CN109375953A - A kind of os starting method and device - Google Patents

A kind of os starting method and device Download PDF

Info

Publication number
CN109375953A
CN109375953A CN201811023507.3A CN201811023507A CN109375953A CN 109375953 A CN109375953 A CN 109375953A CN 201811023507 A CN201811023507 A CN 201811023507A CN 109375953 A CN109375953 A CN 109375953A
Authority
CN
China
Prior art keywords
program
crtm
bootstrap
main
mark
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811023507.3A
Other languages
Chinese (zh)
Other versions
CN109375953B (en
Inventor
秦娟
戴恒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Information Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201811023507.3A priority Critical patent/CN109375953B/en
Publication of CN109375953A publication Critical patent/CN109375953A/en
Application granted granted Critical
Publication of CN109375953B publication Critical patent/CN109375953B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1415Saving, restoring, recovering or retrying at system level
    • G06F11/1417Boot up procedures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1415Saving, restoring, recovering or retrying at system level
    • G06F11/1433Saving, restoring, recovering or retrying at system level during software upgrading
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a kind of os starting method and device, comprising: after the starting of this equipment, verifies to the first CRTM configured in main bootstrap program;If passing through to the verification of the first CRTM, the first designated program in the main bootstrap program is verified using the first CRTM;First designated program is the program in main bootstrap program in addition to the first CRTM;If the verification to the first designated program does not pass through, the second designated program in the corresponding backup bootstrap of the main bootstrap program is verified using the first CRTM;Second designated program is the program in backup bootstrap in addition to the 2nd CRTM;If passing through to the verification of the second designated program, first designated program is updated using the second designated program, and start updated first designated program, to complete the starting of operating system by updated first designated program.The reliability of os starting can be improved using method provided by the present application.

Description

A kind of os starting method and device
Technical field
This application involves computer communication field more particularly to a kind of os starting method and devices.
Background technique
CRTM (core root of trust for measurement, the core of credible measurement root), usually electronics A part of the bootstrap of equipment is the source that electronic equipment starts to Trust transitivity in electronic device system starting process Point.
The start-up course that electronic equipment starts to operating system can usually be sketched are as follows: after electronic equipment starting, electronics Equipment can verify the CRTM in the bootstrap of this equipment, after verification passes through.Electronic equipment can be used this CRTM pairs The program (abbreviated here as designated program) in addition to the CRTM in the bootstrap is verified.After verification passes through, electronics Equipment can start the designated program, and be verified using the designated program to operating system, if verification passes through, electronic equipment can Start-up operation system.
But in existing mode, when this equipment bootstrap abnormal (being such as tampered), this equipment is to above-mentioned specified The verification of program does not pass through, so this equipment is unable to complete the starting to designated program, and then can not start the operation of this equipment System.
Summary of the invention
In view of this, the application provides a kind of starting method and device of operating system, to improve os starting Reliability.
Specifically, the application is achieved by the following technical solution:
According to a first aspect of the present application, a kind of os starting method is provided, the method is applied to electronic equipment, The described method includes:
After this device power, the first CRTM configured in main bootstrap program is verified;
If passing through to the verification of the first CRTM, first in the main bootstrap program is referred to using the first CRTM Determine program to be verified;First designated program is the program in main bootstrap program in addition to the first CRTM;
It is corresponding to the main bootstrap program using the first CRTM if not passing through to the verification of first designated program Backup bootstrap in the second designated program verified;Configure the 2nd CRTM in the backup bootstrap, described the Two designated programs are the program in backup bootstrap in addition to the 2nd CRTM;
If passing through to the verification of second designated program, it is specified that described first is updated using second designated program Program, and start updated first designated program, to complete the starting of operating system by updated first designated program.
Optionally, the method also includes:
If not passing through to the verification of the first CRTM, the 2nd CRTM is verified;
If passing through to the verification of the 2nd CRTM, the first CRTM is updated using the 2nd CRTM, and restart This equipment.
Optionally, the first designated program in the main bootstrap program is verified using the first CRTM described Before, the method also includes:
It detects whether to exist for the upgrading mark that the main bootstrap program is arranged;
When there is no upgrading mark, the update mark for existing for the backup bootstrap configuration is detected whether;
The update mark if it exists, then update the backup bootstrap using the current main bootstrap program of this equipment, Remove update mark, and execute it is described using the first CRTM to the first designated program in the main bootstrap program into The step of row verification;
Update mark if it does not exist, then execute it is described using the first CRTM to the in the main bootstrap program The step of one designated program is verified.
Optionally, the upgrading mark for detecting whether to exist for the main bootstrap program setting further include:
When there are upgrading mark, the goal directed program that main bootstrap program is upgraded to is verified;
If not passing through to the goal directed program ver-ify, the upgrading mark is removed, and detect whether to exist for institute State the update mark of backup bootstrap configuration;
The update mark if it exists, then update the backup bootstrap using the current main bootstrap program of this equipment, Remove update mark, and execute it is described using the first CRTM to the first designated program in the main bootstrap program into The step of row verification;
Update mark if it does not exist, then execute it is described using the first CRTM to the in the main bootstrap program The step of one designated program is verified.
Optionally, described to remove the upgrading mark, and detect whether to exist for the backup bootstrap configuration more Before new mark, the method also includes:
The main bootstrap program is upgraded into the goal directed program;
The upgrading mark is removed, and restarts this equipment.
Optionally, after updated first designated program of starting, the method also includes:
Check whether the main bootstrap program and the backup bootstrap are consistent;
If inconsistent, mark is updated for backup bootstrap setting.
According to a second aspect of the present application, a kind of os starting device is provided, described device is applied to electronic equipment, Described device includes:
First verification unit, for being verified to the first CRTM configured in main bootstrap program after this device power;
Second verification unit, if the verification for the first CRTM passes through, using the first CRTM to the master The first designated program in bootstrap is verified;First designated program is that the first CRTM is removed in main bootstrap program Outer program;
Third verification unit uses the first CRTM if the verification for first designated program does not pass through The second designated program in the corresponding backup bootstrap of the main bootstrap program is verified;Match in the backup bootstrap The 2nd CRTM is set, second designated program is the program in backup bootstrap in addition to the 2nd CRTM;
Start unit, if the verification for second designated program passes through, more using second designated program New first designated program, and start updated first designated program, to be completed by updated first designated program The starting of operating system.
Optionally, described device further include:
4th verification unit carries out school to the 2nd CRTM if the verification for the first CRTM does not pass through It tests;If passing through to the verification of the 2nd CRTM, the first CRTM is updated using the 2nd CRTM, and restart and originally set It is standby.
Optionally, described device further include:
Upgrade updating unit, for it is described using the first CRTM to the first specified journey in the main bootstrap program Before sequence is verified, the upgrading mark for existing for the main bootstrap program setting is detected whether;When there is no the upgradings to mark When will, the update mark for existing for the backup bootstrap configuration is detected whether;Update mark if it exists, using originally setting Standby current main bootstrap program updates the backup bootstrap, removes the updates mark, and executes and described use described the The step of one CRTM verifies the first designated program in the main bootstrap program;The update mark if it does not exist, then Execute described the step of verifying using the first CRTM to the first designated program in the main bootstrap program.
Optionally, the upgrading updating unit is also used to be upgraded to main bootstrap program when there are upgrading mark Goal directed program verified;If not passing through to the goal directed program ver-ify, the upgrading mark is removed, and examine It surveys with the presence or absence of the update mark for backup bootstrap configuration;The update mark if it exists, it is current using this equipment Main bootstrap program update the backup bootstrap, remove the updates mark, and execute the use the first CRTM The step of the first designated program in the main bootstrap program is verified;The update mark if it does not exist, then execute institute State the step of verifying using the first CRTM to the first designated program in the main bootstrap program.
Optionally, the upgrading updating unit is also used to the removing upgrading mark, and detects whether to exist for institute Before the update mark for stating the configuration of backup bootstrap, then the main bootstrap program is upgraded into the goal directed program;Clearly Except the upgrading indicates, and restart this equipment.
Optionally, described device further include:
Setting unit, for checking whether the main bootstrap program and the backup bootstrap are consistent;If inconsistent, it is The backup bootstrap setting updates mark.
The application is configured with main bootstrap program and backup bootstrap, and after main bootstrap program exception, electronic equipment can be opened With backup bootstrap, to complete the starting of the designated program in bootstrap, and then the starting of operating system is completed.
In addition, the embodiment of the present application can be realized through the above steps to main boot after main bootstrap program needs to upgrade The upgrading of program, meanwhile, the embodiment of the present application can also make main bootstrap program synchronous with backup bootstrap, so that main bootstrap program After upgrading, backup bootstrap can also be consistent with the main bootstrap program after upgrading, and then asks in subsequent main bootstrap program When topic, newest backup bootstrap can be used to repair main bootstrap program, complete the starting of operating system.
Detailed description of the invention
Fig. 1 is a kind of flow chart of os starting method shown in one exemplary embodiment of the application;
Fig. 2 is the flow chart of another os starting method shown in one exemplary embodiment of the application;
Fig. 3 is a kind of block diagram of os starting device shown in one exemplary embodiment of the application;
Fig. 4 is the hardware structure diagram of a kind of electronic equipment shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
Bootstrap in electronic equipment usually may include CRTM program, and other programs in addition to CRTM program (describing for convenience here, referred to as designated program).
In general, the type of electronic equipment is different, the bootstrap type on electronic equipment is also different.When electronic equipment is meter When calculation machine, the bootstrap of electronic equipment can be BIOS (Basic Input Output System, basic input and output system System) program.When electronic equipment is forwarding device, such as interchanger, router etc., above-mentioned bootstrap can be Boot and (draw Lead) program.Here only the bootstrap on electronic equipment and electronic equipment is illustratively illustrated, which is not set Standby and its bootstrap carries out specifically defined.
It is a kind of flow chart of os starting method shown in one exemplary embodiment of the application referring to Fig. 1, Fig. 1. This method can be applicable on electronic equipment, it may include step as follows.
Step 101: after this device power, the first CRTM configured in main bootstrap program being verified.
Step 102: if passing through to the verification of the first CRTM, using the first CRTM in the main bootstrap program The first designated program verified;First designated program is the program in main bootstrap program in addition to the first CRTM.
Step 103: if not passing through to the verification of first designated program, using the first CRTM to the main boot The second designated program in the corresponding backup bootstrap of program is verified;The backup bootstrap is configured with second CRTM, second designated program are the program in backup bootstrap in addition to the 2nd CRTM.
Step 104: if passing through to the verification of second designated program, using described in second designated program update First designated program, and start updated first designated program, to complete operation system by updated first designated program The starting of system.
Electronic equipment shown in the embodiment of the present application configured with main bootstrap program and backup bootstrap, main bootstrap program with Different memories (such as in FLASH) can be stored in by being backed up bootstrap, and after main bootstrap program exception, electronic equipment can Backup bootstrap is enabled, to complete the starting of the designated program in bootstrap, and then completes the starting of operating system.
Before introduction step 101 and step 102, first several concepts involved in the embodiment of the present application are introduced.
First CRTM refers to the CRTM in main bootstrap program.
First designated program refers to the program in main bootstrap program in addition to the first CRTM.
2nd CRTM refers to the CRTM in backup bootstrap corresponding with main bootstrap program.
Second designated program refers to the program in backup bootstrap in addition to the 2nd CRTM.
Above-mentioned first, second there is no physical meaning, is intended merely to facilitate a kind of abbreviation method of narration and use.
In the embodiment of the present application, after electronic equipment starts, electronic equipment can the first CRTM to main bootstrap program into Row verification.
If not passing through to the verification of the first CRTM, electronic equipment can carry out school to the 2nd CRTM in backup bootstrap It tests.If passing through to the verification of the 2nd CRTM, the first CRTM is updated using the 2nd CRTM, and restart and originally set It is standby.If not passing through to the verification of the 2nd CRTM, handled using preset strategy, for example preset strategy can be hanging equipment It rises, equipment alert etc., preset strategy is not carried out here specifically defined.
If passing through to the verification of the first CRTM, the first CRTM can be used to refer to first in the main bootstrap program for electronic equipment Determine program to be verified.
If electronic equipment does not pass through the verification of the first designated program using the first CRTM, electronic equipment can be used this first CRTM verifies the second designated program in the backup bootstrap.If using the first CRTM to the school of the second designated program It tests and passes through, then second designated program can be used to update the first designated program for electronic equipment, and it is specified to start updated first Program.If not passed through using the first CRTM to the verification of the second designated program, handled using preset strategy.Such as equipment It hangs up, equipment alert etc..
If electronic equipment passes through the verification of the first designated program using the first CRTM, electronic equipment can start the first finger Determine program.
After the starting of the first designated program, the first designated program can be used to verify operating system for electronic equipment, if Operating system verification is passed through, then it can start-up operation system.
It should be noted that showing the first CRTM, abnormal (for example the first CRTM is usurped when the first CRTM verifies obstructed out-of-date Change), the first CRTM is updated using the 2nd CRTM, and mainly the first CRTM in main bootstrap program is repaired.
When the first designated program verifies obstructed out-of-date, show that the first designated program is abnormal (for example usurped by the first designated program Change), the first designated program is updated using the second designated program, and mainly the first designated program in main bootstrap program is repaired It is multiple.
Wherein, method of calibration that the standard criterion that trust computing system can be used in above-mentioned method of calibration is recorded carries out school It tests, which is not described herein again.
Seen from the above description, the embodiment of the present application is configured with main bootstrap program and backup bootstrap, when main boot journey After sequence exception, electronic equipment can enable backup bootstrap, to complete the starting of the designated program in bootstrap, and then complete The starting of operating system.
So the embodiment of the present application still can guide journey by backup after the main bootstrap program exception of electronic equipment Sequence completes the starting of operating system, so complete to start only with single bootstrap in compared with the prior art, this The reliability that os starting is completed in application is higher.
In addition, how to upgrade main bootstrap program when the embodiment of the present application is configured with main bootstrap program and backup bootstrap, And after upgrading main bootstrap program, how to make upgrading after main bootstrap program it is consistent with backup bootstrap the problems such as be also Problem to be solved.For this purpose, the embodiment of the present application also proposes a kind of mechanism, to solve these problems.
It is implemented as follows:
In the embodiment of the present application, the first designated program in the main bootstrap program is carried out using the first CRTM above-mentioned Further include following content before verifying the step:
Electronic equipment can detect whether to exist for the upgrading mark of main bootstrap program setting, which characterizes the master and draw Lead sequence needs are upgraded.
When there is no the upgrading mark for main bootstrap program configuration, electronic equipment can further detect whether to exist for standby The update mark of part bootstrap configuration.The update mark if it exists, the main boot journey that television equipment can be used this equipment current Sequence updates the backup bootstrap, after the completion of update, removes the update mark of backup bootstrap, then executes above-mentioned make again Verification the step is carried out to the first designated program in the main bootstrap program with the first CRTM.The update mark if it does not exist, It then directly executes the first CRTM of above-mentioned use and verification the step is carried out to the first designated program in the main bootstrap program.
When existing for the upgrading mark of main bootstrap program configuration, electronic equipment can need to be upgraded to the main bootstrap program Goal directed program verified.If passing through to the verification of the goal directed program, electronic equipment is by main bootstrap program liter Grade arrives the goal directed program, is cleared to the upgrading mark of main bootstrap program configuration, and restarts this equipment.If drawing to the target The verification of lead sequence does not pass through, then electronic equipment can be cleared to the upgrading mark of main bootstrap program configuration, and further detect With the presence or absence of the update mark configured for backup bootstrap.This equipment can be used to work as the update mark, electronic equipment if it exists Preceding main bootstrap program updates the backup bootstrap, after the completion of update, removes the update mark of backup bootstrap, then The first CRTM of above-mentioned use is executed again, and verification the step is carried out to the first designated program in the main bootstrap program.If it does not exist The update mark then directly executes the first CRTM of above-mentioned use and carries out verifying this to the first designated program in the main bootstrap program A step.
In addition, electronic equipment can also check current main boot after updated first designated program of above-mentioned starting Whether program is consistent with backup bootstrap, if inconsistent, be arranged for the backup bootstrap and update mark.
Setting for above-mentioned upgrading mark can be set when electronic equipment receives upgrade command for main bootstrap program Set upgrading mark.
Seen from the above description, after main bootstrap program needs to upgrade, the embodiment of the present application can be real through the above steps Now to the upgrading of main bootstrap program, meanwhile, the embodiment of the present application can also make main bootstrap program synchronous with backup bootstrap, so that After main bootstrap program upgrading, backup bootstrap can also be consistent with the main bootstrap program after upgrading, and then in subsequent main boot Program when something goes wrong, can be used newest backup bootstrap to repair main bootstrap program, complete the starting of operating system.
In the following, using electronic equipment as forwarding device, for bootstrap is Boot program, and Fig. 2 is combined, to aforesaid operations The starting method of system is described in detail.
Referring to fig. 2, Fig. 2 is the process of another os starting method shown in one exemplary embodiment of the application Figure, this method may include step as follows.
Step 201: forwarding device powers on.
Step 202: forwarding device verifies the first CRTM.
Wherein, the first CRTM is the CRTM of main Boot, and the first designated program described below is that first is removed in main Boot Program outside CRTM.
2nd CRTM described below is the CRTM of backup Boot, and the second designated program described below is in backup Boot Program in addition to the 2nd CRTM.
Step 203: whether forwarding device is detectable passes through the verification of the first CRTM.
If passing through to the verification of the first CRTM, 208 are thened follow the steps;
If not passing through to the verification of the first CRTM, 204 are thened follow the steps.
Step 204: if forwarding device does not pass through the verification of the first CRTM, forwarding device can be to second in standby Boot CRTM is verified.
Step 205: whether forwarding device is detectable passes through the verification of the 2nd CRTM.
If passing through to the verification of the 2nd CRTM, 206 are thened follow the steps, i.e., updates the first CRTM using the 2nd CRTM.It is holding After row step 206, return step 201 restarts this forwarding device.
If not passing through to the verification of the 2nd CRTM, 207 are thened follow the steps, i.e. progress designated treatment.
Step 206: if passing through to the verification of the 2nd CRTM, the 2nd CRTM can be used to update the first CRTM for forwarding device.
Step 207: if not passing through to the verification of the 2nd CRTM, forwarding device can carry out designated treatment.
Wherein, which is the processing being pre-configured, for example forwarding device is hung up, alert etc., here Designated treatment is not carried out specifically defined.
Step 208: if passing through to the verification of the first CRTM, forwarding device can detect whether the liter for having for main Boot configuration Grade mark.
It is if it exists the upgrading mark of main Boot configuration, thens follow the steps 209 to step 211.
Specifically, it is if it exists the upgrading mark of main Boot configuration, then further detects the target being upgraded to main Boot Whether the verification of Boot passes through.If passing through to the verification of target Boot, 210 are thened follow the steps, i.e., main Boot is upgraded into target Boot, and remove upgrading mark.After the performance of step 210, step 201 is executed, that is, restarts this forwarding device.
If the verification to target Boot does not pass through, 211 are thened follow the steps, that is, upgrading mark is removed, after executing step 211 Step 212 is executed, i.e. forwarding device detecting whether there is the update mark configured for backup Boot.
It is if it does not exist the upgrading mark of main Boot configuration, then directly executes step 212, is i.e. whether forwarding device detecting deposits In the update mark configured for backup Boot.
Step 209: being if it exists the upgrading mark of main Boot configuration, then forwarding device detecting is to the verification of target Boot It is no to pass through.
Step 210: if passing through to the verification of target Boot, main Boot can be upgraded to target Boot by forwarding device, and Remove upgrading mark.
In the embodiment of the present application, after executing the step 210, step 201 is executed, that is, restarts this forwarding device.
Step 211: if the verification to target Boot does not pass through, forwarding device can remove upgrading mark.
In the embodiment of the present application, after executing the step 211, step 212 is executed.
Step 212: being if it does not exist the upgrading mark of main Boot configuration, or target Boot verification is not passed through, forward Equipment can detect whether to exist for the update mark of backup Boot configuration.
It is if it exists the update mark of backup Boot configuration, step 213 can be performed in forwarding device.
It is if it does not exist the update mark of backup Boot configuration, step 214 can be performed in forwarding device.
Step 213: being if it exists the update mark of backup Boot configuration, then forwarding device is updated using current main Boot Backup Boot, and remove update mark.
Step 214: being if it does not exist the update mark of backup Boot configuration, then forwarding device is using the first CRTM to first Designated program is verified.
Step 215: whether forwarding device detecting passes through the verification of the first designated program.
If passing through to the verification of the first designated program, 220 are thened follow the steps.
If the verification to the first designated program does not pass through, 216 are thened follow the steps.
Step 216: when the verification to the first designated program is obstructed out-of-date, the first CRTM can be used to refer to second for forwarding device Determine program to be verified.
Step 217: whether forwarding device is detectable passes through the verification of the second designated program.
If passing through to the verification of the second designated program, 219. are thened follow the steps
If the verification to the second designated program does not pass through, 218 are thened follow the steps.
Step 218: when the verification to the second designated program is obstructed out-of-date, forwarding device can carry out designated treatment.
Wherein, which is the processing being pre-configured, for example forwarding device is hung up, alert etc., here Designated treatment is not carried out specifically defined.
Step 219: when the verification to the second designated program passes through, the second designated program can be used to update for forwarding device One designated program.
Step 220: forwarding device can start the first designated program.
Step 221: whether forwarding device can detect main Boot and backup Boot consistent.
If main Boot is consistent with backup Boot, 223 are thened follow the steps.
If main Boot and backup Boot are inconsistent, 222 are thened follow the steps.
Step 222: if main Boot and backup Boot are inconsistent, forwarding device can update mark for backup Boot configuration.
Step 223: if main Boot is consistent with backup Boot, forwarding device is detectable to use main Boot to the school of operating system It tests and whether passes through.
If the verification to operating system does not pass through, 224 are thened follow the steps.
If the verification to operating system passes through, 225 are thened follow the steps.
Step 224: if the verification to operating system does not pass through, forwarding device can carry out designated treatment.
Wherein, which is the processing being pre-configured, for example forwarding device is hung up, alert etc., here Designated treatment is not carried out specifically defined.
Step 225: if the verification to operating system passes through, forwarding device can start-up operation system.
Seen from the above description, the embodiment of the present application is configured with main Boot and backup Boot, after main Boot exception, electronics Equipment can enable backup Boot, to complete the starting of the designated program in Boot, and then complete the starting of operating system.
So the embodiment of the present application still can be completed to grasp by backup Boot when the main Boot exception of electronic equipment Make the starting of system, so completing os starting, the application only with single Boot in compared with the prior art The reliability that embodiment completes os starting is higher.
In addition, the embodiment of the present application can realize the liter to main Boot through the above steps after main Boot needs to upgrade Grade, meanwhile, also main Boot can be used to update backup Boot for the embodiment of the present application, and after upgrading winner Boot, backup Boot can also With consistent with the main Boot after upgrading, and then in subsequent main Boot exception, newest backup Boot can be used to repair master Boot completes the starting of operating system.
It is a kind of block diagram of os starting device shown in one exemplary embodiment of the application referring to Fig. 3, Fig. 3, it should Device can be applicable on electronic equipment, it may include unit as follows.
First verification unit 301, for carrying out school to the first CRTM configured in main bootstrap program after this device power It tests;
Second verification unit 302, if the verification for the first CRTM passes through, using the first CRTM to described The first designated program in main bootstrap program is verified;First designated program is that described first is removed in main bootstrap program Program outside CRTM;
Third verification unit 303 uses described first if the verification for first designated program does not pass through CRTM verifies the second designated program in the corresponding backup bootstrap of the main bootstrap program;The backup bootstrap The 2nd CRTM of middle configuration, second designated program are the program in backup bootstrap in addition to the 2nd CRTM;
Start unit 304 uses second designated program if the verification for second designated program passes through First designated program is updated, and starts updated first designated program, with complete by updated first designated program At the starting of operating system.
Optionally, described device further include:
4th verification unit 305 carries out the 2nd CRTM if the verification for the first CRTM does not pass through Verification;If passing through to the verification of the 2nd CRTM, the first CRTM is updated using the 2nd CRTM, and restart and originally set It is standby.
Optionally, described device further include:
Upgrade updating unit 306, for referring to using the first CRTM to first in the main bootstrap program described Determine to detect whether the upgrading mark for existing for the main bootstrap program setting before program verified;When there is no the liters When grade mark, the update mark for existing for the backup bootstrap configuration is detected whether;The update mark if it exists, uses The current main bootstrap program of this equipment updates the backup bootstrap, removes the updates mark, and executes and described use institute State the step of the first CRTM verifies the first designated program in the main bootstrap program;The update mark if it does not exist Will then executes described the step of verifying using the first CRTM to the first designated program in the main bootstrap program.
Optionally, the upgrading updating unit 306 is also used to when there are upgrading mark, to main bootstrap program liter Grade to goal directed program verified;If not passing through to the goal directed program ver-ify, the upgrading mark is removed, And detect whether to exist for the update mark of the backup bootstrap configuration;The update mark if it exists, uses this equipment Current main bootstrap program updates the backup bootstrap, removes the update mark, and execute the use described first The step of CRTM verifies the first designated program in the main bootstrap program;The update mark if it does not exist, then hold It goes described the step of the first designated program in the main bootstrap program is verified using the first CRTM.
Optionally, the upgrading updating unit 306 is also used to remove the upgrading mark described, and detects whether to deposit It, will be described if passing through to the goal directed program ver-ify before the update mark configured for the backup bootstrap Main bootstrap program upgrades to the goal directed program;The upgrading mark is removed, and restarts this equipment.
Optionally, described device further include:
Setting unit 307, for checking whether the main bootstrap program and the backup bootstrap are consistent;If different It causes, updates mark for backup bootstrap setting.
Referring to fig. 4, Fig. 4 is the hardware structure diagram of a kind of electronic equipment shown in one exemplary embodiment of the application.
The electronic equipment includes: communication interface 401, processor 402, machine readable storage medium 403 and bus 404;Its In, communication interface 401, processor 402 and machine readable storage medium 403 complete mutual communication by bus 404.Processing Device 402 can be held by reading and executing machine corresponding with os starting control logic in machine readable storage medium 403 Row instruction, can be performed operations described above system start method.
Machine readable storage medium 403 referred to herein can be any electronics, magnetism, optics or other physical stores Device may include or store information, such as executable instruction, data, etc..For example, machine readable storage medium may is that easily Lose memory, nonvolatile memory or similar storage medium.Specifically, machine readable storage medium 403 can be RAM (Radom Access Memory, random access memory), flash memory, memory driver (such as hard disk drive), solid state hard disk, Any kind of storage dish (such as CD, DVD) perhaps similar storage medium or their combination.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (12)

1. a kind of os starting method, which is characterized in that the method is applied to electronic equipment, which comprises
After this device power, the first CRTM configured in main bootstrap program is verified;
If passing through to the verification of the first CRTM, using the first CRTM to the first specified journey in the main bootstrap program Sequence is verified;First designated program is the program in main bootstrap program in addition to the first CRTM;
It is corresponding to the main bootstrap program standby using the first CRTM if not passing through to the verification of first designated program The second designated program in part bootstrap is verified;The 2nd CRTM is configured in the backup bootstrap, described second refers to Determining program is the program in backup bootstrap in addition to the 2nd CRTM;
If passing through to the verification of second designated program, the first specified journey is updated using second designated program Sequence, and start updated first designated program, to complete the starting of operating system by updated first designated program.
2. the method according to claim 1, wherein the method also includes:
If not passing through to the verification of the first CRTM, the 2nd CRTM is verified;
If passing through to the verification of the 2nd CRTM, the first CRTM is updated using the 2nd CRTM, and restart and originally set It is standby.
3. the method according to claim 1, wherein using the first CRTM to the main boot journey described Before the first designated program in sequence is verified, the method also includes:
It detects whether to exist for the upgrading mark that the main bootstrap program is arranged;
When there is no upgrading mark, the update mark for existing for the backup bootstrap configuration is detected whether;
The update mark if it exists, then update the backup bootstrap using the current main bootstrap program of this equipment, remove Update mark, and execute and described school is carried out to the first designated program in the main bootstrap program using the first CRTM The step of testing;
Update mark if it does not exist is then executed and described is referred to using the first CRTM to first in the main bootstrap program Determine the step of program is verified.
4. according to the method described in claim 3, it is characterized in that, described detect whether to exist for the main bootstrap program setting Upgrading mark further include:
When there are upgrading mark, the goal directed program that main bootstrap program is upgraded to is verified;
If not passing through to the goal directed program ver-ify, the upgrading mark is removed, and detect whether to exist for described standby The update mark of part bootstrap configuration;
The update mark if it exists, then update the backup bootstrap using the current main bootstrap program of this equipment, remove Update mark, and execute and described school is carried out to the first designated program in the main bootstrap program using the first CRTM The step of testing;
Update mark if it does not exist is then executed and described is referred to using the first CRTM to first in the main bootstrap program Determine the step of program is verified.
5. according to the method described in claim 4, it is characterized in that, described remove the upgrading and indicate, and detecting whether exist Before update mark for backup bootstrap configuration, the method also includes:
The main bootstrap program is upgraded into the goal directed program;
The upgrading mark is removed, and restarts this equipment.
6. the method according to claim 3 or 4, which is characterized in that after updated first designated program of starting, The method also includes:
Check whether the main bootstrap program and the backup bootstrap are consistent;
If inconsistent, mark is updated for backup bootstrap setting.
7. a kind of os starting device, which is characterized in that described device is applied to electronic equipment, and described device includes:
First verification unit, for being verified to the first CRTM configured in main bootstrap program after this device power;
Second verification unit, if the verification for the first CRTM passes through, using the first CRTM to the main boot The first designated program in program is verified;First designated program be main bootstrap program in addition to the first CRTM Program;
Third verification unit, if the verification for first designated program does not pass through, using the first CRTM to this The second designated program in the corresponding backup bootstrap of main bootstrap program is verified;Is configured in the backup bootstrap Two CRTM, second designated program are the program in backup bootstrap in addition to the 2nd CRTM;
Start unit updates institute using second designated program if the verification for second designated program passes through The first designated program is stated, and starts updated first designated program, to complete to operate by updated first designated program The starting of system.
8. device according to claim 7, which is characterized in that described device further include:
4th verification unit verifies the 2nd CRTM if the verification for the first CRTM does not pass through;If The verification of 2nd CRTM is passed through, then updates the first CRTM using the 2nd CRTM, and restart this equipment.
9. device according to claim 7, which is characterized in that described device further include:
Upgrade updating unit, for it is described using the first CRTM to the first designated program in the main bootstrap program into Before row verification, the upgrading mark for existing for the main bootstrap program setting is detected whether;When there is no upgrading mark, It detects whether to exist for the update mark that the backup bootstrap configures;The update mark if it exists, is worked as using this equipment Preceding main bootstrap program updates the backup bootstrap, removes the update mark, and execute the use described first The step of CRTM verifies the first designated program in the main bootstrap program;The update mark if it does not exist, then hold It goes described the step of the first designated program in the main bootstrap program is verified using the first CRTM.
10. device according to claim 9, which is characterized in that the upgrading updating unit is also used to when there are the liters When grade mark, the goal directed program that main bootstrap program is upgraded to is verified;If not to the goal directed program ver-ify Pass through, then remove the upgrading mark, and detects whether to exist for the update mark of the backup bootstrap configuration;If it exists The update mark updates the backup bootstrap using the current main bootstrap program of this equipment, removes the update mark, And execute described the step of verifying using the first CRTM to the first designated program in the main bootstrap program;If no There are update mark, then execute it is described using the first CRTM to the first designated program in the main bootstrap program into The step of row verification.
11. device according to claim 10, which is characterized in that the upgrading updating unit is also used to the removing institute Upgrading mark is stated, and before detecting whether to exist for the update mark that the backup bootstrap configures, then by the main boot Program upgrades to the goal directed program;The upgrading mark is removed, and restarts this equipment.
12. device according to claim 9 or 10, which is characterized in that described device further include:
Setting unit, for checking whether the main bootstrap program and the backup bootstrap are consistent;It is described if inconsistent The setting of backup bootstrap updates mark.
CN201811023507.3A 2018-09-03 2018-09-03 Operating system starting method and device Active CN109375953B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811023507.3A CN109375953B (en) 2018-09-03 2018-09-03 Operating system starting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811023507.3A CN109375953B (en) 2018-09-03 2018-09-03 Operating system starting method and device

Publications (2)

Publication Number Publication Date
CN109375953A true CN109375953A (en) 2019-02-22
CN109375953B CN109375953B (en) 2022-03-25

Family

ID=65405073

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811023507.3A Active CN109375953B (en) 2018-09-03 2018-09-03 Operating system starting method and device

Country Status (1)

Country Link
CN (1) CN109375953B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109992311A (en) * 2019-03-25 2019-07-09 新华三技术有限公司 Starting method, apparatus, storage medium and the client of operating system
CN111625840A (en) * 2020-05-29 2020-09-04 杭州海康威视数字技术股份有限公司 Program checking method, program upgrading method and device
CN114139168A (en) * 2022-01-29 2022-03-04 苏州浪潮智能科技有限公司 TPCM measuring method, device and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101165696A (en) * 2006-10-16 2008-04-23 中国长城计算机深圳股份有限公司 Safety identification method based on safe computer
US20080148064A1 (en) * 2006-12-18 2008-06-19 David Carroll Challener Apparatus, system, and method for authentication of a core root of trust measurement chain
US20090328022A1 (en) * 2008-06-26 2009-12-31 International Business Machines Corporation Systems and methods for maintaining crtm code
CN102136044A (en) * 2010-07-14 2011-07-27 华为技术有限公司 Safe starting method, device and computer system
CN104951701A (en) * 2015-06-10 2015-09-30 北京工业大学 Method for guiding terminal equipment operation system based on USB controller

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101165696A (en) * 2006-10-16 2008-04-23 中国长城计算机深圳股份有限公司 Safety identification method based on safe computer
US20080148064A1 (en) * 2006-12-18 2008-06-19 David Carroll Challener Apparatus, system, and method for authentication of a core root of trust measurement chain
US20090328022A1 (en) * 2008-06-26 2009-12-31 International Business Machines Corporation Systems and methods for maintaining crtm code
CN102136044A (en) * 2010-07-14 2011-07-27 华为技术有限公司 Safe starting method, device and computer system
CN104951701A (en) * 2015-06-10 2015-09-30 北京工业大学 Method for guiding terminal equipment operation system based on USB controller

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109992311A (en) * 2019-03-25 2019-07-09 新华三技术有限公司 Starting method, apparatus, storage medium and the client of operating system
CN109992311B (en) * 2019-03-25 2022-07-29 新华三技术有限公司 Starting method and device of operating system, storage medium and client
CN111625840A (en) * 2020-05-29 2020-09-04 杭州海康威视数字技术股份有限公司 Program checking method, program upgrading method and device
CN114139168A (en) * 2022-01-29 2022-03-04 苏州浪潮智能科技有限公司 TPCM measuring method, device and medium

Also Published As

Publication number Publication date
CN109375953B (en) 2022-03-25

Similar Documents

Publication Publication Date Title
CN103858107B (en) Secure recovery apparatus and method
CN109960523B (en) Firmware upgrading method and device for embedded equipment
US9027014B2 (en) Updating firmware compatibility data
CN104025047B (en) Information processor, information processing method and computer program
US8943302B2 (en) Method of flashing bios using service processor and computer system using the same
US7861119B1 (en) Updating a firmware image using a firmware debugger application
US20070143589A1 (en) Method and apparatus for dynamically selecting one of multiple firmware images for booting an I/O controller
CN109375953A (en) A kind of os starting method and device
US8601250B2 (en) Control over loading of device drivers for an individual instance of a PCI device
WO2016206514A1 (en) Startup processing method and device
AU2011329096A1 (en) Networked recovery system
CN105760191A (en) Embedded system equipment programming mass production method
CN108108193A (en) A kind of easy-to-use firmware upgrade method of safety and system
CN104461402B (en) A kind of method for adjusting disk order under Linux system between multi-controller
US20160103688A1 (en) Method of Starting Computing System
US9786373B2 (en) EEPROM backup method and device
US20130080751A1 (en) Method and device for updating bios program for computer system
US20100287364A1 (en) Boot systems and methods, and related devices
WO2015184732A1 (en) Bootstrap storage method, bootstrap fault recovery method and device, and computer storage medium
CN103455750B (en) The high peace verification method of a kind of embedded device and device
WO2018045835A1 (en) Method and apparatus for restoring sounds of terminal, and electronic device
CN105159810B (en) The method and device that the BIOS of computer system is tested
CN108108131B (en) Data processing method and device for SSD (solid State disk)
US20070005819A1 (en) Apparatus and method to guarantee unique connection tags across resets in a connection protocol
CN101661399B (en) Method for modular software removal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230531

Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province

Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466

Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right