1. Field of the Invention
The invention relates in general to a computing device and a method of controlling a computing device to process secure services, and more particularly, to a computing device in which a core of a processing unit is capable of processing multiple secure services based on one-time mode conversion, and a method of controlling a computing device to process secure services.
2. Description of the Related Art
To increase the security level of systems, cores of many current processing units support operations in a trusted execution environment (TEE, to be referred to as a secure mode). An environment in contrast with the TEE is referred to as an open execution environment (also known as a rich execution environment, REE, to be referred to as a general mode). In the general mode, the core of the processing unit executes a normal operation system (normal OS) to process mostly user-related operations, e.g., Internet browsing, multimedia playing and application downloading. In the secure mode, the core of the processing unit executes a secure operation system (secure OS) to process system and data security-related operations, e.g., secure services such as digital right management (DRM) and online payments. When a secure service arises, the core of the processing unit switches from the general mode to the secure mode to process the secure service. In practice, the core enters the secure mode from the general mode according to a predetermined secure mode calling instruction. For example, the instruction may be a secure monitor call (SMC) instruction designed by ARM, or a safer mode extension (SMX) instruction designed by Intel. One secure service usually has one corresponding service identification (service ID). For example, when the SMC instruction notifies the core to process a secure service, the service ID corresponding to the secure service is also issued. The core processes the secure service according to the service ID after having entered the secure mode, and returns to the general mode after having processed the secure service.
FIG. 1 shows a schematic diagram of a core of a conventional processing unit during conversion between a general mode and a secure mode. When a core 130, in a general mode 110, learns that a first secure service (service ID: 001) is generated at a time point T1, the core 130 issues an SMC instruction (e.g., SMC: 001) carrying a service ID 001 to enter a secure mode 120 to process the first secure service, and returns to the general mode 110 after having processed the first secure service. At a time point T2, when the core 130 learns that a second secure service (service ID: 002) is generated, the core 130 issues an SMC instruction (e.g., SMC: 002) carrying a service ID 002 to enter the secure mode 120 to process the second secure service, and returns to the general mode 110 after having processed the second secure service. In the above design, the core 130 is limited by one restriction—the core 130 having entered the secure mode can only process one secure service. More specifically, even when the second secure service is generated while the first secure service is being processed, the core 130 needs to wait till the first secure service is completely executed, return to the general mode 110 and then issue the second SMC instruction in order to process the second secure service. The above limitation poses a great restriction on the core when the core executes the secure OS to undesirable affect the processing unit and even overall performance of a computing device using the processing unit.