CN117193863A - Method, device, system and processor for starting host bootstrap program - Google Patents
Method, device, system and processor for starting host bootstrap program Download PDFInfo
- Publication number
- CN117193863A CN117193863A CN202311162224.8A CN202311162224A CN117193863A CN 117193863 A CN117193863 A CN 117193863A CN 202311162224 A CN202311162224 A CN 202311162224A CN 117193863 A CN117193863 A CN 117193863A
- Authority
- CN
- China
- Prior art keywords
- sub
- program
- hash value
- bootstrap
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000004422 calculation algorithm Methods 0.000 claims description 67
- 238000004590 computer program Methods 0.000 claims description 13
- 230000002093 peripheral effect Effects 0.000 claims description 9
- 238000012795 verification Methods 0.000 description 15
- 230000008569 process Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 5
- 230000002159 abnormal effect Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 2
- 238000003752 polymerase chain reaction Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Abstract
The application relates to a method, a device, a system and a processor for starting a host bootstrap program. The host bootstrap program comprises a plurality of sub bootstrap programs which are started in sequence, target hash values of the sub bootstrap programs are obtained according to the sub bootstrap programs in sequence, the target hash values are respectively output to the first storage unit to be stored, whether the starting environment of the host bootstrap program is normal or not is determined according to the target hash values stored in the first storage unit and the target hash values of the corresponding sub bootstrap programs, and whether the host bootstrap program is started or not is determined according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host bootstrap program under the condition that the starting environment is determined to be normal, so that the host bootstrap program is ensured to be started normally under the condition that the host bootstrap program is not tampered and damaged and is complete and credible, and the safe starting of a CPU is further ensured.
Description
Technical Field
The present application relates to the technical field of server application, and in particular, to a method, an apparatus, a system, and a processor for starting a host bootstrap program.
Background
The host boot program Hostboot is a boot program that is first executed by a central processing unit (Central Processing Unit, CPU) when the central processing unit is powered up. For example, a Hostboot is part of Firmware (FW) in a basic input output system (Basic Input Output System, BIOS). When the CPU is started by using the BIOS FW, the program which is executed first is the Hostboot.
However, at present, the Hostboot is easily tampered when being started, so that the CPU cannot be started safely.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a method, apparatus, system, processor, computer-readable storage medium, and computer program product for starting a host boot program that can ensure secure starting of a CPU.
In a first aspect, the present application provides a method for starting a host boot program, where the host boot program includes a plurality of sub-boot programs that are started in sequence. The method comprises the following steps:
sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
outputting each target hash value to a first storage unit for storage;
determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
And under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
In one embodiment, the sequentially obtaining, according to each sub-bootstrap program, the target hash value of each sub-bootstrap program includes:
acquiring a current hash value of each sub-bootstrap program by adopting a preset hash algorithm;
acquiring a target hash value of the sub-boot program according to the current hash value of the sub-boot program and an initial hash value corresponding to the sub-boot program;
and in the two sub-booters adjacent in the starting order, the target hash value of the sub-booter with the previous starting order is used as the initial hash value corresponding to the sub-booter with the subsequent starting order, and the initial hash value corresponding to the sub-booter started first is a preset value.
In one embodiment, the sequentially obtaining, according to each sub-bootstrap program, the target hash value of each sub-bootstrap program includes:
acquiring a current hash value of each sub-bootstrap program by adopting a preset hash algorithm;
And determining the current hash value of the sub-bootstrap program as the target hash value of the sub-bootstrap program.
In one embodiment, the host bootstrap program includes a first sub-bootstrap program, a second sub-bootstrap program and a third sub-bootstrap program, where the first sub-bootstrap program, the second sub-bootstrap program and the third sub-bootstrap program are sequentially started, and the sequentially obtaining, according to each sub-bootstrap program, a target hash value of each sub-bootstrap program includes:
acquiring a current hash value of the first sub-bootstrap program by adopting a preset hash algorithm;
determining a target hash value of the first sub-bootstrap according to an initial hash value corresponding to the first sub-bootstrap and a current hash value of the first sub-bootstrap, wherein the initial hash value corresponding to the first sub-bootstrap is a preset value;
acquiring a current hash value of the second sub-bootstrap program by adopting the preset hash algorithm;
determining a target hash value of the second sub-bootstrap program according to the target hash value of the first sub-bootstrap program and the current hash value of the second sub-bootstrap program;
acquiring a current hash value of the third sub-bootstrap program by adopting the preset hash algorithm;
And determining the target hash value of the third sub-bootstrap program according to the target hash value of the second sub-bootstrap program and the current hash value of the third sub-bootstrap program.
In one embodiment, the first sub-boot program is an HBL program, the second sub-boot program is an HBB program, and the third sub-boot program is a Payload program, where the HBL program is used to load and execute the HBB program, the HBB program is used to initialize a chip and a peripheral component, and the Payload program is used to initialize peripheral driving parameter configuration.
In one embodiment, the method further comprises: and calling the plurality of sub-booths in sequence from the second storage unit.
In a second aspect, the present application also provides a processor comprising: the storage module is used for storing target hash values corresponding to a plurality of sub-boot programs in the host boot program, and the plurality of sub-boot programs are started in sequence;
the processing module is configured to sequentially and correspondingly obtain a target hash value of each sub-boot program according to each sub-boot program, output each target hash value to a first storage unit for storage, determine whether a starting environment of the host boot program is normal according to the target hash value stored in the first storage unit and the target hash value of each sub-boot program stored in the storage module, and determine whether to start the host boot program according to a comparison result of the target hash value stored in the first storage unit and a standard hash value of the host boot program when the starting environment is normal.
In a third aspect, the present application also provides a system for starting a host bootstrap program, where the system includes: the system comprises a second storage unit, a central processing unit, a memory unit and a processor; the second storage unit stores a host bootstrap program, the host bootstrap program comprises a plurality of sub bootstrap programs which are started in sequence, and the central processing unit invokes the host bootstrap program from the second storage unit into the memory unit;
the processor sequentially calls the plurality of sub-bootstrap programs from the memory unit through the central processing unit, sequentially and correspondingly obtains target hash values of the sub-bootstrap programs according to the sub-bootstrap programs, respectively outputs the target hash values to a first storage unit for storage, determines whether the starting environment of the host bootstrap program is normal according to the target hash values stored in the first storage unit and the target hash values corresponding to the sub-bootstrap programs, and determines whether to start the host bootstrap program according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host bootstrap program under the condition that the starting environment is normal.
In a fourth aspect, the present application further provides a device for starting a host bootstrap program, where the host bootstrap program includes a plurality of sub-bootstrap programs that are started in sequence. The device comprises:
the hash module is used for sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
the recording module is used for respectively outputting each target hash value to the first storage unit for storage;
the environment module is used for determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
and the starting module is used for determining whether to start the host bootstrap program according to the comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program under the condition that the starting environment is normal.
In a fifth aspect, the present application also provides a computer device. The computer device comprises a memory device and a processing device, wherein the memory device stores a computer program, and the processing device realizes the following steps when executing the computer program:
sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
Outputting each target hash value to a first storage unit for storage;
determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
and under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
In a sixth aspect, the present application also provides a computer readable storage medium. A computer readable storage medium having stored thereon a computer program which when executed by a processing device performs the steps of:
sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
outputting each target hash value to a first storage unit for storage;
determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
and under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
In a seventh aspect, the present application also provides a computer program product. Computer program product comprising a computer program which, when executed by a processing device, realizes the steps of:
sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
outputting each target hash value to a first storage unit for storage;
determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
and under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
According to the starting method of the host bootstrap program, the host bootstrap program comprises a plurality of sub bootstrap programs which are started in sequence, the target hash values of the sub bootstrap programs can be obtained correspondingly in sequence according to the sub bootstrap programs, the target hash values are respectively output to the first storage unit to be stored, and whether the starting environment of the host bootstrap program is normal or not is determined according to the target hash values stored in the first storage unit and the target hash values of the corresponding sub bootstrap programs, so that the safety verification of the starting environment of the host bootstrap program is realized; and under the condition that the starting environment is normal, further determining whether to start the host bootstrap program according to the comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program, for example, if the comparison result is consistent, the host bootstrap program is completely and reliably started, and if the comparison result is inconsistent, the host bootstrap program is possibly tampered and destroyed; the starting method of the host bootstrap program provided by the embodiment of the application can realize two safe verifications of the starting environment of the host bootstrap program and the complete credibility of the host bootstrap program, thereby ensuring that the host bootstrap program is normally started under the condition that the host bootstrap program is not tampered and destroyed and is complete credible, and further ensuring the safe starting of a CPU.
Drawings
FIG. 1 is a flow chart of a method for starting a host boot program in one embodiment;
FIG. 2 is a flow chart of step 102 in one embodiment;
FIG. 3 is a flowchart illustrating step 102 in another embodiment;
FIG. 4 is a flowchart of step 102 in another embodiment;
FIG. 5 is a flow chart of a method for starting a host boot program in another embodiment;
FIG. 6 is a block diagram of a host boot program startup system in one embodiment;
FIG. 7 is a block diagram of a host boot program startup device in one embodiment;
FIG. 8 is a schematic diagram of hardware interactions involved in reading HostBoot firmware components in one embodiment;
FIG. 9 is a schematic diagram of an extended hash value calculation flow of a HostBoot firmware component in one embodiment;
fig. 10 is a schematic diagram of a trusted boot flow of a HostBoot firmware component in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The method for starting the host boot program provided by the embodiment of the application can be applied to a microchip (Trusted Platform Module, TPM), and can also be called a trusted platform module or TPM chip. Among other things, a TPM chip can be understood as a security component, typically embedded on computer or server hardware. The TPM chip is a chip for providing security processing and storing sensitive information, and can improve the security and the credibility of the device. The TPM chip may include, but is not limited to, a Secure processing module (Secure Processor), a random number generator (Random Number Generator), cryptographic algorithms (Cryptographic Algorithms), memory modules (Memory), bus interfaces (Bus interfaces), and the like. The security processing module is a core part of the TPM chip and performs security functions of the chip, including key management, encryption and decryption operations and the like. The security processing module is a dedicated microcontroller with its own instruction set and memory space. The random number generator is used for generating random numbers for key generation and digital signature in the encryption operation and authentication process. The TPM chip supports a variety of cryptographic algorithms for encryption, decryption, and authentication operations. These algorithms include symmetric encryption algorithms (e.g., AES), asymmetric encryption algorithms (e.g., RSA), hash algorithms (e.g., SHA-256), and the like. The TPM chip has a small non-volatile memory module for storing keys, certificates and other sensitive data. The TPM chip can communicate with the host system through a bus interface, mainly using interfaces widely used in modern computer systems, such as SPI (Serial Peripheral Interface) or I2C (Inter-Integrated Circuit), etc. In the embodiment of the application, a platform configuration register (Platform Configuration Register, PCR) can be arranged in the TPM chip.
In one embodiment, as shown in fig. 1, there is provided a method for starting a host boot program, the method comprising the following steps 102 to 108:
step 102, sequentially and correspondingly acquiring target hash values of all the sub-booths according to the sub-booths.
The host boot program has a defined boot flow that is typically unchanged because if the boot flow changes, a series of boot anomalies may be caused. Accordingly, during the startup process of the host bootstrap program, the plurality of sub-bootstrap programs included in the host bootstrap program are generally started in sequence according to the already defined startup procedure.
One sub-boot corresponds to a unique target hash value, i.e., the TPM chip may obtain its unique target hash value from one sub-boot. The TPM chip can acquire the unique target hash value of each sub-boot program according to the starting sequence of each sub-boot program in turn.
Step 104, outputting each target hash value to the first storage unit for storage.
The first storage unit is configured independently of the TPM chip. The target hash value of each sub-boot may be stored in the first storage unit in the form of a system log (Eventlog). The first storage unit may be a hard disk or other storage unit where the power-down storage data of the system is not easy to lose. The TPM chip may output the target hash value of a sub-boot program to the first storage unit for storage each time the target hash value is obtained. In this way, the target hash values of the respective sub-booths are sequentially output to the first storage section to be stored in accordance with the start-up order of the respective sub-booths.
And step 106, determining whether the starting environment of the host boot program is normal or not according to the target hash value stored in the first storage unit and the target hash value of the corresponding sub boot program.
In the case that the starting environment of the host boot program is at a certain risk and is not normal, the target hash value stored in the first storage unit may be tampered and damaged. Accordingly, the TPM chip may determine whether the startup environment of the host boot program is normal according to the target hash value stored in the first storage unit and the target hash value of the corresponding sub boot program.
Optionally, in the process that the TPM chip sequentially obtains the target hash value of each sub-boot program, the target hash value of each sub-boot program may be synchronously stored in the TPM PCR. Accordingly, the TPM chip can determine whether the starting environment of the host boot program is normal according to the target hash value of each sub-boot program stored in the first storage unit and the target hash value of each sub-boot program stored in the TPM PCR
Illustratively, in the process that the TPM chip sequentially acquires the target hash values of the sub-booths, the target hash values of the last started sub-booths are synchronously stored in the TPM PCR. Accordingly, the TPM chip may determine whether the boot environment of the host boot program is normal according to the target hash value of the last boot sub-program stored in the first storage unit and the target hash value of the last boot sub-program stored in the TPM PCR.
For example, the TPM chip may determine whether the boot environment of the host boot program is normal according to whether the target hash value of the last boot sub-program stored in the first storage unit is consistent with the comparison result of the target hash value of the last boot sub-program stored in the TPM PCR. If the comparison result is inconsistent, the target hash value of the last started sub-bootstrap program stored in the first storage unit is different from the target hash value of the last started sub-bootstrap program stored in the TPM PCR, and the target hash value of the last started sub-bootstrap program stored in the first storage unit is tampered and damaged, so that the starting environment is determined to be abnormal. Under the condition that the starting environment is abnormal, the risk that the host boot program is tampered and damaged is high, so that the starting of the host boot program can be suspended at the moment, the unsafe starting of the host boot program is prevented, and the safety problem of a CPU is further prevented from being caused.
If the comparison result is consistent, the target hash value of the last started sub-bootstrap program stored in the first storage unit is still the same as the target hash value of the last started sub-bootstrap program stored in the TPM PCR, and the target hash value of the last started sub-bootstrap program stored in the first storage unit is not tampered and damaged, so that the normal starting environment is determined.
Step 108, under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to the comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
The standard hash value of the host boot program may be provided by a pre-stored system log (Reference Eventlog); that is, the standard hash value of each sub-boot program included in the host boot program is pre-stored in the pre-stored Reference Eventlog, wherein Reference Eventlog may be stored on a hard disk or other location that is not easily lost and cannot be tampered with. The hash algorithm of the pre-stored standard hash value in Reference Eventlog can be a hash algorithm SHA256 or a cryptographic algorithm SM3; the pre-stored standard hash value in Reference Eventlog may also be an extended hash value, where the extended hash value of a sub-boot is generally obtained by using the hash algorithm SHA256 and according to the hash value of the sub-boot and the initial hash value corresponding to the sub-boot.
Under normal boot conditions, the host boot program is less likely to be tampered with and damaged, and the host boot program is less likely to boot up non-securely. In the embodiment of the application, under the condition that the starting environment is normal, the complete credibility of the host boot program is further and directly determined, and the TPM chip can determine the complete credibility of the host boot program according to the comparison result of the target hash value stored in the first storage unit and the standard hash value of the host boot program.
For example, if the target hash value of each sub-boot program stored in the first storage unit is consistent with the standard hash value of each corresponding sub-boot program in Reference Eventlog, it indicates that each sub-boot program is tampered and damaged, and is complete and trusted, that is, the host boot program is not tampered and damaged. If the target hash value of at least one sub-boot program stored in the first storage unit is not consistent with the standard hash value of the corresponding sub-boot program in Reference Eventlog, the at least one sub-boot program is tampered and damaged, and thus the host boot program is tampered and damaged, and is not complete and reliable.
Under the condition that the host boot program is determined to be complete and reliable, the host boot program is determined to be started, and at the moment, the starting link of the host boot program is safe and reliable, so that safe starting of the CPU is ensured. Under the condition that the host boot program is tampered and damaged, the starting of the host boot program can be suspended, the unsafe starting of the host boot program is prevented, and the safety problem of the CPU is prevented from being caused.
According to the embodiment of the application, the target hash values of the sub-boot programs are sequentially and correspondingly obtained according to the sub-boot programs, the target hash values are respectively output to the first storage unit for storage, whether the starting environment of the host boot program is normal or not is determined according to the target hash values stored in the first storage unit and the target hash values of the corresponding sub-boot programs, and whether the host boot program is started or not is further determined according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host boot program under the condition that the starting environment is normal is determined, so that two security verifications of the starting environment of the host boot program and the complete reliability of the host boot program are realized in the starting process of the host boot program, and the host boot program is ensured to be normally started under the condition that the starting link of the host boot program is not tampered and destroyed and is complete and reliable, and the CPU is ensured to be safely started.
In one embodiment, as shown in FIG. 2, step 102 includes the following steps 202-204:
step 202, obtaining the current hash value of each sub-bootstrap program by adopting a preset hash algorithm.
Wherein, the preset hash algorithm can be written into the TPM chip, and the preset hash algorithm can be, but is not limited to, hash algorithm SHA256 or national encryption algorithm SM3. The TPM chip can acquire the current hash value of each sub-bootstrap program by adopting a preset hash algorithm; the current hash value of a sub-boot can be understood as a hash value calculated by a preset hash algorithm according to the sub-boot at the current time.
Step 204, determining that the current hash value of the sub-boot program is the target hash value of the sub-boot program.
The TPM chip may determine that the current hash value of the child bootstrap is the target hash value of the child bootstrap.
In the embodiment of the application, the target hash values (namely, the current hash values) stored in the first storage unit are respectively compared with the standard hash values of the corresponding sub-boot program in Reference Eventlog, so that the complete and reliable security verification of the main boot program is realized.
In another embodiment, as shown in fig. 3, step 102 includes the following steps 302-304:
Step 302, obtaining the current hash value of each sub-bootstrap program by adopting a preset hash algorithm.
Wherein, the preset hash algorithm can be written into the TPM chip, and the preset hash algorithm can be, but is not limited to, hash algorithm SHA256 or national encryption algorithm SM3. The TPM chip can acquire the current hash value of each sub-bootstrap program by adopting a preset hash algorithm.
Step 304, obtaining a target hash value of the sub-boot program according to the current hash value of the sub-boot program and the initial hash value corresponding to the sub-boot program; and in the two sub-booters adjacent in the starting order, the target hash value of the sub-booter with the previous starting order is used as the initial hash value corresponding to the sub-booter with the subsequent starting order, and the initial hash value corresponding to the sub-booter started first is a preset value.
The TPM chip can expand the current hash value of the sub-boot program and determine the expanded hash value obtained by expansion as the target hash value of the sub-boot program. That is, the TPM chip may obtain the extended hash value of the sub-boot program according to the current hash value of the sub-boot program and the initial hash value corresponding to the sub-boot program, and determine the extended hash value of the sub-boot program as the target hash value of the sub-boot program.
Illustratively, the TPM chip may acquire the extended hash value of the sub-boot program by using a preset hash algorithm according to the current hash value of the sub-boot program and the initial hash value corresponding to the sub-boot program; wherein the preset hash algorithm may be, but is not limited to, the hash algorithm SHA256.
In the embodiment of the application, the target hash values (namely, the extended hash values) stored in the first storage unit are respectively compared with the standard hash values of the corresponding sub-boot program in Reference Eventlog, so that the complete and reliable security verification of the main boot program is realized. Compared with the current hash value, the security and the encryption of the extended hash value are higher, the security verification of the main bootstrap program is realized by adopting the extended hash value, the reliability of the verification result is higher, the accuracy is higher, and the security verification effect is better.
In another embodiment thereof, as shown in FIG. 4, step 102 includes the following steps 402-412. The host bootstrap program comprises a first sub-bootstrap program, a second sub-bootstrap program and a third sub-bootstrap program, wherein the first sub-bootstrap program, the second sub-bootstrap program and the third sub-bootstrap program are started in sequence. It is understood that the third sub-boot program starts after the second sub-boot program starts, and that the second sub-boot program starts after the first sub-boot program starts.
Step 402, obtaining a current hash value of the first sub-bootstrap program by using a preset hash algorithm.
Illustratively, the TPM chip may acquire the current hash value of the first sub-boot program using the hash algorithm SHA256 or the cryptographic algorithm SM 3.
Step 404, determining a target hash value of the first sub-boot program according to the initial hash value corresponding to the first sub-boot program and the current hash value of the first sub-boot program, wherein the initial hash value corresponding to the first sub-boot program is a preset value.
For example, the TPM chip may determine the extended hash value of the first sub-boot program according to the initial hash value corresponding to the first sub-boot program and the current hash value of the first sub-boot program by using the hash algorithm SHA256, and further determine the extended hash value of the first sub-boot program as the target hash value of the first sub-boot program. Meanwhile, the target hash value of the first sub-boot program can be output to the first storage unit for storage, and the target hash value of the first sub-boot program can be output to the TPM PCR for storage, so that the target hash value of the second sub-boot program can be determined later.
Step 406, obtaining the current hash value of the second sub-bootstrap by using a preset hash algorithm.
Illustratively, the TPM chip may acquire the current hash value of the second sub-boot program using the hash algorithm SHA256 or the cryptographic algorithm SM 3.
Step 408, determining the target hash value of the second sub-boot program according to the target hash value of the first sub-boot program and the current hash value of the second sub-boot program.
The initial hash value corresponding to the second sub-bootstrap program is the target hash value of the first sub-bootstrap program.
For example, the TPM chip may determine the extended hash value of the second sub-boot program according to the target hash value of the first sub-boot program and the current hash value of the second sub-boot program using the hash algorithm SHA256, and further determine the extended hash value of the second sub-boot program as the target hash value of the second sub-boot program. Meanwhile, the target hash value of the second sub-boot program can be output to the first storage unit for storage, and the target hash value of the second sub-boot program can be output to the TPM PCR for storage, so that the target hash value of the third sub-boot program can be determined later.
In step 410, a preset hash algorithm is used to obtain a current hash value of the third sub-boot program.
Illustratively, the TPM chip may acquire the current hash value of the third sub-bootstrap using the hash algorithm SHA256 or the cryptographic algorithm SM 3.
Step 412, determining the target hash value of the third sub-bootstrap program based on the target hash value of the second sub-bootstrap program and the current hash value of the third sub-bootstrap program.
The initial hash value corresponding to the third sub-bootstrap program is the target hash value of the second sub-bootstrap program.
For example, the TPM chip may determine the extended hash value of the third sub-boot program according to the target hash value of the second sub-boot program and the current hash value of the third sub-boot program using the hash algorithm SHA256, and further determine the extended hash value of the third sub-boot program as the target hash value of the third sub-boot program. Meanwhile, the target hash value of the third sub-boot program can be output to the first storage unit for storage, and the target hash value of the third sub-boot program can be output to the TPM PCR for storage.
In the embodiment of the application, under the condition that the main bootstrap program comprises the first sub bootstrap program, the second sub bootstrap program and the third sub bootstrap program, the target hash values of the first sub bootstrap program, the second sub bootstrap program and the third sub bootstrap program are sequentially determined according to the starting sequence of the first sub bootstrap program, the second sub bootstrap program and the third sub bootstrap program, so that the starting environment and complete and reliable safety verification of the main bootstrap program can be realized according to the target hash values of the first sub bootstrap program, the second sub bootstrap program and the third sub bootstrap program.
Optionally, the first sub-boot program is a HBL (HostBoot Load) program, the second sub-boot program is a HBB (HostBoot Base) program, and the third sub-boot program is a Payload program, where the HBL program is used to load and execute the HBB program, the HBB program is started after the HBL program is started, the HBB program is used to initialize the chip and the peripheral component, the Payload program is started after the HBB program is started, and the Payload program is used to initialize the peripheral driver parameter configuration.
In the embodiment of the application, under the condition that the Hostboot program comprises the HBL program, the HBB program and the Payload program, the target hash values of the HBL program, the HBB program and the Payload program can be sequentially determined according to the starting sequence of the HBL program, the HBB program and the Payload program, so that the starting environment and complete and reliable security verification of the Hostboot program can be realized according to the target hash values of the HBL program, the HBB program and the Payload program.
Optionally, step 102 is preceded by a step of sequentially calling a plurality of sub-booths from the second storage unit.
Wherein the second storage unit is provided independently of the first storage unit and the TPM chip. The second storage unit may be a non-volatile memory (Flash). The TPM chip can sequentially call a plurality of sub-booths from the second storage unit so as to sequentially and correspondingly obtain the target hash value of each sub-booth according to each sub-booth.
The method for starting the host boot program provided by the embodiment of the present application is described in further detail below with reference to fig. 5, where the Hostboot program includes an HBL program, an HBB program, and a Payload program, the Payload program is started after the HBB program is started, and the HBB program is started after the HBL program is started:
in step 501, the tpm chip may obtain a first current hash value of the HBL program using a hash algorithm SHA 256.
In step 502, the TPM chip may determine an extended hash value of the HBL program according to an initial hash value (which is a preset value) corresponding to the HBL program and a current hash value of the HBL program, determine the extended hash value of the HBL program as a first target hash value of the HBL program, and output the first target hash value of the HBL program to a first storage unit for storage, and output the first target hash value of the HBL program to the TPM PCR for storage.
In step 503, the tpm chip may obtain a second current hash value of the HBB program using a hash algorithm SHA 256.
In step 504, the TPM chip may use a hash algorithm SHA256 to determine an extended hash value of the HBB program according to the target hash value of the HBL program and the current hash value of the HBB program, determine the extended hash value of the HBB program as a second target hash value of the HBB program, and output the second target hash value of the HBB program to the first storage unit for storage, and output the second target hash value of the HBB program to the TPM PCR for storage.
In step 505, the tpm chip may obtain a third current hash value of the Payload program using the hash algorithm SHA 256.
In step 506, the TPM chip may determine an extended hash value of the Payload program according to the target hash value of the HBB program and the current hash value of the Payload program by using the hash algorithm SHA256, determine the extended hash value of the Payload program as a third target hash value of the Payload program, and output the third target hash value of the Payload program to the first storage unit for storage, and output the third target hash value of the Payload program to the TPM PCR for storage.
In step 507, the TPM chip may determine whether the startup environment of the Hostboot program is normal according to a comparison result between the third target hash value of the Payload program stored in the first storage unit and the third target hash value of the Payload program stored in the TPM PCR.
Step 508, if the comparison result is inconsistent, determining that the starting environment of the Hostboot program is abnormal, and suspending the starting of the Hostboot program.
Step 509, if the comparison result is consistent, determining that the starting environment of the Hostboot program is normal. Under the condition that the starting environment of the Hostboot program is normal, the TPM chip can determine whether to start the Hostboot program according to comparison results of the first target hash value, the second target hash value and the third target hash value stored in the first storage unit and standard hash values of the HBL program, the HBB program and the Payload program which are prestored in Reference Eventlog respectively.
In step 510, if the first target hash value, the second target hash value, and the third target hash value are respectively consistent with the standard hash values of the HBL program, the HBB program, and the Payload program, it is determined that the host boot program is not tampered and damaged, and the host boot program is complete and trusted and can be started normally.
If at least one of the first, second and third target hash values is different from the corresponding standard hash value pre-stored in Reference Eventlog, determining that the host boot program is tampered and damaged, and suspending the start of the Hostboot program.
In the embodiment of the application, under the condition that the Hostboot program comprises an HBL program, an HBB program and a Payload program, according to the starting sequence of the HBL program, the HBB program and the Payload program, the first target hash value, the second target hash value and the third target hash value of the HBL program, the HBB program and the Payload program are sequentially determined, and the comparison result of the third target hash value of the Payload program stored in the first storage unit and the third target hash value of the Payload program stored in the TPM PCR is adopted to determine whether the starting environment of the Hostboot program is normal, so that the safety verification of the starting environment of the Hostboot program is realized. Under the condition that the starting environment of the Hostboot program is normal, the comparison result of the first target hash value, the second target hash value and the third target hash value stored in the first storage unit and the standard hash values of the HBL program, the HBB program and the Payload program pre-stored in Reference Eventlog is further adopted to determine whether to start the Hostboot program, so that complete and reliable safety verification of the Hostboot program is achieved, namely, the embodiment of the application achieves two safety verifications of the starting environment and the complete and reliable of the Hostboot program, and therefore, the Hostboot program is started normally under the condition that the Hostboot program is not tampered and damaged and is complete and reliable, and further safe starting of a CPU is guaranteed.
The method for starting the host boot program provided by the embodiment of the application realizes the HostBoot trusted starting based on the domestic Power architecture, and the specific implementation process is as follows:
the trusted boot is used for guaranteeing the security of the HostBoot boot link. The boot link refers to a well defined boot flow in the HostBoot firmware, and if the boot flow changes, a series of exceptions may be caused. The TPM is primarily responsible for computing the hash and storing the hash in the TPM PCR registers. The TPM PCRs are special registers used to store the hash values. Among them, the hash algorithms commonly used are SHA256, domestic algorithm SM2, and the like.
Referring to fig. 8, the HostBoot is a section of firmware code stored in Flash, the CPU reads the HostBoot from Flash to the memory through the QSPI bus, and the TPM reads the HostBoot from the memory through the SPI bus.
The HostBoot firmware component in the Power architecture includes HBL, HBB, payload, etc. The HBL is a piece of boot code, and is used to load and execute the HBB, which is mainly used to initialize the chipset and initialize the peripheral, and the Payload is the peripheral driver initialization configuration code. In the prescribed component order, component 1 (HBL) is followed by component 2 (HBB) and cannot be component 3 (Payload), which is determined by the Power firmware characteristics. Just because of the HostBoot startup link characteristic, the hash extension characteristic of TPM PCR is also determined. The TPM PCR hash extension is to calculate a new initial hash value through an SHA256 algorithm according to the current hash value and a pre-stored initial hash value.
Since the content of each component is different, the hash value obtained by the TPM hash algorithm is also a unique value, i.e., the same component can obtain the same hash value. Since the TPM PCRs are recalculated once each time, it is referred to EventLog how to ensure that the server platform components are trusted. Stored in EventLog are hash values and characteristics of all Power platform components used to record the platform component composition. Reference EventLog is EventLog pre-stored when the server leaves the factory, and is mainly characterized by ensuring whether the component platform is modified in the subsequent restarting process.
Referring to fig. 9, according to the specified component sequence:
the TPM calculates a current Hash value HBL_Hash of the HBL, calculates an extended Hash value Hash_1 through an SHA256 algorithm according to the HBL_Hash and lnit Hash_0 (lnit Hash_0 is a preset value) prestored in the TPM PCR, stores the Hash_1 in the TPM PCR, and stores the Hash_1 in the EventLog. Then, the TPM calculates a current Hash value HBB_Hash of the HBB, calculates an extended Hash value Hash_2 through an SHA256 algorithm according to the HBB_Hash and Hash_1 stored in the TPM PCR, stores the Hash_2 in the TPM PCR, and stores the Hash_2 in the EventLog. Then, the TPM calculates the current Hash value Pay_Hash of the Payload, calculates an extended Hash value Hash_3 through an SHA256 algorithm according to the Pay_Hash and Hash_2 stored in the TPM PCR, stores the Hash_3 in the TPM PCR, and stores the Hash_3 in the EventLog.
The trusted boot is added in the HostBoot to ensure the integrity in the process of starting the firmware, and is not destroyed, so that loopholes are initiated. The trusted starting flow is mainly used for ensuring that the content of the component in the starting process is not modified, so that the function of the component can be normally executed, and the integrity in the starting process is ensured. If the trusted boot is not available, an attacker can directly tamper with a certain block of code in the HostBoot component, so that the abnormal boot is caused.
Referring to fig. 10, the trusted boot flow includes:
1. firstly, transmitting each component (HBL, HBB, payLoad) of the HostBoot into a TPM, and calling a hash algorithm to calculate a current hash value; i.e. this step can enter data and calculate a hash value.
2. And expanding the calculated current hash value and an initial hash value prestored in the TPM PCR to obtain an expanded hash value. I.e., this step can extend the hash value to the TPM PCR.3. And storing the obtained expanded hash value into EventLog. I.e. the step may log.
4. Comparing the EventLog median (Event Log hash value) obtained after the HostBoot firmware component is finished with the TPM PCR median (namely the extended hash value, and the TPM PCR last hash value) to verify whether the current starting environment is normal or not; if the comparison results are consistent, the execution is continued normally, otherwise, an administrator is notified and the starting is suspended. That is, the step can authenticate whether the current startup log is consistent with the storage.
5. Comparing the EventLog median with the Reference EventLog median, and authenticating whether the currently started platform assembly is consistent with the expected platform assembly; if the comparison results are consistent, the machine state is trusted, starting is continued, otherwise, an administrator is notified and starting is suspended. That is, this step can authenticate whether the current startup is consistent with the last startup state.
It should be understood that, although the steps in the flowcharts related to the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a processor. In one embodiment, the processor includes a storage module and a processing module, where the storage module is configured to store target hash values corresponding to a plurality of sub-boot programs in a host boot program, and the plurality of sub-boot programs are started in sequence; the processing module is used for sequentially and correspondingly acquiring target hash values of the sub-boot programs according to the sub-boot programs, respectively outputting the target hash values to the first storage unit for storage, determining whether the starting environment of the host boot program is normal or not according to the target hash values stored in the first storage unit and the target hash values of the sub-boot programs stored in the storage module, and determining whether to start the host boot program according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host boot program under the condition that the starting environment is normal.
The processor provided by the embodiment of the application realizes two safety verification of the starting environment of the host bootstrap program and the complete credibility of the host bootstrap program, thereby ensuring that the host bootstrap program is normally started under the condition that the host bootstrap program is not tampered and destroyed and is complete and credible, and further ensuring the safe starting of the CPU.
It should be noted that, the processor provided in the embodiment of the present application may also be used to execute the steps of the method for starting the host boot program in any of the foregoing embodiments.
Based on the same inventive concept, the embodiment of the application also provides a starting system of the host bootstrap program. In one embodiment, as shown in fig. 6, the starting system of the host bootstrap program includes a first storage unit 601, a second storage unit 602, a central processor 603, a memory unit 605 and a processor 604; the second storage unit 602 stores a host bootstrap program, where the host bootstrap program includes a plurality of sub-bootstrap programs that are started in sequence, and the cpu 603 invokes the host bootstrap program from the second storage unit 602 to the memory unit 605; the processor 604 sequentially calls a plurality of sub-boot programs from the memory unit 605, sequentially and correspondingly obtains target hash values of the sub-boot programs according to the sub-boot programs, respectively outputs the target hash values to the first storage unit 601 for storage, determines whether the starting environment of the host boot program is normal according to the target hash values stored in the first storage unit 601 and the target hash values of the corresponding sub-boot programs, and determines whether to start the host boot program according to the comparison result of the target hash values stored in the first storage unit 601 and the standard hash values of the host boot program under the condition that the starting environment is normal.
The starting system of the host bootstrap program provided by the embodiment of the application realizes two safe verifications of the starting environment of the host bootstrap program and the complete and reliable host bootstrap program, thereby ensuring that the host bootstrap program is normally started under the condition that the host bootstrap program is not tampered and damaged and is complete and reliable, and further ensuring the safe starting of a CPU.
It should be noted that, the processor in the boot system of the host boot program provided in the embodiment of the present application may also be used to execute the steps of the method for booting the host boot program in any of the foregoing embodiments.
Based on the same inventive concept, the embodiment of the application also provides a starting device of the host boot program for realizing the starting method of the host boot program. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of the starting device of the host bootstrap program or programs provided below may be referred to the limitation of the starting method of the host bootstrap program hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 7, there is provided a starting device of a host boot program, including: a hash module 710, a record module 720, an environment module 730, and a start module 740, wherein:
The hash module 710 is configured to sequentially and correspondingly obtain the target hash value of each sub-bootstrap according to each sub-bootstrap.
The recording module 720 is configured to output each target hash value to the first storage unit for storage.
The environment module 730 is configured to determine whether the starting environment of the host bootstrap program is normal according to the target hash value stored in the first storage unit and the target hash value of the corresponding sub-bootstrap program.
The starting module 740 is configured to determine whether to start the host bootstrap according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap when the starting environment is normal.
In one embodiment, the hash module 710 is configured to obtain a current hash value of each sub-bootstrap program by using a preset hash algorithm; acquiring a target hash value of the sub-boot program according to the current hash value of the sub-boot program and the initial hash value corresponding to the sub-boot program; and in the two sub-booters adjacent in the starting order, the target hash value of the sub-booter with the previous starting order is used as the initial hash value corresponding to the sub-booter with the subsequent starting order, and the initial hash value corresponding to the sub-booter started first is a preset value.
In one embodiment, the hash module 710 is configured to obtain a current hash value of each sub-bootstrap program by using a preset hash algorithm; the current hash value of the sub-boot program is determined to be the target hash value of the sub-boot program.
In one embodiment, the host bootstrap program includes a first sub-bootstrap program, a second sub-bootstrap program, and a third sub-bootstrap program, where the first sub-bootstrap program, the second sub-bootstrap program, and the third sub-bootstrap program are sequentially started, and the hash module 710 is configured to obtain a current hash value of the first sub-bootstrap program by using a preset hash algorithm; determining a target hash value of the first sub-bootstrap program according to an initial hash value corresponding to the first sub-bootstrap program and a current hash value of the first sub-bootstrap program, wherein the initial hash value corresponding to the first sub-bootstrap program is a preset value; acquiring a current hash value of the second sub-bootstrap program by adopting a preset hash algorithm; determining a target hash value of the second sub-bootstrap program according to the target hash value of the first sub-bootstrap program and the current hash value of the second sub-bootstrap program; acquiring a current hash value of the third sub-bootstrap program by adopting a preset hash algorithm; and determining the target hash value of the third sub-bootstrap program according to the target hash value of the second sub-bootstrap program and the current hash value of the third sub-bootstrap program.
In one embodiment, the host bootstrap apparatus further includes a calling module for sequentially calling the plurality of sub-booths from the second storage unit.
The various modules in the host bootstrap apparatus described above may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processing device, carries out the steps of the method embodiments described above.
In an embodiment a computer program product is provided comprising a computer program which, when executed by a processing device, carries out the steps of the method embodiments described above.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to a storage device, database, or other medium used in embodiments provided herein may include at least one of a non-volatile and volatile storage device. The nonvolatile Memory device may include a Read-Only Memory device (ROM), a magnetic tape, a floppy disk, a flash Memory, an optical Memory device, a high-density embedded nonvolatile Memory device, a resistive Memory device (ReRAM), a magneto-rheological Memory device (Magnetoresistive Random Access Memory, MRAM), a ferroelectric Memory device (Ferroelectric Random Access Memory, FRAM), a phase-change Memory device (Phase Change Memory, PCM), a graphene Memory device, and the like. Volatile memory devices can include random access memory devices (Random Access Memory, RAM) or external cache memory devices, and the like. By way of illustration and not limitation, RAM can take many forms, such as static random access memory devices (Static Random Access Memory, SRAM) or dynamic random access memory devices (Dynamic Random Access Memory, DRAM), etc. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processing device according to the embodiments of the present application may be a general-purpose processing device, a central processing device, a graphics processing device, a digital signal processing device, a programmable logic device, a data processing logic device based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.
Claims (10)
1. A method for starting a host boot program, wherein the host boot program comprises a plurality of sub-boot programs that are started in sequence, the method comprising:
sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
outputting each target hash value to a first storage unit for storage;
determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
And under the condition that the starting environment is normal, determining whether to start the host bootstrap program according to a comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program.
2. The method according to claim 1, wherein the sequentially obtaining the target hash value of each sub-boot program according to each sub-boot program includes:
acquiring a current hash value of each sub-bootstrap program by adopting a preset hash algorithm;
acquiring a target hash value of the sub-boot program according to the current hash value of the sub-boot program and an initial hash value corresponding to the sub-boot program;
and in the two sub-booters adjacent in the starting order, the target hash value of the sub-booter with the previous starting order is used as the initial hash value corresponding to the sub-booter with the subsequent starting order, and the initial hash value corresponding to the sub-booter started first is a preset value.
3. The method according to claim 1, wherein the sequentially obtaining the target hash value of each sub-boot program according to each sub-boot program includes:
Acquiring a current hash value of each sub-bootstrap program by adopting a preset hash algorithm;
and determining the current hash value of the sub-bootstrap program as the target hash value of the sub-bootstrap program.
4. The method of claim 1, wherein the host boot program comprises a first sub-boot program, a second sub-boot program, and a third sub-boot program, wherein the first sub-boot program, the second sub-boot program, and the third sub-boot program are sequentially started, and wherein the sequentially obtaining the target hash value of each sub-boot program according to each sub-boot program comprises:
acquiring a current hash value of the first sub-bootstrap program by adopting a preset hash algorithm;
determining a target hash value of the first sub-bootstrap according to an initial hash value corresponding to the first sub-bootstrap and a current hash value of the first sub-bootstrap, wherein the initial hash value corresponding to the first sub-bootstrap is a preset value;
acquiring a current hash value of the second sub-bootstrap program by adopting the preset hash algorithm;
determining a target hash value of the second sub-bootstrap program according to the target hash value of the first sub-bootstrap program and the current hash value of the second sub-bootstrap program;
Acquiring a current hash value of the third sub-bootstrap program by adopting the preset hash algorithm;
and determining the target hash value of the third sub-bootstrap program according to the target hash value of the second sub-bootstrap program and the current hash value of the third sub-bootstrap program.
5. The method of claim 4, wherein the first sub-boot program is an HBL program, the second sub-boot program is an HBB program, and the third sub-boot program is a Payload program, wherein the HBL program is configured to load and execute the HBB program, wherein the HBB program is configured to initialize a chip and a peripheral component, and wherein the Payload program is configured to initialize a peripheral driver parameter configuration.
6. The method according to claim 1, wherein the method further comprises:
and calling the plurality of sub-booths in sequence from the second storage unit.
7. A processor, comprising:
the storage module is used for storing target hash values corresponding to a plurality of sub-boot programs in the host boot program, wherein the plurality of sub-boot programs are started in sequence;
the processing module is used for sequentially and correspondingly acquiring target hash values of the sub-boot programs according to the sub-boot programs, respectively outputting the target hash values to a first storage unit for storage, determining whether the starting environment of the host boot program is normal or not according to the target hash values stored in the first storage unit and the target hash values of the sub-boot programs stored in the storage module, and determining whether the host boot program is started or not according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host boot program under the condition that the starting environment is normal.
8. A system for starting a host boot program, comprising: the system comprises a first storage unit, a second storage unit, a central processing unit, a memory unit and a processor; the second storage unit stores a host bootstrap program, wherein the host bootstrap program comprises a plurality of sub bootstrap programs which are started in sequence; the central processing unit invokes the host boot program from the second storage unit to the memory unit;
the processor sequentially calls the plurality of sub-bootstrap programs from the memory unit through the central processing unit, sequentially and correspondingly obtains target hash values of the sub-bootstrap programs according to the sub-bootstrap programs, respectively outputs the target hash values to the first storage unit for storage, determines whether the starting environment of the host bootstrap program is normal according to the target hash values stored in the first storage unit and the target hash values corresponding to the sub-bootstrap programs, and determines whether to start the host bootstrap program according to the comparison result of the target hash values stored in the first storage unit and the standard hash values of the host bootstrap program under the condition that the starting environment is normal.
9. A device for starting a host boot program, wherein the host boot program comprises a plurality of sub boot programs that are started in sequence, the device comprising:
the hash module is used for sequentially and correspondingly acquiring target hash values of the sub-bootstrap programs according to the sub-bootstrap programs;
the recording module is used for respectively outputting each target hash value to the first storage unit for storage;
the environment module is used for determining whether the starting environment of the host bootstrap program is normal or not according to the target hash value stored in the first storage unit and the target hash value corresponding to the sub bootstrap program;
and the starting module is used for determining whether to start the host bootstrap program according to the comparison result of the target hash value stored in the first storage unit and the standard hash value of the host bootstrap program under the condition that the starting environment is normal.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processing device, implements the steps of the method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311162224.8A CN117193863A (en) | 2023-09-08 | 2023-09-08 | Method, device, system and processor for starting host bootstrap program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311162224.8A CN117193863A (en) | 2023-09-08 | 2023-09-08 | Method, device, system and processor for starting host bootstrap program |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117193863A true CN117193863A (en) | 2023-12-08 |
Family
ID=88982999
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311162224.8A Pending CN117193863A (en) | 2023-09-08 | 2023-09-08 | Method, device, system and processor for starting host bootstrap program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117193863A (en) |
Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684327B1 (en) * | 2000-12-12 | 2004-01-27 | International Business Machines Corporation | Extensible, flexible, memory efficient technique for network boot without special DHCP/PXE hardware |
| JP2011257211A (en) * | 2010-06-08 | 2011-12-22 | Sony Corp | Signal observation device and signal observation method |
| KR20140082542A (en) * | 2012-12-22 | 2014-07-02 | 삼성전자주식회사 | Method and apparatus for supporting dynamic change of authentication means for secure booting |
| JP2015022521A (en) * | 2013-07-19 | 2015-02-02 | スパンション エルエルシー | Secure boot method, built-in apparatus, secure boot device and secure boot program |
| WO2015078809A1 (en) * | 2013-11-28 | 2015-06-04 | Siemens Ag Österreich | Method for a secure boot-up process of an electronic system |
| KR20160096391A (en) * | 2015-02-05 | 2016-08-16 | 한국전자통신연구원 | Apparatus and Method for Security of Portable Terminal Based on Platform Integrity Verification |
| CN108563959A (en) * | 2018-04-24 | 2018-09-21 | 努比亚技术有限公司 | File encrypting method, device and computer storage media |
| CN110378109A (en) * | 2019-06-26 | 2019-10-25 | 中国科学院信息工程研究所 | Reduce the method and system of chain type Hash stack performance loss |
| CN110555309A (en) * | 2019-09-10 | 2019-12-10 | 深圳市英博超算科技有限公司 | Starting method, starting device, terminal and computer readable storage medium |
| CN111008379A (en) * | 2019-11-22 | 2020-04-14 | 腾讯科技(深圳)有限公司 | Firmware safety detection method of electronic equipment and related equipment |
| CN111859402A (en) * | 2020-07-30 | 2020-10-30 | 山东超越数控电子股份有限公司 | Safe boot method and device based on UEFI BIOS start |
| CN112445537A (en) * | 2020-12-11 | 2021-03-05 | 中国科学院信息工程研究所 | Trusted starting method and device of operating system, mobile terminal and storage medium |
| CN114385215A (en) * | 2022-03-25 | 2022-04-22 | 江铃汽车股份有限公司 | Software upgrading method and system |
| WO2023024900A1 (en) * | 2021-08-26 | 2023-03-02 | 华为技术有限公司 | Method for secure boot checking and electronic device |
| CN115878199A (en) * | 2022-11-18 | 2023-03-31 | 山东产研鲲云人工智能研究院有限公司 | Method, device and equipment for starting operating system of chip and storage medium |
| CN116032484A (en) * | 2022-12-07 | 2023-04-28 | 四川恒湾科技有限公司 | Method and device for safely starting communication equipment and electronic equipment |
| KR20230091660A (en) * | 2021-12-16 | 2023-06-23 | 주식회사 텔레칩스 | Method and apparatus for verify software integrity |
| CN116501409A (en) * | 2023-04-27 | 2023-07-28 | 合芯科技(苏州)有限公司 | Dual-Flash-based server starting method, computer equipment and storage medium |
-
2023
- 2023-09-08 CN CN202311162224.8A patent/CN117193863A/en active Pending
Patent Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684327B1 (en) * | 2000-12-12 | 2004-01-27 | International Business Machines Corporation | Extensible, flexible, memory efficient technique for network boot without special DHCP/PXE hardware |
| JP2011257211A (en) * | 2010-06-08 | 2011-12-22 | Sony Corp | Signal observation device and signal observation method |
| KR20140082542A (en) * | 2012-12-22 | 2014-07-02 | 삼성전자주식회사 | Method and apparatus for supporting dynamic change of authentication means for secure booting |
| JP2015022521A (en) * | 2013-07-19 | 2015-02-02 | スパンション エルエルシー | Secure boot method, built-in apparatus, secure boot device and secure boot program |
| WO2015078809A1 (en) * | 2013-11-28 | 2015-06-04 | Siemens Ag Österreich | Method for a secure boot-up process of an electronic system |
| KR20160096391A (en) * | 2015-02-05 | 2016-08-16 | 한국전자통신연구원 | Apparatus and Method for Security of Portable Terminal Based on Platform Integrity Verification |
| CN108563959A (en) * | 2018-04-24 | 2018-09-21 | 努比亚技术有限公司 | File encrypting method, device and computer storage media |
| CN110378109A (en) * | 2019-06-26 | 2019-10-25 | 中国科学院信息工程研究所 | Reduce the method and system of chain type Hash stack performance loss |
| CN110555309A (en) * | 2019-09-10 | 2019-12-10 | 深圳市英博超算科技有限公司 | Starting method, starting device, terminal and computer readable storage medium |
| CN111008379A (en) * | 2019-11-22 | 2020-04-14 | 腾讯科技(深圳)有限公司 | Firmware safety detection method of electronic equipment and related equipment |
| CN111859402A (en) * | 2020-07-30 | 2020-10-30 | 山东超越数控电子股份有限公司 | Safe boot method and device based on UEFI BIOS start |
| CN112445537A (en) * | 2020-12-11 | 2021-03-05 | 中国科学院信息工程研究所 | Trusted starting method and device of operating system, mobile terminal and storage medium |
| WO2023024900A1 (en) * | 2021-08-26 | 2023-03-02 | 华为技术有限公司 | Method for secure boot checking and electronic device |
| KR20230091660A (en) * | 2021-12-16 | 2023-06-23 | 주식회사 텔레칩스 | Method and apparatus for verify software integrity |
| CN114385215A (en) * | 2022-03-25 | 2022-04-22 | 江铃汽车股份有限公司 | Software upgrading method and system |
| CN115878199A (en) * | 2022-11-18 | 2023-03-31 | 山东产研鲲云人工智能研究院有限公司 | Method, device and equipment for starting operating system of chip and storage medium |
| CN116032484A (en) * | 2022-12-07 | 2023-04-28 | 四川恒湾科技有限公司 | Method and device for safely starting communication equipment and electronic equipment |
| CN116501409A (en) * | 2023-04-27 | 2023-07-28 | 合芯科技(苏州)有限公司 | Dual-Flash-based server starting method, computer equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 杨霞,雷林,吴新勇,吴开均,桑楠: "采用数字签名技术的可信启动方法研究", 信息科技, vol. 45, no. 3, 11 May 2016 (2016-05-11) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109710315B (en) | BIOS (basic input output System) flash writing method and BIOS mirror image file processing method | |
| KR101066727B1 (en) | Secure booting a computing device | |
| CN111030822B (en) | Method and system for protecting firmware, and computer readable medium | |
| US8065509B2 (en) | Persistent security system and method | |
| US10482256B2 (en) | Information processing apparatus and method of controlling the apparatus | |
| TW201500960A (en) | Detection of secure variable alteration in a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware | |
| JP6391439B2 (en) | Information processing apparatus, server apparatus, information processing system, control method, and computer program | |
| WO2021249359A1 (en) | Data integrity protection method and apparatus | |
| US11068599B2 (en) | Secure initialization using embedded controller (EC) root of trust | |
| JP2015022521A (en) | Secure boot method, built-in apparatus, secure boot device and secure boot program | |
| US20210367781A1 (en) | Method and system for accelerating verification procedure for image file | |
| US9928367B2 (en) | Runtime verification | |
| CN109586898B (en) | Dual-system communication key generation method and computer-readable storage medium | |
| US11657157B2 (en) | Secure boot system, method and apparatus | |
| CN114547618A (en) | Safe starting method and device based on Linux system, electronic equipment and storage medium | |
| CN117193863A (en) | Method, device, system and processor for starting host bootstrap program | |
| JP5961059B2 (en) | Information processing apparatus and activation method thereof | |
| WO2016024967A1 (en) | Secure non-volatile random access memory | |
| CN110781527B (en) | Control register protection method and device | |
| US11520662B2 (en) | Recovery from corruption | |
| CN110990840A (en) | Method and device for starting equipment | |
| CN111357003A (en) | Data protection in a pre-operating system environment | |
| US11966748B2 (en) | Dynamic boot configuration | |
| TWI728377B (en) | Secure boot system, method and apparatus | |
| CN109598150B (en) | Key using method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |