Abstract: A method of impeding leakage of cache access behavioral information of a section of a sensitive process to an untrusted process, said sensitive and untrusted processes being performed by a processor within a data processing apparatus, said data processing apparatus further comprising at least one cache operable to store information required by said processor while performing said sensitive and untrusted processes, the method comprising the steps of prior to commencing processing of a section of said sensitive process by said processor, evicting information stored in locations of said at least one cache which may otherwise be evicted by said sensitive process loading information that may be required by said section of said sensitive process in said at least one cache; commencing processing of said section of said sensitive process by said processor; switching said processor during processing of said section of said sensitive process to said untrusted process in response to a switching request; on switching bac

Abstract: A data processing apparatus is disclosed that comprises: at least one processor; a display for displaying data processed by said at least one processor; at least one display buffer for storing an array of display elements for subsequent output to said display, said display elements being secure display elements for displaying secure data and non-secure display elements; and a user interface; wherein said at least one processor is operable to execute at least one untrusted process and at least one secure process, said at least one secure process having access to secure data; said data processing apparatus further comprising: a secure user input for receiving a user input, said received user input not being accessible to said at least one untrusted process; and said data processing apparatus being responsive to an input received at said secure user input to transform data to be displayed on said display such that said secure display elements and said non-secure display elements are transformed differently to ea

Abstract: A data processing system 2 executes non-native program instructions using either a first execution environment 14 or a second execution environment 22. The first execution environment identifies at runtime if non-native program instructions to be executed are marked as intended for execution by the second execution environment. When such instructions are encountered the first execution environment triggers performance of data processing operations as specified by the one or more marked program instructions performed by the second execution environment. When those processing operations as specified by the one or more marked program instructions have been completed, a return is made to the first execution environment.

Abstract: A data processing system is provided with at least one processor 4, 6, a main memory 18 and a cache memory 14. Cache data within the cache memory 14 has validity data V and control data associated therewith. The control data controls access to the cached data. Program instructions executed by the processors 4, 6 control a cache controller 26 to modify the control data associated with the cached data while it remains stored within the cache memory 14 and remains valid. The control data may, for example, specify a security flags indicating whether access is restricted to secure processes or processors.

Abstract: A data processing apparatus and method are provided for performing power management. The data processing apparatus has a plurality of domains in which devices of the data processing apparatus can operate, and comprises at least one master device for performing operations and at least one slave device for use by such master devices when performing those operations. Each master device is arranged to issue a domain ID signal identifying the domain in which that master device is currently operating. Further, power control logic is provided for determining, based on the domain ID signal issued by the various master devices, whether any portion of a slave device is not currently useable, and if so to cause any such portion to enter a power saving state. This provides a particularly efficient technique for power management in such a data processing apparatus.

Abstract: An apparatus and method are provided for performing integrity checking of software code executing on a processing unit of the apparatus. The apparatus further includes debug logic used when debugging program code executed by the processing unit, and trusted logic for performing trusted integrity checking operations on less-trusted program code executed by the processing unit. The debug logic has an interface via which the trusted logic can program one or more control registers, that interface not being accessible by the less-trusted program code. The trusted logic programs the control registers so as to cause the debug logic to be re-used to detect one or more activities of the processing logic during execution of the less-trusted program code, and the trusted integrity checking operations performed by the trusted logic are influenced by the activities detected by the debug logic.

Abstract: A data processing apparatus is disclosed that comprises: at least one processor; a display for displaying data processed by said at least one processor; at least one display buffer for storing an array of display elements for subsequent output to said display, said display elements being secure display elements for displaying secure data and non-secure display elements; and a user interface; wherein said at least one processor is operable to execute at least one untrusted process and at least one secure process, said at least one secure process having access to secure data; said data processing apparatus further comprising: a secure user input for receiving a user input, said received user input not being accessible to said at least one untrusted process; and said data processing apparatus being responsive to an input received at said secure user input to transform data to be displayed on said display such that said secure display elements and said non-secure display elements are transformed differently to ea

Abstract: A data processing system 2 executes non-native program instructions using either a first execution environment 14 or a second execution environment 22. The first execution environment identifies at runtime if non-native program instructions to be executed are marked as intended for execution by the second execution environment. When such instructions are encountered the first execution environment triggers performance of data processing operations as specified by the one or more marked program instructions performed by the second execution environment. When those processing operations as specified by the one or more marked program instructions have been completed, a return is made to the first execution environment.

Abstract: A data processing system is provided with at least one processor 4, 6, a main memory 18 and a cache memory 14. Cache data within the cache memory 14 has validity data V and control data associated therewith. The control data controls access to the cached data. Program instructions executed by the processors 4, 6 control a cache controller 26 to modify the control data associated with the cached data whilst it remains stored within the cache memory 14 and remains valid. The control data may, for example, specify a security flags indicating whether access is restricted to secure processes or processors.

Abstract: A method of impeding leakage of cache access behavioural information of a section of a sensitive process to an untrusted process, said sensitive and untrusted processes being performed by a processor within a data processing apparatus, said data processing apparatus further comprising at least one cache operable to store information required by said processor while performing said sensitive and untrusted processes, the method comprising the steps of: prior to commencing processing of a section of said sensitive process by said processor, evicting information stored in locations of said at least one cache which may otherwise be evicted by said sensitive process loading information that may be required by said section of said sensitive process in said at least one cache; commencing processing of said section of said sensitive process by said processor; switching said processor during processing of said section of said sensitive process to said untrusted process in response to a switching request; on switching b

Abstract: A data processing apparatus and method are provided for managing access to a display buffer. The data processing apparatus has a display buffer for storing an array of display elements for subsequent output to a display controller, with each display element having a security permission indication associated therewith identifying whether that display element is a secure display element or a non-secure display element. At least one processing unit is provided for executing a non-secure process and a secure process, each process issuing access requests when seeking to access display elements in the display buffer, and each access request specifying a location in the display buffer. Interface logic is associated with the display buffer for receiving each access request and is arranged for at least each access request issued by the non-secure process to determine the security permission indication associated with the display element currently stored at the location specified by that access request.

Abstract: A smart card comprising a data store and a processor, said smart card being operable to connect with a host data processing apparatus, said smart card comprising authentication logic operable when connected to said host data processing apparatus to identify a secure data processing domain having predetermined properties within said host data processing apparatus and in response to identifying said secure data processing domain, said smart card is operable to delegate at least some data processing operations to be processed within said secure data processing domain of said host data processing apparatus.

Abstract: A data processing apparatus and method are provided for performing power management. The data processing apparatus has a plurality of domains in which devices of the data processing apparatus can operate, and comprises at least one master device for performing operations and at least one slave device for use by such master devices when performing those operations. Each master device is arranged to issue a domain ID signal identifying the domain in which that master device is currently operating. Further, power control logic is provided for determining, based on the domain ID signal issued by the various master devices, whether any portion of a slave device is not currently useable, and if so to cause any such portion to enter a power saving state. This provides a particularly efficient technique for power management in such a data processing apparatus.