1. Field of the Invention
The present invention relates to a data processing apparatus and a method of protecting peripheral devices in the data processing apparatus. In particular, the present invention relates to a data processing apparatus including an arithmetic circuit that executes a program and a peripheral device protection circuit that controls access of the arithmetic circuit to peripheral devices, and a method of protecting peripheral devices in the data processing apparatus.
2. Description of Related Art
In a data processing apparatus including an arithmetic circuit that executes a program and peripheral devices accessed by the arithmetic circuit, the peripheral devices that can be accessed by the arithmetic circuit may be restricted depending on the program to be executed. By restricting the access to the peripheral devices, the peripheral device used by a presently running program is prevented from being accessed by another program that performs an unauthorized operation, for example.
An example of the data processing apparatus that performs the access control is disclosed in Japanese Unexamined Patent Application Publication No. 60-230248. Japanese Unexamined Patent Application Publication No. 60-230248 proposes a system for protecting a memory serving as one of peripheral devices. The system disclosed in Japanese Unexamined Patent Application Publication No. 60-230248 includes a plurality of memory protecting map registers and a plurality of memory protecting control bits for selecting the memory protecting map registers. Access to memory areas respectively corresponding to the contents of the memory protecting map registers is restricted, thereby preventing an unauthorized change of data stored in the memory areas respectively corresponding to the contents of the memory protecting map registers. Further, a combination of the memory protecting map registers to be used is selected by controlling the contents of the memory protecting control bits. Thus, switching of a memory protecting map is performed upon switching of a task executed by the arithmetic circuit.
Furthermore, Japanese Unexamined Patent Application Publication No. 2006-523347 discloses a method of restricting access of each of bus masters and a bus slave to peripheral devices in a data processing system in which the bus masters, the bus slave, and the peripheral devices are connected to one another via buses. As disclosed in Japanese Unexamined Patent Application Publication No. 2006-523347, a trusted bus master dynamically updates the authority and reliability attribute of the bus masters, and the access control of the peripheral devices, thereby improving the reliability in providing access to the peripheral devices in the data processing system.
In the technique disclosed in Japanese Unexamined Patent Application Publication No. 60-230248, however, it is necessary to perform setting of the access control for the peripheral devices individually for each program to be run on the system. For instance, regardless of whether the program is a trusted program like an OS or an untrusted program like a user application, it is necessary to perform setting of the access control individually for each program. In the system disclosed in Japanese Unexamined Patent Application Publication No. 2006-523347, the trusted bus master sets access control of an untrusted bus master and the like. Also in the technique disclosed in Japanese Unexamined Patent Application Publication No. 2006-523347, however, the setting for the access control is performed by a system designer or a program designer who designs a program to be run on the system. For this reason, it is necessary to ensure the setting for each program or system in order to improve the reliability. In the techniques disclosed in Japanese Unexamined Patent Application Publication Nos. 60-230248 and 2006-523347, if an error occurs in the setting of the access control itself, there arises a problem in that adequate reliability of the system cannot be secured because there is nothing to compensate for the error. Particularly in a system in which untrusted programs are supplied by a plurality of vendors, it is highly likely that an error occurs in the setting of the access control, which causes a problem of a significant reduction in reliability.
Further, when the setting for the access control is stored in a register or the like, even though the setting for the application is correct, the setting may be changed due to an error of hardware, such as a soft error. In the methods disclosed in Japanese Unexamined Patent Application Publication Nos. 60-230248 and 2006-523347, the access control is set only for each program or system. Accordingly, if the setting of the access control is changed due to the error of hardware, there is a fear that a malfunction occurs, since the system operates in accordance with the setting thus changed. In short, in the methods disclosed in Japanese Unexamined Patent Application Publication Nos. 60-230248 and 2006-523347, there is a problem in that adequate reliability cannot be secured due to the problem of the hardware error.