CN114238941A - Program measurement verification method, device and system and storage medium - Google Patents

Program measurement verification method, device and system and storage medium Download PDF

Info

Publication number
CN114238941A
CN114238941A CN202111471593.6A CN202111471593A CN114238941A CN 114238941 A CN114238941 A CN 114238941A CN 202111471593 A CN202111471593 A CN 202111471593A CN 114238941 A CN114238941 A CN 114238941A
Authority
CN
China
Prior art keywords
program
executed
chip
measurement
measurement result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111471593.6A
Other languages
Chinese (zh)
Inventor
刘子行
应志伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Haiguang Yunxin Integrated Circuit Design Shanghai Co ltd
Original Assignee
Haiguang Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Haiguang Information Technology Co Ltd filed Critical Haiguang Information Technology Co Ltd
Priority to CN202111471593.6A priority Critical patent/CN114238941A/en
Publication of CN114238941A publication Critical patent/CN114238941A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The embodiment of the invention discloses a program measurement verification method, a device, a system and a storage medium, wherein the method comprises the steps of initializing a program verification environment, calling an on-chip safety processor to measure a program to be executed, storing a measurement result in an on-chip storage area, requesting the on-chip safety processor to acquire the measurement result of the program to be executed, receiving the measurement result read from the on-chip storage area by the on-chip safety processor, and after the measurement result passes verification, determining that the program to be executed is complete and executing the program to be executed. The invention can complete the measurement of the program to be executed through the safety processor arranged in the system on chip, and the whole dynamic measurement root creation process is not communicated with the external TPM through the off-chip bus any more, but is completely realized in the system on chip, thereby avoiding the risk that the off-chip bus is attacked physically and enhancing the safety of the off-chip bus.

Description

Program measurement verification method, device and system and storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, an apparatus, a system, and a storage medium for program metric verification.
Background
An Operating System (OS) is not required for functional development and normal operation of many smart devices. The OS is a program for managing hardware and software resources of the device, and needs to process basic transactions such as managing and configuring a memory, determining a priority of supply and demand of system resources, controlling input devices and output devices, operating a network, managing a file system, and the like, and also provides an operation interface for allowing a user to interact with the system.
In order to ensure the normal operation of the OS on the device, a static measurement root is usually used to verify the integrity of the OS image in the process of starting the OS, however, this method can only ensure the security of the image when the OS is initially started, but cannot ensure that the OS is not attacked maliciously in the whole operation period, that is, the security of the OS during operation cannot be ensured, because: the OS code amount is large, the functions are complex, and the vulnerability of the OS kernel source code cannot be avoided; the OS opens a large number of system calls and control interfaces to the user program, allowing the user program to input data, and if there is a leak such as buffer overflow in the system calls or control interfaces, the system calls or control interfaces may be attacked by a malicious user program by a method of inputting specific data.
In order to solve the above problems, a dynamic root measurement technology is proposed at present, which can dynamically re-establish a root of trust according to requirements in an insecure running environment, and measure and verify a subsequent program based on the root of trust. However, the inventors discovered in the course of their research that: the conventional dynamic measurement root is implemented by relying On a TPM (Trusted Platform Module) card externally disposed On an SoC (System On Chip) and connected to a CPU (central processing unit) in the SoC through an off-Chip bus, which is at risk of physical attack.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, an apparatus, a system, and a storage medium for program metric verification, so as to avoid the risk of physical attack.
In a first aspect, an embodiment of the present invention provides a program metric verification method, including:
initializing a program verification environment;
invoking an on-chip security processor: measuring a program to be executed, and storing a measurement result in an on-chip storage area;
requesting the on-chip security processor to acquire a measurement result of a program to be executed, and receiving the measurement result read from the on-chip storage area by the on-chip security processor;
and after the verification measurement result passes, determining that the program to be executed is complete, and executing the program to be executed.
Further, initializing a program verification environment, comprising:
saving the context of the current operating environment;
and initializing a Central Processing Unit (CPU), closing interrupt and closing Direct Memory Access (DMA) transmission.
Further, invoking the on-chip security processor to measure the program to be executed, including:
and sending a program measurement calling instruction to the on-chip security processor, and instructing the on-chip security processor to measure the program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
In a second aspect, an embodiment of the present invention provides another program metric verification method, including:
receiving a program measurement calling instruction of an on-chip Central Processing Unit (CPU), measuring a program to be executed, and storing a measurement result in an on-chip storage area;
and receiving a measurement result acquisition request of the on-chip CPU, reading a measurement result from the on-chip storage area, and returning the measurement result to the on-chip CPU so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
Further, measuring the program to be executed includes:
and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
Further, measuring the program to be executed includes:
and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
Further, the cryptography function calculation includes the cryptography function calculation defined by the commercial cryptography standard of China.
Further, receiving a program measurement call instruction of the on-chip CPU, and measuring the program to be executed, includes:
receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction;
and reading the program to be executed for measurement according to the extracted storage address.
In a third aspect, an embodiment of the present invention provides a program metric verification apparatus, including:
an initialization unit for initializing a program verification environment;
a calling unit, configured to call an on-chip security processor: measuring a program to be executed, and storing a measurement result in an on-chip storage area;
the acquisition unit is used for requesting the on-chip security processor to acquire a measurement result of a program to be executed and receiving the measurement result read by the on-chip security processor from the on-chip storage area;
and the verification unit is used for determining that the program to be executed is complete and executing the program to be executed after the measurement result passes verification.
Further, the initialization unit is used for initializing a program verification environment, and includes:
saving the context of the current operating environment;
and initializing a Central Processing Unit (CPU), closing interrupt and closing Direct Memory Access (DMA) transmission.
Further, the invoking unit is configured to invoke the on-chip security processor to perform measurement on the program to be executed, and includes:
and sending a program measurement calling instruction to the on-chip security processor, and instructing the on-chip security processor to measure the program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
In a fourth aspect, an embodiment of the present invention provides another program metric verification apparatus, including:
the measurement unit is used for receiving a program measurement calling instruction of an on-chip Central Processing Unit (CPU), measuring a program to be executed and storing a measurement result in an on-chip storage area;
and the feedback unit is used for receiving a measurement result acquisition request of the on-chip CPU, reading the measurement result from the on-chip storage area and returning the measurement result to the on-chip CPU so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
Further, the measurement unit is configured to measure the program to be executed, and includes:
and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
Further, the measurement unit is configured to measure the program to be executed, and includes:
and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
Further, the measuring unit is configured to receive a program measurement call instruction of the on-chip CPU, and measure the program to be executed, and includes:
receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction;
and reading the program to be executed for measurement according to the extracted storage address.
In a fifth aspect, an embodiment of the present invention provides a program metric verification system, where the system includes a central processing unit and a secure processor connected by an on-chip bus; wherein: the central processing unit comprises a program metric verification device provided by the third aspect; the secure processor comprises another program metric verification apparatus as provided in the fourth aspect above.
In a sixth aspect, embodiments of the present invention also provide a computer-readable storage medium storing one or more programs, which are executable by one or more central processors to implement the program metric verification method of the first aspect, or which are executable by one or more secure processors to implement the program metric verification method of the second aspect.
In the technical scheme provided by the embodiment of the invention, the measurement of the program to be executed is completed through the security processor arranged in the system on chip, and the whole dynamic measurement root creation process is not communicated with the external TPM through the off-chip bus any more, but is completely realized in the system on chip, so that the risk that the off-chip bus is subjected to physical attack can be avoided, and the security of the off-chip bus is enhanced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a program metric verification method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a program metric verification method according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of a program metric verification apparatus according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a program metric verification apparatus according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of a program metric verification system according to a fourth embodiment of the present invention;
fig. 6 is a flowchart illustrating a program metric verification method according to a fifth embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
First, some terms related to the embodiments of the present invention will be briefly described.
Trusted Platform Module (TPM): the chip is planted inside a computer to provide a Trusted root for the computer, and the specification of the chip is formulated by Trusted Computing Group (Trusted Computing Group).
TPM in the chip: the SoC is internally provided with a credible module with a cryptography function and a storage function.
Dynamic metric Root (Dynamic Root Of Trust): the credible root is dynamically established when the system runs, and the concept corresponding to the dynamic measurement root is a static measurement root which must be established when the system is started.
A Platform Secure Processor (PSP), a Processor dedicated to handling Secure functions, which may be an x86 architecture or an ARM architecture, generally executes only firmware and does not execute operating systems and applications.
And (4) national secret: the domestic data encryption processing series algorithms identified by the China national crypto-administration realize the algorithm functions of symmetry, asymmetry, abstract and the like from SM1-SM4 respectively.
The technical solution of the present invention will be described in detail by examples.
Example one
The embodiment provides a program metric verification method, which can be executed by a corresponding program metric verification device, wherein the device can be executed by a CPU (central processing unit) integrated in an intelligent device with an SoC (system on chip), and the CPU is embedded in the SoC. Referring to fig. 1, the method specifically includes the following steps 101-104.
Step 101, initializing a program verification environment.
Specifically, step 101 initializes the program verification environment, and one possible implementation is realized by the following sub-steps:
sub-step 1011, saving the context of the current operating environment.
Substep 1012, performing central processing CPU initialization, closing interrupts, and closing direct memory access DMA transfers.
The CPU initialization may include, among other things, initializing a timestamp, initializing an interrupt disable time measurement, initializing a CPU name, etc.
Step 102, calling an on-chip security processor: and measuring the program to be executed, and storing the measurement result in an on-chip storage area.
Specifically, the CPU calls an on-chip security processor, sends a program measurement calling instruction to the on-chip security processor, and instructs the on-chip security processor to measure a program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
In this step, the on-chip security processor is built in the CPU for processing security-related tasks, and the to-be-executed program is measured by using the security processing chip built in the CPU, so that the program measurement call instruction and data do not need to be transmitted through an external bus any more, and only exist in an internal bus of the CPU, thereby improving the security of the TPM.
Step 103, requesting the on-chip security processor to acquire the measurement result of the program to be executed, and receiving the measurement result read from the on-chip storage area by the on-chip security processor.
In this step, the security processor measures the program to be executed to obtain a measurement result, and stores the measurement result in the on-chip storage area. The security processor may measure the program to be executed by executing a trusted platform module TPM firmware program previously loaded from the static random access SRAM.
And the CPU requests the on-chip secure memory to acquire a measurement result of the program to be executed, and receives the measurement result read from the on-chip storage area by the on-chip secure processor.
And 104, after the measurement result is verified, determining that the program to be executed is complete, and executing the program to be executed.
In this step, after the verification measurement result passes, the program to be executed is executed. In the execution process, the integrity of the program to be executed can be verified by calculating and comparing with the stored measurement result, and when the program to be executed is complete, the operation under the safe environment is proved.
Example two
The embodiment provides a program metric verification method, which can be executed by a corresponding program metric verification device, wherein the device can be executed by a security processor integrated in a smart device with an SoC, and the security processor is embedded in the SoC. Referring to fig. 2, the method specifically includes the following steps 201-202.
Step 201, receiving a program measurement calling instruction of an on-chip central processing unit CPU, measuring a program to be executed, and storing a measurement result in an on-chip storage area.
Step 202, receiving a measurement result acquisition request of the on-chip CPU, reading a measurement result from the on-chip storage area, and returning the measurement result to the on-chip CPU, so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
In this embodiment, the measuring, by the on-chip security processor, the program to be executed includes: and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
In this embodiment, the on-chip secure processor is a processor dedicated to processing a secure function, and may be an x86 architecture or an ARM architecture. The secure processor typically executes only firmware and does not execute the operating system and application programs. Therefore, when the program to be executed is measured, the program to be executed can be measured by executing the TPM firmware program which is loaded from the SRAM to the trusted platform module in advance.
For example, the measurement of the program to be executed by the on-chip security processor may specifically include: and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
The measurement of the program to be executed may include the calculation of cryptographic functions such as hash value calculation. Typically, a cryptology coprocessor (Crypto Co-Processor) is usually built in the on-chip security Processor, and the on-chip security Processor may accelerate the task execution of the computation of the cryptology function by calling the CCP, that is, the hardware for performing the computation of the cryptology function may be a security Processor built in the SoC. In addition, the cryptography function calculation includes the cryptography function calculation defined by the commercial cryptography standard of China. In order to support the national commercial cryptographic standard, the SoC-embedded security processor needs to support cryptographic calculation functions such as asymmetric encryption, signature verification, hash value calculation and the like defined by the national commercial cryptographic standards of china, such as SM2, SM3, SM4 and the like.
In this embodiment, receiving a program measurement call instruction of an on-chip CPU, and measuring a program to be executed includes: receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction; and reading the program to be executed for measurement according to the extracted storage address.
EXAMPLE III
The present embodiment provides a program metric verification apparatus, which may be configured to execute the program metric verification method according to the first embodiment, where the apparatus may be implemented by a CPU integrated in an intelligent device deployed with an SoC, and the CPU is embedded in the SoC. Referring to fig. 3, the apparatus specifically includes the following units:
an initialization unit 301 configured to initialize a program verification environment;
a calling unit 302, configured to call an on-chip security processor: measuring a program to be executed, and storing a measurement result in an on-chip storage area;
an obtaining unit 303, configured to request the on-chip security processor to obtain a measurement result of the program to be executed, and receive the measurement result read by the on-chip security processor from the on-chip storage area;
and the verification unit 304 is configured to determine that the program to be executed is complete and execute the program to be executed after the measurement result passes verification.
Further, the initialization unit is used for initializing the program verification environment, and may include:
saving the context of the current operating environment;
and initializing a Central Processing Unit (CPU), closing interrupt and closing Direct Memory Access (DMA) transmission.
Further, the invoking unit is configured to invoke the on-chip security processor to perform measurement on the program to be executed, and includes:
and sending a program measurement calling instruction to the on-chip security processor, and instructing the on-chip security processor to measure the program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
The program metric verification apparatus provided in this embodiment and the program metric verification method in the first embodiment belong to the same inventive concept, and the technical details that are not described in this embodiment may refer to the related description in the first embodiment, which is not described herein again.
Example four
The present embodiment provides a program metric verification apparatus, which can be used to execute the program metric verification method described in the second embodiment, and the apparatus can be executed by a security processor integrated in a smart device deployed with an SoC, where the security processor is embedded in the SoC. Referring to fig. 4, the apparatus specifically includes the following units:
a measurement unit 401, configured to receive a program measurement call instruction of an on-chip central processing unit CPU, measure a program to be executed, and store a measurement result in an on-chip storage area;
a feedback unit 402, configured to receive a measurement result obtaining request of the on-chip CPU, read a measurement result from the on-chip storage area, and return the measurement result to the on-chip CPU, so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
Further, the measurement unit is configured to measure the program to be executed, and includes:
and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
Further, the measurement unit is configured to measure the program to be executed, and includes:
and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
Further, the measuring unit is configured to receive a program measurement call instruction of the on-chip CPU, and measure the program to be executed, and includes:
receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction;
and reading the program to be executed for measurement according to the extracted storage address.
The program metric verification apparatus provided in this embodiment and the program metric verification method in the second embodiment belong to the same inventive concept, and the technical details that are not described in this embodiment may refer to the related description in the second embodiment, which is not described herein again.
In addition, an embodiment of the present invention further provides a program metric verification system, which may be integrated in an intelligent device deployed with an SoC, and includes a central processing unit (CPU core) and a security processor connected by an on-chip bus, where:
the central processing unit comprises the program metric verifying device of the third embodiment;
the secure processor includes the program metric verification apparatus described in the fourth embodiment.
Further, the system further comprises: SRAM (Static Random-Access Memory) TPM (Trusted Platform Module) firmware, on-chip Memory area, and cryptography coprocessor, all of which are connected to the secure processor through on-chip bus. Specifically, the interaction between these components and the secure processor can be referred to in the first to fourth embodiments, and is not described herein again.
The solution provided by the embodiments of the present invention is described in detail below with reference to a typical example. As shown in fig. 6, this example includes the steps of:
step 600, the CPU invokes a dynamic metric root creation instruction to complete the following actions:
initializing a CPU;
closing the interrupt;
closing the DMA transmission;
and loading the program to be executed to a specified memory interval, sending the memory address of the program to be executed to the on-chip security processor, measuring the program to be executed by the on-chip security processor, and storing the measurement result in the on-chip memory area.
Step 601, the CPU requests the security processor to obtain a measurement result of the program to be executed, and receives a measurement result queried by the security processor from the on-chip storage area.
Step 602, the CPU compares the measurement result obtained from the secure processor with the measurement result that the program to be executed is correct.
Step 603, comparing the two are the same by the CPU, determining that the loaded program to be executed is complete, and executing the program to be executed.
Furthermore, an embodiment of the present invention further provides a computer-readable storage medium, where one or more programs are stored, and the one or more programs are executable by one or more central processing units to implement the program metric verification method according to the foregoing embodiment.
Finally, another computer-readable storage medium is provided in an embodiment of the present invention, where one or more programs are stored, and the one or more programs are executable by one or more secure processors to implement the program metric verification method described in the foregoing embodiment one or embodiment two.
In summary, in the embodiments of the present invention, the measurement of the program to be executed is completed by the security processor disposed inside the system on chip, and the whole dynamic measurement root creation process is not required to communicate with the external TPM through the off-chip bus, but is completely implemented inside the system on chip, so that the risk that the off-chip bus is subjected to physical attack can be avoided, and the security of the off-chip bus is enhanced.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The term "and/or" in the embodiments of the present invention describes an association relationship of associated objects, and indicates that three relationships may exist, for example, a and/or B may indicate: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments.
In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
For convenience of description, the above devices are described separately in terms of functional division into various units/modules. Of course, the functionality of the units/modules may be implemented in one or more software and/or hardware implementations of the invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (17)

1. A program metric verification method, the method comprising:
initializing a program verification environment;
calling an on-chip security processor to measure a program to be executed, and storing a measurement result in an on-chip storage area;
requesting the on-chip security processor to acquire a measurement result of a program to be executed, and receiving the measurement result read from the on-chip storage area by the on-chip security processor;
and after the verification measurement result passes, determining that the program to be executed is complete, and executing the program to be executed.
2. The method of claim 1, wherein initializing a program verification environment comprises:
saving the context of the current operating environment;
and initializing a Central Processing Unit (CPU), closing interrupt and closing Direct Memory Access (DMA) transmission.
3. The method of claim 1, wherein invoking an on-chip security processor to perform metrics on the program to be executed comprises:
and sending a program measurement calling instruction to the on-chip security processor, and instructing the on-chip security processor to measure the program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
4. A program metric verification method, the method comprising:
receiving a program measurement calling instruction of an on-chip Central Processing Unit (CPU), measuring a program to be executed, and storing a measurement result in an on-chip storage area;
and receiving a measurement result acquisition request of the on-chip CPU, reading a measurement result from the on-chip storage area, and returning the measurement result to the on-chip CPU so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
5. The method of claim 4, wherein measuring the program to be executed comprises:
and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
6. The method of claim 4, wherein measuring the program to be executed comprises:
and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
7. The method of claim 6, wherein the cryptographic function calculation comprises a cryptographic function calculation defined by the national commercial code standard of China.
8. The method of claim 4, wherein receiving a program measurement call instruction of an on-chip CPU and measuring a program to be executed comprises:
receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction;
and reading the program to be executed for measurement according to the extracted storage address.
9. A program metric verification apparatus, the apparatus comprising:
an initialization unit for initializing a program verification environment;
a calling unit, configured to call an on-chip security processor: measuring a program to be executed, and storing a measurement result in an on-chip storage area;
the acquisition unit is used for requesting the on-chip security processor to acquire a measurement result of a program to be executed and receiving the measurement result read by the on-chip security processor from the on-chip storage area;
and the verification unit is used for determining that the program to be executed is complete and executing the program to be executed after the measurement result passes verification.
10. The apparatus of claim 9, wherein the initialization unit is configured to initialize a program verification environment, and comprises:
saving the context of the current operating environment;
and initializing a Central Processing Unit (CPU), closing interrupt and closing Direct Memory Access (DMA) transmission.
11. The apparatus of claim 9, wherein the invoking unit is configured to invoke the on-chip security processor to perform the metric on the program to be executed, and comprises:
and sending a program measurement calling instruction to the on-chip security processor, and instructing the on-chip security processor to measure the program to be executed, wherein the program measurement calling instruction comprises a storage address of the program to be executed.
12. A program metric verification apparatus, the apparatus comprising:
the measurement unit is used for receiving a program measurement calling instruction of an on-chip Central Processing Unit (CPU), measuring a program to be executed and storing a measurement result in an on-chip storage area;
and the feedback unit is used for receiving a measurement result acquisition request of the on-chip CPU, reading the measurement result from the on-chip storage area and returning the measurement result to the on-chip CPU so that the on-chip CPU verifies the integrity of the program to be executed according to the measurement result.
13. The apparatus of claim 12, wherein the metric unit is configured to metric the program to be executed, and comprises:
and measuring the program to be executed by executing the TPM firmware program of the trusted platform module, which is loaded from the SRAM in advance.
14. The apparatus of claim 12, wherein the metric unit is configured to metric the program to be executed, and comprises:
and calling a built-in cryptography coprocessor to perform cryptography function calculation on the program to be executed.
15. The apparatus of claim 12, wherein the measurement unit, configured to receive a program measurement call instruction of an on-chip CPU, and measure the program to be executed, includes:
receiving a program measurement calling instruction of an on-chip CPU, and extracting a storage address of a program to be executed carried by the instruction;
and reading the program to be executed for measurement according to the extracted storage address.
16. A program metric verification system, comprising a central processing unit and a secure processor connected by an on-chip bus; wherein:
the central processor comprises the program metric verification device of any of the preceding claims 9-11;
the secure processor comprises the program metric verification device of any of the above claims 12-15.
17. A computer-readable storage medium, characterized in that the computer-readable storage medium stores one or more programs,
the one or more programs being executable by one or more central processing units to implement the method of any of the preceding claims 1-3; or,
the one or more programs are executable by one or more secure processors to implement the method of any of claims 4-8.
CN202111471593.6A 2021-11-29 2021-11-29 Program measurement verification method, device and system and storage medium Pending CN114238941A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111471593.6A CN114238941A (en) 2021-11-29 2021-11-29 Program measurement verification method, device and system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111471593.6A CN114238941A (en) 2021-11-29 2021-11-29 Program measurement verification method, device and system and storage medium

Publications (1)

Publication Number Publication Date
CN114238941A true CN114238941A (en) 2022-03-25

Family

ID=80753114

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111471593.6A Pending CN114238941A (en) 2021-11-29 2021-11-29 Program measurement verification method, device and system and storage medium

Country Status (1)

Country Link
CN (1) CN114238941A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115081034A (en) * 2022-07-21 2022-09-20 南方电网数字电网研究院有限公司 Trusted processor chip realized by multiple redundancy modes and on-chip trusted measurement method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115081034A (en) * 2022-07-21 2022-09-20 南方电网数字电网研究院有限公司 Trusted processor chip realized by multiple redundancy modes and on-chip trusted measurement method
CN115081034B (en) * 2022-07-21 2022-11-25 南方电网数字电网研究院有限公司 Trusted processor chip realized by multiple redundancy modes and on-chip trusted measurement method

Similar Documents

Publication Publication Date Title
JP6053786B2 (en) Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
US10826904B2 (en) Local verification of code authentication
JP6728409B2 (en) Virtualization manager secure boot process
US10032030B2 (en) Trusted kernel starting method and apparatus
CN109669734B (en) Method and apparatus for starting a device
US9288155B2 (en) Computer system and virtual computer management method
US11379586B2 (en) Measurement methods, devices and systems based on trusted high-speed encryption card
JP6845264B2 (en) Reducing performance variability with an opportunistic hypervisor
US7921286B2 (en) Computer initialization for secure kernel
JP2019525306A (en) Memory allocation techniques in partially offloaded virtualization managers
CN108140092B (en) Device with multiple roots of trust
EP4116851A1 (en) Trusted measurement method and related apparatus
US20090249050A1 (en) System and method for establishing a trust domain on a computer platform
US11620411B2 (en) Elastic launch for trusted execution environments
US11379588B2 (en) System validation by hardware root of trust (HRoT) device and system management mode (SMM)
CN114035842B (en) Firmware configuration method, computing system configuration method, computing device and equipment
US20210342169A1 (en) Emulating physical security devices
EP3185166B1 (en) Trusted metric method and device
JP6769999B2 (en) Secure computing environment
CN109684126B (en) Memory verification method for ARM equipment and ARM equipment for executing memory verification
US12003960B2 (en) Booting and operating computing devices at designated locations
CN114238941A (en) Program measurement verification method, device and system and storage medium
US20190004788A1 (en) Secure microcode update
CN115130106A (en) Method and related device for realizing trusted boot through fTPM
CN114201747B (en) Dynamic measurement root implementation method, device, system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20240926

Address after: Room 501 and Room 502, No. 289 Chunxiao Road, Pudong New Area Pilot Free Trade Zone, Shanghai, March 2012 (nominal floor is 6th floor)

Applicant after: Haiguang Yunxin Integrated Circuit Design (Shanghai) Co.,Ltd.

Country or region after: China

Address before: 300 000 Tianjin Binhai New Area Tianjin Huayuan Industrial Zone No. 18 Haitai West Road North 2-204 industrial incubation-3-8

Applicant before: Haiguang Information Technology Co.,Ltd.

Country or region before: China