Vectored interrupt control within a system having a secure domain and a non-secure domain
First Claim
1. Apparatus for processing data, said apparatus comprising:
- a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain or a non-secure domain, said plurality of modes including;
at least one secure mode being a mode in said secure domain; and
at least one non-secure mode being a mode in said non-secure domain;
wherein when said processor is executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode; and
a vectored interrupt controller operable to generate an exception handler address for supply to said processor in response to occurrence of an exception condition in accordance with programmable parameters specifying;
for each of a plurality of exception conditions, a domain value indicating whether said exception condition should trigger an exception handler in said secure domain or said non-secure domain;
for each of said plurality of exception conditions, an exception handler address for use if said exception condition occurs when said processor is operating in that one of said secure domain and said non-secure domain indicated by said domain value; and
at least one domain switching exception handler address shared between said plurality of exception conditions for use if said exception condition occurs when said processor is not operating in that one of said secure domain and said non-secure domain indicated by said domain value.
1 Assignment
0 Petitions
Accused Products
Abstract
A data processing apparatus is operable in a plurality of modes and in either a secure domain or a non-secure domain. When operating in a secure mode within the secure domain a program has access to secure data which is not accessible when the processor is operating in a non-secure mode. A vectored interrupt controller is provided to generate an exception handler address in response to an occurrence of an except condition. The vectored interrupt controller is programmable with parameters specifying for each exception condition whether an exception handler in the secure or the non-secure domain should be triggered and an exception handler address for use if the exception occurs when in the appropriate domain. The vectored interrupt controller also includes a parameter specifying a domain switching exception handler address for use if the exception condition occurs when the processor is not in the appropriate domain.
-
Citations
11 Claims
-
1. Apparatus for processing data, said apparatus comprising:
-
a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain or a non-secure domain, said plurality of modes including; at least one secure mode being a mode in said secure domain; and at least one non-secure mode being a mode in said non-secure domain; wherein when said processor is executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode; and a vectored interrupt controller operable to generate an exception handler address for supply to said processor in response to occurrence of an exception condition in accordance with programmable parameters specifying; for each of a plurality of exception conditions, a domain value indicating whether said exception condition should trigger an exception handler in said secure domain or said non-secure domain; for each of said plurality of exception conditions, an exception handler address for use if said exception condition occurs when said processor is operating in that one of said secure domain and said non-secure domain indicated by said domain value; and at least one domain switching exception handler address shared between said plurality of exception conditions for use if said exception condition occurs when said processor is not operating in that one of said secure domain and said non-secure domain indicated by said domain value. - View Dependent Claims (2, 3, 4, 5, 11)
-
-
6. A method of processing data, said method comprising the steps of:
-
executing a program with a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain or a non-secure domain, said plurality of modes including; at least one secure mode being a mode in said secure domain; and at least one non-secure mode being a mode in said non-secure domain; wherein when said processor is executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode; and generating with a vectored interrupt controller an exception handler address for supply to said processor in response to occurrence of an exception condition in accordance with programmable parameters specifying; for each of a plurality of exception conditions, a domain value indicating whether said exception condition should trigger an exception handler in said secure domain or said non-secure domain; for each of said plurality of exception conditions, an exception handler address for use if said exception condition occurs when said processor is operating in that one of said secure domain and said non-secure domain indicated by said domain value; and at least one domain switching exception handler address shared between said plurality of exception conditions for use if said exception condition occurs when said processor is not operating in that one of said secure domain and said non-secure domain indicated by said domain value. - View Dependent Claims (7, 8, 9, 10)
-
Specification