CN109684126A - For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout - Google Patents

For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout Download PDF

Info

Publication number
CN109684126A
CN109684126A CN201811589122.3A CN201811589122A CN109684126A CN 109684126 A CN109684126 A CN 109684126A CN 201811589122 A CN201811589122 A CN 201811589122A CN 109684126 A CN109684126 A CN 109684126A
Authority
CN
China
Prior art keywords
coprocessor
memory
domain
checkout
register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811589122.3A
Other languages
Chinese (zh)
Other versions
CN109684126B (en
Inventor
刘航
隆婷
于永庆
靳慧杰
金正雄
刘戈
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Huaxin Semiconductor Technology Co ltd
Original Assignee
Guizhou Huaxintong Semiconductor Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Huaxintong Semiconductor Technology Co Ltd filed Critical Guizhou Huaxintong Semiconductor Technology Co Ltd
Priority to CN201811589122.3A priority Critical patent/CN109684126B/en
Publication of CN109684126A publication Critical patent/CN109684126A/en
Application granted granted Critical
Publication of CN109684126B publication Critical patent/CN109684126B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • G06F11/10Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
    • G06F11/1008Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices
    • G06F11/1012Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices using codes or arrangements adapted for a specific type of error
    • G06F11/1016Error in accessing a memory location, i.e. addressing error
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/06Addressing a physical block of locations, e.g. base addressing, module addressing, memory dedication
    • G06F12/0646Configuration or reconfiguration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Advance Control (AREA)
  • Storage Device Security (AREA)

Abstract

Provide the ARM equipment of a kind of the Memory Checkout method for ARM equipment and execution Memory Checkout.The ARM equipment includes central processing unit and coprocessor, and the central processing unit can be operated in common domain and security domain, which includes: to receive security monitoring in common domain by central processing unit to call SMC instruction;It is instructed in response to the SMC, the central processing unit is switched to security domain from common domain and is operated, and enables the coprocessor of the ARM equipment;Memory Checkout is executed by the coprocessor to calculate, and calculated result is output in the security domain;The calculated result is compared with the comparison data for being used for Memory Checkout with by the central processing unit, determines Memory Checkout as a result, and the Memory Checkout result is output in common domain based on the comparison.

Description

For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout
Technical field
This disclosure relates to the ARM equipment of a kind of Memory Checkout method for ARM equipment and execution Memory Checkout.
Background technique
ARM equipment has central processing unit and coprocessor.Coprocessor can be used for mitigating the specific of central processing unit Processing task is used for various association's processing operations.During program executes, each coprocessor only carries out the association for itself Process instruction ignores the instruction of central processing unit He other coprocessors.One coprocessor passes through expansion instruction set or offer Configuration register extends kernel processes function.One or more coprocessors can pass through coprocessor interface and ARM kernel It is connected.
ARM TrustZone framework is intended to provide security framework, to enable a device to resist numerous specific by what is encountered It threatens.The hardware and software resource of system on chip (SoC) is conceptually divided into security domain (Secure by TrustZone World it) is executed (at such as fingerprint recognition, password with common domain (Normal World), the operation of all need for confidentiality in security domain Reason, data encrypting and deciphering, safety certification etc.), remaining operation executes (such as operating system of user, various application programs in common domain Deng).Central processing unit (CPU) can be run under security domain and common domain, and by being referred to as monitoring mode (Monitor Mode mode) is converted between the two running environment.Specifically, it will when CPU needs to carry out running environment switching It is introduced into monitoring mode and carries out running environment switching after storing the state of current operating environment in this mode.Running environment Switching mainly initiated by two class behaviors, the first kind more generally occurs, that is, executes and is referred to as that " security monitoring is called The instruction of (SMC, Secure Monitor Call) ".The instruction will switch running environment locating for current CPU.Second of side Formula executes the switching of running environment by some specific hardware anomalies mechanism, for example, by configure interrupt requests (IRQ) with And fast interrupt requests (FIQ) etc. carry out switchover operation environment.TrustZone technology ensure that in common domain program (including behaviour Make system) it can not access and distribute to the hardware resource of security domain, and the program in security domain is then able to access that all of two domains Hardware resource, and security domain can also carry out dynamic division to hardware resource.
Memory Checkout, which for example refers to, carries out data integrity verifying with the methods of Hash for the data in memory.Generally, If data calculated result is not consistent with legacy data, then it represents that data integrity is problematic, has by system or software attacks Risk.The solution of Memory Checkout increases Hook Function in an operating system usually to count to internal storage data at present It calculates, perhaps by external computing chip such as credible platform module (TPM Trusted Platform Module) or credible Crypto module (TCM, Trusted Cryptography Module) calculate or result compares.
Summary of the invention
At least one embodiment of the disclosure provides a kind of method of Memory Checkout for ARM equipment and executes memory The ARM equipment of verification carries out verification calculating to internal storage data based on the hardware co-processor in ARM equipment, and calculates knot Fruit is output in security domain, has fully ensured that the safety of measurement, and the granularity of verified memory can achieve thread-level Not.
In a first aspect, present disclose provides a kind of method of Memory Checkout for ARM equipment, which may include Central processing unit and coprocessor, the central processing unit can be operated in common domain and security domain, this method can include: be passed through Central processing unit receives security monitoring in common domain and calls SMC instruction;It is instructed in response to the SMC, the central processing unit is from general Logical domain is switched to security domain and is operated, and enables the coprocessor of the ARM equipment;Memory school is executed by the coprocessor Calculating is tested, and calculated result is output in the security domain;It by the calculated result and is used with by the central processing unit It is compared in the comparison data of Memory Checkout, Memory Checkout is determined based on the comparison as a result, and by the Memory Checkout knot Fruit is output in common domain.
With reference to first aspect, in a kind of implementation of first aspect, the SMC instruction includes the void of memory to be verified The data byte length of quasi- address and memory to be verified.
With reference to first aspect and its above-mentioned implementation is instructed in another implementation of first aspect based on the SMC In include the virtual address of memory to be verified and the data byte length of memory to be verified prepare for Memory Checkout Comparison data.
With reference to first aspect and its above-mentioned implementation, described to enable the ARM in another implementation of first aspect The coprocessor of equipment includes: to initialize to the coprocessor;Configure each register of the coprocessor;It is somebody's turn to do with enabled Coprocessor is started to work.
With reference to first aspect and its above-mentioned implementation, in another implementation of first aspect, at the described pair of association It includes: the configuration interface security Domain Properties register for configuring the coprocessor that reason device, which carries out initialization, so that can only be by security domain Central processing unit configure each register of the coprocessor;The direct memory access DMA for configuring the coprocessor reads safety Property register, so that the coprocessor carries out read operation in common domain;With the direct memory access for configuring the coprocessor DMA write security attribute register, so that the coprocessor carries out write operation in a secure domain.
With reference to first aspect and its above-mentioned implementation, in another implementation of first aspect, the SMC instruction packet The virtual address of memory to be verified and the data byte length of memory to be verified are included, configuration each of the coprocessor posts Storage includes: to configure the virtual address for the read address of the read address register of the coprocessor;By the coprocessor The write address of writing address register is configured to the virtual address that central processing unit distributes in a secure domain;Byte based on the data Length configures the data byte length register of the coprocessor;With the algorithm pattern register for configuring the coprocessor.
With reference to first aspect and its above-mentioned implementation, in another implementation of first aspect, described configuration association The algorithm pattern register of processor includes the algorithm that selection is calculated for Memory Checkout.
With reference to first aspect and its above-mentioned implementation, in another implementation of first aspect, the coprocessor Memory Checkout is executed to calculate, and calculated result is output in the security domain include: the coprocessor by with the centre Manage device memory management unit (MMU, memory management unit) shared page table come obtain with SMC instruction include to Verify memory the corresponding physical address of virtual address, and based on the physical address and SMC instruction include it is to be verified in The data byte length deposited carries out read operation in common domain to obtain the data in memory to be verified;The coprocessor is based on wherein For the algorithm that Memory Checkout calculates, Memory Checkout is executed to the data in acquired memory to be verified and is calculated, and obtains meter Calculate result;Central processing unit is written in a secure domain in security domain progress write operation, by the calculated result with the coprocessor The virtual address of distribution.
Second aspect, present disclose provides a kind of ARM equipment for executing Memory Checkout, the ARM equipment can include: centre Device is managed, is configured to operation in common domain and security domain, and calls SMC instruction in response to receiving security monitoring in common domain, Security domain is switched to from common domain to be operated;Coprocessor with the central processing unit is connected to by bus, is configured to Central processing unit by operation in security domain is enabled, and Memory Checkout is executed after being enabled and is calculated, and is tied calculating Fruit is output in the security domain;The central processing unit is additionally configured to the calculated result and is used for the ratio of Memory Checkout Data are compared, determine Memory Checkout as a result, and the Memory Checkout result is output to common domain based on the comparison In.
In conjunction with second aspect, in a kind of implementation of second aspect, the SMC instruction includes the void of memory to be verified The data byte length of quasi- address and memory to be verified.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, the central processing Device is prepared based on the virtual address for the memory to be verified for including in SMC instruction and the data byte length of memory to be verified Comparison data for Memory Checkout.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, the central processing It includes: to initialize to the coprocessor that device, which enables the coprocessor,;Configure each register of the coprocessor;With make It can coprocessor start-up operation.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, at the described pair of association It includes: the configuration interface security Domain Properties register for configuring the coprocessor that reason device, which carries out initialization, so that can only be by security domain Central processing unit configure each register of the coprocessor;The direct memory access DMA for configuring the coprocessor reads safety Property register, so that the coprocessor carries out read operation in common domain;With the direct memory access for configuring the coprocessor DMA write security attribute register, so that the coprocessor carries out write operation in a secure domain.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, the SMC instruction packet The virtual address of memory to be verified and the data byte length of memory to be verified are included, configuration each of the coprocessor posts Storage includes: to configure the virtual address for the read address of the read address register of the coprocessor;By the coprocessor The write address of writing address register is configured to the virtual address that central processing unit distributes in a secure domain;Byte based on the data Length configures the data byte length register of the coprocessor;With the algorithm pattern register for configuring the coprocessor.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, described configuration association The algorithm pattern register of processor includes the algorithm that selection is calculated for Memory Checkout.
In conjunction with second aspect and its above-mentioned implementation, in another implementation of second aspect, the coprocessor Memory Checkout is executed to calculate, and calculated result is output in the security domain include: the coprocessor by with the centre The memory management unit shared page table of device is managed to obtain the corresponding physics of the virtual address of memory to be verified for including with SMC instruction Address, and instruct the data byte length for the memory to be verified for including to carry out in common domain based on the physical address and SMC Read operation obtains the data in memory to be verified;The coprocessor is based on the algorithm for being wherein used for Memory Checkout calculating, to institute The data in memory to be verified obtained execute Memory Checkout and calculate, and obtain calculated result;With the coprocessor in security domain The virtual address for carrying out write operation, distributing calculated result write-in central processing unit in a secure domain.
Verification is executed based on hardware co-processor according to the method and apparatus of the embodiment of the present disclosure, computational efficiency is higher than Software realization has higher efficiency.And since calculated result is output to security domain, it is defeated in common domain calculated result has been prevented Security risk caused by out.Further, since coprocessor therefore can be wrapped with the MMU shared page table of central processing unit Include the memory detection that the process on virtual machine is applied to a variety of granularities of kernel and software supervision layer (hypervisor).
Detailed description of the invention
It, below will be in embodiment or description of the prior art in order to illustrate more clearly of the technical solution of the embodiment of the present disclosure Required attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some realities of the disclosure Example is applied, it for those of ordinary skill in the art, without creative efforts, can also be according to these attached drawings Obtain other attached drawings.
Fig. 1 is the schematic diagram for illustrating the scene being applied in accordance with an embodiment of the present disclosure;
Fig. 2 is to schematically illustrate the rendering of the Memory Checkout process of the ARM equipment according to the embodiment of the present disclosure;
Fig. 3 is to schematically illustrate the process of the method for the Memory Checkout for ARM equipment according to the embodiment of the present disclosure Figure;
Fig. 4 is in the method schematically illustrated according to the embodiment of the present disclosure for the Memory Checkout of ARM equipment Enabled coprocessor process flow chart;
Fig. 5 is being initialized during the enabled coprocessor schematically illustrated in Fig. 4 to coprocessor The flow chart of process;
Configuration each of the coprocessor during Fig. 6 is the enabled coprocessor schematically illustrated in Fig. 4 posts The flow chart of the process of storage;
Fig. 7 is in the method schematically illustrated according to the embodiment of the present disclosure for the Memory Checkout of ARM equipment The flow chart that the process that Memory Checkout is calculated, and calculated result is output in security domain is executed by coprocessor;
Fig. 8 is to schematically illustrate the block diagram of the ARM equipment according to an embodiment of the present disclosure for executing Memory Checkout.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present disclosure, the technical solution in the embodiment of the present disclosure is carried out clear, complete Site preparation description, it is clear that described embodiment is only disclosure a part of the embodiment, instead of all the embodiments.It is based on Embodiment in the disclosure, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment belongs to the range of disclosure protection.
The memory dynamic check of software at runtime needs the frequent operation for carrying out the checking algorithms such as Hash, operation consumption When, it is inefficient.In addition, the calculated result of above-mentioned checking algorithm generates in non-security state, the wind of measurement is substantially increased Danger, that is, if calculated result is tampered, subsequent check accuracy not can guarantee.Also, if counted using special chip It calculates, since interface rate is slow, chip dominant frequency is not high, also makes dynamic measurement limited.
At least one embodiment of the disclosure provides a kind of method of Memory Checkout for ARM equipment and executes memory The ARM equipment of verification carries out verification calculating, computational efficiency to internal storage data based on the hardware co-processor in ARM equipment Higher than software realization, have higher efficiency.And since calculated result is output to security domain, calculated result is prevented common Security risk caused by the output of domain.Further, since coprocessor can be with the MMU shared page table of central processing unit, therefore it can be into Row includes that the memory for a variety of granularities that the process on virtual machine is applied to kernel and software supervision layer detects.
Fig. 1 is the schematic diagram for illustrating the scene 100 being applied in accordance with an embodiment of the present disclosure.In fig. 1 it is shown that Three hardware components in ARM equipment are central processing unit (Central Processing Unit, hereinafter referred to as CPU) respectively 101, according to the coprocessor 102 and memory for being connected to the CPU101 by bus of the embodiment of the present disclosure.With ARM For TrustZone framework, memory is divided into common domain memory 103 and security domain memory 104, and CPU 101 can be in safety It is operated under domain and common domain.For example, CPU 101 receive client application 105 sending SMC instruction after, Security domain can be switched to from common domain to be operated.CPU needs to pass through memory management unit when accessing memory Virtual address is converted into physical address by (Memory Management Unit, hereinafter referred to as MMU), then passes through bus access Memory.Bus access memory is passed through by the MMU shared page table with CPU according to the coprocessor of the embodiment of the present disclosure.It is described ARM equipment for example can be smart phone, tablet computer, smart television etc., and the disclosure is not construed as limiting this.Though being appreciated that Coprocessor shown in right Fig. 1, memory quantity be one, it is to be understood that, the coprocessor, memory quantity can be with It is multiple.
Specific practical example is as follows.105 constant duration of client application or sporadically request carry out memory It verifies and sends SMC instruction.After CPU 101 receives SMC instruction, security domain is switched to from common domain and is operated, and is made It can coprocessor 102.Coprocessor 102 by common domain memory 103 carry out read data manipulation and to security domain memory 104 into Row write data manipulation has higher effect to carry out verification calculating to internal storage data and calculated result is output in security domain Rate has fully ensured that the safety of measurement, and due to the MMU shared page table of coprocessor and CPU, can carry out a variety of grains The memory of degree detects.
Fig. 2 is to schematically illustrate the rendering of the Memory Checkout process of the ARM equipment according to the embodiment of the present disclosure.Such as figure Shown in 2, client application constant duration under common domain or sporadically request carry out Memory Checkout and send SMC Instruction.CPU is switched to security domain from common domain and is operated after receiving SMC instruction, and enabled coprocessor.At association Reason device reads in common domain memory and is used to carry out the data of Memory Checkout calculating, and executes Memory Checkout calculating.It is calculated As a result after, calculated result is written in security domain memory coprocessor.Secure domain operation CPU by the calculated result with Comparison data for Memory Checkout is compared, and determines Memory Checkout result based on the comparison.Hereafter, CPU switches back into general Logical domain is operated, and the Memory Checkout result is exported to the client application under common domain.
By the way that Memory Checkout calculated result to be output in security domain, the safety of measurement has been fully ensured that, and can be into The memory detection of a variety of granularities of row, the granularity of verified memory can achieve thread rank.
Fig. 3 is to schematically illustrate the stream of the method 300 of the Memory Checkout for ARM equipment according to the embodiment of the present disclosure Cheng Tu.The ARM equipment includes CPU and coprocessor, and the CPU can be operated in common domain and security domain.As shown in figure 3, should Method includes: to receive security monitoring in common domain by CPU to call SMC instruction (S310);It is instructed in response to the SMC, the CPU Security domain is switched to from common domain to be operated, and enables the coprocessor (S320) of the ARM equipment;Pass through the coprocessor It executes Memory Checkout to calculate, and calculated result is output in the security domain (S330);With by the CPU by the calculating As a result it is compared with the comparison data for Memory Checkout, Memory Checkout is determined based on the comparison as a result, and will be described interior It deposits check results and is output in common domain (S340).
As an example, the SMC instruction includes the virtual address of memory to be verified and the data byte of memory to be verified Length.
The processor of ARM equipment includes having 4 runlevels altogether, that is, EL0, EL1, EL2, EL3.Common domain and security domain Between switching have to pass through EL3.SMC instruction is the stereotyped command under ARM equipment system framework, in the SMC that common domain is initiated Instruction can make the processor of ARM equipment be switched to EL3 runtime class by way of interrupting or is abnormal, complete from common domain to The switching of security domain is passed to the relevant information of the memory to be measured, including memory to be verified by the standard parameter of SMC instruction Virtual address and memory to be verified data byte length.
According to the disclosure exemplary realization, the client application under common domain can with constant duration Request carries out Memory Checkout and sends SMC instruction, for example, instructing every 10 seconds transmission SMC.Alternatively, according to the another of the disclosure A embodiment, the client application under common domain can be requested sporadically to carry out Memory Checkout and send SMC instruction. The application is without limitation.
According to the disclosure exemplary realization, coprocessor can be according to the page table in the MMU of CPU, based on described The virtual address of memory to be verified obtains the physical address of memory to be verified, according to the physical address and memory to be verified Data byte length come obtain need to execute it Memory Checkout calculating data.
According to the disclosure exemplary realization, coprocessor can be with the MMU shared page table of CPU.According to the page table, association Processor and CPU can obtain identical data according to the mapping relations of identical virtual address to physical address, without Nonsynchronous phenomenon.In addition, coprocessor can also more fine granularity since coprocessor and MMU can be with shared page tables Ground verifies region of memory.For example, the safety check of the application program on virtual machine can be carried out, it can also be to operating system Memory in kernel is verified.
It is understood that other methods also can be used obtain need to execute it Memory Checkout calculating data, The disclosure is without limitation.For example, transmitting and needing to execute it data of Memory Checkout calculating by individually instructing Storage location and the relevant parameter of length.
According to the disclosure exemplary realization, it is also based on the virtual of the memory to be verified in SMC instruction included The data byte length of address and memory to be verified prepares the comparison data for Memory Checkout.Ratio for Memory Checkout It is for determining that data integrity whether there is the reference data of problem to data.The calculated result and use that Memory Checkout is calculated It is compared in the comparison data of Memory Checkout, Memory Checkout result is determined based on the comparison.If the two is identical, then it represents that There is no problem for data integrity, whereas if the two is not consistent, then it represents that there are problems for data integrity.
According to the method for the Memory Checkout for ARM equipment of the embodiment of the present disclosure based on the hardware association in ARM equipment at Device is managed to carry out verification calculating to internal storage data, capable verification is internally deposited into using hardware, computational efficiency is higher than software realization, has Higher efficiency.And since calculated result is output to security domain, calculated result peace caused by the output of common domain is prevented Full blast danger.Further, since coprocessor can with the MMU shared page table of CPU, therefore can carry out a variety of granularities memory detection.
Fig. 4 is to schematically illustrate the step of the method 300 of the Memory Checkout for ARM equipment according to the embodiment of the present disclosure The flow chart of the coprocessor of ARM equipment is enabled in rapid S320.As shown in figure 4, according to one embodiment of the disclosure, it is described to make The coprocessor of the energy ARM equipment includes: to be initialized (S321) to the coprocessor;The each of the coprocessor is configured to post Storage (S322);(S323) is started to work with the coprocessor is enabled.The association of ARM equipment is handled by above-mentioned each sub-steps Device is enabled, and is allowed to be ready for the operation that subsequent Memory Checkout calculates and exports calculated result.
The sub-step of the method 300 to the above-mentioned Memory Checkout for being used for ARM equipment is described in more detail below.Figure 5 be to schematically illustrate the sub-step S321 of the method 300 of the Memory Checkout for ARM equipment according to the embodiment of the present disclosure Flow chart.As shown in figure 5, it includes: that configuration should that the described pair of coprocessor, which carries out initialization, according to one embodiment of the disclosure The configuration interface security Domain Properties register of coprocessor, so that each of the coprocessor can only be configured by the CPU of security domain Register (S3211);The direct memory access (DMA, direct memory access) for configuring the coprocessor is read safety and is belonged to Property register, so that the coprocessor carries out read operation (S3212) in common domain;With the DMA write peace for configuring the coprocessor Full property register, so that the coprocessor carries out write operation (S3213) in a secure domain.
According to the disclosure exemplary realization, the DMA for configuring the coprocessor reads security attribute register, so that should It may include: to configure so that the dma controller of the coprocessor is in common domain that coprocessor carries out read operation in common domain Carry out read operation.
According to the disclosure exemplary realization, the DMA write security attribute register of the coprocessor is configured, so that should It may include: to configure so that the dma controller of the coprocessor is in common domain that coprocessor carries out write operation in a secure domain Carry out write operation.
By above-mentioned sub-step S3211, so that only CPU just has permission the value for configuring each register in a secure domain, CPU can not change the value of each register in common domain, to ensure that the safety of operation.
By above-mentioned sub-step S3212, coprocessor is enabled to carry out read operation in common domain, so as to basis By incoming instruction, the data for needing to execute it Memory Checkout calculating under common domain are obtained.
By above-mentioned sub-step S3213, so that coprocessor can only carry out write operation in a secure domain, that is, hardware calculates As a result it can only export in a secure domain, the CPU in common domain can not be modified it, ensure the safety of measurement.
Fig. 6 is to schematically illustrate the son of the method 300 of the Memory Checkout for ARM equipment according to the embodiment of the present disclosure The flow chart of step S322.It is long in the data byte of virtual address and to be verified memory of the SMC instruction including memory to be verified In the case where degree, as shown in fig. 6, according to one embodiment of the disclosure, each register packet for configuring the coprocessor It includes: configuring the virtual address (S3221) for the read address of the read address register of the coprocessor;By the coprocessor The write address of writing address register is configured to the virtual address (S3222) that CPU is distributed in a secure domain;Byte based on the data Length configures the data byte length register (S3223) of the coprocessor;It is posted with the algorithm pattern for configuring the coprocessor Storage (S3224).
According to the disclosure exemplary realization, the algorithm pattern register (S3224) for configuring the coprocessor It may include the algorithm that selection is calculated for Memory Checkout.The algorithm calculated for Memory Checkout includes but is not limited to: cryptographic Hash SM3 algorithm, secure Hash SHA serial algorithm, hash message authentication code hmac algorithm etc..
By above-mentioned sub-step S3221 and S3223, coprocessor is enabled to carry out read operation in common domain, thus Further obtain the data for needing to execute it Memory Checkout calculating under common domain.
By above-mentioned sub-step S3222, coprocessor is enabled to carry out write operation in a secure domain, by Memory Checkout meter The result of calculation exports in a secure domain, to ensure the safety of measurement.
By above-mentioned sub-step S3224, the suitable algorithm that can be calculated for coprocessor selection for Memory Checkout.Example It such as, can be according to user demand or the algorithm suitably calculated for Memory Checkout according to default system setting selection.The disclosure It is not limited to how to carry out above-mentioned selection.
Fig. 7 is to schematically illustrate the step of the method 300 of the Memory Checkout for ARM equipment according to the embodiment of the present disclosure The flow chart of rapid S330.It calculates, and calculated result is output to described as shown in fig. 7, the coprocessor executes Memory Checkout In security domain can include: the coprocessor obtained by the MMU shared page table with the CPU with SMC instruction include it is to be verified The corresponding physical address of the virtual address of memory, and the memory to be verified for including is instructed based on the physical address and SMC Data byte length carries out read operation in common domain to obtain the data (S331) in memory to be verified;The coprocessor is based on it In the algorithm that is calculated for Memory Checkout, Memory Checkout is executed to the data in acquired memory to be verified and is calculated, and is obtained Calculated result (S332);CPU is written in a secure domain in security domain progress write operation, by the calculated result with the coprocessor The virtual address (S333) of distribution.
By above-mentioned sub-step S331, coprocessor can carry out read operation in common domain, by sharing page with MMU The data byte length of table, the virtual address based on be passed to memory to be verified and memory to be verified, obtains under common domain Need to execute it data of Memory Checkout calculating.
By above-mentioned sub-step S332, verification calculating is carried out to internal storage data by hardware co-processor, so that calculating Efficiency is higher than software realization.
By above-mentioned sub-step S333, coprocessor is enabled to carry out write operation in a secure domain, by Memory Checkout meter The result of calculation exports in a secure domain, to ensure the safety of measurement.
According to the method for the Memory Checkout for ARM equipment of the embodiment of the present disclosure based on the hardware association in ARM equipment at Device is managed to carry out verification calculating to internal storage data, computational efficiency is higher than software realization, has higher efficiency.And due to calculating As a result it is output to security domain, has prevented calculated result security risk caused by the output of common domain.Further, since coprocessor Therefore it can carry out including that process on virtual machine is applied to a variety of of kernel and software supervision layer with the MMU shared page table of CPU The memory of granularity detects.
Fig. 8 is to schematically illustrate the block diagram of the ARM equipment 800 according to an embodiment of the present disclosure for executing Memory Checkout. The ARM equipment 800 is, for example, smart phone, tablet computer, smart television etc..The type of equipment 800 is not constituted to the disclosure Limitation.As shown in figure 8, the ARM equipment includes: (810) CPU, be configured to operation in common domain and security domain, and in response to Common domain receives security monitoring and calls SMC instruction, is switched to security domain from common domain and is operated;It is connected to by bus The coprocessor (820) of the CPU is configured to be enabled by operating in the CPU of security domain, after being enabled in execution It deposits verification to calculate, and calculated result is output in the security domain;The CPU (810) is additionally configured to tie the calculating Fruit is compared with for the comparison data of Memory Checkout, based on comparison determination Memory Checkout as a result, and by the memory Check results are output in common domain.
According to the disclosure exemplary realization, SMC instruction include memory to be verified virtual address and to Verify the data byte length of memory.
The processor of ARM equipment includes having 4 runlevels altogether, that is, EL0, EL1, EL2, EL3.Common domain and security domain Between switching have to pass through EL3.SMC instruction is the stereotyped command under ARM equipment system framework, in the SMC that common domain is initiated Instruction can make the processor of ARM equipment be switched to EL3 runtime class by way of interrupting or is abnormal, complete from common domain to The switching of security domain is passed to the relevant information of the memory to be measured, including memory to be verified by the standard parameter of SMC instruction Virtual address and memory to be verified data byte length.
According to the disclosure exemplary realization, the client application under common domain can with constant duration Request carries out Memory Checkout and sends SMC instruction, for example, sending SMC instruction every 10s.Alternatively, according to the disclosure another Exemplary realization, the client application under common domain can sporadically request to carry out Memory Checkout and send SMC to refer to It enables.The application is without limitation.
According to the disclosure exemplary realization, coprocessor can be according to the page table in the MMU of CPU, based on described The virtual address of memory to be verified obtains the physical address of memory to be verified, according to the physical address and memory to be verified Data byte length come obtain need to execute it Memory Checkout calculating data.
According to the disclosure exemplary realization, coprocessor can be with the MMU shared page table of CPU.According to the page table, association Processor and CPU can obtain identical data according to the mapping relations of identical virtual address to physical address, without Nonsynchronous phenomenon.In addition, coprocessor can also more fine granularity since coprocessor and MMU can be with shared page tables Ground verifies region of memory.For example, the safety check of the application program on virtual machine can be carried out, it can also be to operating system Memory in kernel is verified.
It is understood that other methods also can be used obtain need to execute it Memory Checkout calculating data, The disclosure is without limitation.For example, transmitting and needing to execute it data of Memory Checkout calculating by individually instructing Storage location and the relevant parameter of length.
According to the disclosure exemplary realization, it is also based on the virtual of the memory to be verified in SMC instruction included The data byte length of address and memory to be verified prepares the comparison data for Memory Checkout.Ratio for Memory Checkout It is for determining that data integrity whether there is the reference data of problem to data.The calculated result and use that Memory Checkout is calculated It is compared in the comparison data of Memory Checkout, Memory Checkout result is determined based on the comparison.If the two is identical, then it represents that There is no problem for data integrity, whereas if the two is not consistent, then it represents that there are problems for data integrity.
Verification calculating is carried out to internal storage data based on its hardware co-processor according to the ARM equipment of the embodiment of the present disclosure, Capable verification is internally deposited into using hardware, computational efficiency is higher than software realization, has higher efficiency.And since calculated result is defeated Security domain is arrived out, has prevented calculated result security risk caused by the output of common domain.Further, since coprocessor can be with The MMU shared page table of CPU, therefore the memory detection of a variety of granularities can be carried out.
According to another exemplary realization of the disclosure, it includes: to the coprocessor that the CPU of security domain, which enables coprocessor, It is initialized;Configure each register of the coprocessor;It starts to work with the coprocessor is enabled.By by ARM equipment CPU coprocessor is enabled, so that coprocessor is ready for subsequent Memory Checkout and calculate and output calculated result Operation.
According to another exemplary realization of the disclosure, it includes: to configure the association that the described pair of coprocessor, which carries out initialization, The configuration interface security Domain Properties register of processor, is posted so that each of the coprocessor can only be configured by the CPU of security domain Storage;The DMA for configuring the coprocessor reads security attribute register, so that the coprocessor carries out read operation in common domain; With configure the coprocessor DMA write security attribute register so that the coprocessor carries out write operation in a secure domain.
According to the disclosure exemplary realization, the DMA for configuring the coprocessor reads security attribute register, so that should It may include: to configure so that the dma controller of the coprocessor is in common domain that coprocessor carries out read operation in common domain Carry out read operation.
According to the disclosure exemplary realization, the DMA write security attribute register of the coprocessor is configured, so that should It may include: to configure so that the dma controller of the coprocessor is in common domain that coprocessor carries out write operation in a secure domain Carry out write operation.
By configuring the configuration interface security Domain Properties register of the coprocessor, so that only in a secure domain CPU is The value for configuring each register is had permission, CPU can not change the value of each register in common domain, to ensure that operation Safety.
By configure the coprocessor DMA read security attribute register, enable coprocessor in common domain into Row read operation needs to execute it what Memory Checkout calculated under common domain so as to obtain according to the instruction by being passed to Data.
By configuring the DMA write security attribute register of the coprocessor so that coprocessor can only in a secure domain into Row write operation, that is, hardware calculated result can only export in a secure domain, and the CPU in common domain can not be modified it, ensure The safety of measurement.
According to another exemplary realization of the disclosure, SMC instruction include memory to be verified virtual address and The data byte length of memory to be verified, each register for configuring the coprocessor includes: by the reading of the coprocessor The read address of address register is configured to the virtual address;It configures the write address of the writing address register of the coprocessor to The virtual address that CPU is distributed in a secure domain;Byte length is long come the data byte for configuring the coprocessor based on the data Spend register;With the algorithm pattern register for configuring the coprocessor.
According to the disclosure exemplary realization, the algorithm pattern register for configuring the coprocessor includes selection The algorithm calculated for Memory Checkout.The algorithm calculated for Memory Checkout includes but is not limited to: cryptographic Hash SM3 algorithm, peace Full Hash SHA serial algorithm, hash message authentication code hmac algorithm etc..
By configuring the virtual address for the read address of the read address register of the coprocessor and based on the number The data byte length register that the coprocessor is configured according to byte length, enables coprocessor to carry out in common domain Read operation, to further obtain the data for needing to execute it Memory Checkout calculating under common domain.
It is distributed in a secure domain virtually by configuring CPU for the write address of the writing address register of the coprocessor Location enables coprocessor to carry out write operation in a secure domain, and the result that Memory Checkout calculates is exported in a secure domain, from And the safety of measurement is ensured.
By configuring the algorithm pattern register of the coprocessor, can be calculated for coprocessor selection for Memory Checkout Suitable algorithm.For example, can be according to user demand or according to default system setting selection suitably based on Memory Checkout The algorithm of calculation.The disclosure is not limited to how to carry out above-mentioned selection.
According to another exemplary realization of the disclosure, the coprocessor executes Memory Checkout and calculates, and ties calculating Fruit is output in the security domain can include: the coprocessor is obtained by the MMU shared page table with the CPU to be instructed with SMC Including memory to be verified the corresponding physical address of virtual address, and based on the physical address and SMC instruction include The data byte length of memory to be verified carries out read operation in common domain to obtain the data in memory to be verified;The coprocessor Based on the algorithm for being wherein used for Memory Checkout calculating, Memory Checkout is executed to the data in acquired memory to be verified and is calculated, And obtain calculated result;CPU is written in a secure domain in security domain progress write operation, by the calculated result with the coprocessor The virtual address of distribution.
By the MMU shared page table of coprocessor and CPU, coprocessor can be based on the void of be passed to memory to be verified The data byte length of quasi- address and memory to be verified carries out read operation in common domain, obtains and needs to hold it under common domain The data that row Memory Checkout calculates.
Verification calculating is carried out to internal storage data by hardware co-processor, so that computational efficiency is higher than software realization.
Write operation is carried out in a secure domain by coprocessor, and the result that Memory Checkout calculates is exported in a secure domain, To ensure the safety of measurement.
Verification calculating is carried out to internal storage data based on its hardware co-processor according to the ARM equipment of the embodiment of the present disclosure, Computational efficiency is higher than software realization, has higher efficiency.And since calculated result is output to security domain, prevent to calculate knot Fruit security risk caused by the output of common domain.Further, since coprocessor can be with the MMU shared page table of CPU, therefore it can be into The memory detection of a variety of granularities of row.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually It is implemented in hardware or software, the specific application and design constraint depending on technical solution.Professional technician Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed The scope of the present disclosure.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
It is apparent to those skilled in the art that for convenience and simplicity of description, the equipment of foregoing description It with the specific work process of unit, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
The apparatus embodiments described above are merely exemplary, for example, the flow chart and block diagram in the drawings show According to the device of multiple embodiments of the disclosure, the architectural framework in the cards of method and computer program product, function and Operation.In this regard, each box in flowchart or block diagram can represent a part of a module, section or code, A part of the module, section or code includes one or more executable instructions for implementing the specified logical function. It should also be noted that function marked in the box can also be to be different from attached drawing in some implementations as replacement The sequence marked occurs.For example, two continuous boxes can actually be basically executed in parallel, they sometimes can also be by Opposite sequence executes, and this depends on the function involved.It is also noted that each box in block diagram and or flow chart, And the combination of the box in block diagram and or flow chart, hardware can be based on the defined function of execution or the dedicated of movement System realize, or can realize using a combination of dedicated hardware and computer instructions.
In addition, each functional module in each embodiment of the disclosure can integrate one independent portion of formation together Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the disclosure is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) execute each embodiment the method for the disclosure all or part of the steps. And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.It needs Illustrate, herein, such as first and third or the like relational terms be used merely to by an entity or operation with Another entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realities The relationship or sequence on border.Moreover, the terms "include", "comprise" or its any other variant are intended to the packet of nonexcludability Contain, so that the process, method, article or equipment for including a series of elements not only includes those elements, but also including Other elements that are not explicitly listed, or further include for elements inherent to such a process, method, article, or device. In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including the element Process, method, article or equipment in there is also other identical elements.
The foregoing is merely preferred embodiment of the present disclosure, are not limited to the disclosure, for the skill of this field For art personnel, the disclosure can have various modifications and variations.It is all within the spirit and principle of the disclosure, it is made any to repair Change, equivalent replacement, improvement etc., should be included within the protection scope of the disclosure.It should also be noted that similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and explained.
The above, the only specific embodiment of the disclosure, but the protection scope of the disclosure is not limited thereto, it is any Those familiar with the art can easily think of the change or the replacement in the technical scope that the disclosure discloses, and should all contain It covers within the protection scope of the disclosure.Therefore, the protection scope of the disclosure should be with the guarantor of the following claims and their equivalents It protects subject to range.

Claims (16)

1. a kind of method of the Memory Checkout for ARM equipment, which includes central processing unit and coprocessor, described Central processing unit can be operated in common domain and security domain, this method comprises:
Security monitoring, which is received, in common domain by central processing unit calls SMC instruction;
It is instructed in response to the SMC, the central processing unit is switched to security domain from common domain and is operated, and enables the ARM and set Standby coprocessor;
Memory Checkout is executed by the coprocessor to calculate, and calculated result is output in the security domain;With
The calculated result is compared with the comparison data for being used for Memory Checkout by the central processing unit, based on described It compares and determines Memory Checkout as a result, and the Memory Checkout result is output in common domain.
2. according to the method described in claim 1, wherein, the SMC instruction include memory to be verified virtual address and to Verify the data byte length of memory.
3. according to the method described in claim 1, wherein, the virtual address based on the memory to be verified for including in SMC instruction And the data byte length of memory to be verified prepares the comparison data for Memory Checkout.
4. according to the method described in claim 1, wherein, the coprocessor for enabling the ARM equipment includes:
The coprocessor is initialized;
Configure each register of the coprocessor;With
Enable coprocessor start-up operation.
5. according to the method described in claim 4, wherein, the described pair of coprocessor carries out initialization and includes:
The configuration interface security Domain Properties register of the coprocessor is configured, so that can only be configured by the central processing unit of security domain Each register of the coprocessor;
The direct memory access DMA for configuring the coprocessor reads security attribute register, so that the coprocessor is in common domain Carry out read operation;With
The direct memory access DMA write security attribute register for configuring the coprocessor, so that the coprocessor is in a secure domain Carry out write operation.
6. according to the method described in claim 4, wherein, the SMC instruction include memory to be verified virtual address and to The data byte length of memory is verified, each register for configuring the coprocessor includes:
The virtual address is configured by the read address of the read address register of the coprocessor;
Central processing unit is configured by the write address of the writing address register of the coprocessor to distribute in a secure domain virtually Location;
Byte length configures the data byte length register of the coprocessor based on the data;With
Configure the algorithm pattern register of the coprocessor.
7. according to the method described in claim 6, wherein, the algorithm pattern register for configuring the coprocessor includes selection The algorithm calculated for Memory Checkout.
8. the coprocessor executes Memory Checkout and calculates according to the method described in claim 1, wherein, and by calculated result It is output in the security domain and includes:
The coprocessor is obtained by the memory management unit MMU shared page table with the central processing unit includes with SMC instruction Memory to be verified the corresponding physical address of virtual address, and based on the physical address and SMC instruction include to school The data byte length for testing memory carries out read operation in common domain to obtain the data in memory to be verified;
The coprocessor executes the data in acquired memory to be verified based on the algorithm for being wherein used for Memory Checkout calculating Memory Checkout calculates, and obtains calculated result;With
The coprocessor is written what central processing unit distributed in a secure domain in security domain progress write operation, by the calculated result Virtual address.
9. a kind of ARM equipment for executing Memory Checkout, the ARM equipment include:
Central processing unit is configured to operation in common domain and security domain, and in response to receiving security monitoring tune in common domain It is instructed with SMC, is switched to security domain from common domain and is operated;With
It is connected to the coprocessor of the central processing unit by bus, is configured to by operating the central processing unit in security domain It is enabled, Memory Checkout is executed after being enabled and is calculated, and calculated result is output in the security domain;
The central processing unit is additionally configured to for the calculated result being compared with the comparison data for being used for Memory Checkout, base Determine Memory Checkout as a result, and the Memory Checkout result is output in common domain in the comparison.
10. ARM equipment according to claim 9, wherein SMC instruction include the virtual address of memory to be verified with And the data byte length of memory to be verified.
11. ARM equipment according to claim 9, wherein the central processing unit based on the SMC instruct in include to The data byte length of the virtual address and memory to be verified that verify memory prepares the comparison data for Memory Checkout.
12. ARM equipment according to claim 9, wherein the central processing unit enables the coprocessor and includes:
The coprocessor is initialized;
Configure each register of the coprocessor;With
Enable coprocessor start-up operation.
13. ARM equipment according to claim 12, wherein the described pair of coprocessor carries out initialization and include:
The configuration interface security Domain Properties register of the coprocessor is configured, so that can only be configured by the central processing unit of security domain Each register of the coprocessor;
The direct memory access DMA for configuring the coprocessor reads security attribute register, so that the coprocessor is in common domain Carry out read operation;With
The direct memory access DMA write security attribute register for configuring the coprocessor, so that the coprocessor is in a secure domain Carry out write operation.
14. ARM equipment according to claim 12, wherein SMC instruction include the virtual address of memory to be verified with And the data byte length of memory to be verified, each register for configuring the coprocessor include:
The virtual address is configured by the read address of the read address register of the coprocessor;
Central processing unit is configured by the write address of the writing address register of the coprocessor to distribute in a secure domain virtually Location;
Byte length configures the data byte length register of the coprocessor based on the data;With
Configure the algorithm pattern register of the coprocessor.
15. ARM equipment according to claim 14, wherein the algorithm pattern register packet for configuring the coprocessor Include algorithm of the selection for Memory Checkout calculating.
16. ARM equipment according to claim 9, wherein the coprocessor executes Memory Checkout and calculates, and will calculate As a result it is output in the security domain and includes:
The coprocessor is obtained by the memory management unit MMU shared page table with the central processing unit includes with SMC instruction Memory to be verified the corresponding physical address of virtual address, and based on the physical address and SMC instruction include to school The data byte length for testing memory carries out read operation in common domain to obtain the data in memory to be verified;
The coprocessor executes the data in acquired memory to be verified based on the algorithm for being wherein used for Memory Checkout calculating Memory Checkout calculates, and obtains calculated result;With
The coprocessor is written what central processing unit distributed in a secure domain in security domain progress write operation, by the calculated result Virtual address.
CN201811589122.3A 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification Active CN109684126B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811589122.3A CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811589122.3A CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Publications (2)

Publication Number Publication Date
CN109684126A true CN109684126A (en) 2019-04-26
CN109684126B CN109684126B (en) 2022-05-03

Family

ID=66189166

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811589122.3A Active CN109684126B (en) 2018-12-25 2018-12-25 Memory verification method for ARM equipment and ARM equipment for executing memory verification

Country Status (1)

Country Link
CN (1) CN109684126B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113486355A (en) * 2021-06-29 2021-10-08 北京紫光展锐通信技术有限公司 Information storage device, information storage method, communication device, chip and module equipment thereof
CN113704791A (en) * 2021-09-01 2021-11-26 北京兆芯电子科技有限公司 Processor and hash information authentication code encoding method
CN115310055A (en) * 2022-06-22 2022-11-08 北京信息科技大学 Software integrity protection method based on double watchdog

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080043616A (en) * 2006-11-14 2008-05-19 삼성전자주식회사 Multichip and test method thereof
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
WO2014021919A2 (en) * 2012-08-03 2014-02-06 North Carolina State University Methods, systems, and computer readable medium for active monitoring, memory protection and integrity verification of target devices
JP2014525105A (en) * 2011-07-29 2014-09-25 マイクロソフト コーポレーション Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
CN104992122A (en) * 2015-07-20 2015-10-21 武汉大学 Cell phone private information safe box based on ARM Trust Zone
WO2016139079A1 (en) * 2015-03-02 2016-09-09 Siemens Ag Österreich Protection of memory contents of a memory of a computer system by using a hash function
CN106980794A (en) * 2017-04-01 2017-07-25 北京元心科技有限公司 TrustZone-based file encryption and decryption method and device and terminal equipment
CN107194284A (en) * 2017-06-22 2017-09-22 济南浪潮高新科技投资发展有限公司 A kind of method and system based on the user-isolated data of TrustZone
CN107679393A (en) * 2017-09-12 2018-02-09 中国科学院软件研究所 Android integrity verification methods and device based on credible performing environment
CN108197500A (en) * 2018-01-31 2018-06-22 长安大学 A kind of storage system and method based on TrustZone Security and Integrality of Data

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080043616A (en) * 2006-11-14 2008-05-19 삼성전자주식회사 Multichip and test method thereof
JP2014525105A (en) * 2011-07-29 2014-09-25 マイクロソフト コーポレーション Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
WO2014021919A2 (en) * 2012-08-03 2014-02-06 North Carolina State University Methods, systems, and computer readable medium for active monitoring, memory protection and integrity verification of target devices
WO2016139079A1 (en) * 2015-03-02 2016-09-09 Siemens Ag Österreich Protection of memory contents of a memory of a computer system by using a hash function
CN104992122A (en) * 2015-07-20 2015-10-21 武汉大学 Cell phone private information safe box based on ARM Trust Zone
CN106980794A (en) * 2017-04-01 2017-07-25 北京元心科技有限公司 TrustZone-based file encryption and decryption method and device and terminal equipment
CN107194284A (en) * 2017-06-22 2017-09-22 济南浪潮高新科技投资发展有限公司 A kind of method and system based on the user-isolated data of TrustZone
CN107679393A (en) * 2017-09-12 2018-02-09 中国科学院软件研究所 Android integrity verification methods and device based on credible performing environment
CN108197500A (en) * 2018-01-31 2018-06-22 长安大学 A kind of storage system and method based on TrustZone Security and Integrality of Data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
夏常钧: "基于TrustZone的内核完整性保护的研究与实现", 《中国优秀硕士学位论文全文数据库》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113486355A (en) * 2021-06-29 2021-10-08 北京紫光展锐通信技术有限公司 Information storage device, information storage method, communication device, chip and module equipment thereof
CN113486355B (en) * 2021-06-29 2023-03-14 北京紫光展锐通信技术有限公司 Information storage device, information storage method, communication device, chip and module equipment thereof
CN113704791A (en) * 2021-09-01 2021-11-26 北京兆芯电子科技有限公司 Processor and hash information authentication code encoding method
CN113704791B (en) * 2021-09-01 2024-03-15 北京兆芯电子科技有限公司 Processor and hash information authentication code encoding method
CN115310055A (en) * 2022-06-22 2022-11-08 北京信息科技大学 Software integrity protection method based on double watchdog
CN115310055B (en) * 2022-06-22 2023-08-11 北京信息科技大学 Software integrity protection method based on double watchdog

Also Published As

Publication number Publication date
CN109684126B (en) 2022-05-03

Similar Documents

Publication Publication Date Title
US11630904B2 (en) System, apparatus and method for configurable trusted input/output access from authorized software
CN104982005B (en) Implement the computing device and method of the franchise cryptographic services in virtualized environment
US7073059B2 (en) Secure machine platform that interfaces to operating systems and customized control programs
US8826391B2 (en) Virtualized trusted descriptors
CN103038745B (en) Extension integrity measurement
US9853974B2 (en) Implementing access control by system-on-chip
CN108509250A (en) The safe public cloud of host computer control is verified with shielded guest machine
TWI632483B (en) Security device and method of providing security service to host therein, security apparatus and computer software product
US20040093505A1 (en) Open generic tamper resistant CPU and application system thereof
CN110022199A (en) Indirect catalogue for counter mode memory protection
Arfaoui et al. Trusted execution environments: A look under the hood
CN109684126A (en) For the Memory Checkout method of ARM equipment and the ARM equipment of execution Memory Checkout
Mirzamohammadi et al. Ditio: Trustworthy auditing of sensor activities in mobile & iot devices
US20230134324A1 (en) Managing storage of secrets in memories of baseboard management controllers
US20230237155A1 (en) Securing communications with security processors using platform keys
TW201939337A (en) Behavior recognition, data processing method and apparatus
CN103347027A (en) Trusted network connecting method and system
CN113568799A (en) Simulation of physical security devices
Zhang et al. Trusttokenf: A generic security framework for mobile two-factor authentication using trustzone
CN115062330B (en) TPM-based intelligent password key password application interface implementation method
CN106156632A (en) Safety device and within it provide security service to the method for main frame, safety equipment
JP6318868B2 (en) Authentication system and portable communication terminal
Schellekens Design and analysis of trusted computing platforms
CN108345804A (en) A kind of storage method in trusted computation environment and device
CN109697351A (en) A kind of credible measurement system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: 9th Floor, Building C, Gui'an Center, Plot ZD-64, Big Data Science and Technology Innovation City, Gui'an New Area, Guiyang City, Guizhou Province, 550003 (No. 2 on the south side)

Patentee after: Guizhou Huaxin Semiconductor Technology Co.,Ltd.

Address before: 550081 2nd floor, intersection of Qianzhong Avenue and Jinma Avenue, Gui'an New District, Guiyang City, Guizhou Province

Patentee before: GUIZHOU HUAXINTONG SEMICONDUCTOR TECHNOLOGY Co.,Ltd.

CP03 Change of name, title or address