TRUSTED KERNEL-BASED ATTACK-PREVENTION DATA PROCESSOR

摘要

The present invention provides a trusted kernel-based anti-attack data processor, including: a trusted kernel exception vector table configured to provide a processing entry of kernel switching; a trusted kernel stack pointer register configured to store a trusted kernel stack pointer that points to a trusted kernel stack space; and a trusted site in the trusted kernel stack space, the trusted site including a program status register configured to store a flag bit of a starting kernel for the kernel switching, a program pointer, and a general register; wherein when the data processor performs kernel switching from a non-trusted kernel to a trusted kernel, the trusted kernel is addressed to the processing entry of the kernel switching and performs the switching. In the present invention, an underlying software protection mechanism can be provided for switching entries of a trusted kernel, so that switching between the trusted kernel and a non-trusted kernel is more secure.