In modern computer systems, processors (or CPUs) and peripheral devices (e.g., everything else) are the two entities that attempt request access to system memory (i.e., authorization to read data from system memory or permission to write data to system memory). Examples of peripheral devices include input/output hardware devices including graphics cards, network cards, sound cards, disk drive controllers, off-load controllers, USB controllers, etc.
To process (e.g., check and translate) these access requests, two functional memory management units (MMUs) are typically utilized.
With respect to access requests that originate from a processor, a “regular” MMU checks and translates requests from the processor to access system memory.
With respect to access requests that originate from a peripheral device, in most cases, an input/output memory management unit (IOMMU) checks and translates requests from the peripheral device to access system memory. However, in some cases, the peripheral device is allowed to access system memory directly.
For example, Direct Memory Access (DMA) refers a commonly used technique that allows a CPU and peripheral devices to share system memory. DMA allows a peripheral device in a computer system to access system memory and perform data transfers between that peripheral device and system memory. In other words, DMA allows a peripheral device to transfer data without the help of the CPU, and therefore this type of data transfer is known as a direct memory access. For example, DMA allows peripheral devices to read from and/or write to system memory independently of the CPU. While a peripheral device is performing the DMA, the CPU can engage in other operations.
It would be desirable to provide a computer system that has improved security. For example, it would be desirable to prevent peripheral devices and/or processor cores of a CPU from accessing portions of system memory that are not to be accessed by those devices.
The background description provided herein is for the purpose of generally presenting the context of the disclosure. Work of the presently named inventors, to the extent it is described in this background section, as well as aspects of the description that may not otherwise qualify as prior art at the time of filing, are neither expressly nor impliedly admitted as prior art against the present disclosure