CN112733154B - Loongson pmon safe starting method - Google Patents

Loongson pmon safe starting method Download PDF

Info

Publication number
CN112733154B
CN112733154B CN202110120475.4A CN202110120475A CN112733154B CN 112733154 B CN112733154 B CN 112733154B CN 202110120475 A CN202110120475 A CN 202110120475A CN 112733154 B CN112733154 B CN 112733154B
Authority
CN
China
Prior art keywords
pmon
information
password
metric value
hardware
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110120475.4A
Other languages
Chinese (zh)
Other versions
CN112733154A (en
Inventor
卢泉
宋汉广
孙杰
陈志新
李宗玲
白学智
王绪利
孙振川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Longwei Zhongke Technology Co ltd
Original Assignee
Jiangsu Longwei Zhongke Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Longwei Zhongke Technology Co ltd filed Critical Jiangsu Longwei Zhongke Technology Co ltd
Priority to CN202110120475.4A priority Critical patent/CN112733154B/en
Publication of CN112733154A publication Critical patent/CN112733154A/en
Application granted granted Critical
Publication of CN112733154B publication Critical patent/CN112733154B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

The invention discloses a Loongson pmon safety starting method which comprises the steps of firstly obtaining hardware equipment information, then setting or updating a safety verification password, then calculating a metric value of the hardware equipment and a metric value of starting configuration information of a calculation system, and carrying out safety verification pmon updating operation after the metric value is verified. The method ensures the credibility of the software and hardware environment of the system in the operation stage of the pmon system and the credibility of the pmon updating operation, and if the system detects an untrusted device or the configuration file is started to be changed, the system can be prompted in the process of checking the metric value. Only through password security authentication will an untrusted operation be considered trusted. The method identifies the incredible hardware and files in the measurement result through password verification, ensures the credibility of the software and hardware environment of the system in the operation stage of the pmon system and the credibility of the pmon updating operation, and has simple and convenient flow and easy operation.

Description

Loongson pmon safe starting method
Technical Field
The invention relates to the field of trusted computing of embedded equipment, in particular to a password verification-based Loongson secure boot method of the embedded equipment.
Background
The modern era is an information era, information transmission enables our lives to be more convenient and faster, ways for people to acquire information are more and more, and the problem of information safety caused by the ways is more and more severe.
Pmon is an open source code software with both BIOS and boot loader functions, and is mostly used for embedded systems. Compared with the BIOS, the function is insufficient, and compared with the common bootloader, the function is much richer. The system based on the Loongson adopts pmon as a similar BIOS and bootloader, and does a lot of perfect work. In order to make the starting process of the embedded device safe, most systems adopt a mechanism of using a TCM (trusted cryptography level module) module and a customized BIOS (basic input/output system), establish a trust root in the system, and transmit trust to the whole system through a measurement and verification mode. In the prior art, no TCM module is used for establishing a trust root, and trust is established by using a password verification mode, so that the research on a device security starting mode based on password verification in pmon has important significance.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a novel Loongson pmon secure boot method aiming at the defects of the prior art, the method identifies the incredible hardware and files in the measurement result through password verification, ensures the credibility of the software and hardware environment of the system in the operating stage of the pmon system and the credibility of pmon updating operation, and has simple and convenient flow and easy operation.
The technical problem to be solved by the present invention is achieved by the following technical means. The invention relates to a Loongson pmon safe starting method, which comprises the following steps:
s1, acquiring hardware equipment information, and uniformly arranging key information of each hardware equipment;
s2, setting or updating a security verification password to provide a trust condition for the system;
s3, calculating the metric value of the hardware equipment, and enabling the hardware equipment to obtain the identifiable metric value through an encryption algorithm;
s4, calculating the metric value of the system starting configuration information, and enabling the system starting information to obtain an identifiable metric value through an encryption algorithm;
s5, checking the metric value, namely reading and writing the metric value in a storage space, comparing the difference of the metric value, and verifying and identifying the incredible hardware and files in the metric result by using password security;
s6, safety verification of the pmon updating operation enables the pmon to be always credible, and illegal users are prevented from tampering the pmon.
As a further improvement of the invention: in the step S1, the interface function is used to unify the hardware device information, which facilitates the subsequent further encryption processing of the information, and also separates the modification of the pmon code from the original pmon code, thereby ensuring that the present invention does not affect the original pmon function.
As a further improvement of the present invention, in step S2, the security authentication password is set or updated, there is a waiting time of 3 seconds in the system starting process, and if the key Y on the keyboard is pressed and then the Enter is pressed during the waiting time of 3 seconds, the security authentication password can be set or updated, if other keys are pressed and then Enter is pressed, the system directly skips S2, and if any key is not pressed within 3 seconds, the system skips S2.
As a further improvement of the present invention, in step S2, the original password needs to be input for verification first, and the new password needs to be input twice in succession before the setting is successful. The password is encrypted and then stored in a flash for storing the pmon, and the pmon is not damaged in the password storing operation in the storing process. When the pmon is updated, the password will be erased, requiring the password to be reset.
In step S3, the metric value of the hardware device is calculated by using the MD5 algorithm, and a unique MD5 value of each device is calculated according to the device information of each device. And an MD5 encryption compression algorithm is used for calculating the information of each device with large data volume and non-uniform data form to obtain a metric value in a uniform form, so that the subsequent verification of the metric value is facilitated.
In step S4, the metric value of the system startup configuration information is calculated, a boot. And reading the starting information stored in the starting hard disk into the cache array through file reading operation, and then calculating the MD5 value of the cache array.
In the step S5, the metric value is verified, the metric values of each hardware and boot.conf files stored in the flash are read out, and then the difference between each metric and the metric value calculated this time is compared one by one, and the security verification is performed if the difference exists, if the password verification is successful, the metric value obtained by the latest calculation is immediately updated in the flash, and then the verification of the next metric value is performed until all the verifications are completed.
And using a single flash to store the metric value, and performing read-write operation on the metric value. The verification equipment is divided into two parts, one part is necessary equipment, the other part is optional equipment, when the necessary equipment does not exist or is changed, the safety verification is required to be prompted in the verification process, but the optional equipment can prompt the safety verification only when new equipment appears, and if the optional equipment does not exist, the safety verification cannot be prompted in the verification process.
In step S6, in order to prevent the pmon from being tampered, the initial state of the pmon update command is closed; and customizing an opfload command, executing the command, prompting the system to input a security verification password, namely the security verification password set by the S2, if the password is correct, the command is successfully executed, and the successful result is that the pmon updating command is changed into an open state, so that the security and the credibility of the pmon updating operation are ensured. And a new command opfload is added, so that security verification must be carried out before the pmon is updated, and the risk that the pmon is tampered is avoided.
The invention is based on the requirements of security level and cost, does not use a TCM module to establish a trust root, but uses a password verification mode to establish trust, and fills the blank of a device security starting mode based on password verification in pmon. The requirement of bootloaderd function can be met, and the safety and credibility of software and hardware environment in the pmon system operation stage can be ensured through password safety verification.
Compared with the prior art, the method has the following beneficial effects:
1) The invention adopts a domestic Loongson 3a processor, and the core hardware is independently controllable; according to the invention, the TCM module is not added on hardware, and the purpose of safe starting is achieved by only modifying software, so that the design and production cost is saved; on the premise of ensuring that the password is not leaked, the security starting strategy of the invention is quite complete.
2) The method identifies the incredible hardware and files in the measurement result through password verification, ensures the credibility of the software and hardware environment of the system in the operation stage of the pmon system and the credibility of the pmon updating operation, and has simple and convenient flow and easy operation.
Detailed Description
Specific embodiments of the present invention are further described below. The following examples are given for the purpose of illustration and description only to enable one skilled in the art to further understand the present invention and are not to be construed as limiting the scope of the present invention.
A Loongson pmon safety starting method identifies the incredible hardware and files in the measurement result through password verification, ensures the credibility of the software and hardware environment of the pmon system in the running stage and the credibility of the pmon updating operation, and comprises the following steps:
s1, acquiring hardware equipment information, and uniformly arranging key information of each hardware equipment of the system;
s2, setting or updating a security verification password to provide a trust condition for the system;
s3, calculating the metric value of the hardware equipment, and enabling the hardware equipment to obtain the identifiable metric value through an encryption algorithm;
s4, calculating the metric value of the system starting configuration information, and enabling the system starting information to obtain an identifiable metric value through an encryption algorithm;
s5, verifying the metric value, wherein the read-write of the metric value in a storage space and the difference comparison of the metric value are involved, and the incredible hardware and files in the metric result are verified and authenticated by using password security;
s6, safety verification of the pmon updating operation enables the pmon to be always credible, and illegal users are prevented from tampering the pmon.
In the step S1, a c file is added in the pmon original code, wherein a global variable for storing the information of each hardware device is defined firstly, then an interface function for collecting the information of each hardware device is defined, and the interface function transmits the information of the hardware device through the form factor. Then, by searching the position of each piece of hardware equipment information in the code and calling an interface function at each position, each piece of hardware equipment information can be transmitted to the inside of the function through the shape parameter by using the interface function, and the value of the shape parameter is assigned to the global variable defined in the foregoing. Thus, the information of each hardware device is collected in the added c. Through the interface function, the modification part of the pmon code is separated from the original pmon code, and the hardware equipment information is processed in the c file independently, so that the original function of the pmon is not influenced. The specifically collected device information includes CPU serial code, hard disk serial code, PCIE device, USB device, network MAC, and the like, and may be added or deleted as needed.
In step S2, the system has a 3-second delay here, and the user can enter the key judgment by the key jumping-out delay, and if no key input is made, S2 is ended after 3 seconds. After entering the key judgment, if the input key is Y first and then Enter, the password setting is entered, and other key input modes cannot Enter the password setting. The purpose of the strategy is to provide an entrance for setting the password before the security verification and ensure that the system can automatically finish the starting when the password is not required to be set. The password can be set by using any form of character combination, and the maximum number of the characters does not exceed 27 bits.
In step S3, the metric values of the hardware devices are calculated by using the MD5 encryption compression algorithm and the hardware device information. For a certain device with a plurality of pieces of key information, the most representative information (such as serial number, product type, manufacturer and the like) is selected to calculate the metric value, if the information is empty, the secondary representative device information is selected to calculate the metric value, and if all the product information of the device is empty, the empty value is used to calculate the metric value.
In step S4, the startup hard disk generally has a file storing startup information, and the startup information is read into the cache array through file IO operation. Its metric value is calculated by the MD5 encryption compression algorithm using a cache array. If the starting information is not stored in the starting hard disk, the null value is used for calculating the metric value.
In step S5, since no metric value of the degree is stored in the flash at the initial time, when the metric values of the hardware devices are calculated for the first time and then compared with the metric values stored in the flash, the result of each comparison is that the metric values are different, and it is necessary to perform security verification on each device, and the metric values are stored in the flash for reading in the next verification through the security verified device. When the measurement value is verified next time, if necessary equipment is replaced or increased or decreased, the verification can prompt that the measurement value of the necessary equipment is different. And for the verification of the optional equipment, if the equipment has a matched metric value in the flash, the verification is passed, otherwise, the verification is not passed, and whether the equipment is replaced or increased or decreased is not judged. If the verification is not passed, security verification is required. The security verification firstly judges whether a security verification password is set currently or not, if not, the security verification password is immediately restarted, and a user can set the security verification password in S2. If the security verification password exists, the security verification password is input once and passes, the security verification passes, and if the password is input incorrectly, the system is restarted immediately. And after the security verification is passed, the new metric value replaces the old one and is stored in the flash, and then the system continues to check the next metric value.
In step S6, pressing the C key in the starting process of the system to enter a pmon command line, inputting a new command opfload, prompting the system to input a security verification password, if the password is correct, opening a pmon updating command, and if the password is wrong, restarting the system immediately.
According to the technical scheme, a domestic Loongson 3a processor is adopted, a TCM module is not added on hardware, the purpose of safe starting is achieved by only modifying software, and on the premise that a password is not leaked, safe starting is achieved and the strategy is quite complete; and a relatively independent safety starting management module is added on the basis of the original pmon code, and the influence on the original pmon code is avoided.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, numerous simple deductions or substitutions may be made without departing from the spirit of the invention, which shall be deemed to belong to the scope of the invention.

Claims (1)

1. A secure boot method of Loongson pmon is characterized in that through password verification, hardware and files which are not trusted in a measurement result are identified, so that software and hardware environments of a system in a pmon system running stage are trusted and a pmon updating operation is trusted, and the method comprises the following steps:
s1, acquiring hardware equipment information, and uniformly arranging key information of each hardware equipment of a system;
s2, setting or updating a security verification password to provide a trust condition for the system;
s3, calculating the metric value of the hardware equipment, and enabling the hardware equipment to obtain the identifiable metric value through an encryption algorithm;
s4, calculating the metric value of the system starting configuration information, and enabling the system starting information to obtain an identifiable metric value through an encryption algorithm;
s5, verifying the metric value, wherein the read-write of the metric value in a storage space and the difference comparison of the metric value are involved, and the incredible hardware and files in the metric result are verified and authenticated by using password security;
s6, safely verifying the pmon updating operation to enable the pmon to be always credible and prevent an illegal user from tampering the pmon;
in the step S1, a c file is added in a pmon original code, a global variable for storing information of each hardware device is defined in the c file, then an interface function for collecting information of each hardware device is defined, and the interface function transmits the information of the hardware device through a parameter; then, searching the position of each piece of hardware equipment information in the code, calling an interface function at each position, transmitting each piece of hardware equipment information to the inside of the function through the shape parameter by using the interface function, and assigning the value of the shape parameter to the previously defined global variable in the function; thus, the information of each hardware device is collected in the added c file; c, processing the information of each hardware device in a file by separating a modified part of the pmon code from the original pmon code through an interface function; the specifically collected device information comprises a CPU serial code, a hard disk serial code, PCIE equipment, USB equipment and network MAC; adding or deleting according to requirements;
in the step S2, the system has 3-second delay, a user enters key judgment by key jumping-out delay, and if no key input exists, the step S2 is finished after 3 seconds;
after entering the key judgment, if the input key is Y first and then Enter, entering the password setting, and other key input modes cannot Enter the password setting; setting the password to be combined by using characters in any form, wherein the maximum number of the characters is not more than 27;
in the step S3, the metric values of the hardware equipment are calculated by using the information of the hardware equipment through an MD5 encryption compression algorithm;
for a certain device with a plurality of pieces of key information, selecting the most representative information to calculate a metric value, if the information is null, selecting secondary representative device information to calculate the metric value, and if all product information of the device is null, calculating the metric value by using the null value;
step S4, starting a file storing the starting information in the hard disk, and reading the starting information into a cache array through a file IO operation;
calculating the metric value of the MD5 encryption compression algorithm by using a cache array; if the starting information is not stored in the starting hard disk, calculating a metric value by using a null value;
in step S5, since no metric value of the storage degree is stored in the flash at the initial time, when the metric values of the hardware devices are calculated for the first time and then compared with the metric values stored in the flash, the result of each comparison indicates that the metric values are different, security verification needs to be performed on each device, and the metric values of the devices passing the security verification are stored in the flash for reading in the next verification;
when the measurement value is verified next time, if necessary equipment is replaced or increased or decreased, verifying and prompting that the measurement value of the necessary equipment is different; checking optional equipment, wherein the check is passed as long as the equipment has a metric value matched with the equipment in the flash, otherwise, the check is not passed, and whether the equipment is replaced or increased or decreased is not judged; if the verification is not passed, safety verification is required; firstly, the security verification judges whether a security verification password is set currently or not, if not, the security verification password is restarted immediately, and a user sets the security verification password in S2; if the security verification password exists, the security verification password is input once and passes, the security verification passes, and if the password is input incorrectly, the system is restarted immediately; after the safety verification is passed, the new metric value replaces the old metric value and is stored in the flash, and then the system continues to verify the next metric value;
in step S6, pressing the C key in the system starting process to enter a pmon command line, inputting a new command opfload, prompting the system to input a security verification password, if the password is correct, opening a pmon updating command, and if the password is wrong, immediately restarting the system.
CN202110120475.4A 2021-01-28 2021-01-28 Loongson pmon safe starting method Active CN112733154B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110120475.4A CN112733154B (en) 2021-01-28 2021-01-28 Loongson pmon safe starting method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110120475.4A CN112733154B (en) 2021-01-28 2021-01-28 Loongson pmon safe starting method

Publications (2)

Publication Number Publication Date
CN112733154A CN112733154A (en) 2021-04-30
CN112733154B true CN112733154B (en) 2023-01-20

Family

ID=75594406

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110120475.4A Active CN112733154B (en) 2021-01-28 2021-01-28 Loongson pmon safe starting method

Country Status (1)

Country Link
CN (1) CN112733154B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889477A (en) * 2018-12-20 2019-06-14 北京华胜天成信息技术发展有限公司 Server based on trusted cryptography's engine starts method and device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101281577B (en) * 2008-05-16 2010-06-23 北京工业大学 Dependable computing system capable of protecting BIOS and method of use thereof
CN102279914B (en) * 2011-07-13 2014-08-06 中国人民解放军海军计算技术研究所 Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same
CN102332070A (en) * 2011-09-30 2012-01-25 中国人民解放军海军计算技术研究所 Trust chain transfer method for trusted computing platform
CN109214187B (en) * 2017-06-29 2021-01-22 龙芯中科技术股份有限公司 Method and device for controlling computer to start and electronic equipment
CN108345804B (en) * 2018-03-22 2021-01-08 北京可信华泰信息技术有限公司 Storage method and device in trusted computing environment
US11411941B2 (en) * 2019-01-04 2022-08-09 Comcast Cable Communications, Llc Establishing trust with network device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889477A (en) * 2018-12-20 2019-06-14 北京华胜天成信息技术发展有限公司 Server based on trusted cryptography's engine starts method and device

Also Published As

Publication number Publication date
CN112733154A (en) 2021-04-30

Similar Documents

Publication Publication Date Title
US8560845B2 (en) System and method for tamper-resistant booting
TWI667586B (en) System and method for verifying changes to uefi authenticated variables
EP0849657B1 (en) Secure data processing method and system
US8108536B1 (en) Systems and methods for determining the trustworthiness of a server in a streaming environment
KR101867789B1 (en) Secure battery authentication
CN103329095B (en) Authenticate a hypervisor with encoded information
EP3458999A1 (en) Self-contained cryptographic boot policy validation
CN101256608B (en) Safe operation method and system
CN101657792A (en) Trusted component update system and method
EP2727040B1 (en) A secure hosted execution architecture
TW201635186A (en) System and method for computing device with improved firmware service security using credential-derived encryption key
US11783041B2 (en) Electronic device for updating firmware based on user authentication and an operating method thereof
CN105678162A (en) TPM-based control method for safe startup of operating system
CN115934194A (en) Controller starting method and device, electronic equipment and storage medium
US11366911B2 (en) Cryptography module and method for operating same
CN112733154B (en) Loongson pmon safe starting method
WO2017092507A1 (en) Application encryption method and device, and application access method and device
CN112861137A (en) Secure firmware
CN115964721A (en) Program verification method and electronic equipment
CN111143826A (en) BIOS user account password setting method and device and related equipment
KR102031248B1 (en) Method for verifying safeness in execution environment using security module
CN117235747B (en) Method for modifying BIOS startup password under LINUX
TWI818221B (en) Chip and method capable of authenticating off-chip debug firmware program and debug user
US20230418946A1 (en) Chip and method capable of authenticating off-chip debug firmware program and debug user
CN114995894A (en) Starting control method of operating system, terminal equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant