INFORMATION PROCESSING APPARATUS AND COMPUTER PROGRAM PRODUCT

US 20150089246A1
Filed: 09/10/2014
Published: 03/26/2015
Est. Priority Date: 09/20/2013
Status: Active Grant

First Claim

Patent Images

1. An information processing apparatus comprising:

a processor configured to be selectively switched between a secure mode and in a non-secure mode, set independent access rights for the respective modes to a memory, and perform certain data processing in the selected mode;

a secure operating system (OS) configured to run in the secure mode;

a non-secure OS configured to run in the non-secure mode; and

a monitor configured to switch between the secure OS and the non-secure OS, whereinthe secure OS includesa processing table management controller configured to store therein a physical address of data to be accessed in the memory and an access type in association with each other for each certain processing, the access type being read access or write access;

a memory protection setting controller configured to refer to the processing table management controller, and set a protection address in the memory for each certain processing, at least one of the read access and the write access by the non-secure OS being prohibited;

a processing determination controller configured to receive the access type and a physical address of an access destination, further receive data to be written when the access type is the write access, acquire a list of processing from the processing table management controller, and determine a type of processing to be performed;

a processing executing controller configured to receive, from the processing determination controller, the type of processing, the access type, and the physical address of the access destination, further receive, from the processing determination controller, the data to be written when the access type is the write access, acquire data from a secure device access controller when the access type is the read access, and perform the processing on the data;

the secure device access controller configured to receive the access type and the physical address of an access destination, further receive data to be written when the access type is the write access, and access a peripheral identified by the physical address; and

an entry controller configured to receive, from an OS switcher of the monitor, the access type and a physical address of an access destination, further receive, from the OS switcher, data to be written when the access type is the write access, call the processing determination controller, acquire read data from the processing determination controller when the access type is the read access, and call the OS switcher, andthe monitor includesthe OS switcher configured to control switching between the secure OS and the non-secure OS;

an instruction analysis controller configured to acquire an instruction implementation of which is rejected, determine the access type, acquire a virtual address of a read destination when the access type is the read access, and acquire data to be written when the access type is the write access; and

an address translation controller configured to translate the virtual address into the physical address by a page table of the non-secure OS.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to an embodiment, an information processing apparatus includes a secure OS, a non-secure OS, and a monitor. The monitor is configured to switch between the OSs. The secure OS includes a memory protection setting controller, a processing determination controller, and a secure device access controller. The memory protection setting controller is configured to set a protection address in a memory for each certain processing. The processing determination controller is configured to receive an access type, a physical address of an access destination, and data to be written, acquire a list of processing, and determine a type of processing to be performed. The secure device access controller is configured to receive the access type, the physical address of an access destination, and data to be written, and access a peripheral identified by the physical address.

Citations

7 Claims

1. An information processing apparatus comprising:
- a processor configured to be selectively switched between a secure mode and in a non-secure mode, set independent access rights for the respective modes to a memory, and perform certain data processing in the selected mode;
  
  a secure operating system (OS) configured to run in the secure mode;
  
  a non-secure OS configured to run in the non-secure mode; and
  
  a monitor configured to switch between the secure OS and the non-secure OS, whereinthe secure OS includesa processing table management controller configured to store therein a physical address of data to be accessed in the memory and an access type in association with each other for each certain processing, the access type being read access or write access;
  
  a memory protection setting controller configured to refer to the processing table management controller, and set a protection address in the memory for each certain processing, at least one of the read access and the write access by the non-secure OS being prohibited;
  
  a processing determination controller configured to receive the access type and a physical address of an access destination, further receive data to be written when the access type is the write access, acquire a list of processing from the processing table management controller, and determine a type of processing to be performed;
  
  a processing executing controller configured to receive, from the processing determination controller, the type of processing, the access type, and the physical address of the access destination, further receive, from the processing determination controller, the data to be written when the access type is the write access, acquire data from a secure device access controller when the access type is the read access, and perform the processing on the data;
  
  the secure device access controller configured to receive the access type and the physical address of an access destination, further receive data to be written when the access type is the write access, and access a peripheral identified by the physical address; and
  
  an entry controller configured to receive, from an OS switcher of the monitor, the access type and a physical address of an access destination, further receive, from the OS switcher, data to be written when the access type is the write access, call the processing determination controller, acquire read data from the processing determination controller when the access type is the read access, and call the OS switcher, andthe monitor includesthe OS switcher configured to control switching between the secure OS and the non-secure OS;
  
  an instruction analysis controller configured to acquire an instruction implementation of which is rejected, determine the access type, acquire a virtual address of a read destination when the access type is the read access, and acquire data to be written when the access type is the write access; and
  
  an address translation controller configured to translate the virtual address into the physical address by a page table of the non-secure OS.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus according to claim 1, further comprising:
    - a processing setting controller configured to update a setting of the processing stored in the processing table management controller; and
      
      an event detection controller configured to detect a certain event, and instruct the processing setting controller to change the setting of the processing when detecting the event.
  - 3. The apparatus according to claim 1, further comprising:
    - an interrupt controller configured to suspend running processing in response to an interrupt request to the peripheral;
      
      a trap controller configured to be called by the interrupt controller when the running processing is suspended, store therein an executing state of the suspended processing, and call the OS switcher; and
      
      a secure interrupt handler configured to be called when the OS is switched, call the processing determination controller, and call the OS switcher after completion of the interrupt request, whereinthe processing determination controller is configured to acquire processing coincident with the processing designated by the interrupt request from the processing table management controller, and pass the coincident processing to the processing executing controller, andthe processing executing controller is configured to perform the coincident processing, and thereafter call the secure interrupt handler.
  - 4. The apparatus according to claim 1, further comprising:
    - a protocol analysis controller configured to calculate a position in a packet from the physical address of the peripheral serving as the access destination; and
      
      a capsule controller configured to be called by the protocol analysis controller, encapsulate data, and decapsulate encapsulated data, whereinthe processing executing controller is configured to pass, to the protocol analysis controller, the physical address of the access destination and the access type, further pass, to the protocol analysis controller, data to be written when the type is the write access, and request the protocol analysis controller to transmit and receive the packet.
  - 5. The apparatus according to claim 1, further comprising:
    - a position analysis controller configured to analyze a storage access instruction when access to an instruction register for a storage is made, and acquire a position of the access destination in the storage;
      
      an encryption controller configured to be called by the position analysis controller by receiving the position in the storage, data, and type of processing, the type of processing being encryption or decryption, from the position analysis controller, and encrypt or decrypt the received data, whereinthe processing executing controller is configured to request the position analysis controller to analyze the instruction when the access to the instruction register for the storage is made.
  - 6. The apparatus according to claim 1, further comprising:
    - a position analysis controller configured to be called by the processing executing controller when access to an instruction register for a storage is made, analyze a storage access instruction, and acquire a position of the access destination in the storage; and
      
      a packet generation-analysis controller configured to receive a type of instruction when called by the processing executing controller, produce a packet sent to a network in accordance with the type of instruction, and analyze the packet received from the network.

7. A computer program product comprising a computer-readable medium containing a program executed by a computer that includes a processor configured to be selectively switched between a secure mode and in a non-secure mode, set independent access rights for the respective modes to a memory, and perform certain data processing in the selected mode, the program causing the computer to include:
- a secure operating system (OS) configured to run in the secure mode;
  
  a non-secure OS configured to run in the non-secure mode; and
  
  a monitor configured to switch between the secure OS and the non-secure OS, whereinthe secure OS includesa processing table management controller configured to store therein a physical address of data to be accessed in the memory and an access type in association with each other for each certain processing, the access type being read access or write access;
  
  a memory protection setting controller configured to refer to the processing table management controller, and set a protection address in the main memory for each certain processing, at least one of the read access and the write access to the protection address by the non-secure OS being prohibited;
  
  a processing determination controller configured to receive the access type and a physical address of an access destination, further receive data to be written when the access type is the write access, acquire a list of processing from the processing table management controller, and determine a type of processing to be performed;
  
  a processing executing controller configured to receive, from the processing determination controller, the type of processing, the access type, and the physical address of the access destination, further receive, from the processing determination controller, the data to be written when the access type is the write access, acquire data from a secure device access controller when the access type is the read access, and perform the processing on the data;
  
  the secure device access controller configured to receive the access type and the physical address of an access destination, further receive data to be written when the access type is the write access, and access a peripheral identified by the physical address; and
  
  an entry controller configured to receive, from an OS switcher of the monitor, the access type and a physical address of an access destination, further receive, from the OS switcher, data to be written when the access type is the write access, call the processing determination controller, acquire read data from the processing determination controller when the access type is the read access, and call the OS switcher, andthe monitor includesthe OS switcher configured to control switching between the secure OS and the non-secure OS;
  
  an instruction analysis controller configured to acquire an instruction implementation of which is rejected, determine the access type, acquire a virtual address of a read destination when the access type is the read access, and acquire data to be written when the access type is the write access; and
  
  an address translation controller configured to translate the virtual address into the physical address by a page table of the non-secure OS.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
KANAI, Jun, ISOZAKI, Hiroshi, KIZU, Toshiki, SASAKI, Shunsuke, SANO, Shintarou

Granted Patent

US 9,552,307 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 12/1491 in a hierarchical protectio...

G06F 2211/007 Encryption, En-/decode, En-...

INFORMATION PROCESSING APPARATUS AND COMPUTER PROGRAM PRODUCT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

INFORMATION PROCESSING APPARATUS AND COMPUTER PROGRAM PRODUCT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links