CN108958982A - A kind of BIOS reinforcement means and system - Google Patents
A kind of BIOS reinforcement means and system Download PDFInfo
- Publication number
- CN108958982A CN108958982A CN201810834965.9A CN201810834965A CN108958982A CN 108958982 A CN108958982 A CN 108958982A CN 201810834965 A CN201810834965 A CN 201810834965A CN 108958982 A CN108958982 A CN 108958982A
- Authority
- CN
- China
- Prior art keywords
- bios
- firmware
- firmware volume
- volume
- image
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a kind of BIOS reinforcement means and systems, and the method comprising the steps of: corresponding firmware image is arranged for the firmware volume of BIOS;In the boot block stage of BIOS operation, the legitimacy of firmware volume is examined in school, if not conforming to rule modification firmware volume pointer to be directed toward corresponding firmware image.System includes: processor, is used to execute step: corresponding firmware image is arranged for the firmware volume of BIOS;In the boot block stage of BIOS operation, the legitimacy of firmware volume is examined in school, if not conforming to rule modification firmware volume pointer to be directed toward corresponding firmware image.The present invention is by being arranged corresponding mirror back-up for the firmware volume of BIOS, it examines to reduce a possibility that generating failure in start-up course in school by carrying out firmware volume in the boot block stage, by modification firmware volume pointer normally to start BIOS, the stability of BIOS operation can be improved.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of BIOS reinforcement means and systems.
Background technique
The first software that BIOS (Basic Input Output System) is loaded when being computer starting.It is one
Group is cured in computer the program on mainboard on a rom chip, the in store most important basic input and output of computer
Self-check program and system self-triggered program after program, booting, major function are that the bottom, most direct is provided for computer
Hardware setting and control guarantee each hardware resource Lothrus apterus operation of system.BIOS/firmware is stored in SPI (Serial
Peripheral Interface) in Flash, often has part mainboard and need to run a period of time and the phenomenon that is not switched on occur,
Again normal after burning BIOS when depot repair, by analysis, there is bit reversal in the discovery read-only code section of BIOS/firmware, i.e.,
The quality and individual difference of Flash chip, cause computer to be unable to normal boot-strap, not only also will increase the maintenance cost of product,
And will affect user's normal use, especially remote districts or unattended industry spot, serious situation will affect
Company brand image, brings immeasurable economic loss to company.
Summary of the invention
To solve the above-mentioned problems, the present invention provides a kind of BIOS reinforcement means and system.
On the one hand the technical solution adopted by the present invention is a kind of BIOS reinforcement means, comprising steps of being the firmware volume of BIOS
Corresponding firmware image is set;In the boot block stage of BIOS operation, the legitimacy of firmware volume is examined in school, if not conforming to rule
Firmware volume pointer is modified to be directed toward corresponding firmware image.
The checksum for being preferably based on firmware volume carries out the school inspection of legitimacy.
Preferably, the school inspection that the checksum based on firmware volume carries out legitimacy is further comprised the steps of:, is repaired if not conforming to rule
Change firmware volume pointer to be directed toward corresponding firmware image;BIOS POST is carried out, after completing internal memory initialization, journey is repaired in operation
Sequence is to repair BIOS/firmware volume.
Preferably, the firmware structure of modification BIOS is further comprised the steps of:, the vacant storage region based on SPI Flash is
Corresponding firmware image is arranged in the firmware volume of BIOS.
Preferably, the firmware structure of modification BIOS is further comprised the steps of:, the vacant storage region based on SPI Flash is
Corresponding firmware image and checksum is arranged in the firmware volume of BIOS.
On the one hand the technical solution adopted by the present invention is a kind of BIOS hardened system, comprising: processor is used to execute step
It is rapid: for the firmware volume of BIOS, corresponding firmware image is set;In the boot block stage of BIOS operation, the conjunction of firmware volume is examined in school
Method, if not conforming to rule modification firmware volume pointer to be directed toward corresponding firmware image.
The checksum for being preferably based on firmware volume carries out the school inspection of legitimacy.
Preferably, the processor is also used to execute step: the checksum based on firmware volume carries out the school inspection of legitimacy,
If not conforming to rule modification firmware volume pointer to be directed toward corresponding firmware image;BIOS POST is carried out, when completion internal memory initialization
Afterwards, operation repair procedure is to repair BIOS/firmware volume.
It preferably, further include modification unit, for modifying the firmware structure of BIOS, the vacant storage based on SPI Flash
Corresponding firmware image is arranged in the firmware volume that region is BIOS.
Preferably, the modification unit, is also used to modify the firmware structure of BIOS, the vacant storage based on SPI Flash
Corresponding firmware image and checksum is arranged in the firmware volume that region is BIOS.
Corresponding mirror back-up is arranged in the firmware volume that beneficial effects of the present invention are BIOS, by the boot block stage
The school inspection of firmware volume is carried out to reduce a possibility that generating failure in start-up course, by modification firmware volume pointer normally to start
BIOS can be improved the stability of BIOS operation.
Detailed description of the invention
Fig. 1 show the schematic diagram of the operational process after the BIOS based on the embodiment of the present invention is reinforced;
Fig. 2 show the schematic diagram of the data structure based on the embodiment of the present invention.
Specific embodiment
The present invention will be described with reference to embodiments.
Embodiment 1 based on invention
The present embodiment is used to illustrate the basic ideas of the technical problem in present invention solution background, and BIOS/firmware is stored in
In SPI Flash, FD: firmware device refers to set (the present embodiment middle finger SPI of any equipment that can store firmware or equipment
Flash), its store code and data, FV: firmware volume refers to the continuous part on FD, we can regard it as one
Logical device, because that our codes really operate is FV, rather than FD;Simultaneously for operational safety purpose, SPI Flash's
Memory capacity is generally larger than the needs for storing bios code, this just provides the basis of physics for realization of the invention;Sufficiently
Using the free area of Flash, it is standby that each code segment firmware volume FV (Firmware Volume) for being BIOS increases a mirror image
Part (BACKUP), while the checksum of each firmware volume FV is calculated, and be stored in an OEM block of BIOS/firmware;?
BIOS operational process, before the operation of each firmware volume, first calculating the checksum of firmware volume (FV_BB), (checksum is exactly
Verification and), that is, verify firmware legitimacy, if FV_BB is destroyed, modify firmware volume pointer, from the backup image of FV_BB
FV_BB_BACKUP is executed;Legitimacy is examined in the school that so both may be implemented to carry out BIOS in the boot block stage, is avoided simultaneously
Because BIOS caused by the damage of firmware volume is abnormal, normal starting BIOS is realized.
Embodiment 2 based on invention
The present embodiment is used to illustrate the basic principle and effect of repair procedure in preferred embodiment, the BIOS POST stage (i.e.
Power-on self-test program), carrying out initialization and configuration work, function to system hardware mainly has: (1) test memory, (2) generate
The catalogue listing of installed hardware in system;After internal memory initialization completion, that is, when having the environment for running larger program, operation
Repair procedure is checked firmware volume or backup firmware volume and (can be compared based on code scans, be also possible to be based on
The means such as checksum, the present embodiment are directed to the realization process of these prior arts without further instruction), if it find that
Code is destroyed, and is automatically repaired;By taking FV_BB and FV_BB_BACKUP as an example, Principles: being most with minimum unit 4KB
Subsection block (FLASH_BLOCK that a firmware volume includes multiple 4KB), if FV_BB is destroyed, uses FV_BB_BACKUP
Data go repair FV_BB;It is destroyed on the contrary if it is FV_BB_BACKUP, is then gone to repair FV_BB_BLOCK with FV_BB.
Embodiment 4 based on invention
The present embodiment is used to illustrate the operational process after the BIOS reinforcing such as Fig. 1:
1, before the Boot Block stage, internal memory initialization, the legitimacy of firmware volume FV is checked;
2, inspection firmware volume FV in school is destroyed, and is to redirect firmware volume pointer, from FV_BACKUP volume initialization and is executed step 3,
It is not directly to execute step 3;
3, in the BIOS POST middle and later periods, have and execute under larger program environment, check the legitimacy of firmware, and to damage
Solid volume be automatically repaired;
4, judge whether firmware volume FV destroys, be then to repair firmware volume FV and execution 6 based on using FV_BACKUP, be not
Then follow the steps 5;
5, judge whether backup firmware volume FV_BACKUP destroys, be then to repair firmware volume FV_BACKUP using FV, be not
Then follow the steps 6;
6, load operating system.
From FV_BACKUP volume initialization
Embodiment 4 based on invention
The present embodiment is used to illustrate the storage arrangement of firmware image and checksum in preferred embodiment, number as shown in Figure 2
According to structure, several storage regions are arranged based on vacant memory space, for storing the mirror image and checksum of firmware volume, mistake
Journey is related to the modification for BIOS structure, that is, carries out the arrangement of memory space, the change of pointer, the purpose is to being capable of fast and easy
Realize the switching of data;Wherein,
FV_CHECKSUM is read-only zones, store FV verification and;NVRAM is variable storage area;NVRAM_BACKUP is
Variable storage backup area;FV_MAIN_BACKUP is read-only code region, the main initial code area of firmware;FV_MAIN is only
Read code region, the main initial code backup area of firmware;FV_BB_BACKUP be read-only code region, the area BOOT BLOCK,
FV_BB is read-only code region, BOOT BLOCK backup area.
Advantages of the present invention:
Certain mistakes in firmware running track are predicted in advance, and guarantee that computer security reliably starts: this programme is solid
Before part volume operation, first the legitimacy of firmware volume is verified, if firmware is destroyed, redirects firmware volume pointer to backup
Region avoids delay machine phenomenon in BIOS operational process in advance in this way, guarantees that computer security reliably starts.
Firmware volume damage, BIOS, which is able to achieve, to be automatically repaired: in the BIOS POST stage, after internal memory initialization is completed, that is, being had
When the environment of the larger program of received shipment row, firmware volume or backup firmware volume are checked, if it find that being destroyed, repaired automatically
It is multiple;It can guarantee in this way, when next time starts, firmware volume and backup firmware volume are legal.
High reliability: because this programme inspection and reparation are the firmware volumes using FLASH minimum erasure unit 4KB as basic unit
The probability being destroyed with the same area synchronization of backup firmware volume is extremely low, and nearly close to zero, therefore this programme can be big
The big probability for causing the reversion of bios code position without booting because of FLASH chip quality problems itself that reduces.
This programme is to increase firmware volume using the free area (i.e. described based on vacant storage region) of BIOS Flash
Backup improve product reliability therefore in the case where not increasing any cost, improve product quality, reduce product
Maintenance cost.
The above, only presently preferred embodiments of the present invention, the invention is not limited to above embodiment, as long as
It reaches technical effect of the invention with identical means, all should belong to protection scope of the present invention.In protection model of the invention
Its technical solution and/or embodiment can have a variety of different modifications and variations in enclosing.
Claims (10)
1. a kind of BIOS reinforcement means, which is characterized in that comprising steps of
For the firmware volume of BIOS, corresponding firmware image is set;
In the boot block stage of BIOS operation, the legitimacy of firmware volume is examined in school, if not conforming to rule modification firmware volume pointer
To be directed toward corresponding firmware image.
2. a kind of BIOS reinforcement means according to claim 1, which is characterized in that the checksum based on firmware volume is carried out
It examines in the school of legitimacy.
3. a kind of BIOS reinforcement means according to claim 2, which is characterized in that further comprise the steps of:
Checksum based on firmware volume carries out the school inspection of legitimacy, if not conforming to rule modification firmware volume pointer to be directed toward correspondence
Firmware image;
BIOS POST is carried out, after completing internal memory initialization, runs repair procedure to repair BIOS/firmware volume.
4. a kind of BIOS reinforcement means according to claim 3, the BIOS are stored in SPI Flash, which is characterized in that
It further comprises the steps of:
The firmware structure of BIOS is modified, the firmware volume setting that the vacant storage region based on SPI Flash is BIOS is corresponding solid
Part mirror image.
5. a kind of BIOS reinforcement means according to claim 4, which is characterized in that further comprise the steps of:
The firmware structure of BIOS is modified, the firmware volume setting that the vacant storage region based on SPI Flash is BIOS is corresponding solid
Part mirror image and checksum.
6. a kind of BIOS hardened system characterized by comprising
Processor is used to execute step:
For the firmware volume of BIOS, corresponding firmware image is set;
In the boot block stage of BIOS operation, the legitimacy of firmware volume is examined in school, if not conforming to rule modification firmware volume pointer
To be directed toward corresponding firmware image.
7. a kind of BIOS hardened system according to claim 6, which is characterized in that the checksum based on firmware volume is carried out
It examines in the school of legitimacy.
8. a kind of BIOS hardened system according to claim 7, which is characterized in that the processor is also used to execute step
It is rapid:
Checksum based on firmware volume carries out the school inspection of legitimacy, if not conforming to rule modification firmware volume pointer to be directed toward correspondence
Firmware image;
BIOS POST is carried out, after completing internal memory initialization, runs repair procedure to repair BIOS/firmware volume.
9. a kind of BIOS hardened system according to claim 8, including the SPI Flash for storing BIOS, feature
It is, further includes modification unit, for modifying the firmware structure of BIOS, the vacant storage region based on SPI Flash is BIOS
Firmware volume corresponding firmware image is set.
10. a kind of BIOS hardened system according to claim 9, including the SPI Flash for storing BIOS, feature
It is, the modification unit is also used to modify the firmware structure of BIOS, and the vacant storage region based on SPI Flash is BIOS
Firmware volume corresponding firmware image and checksum are set.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810834965.9A CN108958982A (en) | 2018-07-26 | 2018-07-26 | A kind of BIOS reinforcement means and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810834965.9A CN108958982A (en) | 2018-07-26 | 2018-07-26 | A kind of BIOS reinforcement means and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108958982A true CN108958982A (en) | 2018-12-07 |
Family
ID=64463926
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810834965.9A Pending CN108958982A (en) | 2018-07-26 | 2018-07-26 | A kind of BIOS reinforcement means and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108958982A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101655800A (en) * | 2008-08-22 | 2010-02-24 | 华硕电脑股份有限公司 | Updating method and updating system for basic input output system |
| CN102053874A (en) * | 2009-10-27 | 2011-05-11 | 英业达股份有限公司 | Method for protecting standby data |
| US20140047243A1 (en) * | 2010-05-28 | 2014-02-13 | Dell Products, Lp | System and Method for Pre-Boot Authentication of a Secure Client Hosted Virtualization in an Information Handling System |
| CN104765647A (en) * | 2014-01-08 | 2015-07-08 | 鸿富锦精密工业(深圳)有限公司 | BIOS (Basic Input / Output System) program restoration system |
| CN106776122A (en) * | 2016-11-23 | 2017-05-31 | 武汉光迅科技股份有限公司 | A kind of method of main-apparatus protection in start-up course based on Flash |
| CN107015878A (en) * | 2017-03-24 | 2017-08-04 | 联想(北京)有限公司 | For system for computer restorative procedure and system |
-
2018
- 2018-07-26 CN CN201810834965.9A patent/CN108958982A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101655800A (en) * | 2008-08-22 | 2010-02-24 | 华硕电脑股份有限公司 | Updating method and updating system for basic input output system |
| CN102053874A (en) * | 2009-10-27 | 2011-05-11 | 英业达股份有限公司 | Method for protecting standby data |
| US20140047243A1 (en) * | 2010-05-28 | 2014-02-13 | Dell Products, Lp | System and Method for Pre-Boot Authentication of a Secure Client Hosted Virtualization in an Information Handling System |
| CN104765647A (en) * | 2014-01-08 | 2015-07-08 | 鸿富锦精密工业(深圳)有限公司 | BIOS (Basic Input / Output System) program restoration system |
| CN106776122A (en) * | 2016-11-23 | 2017-05-31 | 武汉光迅科技股份有限公司 | A kind of method of main-apparatus protection in start-up course based on Flash |
| CN107015878A (en) * | 2017-03-24 | 2017-08-04 | 联想(北京)有限公司 | For system for computer restorative procedure and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10642596B2 (en) | Embedded device and program updating method | |
| CN113489597B (en) | Method and system for optimal startup path for network device | |
| US7036007B2 (en) | Firmware architecture supporting safe updates and multiple processor types | |
| US11579893B2 (en) | Systems and methods for separate storage and use of system BIOS components | |
| CN107480011B (en) | BIOS switching device | |
| CN101504704B (en) | Star trust chain supporting embedded platform application program integrality verification method | |
| CN113282434B (en) | Memory repair method based on post-package repair technology and related components | |
| US20130232325A1 (en) | Electronic device to restore mbr, method thereof, and computer-readable medium | |
| CN111694760B (en) | Server system, flash memory module and method for updating firmware mapping file | |
| JP2014522070A (en) | Secure recovery apparatus and method | |
| US10909247B2 (en) | Computing device having two trusted platform modules | |
| CN102830990A (en) | Computer system starting method and computer terminal | |
| CN112328358A (en) | Dual-system starting method based on virtual machine and storage medium | |
| KR102598510B1 (en) | Method and apparatus for verify software integrity | |
| CN109933374B (en) | Computer starting method | |
| CN108958814B (en) | Multimode redundant embedded operating system starting method | |
| CN111859402A (en) | Safe boot method and device based on UEFI BIOS start | |
| WO2017143513A1 (en) | Method, cpu and single board for starting boot | |
| CN108958982A (en) | A kind of BIOS reinforcement means and system | |
| CN114741091A (en) | Firmware loading method and device, electronic equipment and computer readable storage medium | |
| CN106293531B (en) | A method of prevent flash in SD use process from surprisingly being distorted based on flash write-protect | |
| CN103106089B (en) | A kind of upgrade method of intelligent platform management controller and system | |
| CN113626792A (en) | PCIe Switch firmware safe execution method, device, terminal and storage medium | |
| CN107704270B (en) | Two-out-of-two architecture-based method and device for starting and guiding micro computer/operating system (μ C/OS-II) | |
| CN111061514A (en) | Flash device, integrated circuit and Flash device starting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181207 |
|
| RJ01 | Rejection of invention patent application after publication |