Consumer devices for media content, such as conditional access device Pay-TV decoders, typically comprise a processor, cryptographic circuits, memory and inputs and outputs for receiving, decoding and outputting media content signals.
An example of a conditional access device is described in EP 1548537 which is incorporated by reference, and is briefly described in relation to FIGS. 1 to 3 by way of background.
A schematic block diagram of an example of a simplified architecture of a processor and memory arrangement is shown in FIG. 1. A CPU 1 equipped with a cache memory 2 is coupled to a bus 3 communicating with peripheral elements. A RAM 4 containing the code lines of programs is coupled to bus 3. In practice, the programs contained in memory 4 generally originate from a mass storage device 5. To execute several different applications or programs temporarily stored in memory 4, the CPU 1 has a table of correspondence between so-called virtual addresses of the program which are independent from its storage location and so-called physical addresses corresponding to the physical addresses in the memory, for example memory 4, where the different program lines are stored. This correspondence table is generally implemented as a Memory Management Unit (MMU) and comprises buffers designated as a TLB (Translation Look Aside Buffer).
The operation of a Translation Look Aside Buffer (TLB) is schematically illustrated in FIG. 2 showing a correspondence table 10 and the exchanges between the cache memory or register containing this table and the different elements using it. On the side of CPU 1, each time an instruction of a program stored in RAM 4 is executed, this instruction is called by using virtual address VirtAD of this instruction corresponding to the address contained in the program. This virtual address is converted by table 10 into a physical address PhysAD where this instruction is located in RAM 4. RAM 4 then provides the corresponding instruction over the bus 3 (shown in FIG. 1) to the CPU.
If table 10 does not contain the correspondence between the two addresses, the CPU or, more specifically, a calculation program (block 11, CALC) of the operating system calculates a new correspondence line between the virtual address and the physical address, and writes it into correspondence table 10. Each time an application contained in RAM 4 is executed by the CPU, the operating system takes over and uses its internal structures to calculate the correspondence table for the involved program.
The integrated circuit of EP1548537 provides an improved security of execution by implementing a hardware procedure to check code that is to be executed and is shown in FIG. 3 as a schematic representation. The integrated circuit 20 comprises a CPU 22 arranged to execute code from physical memory 24 via a memory management unit 26 (MMU). In particular, the CPU executes code as a “virtualized” process in the sense that the CPU requests portions of code from the physical memory 24 according to addresses specified within the code, and those addresses are translated from virtual addresses in code to the physical address in physical memory 24. This allows, for example, two programs to use the same virtual location, but to be located at different physical locations in memory 24 thereby allowing two programs to run at the same time. The translation of addresses from virtual address to physical is performed within a memory management unit (MMU) 26 which includes a translation lookaside buffer (TLB) 27.
The memory management unit thereby translates virtual addresses to physical addresses, and allows management of memory resources as certain amounts of memory are required by a given program at any one time. The memory 24 is split into pages in known fashion (typically 4-8K portions). The MMU thus manages all translations and the TLB 27 comprises a subset of the translations that are actively required at any given time for the pages of code in memory 24.
When any given program from long-term storage is executed, pages of code are swapped into physical memory 24 and translations created in the TLB 27. As that process and other processes continue, pages are swapped in and out of the physical memory 24 to manage the memory resources. After running for some time, pages of code will be located in physical memory non-contiguously such that pages of code for one program will be mixed with pages of code from another program.
The CPU 22 has two modes of operation. A first mode is known variously as privileged mode or supervisor mode, is the mode in which the CPU executes the core operating system, also known as the kernel 30. A second mode is the user mode also known as non-privileged mode and in this mode the CPU is restricted to certain resources. The integrated circuit addresses the problem of knowing whether any code in the physical memory 24 has been “hacked” such that it is not authentic in the sense that the code was not provided by a trusted party but instead has been replaced by a non-trusted party.
It is important to be able to trust the core operating system or kernel 30 as if this can be trusted then techniques can be devised to ensure that the remaining code is authentic and can also be trusted. Such code could be user programs, for example. However, there is a problem in that the operating system when loaded will run from pages in memory having virtual addresses as previously described and so checking the kernel in physical memory 24 may not be sufficient to ensure that the instructions for the operating system executed by the CPU are authentic. Also if the exception vector is changed then the CPU might run the kernel from a completely different unchecked region. In the arrangement of FIG. 3 the memory management unit 26 is modified to provide security by exposing certain execution parameters on line 29 to a security device shown as instruction monitor 33. The additional security circuit shown as instruction monitor 33 receives the execution parameters, including instruction addresses, CPU operation mode (whether privileged or non-privileged) and a status indication showing that the instruction was executed to completion from the processor 23 and retrieves the instruction from memory 24. The instruction monitor performs a signature check on the code, such as by performing a hash function on the instructions and comparing to a stored signature in a known manner. In the event that the kernel code 30 fails the signature check then the instruction monitor 33 issues a chip reset on line 31.