| 摘要 |
A protection unit of a subroutine stack accessible by a CPU controlled by one main software program, for storing and removing stack frame(s), the stack protection unit being coupleable to the stack and the CPU, comprising:
a processor coupled to a first and a second address register;
wherein, when a first stack frame is stored onto the stack and the execution of the main software program is suspended by the CPU due to the execution of a subroutine;
the processing unit is adapted to set one access rule based on the first and second address registers, preventing:
the ongoing subroutine, from accessing a hardware-protected region of the stack, comprising at least one stack frame associated with a return address from which the main software program resumes execution after termination of the execution of the subroutine.;A processor, a method and a computer program are also claimed. |
| 主权项 |
1. A stack protection unit for preventing unauthorized access to at least part of a memory stack, the memory stack having memory addresses extending between a top address and a bottom address, the memory stack being accessible by a processor for storing and removing at least one stack frame, the processor controllable by one main software program, the stack protection unit comprising:
a first and a second address register, each adapted to store an address of the stack; a third and a fourth address register, each adapted to store an address of the stack; and the processor, wherein the processor is coupled to the first and second address registers, wherein, when the execution of the main software program is suspended by the processor due to the execution of a first subroutine of the main software program, the processor is configured to: set at least one access rule based on at least the first and second address registers, preventing the ongoing subroutine from accessing at least a first hardware-protected region of the memory stack, the first hardware-protected region comprising at least one stack frame associated with a return address from which the main software program resumes execution after termination of the execution of the first subroutine; store onto the memory stack, a second stack frame comprising content of the second address register; store in the first address register, a bottom address associated with the second stack frame; store in the second address register, a top address associated with a third stack frame stored onto the memory stack by the main software program, the third stack frame comprising a return address from which the main software program resumes execution after termination of the execution of the first subroutine; set a first access rule preventing the first subroutine from accessing the first hardware-protected region of the memory stack, the first hardware-protected region extending between the address of the memory stack stored in the first address register and the address of the memory stack stored in the second address register; and wherein, when the execution of the first subroutine is suspended due to execution of at least one nested subroutine, the processor is further configured to store in the first address register a bottom address of the memory stack and to, until the nested subroutines have terminated execution, recursively:
store onto the memory stack, a fourth stack frame comprising content of the second address register;store in the fourth address register, content of the second address register;store in the third address register, a bottom address associated with the fourth stack frame;store in the second address register, a top address associated with a fifth stack frame stored onto the memory stack by the first subroutine or a nested subroutine, the fifth stack frame comprising a return address from which the first subroutine or a nested subroutine resumes execution after termination of the execution of an ongoing subroutine; andset a second access rule preventing the ongoing subroutine from accessing the first hardware-protected region of the memory stack, the first hardware-protected region extending between the address of the memory stack stored in the second address register and the address of the memory stack stored in the third address register, and a second hardware-protected region of the memory stack, the second hardware-protected region extending between the address of the memory stack stored in the first address register and the address of the memory stack stored in the fourth address register. |
