CN111177805A - Method and device for improving operation safety of processor and CPU chip - Google Patents
Method and device for improving operation safety of processor and CPU chip Download PDFInfo
- Publication number
- CN111177805A CN111177805A CN201911278710.XA CN201911278710A CN111177805A CN 111177805 A CN111177805 A CN 111177805A CN 201911278710 A CN201911278710 A CN 201911278710A CN 111177805 A CN111177805 A CN 111177805A
- Authority
- CN
- China
- Prior art keywords
- configuration information
- configuration
- clearing
- information
- processor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Abstract
The embodiment of the invention discloses a method and a device for improving the running safety of a processor and a CPU chip, relates to the technical field of safety, and aims to improve the running safety of the processor. The method comprises the following steps: monitoring whether the process is switched; if the process switching is monitored, inquiring clearing configuration information, wherein the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not; determining information in the processor micro-architecture to be cleared according to the clearing configuration information; and performing clearing operation on the information in the micro-architecture of the processor needing clearing. The invention is suitable for occasions for improving the running safety of the processor.
Description
Technical Field
The present invention relates to the field of security technologies, and in particular, to a method and an apparatus for improving processor operation security, a CPU chip, and an electronic device.
Background
In order to improve the running performance of the processor, optimization means such as out-of-order execution, speculative execution and the like are commonly adopted in the modern processor, but meanwhile, potential safety hazards are also introduced by the optimization means. For example, by using technologies such as out-of-order execution and speculative execution, in the process of running a processor, Cache, TLB, RSB, BTB, and the like in a processor micro-architecture are used, but while the running performance of the processor is improved, information of a previous process is also stored in the micro-architecture, so that an attacker process can steal confidential data of the attacker process through modes such as side channel attack, and the like, thereby breaking through an isolation barrier between processes, and the running safety of the processor is low.
Disclosure of Invention
In view of this, embodiments of the present application provide a method and an apparatus for improving processor operation security, a CPU chip, and an electronic device, which can improve the processor operation security.
In a first aspect, an embodiment of the present application provides a method for improving operating safety of a processor, including: monitoring whether the process is switched; if the process switching is monitored, inquiring and clearing configuration information; determining information in the processor micro-architecture to be cleared according to the clearing configuration information; and performing clearing operation on the information in the micro-architecture of the processor needing clearing.
According to a specific implementation manner of the embodiment of the present application, the configuration information clearing includes at least one of the following configuration information: whether to clear the configuration information of the first-level cache; whether to clear the configuration information of the second-level cache; whether to clear the configuration information of the third-level cache; whether to flush configuration information of the TLB; whether configuration information of the RSB is cleared; whether to clear the configuration information of the BTB.
According to a specific implementation manner of the embodiment of the present application, before monitoring whether a process is switched, the method further includes: and verifying the configuration clearing request, and configuring the configuration clearing information after the verification is passed.
According to a specific implementation manner of the embodiment of the application, the clearing configuration information is added, deleted or modified.
According to a specific implementation manner of the embodiment of the application, the current operating environment of the processor is detected, and the configuration strategy corresponding to the current operating environment is determined according to the operating environment and the corresponding relation between the operating environment and the configuration strategy; and configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
In a second aspect, an embodiment of the present application provides an apparatus for improving operating safety of a processor, including: the system comprises a monitoring module, an inquiry module, an information determination module and a clearing module, wherein the monitoring module is used for monitoring whether the process is switched; the inquiry module is used for inquiring and clearing the configuration information if the process switching is monitored; the information determining module is used for determining the information in the processor micro-architecture which needs to be cleared according to the clearing configuration information; and the clearing module is used for clearing the information in the processor micro-architecture which needs to be cleared.
According to a specific implementation manner of the embodiment of the present application, the configuration information to be cleared in the query module includes at least one of the following configuration information: whether to clear the configuration information of the first-level cache; whether to clear the configuration information of the second-level cache; whether to clear the configuration information of the third-level cache; whether to flush configuration information of the TLB; whether configuration information of the RSB is cleared; whether to clear the configuration information of the BTB.
According to a specific implementation manner of the embodiment of the application, the method further includes: and the verification and configuration module is used for verifying the configuration clearing request and configuring the configuration clearing information after the verification is passed.
According to a specific implementation manner of the embodiment of the application, the method further includes: and the modification module is used for adding, deleting or modifying the clearing configuration information.
According to a specific implementation manner of the embodiment of the application, a policy configuration determining module and a configuration module are configured, wherein the policy configuration determining module is used for detecting a current operating environment of a processor, and determining a configuration policy corresponding to the current operating environment according to the operating environment and a corresponding relationship between the operating environment and the configuration policy; and the configuration module is used for configuring the clearing configuration information according to a configuration strategy corresponding to the current operating environment.
In a third aspect, an embodiment of the present application provides a CPU chip, including: a processor core; the processor core is used for monitoring whether the process is switched; if the process switching is monitored, inquiring clearing configuration information, wherein the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not; determining information in the processor micro-architecture to be cleared according to the clearing configuration information; and performing clearing operation on the information in the micro-architecture of the processor needing clearing.
According to a specific implementation manner of the embodiment of the present application, the configuration information clearing includes at least one of the following configuration information: whether to clear the configuration information of the first-level cache; whether to clear the configuration information of the second-level cache; whether to clear the configuration information of the third-level cache; whether to flush configuration information of the TLB; whether configuration information of the RSB is cleared; whether to clear the configuration information of the BTB.
According to a specific implementation manner of the embodiment of the present application, the processor core is further configured to verify the configuration clearing request, and configure the configuration clearing information after the verification is passed.
According to a specific implementation manner of the embodiment of the present application, the processor core is further configured to add, delete, or modify the configuration information.
According to a specific implementation manner of the embodiment of the application, the processor core is further configured to detect a current operating environment of the processor, and determine a configuration policy corresponding to the current operating environment according to the operating environment and a corresponding relationship between the operating environment and the configuration policy; and configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
An embodiment of the present application provides an electronic device, including: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes the program corresponding to the executable program code by reading the executable program code stored in the memory, and is used for executing the method of any one of the foregoing implementation modes.
According to the method, the device, the CPU chip and the electronic equipment for improving the running safety of the processor, whether the process is switched or not is monitored, if the process is monitored to be switched, the configuration information is inquired and cleared, the information in the micro-architecture of the processor needing to be cleared is determined according to the configuration information, and the information in the micro-architecture of the processor needing to be cleared is cleared.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a flowchart illustrating a method for improving the operational security of a processor according to an embodiment of the present disclosure;
FIG. 2 is a flowchart illustrating a method for improving the operational safety of a processor according to another embodiment of the present disclosure;
FIG. 3 is a flowchart illustrating a method for improving the operational safety of a processor according to another embodiment of the present disclosure;
FIG. 4 is a flowchart illustrating a method for improving the operational safety of a processor according to yet another embodiment of the present disclosure;
FIG. 5 is a diagram of clear configuration information in a register;
FIG. 6 is a flow diagram of clearing microarchitectural information;
FIG. 7 is a block diagram illustrating an apparatus for improving the operational safety of a processor according to an embodiment of the present application;
FIG. 8 is a schematic diagram of a CPU chip according to an embodiment of the present application;
fig. 9 is a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The embodiments of the present application will be described in detail below with reference to the accompanying drawings.
It should be understood that the embodiments described are only a few embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a flowchart illustrating a method for improving the operation security of a processor according to an embodiment of the present disclosure. Referring to fig. 1, the method of the present embodiment may include:
A Process (Process) is a running activity of a program in a computer on a data set, is a basic unit of resource allocation and scheduling of a system, and is the basis of an operating system structure.
A process switch is to reclaim the processor from the running process and then to cause the pending process to seize the processor. The processor is retired from the running process, essentially by depositing intermediate data of the process in the processor's registers on the process's private stack. When a process runs, intermediate data related to the process is stored in each register of the processor, the data is called the context of the process, and the switching of the process is essentially the switching of the suspended running process and the context of the process to be carried.
When the previous process related to the switching of the two processes is executed, the process is switched to the next process, the previous process is stopped, and the next process is not operated, so that the process switching can be considered to occur.
The processor manages system memory using virtual addresses and page tables, which are used to translate virtual addresses to physical addresses, with different processes using different page tables. In order for a process to operate normally, a Register is provided in the processor to store the page table root directory address of the process, and in some examples, the Control Register CR3(Control Register 3) (the Control Register in the CPU architecture of X86) is used to store the page table root directory address of the process. When a process switch occurs, the page table root directory address of the new process is updated into the corresponding register. In some examples, the previous process was aborted and the page table root directory address of the next process was not updated to CR3 for a process switch to occur.
Micro-architectures, also known as microprocessor architectures, are hardware structures that implement a given instruction set architecture within a processor. The micro-architecture may include a first level cache, a second level cache, a third level cache, a TLB (Translation Lookaside Buffer), a RSB (Return Stack Buffer), and a BTB (Branch targetBuffer). A first-Level Cache (Level 1Cache) is abbreviated as L1Cache, is positioned beside a CPU kernel and is the CPU Cache which is most tightly combined with the CPU kernel, and can be divided into a first-Level Data Cache (D-Cache) and a first-Level Instruction Cache (1-Cache); a second Level Cache (Level 2Cache) is abbreviated as L2Cache, and L2Cache is a second-Level Cache of a CPU kernel; the third-Level Cache (Level 3Cache) is abbreviated as L3Cache, and the L3Cache is a Cache designed for reading missed data after the second-Level Cache; the TLB is called a page table cache or a translation bypass cache, is a cache of a CPU and is used for improving the translation speed of a virtual address to a physical address; RSB is referred to as return stack buffering; the BTB is called a branch target buffer and is used to dynamically predict branch operations of a program.
The micro-architectural information is intermediate data stored in the micro-architecture and corresponding to a previous process at process switch. The configuration information is configuration information for clearing the micro-architecture information, and in some examples, the configuration information is cleared, including at least one of the following configuration information: whether to clear the configuration information of the first-level cache; whether to clear the configuration information of the second-level cache; whether to clear the configuration information of the third-level cache; whether to flush configuration information of the TLB; whether configuration information of the RSB is cleared; whether to clear the configuration information of the BTB.
In one example, the configuration information may be configured in a Register (corresponding to a MicroArchitecture Control Register, MACR), where a binary bit in a byte may be divided into several different regions, so that several different microarchitectures may be associated with different regions in a byte, respectively, and each region may have a domain name; to facilitate operation according to domain name in the program, each domain name may be different; each region may occupy 1 or more bits. In one example, each region may occupy 1 binary digit, each region may store a 0 or a 1, respectively, a 0 may indicate that the micro-architectural information is not to be cleared, and a 1 may indicate that the micro-architectural information is to be cleared.
And 103, determining information in the processor micro-architecture which needs to be cleared according to the clearing configuration information.
When the flush configuration information is to flush information in the processor micro-architecture, information in the processor micro-architecture that needs to be flushed is determined.
And 104, performing clearing operation on the information in the processor micro-architecture needing to be cleared.
The information in the processor micro-architecture is cleared by clearing a valid bit in the processor micro-architecture. In some examples, the processor performs a flush operation on information in the processor micro-architecture to enable flushing of information in the processor micro-architecture.
In the embodiment, whether the process is switched is monitored, if the process is monitored to be switched, the clearing configuration information is inquired, the information in the processor micro-architecture which needs to be cleared is determined according to the clearing configuration information, and the clearing operation is performed on the information in the processor micro-architecture which needs to be cleared.
Fig. 2 is a schematic flow chart of a method for improving processor operation security according to another embodiment of the present application, referring to fig. 2, the present embodiment is substantially the same as the embodiment shown in fig. 1, except that in the present embodiment, before the monitoring process is switched, the method may further include:
and step 100, verifying the configuration clearing request, and configuring the configuration clearing information after the verification is passed.
When a process tries to configure the configuration clearing information, the configuration clearing request needs to be verified firstly, and after the verification is passed, the configuration clearing information is configured. In some examples, configuration of the clear configuration information may be implemented through a privileged instruction, so that a common user process cannot change the clear configuration information, thereby ensuring that the clear configuration information is not maliciously modified by an attacker process.
In this embodiment, the micro-architecture information configuration clearing request is verified, and after the verification is passed, the configuration clearing request is configured, so that malicious modification of the clearing configuration information by a malicious process can be prevented, and the running safety of the processor is further improved.
Fig. 3 is a schematic flow chart of a method for improving the operating safety of a processor according to another embodiment of the present application, referring to fig. 3, which is substantially the same as the embodiment shown in fig. 1, except that in this embodiment, the method may further include:
The information in the micro-architecture can be cleared according to the clearing configuration information, but different application scenarios have different attack threats and different security requirements, for example, in a scenario with a very high security requirement, information in Cache, TLB, RSB, and BTB needs to be cleared when a process is switched, but the information in the micro-architecture BTB is not included in the original clearing configuration information, and for this situation, the configuration information for clearing the information in the BTB may be added.
In this embodiment, by adding the removal configuration information, the information in the micro-architecture can be removed according to a specific application scenario, for example, when the security requirement is high, so as to improve the security of the processor operation.
It is understood that step 105 may precede any of steps 101 through 103.
In some examples, the cleanup configuration information is deleted in order to improve processor performance.
In a scenario with low security requirements, such as an application scenario only for BTB attack, it may be selected to only clear BTB information during process switching, but in the original clearing configuration information, in addition to the clearing configuration information of BTB, it also includes clearing configuration information of Cache and TLB information, and in this case, the configuration information for clearing information in Cache and TLB may be deleted, so as to improve the running performance of the processor.
In other examples, the flush configuration information is modified to increase the security of the processor operation.
In different application scenarios, attack threats faced by users are different, for example, in one scenario, the clearing configuration information includes clearing configuration information for information of the Cache and the TLB, that is, information in the Cache and the TLB is cleared, but in another scenario, only information in the TLB may be cleared, information in the Cache is not cleared, and configuration information about the Cache in the clearing configuration information may be modified.
In the above embodiments, the removal configuration information is added, deleted or modified, one of the manners may be selected to configure the removal configuration information, and two or three of the manners may be flexibly selected to configure the removal configuration information according to the actual application scenario.
Fig. 4 is a flowchart illustrating a method for improving the operating safety of a processor according to yet another embodiment of the present application, referring to fig. 4, which is substantially the same as the embodiment shown in fig. 1, except that in this embodiment, the method may further include:
and 106, detecting the current operating environment of the processor, and determining a configuration strategy corresponding to the current operating environment according to the operating environment and the corresponding relation between the operating environment and the configuration strategy.
The running environment of the processor can comprise a software environment and a hardware environment, and the hardware environment refers to a computer physical system consisting of a computer and peripheral equipment thereof, namely a hardware facility. The software environment refers to a software system running on computer hardware and driving a computer and its peripheral devices to achieve a certain purpose, and mainly refers to a software running environment, such as XP, Linux, peripheral software required by software running, and the like, and in addition, also includes application layer software other than the target software.
The configuration policy may be information on which microarchitecture or microarchitectures information is or is not to be purged.
Different configuration policies may be determined according to different operating environments, and in one example, different configuration policies may be determined according to a high security of the operating environment. If the security requirement of the process currently executed by the processor is low, the configuration strategy can select not to clear the micro-architecture information; or, the process currently executed by the processor has a lower requirement on security, and the current hardware environment adopts hardware with a higher security level, at this time, the configuration policy can select not to clear the micro-architecture information or to clear part of the micro-architecture information; or, the currently executed process of the processor has a low requirement on security, and the current software environment is running a piece of security software, at this time, the configuration policy may select not to clear the micro-architecture information or to clear part of the micro-architecture information.
And 107, configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
In this embodiment, the configuration policy corresponding to the current operating environment may be determined according to the current operating environment of the processor and the corresponding relationship between the operating environment and the configuration policy, and then the configuration information to be cleared may be configured according to the configuration policy corresponding to the current operating environment, so that the configuration information to be cleared may be configured according to the current operating environment of the processor, and the configuration information to be cleared may be configured in a targeted manner.
It is understood that step 106 and step 107 may precede any of steps 101 through 103.
The method for improving the operation safety of the processor is described by taking a specific embodiment as an example. Fig. 5 is a flowchart illustrating clearing configuration information in a register, fig. 6 is a flowchart illustrating clearing micro-architecture information, and with reference to fig. 5 and 6, the method for improving the operating security of a processor in this embodiment includes:
step 201, verifying the micro-architecture information configuration clearing request, and configuring the configuration clearing configuration information after the verification is passed.
Configuration of the clear configuration information may be implemented by a privileged instruction, and the clear configuration information is configured into a Register (corresponding to the name Micro Architecture Control Register, MACR). Domain names bit0-bit5 in the register MACR respectively correspond to the L1Cache, the L2Cache, the L3Cache, the TLB, the RSB and the BTB, areas corresponding to each domain name are respectively set to be 1, 0 and 1, 1 can represent that the micro-architecture information is cleared, for example, bit0 corresponds to the L1Cache, and an area corresponding to bit0 is set to be 1, which represents that the information of the L1Cache is cleared.
Step 202, monitoring whether the process is switched.
Control register CR3 (a control register in the CPU architecture of X86) stores the page table root directory address of the process. When a process switch occurs, the previous process is aborted and the page table root directory address of the new process has not yet been updated into CR3, at which point the process switch may be considered to have occurred.
Step 203, if it is monitored that the process is switched, inquiring clearing configuration information.
When the process is switched, the values of the areas corresponding to bit0-bit5 in the query register are 1, 0 and 1, and the corresponding micro architectures are respectively L1Cache, L2Cache, L3Cache, TLB, RSB and BTB, at this time, bit0 can also be MACR.L1cache, bitl can also be MACR.L2cache, bit2 can also be MACR.L3cache, bit3 can also be MACR.MACR, bit4 can also be MACR.RSB, and bit5 can also be MACR.BTB.
And step 204, determining the information in the processor micro-architecture which needs to be cleared according to the clearing configuration information.
And determining the information of the processes before the residual process switching in the L1Cache, the L2Cache and the BTB needs to be cleared.
Step 205, performing a cleaning operation on the information in the processor micro-architecture which needs to be cleaned.
And clearing the information of the processes before the residual process switching in the L1Cache, the L2Cache and the BTB.
Step 206, the page table root directory address information of the next process is updated to CR 3.
The above process may also be checking the value of the region corresponding to the domain name in the register in sequence, and when 1, clearing the information of the process before the program switch remaining in the corresponding micro-architecture; and when the value is 0, not clearing the process information before the program switching remained in the corresponding micro-architecture, and entering the next process.
Fig. 7 is a schematic structural diagram of an apparatus for improving operation safety of a processor according to an embodiment of the present application, and referring to fig. 7, the apparatus of the present embodiment includes: the system comprises a monitoring module 11, an inquiry module 12, an information determination module 13 and a clearing module 14, wherein the monitoring module 11 is used for monitoring whether the process is switched; the query module 12 is configured to query and clear configuration information if it is monitored that a process is switched; an information determining module 13, configured to determine, according to the removal configuration information, information in the processor micro-architecture that needs to be removed; and the clearing module 14 is used for carrying out clearing operation on the information in the processor micro-architecture needing clearing.
In some embodiments, the clearing configuration information in the query module includes at least one of the following configuration information: whether to clear the configuration information of the first-level cache; whether to clear the configuration information of the second-level cache; whether to clear the configuration information of the third-level cache; whether to flush configuration information of the TLB; whether configuration information of the RSB is cleared; whether to clear the configuration information of the BTB.
In some embodiments, the apparatus further comprises: and the verification and configuration module 15 is configured to verify the configuration request for clearing the configuration information, and after the verification is passed, configure the clearing configuration information.
In some embodiments, the apparatus further comprises: and a modification module 16, configured to add, delete or modify the clearing configuration information.
In some embodiments, the apparatus further comprises: a configuration policy determining module 17 and a configuration module 18, where the determining module and the configuration module 17 are used to detect the current operating environment of the processor, and determine a configuration policy corresponding to the current operating environment according to the operating environment and the corresponding relationship between the operating environment and the configuration policy;
and the configuration module 18 is configured to configure the configuration clearing information according to a configuration policy corresponding to the current operating environment.
The apparatus for improving the running safety of the processor in this embodiment may be used to execute the technical solution of any embodiment of the method shown in fig. 1 to fig. 4, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 8 is a schematic structural diagram of a CPU chip according to an embodiment of the present application, and referring to fig. 8, the CPU chip according to the embodiment includes: a processor core 20; a processor core 20, configured to monitor whether a process is switched; if the process switching is monitored, inquiring clearing configuration information, wherein the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not; determining information in the processor micro-architecture to be cleared according to the clearing configuration information; and performing clearing operation on the information in the micro-architecture of the processor needing clearing.
In some embodiments, the clearing configuration information includes at least one of the following configuration information:
whether to clear the configuration information of the first-level cache;
whether to clear the configuration information of the second-level cache;
whether to clear the configuration information of the third-level cache;
whether to flush configuration information of the TLB;
whether configuration information of the RSB is cleared;
whether to clear the configuration information of the BTB.
In some embodiments, the processor core 20 is further configured to verify the clear configuration request, and configure the clear configuration information after the verification is passed.
In some embodiments, the processor core 20 is further configured to add, delete, or modify the cleanup configuration information.
In some embodiments, the processor core 20 is further configured to detect a current operating environment of the processor, and determine a configuration policy corresponding to the current operating environment according to the operating environment and a corresponding relationship between the operating environment and the configuration policy; and configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
The CPU chip of this embodiment may be used to execute the technical solution of any embodiment of the method shown in fig. 1 to fig. 4, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 9 is a block diagram of an electronic device according to an embodiment of the present application, and referring to fig. 9, the electronic device may include: the device comprises a shell 41, a processor 42, a memory 43, a circuit board 44 and a power circuit 45, wherein the circuit board 44 is arranged inside a space enclosed by the shell 41, and the processor 42 and the memory 43 are arranged on the circuit board 44; a power supply circuit 45 for supplying power to each circuit or device of the server; the memory 43 is used for storing executable program code; the processor 42 executes a program corresponding to the executable program code by reading the executable program code stored in the memory 43, for executing the method described in any of the foregoing embodiments.
The specific execution process of the above steps by the processor 42 and the steps further executed by the processor 42 by running the executable program code may refer to the description of the embodiment shown in fig. 1 to 4 of the present invention, and are not described herein again.
The electronic device exists in a variety of forms, including but not limited to:
(1) ultra mobile personal computer device: the equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such terminals include: PDA, MTD, and UMPC devices, etc., such as ipads.
(2) A server: the device for providing the computing service comprises a processor, a hard disk, a memory, a system bus and the like, and the server is similar to a general computer architecture, but has higher requirements on processing capacity, stability, reliability, safety, expandability, manageability and the like because of the need of providing high-reliability service.
(3) And other electronic equipment with data interaction function.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (16)
1. A method for increasing the operational security of a processor, comprising:
monitoring whether the process is switched;
if the process switching is monitored, inquiring clearing configuration information, wherein the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not;
determining information in the processor micro-architecture to be cleared according to the clearing configuration information;
and performing clearing operation on the information in the micro-architecture of the processor needing clearing.
2. The method of claim 1, wherein the clearing configuration information comprises at least one of the following configuration information:
whether to clear the configuration information of the first-level cache;
whether to clear the configuration information of the second-level cache;
whether to clear the configuration information of the third-level cache;
whether to flush configuration information of the TLB;
whether configuration information of the RSB is cleared;
whether to clear the configuration information of the BTB.
3. The method of claim 1, wherein prior to monitoring whether a process is handed off, the method further comprises:
and verifying the configuration clearing request, and configuring the configuration clearing information after the verification is passed.
4. The method of claim 1, further comprising:
the clear configuration information is added, deleted or modified.
5. The method of claim 1, further comprising:
detecting the current operating environment of the processor, and determining a configuration strategy corresponding to the current operating environment according to the operating environment and the corresponding relationship between the operating environment and the configuration strategy;
and configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
6. An apparatus for improving the operational safety of a processor, comprising:
the monitoring module is used for monitoring whether the process is switched;
the system comprises an inquiry module, a configuration module and a processing module, wherein the inquiry module is used for inquiring clearing configuration information if the process switching is monitored, and the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not;
the information determining module is used for determining the information in the processor micro-architecture which needs to be cleared according to the clearing configuration information;
and the clearing module is used for clearing the information in the processor micro-architecture which needs to be cleared.
7. The apparatus of claim 6, wherein the clear configuration information comprises at least one of the following configuration information:
whether to clear the configuration information of the first-level cache;
whether to clear the configuration information of the second-level cache;
whether to clear the configuration information of the third-level cache;
whether to flush configuration information of the TLB;
whether configuration information of the RSB is cleared;
whether to clear the configuration information of the BTB.
8. The apparatus of claim 6, further comprising: the authentication and configuration module is adapted to perform,
the configuration information clearing system is used for verifying the configuration request for clearing the configuration information, and after the verification is passed, the clearing configuration information is configured.
9. The apparatus of claim 6, further comprising: and the modification module is used for adding, deleting or modifying the clearing configuration information.
10. The method of claim 6, further comprising: a configuration policy determination module and a configuration module, wherein,
the configuration strategy determining module is used for detecting the current operating environment of the processor and determining a configuration strategy corresponding to the current operating environment according to the operating environment and the corresponding relation between the operating environment and the configuration strategy;
and the configuration module is used for configuring the clearing configuration information according to a configuration strategy corresponding to the current operating environment.
11. A CPU chip, comprising: a processor core;
the processor core is used for monitoring whether the process is switched; if the process switching is monitored, inquiring clearing configuration information, wherein the clearing configuration information is the configuration information of whether micro-architecture information is cleared or not; determining information in the processor micro-architecture to be cleared according to the clearing configuration information; and performing clearing operation on the information in the micro-architecture of the processor needing clearing.
12. The CPU chip of claim 11, wherein the clear configuration information comprises at least one of the following configuration information:
whether to clear the configuration information of the first-level cache;
whether to clear the configuration information of the second-level cache;
whether to clear the configuration information of the third-level cache;
whether to flush configuration information of the TLB;
whether configuration information of the RSB is cleared;
whether to clear the configuration information of the BTB.
13. The CPU chip of claim 11, wherein the processor core is further configured to verify the clear configuration request, and configure the clear configuration information after the verification is passed.
14. The CPU chip of claim 11, wherein the processor core is further configured to add, delete, or modify the cleanup configuration information.
15. The CPU chip of claim 11, wherein the processor core is further configured to detect a current operating environment of the processor, and determine a configuration policy corresponding to the current operating environment according to the operating environment and a correspondence between the operating environment and the configuration policy; and configuring the configuration clearing information according to a configuration strategy corresponding to the current operating environment.
16. An electronic device, comprising: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method of any one of the preceding claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911278710.XA CN111177805B (en) | 2019-12-12 | 2019-12-12 | Method and device for improving operation safety of processor and CPU chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911278710.XA CN111177805B (en) | 2019-12-12 | 2019-12-12 | Method and device for improving operation safety of processor and CPU chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111177805A true CN111177805A (en) | 2020-05-19 |
| CN111177805B CN111177805B (en) | 2023-10-03 |
Family
ID=70656387
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911278710.XA Active CN111177805B (en) | 2019-12-12 | 2019-12-12 | Method and device for improving operation safety of processor and CPU chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111177805B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6430667B1 (en) * | 2000-04-13 | 2002-08-06 | International Business Machines Corporation | Single-level store computer incorporating process-local address translation data structures |
| US20070067602A1 (en) * | 2005-09-16 | 2007-03-22 | Callister James R | Mitigating context switch cache miss penalty |
| CN102508713A (en) * | 2011-10-12 | 2012-06-20 | 杭州华三通信技术有限公司 | Progress starting method, kernel and progress |
| CN103197962A (en) * | 2012-01-04 | 2013-07-10 | 中国移动通信集团公司 | Multi-process state switching method and device |
| CN104007993A (en) * | 2014-06-11 | 2014-08-27 | 中国科学院信息工程研究所 | Method and device for eliminating sensitive data of Linux system memory |
| CN104838355A (en) * | 2012-12-21 | 2015-08-12 | 英特尔公司 | Mechanism to provide high performance and fairness in multi-threading computer system |
| CN106130719A (en) * | 2016-07-21 | 2016-11-16 | 中国科学院信息工程研究所 | A kind of cryptographic algorithm multinuclear implementation method resisting memory overflow attack and device |
-
2019
- 2019-12-12 CN CN201911278710.XA patent/CN111177805B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6430667B1 (en) * | 2000-04-13 | 2002-08-06 | International Business Machines Corporation | Single-level store computer incorporating process-local address translation data structures |
| US20070067602A1 (en) * | 2005-09-16 | 2007-03-22 | Callister James R | Mitigating context switch cache miss penalty |
| CN102508713A (en) * | 2011-10-12 | 2012-06-20 | 杭州华三通信技术有限公司 | Progress starting method, kernel and progress |
| CN103197962A (en) * | 2012-01-04 | 2013-07-10 | 中国移动通信集团公司 | Multi-process state switching method and device |
| CN104838355A (en) * | 2012-12-21 | 2015-08-12 | 英特尔公司 | Mechanism to provide high performance and fairness in multi-threading computer system |
| CN104007993A (en) * | 2014-06-11 | 2014-08-27 | 中国科学院信息工程研究所 | Method and device for eliminating sensitive data of Linux system memory |
| CN106130719A (en) * | 2016-07-21 | 2016-11-16 | 中国科学院信息工程研究所 | A kind of cryptographic algorithm multinuclear implementation method resisting memory overflow attack and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111177805B (en) | 2023-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kiriansky et al. | Speculative buffer overflows: Attacks and defenses | |
| Lipp et al. | Meltdown: Reading kernel memory from user space | |
| Fei et al. | Security vulnerabilities of SGX and countermeasures: A survey | |
| Canella et al. | A systematic evaluation of transient execution attacks and defenses | |
| Lipp et al. | Meltdown | |
| Schwarz et al. | Store-to-leak forwarding: leaking data on meltdown-resistant CPUs (updated and extended version) | |
| Irazoqui et al. | S $ A: A shared cache attack that works across cores and defies VM sandboxing--and its application to AES | |
| EP3738058B1 (en) | Defending against speculative execution exploits | |
| Tang et al. | Unsupervised anomaly-based malware detection using hardware features | |
| CN102592082B (en) | Security through opcode randomization | |
| CN110659071A (en) | Effective mitigation of side-channel based attacks against speculative execution processing architectures | |
| CN105260659B (en) | A kind of kernel level code reuse type attack detection method based on QEMU | |
| US9058492B1 (en) | Techniques for reducing executable code vulnerability | |
| CN109643346B (en) | Control flow integrity | |
| JP2021504800A (en) | Encoding the input to the branch prediction circuit | |
| CN111989679A (en) | Injecting trap code in an execution path of a process executing a program to generate a trap address range to detect potentially malicious code | |
| WO2018063756A1 (en) | System, apparatus and method for performing on-demand binary analysis for detecting code reuse attacks | |
| US20210150028A1 (en) | Method of defending against memory sharing-based side-channel attacks by embedding random value in binaries | |
| Chen et al. | AfterImage: Leaking control flow data and tracking load operations via the hardware prefetcher | |
| CN107194246A (en) | A kind of CPU for being used to realize dynamic instruction sets randomization | |
| Kim et al. | Reinforcing meltdown attack by using a return stack buffer | |
| US20070083770A1 (en) | System and method for foiling code-injection attacks in a computing device | |
| Park et al. | Microarchitectural protection against stack-based buffer overflow attacks | |
| CN111177805A (en) | Method and device for improving operation safety of processor and CPU chip | |
| Fetzer et al. | Switchblade: enforcing dynamic personalized system call models |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 300 000 Tianjin Binhai New Area Tianjin Huayuan Industrial Zone No. 18 Haitai West Road North 2-204 industrial incubation-3-8 Applicant after: Haiguang Information Technology Co.,Ltd. Address before: 300 000 Tianjin Binhai New Area Tianjin Huayuan Industrial Zone No. 18 Haitai West Road North 2-204 industrial incubation-3-8 Applicant before: HAIGUANG INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |