CN111967065A - Data protection method, processor and electronic equipment - Google Patents

Data protection method, processor and electronic equipment Download PDF

Info

Publication number
CN111967065A
CN111967065A CN202010828279.8A CN202010828279A CN111967065A CN 111967065 A CN111967065 A CN 111967065A CN 202010828279 A CN202010828279 A CN 202010828279A CN 111967065 A CN111967065 A CN 111967065A
Authority
CN
China
Prior art keywords
written
page data
page
physical address
metadata
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010828279.8A
Other languages
Chinese (zh)
Other versions
CN111967065B (en
Inventor
姜莹
王海洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Haiguang Information Technology Co Ltd
Original Assignee
Haiguang Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Haiguang Information Technology Co Ltd filed Critical Haiguang Information Technology Co Ltd
Priority to CN202010828279.8A priority Critical patent/CN111967065B/en
Publication of CN111967065A publication Critical patent/CN111967065A/en
Application granted granted Critical
Publication of CN111967065B publication Critical patent/CN111967065B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)

Abstract

The application relates to a data protection method, a processor and electronic equipment, and belongs to the technical field of computers. The method comprises the following steps: a hardware acceleration module receives a memory page swap-in request sent by a security processor; the method comprises the steps of taking out page data to be written from a source address of a page to be swapped in, generating a message authentication code based on the page data to be written, obtaining a metadata address corresponding to a target physical address according to a pre-established corresponding relation, and taking out metadata from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory, and comprises the message authentication code; generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written; and after the page data to be written passes the security verification, writing the page data to be written into the address space pointed by the destination physical address. The method can improve the efficiency of memory page swap-in/swap-out.

Description

Data protection method, processor and electronic equipment
Technical Field
The application belongs to the technical field of computers, and particularly relates to a data protection method, a processor and electronic equipment.
Background
The virtualization technology is one of core technologies of cloud computing, and resources of one computer can be flexibly divided into a plurality of virtual machines according to requirements through virtualization and are provided for a plurality of different users to use at the same time, so that the utilization rate of hardware resources is effectively improved, and the use cost is reduced. The quality of virtualization is related to the stability, performance and security of a Virtual Machine (VM), and the security in virtualization relates to various aspects such as memory, storage, Input/Output (I/O), etc., wherein the protection of the memory is particularly important, and the running of all programs in a computer is performed in the memory, but due to the limitation of the memory size, when the memory is insufficient, some data must be moved from the memory to a disk, which is called swap-out, and when a new process is started, the process is moved from the disk to a memory space, which is called swap-in.
In the prior art, when a main Central Processing Unit (CPU) in a Processor needs to swap in/out a memory page, a memory page swap-in/swap-out request (which carries a source address and a destination address) is sent to a secure Processor (PSP) in an integrated Chip (SOC). When the safety processor receives a memory page swap-out request, page data is taken out from a source address storing a page to be swapped out, encrypted and written to a specified destination address; when the page is changed, the memory page data is obtained from the source address of the page to be changed, then the memory page data is decrypted, and then the decrypted memory page data is written into the appointed destination address. When the existing memory page is swapped out or swapped in, the swapped out page data needs to be encrypted and the swapped in page data needs to be decrypted by depending on the security processor, and because the security processor encrypts and decrypts the data in a software program mode, a large amount of computing resources are occupied, and therefore the swapping in/out efficiency is not high.
Disclosure of Invention
In view of the above, an object of the present application is to provide a data protection method, a processor and an electronic device, so as to solve the problem of low swap-in/swap-out efficiency caused by the conventional security processor being relied on to encrypt swapped-out page data and decrypt swapped-in page data.
The embodiment of the application is realized as follows:
in a first aspect, an embodiment of the present application provides a data protection method, which is applied to a processor, where the processor includes: a secure processor and a hardware acceleration module, the method comprising: the hardware acceleration module receives a memory page swap-in request sent by the security processor, wherein the memory page swap-in request comprises a source address of a page to be swapped in and a destination physical address for storing the page to be swapped in; the hardware acceleration module takes out page data to be written from a source address of the page to be swapped in, generates a message authentication code based on the page data to be written, obtains a metadata address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and a metadata address, and takes out metadata from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory, and comprises the message authentication code; the hardware acceleration module generates a message authentication code and a message authentication code in the metadata based on the page data to be written, and carries out security verification on the page data to be written; and after the page data to be written passes the security verification, the hardware acceleration module writes the page data to be written into the address space pointed by the destination physical address. In the embodiment of the application, a hardware acceleration module is added in a processor to assist a security processor to perform data swap-in and swap-out operations, so that the swap-in/swap-out efficiency of a memory page is improved, meanwhile, the security of data is not guaranteed in a simple encryption and decryption mode any more, metadata including a message authentication code MAC is generated when the data is swapped out, when the data is swapped in, security check is performed on the data to be swapped in based on the MAC generated by the data to be swapped in and the MAC generated when the data is swapped out, only after the check passes, writing is performed, and the security of the data is improved.
With reference to a possible implementation manner of the embodiment of the first aspect, generating a message authentication code based on the to-be-written page data and a message authentication code in the metadata, and performing security verification on the to-be-written page data includes: comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, representing that the page data to be written passes the safety verification. In the embodiment of the application, the message authentication code generated based on the page data to be written is compared with the message authentication code in the metadata, so that the safety verification of the page data to be written can be quickly realized, and the efficiency is improved.
With reference to a possible implementation manner of the embodiment of the first aspect, the page data to be written is virtual machine data, and the metadata further includes a virtual machine physical address corresponding to the page data to be written; the method further comprises the following steps: the hardware acceleration module obtains a virtual machine physical address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; correspondingly, generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written, including: and generating a message authentication code based on the page data to be written, the message authentication code in the metadata, the virtual machine physical address corresponding to the target physical address and the virtual machine physical address in the metadata, and performing security verification on the page data to be written. In the embodiment of the application, when the page data to be written is virtual machine data, the virtual machine physical address is further taken into consideration, and when the page data to be swapped in is verified, a message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address and a virtual machine physical address in the metadata are generated based on the page data to be written, and the page data to be written is subjected to security verification, so that the security of the data is further improved.
With reference to a possible implementation manner of the embodiment of the first aspect, generating a message authentication code based on the to-be-written page data, a message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address, and a virtual machine physical address in the metadata, and performing security verification on the to-be-written page data includes: comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata, and comparing a virtual machine physical address corresponding to the target physical address with a virtual machine physical address in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, and the physical address of the virtual machine corresponding to the target physical address is consistent with the physical address of the virtual machine in the metadata, representing that the page data to be written passes the security verification. In the embodiment of the application, the message authentication code generated based on the page data to be written is compared with the message authentication code in the metadata, and the virtual machine physical address corresponding to the target physical address is compared with the virtual machine physical address in the metadata, so that the safety verification of the page data to be written can be quickly realized, and the efficiency is improved.
With reference to a possible implementation manner of the embodiment of the first aspect, the memory page swap-in request further includes: an address space identifier ASID; generating a message authentication code based on the to-be-written page data, including: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be written by using the encryption key, and performing hash operation on the encrypted page data to be written based on the initial vector to generate a hash value, wherein the hash value is the message authentication code. In the embodiment of the application, the ASID is carried in the memory page swap-in request, so that when the MAC is generated based on the page data to be written in, the encryption key corresponding to the ASID and the initial vector used for the hash algorithm can be dynamically selected according to the ASID to generate, the data security is improved, and the risk of tampering is reduced.
With reference to one possible implementation manner of the embodiment of the first aspect, the acquiring an encryption key corresponding to the ASID includes: obtaining an initial key according to the ASID; and carrying out nonlinear transformation on the initial key and a physical address of a memory to obtain the encryption key. In the embodiment of the present application, an initial key obtained according to the ASID is subjected to nonlinear transformation with a physical address of the memory to be used as an encryption key, so as to further enhance security.
With reference to one possible implementation manner of the embodiment of the first aspect, the method further includes: the hardware acceleration module receives a memory page swap-out request sent by the security processor, where the memory page swap-out request includes: the method comprises the steps that a source physical address of a page to be swapped out and a destination address for storing the page to be swapped out are obtained; the hardware acceleration module takes out the data of the page to be swapped out from the source physical address of the page to be swapped out and writes the data of the page to be swapped out into the address space pointed by the destination address; and generating a message authentication code based on the page data to be swapped out, acquiring a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into an address space pointed by the metadata address as a part of the metadata. In the embodiment of the application, when the data is swapped out, the message authentication code is generated based on the page data to be swapped out, and is stored in the address space pointed by the metadata address as a part of the metadata, so that when the data is swapped in, the security check is performed on the page data to be swapped in based on the MAC generated based on the page data to be swapped in and the MAC generated when the data is swapped out, and the security of the data is ensured.
With reference to a possible implementation manner of the embodiment of the first aspect, the page data to be swapped out is virtual machine data, and the method further includes: obtaining a virtual machine physical address corresponding to the source physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; and writing a virtual machine physical address corresponding to the source physical address as a part of the metadata into an address space pointed by the metadata address. In the embodiment of the application, the page data to be swapped out is virtual machine data, and when swapping out, the virtual machine physical address corresponding to the source physical address is also written into the address space pointed by the metadata address as a part of the metadata, so that when swapping in, the virtual machine physical address is also taken into consideration, and based on the page data to be written, a message authentication code in the metadata, the virtual machine physical address corresponding to the destination physical address, and the virtual machine physical address in the metadata are generated, and the page data to be written is subjected to security verification, so that the security of the data is further improved.
With reference to a possible implementation manner of the embodiment of the first aspect, the memory page swap-out request further includes: an address space identifier ASID; generating a message authentication code based on the to-be-swapped-out page data, comprising: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be swapped out by using the encryption key, and carrying out hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is the message authentication code. In the embodiment of the application, the ASID is carried in the memory page swap-out request, so that when the MAC is generated based on the page data to be swapped out, the encryption key corresponding to the ASID and the initial vector used for the hash algorithm can be dynamically selected according to the ASID to generate the MAC, the data security is improved, and the risk of tampering is reduced.
In a second aspect, an embodiment of the present application further provides a processor, including: a security processor, a hardware acceleration module; the hardware acceleration module is configured to receive a memory page swap-in request sent by the security processor, where the memory page swap-in request includes a source address of a page to be swapped in and a destination physical address where the page to be swapped in is stored; the system comprises a source address used for taking out page data to be written from the page to be swapped in, a message authentication code generated based on the page data to be written, a metadata address corresponding to the target physical address obtained according to the pre-established corresponding relation between the system physical address and the metadata address, and metadata taken out from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory and comprises the message authentication code; the system is used for generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written; and after the page data to be written passes the security verification, the method is also used for writing the page data to be written into the address space pointed by the destination physical address.
With reference to a possible implementation manner of the embodiment of the first aspect, the hardware acceleration module is configured to compare a message authentication code generated based on the to-be-written page data with a message authentication code in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, representing that the page data to be written passes the safety verification.
With reference to a possible implementation manner of the embodiment of the first aspect, the page data to be written is virtual machine data, and the metadata further includes a virtual machine physical address corresponding to the page data to be written; the hardware acceleration module is further configured to obtain a virtual machine physical address corresponding to the destination physical address according to a pre-established correspondence between a system physical address and a virtual machine physical address; correspondingly, the hardware acceleration module is configured to generate a message authentication code based on the to-be-written page data, the message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address, and a virtual machine physical address in the metadata, and perform security verification on the to-be-written page data.
With reference to a possible implementation manner of the embodiment of the first aspect, the hardware acceleration module is configured to compare a message authentication code generated based on the to-be-written page data with a message authentication code in the metadata, and compare a virtual machine physical address corresponding to the destination physical address with a virtual machine physical address in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, and the physical address of the virtual machine corresponding to the target physical address is consistent with the physical address of the virtual machine in the metadata, representing that the page data to be written passes the security verification.
With reference to a possible implementation manner of the embodiment of the first aspect, the memory page swap-in request further includes: an address space identifier ASID; the hardware acceleration module is configured to: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be written by using the encryption key, and performing hash operation on the encrypted page data to be written based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
With reference to one possible implementation manner of the embodiment of the first aspect, the hardware acceleration module is configured to: obtaining an initial key according to the ASID; and carrying out nonlinear transformation on the initial key and a physical address of a memory to obtain the encryption key.
With reference to a possible implementation manner of the embodiment of the first aspect, the hardware acceleration module is further configured to: receiving a memory page swap-out request sent by the security processor, where the memory page swap-out request includes: the method comprises the steps that a source physical address of a page to be swapped out and a destination address for storing the page to be swapped out are obtained; taking out the data of the page to be swapped out from the source physical address of the page to be swapped out, and writing the data of the page to be swapped out into an address space pointed by the destination address; and generating a message authentication code based on the page data to be swapped out, acquiring a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into an address space pointed by the metadata address as a part of the metadata.
With reference to a possible implementation manner of the embodiment of the first aspect, the page data to be swapped out is virtual machine data, and the hardware acceleration module is configured to: obtaining a virtual machine physical address corresponding to the source physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; and writing a virtual machine physical address corresponding to the source physical address as a part of the metadata into an address space pointed by the metadata address.
With reference to a possible implementation manner of the embodiment of the first aspect, the memory page swap-out request further includes: an address space identifier ASID; the hardware acceleration module is configured to: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be swapped out by using the encryption key, and carrying out hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a memory and the processor as provided in the embodiment of the second aspect and/or in connection with any possible implementation manner of the embodiment of the second aspect, the memory being connected to the processor.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the embodiments of the application. The objectives and other advantages of the application may be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts. The foregoing and other objects, features and advantages of the application will be apparent from the accompanying drawings. Like reference numerals refer to like parts throughout the drawings. The drawings are not intended to be to scale as practical, emphasis instead being placed upon illustrating the subject matter of the present application.
Fig. 1 shows a schematic diagram of interaction between a processor and a memory according to an embodiment of the present disclosure.
Fig. 2 shows a schematic structural diagram of a hardware acceleration module according to an embodiment of the present application.
Fig. 3 illustrates a schematic diagram of a principle of a virtual machine page swap-out process according to the embodiment of the present application.
Fig. 4 shows a schematic diagram of a virtual machine page swap-in process according to an embodiment of the present disclosure.
Fig. 5 shows a flowchart of a data protection method provided in an embodiment of the present application.
Fig. 6 shows a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, relational terms such as "first," "second," and the like may be used solely in the description herein to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Further, the term "and/or" in the present application is only one kind of association relationship describing the associated object, and means that three kinds of relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone.
In view of the fact that when the existing memory page is swapped out/in, the swapped out page data needs to be encrypted and the swapped in page data needs to be decrypted by depending on the security processor, because the security processor encrypts and decrypts the data in a software program mode, a large amount of operation resources are occupied, and therefore swapping in/out efficiency is not high. Based on this, an embodiment of the present application provides a data protection method, which assists a secure processor to perform data swap-in and swap-out operations by adding a hardware acceleration module in the processor, so as to improve memory page swap-in/swap-out efficiency.
For ease of understanding, the following description will be made with reference to the interaction diagram of the processor and the memory shown in fig. 1. The processor includes: a processor core (e.g., a CPU core), a Security subsystem (e.g., a psp (platform Security processor) subsystem in a processor), a hardware acceleration module, and a Memory Controller (UMC). The hardware acceleration module is used for generating Metadata (Metadata) based on the data to be migrated and completing the operation of checking the data to be migrated, so that the burden of a safety processor is reduced, and the memory page swapping-in/swapping-out efficiency is improved.
The processor core is connected with the safety processor and the memory controller, and the safety processor is also connected with the hardware acceleration module and the memory controller. Wherein, the hardware acceleration module and the security processor may be two independent integrated chips (SOCs), and as an implementation, the hardware acceleration module may be integrated in the security subsystem to reduce the volume of the circuit as much as possible, and then the security subsystem includes: a security processor and a hardware acceleration module as a control processor in the security subsystem.
The Memory may be a Double Data Rate (DDR) Memory, or other memories, such as a Random Access Memory (RAM), a Dynamic Random Access Memory (DRAM), or the like.
The Processor may be a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), an Accelerated Processing Unit (Accelerated Processing Unit), or other types of processors, such as a Network Processor (NP) and an application Processor, and of course, in some products, the application Processor is the CPU.
In the embodiment of the application, the number of the processor cores in the processor is at least one, so that the computing capability is improved, the stability of a system is improved, and the like, and even if a certain processor core is damaged, the stable operation can be ensured. Optionally, a Virtual Machine (VM) and a Virtual Machine Monitor (VMM) are deployed on at least one processor core. In hardware virtualization technology, a VMM is used to isolate the virtual system from the host hardware. The VMM may also be referred to as a virtual machine manager and may run directly on the system hardware or on the host operating system. The VMM performs the mapping from virtual resources to physical resources and performs computations using local physical resources. When the virtual system accesses the system resource, the VMM takes over the request and returns the processing result to the virtual machine system, thus realizing the virtualization of a plurality of hardware devices and ensuring the effective isolation of the virtual system. It should be noted that the data protection method provided in this embodiment of the present application is not limited to swap-in/swap-out protection of a memory page of a virtual machine, but may also be applied to swap-in/swap-out protection of a memory page of a non-virtual machine, and therefore, a scenario including a virtual machine and a virtual machine monitor, which is illustrated in fig. 1, cannot be understood as a limitation of this application.
When receiving an instruction sent by a CPU (processor core), if the instruction is identified as a memory page swap-in/swap-out instruction, the security processor sends a memory page swap-in/swap-out request to the hardware acceleration module so as to assist the CPU core to complete decryption and integrity verification of a swap-in page and encryption and integrity protection of a swap-out page. The memory page swap-in/swap-out request needs to carry relevant information required for completing the swap-in/swap-out operation, including but not limited to the following information:
a source Address of a page to be swapped in, or a source Physical Address of the page to be swapped out (a System Physical Address, SPA);
storing a target physical address (a physical address SPA of a memory system) of the page to be swapped in, or storing a target address of the page to be swapped out;
an Address Space Identifier (ASID), that is, an index value, used to obtain an encryption key, which may be a virtual machine tag, and may be carried in a source physical Address of a page to be swapped out or a destination physical Address for storing the page to be swapped in, according to system requirements;
identification of memory page swap in/out direction: swap in, or, swap out;
the identification bit used for indicating whether encryption or decryption is needed can be represented by one bit in the address;
the identification bit used for indicating whether the data to be swapped out or written in is virtual machine data can be represented by one bit in the address;
as well as other information necessary for messaging.
Before sending the memory page swap-in/swap-out request to the hardware acceleration module, the security processor may also issue the following information to the hardware acceleration module:
a corresponding relation (such as a relation table or a relation array) between a system physical address SPA and a Metadata (Metadata) address is established in advance;
a correspondence (such as a relationship table or a relationship array) between a system Physical Address SPA and a virtual machine Physical Address (GPA) established in advance;
and a pre-established correspondence (such as a relationship table or a relationship array) between the ASID and the key information and the initial vector.
The corresponding relation between the system physical address and the metadata address is used for searching a corresponding metadata address based on a source physical address of a page to be swapped out when swapping out, so that a Message Authentication Code (MAC) generated based on the page data to be swapped out is written into an address space pointed by the metadata address as a part of the metadata, and searching a corresponding metadata address based on a destination physical address for storing the page to be swapped in when swapping in, and acquiring the metadata generated during swapping out, so that the security verification is performed on the page data to be written in based on the Message Authentication Code in the acquired metadata and the Message Authentication Code generated based on the page data to be written in.
The corresponding relation between the system physical address and the virtual machine physical address is used for searching a corresponding virtual machine address (SPA can only correspond to unique GPA according to the management requirement of the secure virtual machine) based on a source physical address of a page to be swapped out when the page data to be written in or the page data to be swapped out is the virtual machine data so as to be written into an address space pointed by a metadata address as a part of the metadata, and searching the corresponding virtual machine address based on a target physical address for storing the page to be swapped in when swapping in so as to compare the virtual machine address with the virtual machine address in the metadata to verify the security of the data to be written in.
The established correspondence between the ASID and the key information and the initial vector is used for acquiring the corresponding key information and the initial vector based on the ASID in the swap-in or the swap-out when the ASID is swapped in or swapped out, so that the message authentication code is generated based on the page data to be swapped in or the page to be swapped out. For example, according to the corresponding relationship, key information corresponding to the ASID carried in the memory page swap-in/swap-out request and an initial vector for hash calculation are obtained, then, the page data to be written or the page data to be swapped out are encrypted by using the key information, and the encrypted page data to be written or the page data to be swapped out are subjected to hash calculation based on the initial vector, so that the message authentication code can be obtained.
The hardware acceleration module includes, but is not limited to, the following functions:
the method comprises the steps that a virtual machine physical address (GPA) searching function is carried out according to a System Physical Address (SPA), a hardware acceleration module obtains the GPA corresponding to the SPA configured by a security processor in a mode of searching a corresponding relation according to the corresponding relation between the SPA and the GPA, and the GPA is used as a part of Metadata and stored in a memory address of Metadata or used for verifying data to be written into a data page; performing a search function of a metadata address according to a System Physical Address (SPA), storing the metadata as protection data of the virtual machine into a memory, managing the metadata in the form of pages, wherein the position of the metadata in the memory is the same as that of other data; generating MAC according to the page data to be converted out, and storing the MAC as a part of Metadata into the memory address of the Metadata; obtaining or calculating a key used for generating a message authentication code MAC according to a certain method; generating MAC for the page to be swapped in and comparing the MAC with the MAC generated before the page is swapped out and taken out from the memory address of the Metadata so as to determine whether the data swapped in the memory is reliable or not; and the data moving function is used for moving the memory data from the source address to the destination address.
As shown in fig. 2, the hardware acceleration module includes:
a Direct Memory Access Controller (DMAC) that can Access a Memory, write data into the Memory, or read data from the Memory;
the address translation module is used for finding the GPA and Metadata addresses corresponding to the SPA according to the corresponding relation between the system physical address and the Metadata address and the corresponding relation between the system physical address and the virtual machine physical address;
the comparison module is used for comparing the MAC generated based on the page data to be written with the MAC code in the metadata and comparing the virtual machine physical address corresponding to the target physical address with the virtual machine physical address in the metadata;
and the MAC value generating module is used for generating the MAC based on the page data to be exchanged and the page data to be exchanged.
The direct memory access controller is connected with the address conversion module, the comparison module and the MAC value generation module respectively.
When the CPU core needs to swap out the memory page data, a memory page swap-out instruction is sent to a security subsystem in the SOC, a security processor (which is a control processor in the security subsystem) receives the memory page swap-out instruction sent by the CPU core, and sends a memory page swap-out request to a hardware acceleration module after recognizing that the instruction is the memory page swap-out instruction, wherein the memory page request comprises: the source physical address of the page to be swapped out and the destination address for storing the page to be swapped out. The hardware acceleration module is used for receiving a memory page swap-out request sent by the security processor, taking out page data to be swapped out from a source physical address of a page to be swapped out when the memory page swap-out request is identified as swap-out, writing the page data to be swapped out into an address space pointed by a destination address, generating a message authentication code based on the page data to be swapped out, obtaining a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into the address space pointed by the metadata address as a part of the metadata.
The process of generating the message authentication code based on the page data to be swapped out may be: acquiring a pre-configured encryption key and an initial vector for a hash algorithm, encrypting the page data to be swapped out by using the encryption key, and performing hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is a Message Authentication Code (MAC); or, to further increase the security of the data, the process may also be to perform nonlinear transformation on a pre-configured encryption key and a physical address of the memory (for example, to confuse the encryption key corresponding to the ASID with the physical address of the memory) to obtain a final encryption key, encrypt the page data to be swapped out by using the final encryption key, and perform hash operation on the encrypted page data to be swapped out by using the base initial vector to generate a hash value. In this embodiment, the encryption key used between different memory pages is the same as the initial vector used in the hash algorithm.
As an embodiment, the data to be swapped out page may also be encrypted by using a dynamic encryption key and an initial vector, and the security may be improved by performing a hash operation, that is, the encryption key and the initial vector corresponding to different memory page swap-out requests are different, where the memory page swap-out request further includes: an address space identifier ASID, which in one embodiment may be carried in a source physical address of a page to be swapped out; correspondingly, an encryption key corresponding to the ASID and an initial vector used for a hash algorithm can be obtained according to a pre-configured correspondence between the ASID and the key information and the initial vector, then the page data to be swapped out is encrypted by using the encryption key, and the encrypted page data to be swapped out is subjected to hash operation based on the initial vector to generate a hash value. In this embodiment, the encryption key corresponding to the ASID and the physical address of the memory may be subjected to nonlinear transformation (for example, the encryption key corresponding to the ASID and the physical address of the memory are mixed up) to obtain a final encryption key, and the page data to be swapped out is encrypted according to the final encryption key.
If the swapped out data needs to be encrypted, the swapped out data can also be encrypted by adopting an agreed password, if a bit used for indicating whether the encryption is high (such as 1) in the source physical address of the page to be swapped out is used for indicating that the encryption is needed, otherwise, the encryption is not needed, of course, the reverse is also possible, if the bit is low (such as 0), the encryption is needed, and otherwise, the encryption is not needed.
Optionally, if the page data to be swapped out is virtual machine data, the virtual machine physical address corresponding to the source physical address may also be obtained according to a pre-established correspondence between the system physical address and the virtual machine physical address (where the page data to be swapped out is data of the virtual machine corresponding to the virtual machine physical address), and the virtual machine physical address corresponding to the source physical address is written into an address space to which the metadata address points as part of the metadata. A schematic diagram of the page swap-out process of the virtual machine in this embodiment is shown in fig. 2. Whether the page data to be swapped out is virtual machine data or not can be judged according to the height of a bit used for indicating whether the page data to be swapped out is virtual machine data or not in the source physical address of the page to be swapped out, if the bit is high (such as 1), the page data to be swapped out is represented as the virtual machine data, otherwise, the page data to be swapped out is common data, certainly, the page data to be swapped out can also be reversed, if the bit is low (such as 0), the page data to be swapped out is represented as the virtual machine data, otherwise, the page data to be swapped out is the common data. It should be noted that even if the page data to be swapped out is virtual machine data, in one embodiment, the virtual machine physical address corresponding to the source physical address is not obtained according to the pre-established correspondence relationship between the system physical address and the virtual machine physical address, and the virtual machine physical address corresponding to the source physical address is written into the address space to which the metadata address points as a part of the metadata. The situation shown in fig. 3 is therefore not to be understood as limiting the application.
When the CPU core needs to swap in the memory page data, a memory page swap-in instruction is sent to a security subsystem in the SOC, a security processor (which is a control processor in the security subsystem) receives the memory page swap-in instruction sent by the CPU core, and after recognizing that the instruction is the memory page swap-in instruction, a memory page swap-in request is sent to a hardware acceleration module, wherein the memory page request comprises: the source address of the page to be replaced and the destination physical address for storing the page to be replaced. The hardware acceleration module is used for receiving a memory page swap-in request sent by the security processor, taking out page data to be written from a source address of a page to be swapped in, then generating a message authentication code based on the page data to be written, obtaining a metadata address corresponding to a target physical address according to a pre-established correspondence between a system physical address and the metadata address, and taking out metadata from the metadata address (wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from the memory, and comprises the message authentication code); and finally, the hardware acceleration module is also used for generating a message authentication code and a message authentication code in the metadata based on the page data to be written, performing security verification on the page data to be written, and writing the page data to be written into an address space pointed by the destination physical address by the hardware acceleration module after the page data to be written passes the security verification.
The process of generating the message authentication code based on the page data to be swapped in may be: acquiring a pre-configured encryption key and an initial vector for a hash algorithm, encrypting the page data to be switched in by using the encryption key, and performing hash operation on the encrypted page data to be switched in based on the initial vector to generate a hash value, wherein the hash value is a Message Authentication Code (MAC); or, to further increase the security of the data, the process may also be to perform nonlinear transformation on a pre-configured encryption key and a physical address of the memory (for example, confusing the encryption key corresponding to the ASID with the physical address of the memory) to obtain a final encryption key, encrypt the page data to be swapped in by using the final encryption key, and perform hash operation on the encrypted page data to be swapped in by using the base initial vector to generate a hash value. In this embodiment, the encryption key used between different memory pages is the same as the initial vector used in the hash algorithm.
As an embodiment, the data to be swapped in page may also be encrypted by using a dynamic encryption key and an initial vector, and the security may be improved by performing a hash operation, that is, the encryption key and the initial vector corresponding to different memory page swap-in requests are different, where the memory page swap-in request further includes: in one embodiment, the ASID may be carried in a destination physical address where the page to be swapped in is stored, and accordingly, an encryption key corresponding to the ASID and an initial vector used for a hash algorithm may be obtained according to a pre-configured correspondence relationship between the ASID, key information, and the initial vector, and then, the page data to be swapped in is encrypted using the encryption key, and the encrypted page data to be swapped in is subjected to a hash operation based on the initial vector, so as to generate a hash value. In this embodiment, the encryption key corresponding to the ASID and the physical address of the memory may be subjected to nonlinear transformation (for example, the encryption key corresponding to the ASID and the physical address of the memory are mixed up) to obtain a final encryption key, and the data to be swapped in page is encrypted according to the final encryption key.
In one embodiment, the process of generating the message authentication code and the message authentication code in the metadata based on the page data to be written may be: and comparing the message authentication code generated based on the page data to be written with the message authentication code in the metadata, wherein if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, the page data to be written is represented to pass the safety verification. In addition, the security verification may be performed on the page data to be written based on the message authentication code generated based on the page data to be written and the message authentication code in the metadata in another manner, for example, the same specification standard is used, the same format conversion is performed on the message authentication code generated based on the page data to be written and the message authentication code in the metadata respectively (for example, a binary MAC is converted into a 16-ary MAC, so as to improve the comparison efficiency), then the comparison is performed, and if the two are consistent, the page data to be written passes the security verification, which is characterized.
If the page data to be written is virtual machine data, in one embodiment, the metadata may further include a virtual machine physical address corresponding to the page data to be written, and correspondingly, the hardware acceleration module is further configured to obtain a virtual machine physical address corresponding to the destination physical address according to a pre-established correspondence between the system physical address and the virtual machine physical address, at this time, generate a message authentication code and a message authentication code in the metadata based on the page data to be written, perform security verification on the page data to be written, and change to: and generating a message authentication code, a message authentication code in the metadata, a virtual machine physical address corresponding to the target physical address and a virtual machine physical address in the metadata based on the page data to be written, and performing security verification on the page data to be written.
Optionally, the message authentication code in the metadata, the virtual machine physical address corresponding to the destination physical address, and the virtual machine physical address in the metadata are generated based on the page data to be written, and the process of performing security verification on the page data to be written may be: comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata, and comparing a virtual machine physical address corresponding to the target physical address with a virtual machine physical address in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, and the physical address of the virtual machine corresponding to the target physical address is consistent with the physical address of the virtual machine in the metadata, the page data to be written is represented to pass the safety verification. A schematic diagram of the page swap-in process of the virtual machine in this embodiment is shown in fig. 4.
The hardware acceleration module generates a message authentication code, a message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address, and a virtual machine physical address in the metadata based on the page data to be written, and the process of performing security verification on the page data to be written may also be: firstly, respectively carrying out same format conversion on a message authentication code generated based on page data to be written and a message authentication code in metadata by adopting the same specification standard (for example, converting a binary MAC into a 16-system MAC so as to improve the comparison efficiency), then comparing whether the converted message authentication code generated based on the page data to be written is consistent with the message authentication code in the converted metadata or not, and comparing a virtual machine physical address corresponding to a target physical address with a virtual machine physical address in the metadata; and if the converted message authentication code generated based on the page data to be written is consistent with the message authentication code in the converted metadata, and the physical address of the virtual machine corresponding to the target physical address is consistent with the physical address of the virtual machine in the metadata, representing that the page data to be written passes the safety verification.
When encrypting the Data of the page to be swapped out/in, the adopted Encryption algorithm may adopt a currently known algorithm, such as a Data Encryption Standard (DES) algorithm, an Advanced Encryption Standard (AES) algorithm, a Password Based Encryption (PBE) algorithm, an RSA algorithm, and the like.
When performing Hash calculation on encrypted data of a page to be swapped out/swapped in, the Hash calculation may be a currently known Algorithm, for example, an MD5 information Digest Algorithm (MD5Message-Digest Algorithm) Algorithm, a Secure Hash Algorithm (SHA) Algorithm, or the like.
The hardware acceleration module can also encrypt the data of the page to be swapped out, decrypt the data of the page to be swapped in and the like according to needs.
In the embodiment of the application, a hardware acceleration module is added in a processor to assist a security processor to perform data swap-in and swap-out operations so as to improve the swap-in/swap-out efficiency of a memory page, meanwhile, the security of data is not guaranteed by adopting a simple encryption and decryption mode, Metadata (Metadata) including MAC is generated during swap-out, during swap-in, MAC is generated based on the data of the page to be swapped-in and the MAC generated during swap-out is used for performing security check on the data of the page to be swapped-in, and only after the check is passed, the data is written in, so that the security of the data is improved; in addition, when the page data to be swapped out and the page data to be swapped in are virtual machine data, on the original basis, by further taking the virtual machine physical address into consideration, when the page data to be swapped in is verified, the page data to be written in is subjected to security verification based on the page data to be written in, a message authentication code in the metadata, a virtual machine physical address corresponding to the target physical address and a virtual machine physical address in the metadata, so that the security of the data is further improved.
The embodiment of the present application further provides a data protection method applied to a processor, and the data protection method provided in the embodiment of the present application will be described below with reference to fig. 5.
Step S101: and receiving a memory page swap-in request sent by the security processor.
The hardware acceleration module receives a memory page swap-in request sent by the security processor, wherein the memory page swap-in request comprises a source address of a page to be swapped in and a destination physical address for storing the page to be swapped in.
Step S102: and taking out the data of the page to be written from the source address of the page to be swapped in, generating a message authentication code based on the data of the page to be written, obtaining a metadata address corresponding to the target physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and taking out the metadata from the metadata address.
The hardware acceleration module extracts page data to be written from a source address of the page to be swapped in, generates a message authentication code based on the page data to be written, obtains a metadata address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and the metadata address, and extracts metadata from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory, and comprises the message authentication code.
Step S103: and generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written.
And the hardware acceleration module generates a message authentication code and a message authentication code in the metadata based on the page data to be written, and performs security verification on the page data to be written.
Step S104: and after the page data to be written passes the security verification, writing the page data to be written into the address space pointed by the target physical address.
And after the page data to be written passes the security verification, the hardware acceleration module writes the page data to be written into the address space pointed by the destination physical address.
Generating a message authentication code and a message authentication code in the metadata based on the to-be-written page data, wherein the process of performing security verification on the to-be-written page data may be: comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, representing that the page data to be written passes the safety verification.
In one embodiment, the metadata further includes a virtual machine physical address corresponding to the page data to be written, and the method further includes: the hardware acceleration module obtains a virtual machine physical address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; correspondingly, a message authentication code is generated based on the page data to be written and the message authentication code in the metadata, and the process of performing security verification on the page data to be written is changed into: and generating a message authentication code based on the page data to be written, the message authentication code in the metadata, the virtual machine physical address corresponding to the target physical address and the virtual machine physical address in the metadata, and performing security verification on the page data to be written.
Generating a message authentication code based on the to-be-written page data, a message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address, and a virtual machine physical address in the metadata, where the process of performing security verification on the to-be-written page data may be: comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata, and comparing a virtual machine physical address corresponding to the target physical address with a virtual machine physical address in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, and the physical address of the virtual machine corresponding to the target physical address is consistent with the physical address of the virtual machine in the metadata, representing that the page data to be written passes the security verification.
Optionally, the memory page swap-in request further includes: the address space identifier ASID, at this time, the generation of the message authentication code based on the to-be-written page data may be: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be written by using the encryption key, and performing hash operation on the encrypted page data to be written based on the initial vector to generate a hash value, wherein the hash value is the message authentication code. Optionally, in an implementation manner, the initial key obtained according to the ASID may be directly used as an encryption key to encrypt the data of the page to be written, and in addition, the initial key obtained according to the ASID and a physical address of the memory may be subjected to nonlinear transformation to obtain a final encryption key.
Furthermore, the method further comprises: the hardware acceleration module receives a memory page swap-out request sent by the security processor, where the memory page swap-out request includes: the method comprises the steps that a source physical address of a page to be swapped out and a destination address for storing the page to be swapped out are obtained; the hardware acceleration module takes out the data of the page to be swapped out from the source physical address of the page to be swapped out and writes the data of the page to be swapped out into the address space pointed by the destination address; and generating a message authentication code based on the page data to be swapped out, acquiring a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into an address space pointed by the metadata address as a part of the metadata.
If the page data to be swapped out is virtual machine data, optionally, the method further includes: obtaining a virtual machine physical address corresponding to the source physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; and writing a virtual machine physical address corresponding to the source physical address as a part of the metadata into an address space pointed by the metadata address.
Optionally, the memory page swap-out request further includes: an address space identifier ASID; the process of generating a message authentication code based on the to-be-swapped-out page data may be: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be swapped out by using the encryption key, and carrying out hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is the message authentication code. Optionally, in an implementation, the initial key obtained according to the ASID may be directly used as an encryption key to encrypt the page data to be swapped out, and in addition, the initial key obtained according to the ASID and a physical address of the memory may be subjected to nonlinear transformation to obtain a final encryption key.
The data protection method provided by the embodiment of the present application has the same implementation principle and technical effect as the embodiment of the apparatus and method, and for the sake of brief description, no mention is made to the embodiment of the apparatus, and reference may be made to the corresponding contents in the embodiment of the foregoing method.
As shown in fig. 6, fig. 6 is a block diagram illustrating a structure of an electronic device according to an embodiment of the present application. The electronic device includes: the processor, memory, and disk described above. The processor is connected with the memory and the magnetic disk. The disk is used for storing the page data to be swapped out from the memory, and the memory is used for storing the page data to be swapped in from the disk. The electronic device includes, but is not limited to, a computer, a tablet computer, a server, and the like.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
In the embodiments provided in the present application, it should be understood that the disclosed method can be implemented in other ways. The method embodiments described above are merely illustrative, and for example, the flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a notebook computer, a server, or an electronic device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (17)

1. A data protection method applied to a processor, the processor comprising: a secure processor and a hardware acceleration module, the method comprising:
the hardware acceleration module receives a memory page swap-in request sent by the security processor, wherein the memory page swap-in request comprises a source address of a page to be swapped in and a destination physical address for storing the page to be swapped in;
the hardware acceleration module takes out page data to be written from a source address of the page to be swapped in, generates a message authentication code based on the page data to be written, obtains a metadata address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and a metadata address, and takes out metadata from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory, and comprises the message authentication code;
the hardware acceleration module generates a message authentication code and a message authentication code in the metadata based on the page data to be written, and carries out security verification on the page data to be written;
and after the page data to be written passes the security verification, the hardware acceleration module writes the page data to be written into the address space pointed by the destination physical address.
2. The method according to claim 1, wherein generating a message authentication code based on the page data to be written and a message authentication code in the metadata, and performing security verification on the page data to be written comprises:
comparing a message authentication code generated based on the page data to be written with a message authentication code in the metadata;
and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, representing that the page data to be written passes the safety verification.
3. The method according to claim 1, wherein the page data to be written is virtual machine data, and the metadata further includes a virtual machine physical address corresponding to the page data to be written; the method further comprises the following steps:
the hardware acceleration module obtains a virtual machine physical address corresponding to the target physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; correspondingly, generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written, including:
and generating a message authentication code based on the page data to be written, the message authentication code in the metadata, the virtual machine physical address corresponding to the target physical address and the virtual machine physical address in the metadata, and performing security verification on the page data to be written.
4. The method according to claim 1, wherein the memory page swap request further comprises: an address space identifier ASID; generating a message authentication code based on the to-be-written page data, including:
acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm;
and encrypting the page data to be written by using the encryption key, and performing hash operation on the encrypted page data to be written based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
5. The method of claim 4, wherein obtaining the encryption key corresponding to the ASID comprises:
obtaining an initial key according to the ASID;
and carrying out nonlinear transformation on the initial key and a physical address of a memory to obtain the encryption key.
6. The method of claim 1, further comprising:
the hardware acceleration module receives a memory page swap-out request sent by the security processor, where the memory page swap-out request includes: the method comprises the steps that a source physical address of a page to be swapped out and a destination address for storing the page to be swapped out are obtained;
the hardware acceleration module takes out the data of the page to be swapped out from the source physical address of the page to be swapped out and writes the data of the page to be swapped out into the address space pointed by the destination address; and generating a message authentication code based on the page data to be swapped out, acquiring a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into an address space pointed by the metadata address as a part of the metadata.
7. The method of claim 6, wherein the page data to be swapped out is virtual machine data, the method further comprising:
obtaining a virtual machine physical address corresponding to the source physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address;
and writing a virtual machine physical address corresponding to the source physical address as a part of the metadata into an address space pointed by the metadata address.
8. The method according to claim 6 or 7, wherein the memory page swap-out request further comprises: an address space identifier ASID; generating a message authentication code based on the to-be-swapped-out page data, comprising:
acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm;
and encrypting the page data to be swapped out by using the encryption key, and carrying out hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
9. A processor, comprising:
a secure processor;
a hardware acceleration module, configured to receive a memory page swap-in request sent by the security processor, where the memory page swap-in request includes a source address of a page to be swapped in and a destination physical address where the page to be swapped in is stored; the system comprises a source address used for taking out page data to be written from the page to be swapped in, a message authentication code generated based on the page data to be written, a metadata address corresponding to the target physical address obtained according to the pre-established corresponding relation between the system physical address and the metadata address, and metadata taken out from the metadata address, wherein the metadata is generated based on the page data to be written when the page data to be written is swapped out from a memory and comprises the message authentication code; the system is used for generating a message authentication code and a message authentication code in the metadata based on the page data to be written, and performing security verification on the page data to be written; and after the page data to be written passes the security verification, the method is also used for writing the page data to be written into the address space pointed by the destination physical address.
10. The processor according to claim 9, wherein the hardware acceleration module is configured to compare a message authentication code generated based on the page data to be written with a message authentication code in the metadata; and if the message authentication code generated based on the page data to be written is consistent with the message authentication code in the metadata, representing that the page data to be written passes the safety verification.
11. The processor according to claim 9, wherein the page data to be written is virtual machine data, and the metadata further includes a virtual machine physical address corresponding to the page data to be written; the hardware acceleration module is further configured to obtain a virtual machine physical address corresponding to the destination physical address according to a pre-established correspondence between a system physical address and a virtual machine physical address; correspondingly, the hardware acceleration module is configured to generate a message authentication code based on the to-be-written page data, the message authentication code in the metadata, a virtual machine physical address corresponding to the destination physical address, and a virtual machine physical address in the metadata, and perform security verification on the to-be-written page data.
12. The processor according to claim 9, wherein the memory page swap request further comprises: an address space identifier ASID; the hardware acceleration module is configured to: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be written by using the encryption key, and performing hash operation on the encrypted page data to be written based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
13. The processor of claim 12, wherein the hardware acceleration module is to: obtaining an initial key according to the ASID; and carrying out nonlinear transformation on the initial key and a physical address of a memory to obtain the encryption key.
14. The processor of claim 9, wherein the hardware acceleration module is further configured to: receiving a memory page swap-out request sent by the security processor, where the memory page swap-out request includes: the method comprises the steps that a source physical address of a page to be swapped out and a destination address for storing the page to be swapped out are obtained; taking out the data of the page to be swapped out from the source physical address of the page to be swapped out, and writing the data of the page to be swapped out into an address space pointed by the destination address; and generating a message authentication code based on the page data to be swapped out, acquiring a metadata address corresponding to the source physical address according to a pre-established corresponding relation between the system physical address and the metadata address, and writing the message authentication code generated based on the page data to be swapped out into an address space pointed by the metadata address as a part of the metadata.
15. The processor of claim 14, wherein the page data to be swapped out is virtual machine data, and wherein the hardware acceleration module is configured to: obtaining a virtual machine physical address corresponding to the source physical address according to a pre-established corresponding relation between a system physical address and a virtual machine physical address; and writing a virtual machine physical address corresponding to the source physical address as a part of the metadata into an address space pointed by the metadata address.
16. The processor according to claim 14 or 15, wherein the memory page swap-out request further comprises: an address space identifier ASID; the hardware acceleration module is configured to: acquiring an encryption key corresponding to the ASID and an initial vector for a hash algorithm; and encrypting the page data to be swapped out by using the encryption key, and carrying out hash operation on the encrypted page data to be swapped out based on the initial vector to generate a hash value, wherein the hash value is the message authentication code.
17. An electronic device, comprising: a memory and a processor according to any of claims 9-16, the memory coupled to the processor.
CN202010828279.8A 2020-08-17 2020-08-17 Data protection method, processor and electronic equipment Active CN111967065B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010828279.8A CN111967065B (en) 2020-08-17 2020-08-17 Data protection method, processor and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010828279.8A CN111967065B (en) 2020-08-17 2020-08-17 Data protection method, processor and electronic equipment

Publications (2)

Publication Number Publication Date
CN111967065A true CN111967065A (en) 2020-11-20
CN111967065B CN111967065B (en) 2023-10-27

Family

ID=73387763

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010828279.8A Active CN111967065B (en) 2020-08-17 2020-08-17 Data protection method, processor and electronic equipment

Country Status (1)

Country Link
CN (1) CN111967065B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114201752A (en) * 2021-11-29 2022-03-18 海光信息技术股份有限公司 Page table management method and device for security isolation virtual machine and related equipment
CN114564724A (en) * 2021-12-30 2022-05-31 海光信息技术股份有限公司 Method and device for protecting memory integrity of virtual machine, electronic equipment and storage medium
WO2024060710A1 (en) * 2022-09-20 2024-03-28 华为技术有限公司 Page swap-in method and apparatus

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111241564B (en) * 2017-08-04 2022-05-13 海光信息技术股份有限公司 Memory page exchange method and security processor
CN109670345A (en) * 2018-12-21 2019-04-23 成都海光集成电路设计有限公司 Guard method, accelerator module and the SOC chip of memory pages swapping in and out

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114201752A (en) * 2021-11-29 2022-03-18 海光信息技术股份有限公司 Page table management method and device for security isolation virtual machine and related equipment
CN114564724A (en) * 2021-12-30 2022-05-31 海光信息技术股份有限公司 Method and device for protecting memory integrity of virtual machine, electronic equipment and storage medium
WO2024060710A1 (en) * 2022-09-20 2024-03-28 华为技术有限公司 Page swap-in method and apparatus

Also Published As

Publication number Publication date
CN111967065B (en) 2023-10-27

Similar Documents

Publication Publication Date Title
US10547445B2 (en) Multiple encryption keys for a virtual machine
US10686605B2 (en) Technologies for implementing mutually distrusting domains
US20190229924A1 (en) Key rotating trees with split counters for efficient hardware replay protection
CN111967065B (en) Data protection method, processor and electronic equipment
US9262342B2 (en) Process authenticated memory page encryption
CN111090869B (en) Data encryption method, processor and computer equipment
US10536274B2 (en) Cryptographic protection for trusted operating systems
US10372628B2 (en) Cross-domain security in cryptographically partitioned cloud
CN110447032A (en) Storage page between management program and virtual machine converts monitoring
US10938559B2 (en) Security key identifier remapping
CN111949372B (en) Virtual machine migration method, general processor and electronic equipment
CN106716435B (en) Interface between a device and a secure processing environment
US20170286320A1 (en) Avoiding redundant memory encryption in a cryptographic protection system
CN112433817A (en) Information configuration method, direct storage access method and related device
CN114491607A (en) Cloud platform data processing method and device, computer equipment and storage medium
US11494219B2 (en) Encryption and remote attestation of containers
CN110955904B (en) Data encryption method, data decryption method, processor and computer equipment
CN111124956B (en) Container protection method, processor, operating system and computer equipment
CN116450281A (en) Access processing method, virtual machine identifier configuration method, chip and computer equipment
CN112416526B (en) Direct storage access method, device and related equipment
CN107239682A (en) A kind of computer internet information safety control system based on cloud computing
CN118133326B (en) Data encryption transmission system based on chip
CN111290830A (en) Virtual machine migration method, processor and electronic equipment
US12013954B2 (en) Scalable cloning and replication for trusted execution environments
CN112579255B (en) Compression protection method for virtual machine migration, migration-in migration-out accelerator module and SOC chip

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 300450 Tianjin Binhai New Area Huayuan Industrial Zone Haitai West Road 18 North 2-204 Industrial Incubation-3-8

Applicant after: Haiguang Information Technology Co.,Ltd.

Address before: 300450 Tianjin Binhai New Area Huayuan Industrial Zone Haitai West Road 18 North 2-204 Industrial Incubation-3-8

Applicant before: HAIGUANG INFORMATION TECHNOLOGY Co.,Ltd.

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant