The present invention relates to a memory protection function (or data protection function) in a data transfer control apparatus, such as a DMAC (Direct Memory Access Controller), and, more specifically, to technology which is effective for application, for example, to a microcomputer (processor or microprocessor) and a data processing system having a memory management unit.
The load on a microcomputer, processor or CPU (Central Processing Unit) for effecting data transfer can be eased by use of a DMAC. In data transfer using a DMAC, a processor or CPU initially sets the transfer destination address or transfer source address into a transfer destination address register and transfer source address register in the DMAC, and the DMAC, having completed initial setting thereof, upon receiving the data transfer request, executes a data transfer by acquiring the bus right from the processor or CPU. As is obvious from this explanation, when a DMAC is provided, one access route is provided for the memory and register.
Nowadays, many computer systems support a virtual memory and provide substantial memory protection by means of a memory management unit (MMU). Therefore, when the processor and CPU make access to a register and memory, memory protection by the memory management unit can be realized. However, when the computer system includes a DMAC, since the CPU and processor set the data transfer destination address and transfer source address by direct memory access to the register in the DMAC as data, the memory protection is not effectuated in the course of an address conversion by the memory management unit. In other words, when a DMAC is provided between the MMU and an external input/output circuit, the transfer destination and transfer source address set in the DMAC are used directly as a physical address without passing through the MMU, and thereby the protection function performed by the MMU cannot be realized. Thereby, when the access route is provided by the DMAC, there is a fear that data or a program may be corrupted unexpectedly by an erroneous access to an access prohibited region or that security cannot be maintained because the OS (Operating System) and system data can be read freely.
The Japanese Patent Application Laid-open No. SHO 62-191950 describes a technique for memory protection which involves comparing an output address of the DMAC with a protection address, and the Japanese Patent Application Laid-open No. HEI 1-250162 describes a control system for write protection of a memory which involves comparing an output address of a DMAC with a write protect address. Moreover, the Japanese Patent Application Laid-open No. HEI 6-266648 describes a technique for intercepting an access to the main memory by a direct memory access control mechanism when the address output from the direct memory access control mechanism exceeds a data transfer allowable range on the main memory.
In addition, the Japanese Patent Application Laid-open No. HEI 2-297235 describes a technique involving a memory data protection circuit having region information indicating whether a relevant address region is a program region or a data region corresponding to an address of the main memory, making it possible to identify an irregular evens when the region information corresponding to the program fetch address of the main memory indicates a data region or to control a write request when the region information corresponding to the write address to the main memory indicates a program region.
Finally, Japanese Patent Application Laid-open No. HEI 6-119250 describes a technique for memory protection which involves forcibly setting a part of the output address signal of the device for DMA transfer control to a constant value.