And the second fragment page is accessed by the processor.

The memory protector of the exemplary embodiment is configured to prevent the first fragment page and the second fragment page from being accessed by the processor based on a first page table, the first page table including a memory address Information, the memory address information corresponding to at least one of the first window area and the second window area.

The processor of the exemplary embodiment is configured to access the secure area by using a secure address, and access the non-secure area by a non-secure address, and the semiconductor device further includes: content firewall control To prevent the processor (i) from writing secure content data into the non-secure area, or (ii) reading system data stored in the non-secure area. The content firewall controller is further configured to receive a physical address for accessing the memory from a memory management controller, and the memory management controller is coupled to the processor.

According to another exemplary embodiment of the inventive concept, a semiconductor device includes: a memory including a first window region, a second window region, and a security buffer region, wherein the memory is used for secure content Retaining the security buffer area; the memory controller is configured to search the first window area for a first fragment page having a first size, and assign the first fragment page to the security buffer area, And for searching the second window region for a second fragmented page having a second size, the second size being smaller than the first size, and for assigning the second fragmented page to the security a buffer area; and a memory protector for providing information about the first window area and the second window area to the memory controller and for access request from the processor Not at least one of a secure read and a secure write protects the first fragmented page and the second fragmented page from being accessed.

The memory protector according to an exemplary embodiment is configured to provide information about the first window area and the second window area to the memory controller based on a first page table, the first page The table includes memory address information, the memory address information corresponding to at least one of the first window area and the second window area. The first page table further includes security attribute information about the memory address information and window identification flag information corresponding to the memory address information.

According to another exemplary embodiment of the inventive concept, a semiconductor device including: a first processor; a second processor, the first processor and the second processor are configured to be stored based on The data in the memory is operated; the content firewall controller is configured to determine whether the first physical address received from the memory management controller of the first processor is a secure address or a non-secure address; a memory protector for receiving a second physical address from at least one of the content firewall controller and the memory management controller of the second processor to access the memory, the memory The body is divided into a first window region including a first fragmented page having a first size, and the second window region includes a second fragmented page having a second size, the first The second size is smaller than the first size, and the memory protector is configured to: if the access request from the first processor and the second processor is not at least one of a secure read and a secure write Who then protect the first fragment and the second fragment page page is not the first processor and the second processor accesses.

According to an exemplary embodiment, the semiconductor device further includes a third processor, wherein the memory protector is configured to receive the second physical address from an external memory management controller connected to the third processor, To access the memory. The memory protector is configured to: divide the memory into a third window region, the third window region includes a third fragment page having a third size; and if the access request is not the secure read And at least one of the secure writes protecting the third fragment page from being accessed by the first processor and the second processor.

According to an exemplary embodiment, the memory controller of the semiconductor device includes a memory protector and a memory controller. The memory protector is configured to divide the memory into a window region and generate information associated with the window region. The memory controller is configured to receive the generated information associated with the window region, and assign a secure buffer region based on the information about the window region received from the memory protector To the memory. The memory controller is further configured to: receive a command for accessing the memory from the processor, and search the first fragment page, where the first fragment page is located in the first window area; The first fragment page is assigned to the security buffer area; the second fragment page is searched, the second fragment page is located in the second window area, the second size is smaller than the first size; The second fragment page is assigned to the secure buffer zone.

Hereinafter, exemplary embodiments will be described in detail with reference to the accompanying drawings. The inventive concept may be embodied in a variety of different forms and should not be construed as being limited to the illustrated exemplary embodiments. Rather, the exemplary embodiments are provided as an example of the invention, and are intended to be Therefore, conventional processes, elements, and techniques are not described with reference to certain exemplary embodiments of the inventive concepts. The same reference numerals are used throughout the drawings and the written description, unless otherwise indicated, In the drawings, the size and relative sizes of layers and regions may be exaggerated for clarity.

Although the inventive concept is susceptible to various modifications and alternative forms, the specific non-limiting exemplary embodiments of the inventive concepts are illustrated in the drawings and are set forth in detail herein. It should be understood, however, that the invention is not intended to be limited to the details of the invention.

It will be understood that, although the terms "first", "second", "third", and the like may be used to describe various elements, components, regions, layers and/or sections, the elements, components, regions, and layers And/or sections should not be limited by these terms. These terms are only used to distinguish between various elements, components, regions, layers or sections. The first element, component, region, layer or section discussed below may be referred to as a second element, component, region, layer or section, without departing from the teachings of the inventive concept.

In this article, for ease of explanation, for example, "beeath", "below", "lower", "under", "in..." can be used. Spatially relative terms such as "above" and "upper" are used to describe the relationship of one element or feature shown in the figure to another (other) element or feature. It will be understood that the spatially relative terms are intended to encompass different orientations of the device in use or operation in addition to the orientation illustrated. For example, if the device in the figures is turned over, the elements that are described as "below" or "below" or "below" the other elements or features will be. on". Therefore, the exemplary terms "below" and "below" can encompass both orientations above and below. The device may also be oriented (rotated 90 degrees or at other orientations) in other ways, and the spatially relative terms used herein will be interpreted accordingly. In addition, it should also be understood that when a layer is referred to as being "between" two layers, the layer may be the only layer between the two layers, or one or more intermediate layers may be present.

The terminology used herein is for the purpose of the description of the particular embodiments embodiments The singular forms "a", "an" and "the" It is to be understood that the phrase "comprises and/or "comprising", when used in the specification, is used to indicate the existence of the stated features, integers, steps, operations, components, and / or components, but does not exclude The presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. The term "and/or" as used herein includes any and all combinations of one or more of the associated listed. In addition, the term "exemplary" is intended to mean an instance or description.

It will be understood that when an element or layer is "on", "connected", "coupled to" or "adjacent" to another element or layer, the element or layer The other element or layer is directly connected to, directly coupled to, or directly adjacent to the other element or layer, or the intermediate element or layer may be present. In contrast, when a component is referred to as being "directly on" another element or layer "on", "directly connected", "directly coupled to" or "closely" to another element or layer, it does not exist. Intermediate component or layer.

Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by those of ordinary skill in the art. It should be further understood that terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning consistent with their meaning in the context of the related art and/or the specification, and unless clearly defined herein, It should be interpreted as having an idealized or overly formal meaning.

Hereinafter, an exemplary embodiment of the inventive concept will be explained with reference to the drawings.

FIG. 1 is a schematic view illustrating a semiconductor device in accordance with an exemplary embodiment of the inventive concept.

Referring to FIG. 1, a semiconductor device according to an exemplary embodiment of the inventive concept may include a first processor 100, a second processor 102 and a third processor 104, a memory management controller 200, a content firewall controller 300, and memory protection. The device 400, the memory controller 410, and the memory 420. The components can receive and transmit data via an interconnect 500 (eg, a bus bar). Here, the semiconductor device may be an application processor usable for a mobile device, but the scope of the inventive concept is not limited thereto.

The first processor 100, the second processor 102, the third processor 104, the memory management controller 200, the content firewall controller 300, the memory protector 400, and the memory controller 410 are configured by using hardware components. Implemented in any of the processors executing the software components, or a combination thereof. Execution of one or more algorithms, hardware components described above, or processors for executing software components as set forth in the exemplary embodiments of the inventive concepts may result in the use of a dedicated processor. An algorithm as presented in the exemplary embodiments of the inventive concept constitutes a sufficient structure, which may include, but is not limited to, a mathematical formula, a flowchart, a computer code, and/or / or steps.

The one or more processors are computer processing devices for applying a run length code by performing arithmetic operations, logic operations, and input/output operations. Once the code is loaded into one or more processors, the one or more processors can be programmed to execute the code, thereby converting the one or more processors into one or more Dedicated processor or computer. Alternatively, or in addition to the processors discussed above, the hardware device may include one or more central processing units (CPUs), digital signal processors (DSPs), application-specific integrated circuits (application-specific-integrated-circuit, ASIC), system on chip (SoC), field programmable gate array (FPGA), and the like. In at least some instances, the one or more central processing units, system single-chip, digital signal processor (DSP), application-specific integrated circuit (ASIC), and field programmable gate array (FPGA) can be It is called a processing circuit and/or a microprocessor.

The first processor 100, the second processor 102, and the third processor 104 can perform operations using data stored in the memory 420. The first processor 100, the second processor 102, and the third processor 104 can provide the memory controller 410 with a command for writing the data into the memory 420 and for reading and storing in the memory 420. The order of the information in the file. Here, the material may be content material containing multimedia materials, but the scope of the inventive concept is not limited thereto. The data may be system data containing an operating system code.

In some exemplary embodiments of the inventive concept, the first processor 100, the second processor 102, and the third processor 104 may include a central processing unit (CPU), a graphics processing unit (GPU), Multimedia intellectual property (MIP), etc., but the scope of the inventive concept is not limited to this.

Meanwhile, the memory management controller 200 and the content firewall controller 300 will be described later with reference to FIGS. 2 and 3.

The memory protector 400 protects a portion of the memory from external non-secure access by the first processor 100, the second processor 102, and the third processor 104. Specifically, the memory protector 400 divides the area of the memory 420 into a plurality of window areas, and protects the plurality of window areas from the first processor 100, the second processor 102, and the third processor 104. Non-secure access.

It should be noted that a window area may include both a secure memory area for storing secure data and a non-secure memory area for storing non-secure data. Here, the secure memory area can be accessed by a secure address, and the non-secure memory area can be accessed by a non-secure address. Information about which address is a secure address or a non-secure address can be managed by the memory protector 400 as a specific data structure, such as a page table. The non-secure memory area contained in a window area may be a candidate area for being assigned to a security buffer as will be described later.

The memory protector 400 provides information about the plurality of window regions to the memory controller 410.

The memory controller 410 can process the request of the first processor 100, the second processor 102, and the third processor 104 to access the memory 420, and can also be based on the information about the plurality of window regions. The secure buffer area is assigned to memory 420, which is provided from memory protector 400.

The secure buffer area refers to a secure memory area that is provided to store secure material (eg, secure content material (eg, digital right management (DRM) material)). That is, the security material protected by the digital rights management must be stored in a memory area that is protected from the non-secure access of the first processor 100, the second processor 102, and the third processor 104.

For example, when the memory controller 410 receives a write request of 1024 million-bit security data from the first processor 100, the second processor 102, and the third processor 104, the memory controller 410 must ensure sufficient memory to successfully write 1024 million bytes of security material. For convenience of explanation, it is assumed that the security material requested by the first processor 100, the second processor 102, and the third processor 104 is digital rights management video material. In this case, 1024 megabits are reserved in the memory 420 in advance in the memory 420 when it is determined in advance whether or not the security data requested by the first processor 100, the second processor 102, and the third processor 104 is determined. This secure memory area cannot be used for any other purpose when the group's secure memory area is used, thus wasting memory resources.

At the same time, the amount of memory that should be reserved for the digital rights management video data requested by the first processor 100, the second processor 102, and the third processor 104 can be large. However, even when the available memory in memory 420 is of sufficient size to store the digital rights management video material, particularly if the available memory is divided into a very large number of small fragments (eg, less than 64 kilobits) Groups) and distributed in the mobile application execution environment, it is difficult to collect a sufficient amount of memory for digital rights management video data.

The memory controller 410 overcomes such problems by assigning a secure buffer area to the memory 420 based on the information about the plurality of window regions, the information being provided from the memory protector 400, and then Explain the details.

The memory 420 can include a plurality of window regions as described above, and can include a secure buffer region that is reserved for writing secure content material. In some exemplary embodiments of the inventive concept, the memory 420 may include a dynamic random-access memory (DRAM), but the type of the memory is not limited thereto.

FIG. 2 is a schematic diagram illustrating an operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept.

Referring to FIG. 2, the first processor 100 may be a multimedia IP. Examples of multimedia IP may include, but are not limited to, a memory flow controller (MFC), a scaler, and a DeCON. The memory access request generated from the first processor 100 is transmitted to the memory management controller 200.

The memory access request generated from the first processor 100 uses a virtual address. The memory management controller 200 converts the virtual address included in the request into a physical address and transmits the request containing the physical address to the memory protector 400.

Along with this, the memory management controller 200 checks whether the memory access request generated from the first processor 100 is a request for a secure address, and only when the request corresponds to a secure read and a secure write. The request is transmitted to the memory protector 400 at one time.

For example, when the request of the first processor 100 is a request for writing the secure content material into the non-secure memory area or for reading system data stored in the non-secure memory area ( For example, upon request of the operating system code, the memory management controller 200 can transmit an error message to the first processor 100 without processing such a request. In this manner, the request from the first processor 100 without security awareness can be handled by the security-conscious memory management controller 200.

For this operation, the memory management controller 200 can manage and maintain the data structure, for example, address information including the memory 420 and a page table of security attribute information about the address. In some exemplary embodiments of the inventive concept, the security attribute information may include a secure read flag, a secure write flag, a non-secure read flag, and a non-secure write flag.

Thereafter, as explained later, the memory controller 410 can process the request of the first processor 100, and can also assign the secure buffer area to the memory 420 based on the information about the plurality of window areas. The information is provided from the memory protector 400.

FIG. 3 is a schematic diagram illustrating another operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept.

Referring to FIG. 3, the second processor 102 can be a graphics processing unit (GPU). In this case, the second processor 102 (ie, the graphics processing unit) may include a graphics processing unit core 102a and a memory management controller 102b. Here, it is assumed that the memory management controller 102b included in the second processor 102 has no security awareness.

The memory access request generated from the graphics processing unit core 102a is transmitted to the memory management controller 102b, and the virtual address included in this request is converted into a physical address by the memory management controller 102b. The memory management controller 102b may transmit the request containing the physical address to the content firewall controller 300.

The content firewall controller 300 checks if the memory access request generated from the second processor 102 is a request for a secure address and only if the request corresponds to one of a secure read and a secure write The request is transmitted to the memory protector 400.

For example, when the request of the second processor 102 is a request for writing the secure content material into the non-secure memory area or for reading system data stored in the non-secure memory area ( For example, upon request of the operating system code, the content firewall controller 300 can transmit an error message to the second processor 102 without having to process such a request. In this manner, the request from the second processor 102 without security awareness can be handled by the security-aware content firewall controller 300.

For this operation, the content firewall controller 300 can manage and maintain the data structure, for example, address information including the memory 420 and a page table of security attribute information about the address. In some exemplary embodiments of the inventive concept, the security attribute information may include at least a secure read flag, a secure write flag, a non-secure read flag, and a non-secure write flag.

Thereafter, as explained later, the memory controller 410 can process the request of the second processor 102, and can also assign the secure buffer area to the memory 420 based on the information about the plurality of window areas. The information is provided from the memory protector 400.

FIG. 4 is a schematic diagram illustrating still another operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept.

Referring to Figure 4, the third processor 104 can be a central processing unit. In this case, the third processor 104 (ie, the central processing unit) can include the central processing unit core 104a and the memory management controller 104b. Here, it is assumed that the memory management controller 104b included in the third processor 104 is security-conscious.

The memory access request generated from the central processing unit core 104a is transmitted to the memory management controller 104b, and the virtual address contained in this request is converted into a physical address by the memory management controller 104b. The memory management controller 104b may transmit the request containing the physical address to the memory protector 400.

In an exemplary embodiment, since the memory management controller 104b included in the third processor 104 checks whether the memory access request pre-generated from the central processing unit core 104a is a request for a secure address, Additional components are required.

Thereafter, as explained later, the memory controller 410 can process the request of the second processor 102, and can also assign the secure buffer area to the memory 420 based on the information about the plurality of window areas. The information is provided from the memory protector 400.

FIG. 5 is a schematic view illustrating a memory structure of a semiconductor device in accordance with an exemplary embodiment of the inventive concept.

Referring to FIG. 5, the memory 420 can include a plurality of window regions 600, 610, and 620.

As described above, each of the window regions 600, 610, and 620 can include both a secure memory region and a non-secure memory region accessed by a secure address and a non-secure address, respectively. In addition, each of the window regions 600, 610, and 620 can include a non-available memory region that is assigned to a dedicated processor and that has been used, and an available memory region that can be used as needed. In particular, in certain exemplary embodiments of the inventive concept, the available memory regions may include fragmented pages that remain between the non-available memory regions.

For example, each of the window regions 600 and 620 can include a memory region in which memory assignments and memory de-allocations of relatively small data occur frequently. When the memory assignment and the memory release assignment of relatively small data frequently occur in the memory region, the fragmentation rate of the corresponding memory region may increase. Thus, the available memory regions present in each of the window regions 600 and 620 can exist as a large number of small fragmented pages. For example, the available memory regions present in each of the window regions 600 and 620 can include a large number of fragmented pages having a size less than 64 kilobytes.

On the other hand, the window area 610 may include a memory area in which memory assignment and memory de-allocation of relatively large data (e.g., multimedia material) occur infrequently. When the memory assignment and the memory release assignment of relatively large data occur infrequently in the memory region, the fragmentation rate of the corresponding memory region can be reduced. Therefore, the available memory area present in the window area 610 can exist as a small number of large fragmented pages. For example, the available memory regions present in the window region 610 can include a small number of fragmented pages having a size greater than 64 kilobytes.

6 and 7 are schematic views respectively illustrating a memory assignment process of a semiconductor device according to an exemplary embodiment of the inventive concept.

Referring to Figure 6, available memory regions having a size greater than 64 kilobytes are mostly present in the window region 610 as described above with reference to Figure 5. In this case, the memory protector 400 can protect the fragment pages 612, 614, and 618 having a size of 64 kilobytes from being subjected to the first processor 100, the second processor 102, and the third processor 104. Non-secure access.

For example, memory protector 400 can be assigned fragment pages 612, 614, and 618 having a size of 64 kilobytes as a secure buffer 700 for storing secure content material. In this case, a relatively large available memory area is assigned to the secure buffer 700, thereby obtaining the necessary capacity of the secure buffer 700 with relatively little operating expense.

However, since the memory protector 400 searches only for fragmented pages having a size of 64 kilobytes, which is an available memory area in the window area 610, even when the window area 610 includes a large number of fragments having a size of 4 kilobytes At page 616, only fragment pages 612, 614, and 618 having a size of 64 kilobytes are assigned to the secure buffer 700. If there are insufficient fragment pages with a size of 64 kilobytes, a delay or failure may occur in the attempt to obtain the secure buffer 700.

Referring to Figure 7, available memory regions having a size less than 4 kilobytes are mostly present in the window region 600 as explained above with reference to Figure 5. In this case, the memory protector 400 can protect the fragment pages 602, 604, 606, and 608 having a size of 4 kilobytes from being subjected to the first processor 100, the second processor 102, and the third processor. 104 non-secure access.

For example, the memory protector 400 can assign fragment pages 602, 604, 606, and 608 having a size of 4 kilobytes as a secure buffer 700 for storing secure content material. Therefore, the capacity necessary for the security buffer 700 can be obtained even from a memory region having a high fragmentation rate.

As shown in Figures 6 and 7, the collection of relatively large fragmented pages and the collection of relatively small fragmented pages have advantages and disadvantages, respectively. That is, collecting relatively large fragmented pages is advantageous in that high capacity can be quickly obtained with relatively low cost, but it is disadvantageous that relatively small fragmented pages cannot be utilized. At the same time, collecting relatively small fragmented pages is advantageous in making it possible to make full use of memory resources, but it is disadvantageous in that costs are frequently generated.

Thus, in various exemplary embodiments of the inventive concept, memory 420 includes a plurality of window regions 600, 610, and 620. A memory region corresponding to the window regions 600 and 620 of the plurality of window regions 600, 610, 620 provides a relatively small fragmented page, and a window region 610 of the plurality of window regions 600, 610, and 620 The corresponding memory area provides a relatively large fragmented page, thereby effectively obtaining a secure buffer 700 of secure content material.

8 and 9A are schematic diagrams illustrating a page table used by the memory protector 400, according to an exemplary embodiment of the inventive concept.

Referring to FIG. 8, the memory protector 400 can use a page table 800 that includes memory address information corresponding to the plurality of window regions 600, 610, and 620.

The page table 800 can include a memory address 810 of the memory 420, security attribute information 820, 830, 840, and 850 with respect to the address, and window identification flag information 860 corresponding to the address.

In some exemplary embodiments of the inventive concept, security attribute information 820, 830, 840, and 850 may include non-secure reading (NSR) flag 820, non-secure writing (non-secure writing, The NSW flag 830, the secure reading (SR) flag 840, and the secure writing (SW) flag 850. For example, it means that non-secure access is possible in a memory address in which the non-secure read flag 820 and the non-secure write flag 830 are set, and it means that a secure read flag is set therein. Only secure access is available in the memory address of the target 840 and the secure write flag 850.

Meanwhile, referring to FIG. 9A, in the page table 870, the window recognition flag information 860 is used to divide the window regions 600, 610, 620.

For example, when the value of the window identification flag information 860 is "0", the memory area corresponding to the memory address 810 can be searched as a fragmented page having a first size (for example, 4 kilobytes). In contrast, when the value of the window identification flag information 860 is "1", the memory area corresponding to the memory address 810 can be searched as a fragmented page having a second size (for example, 64 kilobytes). .

For example, since the value of the window identification flag information 860 in the memory area corresponding to the memory address 810 of "0x0100_0000" to "0x07FF_FFFF" is "0", the memory area may be provided to have A window area 600 of a fragmented page of a first size (eg, 4 kilobytes). In addition, since the value of the window identification flag information 860 in the memory area corresponding to the memory address 810 of "0x3000_0000" to "0x4FFF_FFFF" is "1", the memory area may be provided to have a second A window area 610 of a fragmented page of size (eg, 64 kilobytes). In addition, since the value of the window identification flag information 860 in the memory area corresponding to the memory address 810 of "0x5100_0000" to "0x57FF_FFFF" is "0", the memory area may be provided to have the first A window area 620 of a fragmented page of size (eg, 4 kilobytes).

As described above, the memory 420 includes the plurality of window regions 600, 610, and 620. In the plurality of window regions 600, 610, and 620, the memory regions corresponding to the window regions 600 and 620 provide fragmented pages having a relatively small size, and the memory regions corresponding to the window regions 610 are provided to be relatively large. The size of the fragmented page, thereby effectively obtaining a secure buffer 700 of secure content material.

Figure 9B is a schematic diagram illustrating another exemplary embodiment of the page table shown in Figure 9A.

Referring to FIG. 9B, the page table 872 in which the window identification flag information 860 is used to divide the window regions 600, 610, and 620 may be different from the page table 870 illustrated with reference to FIG. 9A.

In the case of page table 870 shown in FIG. 9A, window identification flag information 860 is stored for each memory address 810. For example, the memory address 810 of "0x0100_0000" to "0x07FF_FFFF" has window identification flag information 860 each having a value of "0", and the memory addresses 810 of "0x3000_0000" to "0x4FFF_FFFF" have respective The window identification flag information 860 having a value of "1". When the page table 870 is configured in this manner, the size of the page table 870 will include n window identification flags for each of the n memory addresses 810 (here, n is an integer greater than 1 or greater than 1). The information 860 becomes very large.

In contrast, in the page table 872 of the exemplary embodiment, the window identification flag information 860 is not stored for each memory address 810, and only one window identification flag information 860 is assigned to each window area. In particular, page table 872 can include a start address (S_ADDR), an end address (E_ADDR), and a window identification flag (W) column.

For example, the window area 600 in which the start address is "0x0100_0000" and the end address is "0x07FF_FFFF" stores the window identification flag information having the value of "0" so that the window corresponding to the address range is made. A fragmented page having a first size (eg, 4 kilobytes) can be provided. In addition, the window area 620 in which the start address is "0x3000_0000" and the end address is "0x4FFF_FFFF" stores window identification flag information having a value of "1", so that the window corresponding to the address range can be provided. A fragmented page with a second size (eg, 64 kilobytes).

Since the page table 872 configured in this manner includes only a single window identification flag information 860 for each of the areas indicated by the window areas 600, 610, and 620, the size of the page table 872 can be made very small. .

9C is a schematic diagram illustrating still another operation of the semiconductor device according to an exemplary embodiment of the inventive concept, and FIG. 9D is a schematic diagram illustrating a page table used in the operation illustrated in FIG. 9C.

Referring to FIG. 9C, the memory 420 may include a plurality of window regions 660, 662, 664, 666, and 668.

For example, each of the window regions 660 and 662 can include a memory region in which memory assignments and memory de-allocations of relatively small data occur frequently. When the memory assignment and the memory release assignment of relatively small data frequently occur in the memory region, the fragmentation rate of the corresponding memory region may increase. Thus, the available memory regions present in each of the window regions 660 and 662 can exist as a large number of small fragmented pages. For example, the available memory regions present in each of the window regions 660 and 662 can include a large number of fragmented pages having a size less than 64 kilobytes.

Alternatively, each of the window regions 666 and 668 can include a memory region in which memory assignments and memory de-allocations for relatively large data (eg, multimedia material) occur infrequently. When the memory assignment and the memory release assignment of relatively large data occur infrequently in the memory region, the fragmentation rate of the corresponding memory region can be reduced. Thus, the available memory regions present in each of the window regions 666 and 668 can exist as a small number of large fragmented pages. For example, the available memory regions present in each of the window regions 666 and 668 can include a small number of fragmented pages having a size greater than 64 kilobytes.

Considering such characteristics of the memory 420, a memory area corresponding to the window area 660 may be searched for in a fragmented page unit having a first size (eg, 4 kilobytes), which may have a second size (eg, The memory area corresponding to the window area 662 is searched for in the fragment page unit of 16 kilobytes, and the memory corresponding to the window area 664 can be searched for in the fragment page unit having the third size (for example, 256 kilobytes). The body region may search for a memory region corresponding to the window region 666 in a fragment page unit having a fourth size (for example, 1 million bytes), and may have a fifth size (for example, 2 million bits) The memory page area corresponding to the window area 668 is searched for in the fragment page unit of the group.

Meanwhile, in order to divide the plurality of window regions for providing a fragmented page having a plurality of sizes, the window identification flag information 860 may be expressed by a plurality of bits. For example, in an exemplary embodiment, since a total of five window regions must be divided, the window identification flag information 860 can be expressed by three bits such that at least six values can be divided. For example, the window identification flag information 860 corresponding to the window areas 660, 662, 664, 666, and 668 can be indicated by "001", "010", "011", "100", and "101", respectively.

Referring to FIG. 9D, the page table 872 for dividing the window regions 660, 662, 664, 666, and 668 by using the window identification flag information based on the above may include a start address (S_ADDR), an end address (E_ADDR), and Window identification flag (W) column.

For example, the window area 662 in which the start address is "$C" and the end address is "$D" stores window identification flag information having a value of "010" so as to correspond to the address range. The window can provide a fragmented page with a second size (for example, 64 kilobytes). In addition, the window area 668 in which the start address is "$I" and the end address is "$J" stores window identification flag information having a value of "101" so that the window corresponding to the address range is made. A fragmented page having a fifth size (eg, 2 million bytes) can be provided.

Since the page table 874 configured in this manner includes only a single window identification flag information 860 for each of the areas indicated by the window areas 660, 662, 664, 666, and 668, the size of the page table 874 can be It has become very small.

FIG. 10 is a schematic diagram illustrating a memory assignment process of a semiconductor device in accordance with another exemplary embodiment of the inventive concept.

Referring to FIG. 10, memory 420 can include window regions 630, 640, and 650.

This exemplary embodiment differs from the previous exemplary embodiment in that a fragmented page can be dynamically assigned to the secure buffer 700. As described above, when the secure memory area is reserved in the memory 420 in advance due to consideration of whether or not the security data requested by the first processor 100, the second processor 102, and the third processor 104 is reserved in advance, this The secure memory area cannot be used for any other purpose until the request of the first processor 100, the second processor 102, and the third processor 104 actually exists, thereby wasting memory resources.

Thus, in an exemplary embodiment, the memory protector 400 can divide the window regions 630, 640, and 650 in the memory 420, but can dynamically assign pages in consideration of the memory capacity necessary for the secure buffer 700. Fragmentation.

For example, when a memory capacity of 1024 kilobytes is required at the first time to obtain the security buffer 700, the memory protector 400 can collect only available memory from the window region 630 in the memory 420, and The collected available memory is assigned to the secure buffer 700. Thereafter, when an additional memory capacity of 128 kilobytes is required at the second time, the memory protector 400 can collect the available memory from the window regions 640 and 650 in the memory 420, and additionally collect the collected memory. The available memory is assigned to the secure buffer 700.

Of course, even in the exemplary embodiment, as in the foregoing exemplary embodiment, the window areas 630, 640, and 650 may be disposed such that the fragment pages can be provided in sizes different from each other. For example, the window region 630 can be searched for in a fragmented page unit having a second size (eg, 64 kilobytes), and can be in a fragmented page unit having a first size (eg, 4 kilobytes) Each of the window areas 640 and 650 is searched.

As described above, the memory 420 includes the plurality of window regions 630, 640, and 650. A memory region corresponding to the window regions 640 and 650 of the plurality of window regions 630, 640, and 650 provides a fragmented page having a relatively small size, and the plurality of window regions 630, 640, and 650 The memory area corresponding to the window area 630 provides a fragmented page having a relatively large size, and if necessary, dynamically supplies the available memory to the secure buffer 700, thereby effectively obtaining the secure buffer 700 of the secure content material.

FIG. 11 is a schematic diagram illustrating a page table used by a memory protector, according to another exemplary embodiment of the inventive concept.

Referring to FIG. 11, unlike the exemplary embodiment shown in FIG. 8, the page table 900 of the memory protector 400 according to another exemplary embodiment of the inventive concept may include address information 910 of the memory 420, regarding the address The security attribute information 920 and the window identification flag information 930 corresponding to the address.

Page table 900 includes only non-secure access (NSA) flags instead of non-secure read (NSR) flags, non-secure write (NSW) flags, secure read (SR) flags, and secure writes ( The SW) flag is used as the security attribute information 920, thereby reducing the size of the page table 900 while enabling access between the non-secure memory area and the secure memory area.

FIG. 12 is a diagram illustrating a page table used by a content firewall controller and a memory management controller, according to an exemplary embodiment of the inventive concept.

Referring to FIG. 12, unlike the exemplary embodiment shown in FIGS. 2 and 3, security attributes included in the page table 1000 of the content firewall controller 300 and the memory management controller 200 according to another exemplary embodiment of the inventive concept. Information only includes secure read flags and secure write flags.

Page table 1000 includes only secure read flags and secure write flags instead of non-secure read (NSR) flags, non-secure write (NSW) flags, secure read (SR) flags, and secure writes. The (SW) flag is used as the security attribute information. In this case, the non-security aware request from the first processor 100 can be managed even by the secure read flag and the secure write flag, thereby making the requests secure. awareness. Thus, only the secure read flag and the secure write flag are maintained in the page table 1000, thereby reducing the size of the page table 1000.

13 through 15 illustrate non-limiting, exemplary embodiments of a semiconductor system to which a semiconductor device in accordance with certain exemplary embodiments of the inventive concepts may be applied.

FIG. 13 shows a tablet PC 1200, FIG. 14 shows a notebook computer 1300, and FIG. 15 shows a smart phone 1400. As described above, a semiconductor device according to some exemplary embodiments of the inventive concept may be used, including but not limited to, a tablet personal computer 1200, a notebook computer 1300, and/or a smart phone 1400. Moreover, it will be apparent to those skilled in the art that the semiconductor device according to some exemplary embodiments of the inventive concept as described above can also be applied to other integrated circuit devices not described herein. That is, as has been explained before, examples of the semiconductor system according to a non-limiting exemplary embodiment of the present invention include a tablet personal computer 1200, a notebook computer 1300, and a smart phone 1400. However, the examples are not limited to this. In certain exemplary embodiments of the inventive concept, the semiconductor system can be implemented to include, but is not limited to, a computer, an ultra-mobile PC, a workstation, a portable network (net- Book), personal digital assistant (PDA), portable computer, wireless phone, mobile phone, e-book, portable multimedia player (PMP), portable Gaming machines, navigation devices, black boxes, digital cameras, 3D televisions, digital audio recorders, digital image recorders, digital video players, digital video recorders, or digital video players.

It will be appreciated that, although the exemplary embodiments of the inventive concept have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions can be made without departing from the scope of the accompanying claims. The scope and spirit of the disclosed inventive concepts.

100‧‧‧First processor
102‧‧‧second processor
102a‧‧‧Graphic Processing Unit Core
102b‧‧‧Memory Management Controller
104‧‧‧ third processor
104a‧‧‧Central Processing Unit Core
104b‧‧‧Memory Management Controller
200‧‧‧Memory Management Controller
300‧‧‧Content Firewall Controller
400‧‧‧ memory protector
410‧‧‧ memory controller
420‧‧‧ memory
500‧‧‧Interconnection
600, 610, 620‧ ‧ window area
602, 604, 606, 608, 612, 614, 616, 618‧‧ ‧ fragment pages
660, 662, 664, 666, 668‧ ‧ window area
700‧‧‧Safety buffer
800‧‧‧ page
810‧‧‧Memory Address (ADDR)
820‧‧‧Security attribute information/Non security read (NSR) flag
830‧‧‧Security attribute information/non-secure write (NSW) flag
840‧‧‧Security Attribute Information/Secure Read (SR) Flag
850‧‧‧Security attribute information/safe write (SW) flag
860‧‧‧Window Identification Flag Information
870, 872, 874, 900‧‧‧ page
910‧‧‧Address Information (ADDR)
920‧‧‧Security Information Information (NSA)
930‧‧‧Window Identification Flag Information
1000‧‧‧ page
1020‧‧‧Security Attribute Information (SR)
1030‧‧‧Safety Information (SW)
1200‧‧‧ Tablet PC
1300‧‧‧Note Computer
1400‧‧‧Smart Phone
E_ADDR‧‧‧End address
S_ADDR‧‧‧ starting address
W‧‧‧Window Identification Flag

The above and other aspects and features of the inventive concept will become more apparent from the detailed description of the embodiments. Generation of the same parts. The drawings are not necessarily drawn to scale, but rather to illustrate the principles of the inventive concepts. In the drawings: FIG. 1 is a schematic view illustrating a semiconductor device in accordance with an exemplary embodiment of the inventive concept. FIG. 2 is a schematic diagram illustrating an operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept. FIG. 3 is a schematic diagram illustrating another operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept. FIG. 4 is a schematic diagram illustrating still another operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept. FIG. 5 is a schematic view illustrating a memory structure of a semiconductor device in accordance with an exemplary embodiment of the inventive concept. 6 and 7 are schematic views respectively illustrating a memory assignment process of a semiconductor device according to an exemplary embodiment of the inventive concept. 8 and 9A are schematic diagrams illustrating a page table used by a memory protector, according to an exemplary embodiment of the inventive concept. Figure 9B is a schematic diagram illustrating another exemplary embodiment of the page table shown in Figure 9A. 9C is a schematic diagram illustrating still another operation of a semiconductor device in accordance with an exemplary embodiment of the inventive concept. Figure 9D is a schematic diagram illustrating a page table used in the operation shown in Figure 9C. FIG. 10 is a schematic diagram illustrating a memory assignment process of a semiconductor device in accordance with another exemplary embodiment of the inventive concept. FIG. 11 is a schematic diagram illustrating a page table used by a memory protector, according to another exemplary embodiment of the inventive concept. FIG. 12 is a diagram illustrating a page table used by a content firewall controller and a memory management controller, according to an exemplary embodiment of the inventive concept. 13 through 15 illustrate non-limiting, exemplary embodiments of a semiconductor system to which a semiconductor device in accordance with certain exemplary embodiments of the inventive concepts may be applied.

100‧‧‧First processor

102‧‧‧second processor

104‧‧‧ third processor

200‧‧‧Memory Management Controller

300‧‧‧Content Firewall Controller

400‧‧‧ memory protector

410‧‧‧ memory controller

420‧‧‧ memory

500‧‧‧Interconnection

Claims (20)

A semiconductor device comprising: a processor for performing operations based on data stored in a memory; and a memory protector for: dividing the memory into a first window region and a second window region The first window region includes a first fragment page having a first size, the second window region includes a second fragment page having a second size, the second size being less than the first size, and if The processor's request is not at least one of a secure read and a secure write, preventing the first fragmented page and the second fragmented page from being accessed by the processor. The semiconductor device of claim 1, wherein the memory protector is configured to prevent the first fragment page and the second fragment page from being accessed by the processor based on a first page table, The first page table includes memory address information, and the memory address information corresponds to at least one of the first window area and the second window area. The semiconductor device of claim 2, wherein the first page table further comprises: security attribute information, the memory address information, and the window identification flag information corresponding to the memory address information . The semiconductor device of claim 3, wherein the security attribute information comprises a secure read flag, a secure write flag, a non-secure read flag, and a non-secure write flag. The semiconductor device of claim 3, wherein the security attribute information only includes a non-secure access flag. The semiconductor device of claim 1, wherein the memory protector is further configured to assign the first fragment page and the second fragment page to a security buffer. The semiconductor device of claim 6, wherein the memory protector is further configured to: divide the memory into a third window region, the third window region including a third having a third size A fragment page, and if the access request is not at least one of the secure read and the secure write, preventing the third fragmented page from being accessed by the processor. The semiconductor device of claim 7, wherein the memory protector is further configured to assign the third fragment page to the security buffer. The semiconductor device of claim 1, wherein the first size is 64 kilobits and the second size is 4 kilobytes. The semiconductor device of claim 1, wherein the memory comprises a dynamic random access memory. The semiconductor device of claim 1, wherein the memory comprises a secure area and a non-secure area, the processor is configured to: access the secure area by a secure address, and by non-secure Addressing to access the non-secure area, and the semiconductor device further comprises: a content firewall controller to prevent the processor (i) from writing secure content material into the non-secure area, or (ii) Reading system data stored in the non-secure area. The semiconductor device of claim 11, wherein the content firewall controller is configured to use a second page table, the second page table includes memory address information and security attributes about the memory address information News. The semiconductor device of claim 12, wherein the security attribute information comprises a secure read flag, a secure write flag, a non-secure read flag, and a non-secure write flag. The semiconductor device of claim 12, wherein the security attribute information includes only a secure read flag and a secure write flag. The semiconductor device of claim 11, wherein the content firewall controller is further configured to receive a physical address for accessing the memory from a memory management controller, the memory management controller Connected to the processor. A semiconductor device comprising: a memory comprising a first window region, a second window region, and a security buffer region, wherein the memory is used to reserve the security buffer region for secure content data; and the memory controller is configured to: Searching, in the first window area, a first fragmented page having a first size, assigning the first fragmented page to the secure buffer area, and searching for a second size in the second window area a second fragment page, the second size being smaller than the first size, and assigning the second fragment page to the security buffer area; and a memory protector for: to be related to the first window area And the information of the second window area is provided to the memory controller, and if the access request from the processor is not at least one of a secure read and a secure write, preventing the first fragmented page and The second fragmented page is accessed. A semiconductor device comprising: a memory protector for: dividing a memory into a window region and generating information associated with the window region; and a memory controller for: receiving the window and the window The region is associated with the generated information, and the secure buffer region is assigned to the memory based on the generated information associated with the window region. The semiconductor device of claim 17, wherein the window region comprises a first fragmented page having a first size and a second fragmented page having a second size. The semiconductor device of claim 18, wherein the memory protector is further configured to: prevent the first fragment page and the second fragment page from being accessed by a processor. The semiconductor device of claim 18, wherein the window region comprises a first window region portion and a second window region portion, the memory controller is configured to: receive from the processor for accessing the a command of the memory, searching for the first fragment page, the first fragment page being located in the first window region, assigning the first fragment page to the security buffer region, searching for the second a fragment, the second fragment being located in the second window region portion, the second size being smaller than the first size, and the second fragment page being assigned to the security buffer.