摘要 |
A system switches between non-secure and secure modes by making processes, applications, and data for the non-secure mode unavailable to the secure mode and vice versa. The process thread run queue is modified to include a state flag for each process that indicates whether the process is a secure or non-secure process. A process scheduler traverses the queue and only allocates time to processes that have a state flag that matches the current mode. Running processes are marked to be idled and are flagged as unrunnable, depending on the security mode, when the process reaches an intercept point. The scheduler is switched to allow only threads that have a flag that corresponding to the active security mode to be run.
|