CN103226505B - A kind of method and apparatus verifying basic input-output system BIOS - Google Patents
A kind of method and apparatus verifying basic input-output system BIOS Download PDFInfo
- Publication number
- CN103226505B CN103226505B CN201310140989.1A CN201310140989A CN103226505B CN 103226505 B CN103226505 B CN 103226505B CN 201310140989 A CN201310140989 A CN 201310140989A CN 103226505 B CN103226505 B CN 103226505B
- Authority
- CN
- China
- Prior art keywords
- check value
- verification
- content
- heuristic information
- code area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
nullThe embodiment of the present invention provides a kind of method and apparatus verifying BIOS,The verification heuristic information that described method is pre-set by reading,Store the initial address of every section of code area and the first check value of every section of code area、The initial address in every segment data district、First check value in every segment data district,Compare the first check value and second check value of described every section of code area of described every section of code area,Compare the first check value and second check value in described every segment data district in described every segment data district,The damage of BIOS content is then returned when differing,Thus realize all standing detection of data field and code area in BIOS content,And the BIOS detection algorithm of universal flexible can be realized,Automatically BIOS Specification upgrading is adapted to,To traditional B IOS、Extensible Firmware Interface (Extensible Firmware Interface,EFI) BIOS is the most applicable,And,In checking procedure,Can skip the clear area in BIOS content,Realize high efficiency BIOS content on-line checking algorithm,Reduce performance consumption to greatest extent.
Description
Technical field
The present invention relates to computer realm, refer more particularly to a kind of method and apparatus verifying basic input-output system BIOS.
Background technology
Basic input output system (BasicInputOutputSystem, BIOS) before activation, first can carry out self-inspection to the content of self, to guarantee correctly to start.The BIOS of current computer systems main flow uses Electrically Erasable Read Only Memory EEPROM, flash memory FLASH etc. as the memory device of its firmware.Owing to the reliability of these devices itself is the highest, it may happen that bit saltus step, content damage etc., cause BIOS fail self-test in start-up course, computer system cannot start, in order to prevent BIOS/firmware content in computer system running from surprisingly breaking down, impact starts next time, needs a kind of efficient online test method, find this fault in time, in order to repair.
In prior art, when, after system start-up, reading BIOS/firmware content copy portion preservation entirely at once.During on-line operation, periodically read the full content of BIOS/firmware, with copied content byte-by-byte comparison.If variant, then can determine whether that BIOS content is damaged.Or, similar, after system start-up, read BIOS content, calculate initial check value for it, and preserve this check value.During on-line operation, the periodically full content of reading BIOS/firmware, and calculate its check value, compare with initial check value.If variant, also can determine whether that BIOS content is damaged.Owing to nowadays BIOS file size has reached several Mbytes, and the medium of main flow BIOS/firmware storage is generally low-speed device, and the most this comparison needs to carry out heavy I O access and computing, and efficiency is the lowest.Additionally, this technology is not the most reliable.Because it based on a kind of it is assumed that i.e. after system start-up, the BIOS content that detection program reads for the first time is intact.If after BIOS self-inspection, before detection program does not the most read BIOS content, BIOS content there occurs damage, then this hypothesis is the most no longer set up.
In another kind of prior art, BIOS content is divided into code area and configuration data field.Code area preserve be BIOS program content, be changeless, and configure data field preserve be BIOS configuration data, content may change, such as, user modifies in BIOS arranges menu, i.e. can cause configuration data variation.According to the bios code district changeless feature of content, with the address realm in BIOS developer's agreed code district, checking algorithm, check value, detection program in system operation, the online code area content that reads, and address realm according to a preconcerted arrangement, checking algorithm, check value verify.Owing to bios version updates, code area size often changes, and the address realm of agreement, check value need often change, therefore the versatility detecting program is bad, need often to adapt to bios version change, and, this detection algorithm cannot cover the exception that configuration data field occurs.
Summary of the invention
Embodiments provide a kind of method verifying BIOS, it is intended to solve how to detect whether code area and data field in BIOS occur abnormal and how to skip the clear area in BIOS content.
First aspect, a kind of method verifying basic input-output system BIOS, described method includes:
Read the verification heuristic information pre-set, and judge that described verification heuristic information is the most correct;
When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;
Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
In conjunction with first aspect, in the first possible implementation of first aspect, the verification heuristic information that described reading pre-sets, and judge that described verification heuristic information is the most correct, including:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
In conjunction with the first possible implementation of first aspect, in the implementation that the second of first aspect is possible, described method also includes:
When the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
In conjunction with the implementation that the first possible implementation of first aspect or the second of first aspect are possible, in the third possible implementation of first aspect, described method also includes:
When the check value prestored in the check value judging described content and described verification heuristic information differs, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
The implementation possible in conjunction with the first possible implementation of first aspect or first aspect or the second of first aspect or the third possible implementation of first aspect, in the 4th kind of possible implementation of first aspect, described verification heuristic information includes:
Uniquely identify GUID, the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
The implementation possible in conjunction with the first possible implementation of first aspect or first aspect or the second of first aspect or the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation of first aspect, described method, before step stores first check value in the initial address of described every section of code area and the first check value of described every section of code area, the initial address in described every segment data district, every segment data district, also includes;
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
Second aspect, a kind of equipment verifying basic input-output system BIOS, described equipment includes:
Read unit, for reading the verification heuristic information pre-set;
Judging unit, is used for judging that described verification heuristic information is the most correct;
First computing unit, for when judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, calculate first check value in every segment data district according to described every segment data district content;
Memory element, for storing initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
Second computing unit, initial address for the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
First comparing unit, for the first check value and second check value of described every section of code area of relatively described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then returns BIOS content and damages;
Second comparing unit, the first check value for described every segment data district and second check value in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
In conjunction with second aspect, in the first possible implementation of second aspect, described reading unit, specifically for:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Described judging unit, specifically for:
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
In conjunction with the first possible implementation of second aspect, in the implementation that the second of second aspect is possible, described equipment also includes:
First searches unit, for when the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jumps to next alignment address, continues to search for described verification heuristic information.
In conjunction with the implementation that the first possible implementation of second aspect or the second of second aspect are possible, in the third possible implementation of second aspect, described equipment also includes:
Second searches unit, during for differing when the check value prestored in the check value judging described content and described verification heuristic information, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
The implementation possible in conjunction with the first possible implementation of second aspect or second aspect or the second of second aspect or the third possible implementation of second aspect, in the 4th kind of possible implementation of second aspect, described verification heuristic information includes:
Uniquely identify GUID, the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
The implementation possible in conjunction with the first possible implementation of second aspect or second aspect or the second of second aspect or the third possible implementation of second aspect or the 4th kind of possible implementation of second aspect, in the 5th kind of possible implementation of second aspect, described memory element is additionally operable to:
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
The embodiment of the present invention provides a kind of method verifying BIOS, the verification heuristic information that described method is pre-set by reading, and judges that described verification heuristic information is the most correct;When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content to damage, thus realize all standing detection of data field and code area in BIOS content, and the BIOS detection algorithm of universal flexible can be realized, automatically BIOS Specification upgrading is adapted to, to traditional B IOS, Extensible Firmware Interface (ExtensibleFirmwareInterface, EFI) BIOS is the most applicable, and, in checking procedure, can skip the clear area in BIOS content, realize high efficiency BIOS content on-line checking algorithm, reduce performance consumption to greatest extent.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, the accompanying drawing used required in embodiment or description of the prior art will be briefly described below, apparently, accompanying drawing in describing below is only some embodiments of the present invention, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is a kind of method flow diagram verifying BIOS that the embodiment of the present invention provides;
Fig. 2 is a kind of BIOS content structure figure that the embodiment of the present invention provides;
Fig. 3 is a kind of content structure figure verifying heuristic information that the embodiment of the present invention provides;
Fig. 4 is a kind of on-line testing process schematic that the embodiment of the present invention provides;
Fig. 5 is a kind of equipment structure chart verifying BIOS that the embodiment of the present invention provides;
Fig. 6 is the equipment structure chart of the another kind of verification BIOS that the embodiment of the present invention provides.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into the scope of protection of the invention.
It is a kind of method flow diagram verifying BIOS that the embodiment of the present invention provides with reference to Fig. 1, Fig. 1.As it is shown in figure 1, said method comprising the steps of:
Step 101, reads the verification heuristic information pre-set, and judges that described verification heuristic information is the most correct;
Wherein, described verification heuristic information includes:
Unique mark (GloballyUniqueIdentifier, GUID), the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
It is a kind of BIOS content structure figure that the embodiment of the present invention provides with reference to Fig. 2, Fig. 2.As in figure 2 it is shown, BIOS content is divided into data field and code area, verification heuristic information is set in data field.Described verification heuristic information stores corresponding content according to the form pre-set, and such as, it is a kind of content structure figure verifying heuristic information that the embodiment of the present invention provides that its storage format is referred to Fig. 3, Fig. 3.
In Fig. 3, the set form of described verification heuristic information storage content can be arranged according to unique mark, the total hop count in code area, the initial address of every section of code area and the check value of correspondence every section code area, the total hop count in data field, the initial address in every segment data district and the check value in correspondence every segment data district, the total length of described verification heuristic information, the described check value of verification heuristic information, the sequencing of terminating symbol.
Alternatively, the verification heuristic information that described reading pre-sets, and judge that described verification heuristic information is the most correct, including:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
Alternatively, described method also includes:
When the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
Alternatively, described method also includes:
When the check value prestored in the check value judging described content and described verification heuristic information differs, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
Concrete, according to the possible address stored of verification heuristic information made an appointment to access data field, such as, arrange the block size 4KB using BIOSFLASH and the rule as address align is accessed data field, then verification heuristic information may leave on the addresses such as 0k, 4k, 8k, 12k.
nullAs shown in Figure 3,First read block0,The form of content is prestored to read GUID according to verification heuristic information,The length of the content every time accessed is the total length of verification heuristic information,When the GUID found in block0 is different with the GUID in verification heuristic information,Then access next block1,It is again seen that the GUID in block1 is different with the GUID in verification heuristic information,Then continue to access next block2 etc.,The like,When having access to some blockn,Find that the GUID in blockn is identical with the GUID in verification heuristic information,Then calculate the check value accessing content in blockn,Judge that this check value is the most identical with the check value in described verification heuristic information,When the check value prestored in check value and the described verification heuristic information of described content is identical,Then judge that the access content in blockn is verification heuristic information.
Step 102, when judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, calculate first check value in every segment data district according to described every segment data district content;
As shown in Figure 3, the content prestored according to described verification heuristic information, extract the first check value of every section of code area and the initial address of every section of code area accordingly, extract the initial address in every segment data district, access every segment data district and calculate the first check value of this data field.
Step 103, stores initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
Alternatively, described method, before step stores first check value in the initial address of described every section of code area and the first check value of described every section of code area, the initial address in described every segment data district, every segment data district, also includes;
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
As it is shown on figure 3, storage code area hop count, the initial address of every section of code area and the first check value of every section of code area, data field hop count, the initial address in every segment data district and first check value in every segment data district.
When reading the first check value not storing wherein one section of code area in described verification heuristic information, clear area such as Fig. 3, the most do not store the initial address of this clear area, when according to when in described verification heuristic information, wherein the initial address reading in one piece of data district finds that wherein one piece of data district content is for sky, the most do not calculate the check value that this content is empty data field, do not store the initial address that this content is empty data field.Do so, can skip BIOS content when subsequent check be empty clear area, thus reduces performance consumption to greatest extent.
Step 104, the initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
First check value of step 105, relatively described every section of code area and the second check value of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
It is a kind of on-line testing process schematic that the embodiment of the present invention provides with reference to Fig. 4, Fig. 4.As shown in Figure 4, the content of every section of code area in the initial address reading BIOS of every section of code area according to storage, and calculate the second check value of this every section code area, the first check value of this code area with prestoring contrasts, if identical, then illustrate that the content of this section of code area is correct;If differing, then illustrate that the content of this section of code area is incorrect, then return this section of code area content and damage, it is also possible to return the initial address of the code area that this section damages.
In like manner, the content in the every segment data district in the initial address reading BIOS in the every segment data district according to storage, and calculate second check value in this every segment data district, the first check value of this data field with prestoring contrasts, if identical, then illustrate that the content in this segment data district is correct;If differing, then illustrate that the content in this segment data district is incorrect, then return this segment data district content and damage, it is also possible to return the initial address of the data field that this section damages.
As a kind of optional embodiment, described verification heuristic information is not placed on the part as BIOS content in BIOS content, but described verification heuristic information is separated with BIOS content, but carry out described verification heuristic information together with BIOS content upgrading, updating, keep the synchronization of the two;
Or, it is not required to the first check value of calculation data area, but when in BIOS configuration menu, preservation amendment is arranged, dynamically recalculate the check value in each segment data district, and the check value refreshing after calculating is saved in verification heuristic information, so that the check value of data field can also obtain from verification heuristic information, it is achieved inspires BIOS content authentication efficiently, the most online.Wherein, BIOS configuration menu refers in BIOS start-up course, user presses DEL key and enters SETUP interface, can be carried out some arrange at this interface, such as boot sequence, internal memory mode of operation etc., need after arranging to preserve, just can come into force after i.e. selecting " SaveConfiguration " menu and determining.
The embodiment of the present invention provides a kind of method verifying BIOS, the verification heuristic information that described method is pre-set by reading, and judges that described verification heuristic information is the most correct;When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content to damage, thus realize all standing detection of data field and code area in BIOS content, and the BIOS detection algorithm of universal flexible can be realized, automatically BIOS Specification upgrading is adapted to, to traditional B IOS, Extensible Firmware Interface (ExtensibleFirmwareInterface, EFI) BIOS is the most applicable, and, in checking procedure, can skip the clear area in BIOS content, realize high efficiency BIOS content on-line checking algorithm, reduce performance consumption to greatest extent.
It is a kind of equipment structure chart verifying BIOS that the embodiment of the present invention provides with reference to Fig. 5, Fig. 5.As it is shown in figure 5, described equipment includes with lower unit:
Read unit 501, for reading the verification heuristic information pre-set;
Wherein, described verification heuristic information includes:
Unique mark (GloballyUniqueIdentifier, GUID), the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
It is a kind of BIOS content structure figure that the embodiment of the present invention provides with reference to Fig. 2, Fig. 2.As in figure 2 it is shown, BIOS content is divided into data field and code area, verification heuristic information is set in data field.Described verification heuristic information stores corresponding content according to the form pre-set, and such as, it is a kind of content structure figure verifying heuristic information that the embodiment of the present invention provides that its storage format is referred to Fig. 3, Fig. 3.
In Fig. 3, the set form of described verification heuristic information storage content can be arranged according to unique mark, the total hop count in code area, the initial address of every section of code area and the check value of correspondence every section code area, the total hop count in data field, the initial address in every segment data district and the check value in correspondence every segment data district, the total length of described verification heuristic information, the described check value of verification heuristic information, the sequencing of terminating symbol.
Alternatively, described reading unit 501, specifically for:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content.
Judging unit 502, is used for judging that described verification heuristic information is the most correct;
Alternatively, described judging unit, specifically for:
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
Alternatively, described equipment also includes:
First searches unit 508, for when the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jumps to next alignment address, continues to search for described verification heuristic information.
Concrete, according to the possible address stored of verification heuristic information made an appointment to access data field, such as, arrange the block size 4KB using BIOSFLASH and the rule as address align is accessed data field, then verification heuristic information may leave on the addresses such as 0k, 4k, 8k, 12k.
nullAs shown in Figure 3,First read block0,The form of content is prestored to read GUID according to verification heuristic information,The length of the content every time accessed is the total length of verification heuristic information,When the GUID found in block0 is different with the GUID in verification heuristic information,Then access next block1,It is again seen that the GUID in block1 is different with the GUID in verification heuristic information,Then continue to access next block2 etc.,The like,When having access to some blockn,Find that the GUID in blockn is identical with the GUID in verification heuristic information,Then calculate the check value accessing content in blockn,Judge that this check value is the most identical with the check value in described verification heuristic information,When the check value prestored in check value and the described verification heuristic information of described content is identical,Then judge that the access content in blockn is verification heuristic information.
Alternatively, described equipment also includes:
Second searches unit 509, during for differing when the check value prestored in the check value judging described content and described verification heuristic information, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
Concrete, according to the possible address stored of verification heuristic information made an appointment to access data field, such as, arrange the block size 4KB using BIOSFLASH and the rule as address align is accessed data field, then verification heuristic information may leave on the addresses such as 0k, 4k, 8k, 12k.
nullAs shown in Figure 3,First read block0,The form of content is prestored to read GUID according to verification heuristic information,The length of the content every time accessed is the total length of verification heuristic information,When the GUID found in block0 is different with the GUID in verification heuristic information,Then access next block1,It is again seen that the GUID in block1 is different with the GUID in verification heuristic information,Then continue to access next block2 etc.,The like,When having access to some blockn,Find that the GUID in blockn is identical with the GUID in verification heuristic information,Then calculate the check value accessing content in blockn,Judge that this check value is the most identical with the check value in described verification heuristic information,When the check value prestored in check value and the described verification heuristic information of described content is identical,Then judge that the access content in blockn is verification heuristic information.
First computing unit 503, for when judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, calculate first check value in every segment data district according to described every segment data district content;
Memory element 504, for storing initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
Alternatively, described memory element is additionally operable to:
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
As it is shown on figure 3, storage code area hop count, the initial address of every section of code area and the first check value of every section of code area, data field hop count, the initial address in every segment data district and first check value in every segment data district.
When reading the first check value not storing wherein one section of code area in described verification heuristic information, clear area such as Fig. 3, the most do not store the initial address of this clear area, when according to when in described verification heuristic information, wherein the initial address reading in one piece of data district finds that wherein one piece of data district content is for sky, the most do not calculate the check value that this content is empty data field, do not store the initial address that this content is empty data field.Do so, can skip BIOS content when subsequent check be empty clear area, thus reduces performance consumption to greatest extent.
Second computing unit 505, initial address for the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
First comparing unit 506, the first check value and the second check value of described every section of code area for relatively described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;
Second comparing unit 507, the first check value for described every segment data district and second check value in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
It is a kind of on-line testing process schematic that the embodiment of the present invention provides with reference to Fig. 4, Fig. 4.As shown in Figure 4, the content of every section of code area in the initial address reading BIOS of every section of code area according to storage, and calculate the second check value of this every section code area, the first check value of this code area with prestoring contrasts, if identical, then illustrate that the content of this section of code area is correct;If differing, then illustrate that the content of this section of code area is incorrect, then return this section of code area content and damage, it is also possible to return the initial address of the code area that this section damages.
In like manner, the content in the every segment data district in the initial address reading BIOS in the every segment data district according to storage, and calculate second check value in this every segment data district, the first check value of this data field with prestoring contrasts, if identical, then illustrate that the content in this segment data district is correct;If differing, then illustrate that the content in this segment data district is incorrect, then return this segment data district content and damage, it is also possible to return the initial address of the data field that this section damages.
As a kind of optional embodiment, described verification heuristic information is not placed on the part as BIOS content in BIOS content, but described verification heuristic information is separated with BIOS content, but carry out described verification heuristic information together with BIOS content upgrading, updating, keep the synchronization of the two;
Or, it is not required to the first check value of calculation data area, but when in BIOS configuration menu, preservation amendment is arranged, dynamically recalculate the check value in each segment data district, and the check value refreshing after calculating is saved in verification heuristic information, so that the check value of data field can also obtain from verification heuristic information, it is achieved inspires BIOS content authentication efficiently, the most online.
The embodiment of the present invention provides a kind of equipment verifying BIOS, the verification heuristic information that described equipment is pre-set by reading, and judges that described verification heuristic information is the most correct;When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content to damage, thus realize all standing detection of data field and code area in BIOS content, and the BIOS detection algorithm of universal flexible can be realized, automatically BIOS Specification upgrading is adapted to, to traditional B IOS, Extensible Firmware Interface (ExtensibleFirmwareInterface, EFI) BIOS is the most applicable, and, in checking procedure, can skip the clear area in BIOS content, realize high efficiency BIOS content on-line checking algorithm, reduce performance consumption to greatest extent.
It is the equipment structure chart of the another kind of verification BIOS that the embodiment of the present invention provides with reference to Fig. 6, Fig. 6.Being a kind of equipment 600 verifying BIOS that the embodiment of the present invention provides with reference to Fig. 6, Fig. 6, the implementing of equipment of described verification BIOS is not limited by the specific embodiment of the invention.The equipment 600 of described verification BIOS includes:
Processor (processor) 601, communication interface (CommunicationsInterface) 602, memorizer (memory) 603, bus 604.
Processor 601, communication interface 602, memorizer 603 completes mutual communication by bus 604.
Communication interface 602, for communicating with other equipment;
Processor 601, is used for performing program.
Specifically, program can include that program code, described program code include computer-managed instruction.
Processor 601 is probably a central processor CPU, or specific integrated circuit ASIC (ApplicationSpecificIntegratedCircuit), or is configured to implement one or more integrated circuits of the embodiment of the present invention.
Memorizer 603, is used for depositing program.Memorizer 603 may comprise high-speed RAM memorizer, it is also possible to also includes nonvolatile memory (non-volatilememory).Program specifically for:
Read the verification heuristic information pre-set, and judge that described verification heuristic information is the most correct;
When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;
Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
The verification heuristic information that described reading pre-sets, and judge that described verification heuristic information is the most correct, including:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
Described method also includes:
When the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
Described method also includes:
When the check value prestored in the check value judging described content and described verification heuristic information differs, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
Described verification heuristic information includes:
Uniquely identify GUID, the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
Described method, before step stores first check value in the initial address of described every section of code area and the first check value of described every section of code area, the initial address in described every segment data district, every segment data district, also includes;
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method, can be by computer program and complete to instruct relevant hardware, described program can be stored in a computer read/write memory medium, this program is upon execution, it may include such as the flow process of the embodiment of above-mentioned each method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-OnlyMemory, ROM) or random access memory (RandomAccessMemory is called for short RAM) etc..
The above disclosed present pre-ferred embodiments that is only, certainly can not limit the interest field of the present invention, the equivalent variations therefore made according to the claims in the present invention with this, still belong to the scope that the present invention is contained.
Claims (12)
1. the method verifying basic input-output system BIOS, it is characterised in that described method includes:
Read the verification heuristic information pre-set, and judge that described verification heuristic information is the most correct;
When judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, first check value in every segment data district is calculated according to described every segment data district content;
Store initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
The initial address of the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
Compare the first check value and second check value of described every section of code area of described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then return BIOS content and damage;Compare the first check value and second check value in described every segment data district in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
Method the most according to claim 1, it is characterised in that the verification heuristic information that described reading pre-sets, and judge that described verification heuristic information is the most correct, including:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
Method the most according to claim 2, it is characterised in that described method also includes:
When the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
The most according to the method in claim 2 or 3, it is characterised in that described method also includes:
When the check value prestored in the check value judging described content and described verification heuristic information differs, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
5. according to the method described in claim 1-3 any one, it is characterised in that described verification heuristic information includes:
Uniquely identify GUID, the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
6. according to the method described in claim 1-3 any one, it is characterized in that, described method, before step stores first check value in the initial address of described every section of code area and the first check value of described every section of code area, the initial address in described every segment data district, every segment data district, also includes;
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
7. the equipment verifying basic input-output system BIOS, it is characterised in that described equipment includes:
Read unit, for reading the verification heuristic information pre-set;
Judging unit, is used for judging that described verification heuristic information is the most correct;
First computing unit, for when judging that described verification heuristic information is correct, read the first check value of every section of code area, and according to the initial address in described verification heuristic information Zhong Mei segment data district, read every segment data district content, calculate first check value in every segment data district according to described every segment data district content;
Memory element, for storing initial address and the first check value of described every section of code area, the initial address in described every segment data district, first check value in every segment data district of described every section of code area;
Second computing unit, initial address for the described every section of code area according to storage reads every section of code area content and calculates the second check value of every section of code area, reads every segment data district content according to the initial address in described every segment data district of storage and calculates second check value in every segment data district;
First comparing unit, for the first check value and second check value of described every section of code area of relatively described every section of code area, when the first check value of described every section of code area and the second check value of described every section of code area differ, then returns BIOS content and damages;
Second comparing unit, the first check value for described every segment data district and second check value in described every segment data district, when first check value in described every segment data district and second check value in described every segment data district differ, then return BIOS content and damage.
Equipment the most according to claim 7, it is characterised in that described reading unit, specifically for:
Verification heuristic information is arranged and uniquely identifies GUID;
Length according to described verification heuristic information reads the content in BIOS;
The structure pre-set according to verification heuristic information reads the identifier of described content;
Described judging unit, specifically for:
Relatively described content identifier and described uniquely identify whether identical;
When the identifier of described content is identical with described unique mark, then calculate the check value of described content;
Judge that the check value of described content is the most identical with the check value prestored in described verification heuristic information;
When the check value prestored in check value and the described verification heuristic information of described content is identical, then judge that described content is verification heuristic information.
Equipment the most according to claim 8, it is characterised in that described equipment also includes:
First searches unit, for when the identifier of described content and described unique mark differ, then according to the address align rule of the verification heuristic information made an appointment, jumps to next alignment address, continues to search for described verification heuristic information.
Equipment the most according to claim 8 or claim 9, it is characterised in that described equipment also includes:
Second searches unit, during for differing when the check value prestored in the check value judging described content and described verification heuristic information, according to the address align rule of the verification heuristic information made an appointment, jump to next alignment address, continue to search for described verification heuristic information.
11. according to the equipment described in claim 7-9 any one, it is characterised in that described verification heuristic information includes:
Uniquely identify GUID, the total length of described verification heuristic information, the check value of described verification heuristic information, the total hop count in code area, the total hop count in data field, the initial address of every section of code area and check value, the initial address in every segment data district, terminating symbol.
12. according to the equipment described in claim 7-9 any one, it is characterised in that described memory element is additionally operable to:
When described verification heuristic information does not stores the first check value of wherein one section of code area, the most do not store described in the initial address of wherein one section of code area.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310140989.1A CN103226505B (en) | 2013-04-22 | 2013-04-22 | A kind of method and apparatus verifying basic input-output system BIOS |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310140989.1A CN103226505B (en) | 2013-04-22 | 2013-04-22 | A kind of method and apparatus verifying basic input-output system BIOS |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103226505A CN103226505A (en) | 2013-07-31 |
| CN103226505B true CN103226505B (en) | 2016-08-03 |
Family
ID=48836964
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310140989.1A Active CN103226505B (en) | 2013-04-22 | 2013-04-22 | A kind of method and apparatus verifying basic input-output system BIOS |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103226505B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3543858A4 (en) * | 2016-11-15 | 2019-12-18 | JRD Communication (Shenzhen) Ltd | Method for checking and compiling system start-up files |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105824717A (en) * | 2016-03-16 | 2016-08-03 | 硅谷数模半导体(北京)有限公司 | Method and device for controlling chip operation and chip |
| CN105955857A (en) * | 2016-04-29 | 2016-09-21 | 浪潮电子信息产业股份有限公司 | Method and device for testing BIOS (Basic Input Output System) |
| CN109491826B (en) * | 2018-11-27 | 2021-02-12 | 英业达科技有限公司 | Remote hardware diagnosis system and diagnosis method |
| CN111381846B (en) * | 2018-12-29 | 2024-02-23 | 联合汽车电子有限公司 | Data verification method for safety refreshing of electronic controller |
| CN109784063A (en) * | 2018-12-30 | 2019-05-21 | 联想(北京)有限公司 | Information processing method, device and electronic equipment |
| CN116305169B (en) * | 2023-05-12 | 2023-08-11 | 天津市中环电子计算机有限公司 | Firmware security detection method and firmware verification method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1598789A (en) * | 2003-09-16 | 2005-03-23 | 深圳市格林耐特通信技术有限责任公司 | Method of reading -writing data using disk file virtual flash |
| CN101650662A (en) * | 2009-08-26 | 2010-02-17 | 中兴通讯股份有限公司 | Memory device of embedded system and staring method and upgrading of firmware |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7055035B2 (en) * | 2001-07-31 | 2006-05-30 | Hewlett-Packard Development Company, L.P. | Method for generating a read only memory image |
-
2013
- 2013-04-22 CN CN201310140989.1A patent/CN103226505B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1598789A (en) * | 2003-09-16 | 2005-03-23 | 深圳市格林耐特通信技术有限责任公司 | Method of reading -writing data using disk file virtual flash |
| CN101650662A (en) * | 2009-08-26 | 2010-02-17 | 中兴通讯股份有限公司 | Memory device of embedded system and staring method and upgrading of firmware |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3543858A4 (en) * | 2016-11-15 | 2019-12-18 | JRD Communication (Shenzhen) Ltd | Method for checking and compiling system start-up files |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103226505A (en) | 2013-07-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103226505B (en) | A kind of method and apparatus verifying basic input-output system BIOS | |
| CN105094927B (en) | A kind of device firmware upgrade method and apparatus | |
| TWI470420B (en) | Dubugging method and computer system using the smae | |
| CN106547653B (en) | Computer system fault state detection method, device and system | |
| CN106776122A (en) | A kind of method of main-apparatus protection in start-up course based on Flash | |
| CN103839591A (en) | Automatic fault detection and fault-tolerant circuit of memory as well as control method | |
| CN103473098A (en) | Starting method of boot program and relevant device | |
| CN104063477B (en) | Embedded system starts abnormal processing method and processing device | |
| CN103150231A (en) | Computer booting method and computer system | |
| CN103678030A (en) | Multi-system equipment start system and method thereof | |
| US20080040596A1 (en) | Embedded system and boot code auto-copy method thereof | |
| CN102622249B (en) | A kind of safe starting method preventing CPU self-locking | |
| CN113409881B (en) | Flash memory erasure interrupt recovery test method and device, electronic equipment and storage medium | |
| CN102541469A (en) | Method, equipment and system for protecting data in firmware storage system | |
| CN106776105B (en) | System startup file checking and compiling method | |
| US9495261B2 (en) | Systems and methods for reducing memory failures | |
| CN104424047A (en) | NVRAM data recovery method and NVRAM data recovery device | |
| CN110674494B (en) | Process protection method, system and data processing method | |
| CN109684125A (en) | A kind of method, apparatus, equipment and storage medium for repairing DDR physical damage | |
| CN105677409B (en) | A kind of method for upgrading system and device | |
| CN104182242A (en) | System booting method and system booting device | |
| CN103455750B (en) | The high peace verification method of a kind of embedded device and device | |
| CN104035776B (en) | Operating system starting method | |
| CN104657232A (en) | BIOS automatic recovery system and BIOS automatic recovery method | |
| WO2018041151A1 (en) | Data storage method and apparatus, and nonvolatile memory |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20211224 Address after: 450046 Floor 9, building 1, Zhengshang Boya Plaza, Longzihu wisdom Island, Zhengdong New Area, Zhengzhou City, Henan Province Patentee after: Super fusion Digital Technology Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |