CN111475207B - TPM and TCM universal server chip initialization method, system, BIOS and storage medium - Google Patents

TPM and TCM universal server chip initialization method, system, BIOS and storage medium Download PDF

Info

Publication number
CN111475207B
CN111475207B CN202010154861.0A CN202010154861A CN111475207B CN 111475207 B CN111475207 B CN 111475207B CN 202010154861 A CN202010154861 A CN 202010154861A CN 111475207 B CN111475207 B CN 111475207B
Authority
CN
China
Prior art keywords
tpm
tcm
pull
server
parameter information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010154861.0A
Other languages
Chinese (zh)
Other versions
CN111475207A (en
Inventor
叶明洋
程世超
王鹏
孙珑玲
刘闻禹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Inspur Intelligent Technology Co Ltd
Original Assignee
Suzhou Inspur Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Inspur Intelligent Technology Co Ltd filed Critical Suzhou Inspur Intelligent Technology Co Ltd
Priority to CN202010154861.0A priority Critical patent/CN111475207B/en
Publication of CN111475207A publication Critical patent/CN111475207A/en
Application granted granted Critical
Publication of CN111475207B publication Critical patent/CN111475207B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4411Configuring for operating with peripheral devices; Loading of device drivers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides a TPM and TCM universal server chip initialization method, a system, a BIOS and a storage medium, which all comprise: when the TPM/TCM is set in the BIOS initialization server, calling the BMC to read the pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card and recording the pull-up and pull-down resistance codes as index codes; according to the index code, code indexing is carried out on a pre-established security chip configuration file, reference values of all relevant configuration information on a TPM/TCM working line in a server are found out and are recorded as parameter information to be configured; and initializing corresponding parameters in the ME firmware of the server by using the found parameter information to be configured. The method and the device are used for increasing the convenience of TPM/TCM chip configuration in the initialization server.

Description

TPM and TCM universal server chip initialization method, system, BIOS and storage medium
Technical Field
The invention relates to the field of servers, in particular to a TPM and TCM universal server chip initialization method, a TPM and TCM universal server chip initialization system, a BIOS and a storage medium.
Background
With the continuous development of information technology, most servers currently support TPM (Trusted Platform Module) and TCM (Trusted cryptography Module), both of which aim to protect system security.
TPM is a Trusted chip introduced by the international Trusted Computing Group (Trusted Computing Group) and uses an asymmetric encryption algorithm inside it. The TCM is a TPM/TCM based on Chinese standards and provided by the national password administration in combination with the domestic IT enterprises, and provides the same key function service as the TPM. However, the TCM is based on different cryptosystems, replaces asymmetric cryptographic algorithms and hash algorithms, introduces symmetric cryptographic algorithms and changes protocols.
Hardware interfaces (basically, SPI interfaces) of the TCM and the TPM can be compatibly set, and when the TCM and the TPM are used specifically, an SPI interface on the server is often used, and the TCM can be plugged in, or the TPM can be plugged in when needed (or vice versa), but working frequencies on working lines of the TCM and the TPM are different. And for different manufacturers, the parameters on the working lines (basically all SPI buses) corresponding to the TCM and the TPM are different. Based on this, at present, to initialize configuration of each relevant configuration information on the working lines of the TCM and the TPM, usually, a BIOS (Basic Input Output System) is changed first, and then the BIOS is refreshed to the server, and different refreshes need to be performed for different chips, which is time-consuming and labor-consuming, relatively complex, and inconvenient to initialize. Therefore, the invention provides a TPM and TCM universal server chip initialization method, a system, a BIOS and a storage medium, which are used for solving the problems.
Disclosure of Invention
In view of the above disadvantages of the prior art, the present invention provides an initialization method, system, BIOS and storage medium for TPM and TCM universal server chips, which are used to increase the convenience of TPM/TCM chip configuration in the initialization server.
In a first aspect, the present invention provides a TPM and TCM universal server chip initialization method, including the steps of:
p1, when the TPM/TCM is set in the BIOS initialization server, calling a BMC (Baseboard management Controller) to read pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card, and recording the pull-up and pull-down resistance codes as index codes;
p2, according to the index code, coding index is carried out on the pre-established security chip configuration file, the reference value of each relevant configuration information on the TPM/TCM working line in the server is found out and is marked as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
p3, initializing corresponding parameters in the server ME (Intel Management Engine) firmware by using the found parameter information to be configured.
Further, step P3 specifically includes:
step P31, reading each relevant configuration information on the TPM/TCM working line stored in the ME firmware, and recording as original parameter information;
step P32, determining whether the original parameter information is consistent with the parameter information to be configured: if not, updating the original parameter information stored in the ME firmware by using the parameter information to be configured, and then executing the step P33;
and step P33, restarting the server system.
Further, in step P2, according to the index code, code indexing is performed on the pre-established security chip configuration file to find out the reference value of each related configuration information on the TPM/TCM working line in the server, which specifically includes:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
Further, in step P1, the BMC is called by the IPMI command to read the pull-down resistor code of the TPM/TCM from the TPM/TCM board.
In a second aspect, the present invention provides a TPM and TCM universal server chip initialization system, which includes:
the first unit is used for calling the BMC to read a pull-up and pull-down resistor code of the TPM/TCM from the TPM/TCM board card and recording the pull-up and pull-down resistor code as an index code when the TPM/TCM is set in the BIOS initialization server;
the second unit is used for coding and indexing the pre-established security chip configuration file according to the index codes, finding out the reference value of each relevant configuration information on the TPM/TCM working line in the server and recording the reference value as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
and the third unit is used for initializing corresponding parameters in the ME firmware of the server by using the found parameter information to be configured.
Further, the third unit includes:
the original parameter information acquisition module reads each piece of relevant configuration information on a TPM/TCM working line stored in the ME firmware and records the configuration information as original parameter information;
the judging module is used for judging whether the original parameter information is consistent with the parameter information to be configured;
the initialization module updates the original parameter information stored in the ME firmware by using the parameter information to be configured when the judgment result of the judgment module is negative;
and the restarting module is used for restarting the server system after the initialization module updates the parameter information to be configured to the ME firmware.
Further, the second unit, according to the index code, performs code indexing on the pre-established security chip configuration file to find out the reference value of each relevant configuration information on the TPM/TCM working line in the server, including the steps of:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
Furthermore, the first unit calls the BMC to read the pull-up and pull-down resistor codes of the TPM/TCM from the TPM/TCM board card through the IPMI instruction.
In a third aspect, the present invention provides a BIOS having the system of the above aspects integrated therein.
In a fourth aspect, the present invention provides a computer storage medium having stored therein instructions, which when run on a computer, cause the computer to perform the method of the above aspects.
The beneficial effect of the invention is that,
the initialization method, the system, the BIOS and the storage medium of the TPM and TCM universal server chip can initialize the corresponding parameters in the ME firmware of the server by adopting the collected information of the parameters to be configured, avoid setting the configuration information on the working line of the TCM/TPM by updating the BIOS version mode, are suitable for the initialization of the configuration information on the TPM working line in the server, are also suitable for the initialization of the configuration information on the TCM working line in the server, avoid refreshing the BIOS aiming at the TCM/TPM, save time and labor, are convenient to use, and increase the convenience of the configuration information on the TPM/TCM working line in the initialization server to a certain extent.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
FIG. 2 is a schematic block diagram of a system of one embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1:
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention. The execution subject of the method 100 may be the BIOS of the server to be initialized with the TCM/TPM chip.
As shown in fig. 1, the method 100 includes:
step 110, when the TPM/TCM is set in the BIOS initialization server, calling the BMC to read the pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card and recording the pull-up and pull-down resistance codes as index codes;
step 120, according to the index code, code indexing is carried out on the pre-established security chip configuration file, and the reference value of each relevant configuration information on the TPM/TCM working line in the server is found and recorded as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
and step 130, initializing corresponding parameters in the server ME firmware by using the found parameter information to be configured.
Optionally, step 130 specifically includes:
step 1301, reading each piece of relevant configuration information on a TPM/TCM working line stored in the ME firmware, and recording the configuration information as original parameter information;
step 1302, determining whether the original parameter information is consistent with the parameter information to be configured: if not, updating the original parameter information stored in the ME firmware by using the parameter information to be configured, and then executing step 1303;
and step 1303, restarting the server system.
Optionally, in step 1302, if it is determined that the original parameter information is consistent with the parameter information to be configured, step 1304 is executed: the chip initialization is finished.
Optionally, in step 120, according to the index code, code indexing is performed on the pre-established security chip configuration file to find the reference value of each relevant configuration information on the TPM/TCM working line in the server, which specifically includes:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
Optionally, in step 110, the IPMI instruction calls the BMC to read the pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board.
For the convenience of understanding the present invention, the principle of the initialization method of the TPM and TCM universal server chip according to the present invention is taken as an example to initialize the configuration information of the first TPM (hereinafter referred to as "target TPM") (the TPM/TCM in other servers is also applicable), and the initialization method of the TPM and TCM universal server chip according to the present invention is further described below.
Specifically, the initialization method of the TPM and TCM universal server chip includes:
step S1: when the TPM/TCM is set in the BIOS initialization server, the BMC is called to read the pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card and record the pull-up and pull-down resistance codes as index codes.
And powering on the server A, when the BIOS initializes the target TPM, sending a query instruction to the BMC through the IPMI instruction by the BIOS, and reading a pull-down resistance code of the target TPM from a target TPM board card (namely, a board card where the target TPM is located) through the BMC.
The pull-down resistance code read to the target TPM in this embodiment is a code G.
It should be noted that, in the server, each TPM/TCM is provided with a pull-up/pull-down resistor code, which is stored on the board where the TPM/TCM is located, and which is used to distinguish different TPMs and/or TCMs. The pull-up and pull-down resistor coding in this embodiment adopts binary coding, and each bit number in the coding represents a predefined code of a pull-up resistor or a pull-down resistor, where for each bit number in the coding: "0" indicates the code of its corresponding pull-down resistor, and "1" indicates the code of its corresponding pull-up resistor.
Step S2: and according to the index codes, carrying out code index on the pre-established security chip configuration file, finding out the reference value of each relevant configuration information on the TPM/TCM working line in the server, and recording as the parameter information to be configured.
In this embodiment, the security chip configuration file pre-established is a security chip configuration file F. The working circuit of the target TPM in the server and the working circuits of all the reference security chips in the security chip configuration file F are SPI buses.
For the server a, the security chip configuration file F is pre-configured with 5 (the number of which can be increased or decreased according to the actual situation) pieces of relevant configuration information on the working lines of different reference security chips, and the configuration information on the working lines of the reference security chips includes a pull-down resistance coding reference value corresponding to the reference security chip and an operating frequency reference value corresponding to the reference security chip.
The pull-up and pull-down resistance coding reference values of the 5 different reference safety chips are respectively as follows: code K1, code K2, code K3, code K4 and code K5. The code K5, the code K1, the code K2, the code K3 and the code K4 are different. In this embodiment, the code K1 is the same as the code G.
In order to ensure that the initialization work is performed normally, when configuring the security chip configuration file, a person skilled in the art can configure as many frequently used reference security chips as possible in the security chip configuration file in advance according to actual conditions or experience on the premise of meeting the initialization requirement, so as to increase the application range of the method 100.
Further, in order to ensure the normal operation of the initialization operation, a person skilled in the art may regularly maintain the security chip configuration file according to the actual situation.
In this embodiment, the BIOS performs code indexing on the security chip configuration file F according to the code M, finds a reference value of each piece of relevant configuration information on a working line of a target TPM in the server, and records the reference value as the to-be-configured parameter information H.
In this embodiment, the BIOS performs code indexing on the pre-established security chip configuration file according to the code M to find out each piece of relevant configuration information on the working line of the target TPM, which specifically includes:
a step L1 of assigning said code G to X; x is a preset variable;
l2, finding out each piece of relevant configuration information on the working line of the reference security chip corresponding to the value of X in the security chip configuration file, that is, finding out each piece of relevant configuration information on the working line of the reference security chip corresponding to the code K1 stored in the security chip configuration file, where the found out each piece of relevant configuration information is the parameter information H to be configured.
Before the step L1 is executed, the following settings may be performed in advance in the BIOS, so as to facilitate the step L2 to find out each piece of relevant configuration information on the working line of the reference security chip corresponding to the value of X in the security chip configuration file:
when X is the code K5, finding out the relevant configuration information on the working circuit of the reference security chip corresponding to the code K5 in the security chip configuration file;
when X is the code K4, finding out the relevant configuration information on the working circuit of the reference security chip corresponding to the code K4 in the security chip configuration file;
when X is the code K3, finding out the relevant configuration information on the working circuit of the reference security chip corresponding to the code K3 in the security chip configuration file;
when X is the code K2, finding out each relevant configuration information on the working circuit of the reference security chip corresponding to the code K2 in the security chip configuration file;
when X is equal to the code K1, the relevant configuration information on the working line of the reference security chip corresponding to the code K1 in the security chip configuration file is found out.
The use of variable X speeds up the execution rate to some extent.
Step S3 is then performed.
Step S3: and initializing corresponding parameters in the ME firmware of the server by using the found parameter information to be configured. The step S3 specifically includes:
step S31, reading each relevant configuration information on the working line of the target TPM stored in the ME firmware in the server A, and recording as original parameter information 1;
step S32, determining whether the original parameter information 1 is consistent with the parameter information H to be configured:
if yes, go to step S34;
if not, updating the original parameter information 1 in the ME firmware with the parameter information H to be configured, and then executing step S33.
And step S33, restarting the server system of the server A.
In this embodiment, after the step S33 is completed, the step S34 is continuously executed.
Step S34: the target TPM initialization ends.
In summary, the method 100 avoids the BIOS refresh for the TCM/TPM, saves time and labor, is convenient to use, and increases convenience for initializing each relevant parameter on the TPM/TCM working line in the server.
Example 2:
FIG. 2 is a diagram of an embodiment of a TPM and TCM universal server chip initialization system according to the present invention.
As shown in fig. 2, the system 200 includes:
the first unit 201 calls the BMC to read pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card and records the pull-up and pull-down resistance codes as index codes when the TPM/TCM is set in the BIOS initialization server;
the second unit 202, according to the index code, performs code indexing on the pre-established security chip configuration file, finds out the reference value of each relevant configuration information on the TPM/TCM working line in the server, and records as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
the third unit 203 initializes the corresponding parameters in the server ME firmware by using the found parameter information to be configured.
Optionally, the third unit 203 comprises:
an original parameter information obtaining module 2031, configured to read each piece of relevant configuration information on the TPM/TCM working line stored in the ME firmware, and record the configuration information as original parameter information;
the judging module 2032 is configured to judge whether the original parameter information is consistent with the parameter information to be configured;
an initialization module 2033, configured to update the original parameter information stored in the ME firmware of the server with the to-be-configured parameter information if the determination result of the determination module 2032 is negative;
the restarting module 2034 restarts the server system after the initialization module 2033 updates the parameter information to be configured to the ME firmware.
Further, the third unit 203 further includes: an initialization ending module 2035 ends the initialization of the TPM/TCM in the server if the determination result of the determination module 2032 is yes.
Optionally, the second unit, according to the index code, performs code indexing on a pre-established security chip configuration file to find a reference value of each piece of relevant configuration information on a working line of the TPM/TCM in the server, including the steps of:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
Further, the first unit 202 calls the BMC to read the pull-up and pull-down resistor codes of the TPM/TCM from the TPM/TCM board through the IPMI command.
Example 3:
the present invention further provides a BIOS, in which the system 200 described in embodiment 2 is integrated.
Example 4:
the present invention also provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in embodiment 1 provided by the present invention when executed.
The same and similar parts in the various embodiments in this specification may be referred to each other.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (9)

1. A TPM and TCM universal server chip initialization method is characterized by comprising the following steps:
p1, when setting TPM/TCM in BIOS initialization server, calling BMC to read TPM/TCM pull-up resistance code from TPM/TCM board card, and recording as index code;
p2, according to the index code, coding index is carried out on the pre-established security chip configuration file, the reference value of each relevant configuration information on the TPM/TCM working line in the server is found out and is marked as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value corresponding to the reference safety chip and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
and P3, initializing corresponding parameters in the ME firmware of the server by using the found parameter information to be configured.
2. The TPM and TCM universal server chip initialization method according to claim 1, wherein step P3 specifically includes:
step P31, reading each relevant configuration information on the TPM/TCM working line stored in the ME firmware, and recording as original parameter information;
step P32, determining whether the original parameter information is consistent with the parameter information to be configured: if not, updating the original parameter information stored in the ME firmware by using the parameter information to be configured, and then executing the step P33;
and step P33, restarting the server system.
3. The TPM and TCM universal server chip initialization method according to claim 2, wherein in step P2, according to the index code, the code index is performed on the pre-established security chip configuration file to find out the reference value of each related configuration information on the TPM/TCM working line in the server, which specifically includes:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
4. The TPM and TCM universal server chip initialization method according to claim 1, 2 or 3, wherein in step P1, the BMC is called by IPMI command to read the TPM/TCM pull-up and pull-down resistance codes from the TPM/TCM board card.
5. A TPM and TCM universal server chip initialization system, the system comprising:
the first unit is used for calling the BMC to read a pull-up and pull-down resistor code of the TPM/TCM from the TPM/TCM board card and recording the pull-up and pull-down resistor code as an index code when the TPM/TCM is set in the BIOS initialization server;
the second unit is used for coding and indexing the pre-established security chip configuration file according to the index codes, finding out the reference value of each relevant configuration information on the TPM/TCM working line in the server and recording the reference value as the parameter information to be configured; the security chip configuration file is pre-provided with relevant configuration information on the working circuit of a corresponding number of reference security chips; the reference security chip comprises a corresponding number of TPM reference security chips and a corresponding number of TCM reference security chips; the configuration information on the working circuit of each reference safety chip comprises a pull-up and pull-down resistance coding reference value and a working frequency reference value corresponding to the reference safety chip; the pull-up and pull-down resistance coding reference values of all the reference safety chips are all different, and are used for uniquely identifying the corresponding reference safety chips; the TPM/TCM working line in the server and the working lines of all the reference security chips are the same;
and the third unit is used for initializing corresponding parameters in the ME firmware of the server by using the found parameter information to be configured.
6. The TPM and TCM universal server chip initialization system according to claim 5, wherein the third unit comprises:
the original parameter information acquisition module reads each piece of relevant configuration information on a TPM/TCM working line stored in the ME firmware and records the configuration information as original parameter information;
the judging module is used for judging whether the original parameter information is consistent with the parameter information to be configured;
the initialization module updates the original parameter information stored in the ME firmware by using the parameter information to be configured when the judgment result of the judgment module is negative;
and the restarting module is used for restarting the server system after the initialization module updates the parameter information to be configured to the ME firmware.
7. The TPM and TCM universal server chip initialization system according to claim 6, wherein the second unit, according to the index code, performs code indexing on the pre-established security chip configuration file to find the reference value of each related configuration information on the TPM/TCM working line in the server, comprising the steps of:
assigning the index code to X; x is a preset variable;
and finding out each relevant configuration information on the working line of the corresponding reference security chip corresponding to the X value stored in the security chip configuration file.
8. The TPM and TCM universal server chip initialization system according to claim 5, 6 or 7, wherein the first unit calls the BMC to read the pull-up and pull-down resistance codes of the TPM/TCM from the TPM/TCM board card through the IPMI command.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-4.
CN202010154861.0A 2020-03-08 2020-03-08 TPM and TCM universal server chip initialization method, system, BIOS and storage medium Active CN111475207B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010154861.0A CN111475207B (en) 2020-03-08 2020-03-08 TPM and TCM universal server chip initialization method, system, BIOS and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010154861.0A CN111475207B (en) 2020-03-08 2020-03-08 TPM and TCM universal server chip initialization method, system, BIOS and storage medium

Publications (2)

Publication Number Publication Date
CN111475207A CN111475207A (en) 2020-07-31
CN111475207B true CN111475207B (en) 2022-05-13

Family

ID=71747220

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010154861.0A Active CN111475207B (en) 2020-03-08 2020-03-08 TPM and TCM universal server chip initialization method, system, BIOS and storage medium

Country Status (1)

Country Link
CN (1) CN111475207B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103119554A (en) * 2010-07-22 2013-05-22 英特尔公司 Providing platform independent memory logic
CN105205401A (en) * 2015-09-30 2015-12-30 中国人民解放军信息工程大学 Trusted computer system based on safe password chip and trusted guiding method thereof
CN110032399A (en) * 2019-04-15 2019-07-19 苏州浪潮智能科技有限公司 A kind of TPM initial method and relevant apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103119554A (en) * 2010-07-22 2013-05-22 英特尔公司 Providing platform independent memory logic
CN105205401A (en) * 2015-09-30 2015-12-30 中国人民解放军信息工程大学 Trusted computer system based on safe password chip and trusted guiding method thereof
CN110032399A (en) * 2019-04-15 2019-07-19 苏州浪潮智能科技有限公司 A kind of TPM initial method and relevant apparatus

Also Published As

Publication number Publication date
CN111475207A (en) 2020-07-31

Similar Documents

Publication Publication Date Title
WO2015081864A1 (en) Method and device for monitoring emmc
CN113826073B (en) Dynamically configurable baseboard management controller
US8863109B2 (en) Updating secure pre-boot firmware in a computing system in real-time
CN102467440A (en) Internal memory error detection system and method
TWI750442B (en) Firmware security guarding method and electronic system using the same
EP2680137A1 (en) Method and system for managing bios configuration data of basic input/output system
TW201818258A (en) Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit
CN104850792A (en) Establishment method and apparatus of trust chain of server
CN102136043A (en) Computer system and measuring method thereof
US9032401B2 (en) Virtual computer system having a first virtual computer that executes a protected process, a second virtual computer that executes an unprotected process, and a hypervisor that controls the first and second virtual computers
US20110238818A1 (en) Baseboard management controller and network configuration method of the baseboard management controller
US20170093896A1 (en) Techniques for radio frequency identification (rfid) input/output (i/o) port management
US9338057B2 (en) Techniques for searching data associated with devices in a heterogeneous data center
CN103530548A (en) Embedded terminal dependable starting method based on mobile dependable computing module
CN105930199A (en) Virtual machine monitor local integrity detection system and implementation method
US20170262388A1 (en) Method for data transmission and server for implementing the method
WO2020145944A1 (en) Securing node groups
EP3185166A1 (en) Trusted metric method and device
CN105260202A (en) Client file updating method and system
CN111767270A (en) Data migration method, device, server and storage medium
CN114296768A (en) Air conditioner parameter updating method and device, air conditioner and storage medium
CN110704198A (en) Data operation method, device, storage medium and processor
CN111475207B (en) TPM and TCM universal server chip initialization method, system, BIOS and storage medium
WO2020113562A1 (en) Computing power control method, apparatus and device, and storage medium
CN109901664A (en) Method, apparatus, system, equipment and the readable storage medium storing program for executing of clock signal are provided

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant