CN109684126B - Memory verification method for ARM equipment and ARM equipment for executing memory verification - Google Patents

Memory verification method for ARM equipment and ARM equipment for executing memory verification Download PDF

Info

Publication number
CN109684126B
CN109684126B CN201811589122.3A CN201811589122A CN109684126B CN 109684126 B CN109684126 B CN 109684126B CN 201811589122 A CN201811589122 A CN 201811589122A CN 109684126 B CN109684126 B CN 109684126B
Authority
CN
China
Prior art keywords
coprocessor
memory
domain
configuring
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811589122.3A
Other languages
Chinese (zh)
Other versions
CN109684126A (en
Inventor
刘航
隆婷
于永庆
靳慧杰
金正雄
刘戈
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Huaxin Semiconductor Technology Co ltd
Original Assignee
Guizhou Huaxintong Semiconductor Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Huaxintong Semiconductor Technology Co ltd filed Critical Guizhou Huaxintong Semiconductor Technology Co ltd
Priority to CN201811589122.3A priority Critical patent/CN109684126B/en
Publication of CN109684126A publication Critical patent/CN109684126A/en
Application granted granted Critical
Publication of CN109684126B publication Critical patent/CN109684126B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • G06F11/10Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
    • G06F11/1008Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices
    • G06F11/1012Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices using codes or arrangements adapted for a specific type of error
    • G06F11/1016Error in accessing a memory location, i.e. addressing error
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/06Addressing a physical block of locations, e.g. base addressing, module addressing, memory dedication
    • G06F12/0646Configuration or reconfiguration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches

Abstract

A memory verification method for an ARM device and an ARM device performing memory verification are provided. The ARM equipment comprises a central processing unit and a coprocessor, wherein the central processing unit can operate in a common domain and a security domain, and the memory checking method comprises the following steps: receiving a security monitoring call SMC instruction in a common domain through a central processing unit; responding to the SMC instruction, switching the central processor from the common domain to the security domain for operation, and enabling the coprocessor of the ARM equipment; executing memory check calculation through the coprocessor, and outputting a calculation result to the security domain; and comparing the calculation result with comparison data for memory verification through the central processing unit, determining a memory verification result based on the comparison, and outputting the memory verification result to a common domain.

Description

Memory verification method for ARM equipment and ARM equipment for executing memory verification
Technical Field
The present disclosure relates to a memory verification method for an ARM device and an ARM device performing memory verification.
Background
The ARM device has a central processor and a coprocessor. Coprocessors may be used to relieve the central processor of certain processing tasks for various coprocessing operations. In the process of program execution, each coprocessor only executes coprocessing instructions for the coprocessor, and instructions of the central processor and other coprocessors are ignored. A coprocessor extends core processing functionality by extending the instruction set or providing configuration registers. One or more coprocessors may be connected to the ARM core through a coprocessor interface.
The ARM TrustZone architecture is intended to provide a security framework to enable devices to defend against many specific threats to be encountered. TrustZone conceptually divides hardware and software resources of a system on chip (SoC) into a security domain (Secure World) and a Normal domain (Normal World), all operations needing to be kept secret are executed in the security domain (such as fingerprint identification, cryptographic processing, data encryption and decryption, security authentication and the like), and the rest operations are executed in the Normal domain (such as a user operating system, various application programs and the like). A Central Processing Unit (CPU) can operate in a secure domain and a normal domain and transition between these two operating environments through a Mode called Monitor Mode. Specifically, when the CPU needs to perform the execution environment switching, it first enters the monitoring mode and performs the execution environment switching after storing the state of the current execution environment in this mode. The switching of the execution environment is mainly initiated by two types of behaviors, the first of which is more commonly occurring, i.e., executing an instruction called a "security Monitor Call" (SMC). The instruction switches the operating environment in which the CPU is currently located. The second way is to perform the switching of the execution environment through some specific hardware exception mechanism, for example, switching the execution environment through configuration Interrupt Request (IRQ), fast interrupt request (FIQ), and the like. The TrustZone technology ensures that programs (including operating systems) in the normal domain cannot access hardware resources allocated to the secure domain, while programs in the secure domain can access all hardware resources of the two domains, and the secure domain can also dynamically partition the hardware resources.
The memory verification means, for example, performing data integrity verification on data in the memory by using a method such as hashing. Generally, if the data calculation result does not match the original data, it indicates that the data integrity is in problem and the system or software attack is risked. The current solution for memory verification is to add a hook function to an operating system to perform computation on memory data, or perform computation or result comparison through an external computing chip, such as a Trusted Platform Module (TPM) or a Trusted Cryptography Module (TCM).
Disclosure of Invention
At least one embodiment of the present disclosure provides a memory verification method for an ARM device and an ARM device performing memory verification, in which a hardware coprocessor in the ARM device is used to perform verification calculation on memory data, and a calculation result is output to a security domain, so that the security of measurement is fully ensured, and the granularity of a verified memory can reach a thread level.
In a first aspect, the present disclosure provides a method for memory verification of an ARM device, where the ARM device may include a central processing unit and a coprocessor, the central processing unit may be capable of operating in a normal domain and a secure domain, and the method may include: receiving a security monitoring call SMC instruction in a common domain through a central processing unit; responding to the SMC instruction, switching the central processor from the common domain to the security domain for operation, and enabling the coprocessor of the ARM equipment; executing memory check calculation through the coprocessor, and outputting a calculation result to the security domain; and comparing the calculation result with comparison data for memory verification through the central processing unit, determining a memory verification result based on the comparison, and outputting the memory verification result to a common domain.
With reference to the first aspect, in an implementation manner of the first aspect, the SMC instruction includes a virtual address of the memory to be checked and a data byte length of the memory to be checked.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, comparison data for memory verification is prepared based on a virtual address of a memory to be verified included in the SMC instruction and a data byte length of the memory to be verified.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, the coprocessor that enables the ARM device includes: initializing the coprocessor; configuring each register of the coprocessor; and enabling the coprocessor to begin operation.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, the initializing the coprocessor includes: configuring a configuration interface security domain attribute register of the coprocessor to ensure that each register of the coprocessor can only be configured by a central processing unit of a security domain; configuring a Direct Memory Access (DMA) read security attribute register of the coprocessor to enable the coprocessor to carry out read operation in a common domain; and configuring a Direct Memory Access (DMA) write security attribute register of the coprocessor to enable the coprocessor to write in a security domain.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, the SMC instruction includes a virtual address of a memory to be checked and a data byte length of the memory to be checked, and the configuring each register of the coprocessor includes: configuring a read address of a read address register of the coprocessor as the virtual address; configuring the write address of the write address register of the coprocessor into a virtual address allocated by a central processing unit in a security domain; configuring a data byte length register of the coprocessor based on the data byte length; and configuring an algorithm mode register of the coprocessor.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, the configuring the algorithm mode register of the coprocessor includes selecting an algorithm for memory check calculation.
With reference to the first aspect and the foregoing implementation manner of the first aspect, in another implementation manner of the first aspect, the executing, by the coprocessor, a memory check calculation, and outputting a calculation result to the secure domain includes: the coprocessor acquires a physical address corresponding to a virtual address of a memory to be checked included in an SMC instruction by sharing a page table with a Memory Management Unit (MMU) of the central processing unit, and performs read operation in a common domain based on the physical address and the data byte length of the memory to be checked included in the SMC instruction to acquire data in the memory to be checked; the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on an algorithm for memory check calculation, and acquires a calculation result; and the coprocessor carries out write operation in the security domain and writes the calculation result into a virtual address distributed by the central processing unit in the security domain.
In a second aspect, the present disclosure provides an ARM device for performing memory verification, where the ARM device may include: the central processing unit is configured to operate in a common domain and a security domain, and responds to the receiving of a security monitoring call SMC instruction in the common domain, and switches from the common domain to the security domain to operate; and a coprocessor connected to the central processor through a bus, configured to be enabled by the central processor operating in a secure domain, perform memory check calculations after being enabled, and output calculation results into the secure domain; the central processing unit is further configured to compare the calculation result with comparison data for memory verification, determine a memory verification result based on the comparison, and output the memory verification result to a common domain.
With reference to the second aspect, in an implementation manner of the second aspect, the SMC instruction includes a virtual address of the memory to be checked and a data byte length of the memory to be checked.
With reference to the second aspect and the foregoing implementation manner, in another implementation manner of the second aspect, the central processing unit prepares comparison data for memory verification based on a virtual address of a memory to be verified included in the SMC instruction and a data byte length of the memory to be verified.
With reference to the second aspect and the foregoing implementation manner of the second aspect, in another implementation manner of the second aspect, the enabling, by the central processor, the coprocessor includes: initializing the coprocessor; configuring each register of the coprocessor; and enabling the coprocessor to begin operation.
With reference to the second aspect and the foregoing implementation manner of the second aspect, in another implementation manner of the second aspect, the initializing the coprocessor includes: configuring a configuration interface security domain attribute register of the coprocessor to ensure that each register of the coprocessor can only be configured by a central processing unit of a security domain; configuring a Direct Memory Access (DMA) read security attribute register of the coprocessor to enable the coprocessor to carry out read operation in a common domain; and configuring a Direct Memory Access (DMA) write security attribute register of the coprocessor to enable the coprocessor to write in a security domain.
With reference to the second aspect and the foregoing implementation manner of the second aspect, in another implementation manner of the second aspect, the SMC instruction includes a virtual address of a memory to be checked and a data byte length of the memory to be checked, and the configuring each register of the coprocessor includes: configuring a read address of a read address register of the coprocessor as the virtual address; configuring the write address of the write address register of the coprocessor into a virtual address allocated by a central processing unit in a security domain; configuring a data byte length register of the coprocessor based on the data byte length; and configuring an algorithm mode register of the coprocessor.
With reference to the second aspect and the foregoing implementation manner of the second aspect, in another implementation manner of the second aspect, the configuring the algorithm mode register of the coprocessor includes selecting an algorithm for memory check calculation.
With reference to the second aspect and the foregoing implementation manner of the second aspect, in another implementation manner of the second aspect, the executing, by the coprocessor, a memory check calculation, and outputting a calculation result to the secure domain includes: the coprocessor acquires a physical address corresponding to a virtual address of a memory to be checked, which is included by an SMC instruction, by sharing a page table with a memory management unit of the central processing unit, and performs read operation in a common domain based on the physical address and the data byte length of the memory to be checked, which is included by the SMC instruction, to acquire data in the memory to be checked; the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on an algorithm for memory check calculation, and acquires a calculation result; and the coprocessor carries out write operation in the security domain and writes the calculation result into a virtual address distributed by the central processing unit in the security domain.
The method and the equipment according to the embodiment of the disclosure perform verification on the basis of the hardware coprocessor, have higher computational efficiency than software implementation, and have higher efficiency. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the MMU of the central processor, memory detection can be done at multiple granularities including process application on the virtual machine to the kernel and software monitor layer (hypervisor).
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and it is obvious for those skilled in the art that other drawings can be obtained based on the drawings without inventive efforts.
FIG. 1 is a schematic diagram illustrating a scenario to which embodiments according to the present disclosure are applied;
FIG. 2 is a conceptual diagram schematically illustrating a memory verification process for an ARM device according to an embodiment of the present disclosure;
figure 3 is a flow diagram schematically illustrating a method for memory verification for an ARM device, in accordance with an embodiment of the present disclosure;
FIG. 4 is a flow chart schematically illustrating a process of enabling a coprocessor in the method for memory checking of an ARM device according to an embodiment of the present disclosure;
FIG. 5 is a flow chart schematically illustrating a process of initializing a coprocessor in the process of enabling the coprocessor of FIG. 4;
FIG. 6 is a flow chart schematically illustrating a process of configuring various registers of the coprocessor in the process of enabling the coprocessor of FIG. 4;
fig. 7 is a flowchart schematically illustrating a process of performing memory check calculation by a coprocessor and outputting the calculation result to a security domain in the method for memory check of an ARM device according to an embodiment of the present disclosure;
figure 8 is a block diagram schematically illustrating an ARM device performing memory checks according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
The dynamic verification of the memory of the software during operation needs frequent operations of verification algorithms such as hash algorithm, and the operation is time-consuming and inefficient. In addition, the calculation result of the above-mentioned verification algorithm is generated in a non-secure state, which greatly increases the risk of measurement, that is, if the calculation result is tampered, the accuracy of subsequent verification cannot be guaranteed. And if a special chip is adopted for calculation, the dynamic metric is limited due to the low interface speed and the low chip dominant frequency.
At least one embodiment of the present disclosure provides a memory verification method for an ARM device and an ARM device for performing memory verification, which perform verification calculation on memory data based on a hardware coprocessor in the ARM device, and have higher calculation efficiency than software implementation and higher efficiency. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the central processor's MMU, memory detection can be done at a variety of granularities, including process application on virtual machines to kernel and software monitor layers.
Fig. 1 is a schematic diagram illustrating a scenario 100 to which embodiments according to the present disclosure are applied. In fig. 1, three hardware components in the ARM device are shown, respectively, a Central Processing Unit (CPU) 101, a coprocessor 102 connected to the CPU101 through a bus according to the embodiment of the present disclosure, and a memory. Taking the ARM TrustZone architecture as an example, the memory is divided into a normal domain memory 103 and a secure domain memory 104, and the CPU101 can operate in the secure domain and the normal domain. For example, the CPU101 may switch from the normal domain to the secure domain for operation after receiving an SMC instruction issued by the client application 105. When accessing a Memory, a CPU needs to convert a virtual address into a physical address through a Memory Management Unit (hereinafter referred to as MMU), and then access the Memory through a bus. Coprocessors according to embodiments of the present disclosure access memory over a bus by sharing page tables with the MMU of the CPU. The ARM device may be, for example, a smart phone, a tablet computer, a smart television, and the like, which is not limited in this disclosure. It is to be understood that although fig. 1 shows only one coprocessor and memory, it is to be understood that the number of the coprocessor and memory may be more than one.
Specific practical examples are as follows. The client application 105 requests a memory check and sends SMC commands at regular intervals or on an irregular basis. After receiving the SMC instruction, the CPU101 switches from the normal domain to the secure domain to operate and enables the coprocessor 102. The coprocessor 102 performs a data reading operation on the normal domain memory 103 and a data writing operation on the secure domain memory 104 to perform a check calculation on the memory data and output the calculation result to the secure domain, which has higher efficiency, fully ensures the security of the measurement, and can perform memory detection with various granularities because the coprocessor and the MMU of the CPU share a page table.
Fig. 2 is a conceptual diagram schematically illustrating a memory check process of an ARM device according to an embodiment of the present disclosure. As shown in fig. 2, the client application in the normal domain requests to perform memory check and send the SMC command at regular time intervals or at irregular time intervals. And after receiving the SMC instruction, the CPU switches from the common domain to the security domain to operate and enables the coprocessor. The coprocessor reads data used for memory check calculation in the common domain memory and executes the memory check calculation. And after obtaining the calculation result, the coprocessor writes the calculation result into the security domain memory. And the CPU operating in the security domain compares the calculation result with comparison data for memory verification, and determines a memory verification result based on the comparison. And then, the CPU switches back to the common domain for operation, and outputs the memory verification result to the client application program in the common domain.
By outputting the memory checking calculation result to the security domain, the measuring security is fully ensured, and the memory detection with various granularities can be carried out, and the granularity of the checked memory can reach the thread level.
Figure 3 is a flow diagram schematically illustrating a method 300 for memory verification for ARM devices, in accordance with an embodiment of the present disclosure. The ARM device comprises a CPU and a coprocessor, wherein the CPU can operate in a common domain and a security domain. As shown in fig. 3, the method includes: receiving, by the CPU, an SMC security monitoring call instruction in the normal domain (S310); in response to the SMC instruction, the CPU switches from the normal domain to the secure domain to operate and enables the coprocessor of the ARM device (S320); performing a memory check calculation by the coprocessor and outputting a calculation result to the security domain (S330); and comparing the calculation result with comparison data for memory verification through the CPU, determining a memory verification result based on the comparison, and outputting the memory verification result to a general domain (S340).
By way of example, the SMC instruction includes a virtual address of the memory to be verified and a data byte length of the memory to be verified.
The processor of the ARM device includes a total of 4 operating levels, i.e., EL0, EL1, EL2, EL 3. Switching between the normal domain and the secure domain must go through EL 3. The SMC instruction is a standard instruction under an ARM device architecture, and the SMC instruction initiated in the normal domain causes the processor of the ARM device to switch to the EL3 running stage in an interrupt or exception manner, so as to complete the switching from the normal domain to the secure domain, and the standard parameter of the SMC instruction is transmitted to the relevant information of the memory to be measured, including the virtual address of the memory to be checked and the data byte length of the memory to be checked.
According to one exemplary implementation of the present disclosure, a client application under a normal domain may request a memory check and send an SMC command at equal intervals, for example, every 10 seconds. Alternatively, according to another embodiment of the present disclosure, a client application under a normal domain may request a memory check and send an SMC instruction at an indefinite time. This is not limited by the present application.
According to an exemplary implementation of the present disclosure, the coprocessor may obtain a physical address of the memory to be checked based on the virtual address of the memory to be checked according to a page table in the MMU of the CPU, and obtain data on which memory check calculation needs to be performed according to the physical address and the data byte length of the memory to be checked.
According to one example implementation of the present disclosure, a coprocessor may share a page table with a CPU's MMU. According to the page table, the coprocessor and the CPU can obtain the same data according to the same mapping relation from the virtual address to the physical address without generating the asynchronous phenomenon. In addition, since the coprocessor and the MMU may share the page table, the coprocessor may also check the memory area at a finer granularity. For example, security checks may be performed on applications on the virtual machine, as well as checking memory in the operating system kernel.
It will be appreciated that other methods may be used to obtain the data for which memory check calculations need to be performed, and the disclosure is not limited in this respect. For example, parameters relating to the storage location and length of data for which memory check calculations need to be performed are passed through separate instructions.
According to an exemplary implementation of the present disclosure, comparison data for memory verification may also be prepared based on a virtual address of a memory to be verified included in the SMC instruction and a data byte length of the memory to be verified. The comparison data for memory verification is the reference data used to determine whether there is a problem with the integrity of the data. And comparing the calculation result of the memory verification calculation with the comparison data for memory verification, and determining the memory verification result based on the comparison. If the two are the same, the data integrity is not problem, otherwise, if the two are not the same, the data integrity is problem.
According to the memory verification method for the ARM equipment, the memory data are verified and calculated based on the hardware coprocessor in the ARM equipment, the memory is verified by using hardware, the calculation efficiency is higher than that of software implementation, and the efficiency is higher. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the CPU's MMU, memory detection can be done at multiple granularities.
Figure 4 is a flow chart schematically illustrating enabling a coprocessor of an ARM device in step S320 of a method 300 for memory verification of an ARM device according to an embodiment of the present disclosure. As shown in fig. 4, according to an embodiment of the present disclosure, the coprocessor that enables the ARM device includes: initializing the coprocessor (S321); configuring respective registers of the coprocessor (S322); and enables the coprocessor to start operating (S323). And enabling the coprocessor of the ARM equipment through the sub-steps to prepare for subsequent operations of memory check calculation and calculation result output.
The sub-steps of the method 300 for memory verification of an ARM device will be described in more detail below. Fig. 5 is a flowchart schematically illustrating substep S321 of a method 300 for memory verification of an ARM device according to an embodiment of the present disclosure. As shown in fig. 5, according to an embodiment of the present disclosure, the initializing the coprocessor includes: configuring a configuration interface security domain attribute register of the coprocessor to enable a CPU of a security domain to configure each register of the coprocessor (S3211); configuring a Direct Memory Access (DMA) read security attribute register of the coprocessor, so that the coprocessor performs a read operation in a common domain (S3212); and configuring the DMA write security attribute register of the coprocessor to cause the coprocessor to write in the security domain (S3213).
According to one exemplary implementation of the disclosure, configuring the DMA read security attribute register of the coprocessor such that the coprocessor performs a read operation in the normal domain may include: the configuration is such that the DMA controller of the coprocessor performs a read operation in the normal domain.
According to one exemplary implementation of the disclosure, configuring the DMA write security attribute register of the coprocessor such that the coprocessor writes in the security domain may include: the configuration is such that the DMA controller of the coprocessor writes in the normal domain.
Through the sub-step S3211, the CPU only has the authority to configure the values of the registers in the security domain, and the CPU cannot change the values of the registers in the normal domain, thereby ensuring the operation security.
Through the sub-step S3212, the coprocessor can perform a read operation in the normal domain, so that data in the normal domain, on which memory check calculation needs to be performed, can be obtained according to an incoming instruction.
Through the substep S3213, the coprocessor can only perform write operation in the security domain, that is, the hardware calculation result can only be output in the security domain, and the CPU in the normal domain cannot change the hardware calculation result, thereby ensuring the security of the measurement.
Fig. 6 is a flow chart schematically illustrating substep S322 of a method 300 for memory verification of an ARM device according to an embodiment of the present disclosure. In a case that the SMC instruction includes a virtual address of the memory to be checked and a data byte length of the memory to be checked, as shown in fig. 6, according to an embodiment of the present disclosure, the configuring the registers of the coprocessor includes: configuring a read address of a read address register of the coprocessor as the virtual address (S3221); configuring a write address of a write address register of the coprocessor as a virtual address allocated by the CPU in the secure domain (S3222); configuring a data byte length register of the coprocessor based on the data byte length (S3223); and configuring an algorithm mode register of the coprocessor (S3224).
According to an exemplary implementation of the present disclosure, the configuring the algorithm mode register (S3224) of the coprocessor may include selecting an algorithm for memory check calculation. Algorithms for memory check computation include, but are not limited to: a cryptographic hash SM3 algorithm, a secure hash SHA series algorithm, a hash message authentication code HMAC algorithm, etc.
Through the above substeps 3221 and S3223, the coprocessor is enabled to perform a read operation in the normal domain, so as to further acquire data in the normal domain for which memory check calculation needs to be performed.
Through the sub-step S3222, the coprocessor can perform write operation in the security domain, and the result of the memory check calculation is output in the security domain, thereby ensuring the security of the measurement.
Through the above sub-step S3224, a suitable algorithm for memory check calculation may be selected for the coprocessor. For example, an appropriate algorithm for memory verification calculations may be selected based on user requirements or based on default system settings. The present disclosure is not limited as to how the above-described selection may be made.
Fig. 7 is a flowchart schematically illustrating step S330 of the method 300 for memory verification of an ARM device according to an embodiment of the present disclosure. As shown in fig. 7, the performing, by the coprocessor, the memory check calculation and outputting the calculation result to the security domain may include: the coprocessor acquires a physical address corresponding to a virtual address of the memory to be checked, which is included in the SMC instruction, by sharing a page table with an MMU of the CPU, and performs a read operation in a common domain based on the physical address and the data byte length of the memory to be checked, which is included in the SMC instruction, to acquire data in the memory to be checked (S331); the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on the algorithm for memory check calculation, and acquires a calculation result (S332); and the coprocessor writes the calculation result into the virtual address allocated by the CPU in the security domain by writing in the security domain (S333).
Through the sub-step S331, the coprocessor can perform a read operation in the normal domain, and obtain data in the normal domain, on which memory check calculation needs to be performed, by sharing the page table with the MMU, based on the transmitted virtual address of the memory to be checked and the data byte length of the memory to be checked.
Through the sub-step S332, the memory data is subjected to check calculation by the hardware coprocessor, so that the calculation efficiency is higher than that of software implementation.
Through the substep S333, the coprocessor can perform write operation in the security domain, and the result of the memory check calculation is output in the security domain, so that the security of measurement is guaranteed.
According to the memory verification method for the ARM equipment, the memory data are verified and calculated based on the hardware coprocessor in the ARM equipment, the calculation efficiency is higher than that of software implementation, and the efficiency is higher. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the CPU's MMU, memory detection can be done at a variety of granularities, including process application on virtual machines to kernel and software monitor layers.
Figure 8 is a block diagram schematically illustrating an ARM device 800 that performs memory checks according to an embodiment of the present disclosure. The ARM device 800 is, for example, a smart phone, a tablet computer, a smart television, and the like. The type of device 800 does not constitute a limitation of the present disclosure. As shown in fig. 8, the ARM apparatus includes: a CPU (810) configured to operate in a normal domain and a secure domain and to switch from the normal domain to the secure domain for operation in response to receiving a security monitor call SMC instruction in the normal domain; and a coprocessor (820) connected to the CPU via a bus, configured to be enabled by the CPU operating in a secure domain, perform memory check computations after being enabled, and output computation results into the secure domain; the CPU (810) is further configured to compare the calculation result with comparison data for memory verification, determine a memory verification result based on the comparison, and output the memory verification result to a normal domain.
According to one exemplary implementation of the present disclosure, the SMC instruction includes a virtual address of the memory to be verified and a data byte length of the memory to be verified.
The processor of the ARM device includes a total of 4 operating levels, i.e., EL0, EL1, EL2, EL 3. Switching between the normal domain and the secure domain must go through EL 3. The SMC instruction is a standard instruction under an ARM device architecture, and the SMC instruction initiated in the normal domain causes the processor of the ARM device to switch to the EL3 running stage in an interrupt or exception manner, so as to complete the switching from the normal domain to the secure domain, and the standard parameter of the SMC instruction is transmitted to the relevant information of the memory to be measured, including the virtual address of the memory to be checked and the data byte length of the memory to be checked.
According to one exemplary implementation of the present disclosure, a client application under a normal domain may request a memory check and send an SMC command at equal time intervals, for example, every 10 s. Alternatively, according to another exemplary implementation of the present disclosure, a client application under a normal domain may request a memory check and send an SMC instruction at an indefinite time. This is not limited by the present application.
According to an exemplary implementation of the present disclosure, the coprocessor may obtain a physical address of the memory to be checked based on the virtual address of the memory to be checked according to a page table in the MMU of the CPU, and obtain data on which memory check calculation needs to be performed according to the physical address and the data byte length of the memory to be checked.
According to one example implementation of the present disclosure, a coprocessor may share a page table with a CPU's MMU. According to the page table, the coprocessor and the CPU can obtain the same data according to the same mapping relation from the virtual address to the physical address without generating the asynchronous phenomenon. In addition, since the coprocessor and the MMU may share the page table, the coprocessor may also check the memory area at a finer granularity. For example, security checks may be performed on applications on the virtual machine, as well as checking memory in the operating system kernel.
It will be appreciated that other methods may be used to obtain the data for which memory check calculations need to be performed, and the disclosure is not limited in this respect. For example, parameters relating to the storage location and length of data for which memory check calculations need to be performed are passed through separate instructions.
According to an exemplary implementation of the present disclosure, comparison data for memory verification may also be prepared based on a virtual address of a memory to be verified included in the SMC instruction and a data byte length of the memory to be verified. The comparison data for memory verification is the reference data used to determine whether there is a problem with the integrity of the data. And comparing the calculation result of the memory verification calculation with the comparison data for memory verification, and determining the memory verification result based on the comparison. If the two are the same, the data integrity is not problem, otherwise, if the two are not the same, the data integrity is problem.
According to the ARM equipment disclosed by the embodiment of the disclosure, the hardware coprocessor is used for carrying out verification calculation on the memory data, the hardware is used for verifying the memory, the calculation efficiency is higher than that of software implementation, and the efficiency is higher. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the CPU's MMU, memory detection can be done at multiple granularities.
According to yet another exemplary implementation of the present disclosure, a CPU-enabled coprocessor of a security domain includes: initializing the coprocessor; configuring each register of the coprocessor; and enabling the coprocessor to begin operation. The CPU of the ARM equipment enables the coprocessor to prepare the coprocessor for subsequent memory check calculation and operation of outputting a calculation result.
According to yet another exemplary implementation of the disclosure, the initializing the coprocessor includes: configuring a configuration interface security domain attribute register of the coprocessor to ensure that each register of the coprocessor can only be configured by a CPU of a security domain; configuring a DMA (direct memory access) reading security attribute register of the coprocessor to enable the coprocessor to carry out reading operation in a common domain; and configuring a DMA write security attribute register of the coprocessor to cause the coprocessor to write in a secure domain.
According to one exemplary implementation of the disclosure, configuring the DMA read security attribute register of the coprocessor such that the coprocessor performs a read operation in the normal domain may include: the configuration is such that the DMA controller of the coprocessor performs a read operation in the normal domain.
According to one exemplary implementation of the disclosure, configuring the DMA write security attribute register of the coprocessor such that the coprocessor writes in the security domain may include: the configuration is such that the DMA controller of the coprocessor writes in the normal domain.
By configuring the configuration interface security domain attribute register of the coprocessor, the CPU only has the authority to configure the value of each register in the security domain, and the CPU cannot change the value of each register in the common domain, thereby ensuring the operation security.
The DMA read security attribute register of the coprocessor is configured, so that the coprocessor can perform read operation in a common domain, and data needing to be subjected to memory check calculation in the common domain can be acquired according to an incoming instruction.
By configuring the DMA write security attribute register of the coprocessor, the coprocessor can only perform write operation in the security domain, namely, a hardware calculation result can only be output in the security domain, and a CPU in a common domain cannot change the hardware calculation result, so that the measurement security is guaranteed.
According to another exemplary implementation of the present disclosure, the SMC instruction includes a virtual address of the memory to be checked and a data byte length of the memory to be checked, and the configuring the registers of the coprocessor includes: configuring a read address of a read address register of the coprocessor as the virtual address; configuring the write address of the write address register of the coprocessor into a virtual address allocated by the CPU in a security domain; configuring a data byte length register of the coprocessor based on the data byte length; and configuring an algorithm mode register of the coprocessor.
According to an exemplary implementation of the disclosure, the configuring the algorithm mode register of the coprocessor includes selecting an algorithm for memory check computation. Algorithms for memory check computation include, but are not limited to: a cryptographic hash SM3 algorithm, a secure hash SHA series algorithm, a hash message authentication code HMAC algorithm, etc.
The read address of the read address register of the coprocessor is configured to be the virtual address and the data byte length register of the coprocessor is configured based on the data byte length, so that the coprocessor can perform read operation in a common domain, and data needing to perform memory check calculation on the coprocessor in the common domain is further acquired.
The write address of the write address register of the coprocessor is configured to be the virtual address allocated by the CPU in the security domain, so that the coprocessor can perform write operation in the security domain, and the result of memory check calculation is output in the security domain, thereby ensuring the measurement security.
By configuring the algorithm mode register of the coprocessor, a suitable algorithm for memory check computation can be selected for the coprocessor. For example, an appropriate algorithm for memory verification calculations may be selected based on user requirements or based on default system settings. The present disclosure is not limited as to how the above-described selection may be made.
According to yet another exemplary implementation of the disclosure, the coprocessor performing a memory check computation and outputting a computation result into the secure domain may include: the coprocessor acquires a physical address corresponding to a virtual address of a to-be-checked memory included in an SMC instruction through sharing a page table with an MMU of the CPU, and performs read operation in a common domain based on the physical address and the data byte length of the to-be-checked memory included in the SMC instruction to acquire data in the to-be-checked memory; the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on an algorithm for memory check calculation, and acquires a calculation result; and the coprocessor carries out write operation in the security domain and writes the calculation result into a virtual address distributed by the CPU in the security domain.
The coprocessor shares the page table with the MMU of the CPU, and can perform read operation in the common domain based on the transmitted virtual address of the memory to be checked and the data byte length of the memory to be checked, and acquire data needing to perform memory check calculation on the data in the common domain.
The memory data is checked and calculated through the hardware coprocessor, so that the calculation efficiency is higher than that of software implementation.
And the coprocessor carries out write operation in the security domain and outputs the result of the memory check calculation in the security domain, thereby ensuring the measurement security.
According to the ARM equipment disclosed by the embodiment of the disclosure, the memory data is checked and calculated based on the hardware coprocessor, the calculation efficiency is higher than that of software implementation, and the efficiency is higher. And because the calculation result is output to the security domain, the security risk caused by the output of the calculation result in the common domain is avoided. Furthermore, since the coprocessor can share page tables with the CPU's MMU, memory detection can be done at multiple granularities.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present disclosure may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and third, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present disclosure, but the scope of the present disclosure is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure, and all the changes or substitutions should be covered within the scope of the present disclosure. Therefore, the protection scope of the present disclosure should be subject to the protection scope of the appended claims and their equivalents.

Claims (16)

1. A method for memory verification for an ARM device, the ARM device including a central processor and a coprocessor, the central processor being capable of operating in a normal domain and a secure domain, the method comprising:
receiving a security monitoring call SMC instruction in a common domain through a central processing unit;
responding to the SMC instruction, switching the central processor from the common domain to the security domain for operation, and enabling the coprocessor of the ARM equipment;
executing memory checking calculation by the coprocessor, and outputting a calculation result to the security domain, wherein the coprocessor acquires a physical address corresponding to a virtual address of a memory to be checked included in an SMC instruction by sharing a page table with a Memory Management Unit (MMU) of the central processing unit, and performs a read operation in a common domain based on the physical address and a data byte length of the memory to be checked included in the SMC instruction to acquire data in the memory to be checked; and
and comparing the calculation result with comparison data for memory verification through the central processing unit, determining a memory verification result based on the comparison, and outputting the memory verification result to a common domain.
2. The method of claim 1, wherein the SMC instruction includes a virtual address of the memory to be verified and a data byte length of the memory to be verified.
3. The method of claim 1, wherein the comparison data for memory verification is prepared based on a virtual address of the memory to be verified and a data byte length of the memory to be verified included in the SMC instruction.
4. The method of claim 1, wherein enabling the coprocessor of the ARM device comprises:
initializing the coprocessor;
configuring each register of the coprocessor; and
enabling the coprocessor to begin operation.
5. The method of claim 4, wherein said initializing the coprocessor comprises:
configuring a configuration interface security domain attribute register of the coprocessor to ensure that each register of the coprocessor can only be configured by a central processing unit of a security domain;
configuring a Direct Memory Access (DMA) read security attribute register of the coprocessor to enable the coprocessor to carry out read operation in a common domain; and
configuring a Direct Memory Access (DMA) write security attribute register of the coprocessor to enable the coprocessor to write in a security domain.
6. The method of claim 4, wherein the SMC instruction comprises a virtual address of a memory to be checked and a data byte length of the memory to be checked, and the configuring of the registers of the coprocessor comprises:
configuring a read address of a read address register of the coprocessor as the virtual address;
configuring the write address of the write address register of the coprocessor into a virtual address allocated by a central processing unit in a security domain;
configuring a data byte length register of the coprocessor based on the data byte length; and
an algorithm mode register of the coprocessor is configured.
7. The method of claim 6, wherein said configuring the algorithm mode register of the coprocessor includes selecting an algorithm for memory check computation.
8. The method of claim 1, wherein the coprocessor performing memory check computations and outputting computation results to the secure domain comprises:
the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on an algorithm for memory check calculation, and acquires a calculation result; and
the coprocessor carries out write operation in the security domain and writes the calculation result into the virtual address distributed by the central processing unit in the security domain.
9. An ARM device that performs memory verification, the ARM device comprising:
the central processing unit is configured to operate in a common domain and a security domain, and responds to the receiving of a security monitoring call SMC instruction in the common domain, and switches from the common domain to the security domain to operate; and
a coprocessor connected to the central processor through a bus, configured to enable the central processor operating in a secure domain, perform memory check computation after being enabled, and output a computation result into the secure domain, wherein the coprocessor acquires a physical address corresponding to a virtual address of a memory to be checked included in an SMC instruction by sharing a page table with a memory management unit MMU of the central processor, and acquires data in the memory to be checked by performing a read operation in a normal domain based on the physical address and a data byte length of the memory to be checked included in the SMC instruction;
the central processing unit is further configured to compare the calculation result with comparison data for memory verification, determine a memory verification result based on the comparison, and output the memory verification result to a common domain.
10. The ARM device of claim 9, wherein the SMC instruction includes a virtual address of the memory to be verified and a data byte length of the memory to be verified.
11. The ARM device of claim 9, wherein the central processor prepares the comparison data for memory verification based on a virtual address of the memory to be verified and a data byte length of the memory to be verified included in the SMC instruction.
12. The ARM device of claim 9, wherein the central processor enabling the coprocessor comprises:
initializing the coprocessor;
configuring each register of the coprocessor; and
enabling the coprocessor to begin operation.
13. The ARM device of claim 12, wherein the initializing the coprocessor comprises:
configuring a configuration interface security domain attribute register of the coprocessor to ensure that each register of the coprocessor can only be configured by a central processing unit of a security domain;
configuring a Direct Memory Access (DMA) read security attribute register of the coprocessor to enable the coprocessor to carry out read operation in a common domain; and
configuring a Direct Memory Access (DMA) write security attribute register of the coprocessor to enable the coprocessor to write in a security domain.
14. The ARM device of claim 12, wherein the SMC instruction includes a virtual address of the memory to be checked and a data byte length of the memory to be checked, and the configuring the respective registers of the coprocessor includes:
configuring a read address of a read address register of the coprocessor as the virtual address;
configuring the write address of the write address register of the coprocessor into a virtual address allocated by a central processing unit in a security domain;
configuring a data byte length register of the coprocessor based on the data byte length; and
an algorithm mode register of the coprocessor is configured.
15. The ARM device of claim 14, wherein the configuring the algorithm mode register of the coprocessor includes selecting an algorithm for memory check computation.
16. The ARM device of claim 9, wherein the coprocessor performing memory check computations and outputting computation results to the secure domain comprises:
the coprocessor executes memory check calculation on the acquired data in the memory to be checked based on an algorithm for memory check calculation, and acquires a calculation result; and
the coprocessor carries out write operation in the security domain and writes the calculation result into the virtual address distributed by the central processing unit in the security domain.
CN201811589122.3A 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification Active CN109684126B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811589122.3A CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811589122.3A CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Publications (2)

Publication Number Publication Date
CN109684126A CN109684126A (en) 2019-04-26
CN109684126B true CN109684126B (en) 2022-05-03

Family

ID=66189166

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811589122.3A Active CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Country Status (1)

Country Link
CN (1) CN109684126B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113486355B (en) * 2021-06-29 2023-03-14 北京紫光展锐通信技术有限公司 Information storage device, information storage method, communication device, chip and module equipment thereof
CN113704791B (en) * 2021-09-01 2024-03-15 北京兆芯电子科技有限公司 Processor and hash information authentication code encoding method
CN115310055B (en) * 2022-06-22 2023-08-11 北京信息科技大学 Software integrity protection method based on double watchdog

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080043616A (en) * 2006-11-14 2008-05-19 삼성전자주식회사 Multichip and test method thereof
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
WO2014021919A2 (en) * 2012-08-03 2014-02-06 North Carolina State University Methods, systems, and computer readable medium for active monitoring, memory protection and integrity verification of target devices
JP2014525105A (en) * 2011-07-29 2014-09-25 マイクロソフト コーポレーション Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
CN104992122A (en) * 2015-07-20 2015-10-21 武汉大学 Cell phone private information safe box based on ARM Trust Zone
WO2016139079A1 (en) * 2015-03-02 2016-09-09 Siemens Ag Österreich Protection of memory contents of a memory of a computer system by using a hash function
CN106980794A (en) * 2017-04-01 2017-07-25 北京元心科技有限公司 TrustZone-based file encryption and decryption method and device and terminal equipment
CN107194284A (en) * 2017-06-22 2017-09-22 济南浪潮高新科技投资发展有限公司 A kind of method and system based on the user-isolated data of TrustZone
CN107679393A (en) * 2017-09-12 2018-02-09 中国科学院软件研究所 Android integrity verification methods and device based on credible performing environment
CN108197500A (en) * 2018-01-31 2018-06-22 长安大学 A kind of storage system and method based on TrustZone Security and Integrality of Data

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080043616A (en) * 2006-11-14 2008-05-19 삼성전자주식회사 Multichip and test method thereof
JP2014525105A (en) * 2011-07-29 2014-09-25 マイクロソフト コーポレーション Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
WO2014021919A2 (en) * 2012-08-03 2014-02-06 North Carolina State University Methods, systems, and computer readable medium for active monitoring, memory protection and integrity verification of target devices
WO2016139079A1 (en) * 2015-03-02 2016-09-09 Siemens Ag Österreich Protection of memory contents of a memory of a computer system by using a hash function
CN104992122A (en) * 2015-07-20 2015-10-21 武汉大学 Cell phone private information safe box based on ARM Trust Zone
CN106980794A (en) * 2017-04-01 2017-07-25 北京元心科技有限公司 TrustZone-based file encryption and decryption method and device and terminal equipment
CN107194284A (en) * 2017-06-22 2017-09-22 济南浪潮高新科技投资发展有限公司 A kind of method and system based on the user-isolated data of TrustZone
CN107679393A (en) * 2017-09-12 2018-02-09 中国科学院软件研究所 Android integrity verification methods and device based on credible performing environment
CN108197500A (en) * 2018-01-31 2018-06-22 长安大学 A kind of storage system and method based on TrustZone Security and Integrality of Data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于TrustZone的内核完整性保护的研究与实现;夏常钧;《中国优秀硕士学位论文全文数据库》;20180430;全文 *

Also Published As

Publication number Publication date
CN109684126A (en) 2019-04-26

Similar Documents

Publication Publication Date Title
US9003239B2 (en) Monitoring and resolving deadlocks, contention, runaway CPU and other virtual machine production issues
CN104982005B (en) Implement the computing device and method of the franchise cryptographic services in virtualized environment
US9576147B1 (en) Security policy application through data tagging
KR102324336B1 (en) User device and integrity verification method for the same
CN109684126B (en) Memory verification method for ARM equipment and ARM equipment for executing memory verification
US10101936B2 (en) Memory access control
US10432622B2 (en) Securing biometric data through template distribution
CN102509046A (en) Globally valid measured operating system launch with hibernation support
EP3935545B1 (en) Incremental decryption and integrity verification of a secure operating system image
US11593473B2 (en) Stack pivot exploit detection and mitigation
CN110046495A (en) Data structure measurement result compares
US10984108B2 (en) Trusted computing attestation of system validation state
US11874926B2 (en) Measuring containers
US11251976B2 (en) Data security processing method and terminal thereof, and server
US10191680B2 (en) Memory access control
CN112487414B (en) Method, device, equipment and storage medium for acquiring process command line
US20220129593A1 (en) Limited introspection for trusted execution environments
JP2018147444A (en) Computer system for executing analysis program and method for monitoring execution of analysis program
CN112131612B (en) CF card data tamper-proof method, device, equipment and medium
US11640249B2 (en) Access verification on portable mass storage devices
CN110601846B (en) System and method for verifying virtual trusted root
Jaroš Trusted Platform Modules: visualization of the performance data
CN114201747A (en) Dynamic measurement root implementation method, device, system and storage medium
JP2012208959A (en) Semiconductor memory device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 9th Floor, Building C, Gui'an Center, Plot ZD-64, Big Data Science and Technology Innovation City, Gui'an New Area, Guiyang City, Guizhou Province, 550003 (No. 2 on the south side)

Patentee after: Guizhou Huaxin Semiconductor Technology Co.,Ltd.

Address before: 550081 2nd floor, intersection of Qianzhong Avenue and Jinma Avenue, Gui'an New District, Guiyang City, Guizhou Province

Patentee before: GUIZHOU HUAXINTONG SEMICONDUCTOR TECHNOLOGY Co.,Ltd.