United States Patent [19]
`Takahashi et al.
`
`US005825878A
`[ii] Patent Number:
`[45] Date of Patent:
`
`5,825,878
`Oct. 20, 1998
`
`[54] SECURE MEMORY MANAGEMENT UNIT
`FOR MICROPROCESSOR
`
`5,452,355 9/1995 Coli .
`5,459,851 10/1995 Nakajima .
`
`[75]
`
`Inventors: Richard Takahashi, Phoenix, Ariz.;
`Daniel N. Heer, Newton, N.H.
`
`Primary Examiner—David Cain
`Attorney, Agent, or Firm—LaValle D. Ptak
`
`[73] Assignee: VLSI Technology, Inc., San Jose, Calif.
`
`[57]
`
`ABSTRACT
`
`[21] Appl. No.: 717,106
`
`Sep. 20, 1996
`
`[22] Filed:
`Int. Cl.6
`[51]
`[52] U.S. Cl
`[58] Field of Search
`
`H04L 9/00
`380/4; 380/25
`380/3, 4, 23, 25,
`380/52
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,377,264 12/1994 Lee .
`5,386,469 1/1995 Yearsley .
`
`A secure embedded memory management unit for a micro(cid:173)
`processor is used for encrypted instruction and data transfer
`from an external memory. Physical security is obtained by
`embedding the direct memory access controller on the same
`chip with a microprocessor core, an internal memory, and an
`encryption/decryption logic. Data transfer to and from an
`external memory takes place between the external memory
`and the memory controller of the memory management unit.
`All firmware to and from the external memory is handled on
`a page-by-page basis. Since all of the processing takes place
`on buses internal to the chip, detection of clear unencrypted
`instructions and data is prevented.
`
`7 Claims, 2 Drawing Sheets
`
`/4
`
`'Aco
`
`SECURE DMA
`
`DATA
`
`CONTROL
`
`ADDR
`
`ae
`
`'/2
`
`CPU
`CORE
`
`ADDRESS
`
`DATA
`
`SL
`EXTERNAL
`MEMORY
`
`MEMORY
`
`CONTROLLER ci=)
`0
`J £f
`
`KEY
`REGISTER
`SB
`
`20
`
`iS
`
`ENCRYPTION
`CORE
`
`SRAM
`
`V.
`
`_S^_
`
`$
`
`Page 1 of 10
`
`Unified Patents Exhibit 1005
`
`

`

`U.S. Patent
`
`Oct. 20, 1998
`
`Sheet 1 of 2
`
`5,825,878
`
`14
`
`-IO
`
`SECURE DMA
`
`DATA
`
`CONTROL
`
`ADDR
`
`06
`
`1 i
`
`'12
`
`CPU
`CORE
`
`ADDRESS
`
`DATA
`
`20 ^c
`
`ENCRYPTION
`CORE
`
`_y\v_
`
`MEMORY
`CONTROLLER
`
`SL
`EXTERNAL
`MEMORY
`
`»
`
`22 ZZ
`KEY
`REGISTER
`s*
`
`SRAM
`
`CPU
`CORE
`
`ENCRYPTION
`CORE
`
`DECRYPT
`
`MEMORY
`CONTROLLER
`
`«
`
`SRAM
`
`DMA READ CYCLE
`
`7^
`
`UL'JLIIJC^-
`
`10
`
`READ CYCLE
`ADDRESS START
`FINISH
`
`WRITE CYCLE
`
`ADDRESS f^
`
`Page 2 of 10
`
`

`

`U.S. Patent
`
`Oct. 20, 1998
`
`Sheet 2 of 2
`
`5,825,878
`
`CPU—ADDRCShO]
`— CS
`— R/W
`— MCLK
`— RESET-BAR
`- - C PU BUS CShOIl
`- • I RQ
`--DMA-ADDR [23:03
`--DMA-BUSC31:OD
`- - M U X - E NC
`- - M U X - S R AM
`- - M U X - M E M. CNTL.
`-—DMA R/W
`— D M A - CS
`- C PU WAIT-BAR
`
`f -- PAGE-ZERO ( 1,2)
`- E N D / D E C( 1,2)
`
`£^•30
`PAGE ADDRESS
`REGISTER-14 BITS
`
`£^38
`
`ry32
`CONTROL REG.
`16 BITS
`
`"
`
`STATE
`MACHINE
`
`-34
`
`-36
`
`LIMITADDRESS
`14 BITS
`
`40
`
`42,
`
`1
`
`C36
`
`LIMITADDRESS
`REGISTER-14 BITS
`
`CPU ADDR [23:113
`
`CPUADDR[23:||]
`<-•
`,
`147
`^PAGE-ZERO'
`O
`—
`T
`(48
`PAGE-ZERO 2
`o
`^
`
`[*"
`^
`(•49
`
`TO MEMORY
`CONTROLLER
`^
`
`^
`
`EXTERNAL
`^MEMORY
`PAGED
`PAGE1
`PAGE 2
`PAGE 3
`PAGE 4
`PAGES
`
`PAGE N
`
`J~I8
`
`II
`
`INTERNAL
`SRAM
`1024 X 32
`
`PHYSICAL
`MEMORY
`SPACE
`
`VIRTUAL
`ADDRESS
`SPACE
`
`FlILBc^J
`
`PAGE-ZERO
`
`'IL
`
`VCD
`
`14 BITS PAGE
`
`PAGE IN USE
`
`ADDR LIMITS
`
`IZL
`NEW PAGE OR
`EXTERNAL ACCESS
`
`INTERNAL
`SRAM
`
`'//
`
`EXTERNAL MEMORY
`
`'JLIBCDL
`
`Page 3 of 10
`
`

`

`5,825,878
`
`the
`
`1
`SECURE MEMORY MANAGEMENT UNIT
`FOR MICROPROCESSOR
`
`2
`BRIEF DESCRIPTION OF THE DRAWINGS
`,
`i
`, .
`, ,
`,
`,.
`,
`„„
`,
`,
`f
`,.
`FIG. 1 is a block diagram ot a preferred embodiment ot
`the invention;
`BACKGROUND
`FIG. 2 is a diagrammatic flow chart illustrating
`Various techniques have been employed for decrypting 5
`operation of embodiment of FIG. 1 for a read cycle;
`and encrypting
`firmware stored in an external memory
`the
`FIG. 3 is a diagrammatic flow chart illustrating
`associated with a microprocessor system. Encryption of
`operation of the embodiment of FIG. 1 for a write cycle;
`such firmware is used to prevent unauthorized parties from
`F IG 4 is a d e t ai ied diagrammatic representation of a
`determining instructions or data stored in the memory by
`reading out the information and then utilizing the informa- 10 portion of the circuit shown in FIG I-
`,,
`, . .
`.. , . .,
`,. , .
`tion. When this information is encrypted, unauthorized third
`. .
`•
`rjr,
`,,
`•
`,
`,
`,
`•
`FIG. 5 is acircuit detail useful in explaining the operation
`parties are not able to use it unless they can obtain access to
`,
`,.
`,
`1
`A A
`c ,,
`r rj^c
`of the embodiment ot FIGS. 1 and 4;
`,
`, „
`,
`•
`,
`•
`, „ ,
`,,
`•
`FIG. 6 is circuit detail of a portion of the embodiment of
`the unencrypted firmware which is handled by the micro(cid:173)
`FIGS. 1 and 4;
`processor.
`To prevent unauthorized access to the clear or unen(cid:173)
`is a diagrammatic representation of the relation-
`F I G- 7
`crypted instructions and data, physical security measures
`s h iP between memory space in the external memory and the
`have been developed by forming protective layers over a
`internal memory of the embodiment shown in FIG. 1; and
`memory device to limit visual access to the memory, even if
`FIG. 8 is a diagrammatic representation of the memory
`the encapsulation material over the chip is removed. Other
`techniques include employing polysilicon layers to carry the 20 organization of the internal memory of the embodiment
`signals; so that the signal transmission
`is invisible. In
`shown in FIG. 1.
`addition, using multi-layer chips with criss-crossing signal
`^^ 1 AILED DESCRIP 1 ION
`paths makes it difEcult to probe signal paths located in lower
`Reference now should be made to the drawings, in which
`layers. As encryption/decryption circuits become more
`t he s a me r e f e r e n ce n u mb e rs are used throughout the differ-
`complex, however, it frequently is necessary to modify the 25
`t he s a me components. FIG. 1 is a
`microprocessor core in some manner in order to operate with
`e nt
`figures
`to d e s i g n a te
`block diagram of a preferred embodiment of a secure
`tne security systems.
`memory management unit for a microprocessor system. The
`The Yearsley U.S. Pat. No. 5,386,469 is directed to a
`system shown in FIG. 1 is fabricated on a single integrated
`firmware encryption/decryption system operating in real
`time to decrypt incoming code from an external memory. 30 c i r c u it c h ip 10 f or Com m u ni c a t i on with an external memory
`This is accomplished by a program counter operating in
`1 1) w hich m ay be of any suitable type for storing informa-
`response to "enable bits" and "seed value" bits to determine
`tion used in the operation of the system on the chip 10. The
`when to "mask" the code using an encryption mask genera-
`m ain fu n ction of the secure memory management unit
`tor. The encryption mask of Yearsley is not a true encrypter
`(MMU) on the chip 10 is to read encrypted external program
`using a DES (Data Encryption Standard) algorithm. Each 35 c o de i n s t m c t i o ns a nd d a ta s t o r ed in t he e xt emal memory 11,
`clock cycle in the system of Yearsley unmasks the
`firmware
`to decrypt and store the information in a secure random
`in accordance with the seed and the program counter value
`a c c e ss memory (RAM) with an internal microprocessor
`in real time. In addition, some modification of the core
`c pu Core 12 then utilizing the information, which is stored
`microprocessor is necessary in order to use it with the
`fn the secure internal RAM.
`10 of F IG 1 ^ d e s i g n ed
`Yearsley system.
`^
`^^
`^^
`^ ^
`^
`to
`It is desirable to provide a secure memory management
`c a r ry o ut t h e se f ^ t i o n s. it should be noted that all of the
`unit which overcomes the disadvantages of the prior art, and
`p a rts s h o wn e n ci oSed within the dash-dot line or box 10 of
`which does not require any modification to the core micro-
`f a b r i c ated on the same integrated circuit chip
`F IG
`1 a re
`processor with which the memory management unit is used. ^
`techniques designed
`to physically
`ut i i izing fabrication
`SUMMARY OF THE INVENTION
`embed the components in the chip and to prevent access to
`•. c
`the internal buses and connectors shown interconnecting the
`.
`u AA A
`A
`A secure embedded memory management unit
`tor
`.
`,
`,
`.
`,
`.
`,
`,
`.
`,«
`. J J,
`t
`various components located within the box 10.
`A •
`.
`.•
`.
`c
`c
`.
`encrypted data and instruction transter trom an external
`r
`internal
`T he s e c u re M MU of F I G- * comprises a memory con-
`memory
`includes a microprocessor core, an
`memory, a direct memory access controller and encryption 50
`t r o l l er 16 a nd a s e c u re d l r e ct memory access controller 14,
`core all formed in the same IC chip. The direct access
`a l o ng w l th an S R AM memory 18 for program storage, and
`memory controller is interconnected by a bus to an external
`a s e c u re
`internal encryption core logic 20, along with a
`memory, where the encrypted instructions and data are
`microprocessor or central processing unit (CPU) core 12.
`stored. Encrypted information supplied to the memory con-
`Although an SRAM memory is shown, other types of
`troller from the external memory then is supplied, internally 55 read/write memories, such as EEPROM or FLASH ROM
`in the chip, from the memory controller to the encryption
`may be used as well. The memory 18 is divided into multiple
`core, where it is decrypted. The decrypted information then
`cache sections of various sizes. The various buses for
`is supplied to the internal memory coupled to the micropro-
`interconnecting these components for data, address and
`cessor core. The information stored in the internal memory
`control signals are illustrated in FIG. 1.
`is utilized in a conventional manner in its "clear" form by the 60
`The direct memory access (DMA) controller 14 and the
`microprocessor core. The reverse of this operation occurs
`memory controller 16 together operate to transfer instruc-
`when information is to be written to the external memory.
`tions between the external memory 11 and the internal
`Information passing from and to the external memory is
`SRAM memory 18. Through appropriate instructions, the
`loaded on a page-by-page basis; and once a page of
`firmware
`secure DMA controller 14 moves instruction from the exter-
`has been loaded from the external memory onto the chip, the 65 nal memory 11 through the memory controller 16 to the
`chip disables access to the bus to protect from any external
`decryption core 20, and finally, to the SRAM memory 18 for
`probing.
`a read cycle. For a write cycle, the instruction is moved from
`
`40
`
`Page 4 of 10
`
`

`

`5,825,878
`
`5
`
`the SRAM memory 18 to the encryption core 20, then to the
`memory controller 16, and finally, from the controller 16
`through a connecting bus to the external memory 11. All of
`these transfers of information are controlled by the secure
`DMA/MMU controller 14/16.
`Typically, on a first external instruction access, the secure
`DMA controller 14 puts the CPU core 12 in a wait state
`mode, or the CPU core 12 executes from an internal ROM
`(not shown) and reads the page of external encrypted
`program code or data containing the requested external page 1°
`address. The system operates to transfer information from
`and to the external memory 11 on a page-by-page basis. The
`page address can read or write up to 1,024x32 bit words.
`After the page of instructions has been written to the secure
`SRAM 18, the DMA controller 14 causes these instructions 15
`to be decrypted by sequentially transferring the contents of
`the secure internal SRAM 18 one 32-bit word at a time to the
`encryption and decryption core block 20. The cleared word
`is then written back to the SRAM 18.
`When the full page of instructions has been decrypted by
`the encryption core 20, the DMA controller 14 takes the
`CPU core 12 out of the wait state mode, and the CPU core
`12 reads the instruction located in the secure internal SRAM
`18. As noted, this instruction now is clear or decrypted
`information. If the next external instruction requested by the
`CPU core 12 is within the page of the secure internal SRAM
`18, the instruction is read in a single cycle from the secure
`internal SRAM 18. If the next external instruction requested
`is not in the page of the secure internal SRAM 18, the DMA
`controller 14 operates as described above, and the process is
`repeated. The process described may be altered, depending
`upon the configuration of the MMU control register con(cid:173)
`sisting of the DMA controller 14 and the memory controller
`16.
`The secure DMA controller 14 and memory controller 16
`is the interface which provides input/output (I/O) transfer of
`data directly to and from the external memory 11 by way of
`the memory controller unit 16, the encryption core 20, and
`the internal SRAM memory peripheral 18. The DMA con(cid:173)
`troller 14 is the preferred form of data transfer for use with
`high speed peripheral devices to speed the encrypted instruc(cid:173)
`tion transfer. The CPU core 12 utilizes the DMA controller
`14 by sending the selected page address to be transferred, the
`control configuration, and the limit addresses. This will be
`explained in greater detail in conjunction with FIG. 4.
`The actual transfer of data is done directly between the
`external memory 11 and the memory controller 16, through
`the DMA controller 14, which frees the CPU core 12 for
`other tasks. The major difference between an I/O program 50
`controlled transfer and the DMA controller 14 is that data
`transfer does not employ the registers of the CPU core 12.
`The transfer is done in the DMA controller 14 interface by
`first checking if the memory unit 18 is not used by the CPU
`core 12; and then the DMA controller 14 controls the 55
`memory cycle to access a word in the external memory 11.
`It should be noted that the system shown in FIG. 1 also
`employs the usual circuits of an interface, such as an address
`decoder, a control decoder, and state machine control logic
`(not shown, since these are standard components). In 60
`addition, the system uses a separate page address register, a
`limit address buffer register, and a page size count register
`(described in greater detail in conjunction with FIGS. 4, 5
`and 6). The address and buffer registers are used for direct
`communication with the memory controller 16. The page 65
`size register specifies the number of words to be transferred
`within a page. The CPU core 12, with the DMA controller
`
`14, includes a special state machine control section for the
`memory controller 16 to communicate with both the CPU
`core 12, the encryption core 20, the SRAM 18, and the DMA
`controller 14 on a priority basis.
`Both the CPU core 12 and the DMA controller 14 can
`communicate with the memory controller 16; but the DMA
`controller 14 has priority over the CPU core 12. A request bit
`in the control register in the DMA controller 14 is set when
`the corresponding CPU core 12 requests a memory cycle.
`The memory control 16 services both the CPU core 12 and
`the DMA controller 14, and resolves conflicts between the
`two requests. Whenever a DMA controller 14 memory cycle
`request is terminated, the memory controller 16 clears a
`corresponding request flip-flop (not shown) and the DMA
`controller 14 waits until a new page load memory cycle is
`requested.
`The design of the DMA controller 14 enables, but is not
`restricted to, allowing the code stored in the SRAM cache 18
`to be accessed by the CPU core 12 while the DMA controller
`14 is loading other sections of the cache. This increases the
`speed of operation of the system, allowing commonly used
`sections of code to be semi-permanently placed into the
`SRAM cache 18. This is accomplished by dividing the
`SRAM cache 18 into various sections of different sizes.
`Implementation of this feature may be accomplished by
`means of a hard division of the cache or a flexible division
`where the CPU core 12 and the DMA controller 14 access
`the memory 18 on alternate cycles of the system clock.
`Collision detection circuitry or software (not shown) also
`may be employed to prevent access to pages in the SRAM
`18 while these pages are being loaded or allow accesses to
`the pages being loaded when a piece of memory already has
`been loaded into the cache 18. Such detection circuitry
`recognizes a page as "in process", "loaded", or "unloaded".
`The unloaded and partially loaded pages operate in the same
`manner where the offset to the page is compared to a pointer
`loading data. The wait signal (shown in FIG. 4) is released
`once the actual data is loaded. For a new cycle, this occurs
`when the first instruction is loaded and continues a wait/load
`cycle until the code jumps out of this particular page. For a
`page in process, the code actually may be able to run a full
`routine and branch out prior to ever having a collision or a
`wait cycle.
`
`The initialization process for the system essentially is a
`program consisting of I/O instructions that include the page
`address and command codes for the DMA 14 interface. The
`CPU core 12 checks the status of the peripheral (external
`memory 11) and the DMA/MMU controller 14/16; and if all
`is in order, the CPU core 12 sends the following information
`through the I/O memory controller lines:
`1. The starting address of the page memory block where
`the instructions or data are available (for output) or
`where data are to be stored (for input) in the SRAM 18.
`2. The page size, which is the number of words in the page
`memory block.
`3. A control specifying an input or output transfer.
`4. A command to start the DMA/MMU controller 14/16.
`The starting page address, page size, and the control
`specifying the direction of transfer are stored in designated
`control registers in the DMA/MMU controller 14/16. The
`CPU core 12 then stops communicating with the DMA/
`MMU controller 14/16. The DMA controller 14, which
`controls the memory controller 16, handles all of the house(cid:173)
`keeping operations such as packing characters into words
`(for output) or unpacking words into characters (for input)
`and checks the status of the peripheral external memory 11.
`
`30
`
`35
`
`45
`
`Page 5 of 10
`
`

`

`5,825,878
`
`15
`
`When a word is ready to be read or written in the internal
`and data which have been transferred from the encrypted
`SRAM memory 18, the DMA/MMU controller 14/16 com(cid:173)
`form in the external memory 11.
`municates directly with the memory 18 and receives a
`No modifications whatsoever to the CPU core 12 are
`memory cycle for a word access.
`required; so that standard microprocessor cores may be used
`The DMA/MMU controller 14/16 interface first is con- 5
`in their unaltered state for the CPU core 12. No access is
`figured by the CPU core 12 for a page change. After that, the
`available to the clear data stored in the SRAM 18, since this
`DMA controller 14 starts and continues to transfer data
`data is buried within the chip 10 and standard multi-layer
`between the secure internal SRAM memory 18 and the
`protection measurements may be taken, along with multi(cid:173)
`peripheral external memory 11 through the memory con(cid:173)
`layer buses and circuit interconnections within the internal
`troller 16 until an entire block is transferred. When the io
`buses shown in FIG. 1. Thus, probing of the clear programs,
`transfer is completed, the DMA controller 14 compares the
`instructions, and data located within the chip 10 is not
`status report for the CPU core 12 and then sends an interrupt
`possible.
`request. When the CPU core 12 services the interrupt, it
`Reference now should be made to FIG. 3, which illus(cid:173)
`receives the status message from the DMA controller 14 and
`trates the operation of the system for a write transfer cycle
`checks to determine if the transfer was satisfactory.
`initiated by the DMA controller 14. Assume that the DMA
`After
`the DMA/MMU controller 14/16 has been
`controller 14 has been configured and a write request is
`configured, and a request is initiated by the DMA controller
`initiated. In this case, only the internal operating system
`14, the CPU core 12 is either switched to an internal ROM
`(O/S) can initiate a protected write of control instructions or
`for general housekeeping or it is put into a wait state. The
`data. The write mode of operation of the system actually
`DMA controller 14 then transfers a 32-bit word to the 20
`involves one or the other of two modes, namely 1) write data
`encryption core 20, which is set for a DES (Data Encryption
`only and 2) update and re-encrypt the external memory
`Standard) algorithm.
`instruction using another set of keys. The CPU core 12 uses
`Reference now also should be made to FIG. 2, which
`the internal ROM (associated with it and not shown in FIG.
`illustrates the operation of the system for reading encrypted
`1) to ensure the write sequence is controlled. The DMA
`data from the external memory and handling that data 25
`controller 14 transfers a 32-bit word from the SRAM 18 to
`internally of the chip 10 for utilization by the CPU core 12.
`the encryption core 20. Since the word stored in the SRAM
`When data is to be read from the external memory 11, a
`18 was "clear" or unencrypted, the transfer is made to the
`request is made by the DMA controller 14 for reading the
`encryption core 20, which then encrypts the word with the
`selected memory bank and address in the external memory
`DES algorithm in accordance with the key register 22. The
`11. This request is passed through the memory controller 16 30
`encrypted word of instruction then is supplied from the
`to the external memory 11. The word from the memory 11
`encryption core 20 to the memory controller 16, which
`which is to be transferred is then supplied over the line
`writes the instruction to the selected memory bank and
`marked "data" in FIG. 2 to the memory controller 16.
`address in the external memory 11. Thus, the new encrypted
`The word, after it is instruction formatted, is transferred
`instruction or data is stored in the external memory 11.
`from the memory controller 16 to the encryption core 20, 35
`where it is decrypted in accordance with the encryption code
`Once again, it should be noted that the only bus where a
`built into the system. The encryption code is uniquely
`probe of information can be obtained is the bus between the
`selected for each chip by means of a key register 22 (FIG.
`memory controller 16 and the external memory 11. At all
`1) initially programmed at the time of initial manufacture of
`times, whether information is being read from the external
`the chip 10 to establish the timing of the encryption core 20. 40
`memory 11 or written to the external memory 11, the
`This key register may be selected to be unique for every chip
`information on this bus is encrypted. The foregoing steps are
`10; so that no common key 22 is present, even though a large
`repeated until the full page size is written in the external
`number of different chips 10 may be used with different
`memory 11. Once the external memory page is written, the
`applications. The encryption key also may be downloaded
`DMA controller 14 re-enables the CPU core 12 for execu(cid:173)
`with a program uncovered by some other key (shared secret 45
`tion from the internal ROM associated with it. The new page
`key method) or loaded through public key methodologies.
`is stored in the external memory 11 as a block of consecutive
`The manner of loading the key is unimportant. Following
`locations.
`decryption of the word in the encryption core 20, the plain
`Reference now should be made to FIG. 4, which shows
`instruction is written to the SRAM memory 18. The steps are
`the DMA/MMU controller 14/16 circuits in greater detail,
`repeated until the page size is fully loaded in the SRAM 18. 50
`along with the designations of the various signals which are
`Once the SRAM 18 is loaded with clear, decrypted
`applied to and from the DMA controller 14 and the memory
`information, the DMA controller 14 interrupts or removes
`controller 16. As shown in FIG. 4, the DMA/MMU control(cid:173)
`the wait from the CPU core 12 for execution from the
`ler 14/16 includes a 14-bit page address register 30, a control
`SRAM memory 18. The system is configured to cause the
`register 32 (16 bits), a state machine 34 and a limit address
`page to be stored in the memory 18 as a block of consecutive 55
`register 36 (14 bits). The various controller signals are
`locations. The system programmer must design the SRAM
`shown as broken into three blocks 38, 40 and 42, with the
`to reserve space for data storage for a specific routine. Once
`inputs and outputs of the different blocks identified on the
`the data is in the SRAM 18, the interoperation between the
`various blocks. The specific names of the signals which are
`CPU core 12 and the SRAM 18 is in a conventional manner
`shown in FIG. 4, the signal type and signal description are
`for executing the program or operating upon the instructions
`given below in the following table:
`
`Page 6 of 10
`
`

`

`5,825,878
`
`TABLE 1
`
`Signal
`Type
`
`Signal Description
`
`I
`
`I
`
`Active low reset signal will reset all internal registers.
`This signal can be asynchronous to CLOCK.
`Clock - 50% duty cycle dock used for synchronous
`operation. MCLK is the 180 degrees out-phase with the
`ARM core dock.
`CONTROLLED MODE: DATA & CONTROL LINES
`32 bit data bi directional port for data, status, control
`I/O
`and command.
`32 bit address bus used to address the control, limit,
`page register. Also the DMA will monitor the address
`for page changes. This signal must be synchronous with
`MCLK. The ADDR[3:0] is also used to address the
`control, page, and limit registers when /CS is active.
`Intermpt active after the selected multiply cycle is
`complete. This is an active low output.
`Port Chip Select (Active Low) - This signal is used to
`select the I/O Port. This signal must be synchronous
`with MCLK.
`The R/-W input signal indicates if the I/O operation
`is a read (HIGH) or a write operation (low). R/-W is
`not latched internally . This signal must be
`synchronous with MCLK.
`When R/-W is high a write cycle is requested, logic
`zero indicates a read cycle.
`Multiplexer select for the SRAM block
`Multiplexer select for the encryptor block
`Muitipiexer select for the Memory Controller block
`CPU WAIT-bar is used to place the CPU in the wait
`state.
`Encryption and decryption dual (2) control lines to the
`encryptor core. These signals are used to insure the
`encryption core is configured correctly. A logic 1 is for
`encryption and logic 0 for decryption. The default state
`is 0 for decryption.
`Page-zero-1 and -2 are active low logic and used as the
`page address disable outputs (2) used to zero the page
`address field. The default state is zero for the first page
`read, otherwise a logic one to pass the CPU address
`[23:11].
`32 bit data bi directional port for DMA data transfer.
`24 bit address bus used to address for DMA transfer.
`
`I/O
`I
`
`DMA Chip Select (Active Low) - This signal is used to
`select the peripheral.
`The DMA R/-W input signal indicates if the I/O
`operation is a read (HIGH) or a write operation (low).
`R/-W is not latched internally. When R/-W is high a
`write cycle is requested, logic zero indicates a read cycle.
`
`Signal Name
`
`RESET-BAR
`
`MCLK
`
`CPU Bus [31:0]
`
`ADDR [31:0]
`
`IRQ
`
`/CS
`
`R/-W
`
`MUX-SRAM
`MUX-ENC
`MUX-MEM Cntl
`CPU WAIT-bar
`
`End/Dec-1,-2
`
`age-zero-1,-2
`
`DMA Bus [31:0]
`DMA ADDR
`[23:0]
`DMA/CS
`
`DMA R/-W
`
`The registers in the memory controller 16 which handle
`the control and status for the secure MMU are described
`next. The CPU core 12 can access the control/status register
`of the memory controller 16 only when the system is in the
`secure mode. The CPU core 12 address bits ADDR[1:0]
`selects the control or page or limit address when the signal
`CS is active. The R/W controls the direction of the register
`for the read or write cycle. The following table selects the
`required register:
`
`50
`
`55
`
`TABLE 2
`
`ADDR 1
`
`ADDR 0
`
`SELECTION
`
`this register. The control/status register determines the mode
`of operation of the secure DMA/MMU 14/16 and its current
`status. This register can be read or written to at any time by
`the CPU core 12. The register is as follows:
`
`TABLES
`
`7
`
`6
`
`5
`
`4
`
`3
`
`2
`
`1
`
`0
`
`New
`Page
`Detect
`
`P2
`(msb)
`page
`size
`
`Pl
`page
`srze
`
`P0
`(lsb)
`page
`size
`
`Bypass/
`Encrypt
`—2
`
`MASK
`WAIT
`
`REQ
`DMA
`
`Bypass/
`Encrypt
`-1
`
`LIMIT REGISTER HIGH
`CONTROL REGISTER
`PAGE REGISTER
`LIMIT REGISTER-LOW
`
`15
`
`60
`
`14
`
`13
`
`12
`
`11
`
`10
`
`9
`
`8
`
`not
`used
`
`not
`used
`
`Mem
`Bank
`sel2
`
`Mem
`Bank
`sell
`
`Mem
`Bank
`selO
`
`Alarm
`
`Page
`Mode
`_2
`
`Page
`Mode
`-1
`
`The control/status register is a 16-bit read and write
`register located at address [3:0]=0h. The CPU core 12 65
`address [3:0] is selected only when the CS shift select signal
`is active. The CPU core 12 data bus [15:0] reads or writes
`
`The bit descriptions of the 16 bits of the control/status
`register are as follows:
`
`Page 7 of 10
`
`

`

`5,825,878
`
`BIT DESCRIPTIONS
`
`Bypass/Encrypt 1, -2
`
`BIT [0]:
`
`BIT [3]
`
`Bypass/Encrypt-1 bit control the DMA 14 to bypass the
`secure MMU function. In other words the instruction from
`the external memory 11 is treated as plain text data. The jg
`redundant bit is located at bit 3. Both bits must conform to
`the table below:
`
`Bypass/Encrypt-l
`
`Bypass/Encrypt-2
`
`Function
`
`0
`1
`0
`1
`
`Encrypt/Decrypt(
`Encrypt/Decrypt
`Encrypt/Decrypt
`Bypass
`
`The bypass can only be set if both bits are l's. Otherwise
`the MMU will decrypt incoming data. Note: the encrypt or
`decrypt mode is set by the page write and page read control
`bits.
`
`25
`
`BITI:
`
`REQ DMA
`The REQ DMA is the control bit to start the DMA
`process. The default state is logic zero where the DMA 14
`is not in use. When this bit is set to a logic 1, the DMA 14 30
`is used and executes per the DMA function per the control
`register. After the DMA 14 completes transferring a page,
`this bit is reset to zero by the DMA state machine 34. Note:
`when REQ DMAis set to 1, the New Page Detect bit [7] will
`also be set. New page detect bit will also be cleared by the 35
`state machine, the same as the REQ DMA bit after the page
`transfer is complete.
`
`BIT 2: MASK WAIT
`The MASK WAIT is the control bit to enable or disable 40
`the CPU core 12 WAIT output. The default state is logic zero
`where the CPU core 12 WAIT output is enabled. When
`MASK WAIT is set to a logic 1, the CPU WAIT output is
`disabled.
`
`45
`
`BIT [4,5,6]: Page Size Selection: P2, Pl, PO
`The page size selection bits (P2, Pl, PO) determine the
`size of a given page in the following increments:
`
`10
`to occur. It should be noted that multiple pages are provided
`in the SRAM 18 both for data and instructions.
`
`BIT 7: New Page Detect Bit
`
`The page detect bit is a status bit to indicate the DMA 14
`has detected or, that a new page address has been detected
`on the CPU core 12 address [a26, 25, 24 is 011] indicating
`a new page is requested. The new page address will be
`compared to the limit address to verify the new page request
`is valid. If so, the new page address is passed to the memory
`controller unmodified. If the new page is invalid, the page
`zero 1, 2 outputs cause the page address to be zero. This is
`in accordance with the circuit shown in FIG. 5, which is a
`typical gate ofthe type used in the DMA controller 14 for the
`various functions. If the new page is invalid, an AND gate
`46 has its output coupled with the memory controller 16 for
`determining whether the new page address is valid or
`invalid. The inputs to the AND gate 46 comprise the CPU
`core 12 addresses [23:11] applied over a bus 47 to inputs of
`the gate 46. In addition, inputs for page-01 and page-02 are
`applied over inputs 48 and 49 to the gate 46. Whenever the
`output of the new page detect 46 is a " 1 ", the request DMA
`bit (REQ DMA) 1 of the control/status bit register also is set.
`If the new page request is invalid, the output from the gate
`46 is "0" and this zeros the page address.
`The new page detect bit also is cleared by the state
`machine 34 at FIG. 4 in accordance with the operation ofthe
`circuit shown in FIG. 6, after the page transfer is complete.
`A comparator 54 is used first to check if the page address is
`equal to or larger than a limit set by a limit address register
`36. Thus, if the address request from the CPU core 12,
`ADDR [23:11] applied over a bus 52 to the comparator 54,
`is equal to or greater than the limit address from the circuit
`50, the page-01, 2 asserts to a logic low at the output of the
`gate 62. This is effected by an output to the gate obtained
`from the state machine control input 64 and the outputs o