Many systems contain a data storage device that can be accessed by several processing devices. For example, a graphics processor and a host processor within a computer system may access a shared portion of a memory. Another example is a digital television system, in which a graphics processor (e.g., a graphics chip) shares many system resources with a central processing unit on a processor chip. Typically, various processes executing on the various processors throughout a system can read and write to memory throughout the system. For example, the central processing unit may execute a spreadsheet or other software application that writes graphics images to a monitor, while a 3D graphics rendering engine writes 3D (three-dimensional) graphics images to the same monitor. Accordingly, both processors access information in a frame buffer such as VRAM (video random access memory), SDRAM or any other suitable memory used by the graphics processor.
A digital television system may be designed to receive a packetized video stream that is both encrypted (e.g., using a copy protection key or other encryption key) and compressed (e.g., using an MPEG encoder). The digital television system may include a decryption module that decrypts the received video stream to generate a compressed decrypted representation of the video stream. The compressed decrypted representation may be used directly, for example to update the VRAM, or it may be uncompressed to provide full images to the VRAM. Typically, the graphics processor stores the compressed decrypted representation within the VRAM. The compressed decrypted representation of the video stream is then uncompressed to generate an uncompressed decrypted representation of the video stream that is used by the graphics processor to provide images to the monitor.
Unfortunately, a compressed decrypted representation of the video stream can be a very attractive target for illicit copying, since it can easily be copied onto another media such as networked storage or a removable medium such as a hard disk, CD-ROM, or DVD and transferred to another digital television system for viewing. The encrypted video stream is a less attractive target for illicit copying since it is only useable by persons having access to a corresponding decryption key. The decrypted uncompressed video stream is likewise a less attractive target for illicit copying since it is so large and may require an inconveniently large amount of storage space.
When the graphics processor performs no function other than the decryption and decompression of encrypted, compressed video streams, the problem may be addressed simply by concealing the VRAM within the graphics processor. However, when the graphics processor resides within a digital television system, other processors typically have access to the VRAM. For example, processes executing on a central host processing unit may read data from the VRAM over a user accessible bus such as a PCI (peripheral component interconnect) bus to which both the graphics processor and the central processing unit are coupled.
Consequently, a need has arisen for a method and apparatus for securing data in shared memory systems.