CN113486355B - Information storage device, information storage method, communication device, chip and module equipment thereof - Google Patents

Information storage device, information storage method, communication device, chip and module equipment thereof Download PDF

Info

Publication number
CN113486355B
CN113486355B CN202110730887.XA CN202110730887A CN113486355B CN 113486355 B CN113486355 B CN 113486355B CN 202110730887 A CN202110730887 A CN 202110730887A CN 113486355 B CN113486355 B CN 113486355B
Authority
CN
China
Prior art keywords
cpu
interrupt
secure world
type
world
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110730887.XA
Other languages
Chinese (zh)
Other versions
CN113486355A (en
Inventor
王峰
王科
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Ziguang Zhanrui Communication Technology Co Ltd
Original Assignee
Beijing Ziguang Zhanrui Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Ziguang Zhanrui Communication Technology Co Ltd filed Critical Beijing Ziguang Zhanrui Communication Technology Co Ltd
Priority to CN202110730887.XA priority Critical patent/CN113486355B/en
Publication of CN113486355A publication Critical patent/CN113486355A/en
Application granted granted Critical
Publication of CN113486355B publication Critical patent/CN113486355B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data

Abstract

The application discloses an information storage device, an information storage method, a communication device, a chip and module equipment thereof. The information holding apparatus includes a first central processing unit CPU. In the non-secure world, the first CPU is used for entering the secure world under the condition that a first type of interrupt is received; the first CPU is also used for storing the state information of the first CPU in the safe world and storing the information of the application processor; meanwhile, the first CPU can also trigger other CPUs to enter a safe world and store respective state information. By adopting the information storage device in the embodiment of the application, the state information of the application processor can be stored when the application processor is hung up.

Description

Information storage device, information storage method, communication device, chip and module equipment thereof
Technical Field
The present application relates to the field of communications technologies, and in particular, to an information storage apparatus, an information storage method, a communication apparatus, a chip, and a module device thereof.
Background
When a system has a hardware failure, all Central Processing Units (CPUs) in the application processor may be suspended, for example: the CPU has accessed the wrong register address or an exception has again occurred in the software exception handling flow. At present, although the debugging means of the kernel can complete the hang-up monitoring of all application processors, the abnormal CPU can not respond to the message, and it is very difficult to obtain the field information of the abnormal CPU. Therefore, how to save the field information when the application processor is hung up becomes a problem to be solved urgently at present.
Disclosure of Invention
The application discloses an information storage device, an information storage method, a communication device, a chip and module equipment thereof, which can store the state information of an application processor when the application processor is hung up.
In a first aspect, the present application provides an information holding apparatus that includes a first central processing unit CPU. In the non-secure world, the first CPU is used for entering the secure world under the condition that a first type of interrupt is received; the first CPU is also used for saving the state information of the first CPU in the safe world.
In one implementation, the first type of interrupt is sent by the interrupt controller to the first CPU; the first CPU is also configured to save state information of the interrupt controller.
In one implementation, the apparatus further includes a second CPU; in the secure world, the first CPU is also used for sending a second type of interrupt to a second CPU in the non-secure world; in the non-secure world, the second CPU is used for entering the secure world under the condition that a second type of interrupt is received; the second CPU is also used for saving the state information of the second CPU in the safe world.
In an implementation manner, when the first CPU is further configured to send a second type of interrupt to the second CPU in the non-secure world in the secure world, the method is specifically configured to: and sending a second type of interrupt to the interrupt controller, wherein the second type of interrupt is sent to the second CPU through the interrupt controller.
In one implementation, the first CPU is further configured to return to the unsecure world through the entry address information registered in the first CPU, and store the state information of the first CPU in the unsecure world.
In one implementation, the second CPU is further configured to return to the non-secure world through the entry address information registered in the second CPU, and store the state information of the second CPU in the non-secure world.
In a second aspect, the present application provides an information saving method, applied to a first CPU, the method including: in the non-secure world, entering the secure world upon receiving an interrupt of a first type; and saving the state information of the first CPU in the safe world.
In one implementation, the first type of interrupt is sent by an interrupt controller to a first CPU; the method further comprises the following steps: state information of the interrupt controller is saved.
In one implementation, the method further includes: in the secure world, sending a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world.
In one implementation, the sending, in the secure world, the second type of interrupt to the second CPU in the non-secure world includes: in the secure world, a second type of interrupt is sent to the interrupt controller, which is sent to the second CPU through the interrupt controller.
In one implementation, the method further includes: and returning the non-secure world through the entry address information registered in the first CPU, and saving the state information of the first CPU in the non-secure world.
In one implementation, the entry address information is also used for the second CPU to return to the unsecure world.
In a third aspect, the present application provides a communication device for implementing the units of the method in the second aspect and any possible implementation manner thereof.
In a fourth aspect, the present application provides a communication device comprising a processor and a memory, wherein the memory is used for storing computer-executable instructions, and the processor is used for calling program codes from the memory to execute the method of the second aspect and any possible implementation manner thereof.
In a fifth aspect, the present application provides a chip for entering a secure world in an unsecure world upon receipt of an interrupt of a first type; the chip is also used for saving the state information of the first CPU in the secure world.
In a sixth aspect, the present application provides a module device, which includes a communication module, a power module, a storage module, and a chip module, wherein: the power module is used for providing electric energy for the module equipment; the storage module is used for storing data and instructions; the communication module is used for carrying out internal communication of the module equipment or is used for carrying out communication between the module equipment and external equipment; this chip module is used for: in the non-secure world, entering the secure world upon receiving an interrupt of a first type; and saving the state information of the first CPU in the safe world.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an information storage device according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of another information storage device according to an embodiment of the present disclosure;
fig. 3 is a flowchart of an information saving method according to an embodiment of the present application;
fig. 4 is a timing chart of an information saving method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a communication device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another communication device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a module apparatus according to an embodiment of the present disclosure.
Detailed Description
For ease of understanding, the background concepts to which this application relates will first be described.
1. Non-safety world
The unsecure world may also be referred to as the ordinary world. The world in which the operating system of the terminal device runs when the terminal device is used may be referred to as the unsecure world. In the non-secure world, there is a Rich Execution Environment (REE) operating system, and user applications. In other words, the user application may be run in the unsecure world.
In an embodiment of the application, the application processor may run in the unsecure world. If the application processor is hung up, all CPUs in the non-secure world may be hung up. At this time, if the above-mentioned fault occurs in the non-secure world, the CPU cannot exit the hang-up state, so that there is no opportunity to save the state information of the CPU and other relevant field information (e.g., the state information of the interrupt controller, the state information of the bus, the state information of the cache, etc.).
2. Safety world
The secure world is another mode of secure isolation from the non-secure world, which is supported by the hardware isolation technology of the terminal device, and the terminal device can open up a trusted code region through the technology, so that the code isolation of the secure world from the non-secure world can be realized. In other words, when the terminal device operates in the secure world, the code in the non-secure world cannot access the data in the secure world. In the secure world, there is a trusted execution environment operating system, as well as secure applications.
In the embodiment of the application, the CPU in the non-secure world can be switched to the secure world by registering a corresponding function in the trusted code region. At this time, the CPU entering the secure world may save the state information of the CPU and the field information.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of an information storage device according to an embodiment of the present disclosure. The information holding apparatus 10 may be configured as a terminal device, or the information holding apparatus 10 may be a terminal device. The information holding apparatus 10 can be used to hold CPU state information when an interrupt occurs. The terminal device is an entity, such as a mobile phone, on the user side for receiving or transmitting signals. A terminal device may also be referred to as a terminal (terminal), a User Equipment (UE), a Mobile Station (MS), a Mobile Terminal (MT), etc. Alternatively, the information holding apparatus 10 may be configured as a server. The server may provide computing or application services for other clients, such as terminal devices such as Personal Computers (PCs), smart phones, automatic Teller Machines (ATMs), and even large devices such as train systems, in the network. The embodiments of the present application do not limit the specific technologies and the specific device forms used by the terminal device and the server.
As shown in fig. 1, the information holding apparatus 10 may include a first CPU101. Optionally, the information holding apparatus 10 may further include a second CPU102. Wherein the first CPU may be connected to the second CPU. It should be noted that, in the embodiments of the present application, the modules may be directly connected or indirectly connected, for example, through other modules, which is not limited in the present application.
It should be noted that the application processor may include multiple CPUs, for example: typically 4 CPUs or 8 CPUs may be included. The first CPU101 or the second CPU102 may be any one of a plurality of CPUs of an application processor. Note that the first CPU101 and the second CPU102 are different CPUs. For example, assuming that there are 8 CPUs in the application processor, the first CPU101 may be any one of the 8 CPUs of the application processor, and the second CPU102 may be any one of the remaining 7 CPUs of the application processor.
In the unsecure world, the first CPU101 described above is used to enter the secure world in the event of receiving an interrupt of the first type. In other words, if the first CPU101 receives the first type of interrupt in the non-secure world, it can switch from the non-secure world to the secure world.
It should be noted that all System on a Chip (SoC) interrupts can be classified into different types, for example: in Advanced reduced instruction set machine, version three Interrupt Controller (Advanced RISC Machines Generic Interrupt Controller v3, ARM GICv 3), all SoC interrupts can be divided into 3 types: group0, secure group1, non-secure group1. Wherein the first type of interrupt may be a group0 type of interrupt. This group0 type interrupt may be handled by the highest-privilege execution level in the CPU, i.e., by privilege level 3 (el 3) of the CPU. In which the EL3 of the CPU can switch between the secure world and the non-secure world.
Specifically, in the embodiment of the present application, a watchdog timer (WDT) may be configured as a group0 type interrupt. That is, in the event of a WDT timeout, the WDT will be treated as a group0 type interrupt. At this point, the first CPU that received the interrupt may enter the secure world.
The first CPU101 is also configured to save state information of the first CPU101 in the secure world. In other words, after entering the secure world, the first CPU101 can save its own state information. Since the application processor is already suspended in the non-secure world, all CPUs cannot exit the suspended state, and therefore, the operation of saving the state information of the CPU cannot be executed. When the first CPU receives a first type of interrupt, the interrupt can switch the first CPU into the secure world, so that the first CPU can respond to the interrupt and perform corresponding interrupt processing, such as: and saving the state information of the mobile terminal.
By storing the state information of the first CPU after entering the secure world, the log information of the operation of the first CPU in the secure world and the related information in the secure world can be collected, which is beneficial to positioning and analyzing the cause of the hang-up phenomenon after processing the interruption, thereby better solving the problem.
Optionally, the interrupt of the first type may be sent to the first CPU by the interrupt controller; the first CPU is also used for saving the state information of the interrupt controller.
The interrupt controller can receive interrupt requests of a plurality of interrupt sources and trigger corresponding interrupts. For example: ARM GICv3 is a general purpose interrupt controller offered by ARM corporation. The ARM GICv3 can receive interrupt signals of hardware, and after certain processing, the interrupt signals are distributed to corresponding CPUs for processing. The interrupt controller may be located inside the information storage device, and optionally, the interrupt controller may also be located outside the information storage device, which is not limited in this application.
As can be seen from the foregoing, the first type of interrupt may be an interrupt triggered by a WDT timeout. Assuming that the WDT triggers the first type of interrupt, the WDT may send the first type of interrupt to the interrupt controller. Correspondingly, after the interrupt controller receives the first type of interrupt, the interrupt controller sends the first type of interrupt to the first CPU. Accordingly, the first CPU can enter the safe world after receiving the first type of interrupt sent by the interrupt controller.
After the first CPU enters the secure world, the saved state information of the interrupt controller may include information related to the first type of interrupt, and may also include information related to other types of interrupts received by the interrupt controller. Therefore, the state information of the interrupt controller is saved, and the problem is favorably analyzed through the state information of the interrupt controller.
Optionally, in the secure world, the first CPU is further configured to send a second type of interrupt to a second CPU in the non-secure world.
It should be noted that, after the first CPU stores the above information, the first CPU may trigger the second CPU to interrupt. At this time, the first CPU in the secure world may send a second type of interrupt to the second CPU in the non-secure world. Optionally, when the application processor includes multiple CPUs, the first CPU may trigger all remaining CPU interrupts. For example: there are 8 CPUs in application processing, and the first CPU can trigger the remaining 7 CPU interrupts.
The second type of Interrupt may be a Software triggered Interrupt (SGI). For example, in the case where the first type of interrupt is a group0 type of interrupt, then the second type of interrupt may be a group0 SGI, i.e., a group0 type of software triggered interrupt SGI.
Optionally, in the secure world, when the first CPU is further configured to send a second type of interrupt to a second CPU in the non-secure world, the first CPU is specifically configured to: and sending a second type of interrupt to the interrupt controller, wherein the second type of interrupt is sent to the second CPU through the interrupt controller.
It should be noted that the first CPU may send the second type of interrupt to the second CPU through the interrupt controller. In other words, the first CPU sends a second type of interrupt to the interrupt controller, and accordingly, the interrupt controller receives the second type of interrupt; after the interrupt controller receives the second type of interrupt, the interrupt controller sends the second type of interrupt to the second CPU.
Specifically, the first CPU may send the second interrupt to the second CPU by writing a specific value in a register of the interrupt controller, the value being used to trigger the interrupt controller to send the second interrupt to the second CPU. Optionally, the first CPU may also trigger the interrupt controller to send the second interrupt to the second CPU through other manners, which is not limited in this application.
For example, if the application processor has 8 CPUs, the second CPU may be any one of the remaining 7 CPUs; thus, the first CPU can write 7 registers in the interrupt controller to trigger the second type of interrupt to the remaining 7 CPUs, respectively.
Optionally, in the non-secure world, the second CPU is configured to enter the secure world if receiving the second type of interrupt.
As can be seen from the foregoing, the first CPU has entered the secure world after receiving the first type of interrupt. But in the non-secure world, other CPUs are still in a hung-up state. At this point, if the other CPU receives the second type of interrupt, the interrupt may switch the second CPU into the secure world.
Optionally, the second CPU is further configured to store state information of the second CPU in the secure world.
Also, since no operation can be performed in the hang-up state. Therefore, when the second CPU switches to the secure world, the second CPU in the secure world may respond to the interrupt and perform a corresponding interrupt process. For example, the state information of the second CPU can be saved to collect log information of the second CPU running in the secure world, thereby being beneficial to analyzing the reason of hang-up.
In this embodiment, when the application processor is hung up, the first CPU may enter the secure world by receiving the first type of interrupt in the non-secure world, so as to save the state information of the first CPU in the secure world and the state information of the interrupt controller; and triggering a second type of interruption to the second CPU, so that the second CPU enters the safe world, and storing the state information of the second CPU in the safe world, which is helpful for positioning and analyzing the reason of the hang-up phenomenon, so as to better solve the problem.
Optionally, the first CPU is further configured to return to the unsecure world through the entry address information registered in the first CPU, and store the state information of the first CPU in the unsecure world.
Entry address information is registered in program code running at the EL3 privilege level, and the entry address information can be used for returning to an unsecure world. It should be noted that, the entry address information is registered when each CPU runs, so that the entry address information is used for returning to the non-secure world after entering the secure world due to the hang-up phenomenon.
As can be seen from the foregoing, after the non-secure world hangs, the first CPU can exit the hang-up state by entering the secure world. At this time, if the first CPU can return to the unsecure world through the portal address information, the state information of the first CPU in the unsecure world can be saved.
It should be noted that the non-secure world and the secure world correspond to two different sets of information, such as: the state information of the first CPU in the non-secure world can comprise context log information and the like when the CPU in the non-secure world runs; the state information of the first CPU in the secure world may include context log information and the like when the CPU in the secure world runs. Therefore, if the information can enter the non-safety world through the entrance address information to store the field information in the non-safety world, more information can be collected for positioning and analyzing problems.
Optionally, the second CPU is further configured to return to the unsecure world through entry address information registered in the second CPU, and store state information of the second CPU in the unsecure world.
Similarly, after entering the secure world, the second CPU may also return to the secure world through the entry address information registered in the second CPU after exiting the hang-up state, thereby saving the state information of the second CPU in the non-secure world.
Similarly, for example, in the application processor, 8 CPUs are shared, and in addition to the first CPU, 7 other CPUs respectively enter the secure world after receiving the interrupt of the second type in the insecure world, and respectively store the state information of their own CPUs in the secure world. After the state information of the CPU of the safe world is stored, the state information of the CPU in the unsafe world can be respectively returned to the unsafe world through the entry address information registered in each CPU, and the state information of the CPU in the unsafe world is respectively stored. In other words, the other 7 CPUs will execute their respective operation steps in parallel, respectively, without being in order.
In this embodiment, the first CPU and the second CPU can return to the insecure world through the entry address information after entering the secure world, and store the state information of the corresponding CPU in the insecure world, so that the CPU can have an opportunity to enter the insecure world to acquire field information, which is beneficial to positioning and analyzing the information through the acquired information.
Referring to fig. 2, fig. 2 is a schematic structural diagram of another information storage device according to an embodiment of the present disclosure. As shown in fig. 2, the information holding apparatus 20 may include a first interrupt handling function module 201 and a second interrupt handling function module 202. The first interrupt processing function module 201 is connected to the second interrupt processing function module 202.
The first interrupt processing function module 201 runs inside the first CPU101, and the first interrupt processing function module 201 can be used for processing a first type of interrupt; a second interrupt handling function module 202 runs inside the second CPU102, which second interrupt handling function module 202 may be used to handle a second type of interrupt.
It is understood that, in the foregoing embodiment, the operation of the first CPU101 saving the state information of the first CPU in the secure world and saving the state information of the interrupt controller and sending the second type of interrupt to the second CPU may be specifically executed by the first interrupt processing function module 201 described above. Similarly, the operation of saving the state information of the second CPU in the secure world by the second CPU102 may be specifically executed by the second interrupt processing function module 202.
Optionally, the information storage device 20 may further include an interrupt controller 203. The interrupt controller 203 is connected to the first interrupt processing function module 201 and the second interrupt processing function module 202, respectively. As can be seen from the foregoing, the interrupt controller may be located inside the information storage device or outside the information storage device. In the embodiment of the present application, the example that the interrupt controller is located inside the information storage device is taken as an example for description, and the present application is not limited thereto.
Optionally, the information storage device 20 may further include a timer module 204. The timer module 204 is connected to the interrupt controller 203. The timer module 204 may be a watchdog timer, and is configured to send a first type of interrupt to the interrupt controller after the timer expires.
Optionally, the information storage device 20 may further include a trusted module 205. The trusted module 205 may be configured to register interrupt handling functions with the respective CPUs, such as: the first interrupt handling function module 201 and the second interrupt handling function module 202.
The trusted module 205 may be a program module of a trusted code area in the secure world. Specifically, the trusted module may be a software module, such as trusted firmware, for example: ARM Trusted Firmware (ATF) provided by ARM corporation. In the case of using a CPU provided by ARM corporation, the ATF can register a first interrupt handling function and a second interrupt handling function for a first type of interrupt and a second type of interrupt, respectively.
Specifically, when registering the first interrupt handling function module 201 and the second interrupt handling function module 202, the trusted module 205 may simultaneously register entry address information in the interrupt handling function modules, so that the first CPU and the second CPU return to the non-secure world through the entry address information.
Optionally, the information storage device may further include an interrupt program module 206 and a kernel 207. The interrupt program module 206 may be configured to register the entry address information with the kernel 207 in the unsecure world; the kernel 207 may pass this portal address information to the trusted module 205 in the secure world.
It should be noted that the interrupt program module 206 is a software program in the unsecure world, and the interrupt program module 206 may include the entry address information. The kernel 207 may be comprised of interrupt service routines, schedulers, memory managers, network and interprocess communication systems, etc.
The entry address information in the interrupt program module is registered in the kernel, and can be transmitted to the trusted module in the secure world by the kernel in the insecure world, so that the trusted module can register the entry address information in the first interrupt processing function and the second interrupt processing function, and the first CPU and the second CPU in the secure world can return to the insecure world through the entry address information, thereby saving the state information of each CPU in the insecure world.
Referring to fig. 3, fig. 3 is a flowchart of an information saving method according to an embodiment of the present disclosure. The information storage method may be implemented by the information storage device, or may be implemented by a chip in the information storage device. As shown in fig. 3, the information saving method includes, but is not limited to, the following steps S301 to S302.
In the non-secure world, the first CPU enters the secure world when receiving the first type of interrupt at step S301.
In step S302, the first CPU saves the state information of the first CPU in the secure world.
By the information storage method, when the application processor is hung up, the first CPU enters the secure world by receiving the first type of interrupt, so that the state information of the first CPU in the secure world is stored, and the problem is positioned and analyzed through the stored information.
In one implementation, the first type of interrupt is sent by an interrupt controller to a first CPU, the method further comprising: the first CPU saves state information of the interrupt controller.
In one implementation, the method further includes: in the secure world, the first CPU sends a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world.
In one implementation, the above sending, by the first CPU, the interrupt of the second type to the second CPU in the non-secure world in the secure world includes: in the secure world, the first CPU sends a second type of interrupt to the interrupt controller, which is sent to the second CPU through the interrupt controller.
In one implementation, the method further includes: and returning the non-secure world through the entry address information registered in the first CPU, and saving the state information of the first CPU in the non-secure world. Optionally, the method further includes: and returning the non-secure world through the entry address information registered in the second CPU, and saving the state information of the second CPU in the non-secure world.
The embodiments of the present invention and the embodiments of the apparatus described above are based on the same concept, and the technical effects thereof are also the same.
Referring to fig. 4, fig. 4 is a flowchart of another information storage method according to an embodiment of the present disclosure. The information storage method may be implemented by the information storage device, or may be implemented by a chip in the information storage device. As shown in fig. 4, the information saving method includes, but is not limited to, the following steps S401 to S407.
In step S401, the interrupt controller sends the first type of interrupt to the first CPU after receiving the first type of interrupt. Accordingly, the first CPU receives the first type of interrupt.
In step S402, the first CPU saves the state information of the first CPU in the secure world, and the state information of the interrupt controller.
In step S403, the first CPU sends a second type of interrupt to the interrupt controller. Accordingly, the interrupt controller receives the second type of interrupt.
Optionally, in step S404, the first CPU returns the unsecure world through the entry address information registered in the first CPU, and saves the state information of the first CPU in the unsecure world.
In step S405, the interrupt controller sends a second type of interrupt to the second CPU. Accordingly, the second CPU receives the second type of interrupt.
In step S406, the second CPU saves the state information of the second CPU in the secure world.
Optionally, in step S407, the second CPU returns the unsecure world through the entry address information registered in the second CPU, and saves the state information of the second CPU in the unsecure world.
The embodiments of the present invention and the embodiments of the apparatus described above are based on the same concept, and the technical effects thereof are also the same.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a communication device according to an embodiment of the present disclosure. The apparatus may be a terminal device, an apparatus in the terminal device, or an apparatus capable of being used in cooperation with the terminal device. The communication apparatus shown in fig. 5 may include a processing unit 501, a storage unit 502, and a communication unit 503. The processing unit 501 is configured to perform data processing. Wherein:
in the unsecure world, a processing unit 501 for entering the secure world in case of receiving an interrupt of a first type;
the storage unit 502 is used for saving the state information of the first CPU in the secure world.
In one implementation, the first type of interrupt is sent by an interrupt controller to a first CPU; the storage unit 502 is also used for saving the state information of the interrupt controller.
In one implementation, in the secure world, a communication unit 503 is configured to send a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world.
In one implementation, in the secure world, the communication unit 503 is further configured to send a second type of interrupt to the interrupt controller, where the second type of interrupt is sent to the second CPU through the interrupt controller.
In an implementation manner, the processing unit 501 is further configured to return to the insecure world through entry address information registered in the first CPU; the storage unit 502 is also used to store the state information of the first CPU in the non-secure world.
In one implementation, the entry address information is also used for the second CPU to return to the unsecure world.
According to the embodiment of the present application, the units in the communication apparatus shown in fig. 5 may be respectively or entirely combined into one or several other units to form the unit, or some unit(s) therein may be further split into multiple units with smaller functions to form the unit(s), which may achieve the same operation without affecting the achievement of the technical effect of the embodiment of the present application. The units are divided based on logic functions, and in practical application, the functions of one unit can be realized by a plurality of units, or the functions of a plurality of units can be realized by one unit. In other embodiments of the present application, the communication device may also include other units, and in practical applications, these functions may also be implemented by assistance of other units, and may be implemented by cooperation of multiple units.
The communication device may be, for example: a chip, or a chip module. Each module included in each apparatus and product described in the above embodiments may be a software module, a hardware module, or a part of the software module and a part of the hardware module. For example, for each device or product applied to or integrated in a chip, each module included in the device or product may be implemented by hardware such as a circuit, or at least a part of the modules may be implemented by a software program running on a processor integrated in the chip, and the rest (if any) part of the modules may be implemented by hardware such as a circuit; for each device and product applied to or integrated with the chip module, each module included in the device and product may be implemented in a hardware manner such as a circuit, and different modules may be located in the same component (e.g., a chip, a circuit module, etc.) or different components of the chip module, or at least a part of the modules may be implemented in a software program running on a processor integrated within the chip module, and the rest (if any) part of the modules may be implemented in a hardware manner such as a circuit; for each device and product applied to or integrated in the terminal, each module included in the device and product may be implemented by using hardware such as a circuit, different modules may be located in the same component (e.g., a chip, a circuit module, etc.) or different components in the terminal, or at least a part of the modules may be implemented by using a software program running on a processor integrated in the terminal, and the rest (if any) part of the modules may be implemented by using hardware such as a circuit.
The embodiments of the present application and the embodiments of the foregoing method are based on the same concept, and the technical effects brought by the embodiments are also the same, and for the specific principle, reference is made to the description of the foregoing embodiments, which is not repeated herein.
Referring to fig. 6, fig. 6 is a communication device 60 according to an embodiment of the present disclosure. As shown in fig. 6, the communication device 60 may include a processor 601 and a memory 602. Optionally, the communication device 60 may further comprise a transceiver 603. The processor 601, memory 602, and transceiver 603 may be connected via a bus 604 or otherwise. The buses are shown in fig. 6 by thick lines, and the connection manner between other components is merely illustrative and not limited thereto. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.
The coupling in the embodiments of the present application is an indirect coupling or a communication connection between devices, units or modules, and may be an electrical, mechanical or other form for information interaction between the devices, units or modules. The specific connection medium between the processor 601 and the memory 602 is not limited in the embodiment of the present application.
The memory 602 may include both read-only memory and random access memory, and provides instructions and data to the processor 601. A portion of the memory 602 may also include non-volatile random access memory.
The Processor 601 may be a Central Processing Unit (CPU), and the Processor 601 may also be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor, and optionally, the processor 601 may be any conventional processor or the like. Wherein:
a memory 602 for storing program instructions.
A processor 601 for invoking program instructions stored in memory 602 for:
in the non-secure world, entering the secure world upon receiving an interrupt of a first type;
and saving the state information of the first CPU in the safe world.
In one implementation, the first type of interrupt is sent by an interrupt controller to a first CPU; the memory 602 is also used for storing the state information of the interrupt controller.
In one implementation, in the secure world, a transceiver 603 for sending a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world and saving the state information of the second CPU in the secure world under the condition of receiving the second type of interrupt.
In one implementation, in the secure world, the transceiver 603 is further configured to send a second type of interrupt to the interrupt controller, where the second type of interrupt is sent to the second CPU through the interrupt controller.
In one implementation, the processor 601 is further configured to return to the insecure world through entry address information registered in the first CPU; the memory 602 is also used to store the state information of the first CPU in the non-secure world.
In one implementation, the entry address information is also used for the second CPU to return to the unsecure world.
In the embodiment of the present application, the method provided by the embodiment of the present application may be implemented by running a computer program (including program codes) capable of executing the steps involved in the corresponding method as shown in fig. 2 on a general-purpose computing device such as a computer including a Central Processing Unit (CPU), a random access storage medium (RAM), a read-only storage medium (ROM), and the like as well as a storage element. The computer program may be recorded on a computer-readable recording medium, for example, and loaded and executed in the above-described computing apparatus via the computer-readable recording medium.
Based on the same inventive concept, the principle and the advantageous effect of the communication apparatus to solve the problem provided in the embodiment of the present application are similar to the principle and the advantageous effect of the communication apparatus to solve the problem in the embodiment of the method of the present application, and for brevity, the principle and the advantageous effect of the implementation of the method may be referred to, and are not described herein again.
The embodiment of the present application further provides a chip, where the chip may perform relevant steps of the terminal device in the foregoing method embodiment. The chip is used for: in the non-secure world, entering the secure world upon receiving an interrupt of a first type; and saving the state information of the first CPU in the safe world.
In one implementation, the first type of interrupt is sent by the interrupt controller to the first CPU; the chip is also used for saving the state information of the interrupt controller.
In one implementation, in the secure world, the chip is further configured to send a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world and saving the state information of the second CPU in the secure world under the condition of receiving the second type of interrupt.
In one implementation, in the secure world, the chip is further configured to send a second type of interrupt to the interrupt controller, the second type of interrupt being sent to the second CPU through the interrupt controller.
In one implementation, the chip is further configured to return to the unsecure world via portal address information registered in the first CPU; the chip is also used for saving the state information of the first CPU in the non-secure world.
In one implementation, the entry address information is also used for the second CPU to return to the unsecure world.
In one implementation, the chip includes at least one processor, at least one first memory, and at least one second memory; the at least one first memory and the at least one processor are interconnected through a line, and instructions are stored in the first memory; the at least one second memory and the at least one processor are interconnected through a line, and the second memory stores the data required to be stored in the method embodiment.
For each device or product applied to or integrated in the chip, each module included in the device or product may be implemented by hardware such as a circuit, or at least a part of the modules may be implemented by a software program running on a processor integrated in the chip, and the rest (if any) part of the modules may be implemented by hardware such as a circuit.
Referring to fig. 7, fig. 7 is a schematic structural diagram of a module apparatus according to an embodiment of the present disclosure. The module device 70 may perform the relevant steps of the terminal device in the foregoing method embodiment, where the module device 70 includes: a communication module 701, a power module 702, a memory module 703, and a chip module 704.
The power module 702 is used for providing power for the module device; the storage module 703 is used for storing data and instructions; the communication module 701 is used for performing internal communication of the module device, or for performing communication between the module device and an external device; the chip module 704 is used for:
in the non-secure world, entering the secure world upon receiving an interrupt of a first type;
and saving the state information of the first CPU in the safe world.
In one implementation, the first type of interrupt is sent by an interrupt controller to a first CPU; the chip module 704 is also used for saving the state information of the interrupt controller.
In one implementation, in the secure world, the chip module 704 is further configured to send a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world.
In one implementation, in the secure world, the chip module 704 is further configured to send a second type of interrupt to the interrupt controller, where the second type of interrupt is sent to the second CPU through the interrupt controller.
In one implementation, the chip module 704 is further configured to return to the insecure world through entry address information registered in the first CPU; the chip module 704 is further configured to store state information of the first CPU in the unsecure world.
In one implementation, the entry address information is also used for the second CPU to return to the unsecure world.
For each device and product applied to or integrated in the chip module, each module included in the device and product may be implemented by using hardware such as a circuit, and different modules may be located in the same component (e.g., a chip, a circuit module, etc.) or different components of the chip module, or at least some of the modules may be implemented by using a software program running on a processor integrated in the chip module, and the rest (if any) of the modules may be implemented by using hardware such as a circuit.
The embodiment of the present application further provides a computer-readable storage medium, in which one or more instructions are stored, and the one or more instructions are adapted to be loaded by a processor and execute the method provided by the foregoing method embodiment.
Embodiments of the present application also provide a computer program product containing instructions, which when run on a computer, cause the computer to perform the method provided by the above method embodiments.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts or combinations, but those skilled in the art should understand that the present application is not limited by the order of acts described, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art will recognize that the embodiments described in this specification are preferred embodiments and that acts or modules referred to are not necessarily required for this application.
The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.
The modules in the device can be combined, divided and deleted according to actual needs.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by hardware related to instructions of a program, and the program may be stored in a computer readable storage medium, and the readable storage medium may include: flash disks, read-Only memories (ROMs), random Access Memories (RAMs), magnetic or optical disks, and the like.
The above disclosure is only one preferred embodiment of the present invention, which is only a part of the present invention, and certainly not intended to limit the scope of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Claims (14)

1. An information storage device, characterized in that the device comprises a first central processing unit CPU and a second CPU;
in the non-secure world, the first CPU is used for entering the secure world under the condition that a first type of interrupt is received;
the first CPU is also used for saving the state information of the first CPU in the safe world;
in the secure world, the first CPU is further configured to send a second type of interrupt to the second CPU in the non-secure world; the second type of interrupt is a software-triggered interrupt;
in the non-secure world, the second CPU is configured to enter the secure world if the second type of interrupt is received;
the second CPU is also used for saving the state information of the second CPU in the safe world.
2. The apparatus of claim 1, wherein the first type of interrupt is sent by an interrupt controller to the first CPU;
the first CPU is also used for saving the state information of the interrupt controller.
3. The apparatus according to claim 1, wherein in the secure world, the first CPU is further configured to, when sending a second type of interrupt to the second CPU in the non-secure world, in particular: and sending the second type of interrupt to the interrupt controller, wherein the second type of interrupt is sent to the second CPU through the interrupt controller.
4. The apparatus according to any one of claims 1 to 3,
the first CPU is also used for returning the non-secure world through the entry address information registered in the first CPU and saving the state information of the first CPU in the non-secure world.
5. The apparatus of claim 4,
the second CPU is also used for returning the non-secure world through the entry address information registered in the second CPU, and storing the state information of the second CPU in the non-secure world.
6. An information storage method applied to a first CPU, the method comprising:
in the non-secure world, entering the secure world upon receiving an interrupt of a first type;
saving state information of the first CPU in the secure world;
in the secure world, sending a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world; the second type of interrupt is a software-triggered interrupt.
7. The method of claim 6, wherein the first type of interrupt is sent by an interrupt controller to the first CPU; the method further comprises the following steps:
and saving the state information of the interrupt controller.
8. The method of claim 6, wherein sending a second type of interrupt to a second CPU in the non-secure world in the secure world comprises:
and sending the second type of interrupt to the interrupt controller in a safe world, wherein the second type of interrupt is sent to the second CPU through the interrupt controller.
9. The method according to any one of claims 6 to 8, further comprising:
and returning the non-secure world through the entry address information registered in the first CPU, and storing the state information of the first CPU in the non-secure world.
10. The method of claim 9, wherein the portal address information is also used for the second CPU to return the unsecure world.
11. A communication apparatus, characterized in that it comprises means for performing the method of any of claims 6 to 10.
12. A communication device comprising a processor and a memory; wherein, the first and the second end of the pipe are connected with each other,
the memory for storing a computer program;
the processor, in particular for invoking the computer program from the memory, to perform the method of any of claims 6-10.
13. A chip, characterized in that,
the chip is used for entering the secure world in the non-secure world under the condition of receiving the first type of interrupt;
the chip is also used for storing the state information of the first CPU in the secure world;
the chip is also used for sending a second type of interrupt to a second CPU in a non-secure world in the secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world; the second type of interrupt is a software-triggered interrupt.
14. The utility model provides a communication module equipment which characterized in that, module equipment includes communication module, power module, storage module and chip module, wherein:
the power supply module is used for providing electric energy for the module equipment;
the storage module is used for storing data and instructions;
the communication module is used for carrying out internal communication of module equipment or is used for carrying out communication between the module equipment and external equipment;
the chip module is used for:
in the non-secure world, entering the secure world upon receiving an interrupt of a first type;
saving state information of the first CPU in the secure world;
in the secure world, sending a second type of interrupt to a second CPU in the non-secure world; the second CPU is used for entering the secure world under the condition of receiving the second type of interrupt, and saving the state information of the second CPU in the secure world; the second type of interrupt is a software-triggered interrupt.
CN202110730887.XA 2021-06-29 2021-06-29 Information storage device, information storage method, communication device, chip and module equipment thereof Active CN113486355B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110730887.XA CN113486355B (en) 2021-06-29 2021-06-29 Information storage device, information storage method, communication device, chip and module equipment thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110730887.XA CN113486355B (en) 2021-06-29 2021-06-29 Information storage device, information storage method, communication device, chip and module equipment thereof

Publications (2)

Publication Number Publication Date
CN113486355A CN113486355A (en) 2021-10-08
CN113486355B true CN113486355B (en) 2023-03-14

Family

ID=77936642

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110730887.XA Active CN113486355B (en) 2021-06-29 2021-06-29 Information storage device, information storage method, communication device, chip and module equipment thereof

Country Status (1)

Country Link
CN (1) CN113486355B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104021037A (en) * 2013-03-01 2014-09-03 英飞凌科技股份有限公司 Dynamic resource sharing
CN105224403A (en) * 2015-09-17 2016-01-06 华为技术有限公司 A kind of interruption processing method and device
CN109684126A (en) * 2018-12-25 2019-04-26 贵州华芯通半导体技术有限公司 For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout
CN109960582A (en) * 2018-06-19 2019-07-02 华为技术有限公司 The method, apparatus and system of multi-core parallel concurrent are realized in the side TEE
CN111209571A (en) * 2020-01-07 2020-05-29 天津飞腾信息技术有限公司 Communication method of safe world and non-safe world based on ARM processor
CN111414626A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 TEE extension-based real-time guaranteeing method and system
CN111414246A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 Cross-secure-world real-time function calling method and device on computing platform with TEE extension
CN112351022A (en) * 2020-10-30 2021-02-09 新华三技术有限公司 Security protection method and device for trust zone

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE60304602T2 (en) * 2002-11-18 2006-12-28 Arm Ltd., Cherry Hinton EXCEPTIONAL TYPES WITHIN A SAFE PROCESSING SYSTEM
CN109871717A (en) * 2016-02-29 2019-06-11 华为技术有限公司 A kind of data security transmission device and method
CN111859395B (en) * 2020-07-21 2024-03-26 中国人民解放军国防科技大学 Communication optimization method and system on computing platform with TEE expansion

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104021037A (en) * 2013-03-01 2014-09-03 英飞凌科技股份有限公司 Dynamic resource sharing
CN105224403A (en) * 2015-09-17 2016-01-06 华为技术有限公司 A kind of interruption processing method and device
CN109960582A (en) * 2018-06-19 2019-07-02 华为技术有限公司 The method, apparatus and system of multi-core parallel concurrent are realized in the side TEE
CN109684126A (en) * 2018-12-25 2019-04-26 贵州华芯通半导体技术有限公司 For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout
CN111209571A (en) * 2020-01-07 2020-05-29 天津飞腾信息技术有限公司 Communication method of safe world and non-safe world based on ARM processor
CN111414626A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 TEE extension-based real-time guaranteeing method and system
CN111414246A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 Cross-secure-world real-time function calling method and device on computing platform with TEE extension
CN112351022A (en) * 2020-10-30 2021-02-09 新华三技术有限公司 Security protection method and device for trust zone

Also Published As

Publication number Publication date
CN113486355A (en) 2021-10-08

Similar Documents

Publication Publication Date Title
CN109889468B (en) Network data transmission method, system, device, equipment and storage medium
CN115269213A (en) Data receiving method, data transmitting method, device, electronic device and medium
CN113535425A (en) Data sending method and device, electronic equipment and storage medium
CN107066331B (en) TrustZone-based resource allocation method and equipment
US11903041B2 (en) Abnormality processing method, terminal device and storage medium
CN113486355B (en) Information storage device, information storage method, communication device, chip and module equipment thereof
CN113821257A (en) Processor kernel call stack information query method and device
CN110881224A (en) Network long connection method, device, equipment and storage medium
CN111176986B (en) Thread script debugging method and device, computer equipment and storage medium
CN110704131B (en) Method and device for calling native application by HTML5 application
CN114356446B (en) Processing method, device, equipment and storage medium for inter-process event
CN111159009A (en) Pressure testing method and device for log service system
CN110764995B (en) Method, device, medium and electronic equipment for detecting file access abnormality
CN109063516A (en) Data processor
CN111414270B (en) Exception handling method and device
CN111130702B (en) Decoding method, decoding system, electronic device, and storage medium
CN112673354B (en) System state detection method, system state device and terminal equipment
WO2007080051A2 (en) Method and apparatus for dumping a process memory space
CN114024878A (en) Data transmission method, device, medium and equipment
CN107274589B (en) Access method and system of financial self-service terminal hardware equipment and terminal equipment
EP4220398A1 (en) Method and apparatus for keeping client alive, and electronic device and storage medium
CN117667465B (en) Code sharing method, device, switch, multi-host system, equipment and medium
CN114416408A (en) Interrupt processing method and device
CN106598755B (en) Processor and DCC communication system
CN111475322A (en) Method and device for positioning stuck thread, computer equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant