CN109460262A - Verify method, system, Android device and the medium of main system image legitimacy - Google Patents
Verify method, system, Android device and the medium of main system image legitimacy Download PDFInfo
- Publication number
- CN109460262A CN109460262A CN201811361394.8A CN201811361394A CN109460262A CN 109460262 A CN109460262 A CN 109460262A CN 201811361394 A CN201811361394 A CN 201811361394A CN 109460262 A CN109460262 A CN 109460262A
- Authority
- CN
- China
- Prior art keywords
- main system
- memory
- image
- system image
- legitimacy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44568—Immediately runnable code
- G06F9/44578—Preparing or optimising for loading
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
This application discloses a kind of methods for verifying main system image legitimacy, the step of verifying main system image legitimacy is placed on and will be carried out in primary system program, it first passes through kernel main system image is loaded onto memory and expands into primary system program in memory, recycles the multi-task parallel processing capacity that has of primary system program to verify the legitimacy of main system image.The multi-task parallel processing capacity of primary system program is taken full advantage of, it is time-consuming that starting can be significantly reduced on the basis of not influencing safety.The application further simultaneously discloses a kind of system, Android device and computer readable storage medium for verifying main system image legitimacy, has above-mentioned beneficial effect.
Description
Technical field
This application involves Android device start-up technique field, in particular to a kind of side for verifying main system image legitimacy
Method, system, Android device and computer readable storage medium.
Background technique
In embedded system, all codes and system data are all stored in inside flash chip, flash memory core
Piece possess can multiple erasable and power down not volatile characteristic, but also therefore be easy maliciously to be stolen or distorted by other people to be stored in flash memory
Data in chip.Therefore, in order to protect the data in flash chip, be born advanced security chip.It is different from normal flash
Chip, inside increase a kind of special register: OTP register, full name in English is One Time
Programmable, the register of the entitled One Time Programmable of Chinese mean that this is stored in the data in OTP register only
It can program primary, just cannot again be had modified after one-time programming.
It therefore, can be secret by saving some such as software version number, hardware version numbers and encryption and decryption in OTP register
The safety of equipment where the information such as key can be promoted effectively.
Now, advanced security chip, which also be used to realize, tests the operating system and legitimacy mirror image of Android device starting
Whether card is official recognition's to verify started operating system that is, when starting the operating system of Android device, it will usually
The legitimate verification mode of various image files needed for start-up operation systematic procedure is stored, in OTP register to differentiate
Whether the file for the operating system being currently up is official recognition, phenomena such as either with or without brush machine privately.
Since Android system is the operating system based on kernel, Fig. 1 institute can be found in the process actually started
The Booting sequence figure shown:
Bootstrap mirror image, kernel mirror image, the main system image of start-up operation system are successively loaded onto memory, and inside
The legitimacy of every kind of mirror image is successively verified in depositing, and only former mirror image it is verified it is legal after just load under a kind of mirror image to interior
It deposits, until just main system image can be expanded into user with the help of kernel after main system image is also by legitimate verification
It really is able to the primary system program seen, so far completes the starting overall process of Android device.
In other words, it is needed before main system image expands into primary system program under the prior art, whether conjunction is met to it
The verifying of method mirror image, and only after legitimate verification passes through, it can be unfolded on the basis of proving that main system image is legal
For primary system program, but since main system image is compared to bootstrap mirror image, kernel mirror image, file size is much larger than rear two
Person, and the time-consuming for verifying legitimacy is positively correlated with file size, therefore, in the entire start-up course of Android device, to master
The legitimate verification of system image will occupy the duration of larger proportion.
Therefore, how on the basis of not influencing safety, shorten starting time-consuming as far as possible, provided more preferably for user
Usage experience is those skilled in the art's urgent problem to be solved.
Summary of the invention
The purpose of the application is to provide a kind of method, system, Android device and meter for verifying main system image legitimacy
The step of verifying main system image legitimacy is placed on and will be carried out in primary system program, that is, first passed through by calculation machine readable storage medium storing program for executing
Main system image is loaded onto memory and expands into primary system program in memory by kernel, recycles primary system program to have more
Task parallel processing capability verifies the legitimacy of main system image.Take full advantage of the multi-task parallel processing of primary system program
It is time-consuming can to significantly reduce starting on the basis of not influencing safety for ability.
To achieve the above object, this application provides a kind of methods for verifying main system image legitimacy, this method comprises:
Main system image is loaded onto memory by kernel, and expansion obtains primary system program in the memory;
Using the primary system program multi-task parallel processing capacity main system image described in background authentication it is legal
Property;
If the main system image is illegal, returns to the illegal notification information of main system image and exit the principal series
System program.
Optionally, before main system image is loaded onto memory by kernel, further includes:
Bootstrap mirror image is taken out under the preset address of the target device of electrifying startup;
The bootstrap mirror image is loaded onto the memory, and expansion obtains bootstrap in the memory;
Kernel mirror image is loaded onto the memory by the bootstrap, and expansion obtains in described in the memory
Core.
Optionally, in the memory expansion obtain bootstrap and in the memory be unfolded obtain the kernel it
Before, further includes:
The legitimacy of the bootstrap mirror image is verified in the memory;
With,
The legitimacy of the kernel mirror image is verified in the memory.
Optionally, the legitimacy of the main system image is verified, comprising:
The main system image is decrypted, main system image after being decrypted;
Digital signature is obtained from extracting in main system image after the decryption;
Verify whether the digital signature is legal digital signature;
If the digital signature is legal, the main system image is legal;
If the digital signature is illegal, the main system image is illegal.
Optionally, this method further include:
The verification result obtained after the legitimacy for verifying the main system image every time is recorded, main system starting day is obtained
Will;
The occurrence probability of illegal main system image is calculated according to the main system starting log.
To achieve the above object, present invention also provides a kind of system for verifying main system image legitimacy, the system packets
It includes:
Main system image load and expansion unit, for main system image to be loaded onto memory by kernel, and described
Expansion obtains primary system program in memory;
Main system image legitimate verification unit, for being existed using the multi-task parallel processing capacity of the primary system program
The legitimacy of main system image described in background authentication;
The illegal processing unit of main system image, for returning to main system image when the main system image is illegal
Illegal notification information simultaneously exits the primary system program.
Optionally, the system further include:
Bootstrap mirror image retrieval unit, for powering on before main system image is loaded onto memory by kernel
Bootstrap mirror image is taken out under the preset address of the target device of starting;
The load of bootstrap mirror image and expansion unit, for the bootstrap mirror image to be loaded onto the memory, and
Expansion obtains bootstrap in the memory;
Kernel mirror image load and expansion unit, for kernel mirror image to be loaded onto the memory by the bootstrap,
And expansion obtains the kernel in the memory.
Optionally, the system further include:
Bootstrap mirror image legitimate verification unit, for before being unfolded to obtain bootstrap in the memory, in institute
State the legitimacy that the bootstrap mirror image is verified in memory;
With,
Kernel mirror image legitimate verification unit, for before being unfolded to obtain the kernel in the memory, described interior
Deposit the legitimacy of the middle verifying kernel mirror image.
Optionally, the main system image legitimate verification unit includes:
Encryption sub-unit operable, for decrypting the main system image, main system image after being decrypted;
Signature extracts subelement, for from extraction obtains digital signature in main system image after the decryption;
It signs legal verifying subelement, for verifying whether the digital signature is legal digital signature;
Legal judgement subelement, for when the digital signature is legal, the main system image to be legal;
Illegal judgement subelement, for when the digital signature is illegal, the main system image to be illegal.
Optionally, the system further include:
Verification result recording unit, for recording the verifying knot obtained after the legitimacy for verifying the main system image every time
Fruit obtains main system starting log;
Probability computing unit, for going out for illegal main system image to be calculated according to the main system starting log
Existing probability.
To achieve the above object, present invention also provides a kind of Android device, the Android device includes memory and place
Device is managed, is stored with the equipment startup program that can be run on the processor, the equipment startup program quilt on the memory
The processor realizes following method when executing:
Main system image is loaded onto memory by kernel, and expansion obtains primary system program in the memory;
Using the primary system program multi-task parallel processing capacity main system image described in background authentication it is legal
Property;
If the main system image is illegal, returns to the illegal notification information of main system image and exit the principal series
System program.
Optionally, it is also realized when the equipment startup program is executed by the processor:
Before main system image is loaded onto memory by kernel, under the preset address of the Android device of electrifying startup
Take out bootstrap mirror image;
The bootstrap mirror image is loaded onto the memory, and expansion obtains bootstrap in the memory;
Kernel mirror image is loaded onto the memory by the bootstrap, and expansion obtains in described in the memory
Core.
Optionally, it is also realized when the equipment startup program is executed by the processor:
Before expansion obtains bootstrap in the memory, the conjunction of the bootstrap mirror image is verified in the memory
Method;
With,
Before expansion obtains the kernel in the memory, the legal of the kernel mirror image is verified in the memory
Property.
Optionally, it is also realized when the equipment startup program is executed by the processor:
The verification result obtained after the legitimacy for verifying the main system image every time is recorded, main system starting day is obtained
Will;
The occurrence probability of illegal main system image is calculated according to the main system starting log.
To achieve the above object, described computer-readable to deposit present invention also provides a kind of computer readable storage medium
Equipment startup program is stored on storage media, the equipment startup program can be executed by one or more processor, to realize
The method of main system image legitimacy is verified as provided by above content.
Obviously, the method for verifying main system image legitimacy provided by the present application, is different from the prior art, will verify principal series
The step of mirror image legitimacy of uniting, is placed on and will carry out in primary system program, that is, first passes through kernel for main system image and be loaded onto memory simultaneously
Expand into primary system program in memory, the multi-task parallel processing capacity that recycles primary system program to have verifies main system
The legitimacy of mirror image.The multi-task parallel processing capacity of primary system program is taken full advantage of, it can be in the base for not influencing safety
Significantly shorten starting time-consuming on plinth, user experience is more preferably.The application additionally provides a kind of verifying main system image conjunction simultaneously
System, Android device and the computer readable storage medium of method have above-mentioned beneficial effect, and details are not described herein.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the flow chart for starting Android device operating system under the prior art using advanced security chip;
Fig. 2 is a kind of flow chart of method for verifying main system image legitimacy provided by the embodiments of the present application;
Fig. 3 is a kind of flow chart of the operating procedure also provided before each step of embodiment shown in Fig. 2 executes;
Fig. 4 is a kind of legality identification method in the method for verifying main system image legitimacy provided by the embodiments of the present application
Flow chart;
Fig. 5 is a kind of process for starting Android device operating system using advanced security chip provided by the embodiments of the present application
Figure;
Fig. 6 is a kind of structural block diagram of system for verifying main system image legitimacy provided by the embodiments of the present application;
Fig. 7 is a kind of structural schematic diagram of Android device provided by the embodiments of the present application.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that described herein, specific examples are only used to explain the present invention, not
For limiting the present invention.Based on the embodiments of the present invention, those of ordinary skill in the art are not before making creative work
Every other embodiment obtained is put, shall fall within the protection scope of the present invention.
The description and claims of this application and term " first ", " second ", " third ", " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein
Or the sequence other than the content of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that
Cover it is non-exclusive include, for example, containing the process, method, system, product or equipment of a series of steps or units need not limit
In step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, produce
The other step or units of product or equipment inherently.
It should be noted that the description for being related to " first ", " second " etc. in the present invention is used for description purposes only, and cannot
It is interpreted as its relative importance of indication or suggestion or implicitly indicates the quantity of indicated technical characteristic.Define as a result, " the
One ", the feature of " second " can explicitly or implicitly include at least one of the features.In addition, the skill between each embodiment
Art scheme can be combined with each other, but must be based on can be realized by those of ordinary skill in the art, when technical solution
Will be understood that the combination of this technical solution is not present in conjunction with there is conflicting or cannot achieve when, also not the present invention claims
Protection scope within.
Embodiment one
Fig. 2 is referred to, Fig. 2 is a kind of process of method for verifying main system image legitimacy provided by the embodiments of the present application
Figure, it should be noted that method provided herein is applied to the electronic equipment based on Android operation system, specifically includes peace
Zhuo Shouji, Android plate etc. comprising following steps:
S101: being loaded onto memory for main system image by kernel, and expansion obtains primary system program in memory;
Since Android operation system is the operating system based on kernel, the primary system program after main system image expansion
Corresponding operation need to could be completed under the support of kernel, therefore this step is that main system image is loaded onto Android by kernel
In the memory of equipment, and further main system image is unfolded in memory to obtain real available primary system program.
In order to make it easy to understand, be illustrated to the relationship between main system image and primary system program, with Android mobile phone herein
For, it is desirable to an application program is installed to oneself Android mobile phone, it is necessary first to the compression that a packaged format is APK
Compressed package expansion is finally obtained the application program that can be run according to preset installation bootstrap by packet, installation bootstrap,
Its corresponding data file will also exist in the form of multifile under the installation directory for remaining in Android mobile phone, and no longer be sealed with one
The compressed package installed exists.
Mirror image is similar to compressed package, and the expansion process of mirror image is similar to the process of compressed package decompression, after compression
According to normal operation operation.Therefore, main system image herein can actually regard Android device master operating system program as
Packaging body, to the main purpose that it is encapsulated be can using numerous associated data files as unified file coating identification, in
This considerations of being in safety, during being encapsulated as mirror image, can also be added some for testing according to actual needs simultaneously
The label for demonstrate,proving legitimacy, directly to be verified together to all data files for being contained in entire file packet, rather than to every
A data file is verified.
It should be noted that by taking Android mobile phone as an example, being used when main system image is expanded as primary system program in memory
Family can find that mobile phone has currently come into known desktop in the display screen of Android mobile phone, i.e. primary system program is normal
The Android device of operation can carry out subsequent operation based on operating system bring characteristic, such as open one or more and answer
Use program.
It should also be noted that, passing through kernel loads main system image extremely in the entire start-up course of Android device
It further include some steps before memory, it is same as the prior art, in Android device electrifying startup, first in the pre- of flash chip
If taking out bootstrap (the entitled BootLodar of English) mirror image under address, the legitimacy of bootstrap mirror image is then verified, if drawing
It is legal to lead program image, then expands into bootstrap in memory.The bootstrap next will be (English entitled kernel
Kernel) mirror image is loaded onto memory, and the legitimacy of validation of kernel mirror image expands into memory if kernel mirror image is legal
Kernel is only main system (English entitled System) mirror image later through kernel to memory and is unfolded.Certainly, provided herein
Description is only that a more upper summary has been done to practical start-up course, and practical start-up course is more complicated, but principle is identical, no
Android system with version may do some adjustment in the details of certain steps, herein and be not specifically limited.
S102: using primary system program multi-task parallel processing capacity background authentication main system image legitimacy;
On the basis of S101, under the premise of the operating system that this step is intended to Android device has worked normally, utilize
The multi-task parallel processing capacity of primary system program background authentication main system image legitimacy, rather than according to the prior art and
Mode shown in FIG. 1 is legal as the precondition spread out as primary system program by main system image.
It should be noted that the Android device does not have multi-task parallel processing when primary system program is not activated,
This is because it with the help of no primary system program, can not drive hardware to realize this purpose well, peace at this time
What tall and erect equipment was run is only very simple, basis a bootstrap, and purpose exactly starts primary system program.Therefore,
The application is to have exchanged verifying main system image legitimacy and main system image is unfolded as primary system program compared with the existing technology
The step of sequencing so that the step for verifying main system image legitimacy is placed under primary system program and executes, and borrow
It helps Android system to support the characteristic of multi-task parallel processing, silent in the state that user has no perception can complete this mistake
Journey, the maximum change to user experience be exactly the electrifying startup speed of Android device faster.
Wherein, the mode for verifying the legitimacy of a file is varied, such as can use the spy based on hash algorithm
The mode of value indicative verification is verified come whether the characteristic value that compares actual file is consistent with the characteristic value being stored in OTP register
Whether this document is that one party regards as legal file;The side for the file attachment special marking produced to official can also be passed through
Formula is realized, the verifying etc. of legitimacy can also be realized by way of digital signature, herein and is not specifically limited.
S103: it when main system image is illegal, returns to the illegal notification information of main system image and exits main system
Program.
This step is established on the basis of the verification result of S102 is that main system image is illegal, and main system image is verified
Illegal, then explanation presses normal Booting sequence, this main system image will not be expanded as primary system program, also would not
Into real available, operable system interface.Therefore, it is realized in the application by adjusting the mode of two step sequencings
Shorten under the mode that Android device starts time-consuming purpose, if the mirror image of the operating system operated normally be verified as it is illegal
When, the illegal notification information of main system image will be returned and exit primary system program, the impression to user is exactly the peace started
Tall and erect equipment closes again.In view of there is the practical probability of this situation and the verifying main system image legitimacy under primary system program
Time-consuming, the operation of user will not be interrupted substantially.
Another, when main system image is legal, legitimate verification process is closed, which is able to after reforwarding
Row continues as user and provides required function.
Further, the verification result obtained after the legitimacy of verifying main system image every time can also be recorded, is led
System starting log, and the occurrence probability of illegal main system image is calculated according to main system starting log, with basis
The occurrence probability carries out more subsequent analysis.
From flow chart shown in Fig. 2 and the above-mentioned explanation to execution step, it is different from the prior art, the present embodiment
The step of verifying main system image legitimacy is placed on and will be carried out in primary system program, that is, first passes through kernel and adds main system image
It is loaded onto memory and expands into primary system program in memory, the multi-task parallel processing capacity for recycling primary system program to have is come
Verify the legitimacy of main system image.The multi-task parallel processing capacity of primary system program is taken full advantage of, can not influenced
Significantly shorten starting time-consuming on the basis of safety, user experience is more preferably.
Embodiment two
Fig. 3 is referred to, Fig. 3 is a kind of operating procedure also provided before each step of embodiment shown in Fig. 2 executes
Flow chart, the present embodiment are intended to the complete Booting sequence according to Android device, are that the starting step referred to carries out to embodiment one
Supplement to obtain a more practical, more complete embodiment under the supplement of this embodiment scheme, including walks as follows
It is rapid:
S201: bootstrap mirror image is taken out under the preset address of the target device of electrifying startup;
When target Android device electrifying startup, it will take out the bootstrap of storage under the preset address of flash chip
Mirror image.
S202: bootstrap mirror image is loaded onto memory;
On the basis of S201, this step is intended to the bootstrap mirror image of taking-up being loaded onto memory, so as in memory
Subsequent operation is carried out to it.
S203: the legitimacy of bootstrap mirror image is verified in memory;
On the basis of S202, this step is intended to verify the legitimacy of bootstrap mirror image in memory.
S204: bootstrap mirror image is unfolded in memory, obtains bootstrap;
This step is established on the basis of the verification result of S203 is that the bootstrap mirror image is legal, illustrates that meeting expansion draws
It leads program image and is able to operation bootstrap and carry out the condition of subsequent starting step, therefore bootstrap mirror will be unfolded in memory
Picture obtains bootstrap.
S205: kernel mirror image is loaded by memory by bootstrap;
On the basis of S204, this step is intended to that kernel mirror image is loaded onto memory by the bootstrap of operation, so as to
Subsequent operation is carried out to it in memory.
S206: the legitimacy of validation of kernel mirror image in memory;
On the basis of S205, this step is intended to the legitimacy of validation of kernel mirror image in memory.
S207: being unfolded kernel mirror image in memory, obtains kernel;
This step is established on the basis of the verification result of S206 is that the kernel mirror image is legal, illustrates to meet expansion kernel mirror
The condition of subsequent starting step is carried out as being able to operation kernel, therefore kernel mirror image will be unfolded in memory, obtains kernel.
S208: being loaded onto memory for main system image by kernel, and expansion obtains primary system program in memory;
This step is identical as S101, that is, in the complete start-up course of Android device, also needs to hold before S101
Row above-mentioned steps.
S209: startup program is exited.
If the verification result of S203 or S206 be it is illegal, this step will be jumped to, and then Android device entirely opens
Dynamic process will be terminated because any mirror image is illegal.
Embodiment three
Fig. 4 is referred to, Fig. 4 is a kind of legal in the method for verifying main system image legitimacy provided by the embodiments of the present application
The flow chart of property verification method, it should be noted that the legality identification method that the present embodiment provides is a kind of based on encryption
Numerous files that the verification method of the mode of digital signature, i.e. primary system program include attached number when being encapsulated as mirror image
Signature, and carried out whole encryption.The present embodiment provides a kind of verification method of legitimacy based on this, includes the following steps:
S301: decryption main system image, main system image after being decrypted;
S302: digital signature is obtained from extracting in main system image after decryption;
S303: whether verifying digital signature is legal digital signature;
Verify digital signature whether be legal digital signature when, need using to pre-save in OTP register
Verification information.
S304: main system image is legal;
This step is established on the basis of it is legal that the verification result of S303, which is the digital signature that extraction obtains, therefore can be sentenced
The fixed main system image is legal.
S305: main system image is illegal.
This step is established on the basis of it is illegal that the verification result of S303, which is the digital signature that extraction obtains, therefore can
Determine that the main system image is illegal.
It should also be noted that, the present embodiment is only described with the decrypting process to main system image, this method is also
It is equally applicable to the bootstrap mirror image and kernel mirror image that employing mode is handled.It is legal to be carried out by the way of digital signature
Property verifying, it is more efficient, time-consuming shorter for the mode based on characteristic value, label.
Example IV
It, can also be on the basis of the various embodiments described above referring to Fig. 5, Fig. 5 in order to deepen the understanding to the present application point
Be it is opposite with the prior art shown in FIG. 1, can be bright using the Booting sequence schematic diagram of the Android device after the scheme of the application
Aobvious to find out, the application will be placed on and will carry out in primary system program the step of verifying main system image legitimacy, that is, first pass through kernel
Main system image is loaded onto memory and expands into primary system program in memory, the multitask for recycling primary system program to have
Parallel processing capability verifies the legitimacy of main system image.Take full advantage of the multi-task parallel processing energy of primary system program
Power can significantly shorten starting time-consuming on the basis of not influencing safety, promote the usage experience of user.
The present embodiment provides a kind of more specifically realization step herein in connection with a practical application scene:
1, when Android device electrifying startup, advanced security chip load BootLoader is mirrored in memory, by height
The control algolithm of level security function decrypts BootLoader mirror image, then the signature of the BootLoader mirror image after verifying decryption
It is whether legal, if illegally, hanging up BootLoader (suspension);
If 2, Bootloader mirror image is legal, spread out as BootLoader, BootLoader program load Kernel
Mirror image decrypts Kernel mirror image by the control algolithm of enhanced security feature to memory, and verifies the Kernel mirror image after decryption
Signature it is whether legal, if illegally, hanging up BootLoader (suspension);
If 3, Kernel mirror image is legal, kernel mirror image is expanded into core system under the guidance of BootLoader, and
The file system and device drives of current device are initialized under core system;
4, the Init journey after the completion of completing file system and device drives initialization, in starting operation Kernel mirror image
Sequence, into Init program processing stage, load System mirror image (attribute of the System mirror image will be configured as it is read-only, i.e., only
Can be read can not be modified), start and initialize the main service routine of Android operation system in System mirror image, and hands over Android
Kernel service program processing, until entering desktop;
5, core system is while starting runs Init program, it will starts in the main service routine of Android operation system
The legitimate verification program of System mirror image in Kernel mirror image, if illegally, the operation system of current Android device will be restarted
System enters BootLoader, and hangs up BootLoader (suspension).
Init program role is illustrated herein:
When core system starts, setting caching, protected storage, list of schedules, the behaviour such as load driver will be executed
Make.When core system completes above-mentioned setting, it will find Init program, with using Init program starting root process or
First process of main system, wherein specifically including: creating some files and carry equipment, initialization and starting attribute clothes
Business, parsing configuration file simultaneously start default process.
Embodiment five
Fig. 6 is referred to, Fig. 6 is a kind of structure of system for verifying main system image legitimacy provided by the embodiments of the present application
Block diagram, the system may include:
Main system image load and expansion unit 100, for main system image to be loaded onto memory by kernel, and inside
It deposits middle expansion and obtains primary system program;
Main system image legitimate verification unit 200, for being existed using the multi-task parallel processing capacity of primary system program
The legitimacy of background authentication main system image;
The illegal processing unit 300 of main system image, for returning to main system image not when main system image is illegal
Legal notification information simultaneously exits primary system program.
Further, which can also include:
Bootstrap mirror image retrieval unit, for powering on before main system image is loaded onto memory by kernel
Bootstrap mirror image is taken out under the preset address of the target device of starting;
The load of bootstrap mirror image and expansion unit, for bootstrap mirror image to be loaded onto memory, and are opened up in memory
It opens to obtain bootstrap;
Kernel mirror image load and expansion unit, for kernel mirror image to be loaded onto memory by bootstrap, and in memory
Middle expansion obtains kernel.
Further, which can also include:
Bootstrap mirror image legitimate verification unit, for before being unfolded to obtain bootstrap in memory, in memory
Verify the legitimacy of bootstrap mirror image;
With,
Kernel mirror image legitimate verification unit, for before being unfolded to obtain kernel in memory, validation of kernel in memory
The legitimacy of mirror image.
Wherein, main system image legitimate verification unit 200 may include:
Encryption sub-unit operable, for decrypting main system image, main system image after being decrypted;
Signature extracts subelement, for from extraction obtains digital signature in main system image after decryption;
It signs legal verifying subelement, for verifying whether digital signature is legal digital signature;
Legal judgement subelement, for when digital signature is legal, main system image to be legal;
Illegal judgement subelement, for when digital signature is illegal, main system image to be illegal.
Further, which can also include:
Verification result recording unit, for recording the verification result obtained after the legitimacy of verifying main system image every time,
Obtain main system starting log;
Probability computing unit, the appearance for illegal main system image to be calculated according to main system starting log are several
Rate.
Embodiment six
Hereinabove by four embodiments of the method to how by adjusting verifying main system image legitimacy executing step
Suddenly it is sequentially described in detail to promote the starting speed of Android device, present invention also provides a kind of corresponding with this method
Entity hardware device-Android device, this partial content principle is corresponding with scheme section, and the part of realization principle is herein not
It repeats, will be described below by hardware composition of the Fig. 7 to the entity hardware device again:
The Android device 400 includes memory 410, processor 420, bus 430 and executes structure 440, memory 410
On be stored with the startup program that can be run on processor 420, which is transmitted to processor 420 by bus 430,
And when being executed by processor 420, it can be achieved that each step as described in above-described embodiment.
Wherein, memory 410 includes at least a type of readable storage medium storing program for executing, and readable storage medium storing program for executing includes flash memory, hard
Disk, multimedia card, card-type memory (for example, SD or DX memory etc.), magnetic storage, disk, CD etc..Memory 410
It can be the internal storage unit of Android device 400, such as the hard disk of Android device 400 in some embodiments.Memory 410
It is also possible to the grafting being equipped on the External memory equipment of Android device 400, such as Android device 400 in further embodiments
Formula hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card
(Flash Card) etc..Further, memory 410 can also be simultaneously by internal storage unit and External memory equipment while group
At.Further, memory 410 can be not only used for the various application software that are installed in Android device 400 of storage and all kinds of
Data can be also used for temporarily storing the data that has exported or will export.
Processor 420 can be in some embodiments central processing unit (Central Processing Unit,
CPU), controller, microcontroller, microprocessor or other data processing chips, the program for being stored in run memory 410
Code or processing data, such as execute the pre-installation program etc. of operating system.
Bus 430 can be Peripheral Component Interconnect standard (peripheral component interconnect, abbreviation
PCI) bus or expanding the industrial standard structure (extended industry standard architecture, abbreviation EISA)
Bus etc..The bus can be divided into address bus, data/address bus, control bus etc..For convenient for indicating, bus is only meant as in figure
One two-way hollow index line, it is not intended that the quantity or type of bus only have one kind.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real
It is existing.In several embodiments provided herein, it should be understood that disclosed system, device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of unit, only
A kind of logical function partition, there may be another division manner in actual implementation, for example, multiple units or components can combine or
Person is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual
Between coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or communication link of device or unit
It connects, can be electrical property, mechanical or other forms.
Unit may or may not be physically separated as illustrated by the separation member, shown as a unit
Component may or may not be physical unit, it can and it is in one place, or may be distributed over multiple networks
On unit.It can some or all of the units may be selected to achieve the purpose of the solution of this embodiment according to the actual needs.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
It, can if integrated unit is realized in the form of SFU software functional unit and when sold or used as an independent product
To be stored in a computer readable storage medium.Based on this understanding, the technical solution of the application substantially or
Say that all or part of the part that contributes to existing technology or the technical solution can embody in the form of software products
Out, which is stored in a storage medium, including some instructions are used so that a computer equipment
(can be personal computer, server or the network equipment etc.) executes the method gone out given in each embodiment of the application
All or part of the steps.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can store journey
The medium of sequence code.
It should be noted that the serial number of the above embodiments of the invention is only for description, do not represent the advantages or disadvantages of the embodiments.And
The terms "include", "comprise" herein or any other variant thereof is intended to cover non-exclusive inclusion, so that packet
Process, device, article or the method for including a series of elements not only include those elements, but also including being not explicitly listed
Other element, or further include for this process, device, article or the intrinsic element of method.Do not limiting more
In the case where, the element that is limited by sentence "including a ...", it is not excluded that including process, device, the article of the element
Or there is also other identical elements in method.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of method for verifying main system image legitimacy characterized by comprising
Main system image is loaded onto memory by kernel, and expansion obtains primary system program in the memory;
Utilize the legitimacy of multi-task parallel processing capacity main system image described in background authentication of the primary system program;
If the main system image is illegal, returns to the illegal notification information of main system image and exit the main system journey
Sequence.
2. the method according to claim 1, wherein by kernel by main system image be loaded onto memory it
Before, further includes:
Bootstrap mirror image is taken out under the preset address of the target device of electrifying startup;
The bootstrap mirror image is loaded onto the memory, and expansion obtains bootstrap in the memory;
Kernel mirror image is loaded onto the memory by the bootstrap, and expansion obtains the kernel in the memory.
3. according to the method described in claim 2, it is characterized in that, being unfolded to obtain bootstrap and described in the memory
Before expansion obtains the kernel in memory, further includes:
The legitimacy of the bootstrap mirror image is verified in the memory;
With,
The legitimacy of the kernel mirror image is verified in the memory.
4. method according to any one of claims 1 to 3, which is characterized in that the legitimacy of the main system image is verified,
Include:
The main system image is decrypted, main system image after being decrypted;
Digital signature is obtained from extracting in main system image after the decryption;
Verify whether the digital signature is legal digital signature;
If the digital signature is legal, the main system image is legal;
If the digital signature is illegal, the main system image is illegal.
5. according to the method described in claim 4, it is characterized by further comprising:
The verification result obtained after the legitimacy for verifying the main system image every time is recorded, main system starting log is obtained;
The occurrence probability of illegal main system image is calculated according to the main system starting log.
6. a kind of system for verifying main system image legitimacy characterized by comprising
Main system image load and expansion unit, for main system image to be loaded onto memory by kernel, and in the memory
Middle expansion obtains primary system program;
Main system image legitimate verification unit, for the multi-task parallel processing capacity using the primary system program on backstage
Verify the legitimacy of the main system image;
The illegal processing unit of main system image does not conform to for when the main system image is illegal, returning to main system image
The notification information of method simultaneously exits the primary system program.
7. a kind of Android device, which is characterized in that the Android device includes memory, processor and bus, the memory
On be stored with the equipment startup program that can be run on the processor, the equipment startup program is transmitted by the bus
The extremely processor, and following method is realized when being executed by the processor:
Main system image is loaded onto memory by kernel, and expansion obtains primary system program in the memory;
Utilize the legitimacy of multi-task parallel processing capacity main system image described in background authentication of the primary system program;
If the main system image is illegal, returns to the illegal notification information of main system image and exit the main system journey
Sequence.
8. Android device according to claim 7, which is characterized in that the equipment startup program is executed by the processor
When also realize:
Before main system image is loaded onto memory by kernel, taken out under the preset address of the Android device of electrifying startup
Bootstrap mirror image;
The bootstrap mirror image is loaded onto the memory, and expansion obtains bootstrap in the memory;
Kernel mirror image is loaded onto the memory by the bootstrap, and expansion obtains the kernel in the memory.
9. Android device according to claim 8, which is characterized in that the equipment startup program is executed by the processor
When also realize:
Before expansion obtains bootstrap in the memory, the legal of the bootstrap mirror image is verified in the memory
Property;
With,
Before expansion obtains the kernel in the memory, the legitimacy of the kernel mirror image is verified in the memory.
10. a kind of computer readable storage medium, which is characterized in that be stored with equipment on the computer readable storage medium and open
Dynamic program, the equipment startup program can be executed by one or more processor, to realize such as any one of claim 1 to 5
The method of the verifying main system image legitimacy.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811361394.8A CN109460262B (en) | 2018-11-15 | 2018-11-15 | Method, system, android device and medium for verifying validity of main system image |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811361394.8A CN109460262B (en) | 2018-11-15 | 2018-11-15 | Method, system, android device and medium for verifying validity of main system image |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109460262A true CN109460262A (en) | 2019-03-12 |
| CN109460262B CN109460262B (en) | 2021-12-03 |
Family
ID=65610594
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811361394.8A Active CN109460262B (en) | 2018-11-15 | 2018-11-15 | Method, system, android device and medium for verifying validity of main system image |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109460262B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114064134A (en) * | 2021-11-12 | 2022-02-18 | 上海华元创信软件有限公司 | Self-guiding method and system suitable for embedded SPARC (spatial Power control processor) architecture processor |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1818868A (en) * | 2006-03-10 | 2006-08-16 | 浙江大学 | Multi-task parallel starting optimization of built-in operation system |
| CN103729597A (en) * | 2014-01-16 | 2014-04-16 | 宇龙计算机通信科技(深圳)有限公司 | System starting verifying method and device and terminal |
| CN103955648A (en) * | 2014-05-15 | 2014-07-30 | 乐视致新电子科技(天津)有限公司 | Method and device for verifying legality of system image |
| CN104392152A (en) * | 2014-12-10 | 2015-03-04 | 深圳市捷顺科技实业股份有限公司 | Start-up method of embedded equipment, embedded equipment, server and system |
| CN104598254A (en) * | 2015-02-17 | 2015-05-06 | 福州瑞芯微电子有限公司 | Method and device for rapidly powering on Android system |
| CN105224875A (en) * | 2015-11-13 | 2016-01-06 | 上海斐讯数据通信技术有限公司 | A kind of secure startup system of terminal and method |
| CN105260653A (en) * | 2015-10-20 | 2016-01-20 | 浪潮电子信息产业股份有限公司 | Safe loading method and system of program on the basis of Linux |
| CN105320891A (en) * | 2015-11-18 | 2016-02-10 | 北京微智全景信息技术有限公司 | Method and device for securely loading system image for computer |
| CN105511874A (en) * | 2015-12-02 | 2016-04-20 | 海信集团有限公司 | Embedded system starting method and intelligent terminal |
| CN107256143A (en) * | 2017-04-21 | 2017-10-17 | 青岛海信电器股份有限公司 | A kind of method and Android device of the starting up speed for improving Android device |
| CN107729198A (en) * | 2017-10-18 | 2018-02-23 | 深圳合纵富科技有限公司 | A kind of Android system firmware method of calibration and device |
| CN108134676A (en) * | 2017-12-19 | 2018-06-08 | 上海闻泰电子科技有限公司 | Android system safe starting method and readable storage medium storing program for executing |
| CN108363918A (en) * | 2017-04-28 | 2018-08-03 | 清华大学 | Processor operating system is booted up method, apparatus and processor system |
| CN108399339A (en) * | 2018-02-12 | 2018-08-14 | 广东为辰信息科技有限公司 | A kind of credible startup method based on safety chip |
-
2018
- 2018-11-15 CN CN201811361394.8A patent/CN109460262B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1818868A (en) * | 2006-03-10 | 2006-08-16 | 浙江大学 | Multi-task parallel starting optimization of built-in operation system |
| CN103729597A (en) * | 2014-01-16 | 2014-04-16 | 宇龙计算机通信科技(深圳)有限公司 | System starting verifying method and device and terminal |
| CN103955648A (en) * | 2014-05-15 | 2014-07-30 | 乐视致新电子科技(天津)有限公司 | Method and device for verifying legality of system image |
| CN104392152A (en) * | 2014-12-10 | 2015-03-04 | 深圳市捷顺科技实业股份有限公司 | Start-up method of embedded equipment, embedded equipment, server and system |
| CN104598254A (en) * | 2015-02-17 | 2015-05-06 | 福州瑞芯微电子有限公司 | Method and device for rapidly powering on Android system |
| CN105260653A (en) * | 2015-10-20 | 2016-01-20 | 浪潮电子信息产业股份有限公司 | Safe loading method and system of program on the basis of Linux |
| CN105224875A (en) * | 2015-11-13 | 2016-01-06 | 上海斐讯数据通信技术有限公司 | A kind of secure startup system of terminal and method |
| CN105320891A (en) * | 2015-11-18 | 2016-02-10 | 北京微智全景信息技术有限公司 | Method and device for securely loading system image for computer |
| CN105511874A (en) * | 2015-12-02 | 2016-04-20 | 海信集团有限公司 | Embedded system starting method and intelligent terminal |
| CN107256143A (en) * | 2017-04-21 | 2017-10-17 | 青岛海信电器股份有限公司 | A kind of method and Android device of the starting up speed for improving Android device |
| CN108363918A (en) * | 2017-04-28 | 2018-08-03 | 清华大学 | Processor operating system is booted up method, apparatus and processor system |
| CN107729198A (en) * | 2017-10-18 | 2018-02-23 | 深圳合纵富科技有限公司 | A kind of Android system firmware method of calibration and device |
| CN108134676A (en) * | 2017-12-19 | 2018-06-08 | 上海闻泰电子科技有限公司 | Android system safe starting method and readable storage medium storing program for executing |
| CN108399339A (en) * | 2018-02-12 | 2018-08-14 | 广东为辰信息科技有限公司 | A kind of credible startup method based on safety chip |
Non-Patent Citations (1)
| Title |
|---|
| 漂流的猴子 : "TA镜像加载时的验证", 《HTTPS://BLOG.CSDN.NET/SHUAIFENGYUN/ARTICLE/DETAILS/75307326》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114064134A (en) * | 2021-11-12 | 2022-02-18 | 上海华元创信软件有限公司 | Self-guiding method and system suitable for embedded SPARC (spatial Power control processor) architecture processor |
| CN114064134B (en) * | 2021-11-12 | 2024-02-06 | 上海华元创信软件有限公司 | Self-booting method and system suitable for embedded SPARC architecture processor |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109460262B (en) | 2021-12-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI221580B (en) | Pre-boot authentication system | |
| CN104794393B (en) | A kind of embedded partitions image safety certification and kernel trusted bootstrap method and its equipment | |
| TWI245182B (en) | Method, chipset, system and recording medium for responding to a sleep attack | |
| CN102439573B (en) | Inter operating system memory hotswap to support memory growth in a non-virtualized system | |
| JP6053786B2 (en) | Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation | |
| US8201239B2 (en) | Extensible pre-boot authentication | |
| TWI266989B (en) | Method, apparatus and token device for protection against memory attacks following reset | |
| CN103366103B (en) | The application program encryption protecting method of card reader | |
| US20070180509A1 (en) | Practical platform for high risk applications | |
| CN104298913B (en) | A kind of general intelligent terminal safe starting method | |
| TW201500960A (en) | Detection of secure variable alteration in a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware | |
| US6832320B1 (en) | Ownership tag on power-up screen | |
| CN109523261B (en) | Transaction verification method of block chain terminal, related device and readable storage medium | |
| US20130227262A1 (en) | Authentication device and authentication method | |
| JP2013510352A (en) | Safe portable objects | |
| CN101888627B (en) | Mobile terminal and system data protection method thereof | |
| WO2016078429A1 (en) | Identity recognition method and apparatus | |
| CN109460262A (en) | Verify method, system, Android device and the medium of main system image legitimacy | |
| JP2007094879A (en) | Authentication system for basic program of operating system, computer used for the same, and computer program | |
| CN113448681B (en) | Registration method, equipment and storage medium of virtual machine monitor public key | |
| CN106506163B (en) | ROM packet processing method and device | |
| CN102855421A (en) | Method for protecting BIOS (basic input and output system) program from being embezzled, basic input and output system and computing device | |
| Safford et al. | Take control of TCPA | |
| CN114547618A (en) | Safe starting method and device based on Linux system, electronic equipment and storage medium | |
| CN109947493A (en) | Application program launching method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |