Secure processor and a program for a secure processor
First Claim
Patent Images
1. A processor configured to operate in a first mode in which an access to a secure address space is permitted or in a second mode in which an access to the secure address space is prohibited, the processor comprising:
- an execution circuit configured to output a first virtual address; and
a memory access control circuit including a translation look aside buffer which includes a plurality of entries, each of the plurality of entries being configured to include a virtual address and a physical address corresponding to the virtual address, the plurality of entries being configured to include a first subset configured to be referred in the first mode and second subset which is different from the first subset and is configured to be referred in the second mode, the memory access control circuit being configured to output a first physical address corresponding to the first virtual address by referring to the first subset of the translation look aside buffer in the first mode and the second subset of the translation look aside buffer in the second mode,wherein, by executing a first instruction code stored in the secure address space in the first mode, an second instruction code is checked in the first mode before the second instruction code is executed in the second mode, andthe memory access control circuit prohibits an access to the secure address space in the second mode in accordance with the second subset of the translation look aside buffer.
0 Assignments
0 Petitions
Accused Products
Abstract
The instruction code including an instruction code stored in the area where the encrypted instruction code is stored in a non-rewritable format is authenticated using a specific key which is specific to the core where the instruction code is executed or an authenticated key by a specific key to perform an encryption processing for the input and output data between the core and the outside.
70 Citations
7 Claims
-
1. A processor configured to operate in a first mode in which an access to a secure address space is permitted or in a second mode in which an access to the secure address space is prohibited, the processor comprising:
-
an execution circuit configured to output a first virtual address; and a memory access control circuit including a translation look aside buffer which includes a plurality of entries, each of the plurality of entries being configured to include a virtual address and a physical address corresponding to the virtual address, the plurality of entries being configured to include a first subset configured to be referred in the first mode and second subset which is different from the first subset and is configured to be referred in the second mode, the memory access control circuit being configured to output a first physical address corresponding to the first virtual address by referring to the first subset of the translation look aside buffer in the first mode and the second subset of the translation look aside buffer in the second mode, wherein, by executing a first instruction code stored in the secure address space in the first mode, an second instruction code is checked in the first mode before the second instruction code is executed in the second mode, and the memory access control circuit prohibits an access to the secure address space in the second mode in accordance with the second subset of the translation look aside buffer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A processor comprising:
-
an execution circuit configured to output a first virtual address; a mode register configured to indicate whether the processor is in a first mode in which an access to a secure address space is permitted or in a second mode in which an access to the secure address space is prohibited; and a memory access control circuit configured to output a first physical address corresponding to the first virtual address by referring to a first subset of a plurality of entries of a transaction look aside buffer in the first mode and a second subset of the plurality of entries of the translation look aside buffer in the second mode, the second subset being different from the first subset, wherein, by executing a first instruction code stored in the secure address space in the first mode, an second instruction code is checked in the first mode before the second instruction code is executed in the second mode, and the memory access control unit prohibits an access to the secure address space in the second mode in accordance with the second subset of the translation look aside buffer. - View Dependent Claims (7)
-
Specification