CN114329496A - Trusted starting method of operating system and electronic equipment - Google Patents
Trusted starting method of operating system and electronic equipment Download PDFInfo
- Publication number
- CN114329496A CN114329496A CN202111676041.9A CN202111676041A CN114329496A CN 114329496 A CN114329496 A CN 114329496A CN 202111676041 A CN202111676041 A CN 202111676041A CN 114329496 A CN114329496 A CN 114329496A
- Authority
- CN
- China
- Prior art keywords
- processing unit
- central processing
- chip
- power supply
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The application provides a trusted starting method of an operating system and an electronic device, comprising the following steps: the monitoring circuit acquires a power supply signal, and controls the central processing unit to be in a reset state if the power supply signal does not meet the preset power supply requirement; if yes, sending a first control signal to the safety chip and the control circuit; the safety chip reads the starting firmware in the memory through the switching chip based on the first control signal, and sends a first switching instruction to the switching chip after the verification is passed so as to communicate the central processing unit with an address access channel of the memory; and the safety chip sends a second control signal to the control circuit to enable the control circuit to control the state of the central processing unit, and then the central processing unit reads and runs the starting firmware stored in the memory through the switching chip and runs the kernel to realize system starting. In the application, the safety chip controls the channel of the switching chip and the reset state of the central processing unit, so that the central processing unit can run the verified starting firmware, and the system is started safely.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a trusted boot method for an operating system and an electronic device.
Background
At present, with the continuous development of computer technology, various electronic devices are applied more and more widely in the work and daily life of users.
In the related art, when an operating system in an electronic device is started, the following steps are generally performed: after the central processing unit in the electronic device is powered on, the central processing unit reads and executes the boot firmware, and further starts the operating system kernel in the running process of the boot firmware, so that the operating system of the electronic device is started.
However, since the boot firmware in the electronic device is vulnerable to malicious attack, when the boot firmware in the electronic device is maliciously tampered, the boot or normal operation of the electronic device is affected, and the security of the electronic device cannot be ensured.
Disclosure of Invention
The trusted boot method of the operating system and the electronic device are used for solving the problem that the secure boot of the electronic device cannot be ensured because the boot firmware in the electronic device in the related art is easy to be tampered.
In a first aspect, the present application provides a trusted boot method for an operating system, where the method is applied to an electronic device, and the electronic device includes: the safety chip, the central processing unit, the inner core, the switching chip, the control circuit, the memory and the monitoring circuit; the central processing unit is connected with the inner core, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is also connected with the control circuit; the switching chip is also connected with the memory; the method comprises the following steps:
the monitoring circuit acquires a power supply signal received by the central processing unit, judges whether the power supply signal meets a preset power supply requirement, controls the central processing unit to be in a reset state if the power supply signal does not meet the preset power supply requirement, executes the step of acquiring the power supply signal received by the central processing unit by the monitoring circuit again, judges whether the power supply signal meets the preset power supply requirement, and respectively sends first control signals to the safety chip and the control circuit until the power supply signal meets the preset power supply requirement;
the safety chip reads the starting firmware stored in the memory through the switching chip based on the first control signal;
the safety chip checks the starting firmware, and if the starting firmware passes the checking, the safety chip sends a first switching instruction to the switching chip so that the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction;
the safety chip sends a second control signal to the control circuit, so that the control circuit sends a first state signal to the central processing unit based on the first control signal and the second control signal, wherein the first state signal is used for indicating the central processing unit to release a reset state;
and the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal, and runs the kernel to realize system starting.
In a possible implementation manner, the security chip is connected with the central processing unit; the central processing unit reads and runs the startup firmware stored in the memory through the switching chip according to the first state signal, and runs the kernel to realize system startup, and the method comprises the following steps:
the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal;
the central processing unit acquires a kernel file and sends the kernel file to the security chip;
the safety chip is used for verifying the kernel file, and if the kernel file passes the verification, a first verification result is sent to the central processing unit;
and the central processing unit operates the inner core based on the first verification result to realize system startup.
In a possible implementation manner, if the preset power supply requirement is not met, the monitoring circuit controls the central processing unit to be in a reset state, including:
if the monitoring circuit determines that the power supply signal received by the central processing unit does not meet the preset power supply requirement, a third control signal is sent to the safety chip and the control circuit;
the safety chip sends a fourth control signal to the control circuit according to the third control signal so that the control circuit sends a second state instruction to the central processing unit based on the third control signal and the fourth control signal, wherein the second state instruction is used for indicating that the central processing unit is in a reset state; and sending a second switching instruction to the switching chip, wherein the second switching instruction is used for indicating to turn off the address channel between the central processing unit and the memory and communicating the address channel between the security chip and the memory.
In a possible implementation manner, if the power supply signal meets a preset power supply requirement, the method respectively sends a first control signal to the security chip and the control circuit, and includes:
and if the monitoring circuit determines that the power supply signal meets the preset power supply requirement and the monitoring circuit does not monitor a reset signal, the monitoring circuit sends the first control signal to the safety chip and the control circuit, and the reset signal is used for controlling the central processing unit to be in a reset state.
In one possible implementation, the method further includes:
and if the monitoring circuit determines that the power supply signal meets the preset power supply requirement and monitors a reset signal, the monitoring circuit sends the third control signal to the safety chip and the control circuit.
In a possible implementation manner, the monitoring circuit obtains a power supply signal received by the central processing unit, and if it is determined that the power supply signal meets a preset power supply requirement and the monitoring circuit monitors a reset signal, the monitoring circuit sends the third control signal to the security chip and the control circuit, and then the method further includes:
the monitoring circuit acquires a power supply signal received by the central processing unit, and if the power supply signal is determined to meet a preset power supply requirement and the monitoring circuit does not monitor a reset signal, the monitoring circuit sends the first control signal to the safety chip and the control circuit.
In a second aspect, the present application provides an electronic device comprising: the safety chip, the central processing unit, the inner core, the switching chip, the control circuit, the memory and the monitoring circuit; the central processing unit is connected with the inner core, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is also connected with the control circuit; the switching chip is also connected with the memory; wherein the content of the first and second substances,
the monitoring circuit is used for acquiring a power supply signal received by the central processing unit, judging whether the power supply signal meets a preset power supply requirement, if not, controlling the central processing unit to be in a reset state by the monitoring circuit, executing the step of acquiring the power supply signal received by the central processing unit by the monitoring circuit again, judging whether the power supply signal meets the preset power supply requirement, and sending first control signals to the safety chip and the control circuit respectively until the power supply signal meets the preset power supply requirement;
the safety chip is used for reading the starting firmware stored in the memory through the switching chip based on the first control signal; the starting firmware is verified, if the starting firmware passes the verification, the safety chip sends a first switching instruction to the switching chip, so that the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction; sending a second control signal to the control circuit;
the control circuit is used for sending a first state signal to the central processing unit based on the first control signal and the second control signal, and the first state signal is used for indicating the central processing unit to release a reset state;
the central processing unit is used for reading and operating the starting firmware stored in the memory through the switching chip according to the first state signal, and operating the kernel to realize system starting.
In a possible implementation manner, the general output interface on the security chip is connected to the control terminal of the switching chip and is further connected to the control circuit.
In one possible implementation, the monitoring circuit is connected to a general input interface on the security chip.
In a possible implementation manner, the output end of the control circuit is connected with a reset port of the central processing unit.
The application provides a trusted starting method of an operating system and an electronic device, wherein the method comprises the following steps: the monitoring circuit acquires a power supply signal received by the central processing unit, and controls the central processing unit to be in a reset state if the power supply signal is determined not to meet the preset power supply requirement; if the power supply requirement is met, a first control signal is respectively sent to the safety chip and the control circuit; the safety chip reads the starting firmware stored in the memory through the switching chip based on the first control signal, verifies the starting firmware, and sends a first switching instruction to the switching chip if the verification is passed so that the switching chip is communicated with an address access channel between the central processing unit and the memory; the safety chip sends a second control signal to the control circuit, so that the control circuit sends a first state signal to the central processing unit based on the first control signal and the second control signal, and then the central processing unit reads and runs the starting firmware stored in the memory through the switching chip and runs the kernel, and system starting is achieved. By the method, after the safety chip verifies the starting firmware in the memory, the safety chip controls the switching chip channel and the reset state of the central processing unit, so that the central processing unit can run the verified starting firmware, and the system is safely started.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic flowchart of a trusted boot method of an operating system according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure;
fig. 3 is a schematic connection diagram of an electronic device according to an embodiment of the present disclosure;
fig. 4 is a schematic connection diagram of another electronic device provided in the embodiment of the present application;
fig. 5 is a flowchart illustrating a trusted boot method for an operating system according to an embodiment of the present application;
fig. 6 is a flowchart illustrating another trusted boot method for an operating system according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of another electronic device according to an embodiment of the present application.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. These drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the inventive concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
At present, with the continuous development of electronic technology and communication technology, electronic devices are applied more and more widely in people's daily life.
In the electronic equipment, the startup firmware is used as a group of programs solidified into a storage area on a main board in the electronic equipment, wherein the programs comprise basic input and output programs, system setting information, a self-test program after startup and a system loading program in the electronic equipment, and the startup firmware is mainly used for providing hardware setting and control of the bottommost layer for the electronic equipment.
At present, when an electronic device is started, after the electronic device is powered on, a central processing unit reads a start-up firmware stored in a storage area, and starts up an operating system of the electronic device by executing the start-up firmware and calling an operating system kernel in the electronic device associated with the start-up firmware in the process of executing the start-up firmware.
However, according to the starting method of the electronic device, since the electronic device itself is vulnerable to external attack, especially the starting firmware stored in the storage area of the electronic device is easily tampered with maliciously after being attacked by external attack, and then the starting firmware tampered with maliciously is executed when the electronic device is started subsequently, and further starting failure of the electronic device is easily caused or a security threat is easily caused to an application program running in the electronic device.
The trusted starting method of the operating system and the electronic device are used for solving the technical problems.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating a trusted boot method of an operating system according to an embodiment of the present application. The trusted starting method of the operating system provided by the application is applied to the electronic equipment, and the electronic equipment comprises the following steps: the device comprises a safety chip, a central processing unit, a kernel, a switching chip, a control circuit, a memory and a monitoring circuit. As shown in fig. 2, fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 2, the central processing unit is connected to the core, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is also connected with the control circuit; the switching chip is connected with the memory. In some embodiments, in the electronic device, the memory for storing the boot firmware may be a Flash memory (also referred to as a Flash memory), and the switch chip may be selected by the switch chip. Specifically, as shown in fig. 1, the trusted boot method of the operating system provided in this embodiment includes the following steps:
s101, the monitoring circuit obtains a power supply signal received by the central processing unit.
In this embodiment, for example, when the electronic device is started, first, the monitoring circuit, the control circuit, the security chip, and the switching chip in the electronic device are powered on before the central processing unit in the electronic device. It should be noted that, if the power supply signal received by each device of the power-on finger satisfies its own operating voltage, the power-on is completed. And if the power supply signal of the device does not meet the self power supply requirement, the device is in a state before power-on. The monitoring circuit provided in this embodiment is connected to the central processing unit, and may be configured to compare and determine the power supply signal monitored by the central processing unit, and specifically, the monitoring circuit may be connected to a port of a power supply receiving end of the central processing unit to determine whether the current power supply signal of the central processing unit meets a preset power supply requirement, that is, determine whether the power supply signal received by the central processing unit meets the working requirement of the central processing unit.
And S102, if the power supply signal received by the central processing unit does not meet the preset power supply requirement, the monitoring circuit controls the central processing unit to be in a reset state, and the step S101 is executed in a returning mode. Here, the central processing unit is controlled to be in a reset state, that is, the central processing unit is initialized, and the central processing unit is caused to maintain the initialized state.
S103, if the monitoring circuit determines that the power supply signal meets the preset power supply requirement, first control signals are respectively sent to the safety chip and the control circuit.
Illustratively, when the monitoring circuit determines that the current power supply signal received by the central processing unit meets the preset power supply requirement, at this time, it indicates that the central processing unit is in a power-on state, and the monitoring circuit respectively sends first control signals to the security chip and the control circuit, where the first control signals are used to indicate that the central processing unit can normally operate.
In practical application, when the voltage value of the power supply signal detected by the monitoring circuit is within a preset voltage interval where the rated voltage of the central processing unit is, the central processing unit can be considered to be in a power-on state. For example, the preset voltage interval may be greater than or equal to a rated voltage value of the central processing unit, or a voltage interval with the rated voltage as a value range center of the preset voltage interval, which is not specifically limited in this embodiment.
And S104, reading the starting firmware stored in the memory by the safety chip through the switching chip based on the first control signal.
Illustratively, when the security chip receives the first control signal sent by the monitoring circuit, the security chip confirms that the central processing unit is currently in a power-on state, and at this time, the pre-stored startup firmware is read from the memory through the switching chip.
In practical application, the monitoring circuit may be connected to a General-purpose input (GPI) interface on the security chip, and when the monitoring circuit determines that the central processing unit is in a power-on state by monitoring a power supply signal of the central processing unit, the monitoring circuit may output a high level signal (i.e., the first control signal), so as to set the GPI port on the security chip to a high level. And then, the central processing unit reads the pre-stored starting firmware from the memory connected with the switching chip through the switching chip.
S105, the safety chip verifies the starting firmware, and if the verification is passed, the safety chip sends a first switching instruction to the switching chip.
Illustratively, after the secure chip reads the boot firmware from the memory, security verification is performed on the boot firmware, and after the verification is passed, a first switching instruction is sent to the switching chip, where the first switching instruction is used to instruct the switching chip to connect the address channel to the central processing unit.
In one example, when the secure chip verifies the read boot firmware, the read boot firmware may be compared with the boot firmware stored in the secure chip, and if the comparison result is consistent, it may be determined that the boot firmware passes the security verification.
In one example, when the secure chip verifies the read boot firmware, the verification may be performed through a hash value corresponding to the boot firmware pre-stored in the secure chip. In other words, in order to reduce the occupation of the storage space in the secure chip, the boot firmware stored in the memory may be data-compressed to determine a hash value corresponding to the boot firmware, and the hash value may be stored in the secure chip. When the secure chip verifies the startup firmware, firstly, data compression is carried out on the startup firmware read from the memory through a preset data compression algorithm to obtain a compressed hash value, then, the compressed hash value is compared with the hash value stored in the secure chip in advance, and if the comparison result is consistent, the startup firmware is verified to be passed.
In one example, when the secure chip verifies the read boot firmware, if the verification fails, the secure chip generates fault information, and sends the fault information to a user or displays the fault information through a display screen of the electronic device.
In an example, the secure chip may also store a hash value corresponding to the startup firmware and the startup firmware at the same time, and when the secure chip determines that the verification fails after comparing the hash values corresponding to the startup firmware, further, the secure chip may compare the startup firmware stored in advance with the startup firmware read from the memory to obtain fault location information, and send the fault location information to a user, so that the user performs maintenance. Or after the verification fails, the pre-stored hash value may be converted into corresponding boot firmware, and the corresponding boot firmware is compared with the boot firmware read from the memory, so as to obtain the fault location information.
S106, the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction.
For example, the switching chip in this embodiment is configured to receive a first switching instruction sent by the security chip, and the switching chip may turn on an address channel between a central processing unit and a memory of the switching chip according to the received first switching instruction, that is, the security chip may be configured to control the turn-on of the address channel in the switching chip.
In an example, fig. 3 is a schematic connection diagram of an electronic device according to an embodiment of the present disclosure. In the figure, when the security chip is connected to the switching chip, specifically, a General-purpose output (GPO) interface and an addressing bus interface (i.e., an AD port in the security chip in the figure) are provided on the security chip, a control interface (i.e., a QS port in the figure), a first addressing bus interface (i.e., an AD1 port in the figure), and a second addressing bus interface (i.e., an AD2 port in the figure) are provided on the switching chip, and an addressing bus interface (i.e., an AD port in the central processing unit in the figure) is also provided in the central processing unit. When the safety chip is connected with the switching chip, firstly, a GPO interface of the safety chip is connected with a control interface of the switching chip, and an address bus interface of the safety chip is connected with a first address bus interface of the switching chip. And the address bus interface of the central processing unit is connected with the second address bus interface of the switching chip.
In the practical application process, the safety chip can send a switching instruction to the switching chip through the GPO interface of the safety chip, so that the switching chip determines whether the conducted address bus interface is the first address bus interface or the second address bus interface according to the switching instruction, namely, whether the safety chip can access the memory through the switching chip or the central processing unit can access the memory through the switching chip is determined.
In practical applications, when the security chip executes step S104, a high level signal (i.e., the first switching instruction) may be output through the GPO interface on the security chip, and then the high level signal may be used to clamp up the control port of the switching chip connected to the GPO interface, and then the switching chip may determine to turn on the second addressing bus interface according to the level value of the control port, that is, to communicate the addressing channel between the central processing unit and the memory.
And S107, the security chip sends a second control signal to the control circuit, wherein the second control signal is used for representing that the security chip passes the verification of the starting firmware.
In an example, in practical application, when the secure chip sends the second control signal to the control circuit, the secure chip may also be implemented by a GPO interface on the secure chip. As can be seen from the connection relationship of the electronic device provided in fig. 3, the GPO interface on the secure chip is connected not only to the control terminal of the switch chip, but also to the control circuit. That is, after the secure chip determines that the start firmware passes the verification through step S104, a high level signal may be output through the GPO interface of the secure chip, and the control circuit connected to the secure chip and the control terminal of the switch chip are clamped high through the high level signal. That is, in this example, the high-level signal output by the GPO port of the security chip may be directly used as the first switching instruction received by the switching chip and the second switching instruction received by the control circuit.
In another example, on the basis of the above example, the electronic device further includes a delay circuit, the GPO port of the security chip is connected to the control circuit through the delay circuit, one path of the high-level signal output by the security chip through the GPO interface is directly sent to the control terminal of the switching chip, and after the other path of the high-level signal is delayed by the delay circuit, the high-level signal is sent to the control circuit, so that the time when the control circuit receives the high-level signal is later than the time when the control terminal of the switching chip receives the high-level signal, so that after the switching chip turns on the channel between the central processing unit and the memory, the control circuit performs step S107 again to ensure that step S107 and step S108 can operate normally, that is, the central processing unit can further obtain the start firmware from the memory through the switching chip.
And S108, the control circuit sends a first state signal to the central processing unit based on the first control signal and the second control signal, wherein the first state signal is used for indicating the central processing unit to release the reset state.
For example, in this embodiment, after the control circuit receives the first control signal sent by the monitoring circuit and the second control signal sent by the security chip, it indicates that the central processing unit is currently in the power-on state, and at this time, the security chip also determines that the start firmware verification passes, and then based on the first control signal and the second control signal, the control circuit generates the first state signal and sends the state signal to the central processing unit connected to the control circuit.
In practical applications, as shown in fig. 3, in the electronic device, the output terminal of the control circuit is connected to the reset port of the central processing unit, i.e., the RST port in fig. 3, and the control circuit can be used to control whether the central processing unit is in a reset state. When the control circuit determines that the reset state of the central processing unit needs to be released, a high-level signal (namely, a first state signal) can be sent to the central processing unit at the moment, and then the reset port of the central processing unit is clamped high, so that the central processing unit is released from the reset state, namely, the central processing unit does not need to be in a state of keeping an initialization state and can be restored to a normal working state.
And S109, the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal, and runs the kernel file to realize system starting.
Illustratively, after the central processing unit receives the first state signal and returns to the normal working state, the central processing unit obtains the boot firmware stored in the memory through the switching chip and executes the boot firmware. And after the starting firmware is run, continuing to start the kernel in the electronic equipment to realize the starting of the operating system of the electronic equipment.
In this embodiment, when an operating system of the electronic device is started, after the central processing unit is monitored to be powered on, the secure chip may acquire and verify the start firmware through a channel in the switching chip, and during verification, the central processing unit is set to a reset state, after the verification passes, the control circuit controls the central processing unit to release the reset state based on the verification result and a signal output by the monitoring circuit, and the secure chip controls the switching chip to communicate with an address access channel between the central processing unit and the memory, so that the central processing unit can acquire the start firmware stored in the memory after being reset, and further, the central processing unit can run the start firmware that passes the verification, thereby avoiding a risk that the start firmware is maliciously modified to start the electronic device.
In a possible implementation manner, on the basis of the structure of the electronic device shown in fig. 2, fig. 4 is a schematic connection diagram of another electronic device provided in the embodiment of the present application. As shown in fig. 4, in the electronic device provided in this embodiment, the security chip and the central processing unit also have a connection relationship therebetween, and when the security chip and the central processing unit are connected, the security chip and the central processing unit may be connected in an external interface connection manner, that is, the central processing unit may respectively implement communication control with the security chip connected to the external interface through a high-speed bus and an IO bus connected to the external interface.
In another possible implementation manner, in order to avoid the problem that the security chip is easily replaced when being connected with the central processing unit through the external interface as the external plug connector, and the cost is high, and the motherboard interface and the like where the central processing unit is located need to be additionally occupied, the security chip provided in fig. 2 may be directly integrated on the motherboard where the central processing unit in the electronic device is located, and the security chip and the central processing unit are connected only by adopting the connection manner of the high-speed bus without occupying the motherboard interface.
In some embodiments, when the secure chip is connected to the central processing unit, and when the central processing unit executes step S109, that is, the central processing unit reads and runs the boot firmware stored in the memory and runs the kernel file according to the first state signal, when the system is started, specifically, as shown in fig. 5, fig. 5 is a flowchart of a trusted boot method for another operating system provided in the embodiment of the present application, where the method includes:
s201, the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal.
For example, the specific principle of this step can be referred to as step S108 in fig. 1, and is not described here again.
S202, the central processing unit obtains the kernel file and sends the kernel file to the security chip.
S203, the security chip is used for verifying the kernel file, and if the verification is passed, a first verification result is sent to the central processing unit.
For example, in this embodiment, after the central processing unit acquires the kernel file in the electronic device, the kernel file is sent to the security chip connected to the central processing unit, and the acquired kernel file is verified by the security chip, so that the normal start of the operating system of the electronic device is further prevented from being affected after the kernel file in the electronic device is damaged or maliciously tampered.
Specifically, when the secure chip verifies the kernel file in the electronic device, the obtained kernel file may be determined to be accurate by comparing hash values corresponding to the kernel file preset in the secure chip.
After the security chip confirms that the kernel file passes the verification, a first verification result can be sent to the central processing unit, wherein the first verification result is used for indicating that the kernel file passes the verification.
In an example, when the security chip determines that the kernel file fails to be verified, it indicates that the obtained kernel file has a problem, and at this time, the security chip may generate fault information to notify a user to check the kernel file in the electronic device. In addition, the security chip may further send a second check result to the central processing unit, where the second check result is used to indicate that the current kernel file fails to check, so that the central processing unit stops running the kernel file.
And S204, the central processing unit runs the kernel file based on the first verification result, and the system is started.
Illustratively, after the central processing unit receives the first verification result sent by the security chip, it indicates that the current kernel file passes verification, and the central processing unit runs the acquired kernel file, thereby completing secure startup of the operating system of the electronic device.
In this embodiment, the security chip may be configured to check the boot firmware, and after the central processing unit obtains the kernel file, receive the kernel file sent by the central processing unit, check the kernel file, and further improve the security of booting the operating system of the electronic device by checking the boot firmware and the kernel file, thereby ensuring the safe operation of the device.
In some embodiments, fig. 6 is a flowchart illustrating a trusted boot method of another operating system according to an embodiment of the present application. As shown in fig. 6, when the monitoring circuit is executing step S102 in fig. 1, the following steps are included:
s301, if the monitoring circuit determines that the power supply signal received by the central processing unit does not meet the preset power supply requirement, a third control signal is sent to the safety chip and the control circuit.
For example, in this embodiment, when the monitoring circuit monitors that the power supply signal received by the central processing unit does not meet the preset power supply requirement, that is, the power supply signal provided at this time is insufficient to enable the central processing unit to normally operate, for example, if it is monitored that the power supply signal does not exist at this time or the voltage value of the power supply signal is not within the preset voltage interval, the monitoring circuit sends a third control signal to the safety chip and the control circuit, where the third control signal is used to represent that the central processing unit cannot normally operate.
In practical applications, the third control signal sent by the monitoring circuit may be transmitted to a GPI interface of the security chip.
And S302, the security chip sends a fourth control signal to the control circuit according to the third control signal, wherein the fourth control signal is used for representing that the security chip does not verify the starting firmware.
And S303, the control circuit sends a second state instruction to the central processing unit based on the third control signal and the fourth control signal, wherein the second state instruction is used for indicating that the central processing unit is in a reset state.
For example, after the safety chip receives the third control signal sent by the monitoring circuit, it is determined that the central processing unit is not normally operable at this time, the safety chip sends the fourth control signal to the control circuit at this time, and then the control circuit determines that the central processing unit is not in the power-on state at this time and the safety chip does not check the start-up firmware based on the received third control signal and the fourth control signal, and the control circuit needs to control the central processing unit to be in the reset state, and then sends the second state instruction to the central processing unit to enable the central processing unit to be in the reset state.
In practical applications, the second state command sent by the control circuit to the cpu may be a low level signal, and the low level signal is used to clamp a level value of the reset terminal of the cpu, so as to reset the cpu.
S304, the safety chip sends a second switching instruction to the switching chip according to the third control signal, wherein the second switching instruction is used for indicating to turn off the address channel between the central processing unit and the memory and to communicate the address channel between the safety chip and the memory.
S305, the second switching instruction received by the switching chip turns off the address channel between the central processing unit and the memory, and the address channel between the security chip and the memory is communicated.
For example, after the security chip receives the third control signal, that is, when the security chip determines that the power supply signal of the central processing unit does not satisfy the preset condition, the security chip sends a second switching instruction to the switching chip, for example, the second switching instruction may be sent to a control end of the switching chip, and then the switching chip closes the addressing channel between the central processing unit and the memory according to the received second switching instruction, and communicates the addressing channel between the security chip and the memory, so that the central processing unit cannot directly obtain the start-up firmware from the memory after being powered on.
In this embodiment, under the condition that the power supply signal condition of the central processing unit does not meet the preset power supply requirement, the control circuit controls the central processing unit to be in a reset state based on the fourth control signal and the third control signal sent by the security chip and the monitoring circuit, and closes the address access channel between the central processing unit and the memory, so that the central processing unit cannot acquire the start-up firmware after being powered on, and the switching chip can communicate the channel between the central processing unit and the memory, such as a flash memory (flash), only after the security chip checks the start-up firmware, thereby ensuring that the electronic device can be normally started by the control method.
In some embodiments, the monitoring circuit included in the electronic device provided by the present application is not only used for monitoring the power supply signal received by the central processing unit, but also used for monitoring the reset signal. Specifically, when the monitoring circuit executes step S101 and step S102, that is, when the monitoring circuit obtains a power supply signal received by the central processing unit, and if it is determined that the power supply signal meets a preset power supply requirement, the method sends a first control signal to the security chip and the control circuit, and includes the following steps:
the monitoring circuit acquires a power supply signal received by the central processing unit, and if the power supply signal is determined to meet the preset power supply requirement and the monitoring circuit does not monitor the reset signal, the monitoring circuit sends a first control signal to the safety chip and the control circuit.
For example, in this embodiment, the monitoring circuit may be configured to monitor the power supply signal and the reset signal at the same time, and send a first control signal to the security chip and the control circuit when the power supply signal is monitored to meet the preset power supply requirement and no reset signal is generated, where the first control signal is used to indicate that the central processing unit can normally operate. In this embodiment, the reset signal monitored by the monitoring circuit may be specifically divided into two cases, where one case is that the electronic device further includes a watchdog circuit, where the watchdog circuit may receive a signal sent by the central processing unit to periodically clear a counter in the watchdog circuit, and if the counter in the watchdog circuit is not cleared for a long time and overflows, the monitoring circuit may monitor the reset signal output by the watchdog circuit at this time. In another aspect, the monitoring circuit may be configured to monitor a state of a reset button of the electronic device, and monitor the reset signal when the reset button is detected to be manually activated.
In some embodiments, when the monitoring circuit is configured to monitor the reset signal and the power supply signal, if the monitoring circuit determines that the power supply signal meets the preset power supply requirement, but the monitoring circuit monitors the reset signal, the monitoring circuit sends a third control signal to the security chip and the control circuit to indicate that the current central processing unit is unavailable. Then, the above steps S302-S305 are executed, so as to control the central processing unit to be in the reset state, and make the switching chip communicate the security chip and the memory. And repeatedly executing the step of monitoring the reset signal and the power supply signal by the monitoring circuit and the subsequent steps until the monitoring circuit monitors that no reset signal exists and the power supply signal meets the preset power supply requirement.
Further, on the basis of the above embodiment, after the monitoring circuit monitors the reset signal, if the monitoring circuit further monitors that there is no reset signal, at this time, the monitoring circuit sends a first control signal to the security chip and the control circuit, and further executes the steps of steps S104 to S109, the start firmware is verified by the security chip, and after the verification of the start firmware is completed, the reset state of the central processing unit is removed (that is, the central processing unit keeps the initialized state after entering the initialized state according to the received reset signal until the reset state of the security chip is removed, the central processing unit can normally operate), so that the central processing unit executes the start firmware, and further, the normal start of the system is realized.
For example, in practical applications, fig. 7 is a schematic structural diagram of another electronic device provided in the embodiment of the present application, which is used for implementing the method provided in the embodiment. As shown in the figure, on the basis of the structure shown in fig. 4, the monitoring circuit in the electronic device in this embodiment specifically includes a first monitoring module, a second monitoring module, a third monitoring module, and a first and gate circuit, and output ends of the first monitoring module, the second monitoring module, and the third monitoring module are respectively connected to an input end of the first and gate circuit. And the electronic equipment also comprises a watchdog circuit. The first monitoring module is used for outputting a high level signal when monitoring that the power supply signal meets a preset condition, and otherwise, outputting a low level signal. The second monitoring module is used for monitoring the reset button, if the reset button is triggered, a low level signal (namely, a reset signal) is output, and otherwise, a high level signal is output. The third monitoring module is used for outputting a low level signal (namely a reset signal) if the watchdog circuit outputs the reset signal when monitoring the watchdog circuit, otherwise outputting a high level signal. In the monitoring circuit, an output signal of the first and circuit is used as an output signal of the monitoring circuit. In addition, the control circuit in this embodiment may include a second and circuit, an input end of the second and circuit is connected to the output end of the monitoring circuit and the output end of the security chip, respectively, and an output end of the second and circuit is connected to a Reset (RST) port of the central processing unit.
The specific trusted starting method mainly comprises the following steps:
when the monitoring circuit outputs a low level signal, that is, the third control signal in the above embodiment, it indicates that the power supply signal does not meet the preset condition at this time, or the watchdog circuit outputs a reset signal or the second monitoring module outputs a reset signal, and at this time, the GPI interface of the security chip connected to the output end of the monitoring circuit and one input end of the second and gate circuit in the control circuit detect the low level signal. At this time, the security chip outputs a low level signal (i.e., at this time, the low level signal serves as the fourth control signal in the above-described embodiment) to the control circuit connected to the GPO interface through the GPO interface thereof based on the low level signal (i.e., the third control signal in the above-described embodiment). The second and circuit of the control circuit outputs a low level signal to clamp down the RST interface of the central processing unit connected with the output end of the control circuit based on the low level signal (i.e., the third control signal) output by the monitoring circuit and the low level signal (i.e., the fourth control signal) output by the safety chip, so that the central processing unit is in a reset state. And the GPO interface of the security chip outputs a low level signal and also outputs the low level signal to the control end of the switching chip connected to the GPO interface (at this time, the low level signal output by the security chip is used as the second switching instruction), so that the switching chip controls the security chip to communicate with the memory.
When the monitoring circuit outputs a high level signal (i.e., a first control signal), it indicates that the power supply signal at this time meets a preset condition, and neither the second monitoring module nor the watchdog circuit generates a reset signal, then the security chip starts to verify the start firmware acquired from the memory based on the high level signal output by the monitoring circuit, and if the verification is successful, the GPO of the security chip outputs the high level signal (i.e., the high level signal is respectively used as the first switching instruction and the second control signal) to the control end of the switching chip connected to the port and the input end of the second and gate circuit in the control circuit. The switching chip is communicated with the central processing unit and the address channel of the memory based on a high level signal output by the GPO of the safety chip. And a second AND gate circuit in the control circuit outputs a high-level signal to an RST port of the central processing unit based on a high-level signal output by the safety chip GPO and a high-level signal output by the monitoring circuit, so that the central processing unit is released from a reset state, and reads and runs the starting firmware. After the starting firmware is operated, the central processing unit reads the kernel file, the kernel file is transmitted to the safety chip through a high-speed bus connected between the central processing unit and the safety chip, the safety chip checks the received kernel file, if the check is passed, a first check result is sent to the central processing unit through the high-speed bus, and then the central processing unit can start the kernel file, so that trusted starting is achieved.
In some embodiments, the security chip in the electronic device provided by the present application may also be used to encrypt and decrypt data. Specifically, the secure chip may receive an encryption request sent by the central processing unit, where the encryption request includes data to be encrypted and a password input by a user. And the security chip encrypts the data to be encrypted according to a preset encryption algorithm to generate a corresponding key and the encrypted data. And the security chip can also be used for receiving a decryption request sent by the central processing unit, the security chip verifies the key input in the decryption request and the pre-generated key, and if the verification is passed, the decryption operation is executed to obtain decrypted data.
An embodiment of the present application provides an electronic device, including: the safety chip, the central processing unit, the inner core, the switching chip, the control circuit, the memory and the monitoring circuit; the central processing unit is connected with the kernel, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is connected with the control circuit; the switching chip is connected with the memory; wherein the content of the first and second substances,
the monitoring circuit is used for acquiring a power supply signal received by the central processing unit, judging whether the power supply signal meets a preset power supply requirement, if not, controlling the central processing unit to be in a reset state by the monitoring circuit, executing the step of acquiring the power supply signal received by the central processing unit by the monitoring circuit again, judging whether the power supply signal meets the preset power supply requirement, and sending first control signals to the safety chip and the control circuit respectively until the power supply signal meets the preset power supply requirement;
the safety chip is used for reading the starting firmware stored in the memory through the switching chip based on the first control signal; the safety chip is used for verifying the starting firmware, and if the starting firmware passes the verification, the safety chip sends a first switching instruction to the switching chip so that the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction; for sending a second control signal to the control circuit;
the control circuit is used for sending a first state signal to the central processing unit based on the first control signal and the second control signal, and the first state signal is used for indicating the central processing unit to remove the reset state;
the central processing unit is used for reading and operating the starting firmware stored in the memory through the switching chip according to the first state signal, and operating the kernel to realize system starting.
In one possible implementation, the security chip is connected with the central processing unit; the central processor is specifically configured to: reading and operating the starting firmware stored in the memory through the switching chip according to the first state signal; the central processing unit acquires the kernel file and sends the kernel file to the security chip; the safety chip is specifically used for verifying the kernel file, and if the kernel file passes the verification, a first verification result is sent to the central processing unit; the central processor is specifically configured to run the kernel based on the first check result, so as to implement system startup.
In one possible implementation form of the method,
the monitoring circuit is also used for sending a third control signal to the safety chip and the control circuit if the power supply signal received by the central processing unit is determined not to meet the preset power supply requirement;
the safety chip is also used for sending a fourth control signal to the control circuit according to the third control signal so that the control circuit sends a second state instruction to the central processing unit based on the third control signal and the fourth control signal, and the second state instruction is used for indicating that the central processing unit is in a reset state; and sending a second switching instruction to the switching chip, wherein the second switching instruction is used for indicating to turn off the address channel between the central processing unit and the memory and communicating the address channel between the security chip and the memory.
In a possible implementation manner, the monitoring circuit is specifically configured to send a first control signal to the security chip and the control circuit if it is determined that the power supply signal meets the preset power supply requirement and the monitoring circuit does not monitor a reset signal, where the reset signal is used to control the central processing unit to be in a reset state.
In a possible implementation manner, the monitoring circuit is further configured to send a third control signal to the security chip and the control circuit if it is determined that the power supply signal meets the preset power supply requirement and the monitoring circuit monitors the reset signal.
In a possible implementation manner, the monitoring circuit is configured to obtain a power supply signal received by the central processing unit, send a third control signal to the safety chip and the control circuit if it is determined that the power supply signal meets a preset power supply requirement and the monitoring circuit monitors the reset signal, and send a first control signal to the safety chip and the control circuit if it is determined that the power supply signal meets the preset power supply requirement and the monitoring circuit does not monitor the reset signal.
In a possible implementation manner, when the security chip is connected to the switching chip and the control circuit respectively, the following connection manner may be adopted: the general output interface on the security chip is connected with the control end of the switching chip and also connected with the control circuit, and the electronic device corresponding to the implementation manner can refer to the corresponding structure of fig. 3.
In a possible implementation manner, when the monitoring circuit is connected to the security chip, the monitoring circuit may be connected to the general input interface on the security chip, and the electronic device corresponding to this implementation manner may refer to the corresponding structure of fig. 3.
In a possible implementation manner, when the control circuit is connected to the central processing unit, an output terminal of the control circuit may be connected to a reset port of the central processing unit, and the electronic device corresponding to this implementation manner may refer to the corresponding structure of fig. 3.
The apparatus provided in this embodiment is used to implement the technical solution provided by the above method, and the implementation principle and the technical effect are similar and will not be described again.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (10)
1. A trusted starting method of an operating system is applied to an electronic device, and the electronic device comprises the following steps: the safety chip, the central processing unit, the inner core, the switching chip, the control circuit, the memory and the monitoring circuit; the central processing unit is connected with the inner core, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is also connected with the control circuit; the switching chip is also connected with the memory; the method comprises the following steps:
the monitoring circuit acquires a power supply signal received by the central processing unit, judges whether the power supply signal meets a preset power supply requirement, controls the central processing unit to be in a reset state if the power supply signal does not meet the preset power supply requirement, executes the step of acquiring the power supply signal received by the central processing unit by the monitoring circuit again, judges whether the power supply signal meets the preset power supply requirement, and respectively sends first control signals to the safety chip and the control circuit until the power supply signal meets the preset power supply requirement;
the safety chip reads the starting firmware stored in the memory through the switching chip based on the first control signal;
the safety chip checks the starting firmware, and if the starting firmware passes the checking, the safety chip sends a first switching instruction to the switching chip so that the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction;
the safety chip sends a second control signal to the control circuit, so that the control circuit sends a first state signal to the central processing unit based on the first control signal and the second control signal, wherein the first state signal is used for indicating the central processing unit to release a reset state;
and the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal, and runs the kernel to realize system starting.
2. The method of claim 1, wherein the secure chip is connected to the central processor; the central processing unit reads and runs the startup firmware stored in the memory through the switching chip according to the first state signal, and runs the kernel to realize system startup, and the method comprises the following steps:
the central processing unit reads and runs the starting firmware stored in the memory through the switching chip according to the first state signal;
the central processing unit acquires a kernel file and sends the kernel file to the security chip;
the safety chip is used for verifying the kernel file, and if the kernel file passes the verification, a first verification result is sent to the central processing unit;
and the central processing unit operates the inner core based on the first verification result to realize system startup.
3. The method of claim 1, wherein if the predetermined power requirement is not met, the monitoring circuit controls the cpu to be in a reset state, comprising:
if the monitoring circuit determines that the power supply signal received by the central processing unit does not meet the preset power supply requirement, a third control signal is sent to the safety chip and the control circuit;
the safety chip sends a fourth control signal to the control circuit according to the third control signal so that the control circuit sends a second state instruction to the central processing unit based on the third control signal and the fourth control signal, wherein the second state instruction is used for indicating that the central processing unit is in a reset state; and sending a second switching instruction to the switching chip, wherein the second switching instruction is used for indicating to turn off the address channel between the central processing unit and the memory and communicating the address channel between the security chip and the memory.
4. The method according to claim 3, wherein if the power supply signal meets a preset power supply requirement, sending a first control signal to the security chip and the control circuit respectively comprises:
and if the monitoring circuit determines that the power supply signal meets the preset power supply requirement and the monitoring circuit does not monitor a reset signal, the monitoring circuit sends the first control signal to the safety chip and the control circuit, and the reset signal is used for controlling the central processing unit to be in a reset state.
5. The method of claim 4, further comprising:
and if the monitoring circuit determines that the power supply signal meets the preset power supply requirement and monitors a reset signal, the monitoring circuit sends the third control signal to the safety chip and the control circuit.
6. The method according to claim 5, wherein the monitoring circuit obtains a power supply signal received by the central processing unit, and if it is determined that the power supply signal meets a preset power supply requirement and the monitoring circuit monitors a reset signal, the monitoring circuit sends the third control signal to the security chip and the control circuit, and thereafter, the method further comprises:
the monitoring circuit acquires a power supply signal received by the central processing unit, and if the power supply signal is determined to meet a preset power supply requirement and the monitoring circuit does not monitor a reset signal, the monitoring circuit sends the first control signal to the safety chip and the control circuit.
7. An electronic device, comprising: the safety chip, the central processing unit, the inner core, the switching chip, the control circuit, the memory and the monitoring circuit; the central processing unit is connected with the inner core, the monitoring circuit, the control circuit and the switching chip; the safety chip is connected with the switching chip, the control circuit and the monitoring circuit; the monitoring circuit is also connected with the control circuit; the switching chip is also connected with the memory; wherein the content of the first and second substances,
the monitoring circuit is used for acquiring a power supply signal received by the central processing unit, judging whether the power supply signal meets a preset power supply requirement, if not, controlling the central processing unit to be in a reset state by the monitoring circuit, executing the step of acquiring the power supply signal received by the central processing unit by the monitoring circuit again, judging whether the power supply signal meets the preset power supply requirement, and sending first control signals to the safety chip and the control circuit respectively until the power supply signal meets the preset power supply requirement;
the safety chip is used for reading the starting firmware stored in the memory through the switching chip based on the first control signal; the starting firmware is verified, if the starting firmware passes the verification, the safety chip sends a first switching instruction to the switching chip, so that the switching chip is communicated with an address access channel between the central processing unit and the memory according to the first switching instruction; sending a second control signal to the control circuit;
the control circuit is used for sending a first state signal to the central processing unit based on the first control signal and the second control signal, and the first state signal is used for indicating the central processing unit to release a reset state;
the central processing unit is used for reading and operating the starting firmware stored in the memory through the switching chip according to the first state signal, and operating the kernel to realize system starting.
8. The electronic device of claim 7, wherein a general purpose output interface on the security chip is connected to the control terminal of the switching chip and is further connected to the control circuit.
9. The electronic device of claim 7 or 8, wherein the monitoring circuit is connected to a universal input interface on the security chip.
10. The electronic device of claim 7, wherein the output of the control circuit is connected to a reset port of the central processing unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111676041.9A CN114329496A (en) | 2021-12-31 | 2021-12-31 | Trusted starting method of operating system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111676041.9A CN114329496A (en) | 2021-12-31 | 2021-12-31 | Trusted starting method of operating system and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114329496A true CN114329496A (en) | 2022-04-12 |
Family
ID=81023085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111676041.9A Pending CN114329496A (en) | 2021-12-31 | 2021-12-31 | Trusted starting method of operating system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114329496A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115295061A (en) * | 2022-10-09 | 2022-11-04 | 江苏华存电子科技有限公司 | Memory firmware overhauling method and system |
| CN115454517A (en) * | 2022-11-11 | 2022-12-09 | 山东云海国创云计算装备产业创新中心有限公司 | Multi-medium secure startup method, system, storage medium, device and chip |
| WO2024017332A1 (en) * | 2022-07-22 | 2024-01-25 | 华为技术有限公司 | Method for controlling component, and related apparatus |
-
2021
- 2021-12-31 CN CN202111676041.9A patent/CN114329496A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024017332A1 (en) * | 2022-07-22 | 2024-01-25 | 华为技术有限公司 | Method for controlling component, and related apparatus |
| CN115295061A (en) * | 2022-10-09 | 2022-11-04 | 江苏华存电子科技有限公司 | Memory firmware overhauling method and system |
| CN115295061B (en) * | 2022-10-09 | 2022-12-16 | 江苏华存电子科技有限公司 | Memory firmware overhauling method and system |
| CN115454517A (en) * | 2022-11-11 | 2022-12-09 | 山东云海国创云计算装备产业创新中心有限公司 | Multi-medium secure startup method, system, storage medium, device and chip |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114329496A (en) | Trusted starting method of operating system and electronic equipment | |
| US8214632B2 (en) | Method of booting electronic device and method of authenticating boot of electronic device | |
| TWI277904B (en) | Method, recording medium and system for protecting information | |
| US20180026981A1 (en) | Secure sensor data transport and processing | |
| CN102063591B (en) | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform | |
| US8533829B2 (en) | Method for monitoring managed device | |
| US20120278597A1 (en) | Compatible trust in a computing device | |
| CN105791284A (en) | Secure data transmission device and method | |
| JP5981035B2 (en) | Hardware access protection | |
| US11087000B2 (en) | Controlled starting of an electronic circuit | |
| WO2008085367A1 (en) | Trusting an unverified code image in a computing device | |
| US20200026882A1 (en) | Methods and systems for activating measurement based on a trusted card | |
| KR20120036311A (en) | Method and memory device for performing an operation on data | |
| US20150302201A1 (en) | Device and method for processing transaction request in processing environment of trust zone | |
| KR102395258B1 (en) | Method of secure booting using route switchover of boot memory bus and apparatus using the same | |
| CN106650456B (en) | Safe starting method of electronic circuit and electronic equipment | |
| CN113168474A (en) | Secure verification of firmware | |
| EP3757838A1 (en) | Warm boot attack mitigations for non-volatile memory modules | |
| CN108292340A (en) | Data are written to secure data storage equipment security during runtime | |
| CN115604315A (en) | Remote processing device and method of server and electronic equipment | |
| CN112632562B (en) | Device starting method, device management method and embedded device | |
| US20200244461A1 (en) | Data Processing Method and Apparatus | |
| JP7287115B2 (en) | Integrated circuit and integrated circuit control method | |
| CN110933057B (en) | Internet of things security terminal and security control method thereof | |
| CN110362983B (en) | Method and device for ensuring consistency of dual-domain system and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |