The present invention concerns memory management in a computer system designs and pertains particularly to a secure memory management unit which utilizes a system processor to perform page swapping.
In order to protect against theft or misuse, secure information within a computing system can be encrypted before being stored in the memory for the computing system. When a secure integrated circuit uses the secure information, the secure information is transferred to the integrated circuit and decrypted before being used. Secure information returned to the memory for the computing system is encrypted before being stored.
Typically, decryption and encryption is handled by a secure memory management unit (SMMU) on the integrated circuit. When a processor requires the use of a page of secure information, the secure memory management unit on the integrated circuit obtains the page of secure information, decrypts the page of secure information and places the data in a cache memory for access by the processor. The cache is typically implemented using static random access memory (SRAM).
If, in order to bring in the page of secure information, a "dirty" page of information needs to be swapped out to memory, the SMMU performs the swap out of the "dirty" page of information before the new page is placed in the cache. A "dirty" page of information is a page of information which has been written to while in the cache where the changes made have not been written out to the system memory. If the "dirty" page of information contains secure information, the SMMU first encrypts the page before swapping the page out to system memory. While performing page swapping the SMMU holds off the processor while pages are being swapped to and from the processor cache.
One problem with typical hardware implementations of an SMMU is that to implement the functionality of an SMMU requires a lot of gates and complexity. However, for each particular project, the requirements for an SMMU may change requiring significant redesign of the SMMU.
Additionally, for typical implementations of SMMUs, considerable design time is required to configure the SMMU and once the final implementation is reached, the configuration of the SMMU can no longer be changed. See, for example, the VLSI Part Number VMS 310 and VLSI Part Number VMS 320 both available from VLSI Technology, Inc., having a business address of 1109 McKay Drive, San Jose, Calif. 95131.
In order to lessen the amount of hardware used to implement an hardware SMMU, a hardware DMA can be added to the integrated circuit to detect a page miss by the processor. After detecting a page miss, the DMA holds off the processor until the DMA has loaded and decrypted the next page of information. This requires the DMA to sit in-line with the processor and the memory subsystem. The DMA hardware also has to move the data through the encryption core and into the cache memory space. Such an implementation requires special care to meet timing and memory bus requirements. See, for example, the VLSI Part Number VMS 310 and VLSI Part Number VMS 320 both available from VLSI Technology, Inc.