| 主权项 |
1. A secure processing unit, comprising:
a processor,
said processor capable of operating in a plurality of modes, at least one of said modes being a secure mode and at least one of said modes being a normal mode,said processor comprising one or more processor security registers,a first of said one or more processor security registers arranged to indicate whether or not the processor is operating in a secure mode; secure internal memory,
said secure internal memory being secured by hardware such that it is accessible only by the processor when said first processor security register indicates that the processor is operating in secure mode,said secure internal memory being divided into a plurality of regions, at least one of said plurality of regions containing logic for performing a process, and at least one of said plurality of regions being further restricted to accesses by the processor based on the values in a secure memory configuration register; a secure memory configuration register; logic to ensure that access to a restricted region of secure memory is only permitted when both:
(i) the first processor security register indicates that the processor is operating in a secure mode, and(ii) the secure memory configuration register contains values indicating that the access is permitted; and logic to ensure that the processor initializes in a secure state by default. |
