Many data processing systems and architectures provide ways of isolating and protecting sensitive data and sections of code from access by unauthorised persons or processes. Although it is important to be able to provide security there is an overhead in performance and circuit area associated with this protection.
One way of keeping data and code secure is provided by ARM® of Cambridge UK, with their TrustZone® architecture where there are secure and non-secure states and an exception instruction is used to transition between the states, the exception handler protecting the security of the secure side. Although this approach provides a high degree of security, considerable software intervention in the form of the software exception handler is required to change security states which both reduces the performance of the system and increases the amount of effort required to develop an external application program interface API for the secure software as all calls must be proxied through the exception hander.
For small systems such as microcontrollers the overheads present in TrustZone systems may not be tolerable, and so different methods for transitioning between states must be found that offer increased performance without compromising security.
One way of switching from a less secure to a more secure domain that has relatively low overheads and allows multiple entry points to the secure state uses a branch instruction to branch from the public domain to a function in the private domain. The function may contain a security checking routine at the start that checks that the process calling it has sufficient privileges to allow it to call the function, thus there may be password or other checks performed.
One way to avoid this checking would be to branch into the code at a point beyond the security checking routine. Another attack may involve branching into a private function towards the end of the function, and this may only result in the execution of one or two instructions before the function branches back to the public side. However, if this can be performed a multiple number of times, a function can be built up in what is termed return oriented programming.
U.S. Pat. No. 8,010,772 a patent granted to ARM® Ltd of Cambridge UK discloses a way of inhibiting the ability of an attacker to jump to the middle of a function with the use of a permitted instruction located at the start of such a function, the processing circuitry verifying that a branch instruction from a less secure domain branches to this permitted instruction when it branches to a more secure domain. A disadvantage of this system is that it requires the processor to know that the instruction that sent it to the permitted instruction was a branch instruction from a less secure domain.
FIG. 1 shows an example of program code in which there is a branch from a public side to a permitted instruction PG on the private side. Where, as is shown in FIG. 1, an exception occurs between the branch instruction and the permitted instruction, as this causes exception handling code to be executed before the PG instruction the processor will not be able to determine in any straightforward manner which instruction caused it to branch. One way to address the problem of an exception occurring at this point would be with the use of a flag that could be set when the branch instruction is executed such that even if an exception occurs the later instruction will know that a branch from the less secure domain had occurred earlier and had not yet been checked. However, this leads to potential security implications as the flag itself could be tampered with.
It would be desirable to improve the security of switching between states in a processing efficient manner.