首页>
外国专利>
Data processing apparatus and method for protecting secure data and program code from insecure access when switching between secure and less secure domains
Data processing apparatus and method for protecting secure data and program code from insecure access when switching between secure and less secure domains
展开▼
机译:当在安全域和次安全域之间切换时,用于保护安全数据和程序代码免受不安全访问的数据处理设备和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A data processing apparatus and method are provided for processing data. The data processing apparatus includes a processing circuit for executing a data processing operation in response to a program code, and a data store for storing data. The data store includes a safe area and a more secure data store. A plurality of regions including a low region. The secure area is configured to store sensitive data that is accessible by the processing circuit when operating in the secure domain and not accessible by the processing circuit when operating in the less secure domain. The data store also comprises a plurality of stacks including a secure stack in a secure area. The processing circuit includes a stack access circuit configured to store a predetermined processing state in the secure stack in response to an event that requires a transition from a secure domain to a less secure domain. Specifically, if the event is a first type event, the predetermined processing state stored by the stack access circuit is at least one return address stored at a predetermined relative location in the secure stack. Prepare. Conversely, if the event is a second event type, the predetermined processing state stored by the stack access circuit includes at least one first value stored at a predetermined relative position, The value of is not a valid address for program code. When the processing circuit receives a return of the first event type from the less secure domain to the secure domain, the processing circuit receives a first fault if the data stored at the predetermined relative position is the first value. It further comprises a fault check circuit configured to identify the condition. Such an approach provides protection against attacks from less secure domains that attempt to use a false return method, for example, performing a function call return from an exception, or an exception return from a function call.
展开▼