CN107632878A - A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource - Google Patents

A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource Download PDF

Info

Publication number
CN107632878A
CN107632878A CN201710891146.3A CN201710891146A CN107632878A CN 107632878 A CN107632878 A CN 107632878A CN 201710891146 A CN201710891146 A CN 201710891146A CN 107632878 A CN107632878 A CN 107632878A
Authority
CN
China
Prior art keywords
algorithm
current version
examples
virtual current
cipher card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710891146.3A
Other languages
Chinese (zh)
Other versions
CN107632878B (en
Inventor
王志华
宋志华
徐波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yuweng Information Technology Co.,Ltd.
Original Assignee
SHANDONG YUWENG INFORMATION TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANDONG YUWENG INFORMATION TECHNOLOGY Co Ltd filed Critical SHANDONG YUWENG INFORMATION TECHNOLOGY Co Ltd
Priority to CN201710891146.3A priority Critical patent/CN107632878B/en
Publication of CN107632878A publication Critical patent/CN107632878A/en
Application granted granted Critical
Publication of CN107632878B publication Critical patent/CN107632878B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

This application discloses a kind of distribution method of cipher card algorithm resource, applied under SR IOV environment, including:The algorithm that cipher card is included carries out species division, obtains current version algorithm and non-current version algorithm;The algorithm routine of current version algorithm is replicated to obtain M virtual current version algorithm examples, and by default naming rule allocation algorithm ID, obtains M different algorithm ID;When receiving the call instruction of current version algorithm, idle polling operation is performed, until obtaining algorithm ID corresponding to the virtual current version algorithm examples in idle condition;Algorithm arithmetic operation is performed by virtual current version algorithm examples corresponding to algorithm ID calling, until the individual virtually current version algorithm examples of M are in seizure condition.The distribution method logical calculated resource allocation is more scientific and reasonable, utilization rate is higher.The application further simultaneously discloses a kind of distribution system, cipher card and the computer-readable recording medium of cipher card algorithm resource, has above-mentioned beneficial effect.

Description

A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource
Technical field
The application is related to computer information safe communication technical field, more particularly to a kind of distribution of cipher card algorithm resource Method, system, cipher card and computer-readable recording medium.
Background technology
SR-IOV technologies are a kind of virtualization technologies, by user software, monitor of virtual machine, device drives, BIOS, support VF (Virtual Function, virtual functions) PCI-E (Peripheral Component Interconnect Express, the interconnection of quick peripheral component) composition such as equipment technological package, a physics PCI-E device can be empty itself It is intended to be multiple virtual PCI-E devices, there is provided access to multiple different virtual machines.
In the prior art, one is based on FPGA (Field-Programmable Gate Array, field programmable gate Array) the PCI-E cipher cards that form are provided with a number of VF, and the algorithm resource of complete set is configured for each VF, and one Come so simple, easy, but the intrinsic hardware logic computing resource of the PCI-E cipher cards can be wasted, but be similarly limited to close Code blocks limited logical calculated resource, it is impossible to unconfined increase VF quantity, is when VF quantity is more unlikely Each VF is provided which the algorithm resource of complete set.
So how to provide the cipher card algorithm that a kind of logical calculated resource allocation is more scientific and reasonable, utilization rate is higher Resource allocation mechanism is those skilled in the art's urgent problem to be solved.
The content of the invention
The purpose of the application is to provide a kind of distribution method, system, cipher card and the computer of cipher card algorithm resource can Storage medium is read, it is multiple applied under SR-IOV environment, the current version algorithm that algorithmically frequency of use marks off is copied as, So that the multiple current version algorithm examples copied can perform algorithm computing, show on the basis of resource allocation is more rational Write the utilization rate for the logical calculated resource for improving the PCI-E cipher cards.
In order to solve the above technical problems, the application provides a kind of distribution method of cipher card algorithm resource, applied to SR- Under IOV environment, the distribution method includes:
At least two algorithms that cipher card is included carry out species division, obtain current version algorithm and non-current version algorithm;
The algorithm routine of the current version algorithm is copied as into predetermined number M, obtains M virtual current version algorithm examples;
Default naming rule allocation algorithm ID is pressed for the M virtual current version algorithm examples, obtains M different algorithms ID;
When receiving the call instruction of the current version algorithm, sky is performed in the M virtual current version algorithm examples Not busy polling operation, until obtaining algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
Algorithm arithmetic operation is performed by virtual current version algorithm examples corresponding to algorithm ID calling, until M institute State virtual current version algorithm examples and be in seizure condition, the M call instruction is no more than with parallel processing quantity.
Optionally, at least two algorithms cipher card included carry out species division, obtain current version algorithm and non-conventional Type algorithm, including:
The frequency of use of each algorithm included in the cipher card is counted in predetermined period;
Judge whether each frequency of use exceedes threshold value;
It is current version algorithm by the algorithm partition that the frequency of use exceedes the threshold value if exceeding;
If not exceeded, not less than the algorithm partition of the threshold value it is non-current version algorithm by the frequency of use.
Optionally, the algorithm routine of the current version algorithm is copied as into predetermined number M, obtains M virtual current versions Before algorithm examples, in addition to:
The total calculating performance and each algorithm routine for obtaining the FPGA logic cell for forming the cipher card take institute State total percentages for calculating performance;
The predetermined number M is calculated according to each percentages and each frequency of use.
Optionally, default naming rule allocation algorithm ID is pressed for the M virtual current version algorithm examples, obtains M not After same algorithm ID, in addition to:
M different algorithm ID are ranked up by predetermined order rule, obtain algorithm sequencing table;
Gather the working condition of virtual current version algorithm examples corresponding to each algorithm ID;
Each working condition is attached to the predeterminated position that algorithm ID is corresponded in the algorithm sequencing table, obtains algorithm shape State inquiry table.
Optionally, idle polling operation is performed in the M virtual current version algorithm examples, until obtaining in the free time Algorithm ID corresponding to the virtual current version algorithm examples of state, including;
Judge whether each virtual current version algorithm examples are in the idle condition successively;
If so, then obtain algorithm ID corresponding to the virtual current version algorithm examples in the idle condition;
If the M virtual current version algorithm examples are in seizure condition, restart poll, be in until existing The virtual current version algorithm examples of the idle condition.
Present invention also provides a kind of distribution system of cipher card algorithm resource, applied under SR-IOV environment, the distribution System includes:
Division unit, species division is carried out at least two algorithms that include cipher card, obtain current version algorithm and Non- current version algorithm;
Copied cells, for the algorithm routine of the current version algorithm to be copied as into predetermined number M, obtain M virtually often With type algorithm examples;
ID allocation units, for pressing default naming rule allocation algorithm ID for the M virtual current version algorithm examples, obtain The algorithm ID different to M;
Poll searching unit, for performing idle polling operation in the M virtual current version algorithm examples, until To algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
Execution unit is called, is transported for performing algorithm by virtual current version algorithm examples corresponding to algorithm ID calling Operation is calculated, until the M virtual current version algorithm examples are in seizure condition, M institute is no more than with parallel processing quantity State call instruction.
Optionally, the division unit includes:
Frequency of use counts subelement, for counting the use of each algorithm included in the cipher card in predetermined period Frequency;
Threshold decision subelement, possess and judge whether each frequency of use exceedes threshold value;
Current version divides subelement, is calculated for the frequency of use to be exceeded to the algorithm partition of the threshold value for current version Method;
Non- current version divides subelement, not less than the algorithm partition of the threshold value is non-current version for the frequency of use Algorithm.
Optionally, the poll searching unit includes:
Idle condition judgment sub-unit, for judging whether each virtual current version algorithm examples are in the sky successively Not busy state;
Free time processing subelement, for obtaining algorithm corresponding to the virtual current version algorithm examples in the idle condition ID;
Processing subelement is taken, for restarting poll, until existing virtual conventional in the idle condition Type algorithm examples.
Present invention also provides a kind of cipher card based on SR-IOV, the cipher card includes:
Memory, for storing computer program;
Processor, dividing for the cipher card algorithm resource as described in above-mentioned content is realized during for performing the computer program The step of method of completing the square.
Present invention also provides a kind of computer-readable recording medium, meter is stored with the computer-readable recording medium Calculation machine program, the distribution of the cipher card algorithm resource as described in above-mentioned content is realized when the computer program is executed by processor The step of method.
The distribution method of a kind of cipher card algorithm resource provided herein, applied under SR-IOV environment, by password Block at least two algorithms included and carry out species division, obtain current version algorithm and non-current version algorithm;The current version is calculated The algorithm routine of method copies as predetermined number M, obtains M virtual current version algorithm examples;For the M virtual current version algorithms Example presses default naming rule allocation algorithm ID, obtains M different algorithm ID;When the calling for receiving the current version algorithm is ordered When making, idle polling operation is performed in the M virtual current version algorithm examples, until obtaining virtual in idle condition Algorithm ID corresponding to current version algorithm examples;Algorithm is performed by virtual current version algorithm examples corresponding to algorithm ID calling Arithmetic operation, until the M virtual current version algorithm examples are in seizure condition, with parallel processing quantity no more than M's The call instruction.
Obviously, technical scheme provided herein, the intrinsic logic possessed on the PCI-E cipher cards are fully taken into account On the basis of computing resource, the current version algorithm that algorithmically frequency of use marks off is copied as it is multiple, certainly, the quantity of duplication The limitation of logical calculated resource is received, and the multiple current version algorithm examples for copy can perform algorithm computing, The utilization rate of the logical calculated resource of the PCI-E cipher cards is significantly improved on the basis of resource allocation is more rational.The application A kind of distribution system, cipher card and the computer-readable recording medium of cipher card algorithm resource are additionally provided simultaneously, is had above-mentioned Beneficial effect, it will not be repeated here.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this The embodiment of application, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis The accompanying drawing of offer obtains other accompanying drawings.
A kind of flow chart of the distribution method for cipher card algorithm resource that Fig. 1 is provided by the embodiment of the present application;
The flow chart of the distribution method for another cipher card algorithm resource that Fig. 2 is provided by the embodiment of the present application;
A kind of structured flowchart of the distribution system for cipher card algorithm resource that Fig. 3 is provided by the embodiment of the present application;
Fig. 4 is shown by algorithm state table in a kind of distribution system for cipher card algorithm resource that the embodiment of the present application provides It is intended to;
The structured flowchart of the distribution system for another cipher card algorithm resource that Fig. 5 is provided by the embodiment of the present application.
Embodiment
The core of the application is to provide a kind of distribution method of cipher card algorithm resource, and it is applied under SR-IOV environment, The current version algorithm that algorithmically frequency of use marks off is copied as multiple so that the multiple current version algorithm examples copied are equal Algorithm computing can be performed, the logical calculated resource of the cipher card is significantly improved on the basis of resource allocation is more rational Utilization rate.
To make the purpose, technical scheme and advantage of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application In accompanying drawing, the technical scheme in the embodiment of the present application is clearly and completely described, it is clear that described embodiment is Some embodiments of the present application, rather than whole embodiments.Based on the embodiment in the application, those of ordinary skill in the art The all other embodiment obtained under the premise of creative work is not made, belong to the scope of the application protection.
Below in conjunction with Fig. 1, a kind of stream of the distribution method for cipher card algorithm resource that Fig. 1 is provided by the embodiment of the present application Cheng Tu.
It specifically includes following steps:
S101:At least two algorithms that cipher card is included carry out species division, obtain current version algorithm and non-current version Algorithm;
At least two algorithms that this step is intended to include on cipher card are divided according to whether conventional progress species division Belong to current version algorithm and the non-major class of current version algorithm two.
The algorithm partition which kind of parameter of concrete foundation includes cipher card is varied for the mode of this two class, for example, can To gather the access times of each algorithm or frequency of use in some cycles, and combine some threshold value set to judge certain calculation Method particularly belongs to current version algorithm or non-current version algorithm;It can also be classified according to other parameters or particular/special requirement, can So that algorithm that is sufficiently complex, expending logical calculated resource is classified as into non-current version algorithm, because unless adding in highest level Close algorithm, chance and the number for using the type algorithm under normal circumstances are less.For example, the standard being compressed to data file Have several kinds, including RAR, ZIP, 7Z etc., wherein, most of software can all give tacit consent to choose RAR or ZIP form because this two Kind form has been able to the demand for meeting most of user, unless there is special requirement, is voluntarily choosing satisfactory pressure Contracting standard.
S102:The algorithm routine of current version algorithm is copied as into predetermined number M, obtains M virtual current version algorithm examples;
On the basis of S101, the algorithm routine that this step is intended to the current version algorithm that will be marked off copies as predetermined number M, to obtain M virtual current version algorithm examples.Wherein, the algorithm routine includes all algorithms for belonging to current version algorithm, i.e., Assuming that in the case that the current version algorithm includes SM1, SM2 (two kinds of AESs) both algorithms, the algorithm routine just includes The execution code of both algorithms of SM1, SM2 or other data files that can realize identical operation step.
S103:Default naming rule allocation algorithm ID is pressed for M virtual current version algorithm examples, obtains M different calculations Method ID;
On the basis of S102 replicates completion, this step is pressed for this M virtual current version algorithm examples and presets naming rule Allocation algorithm ID, obtain the different algorithm ID of M, in order in subsequent step by algorithm ID found corresponding to it is virtual normal The calculating task issued is performed with type algorithm examples.
Wherein, the manifestation mode of the default naming rule is varied, for example, started counting up from 01, it is each virtual conventional Type algorithm examples increase by 1, i.e., carry out function numbering life in the way of 01,02,03 ... for each virtual current version algorithm examples Name;It can also be named in the way of 100,200,300 ...;Or added according to identification method is combined under actual conditions Distinguished including Chinese and English etc., specific restriction is not done herein, can voluntarily be judged and be chosen suitable rule progress work( The name that can be numbered.
S104:When receiving the call instruction of current version algorithm, idle wheel is performed in M virtual current version algorithm examples Operation is ask, until obtaining algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
On the basis of S103 completes name, this step is intended to when receiving the call instruction of current version algorithm, using wheel The mode of inquiry travels through all virtual current version algorithm examples, until obtaining the virtual current version algorithm examples in idle condition Corresponding algorithm ID.
Wherein, the mode that poll is searched is varied, for example, M can will be represented virtually often first after the completion of name A polling list polling table is generated by predetermined order with M algorithm ID of type algorithm examples, and by adding algorithm ID in the polling list polling table Corresponding virtual current version algorithm examples state in which issues calculating task;The side of generation idle sequence can also be used Formula, by the state of predetermined period inquiry once all virtual current version algorithm examples, and only will be in idle condition it is virtual often The modes such as the idle sequence are added with the algorithm ID of type algorithm examples, herein and are not specifically limited, can be according to actual conditions Lower each method realizes that difficulty, time-consuming and other influence factors consider and select most suitable method.
S105:Algorithm arithmetic operation is performed by virtual current version algorithm examples corresponding to algorithm ID calling, until M empty Intend current version algorithm examples and be in seizure condition, M call instruction is no more than with parallel processing quantity.
On the basis of S104, this step is intended to perform calculation by virtual current version algorithm examples corresponding to algorithm ID calling Method arithmetic operation, until M virtual current version algorithm examples are in seizure condition, M tune is no more than with parallel processing quantity With order.Finally to realize M virtual current version algorithm examples while handle calculating task, certainly, number M is bound to by close Code fixes the limitation for the logical calculated resource for having hardware to be provided, it is impossible to unconfined increase, but because only by current version The algorithm routine of algorithm is replicated, and can largely increase number M quantity.
It is also possible in view of utilizing the most frequently used algorithm to the full extent, the current version algorithm can be limited and included Algorithm number, it is assumed that current version algorithm only uniformly include 2 kinds of algorithms, even if algorithm is all more commonly used in having 3, but remains unchanged Choose the most frequently used algorithm partition of the first two and enter current version algorithm, and copy as predetermined number M, thus can further carry High number M quantity.
Based on above-mentioned technical proposal, a kind of distribution method for cipher card algorithm resource that the embodiment of the present application provides, filling Divide on the basis of the intrinsic logical calculated resource for considering possess on the PCI-E cipher cards, algorithmically frequency of use will mark off Current version algorithm copy as multiple, certainly, the quantity of duplication is limited by logical calculated resource, and to copy more Individual current version algorithm examples can perform algorithm computing, and the password is significantly improved on the basis of resource allocation is more rational The utilization rate of the logical calculated resource of card.
Below in conjunction with Fig. 2, the distribution method for another cipher card algorithm resource that Fig. 2 is provided by the embodiment of the present application Flow chart.
The present embodiment is that one kind that the other steps being directed in a upper embodiment in addition to S105 are made limits, Qi Tabu Suddenly it is substantially the same with a upper embodiment, same section can be found in an embodiment relevant portion, will not be repeated here.
It specifically includes following steps:
S201:The frequency of use of each algorithm included in cipher card is counted in predetermined period;
S202:Judge whether each frequency of use exceedes threshold value;
S203:It is current version algorithm by the algorithm partition that frequency of use exceedes threshold value;
S204:Not less than the algorithm partition of threshold value it is non-current version algorithm by frequency of use;
Four steps of the above are intended to count the frequency of use of each algorithm in predetermined period first, next determine whether to exceed Setting can be divided into the threshold value of current version algorithm, will be divided into current version algorithm more than the algorithm of threshold value, not less than The algorithm of threshold value is divided into expense current version algorithm.
S205:Obtain the total calculating performance for the FPGA logic cell for forming cipher card and each algorithm routine takes total calculate The percentages of performance;
S206:Predetermined number M is calculated according to each percentages and each frequency of use;
S205 and the steps of S206 two are intended to total calculating performance of the FPGA logic cell using the composition cipher card got And each algorithm routine takes total percentages for calculating performance, and each calculation is combined using percentages corresponding to the algorithm Method frequency of use COMPREHENSIVE CALCULATING goes out predetermined number M.
S207:The algorithm routine of current version algorithm is copied as into predetermined number M, obtains M virtual current version algorithm examples;
The present embodiment is by the way of replicating, by algorithm performs code corresponding to all algorithms for belonging to the current version algorithm Predetermined number M is copied as, to obtain M virtual current version algorithm examples.
S208:Default naming rule allocation algorithm ID is pressed for M virtual current version algorithm examples, obtains M different calculations Method ID;
S209:M different algorithm ID are ranked up by predetermined order rule, obtain algorithm sequencing table;
On the basis of S208, this step is intended to be ranked up M different algorithm ID by predetermined order rule, obtains To algorithm sequencing table.Wherein, the predetermined order rule the form of expression it is varied, for example, using order from small to large, with Machine or other existing particular/special requirements are ranked up etc., herein and are not specifically limited, can according under actual conditions not Selected with whether sortord impacts.
S210:Gather the working condition of virtual current version algorithm examples corresponding to each algorithm ID;
On the basis of S209, this step is intended to gather the work shape of virtual current version algorithm examples corresponding to each algorithm ID State, i.e., whether virtual current version algorithm examples are in calculating condition adjudgement and are in seizure condition also according to corresponding to each algorithm ID It is idle condition, in order to record the virtual current version algorithm examples for being in certain state for subsequent step use.
S211;Each working condition is attached to the predeterminated position that algorithm ID is corresponded in algorithm sequencing table, obtains algorithm state Inquiry table;
On the basis of S210, working condition corresponding to each virtual current version algorithm examples is attached to the algorithm sequencing table Middle corresponding algorithm ID predeterminated position, to obtain algorithm state inquiry table.Wherein, the predeterminated position is defined by being easiest to get , it is of course also possible to change additional position under the limitation of other particular/special requirements.Meanwhile the performance of additional status information Form is also varied, can be a mark for being similar to left-right switch, and it is idle condition to be placed in left end, is placed in right-hand member to account for Use state;It can also be description information additionally having more etc., herein and be not specifically limited.
S212:Judge whether each virtual current version algorithm examples are in idle condition successively;
S213:Obtain algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
S214:Restart poll, until the virtual current version algorithm examples in idle condition be present.
S213 and S214 corresponds to the two kinds of results judged in S212 respectively, and the former is to exist to be in the virtual normal of idle condition With type algorithm examples, the latter is to be calculated in the absence of the virtual current version algorithm examples in idle condition, whole virtual current versions Method example is in seizure condition.
Algorithm ID corresponding to the virtual current version algorithm examples in idle condition, the latter can be directly obtained for the former Poll can then be restarted, until the virtual current version algorithm examples in idle condition be present.
Based on above-mentioned technical proposal, a kind of distribution method for cipher card algorithm resource that the embodiment of the present application provides, filling Divide on the basis of the intrinsic logical calculated resource for considering possess on the cipher card, algorithmically frequency of use is marked off conventional Type algorithm copies as multiple, and certainly, the quantity of duplication receives the limitation of logical calculated resource, and to copy multiple conventional Type algorithm examples can perform algorithm computing, and patrolling for the cipher card is significantly improved on the basis of resource allocation is more rational Collect the utilization rate of computing resource.
Because situation is complicated, it can not enumerate and be illustrated, those skilled in the art should be able to recognize more the application The basic skills principle combination actual conditions of offer may have many examples, in the case where not paying enough creative works, Should be in the protection domain of the application.
Fig. 3 is referred to below, a kind of distribution system for cipher card algorithm resource that Fig. 3 is provided by the embodiment of the present application Structured flowchart.
The distribution system can include:
Division unit 100, at least two algorithms for cipher card to be included carry out species division, obtain current version algorithm With non-current version algorithm;
Copied cells 200, for the algorithm routine of current version algorithm to be copied as into predetermined number M, obtain M and virtually commonly use Type algorithm examples;
ID allocation units 300, for pressing default naming rule allocation algorithm ID for M virtual current version algorithm examples, obtain The algorithm ID different to M;
Poll searching unit 400, for performing idle polling operation in M virtual current version algorithm examples, until To algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
Execution unit 500 is called, is transported for performing algorithm by virtual current version algorithm examples corresponding to algorithm ID calling Operation is calculated, until M virtual current version algorithm examples are in seizure condition, is ordered with calling of the parallel processing quantity no more than M Order.
Wherein, division unit 100 includes:
Frequency of use counts subelement, for counting using frequently for each algorithm included in cipher card in predetermined period Rate;
Threshold decision subelement, possess and judge whether each frequency of use exceedes threshold value;
Current version divides subelement, and the algorithm partition for frequency of use to be exceeded to threshold value is current version algorithm;
Non- current version divides subelement, not less than the algorithm partition of threshold value is non-current version algorithm for frequency of use.
Wherein, poll searching unit 400 includes:
Idle condition judgment sub-unit, for judging whether each virtual current version algorithm examples are in idle condition successively;
Free time processing subelement, for obtaining algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
Processing subelement is taken, for restarting poll, is calculated until the virtual current version in idle condition be present Method example.
Further, before the execution of copied cells 200, can also include:
Parameter acquiring unit, for the total calculating performance for obtaining the FPGA logic cell for forming cipher card and each algorithm journey Sequence takes total percentages for calculating performance;
Amount calculation unit, for predetermined number M to be calculated according to each percentages and each frequency of use.
Further, after the execution of ID allocation units 300, can also include:
Sequencing unit, for M different algorithm ID being ranked up by predetermined order rule, obtains algorithm sequencing table;
State acquisition unit, for gathering the working condition of virtual current version algorithm examples corresponding to each algorithm ID;
Algorithm state table generation unit, the default of algorithm ID is corresponded in algorithm sequencing table for each working condition to be attached to Position, obtain algorithm state inquiry table.
Above each unit can apply in the specific concrete instance of following one:
The present embodiment selects the cipher card under SR-IOV environment formed based on FPGA, it is intended to intrinsic to cipher card itself The logical calculated resource that hardware is provided integrates and optimizes, and to reach the purpose for improving resource utilization, here is overall step Rapid flow:
1st, the cryptographic algorithm module of cipher card is classified, is divided into current version and non-current version;
2nd, the method replicated using algoritic module is copied into multiple to current version algorithm, and specific number is provided by fpga logic The restriction in source, and allocation algorithm ID number.Algorithm ID number, it is that the disparate modules of algorithm of the same race are made a distinction;
3rd, an algorithm state table, the convenient service condition for inquiring about special algorithm specific ID are established;
4th, when virtual machine is to during PCI-E device transmission algorithm call request, PCI-E device polling algorithm state table, until One of algorithm ID is idle, may refer to shown in Fig. 4;
5th, algorithm computing is carried out from algoritic module corresponding to idle algorithm ID.
Fig. 5 is referred to, on the basis of above overall flow, detailed, specific flow can be following mode:
Algorithm state table is defined first uses two-port RAM (random access memory, random access memory) Form realize that port A is writeable, and port B is readable, wherein, read and write asynchronous progress, the corresponding two-port RAM of every kind of algorithm.It is right Algorithm ID is numbered, and is that address conducts interviews with its ID numberings.The output valve for defining two-port RAM is Q, input value D, Q For " 0 ", represent that algoritic module corresponding to this ID is idle, otherwise represent that algoritic module corresponding to this ID is just busy, and every kind of algorithm is all There is unique corresponding algorithm queries state machine.
Step 1:Virtual machine is to PCI-E device transmission algorithm call request;
Step 2:The algorithm order that PCI-E device will receive, parameter, initial data etc., it is (empty to be stored in corresponding VF Intend function) in.When receiving the request of complete algorithm, that is, meet algorithm start computing required for full terms when, VF will be calculated Method call request is put into different algorithm queues according to the difference of algorithm, carries out unified queuing.Such as the queue bag of SM4 algorithms SM4 requests containing all VF, the SM2 that the queue of SM2 algorithms includes all VF are asked, and association is not present between the two queues. Algorithm queue uses FIFO form, each data in FIFO represent the current PF number for requiring algorithm computing and VFnumber。
Step 3:Algorithm queries state machine, by port B polling algorithm state tables, if being polled to ID pairs of some algorithm When the Q answered is " 0 ", then current algorithm ID is recorded, continue search algorithm queue, according to PF number and VF therein Number, allow signal and algorithm ID to corresponding VF transmission algorithms computing.It will be worth afterwards by port A corresponding to this algorithm ID Set, i.e. D=1.Then algorithm ID+1, continue to inquire about.If the algorithm ID of inquiry Q is not " 0 ", algorithm ID+1, continue Inquiry.When the address of inquiry exceedes ID maximum, ID=0 is returned, continues to inquire about.
Step 4:VF, which receives algorithm computing, allows signal and algorithm ID, afterwards starting algorithm computing.It will order, parameter is former Beginning data are sent in algoritic module corresponding to algorithm ID.After algoritic module computing is complete, stores the result into and stored corresponding to VF In device.Computing terminates, and will be worth reset, i.e. D=0 corresponding to this algorithm ID by port A.
Present invention also provides a kind of base SR-IOV cipher card, can include memory and processor, wherein, the storage There is computer program in device, when the processor calls the computer program in the memory, it is possible to achieve above-described embodiment institute The step of offer.Certain setting device can also include various necessary network interfaces, power supply and other parts etc..
Present invention also provides a kind of computer-readable recording medium, there is computer program thereon, the computer program The step of above-described embodiment provides can be realized when being performed terminal or computing device.The storage medium can include:U Disk, mobile hard disk, read-only storage (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disc or CD etc. are various can be with the medium of store program codes.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
Each embodiment is described by the way of progressive in specification, and what each embodiment stressed is and other realities Apply the difference of example, between each embodiment identical similar portion mutually referring to.For device disclosed in embodiment Speech, because it is corresponded to the method disclosed in Example, so description is fairly simple, related part is referring to method part illustration .
Professional further appreciates that, with reference to the unit of each example of the embodiments described herein description And algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware and The interchangeability of software, the composition and step of each example are generally described according to function in the above description.These Function is performed with hardware or software mode actually, application-specific and design constraint depending on technical scheme.Specialty Technical staff can realize described function using distinct methods to each specific application, but this realization should not Think to exceed scope of the present application.
Specific case used herein is set forth to the principle and embodiment of the application, and above example is said It is bright to be only intended to help and understand the present processes and its core concept.It should be pointed out that the ordinary skill for the art For personnel, on the premise of the application principle is not departed from, some improvement and modification, these improvement can also be carried out to the application Also fallen into modification in the application scope of the claims.
It should also be noted that, in this manual, such as first and second or the like relational terms be used merely to by One entity or operation make a distinction with another entity or operation, and not necessarily require or imply these entities or operation Between any this actual relation or order be present.Moreover, term " comprising ", "comprising" or its any other variant meaning Covering including for nonexcludability, so that process, method, article or equipment including a series of elements not only include that A little key elements, but also other key elements including being not expressly set out, or also include for this process, method, article or The intrinsic key element of equipment.In the absence of more restrictions, the key element limited by sentence "including a ...", is not arranged Except other identical element in the process including key element, method, article or equipment being also present.

Claims (10)

  1. A kind of 1. distribution method of cipher card algorithm resource, applied under SR-IOV environment, it is characterised in that including:
    At least two algorithms that cipher card is included carry out species division, obtain current version algorithm and non-current version algorithm;
    The algorithm routine of the current version algorithm is copied as into predetermined number M, obtains M virtual current version algorithm examples;
    Default naming rule allocation algorithm ID is pressed for the M virtual current version algorithm examples, obtains M different algorithm ID;
    When receiving the call instruction of the current version algorithm, idle wheel is performed in the M virtual current version algorithm examples Operation is ask, until obtaining algorithm ID corresponding to the virtual current version algorithm examples in idle condition;
    Algorithm arithmetic operation is performed by virtual current version algorithm examples corresponding to algorithm ID calling, until the M void Intend current version algorithm examples and be in seizure condition, the M call instruction is no more than with parallel processing quantity.
  2. 2. distribution method according to claim 1, it is characterised in that at least two algorithms for including cipher card are planted Class divides, and obtains current version algorithm and non-current version algorithm, including:
    The frequency of use of each algorithm included in the cipher card is counted in predetermined period;
    Judge whether each frequency of use exceedes threshold value;
    It is current version algorithm by the algorithm partition that the frequency of use exceedes the threshold value if exceeding;
    If not exceeded, not less than the algorithm partition of the threshold value it is non-current version algorithm by the frequency of use.
  3. 3. distribution method according to claim 2, it is characterised in that replicated by the algorithm routine of the current version algorithm For predetermined number M, before obtaining M virtual current version algorithm examples, in addition to:
    Total calculating performance and each algorithm routine occupancy for obtaining the FPGA logic cell for forming the cipher card are described total Calculate the percentages of performance;
    The predetermined number M is calculated according to each percentages and each frequency of use.
  4. 4. distribution method according to claim 3, it is characterised in that pressed for the M virtual current version algorithm examples pre- If naming rule allocation algorithm ID, after obtaining M different algorithm ID, in addition to:
    M different algorithm ID are ranked up by predetermined order rule, obtain algorithm sequencing table;
    Gather the working condition of virtual current version algorithm examples corresponding to each algorithm ID;
    Each working condition is attached to the predeterminated position that algorithm ID is corresponded in the algorithm sequencing table, algorithm state is obtained and looks into Ask table.
  5. 5. according to the distribution method described in any one of Claims 1-4, it is characterised in that in the M virtual current version algorithms Idle polling operation is performed in example, until algorithm ID corresponding to the virtual current version algorithm examples in idle condition is obtained, Including;
    Judge whether each virtual current version algorithm examples are in the idle condition successively;
    If so, then obtain algorithm ID corresponding to the virtual current version algorithm examples in the idle condition;
    If the M virtual current version algorithm examples are in seizure condition, restart poll, until existing in described The virtual current version algorithm examples of idle condition.
  6. A kind of 6. distribution system of cipher card algorithm resource, applied under SR-IOV environment, it is characterised in that including:
    Division unit, species division is carried out at least two algorithms that include cipher card, obtain current version algorithm and very With type algorithm;
    Copied cells, for the algorithm routine of the current version algorithm to be copied as into predetermined number M, obtain M virtual current versions Algorithm examples;
    ID allocation units, for pressing default naming rule allocation algorithm ID for the M virtual current version algorithm examples, obtain M Individual different algorithm ID;
    Poll searching unit, for performing idle polling operation in the M virtual current version algorithm examples, until obtaining everywhere Algorithm ID corresponding to virtual current version algorithm examples in idle condition;
    Execution unit is called, is grasped for performing algorithm computing by virtual current version algorithm examples corresponding to algorithm ID calling Make, until the M virtual current version algorithm examples are in seizure condition, the M tune is no more than with parallel processing quantity With order.
  7. 7. distribution system according to claim 6, it is characterised in that the division unit includes:
    Frequency of use counts subelement, for counting using frequently for each algorithm included in the cipher card in predetermined period Rate;
    Threshold decision subelement, possess and judge whether each frequency of use exceedes threshold value;
    Current version divides subelement, and the algorithm partition for the frequency of use to be exceeded to the threshold value is current version algorithm;
    Non- current version divides subelement, is calculated for algorithm partition of the frequency of use not less than the threshold value for non-current version Method.
  8. 8. distribution system according to claim 7, it is characterised in that the poll searching unit includes:
    Idle condition judgment sub-unit, for judging whether each virtual current version algorithm examples are in the idle shape successively State;
    Free time processing subelement, for obtaining algorithm ID corresponding to the virtual current version algorithm examples in the idle condition;
    Processing subelement is taken, for restarting poll, is calculated until the virtual current version in the idle condition be present Method example.
  9. A kind of 9. cipher card based on SR-IOV, it is characterised in that including:
    Memory, for storing computer program;
    Processor, the cipher card algorithm resource as described in any one of claim 1 to 5 is realized during for performing the computer program Distribution method the step of.
  10. 10. a kind of computer-readable recording medium, it is characterised in that be stored with computer on the computer-readable recording medium Program, realizing the cipher card algorithm resource as described in any one of claim 1 to 5 when the computer program is executed by processor The step of distribution method.
CN201710891146.3A 2017-09-27 2017-09-27 A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource Active CN107632878B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710891146.3A CN107632878B (en) 2017-09-27 2017-09-27 A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710891146.3A CN107632878B (en) 2017-09-27 2017-09-27 A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource

Publications (2)

Publication Number Publication Date
CN107632878A true CN107632878A (en) 2018-01-26
CN107632878B CN107632878B (en) 2018-10-16

Family

ID=61101907

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710891146.3A Active CN107632878B (en) 2017-09-27 2017-09-27 A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource

Country Status (1)

Country Link
CN (1) CN107632878B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108897601A (en) * 2018-06-29 2018-11-27 郑州云海信息技术有限公司 A kind of FPGA application method, system and relevant apparatus based on virtualization

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023893A (en) * 2010-11-04 2011-04-20 北京曙光天演信息技术有限公司 An inside-encryption-card parallel processing realization method
US20110321042A1 (en) * 2010-06-25 2011-12-29 Intel Corporation Methods and Systems to Permit Multiple Virtual Machines to Separately Configure and Access a Physical Device
CN106874065A (en) * 2017-01-18 2017-06-20 北京三未信安科技发展有限公司 A kind of system for supporting hardware virtualization

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110321042A1 (en) * 2010-06-25 2011-12-29 Intel Corporation Methods and Systems to Permit Multiple Virtual Machines to Separately Configure and Access a Physical Device
CN102023893A (en) * 2010-11-04 2011-04-20 北京曙光天演信息技术有限公司 An inside-encryption-card parallel processing realization method
CN106874065A (en) * 2017-01-18 2017-06-20 北京三未信安科技发展有限公司 A kind of system for supporting hardware virtualization

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108897601A (en) * 2018-06-29 2018-11-27 郑州云海信息技术有限公司 A kind of FPGA application method, system and relevant apparatus based on virtualization

Also Published As

Publication number Publication date
CN107632878B (en) 2018-10-16

Similar Documents

Publication Publication Date Title
CN102779075B (en) Method, device and system for scheduling in multiprocessor nuclear system
CN109597685A (en) Method for allocating tasks, device and server
CN101635651A (en) Method, system and device for managing network log data
WO2020119029A1 (en) Distributed task scheduling method and system, and storage medium
CN102662889B (en) Interruption processing method, interrupt control unit and processor
JP2003303052A (en) Method and system for operation and management of storage
CN103346902B (en) The method and system of data acquisition scheduling
CN104765701B (en) Data access method and equipment
CN102025753B (en) Load balancing method and equipment for data resources of servers
CN105868218A (en) Data processing method and electronic device
CN109800204A (en) Data distributing method and Related product
CN104102646B (en) The method, apparatus and system of data processing
CN102984737A (en) Unified parameter configuration method and device for wireless network
CN110134646B (en) Knowledge platform service data storage and integration method and system
CN107632878A (en) A kind of distribution method, system and the relevant apparatus of cipher card algorithm resource
CN107479974A (en) A kind of dispatching method of virtual machine and device
CN107704317A (en) Smart machine and its application management method and the device with store function
CN113010315A (en) Resource allocation method, resource allocation device and computer-readable storage medium
CN105653556B (en) Data aging method and device
CN107577962B (en) A kind of method, system and relevant apparatus that the more algorithms of cipher card execute side by side
CN106411545A (en) Service attribute counting method and device
CN101833585A (en) Database server operation control system, method and device
CN103338246A (en) Method and system for selecting virtual machine in allocation process of infrastructure construction cloud resource
CN112416596A (en) Node scheduling method, device and equipment
CN110245130A (en) Data duplicate removal method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 264200 No. 12-1, Chuhe North Road, chucun Town, gaoqu District, Weihai City, Shandong Province

Patentee after: Yuweng Information Technology Co.,Ltd.

Address before: No.12, Chuhe North Road, gaoqu District, Weihai City, Shandong Province

Patentee before: SHANDONG FISHERMAN INFORMATION TECHNOLOGY Co.,Ltd.