CN114625484A

CN114625484A - Virtualization implementation method, device, electronic equipment, medium and ARM platform

Info

Publication number: CN114625484A
Application number: CN202210334870.7A
Authority: CN
Inventors: 韩春超; 吴保锡; 许鑫
Original assignee: Suzhou Inspur Intelligent Technology Co Ltd
Current assignee: Suzhou Inspur Intelligent Technology Co Ltd
Priority date: 2022-03-31
Filing date: 2022-03-31
Publication date: 2022-06-14
Also published as: WO2023184920A1

Abstract

The application discloses a virtualization implementation method, a virtualization implementation device, electronic equipment, a readable storage medium and an ARM platform, which are applied to the technical field of computers. The method comprises the following steps: and initializing an ARM platform running a virtual machine configured with the vfTPM function in advance based on the virtualization type. When receiving a vfTPM request for a virtual machine, the instructions are encapsulated that include the virtual machine's real physical address and identifying information. And switching the running state to a trusted execution environment, calling the corresponding virtual machine trusted execution environment context to process the vfTPM request by the trusted execution environment according to the identification information, feeding back the address of the storage processing result and the virtual machine identification information, and switching the current running state to a rich execution environment. In the rich execution environment, the storage address and the identification information are obtained through analysis, and the converted storage address is sent to the corresponding virtual machine according to the identification information, so that the trusted platform virtualization based on the firmware is realized on the ARM platform.

Description

Virtualization implementation method, device, electronic equipment, medium and ARM platform

Technical Field

The present application relates to the field of computer technologies, and in particular, to a virtualization implementation method and apparatus, an electronic device, a readable storage medium, and an ARM platform.

Background

With the development of the ARM (Reduced Instruction Set Computer) technologies and the cloud computing, ARM computers have been rapidly developed in the fields of mobile devices, desktops, servers, and the like, and the ARM-based virtualization technology has also been rapidly developed in the field of cloud computing. While the ARM virtualization technology is rapidly developed, the problem of security and credibility of the ARM related technology needs to be solved urgently, and for this reason, ARM companies start from ARMv8, and divide ARM execution environments into SW (Secure World) and NW (Normal World) through TrustZone (trust zone) credibility technology. The normal world Execution Environment is also called REE (Rich Execution Environment), the secure world Execution Environment is also called TEE (Trusted Execution Environment), and the programs running in the REE are generally BIOS (Basic Input Output System)/UEFI (Unified Extensible Firmware Interface) System Firmware and normal operating systems such as Linux and Windows. The TEE side has a special operating system generally called TEEOS (Trusted operating system). For TEEOS, various vendors have different implementation manners, and generally conform to a GP standard (Global Platform standard), for example, an Open-source implementation manner of TEEOS according to the GP standard is called OPTEE (Open-source Portable execution environment). The GP standard makes explicit specification on the framework and security requirements of the TEE, and makes explicit specification and definition on the interface function, data type and data structure provided by the REE side and the interface function, data type and data structure provided by the TEE side for developers respectively.

A TPM (Trusted Platform Module), which is a secure physical chip that conforms to TPM standards and can effectively protect a computer and prevent illegal access, has unique computing resources and storage resources, thereby playing roles in isolating a physical space and preventing illegal intrusion and tampering. Based on the TrustZone technology of the ARM, the fTPM (Trusted Platform Module based on firmware) realizes the calculation and storage resources of the TPM in the TrustZone, thereby also realizing the function of physical isolation. The ARMv8 divides CPU (central processing unit) abnormal interruption into 4 layers, as shown in fig. 1, an EL0 layer is an application layer, an EL1 layer is a system layer, an EL2 layer is a virtualization layer, and an EL3 layer is a firmware layer. In the related art, the fTPM is a TA (trusted Application) running in TEEOS, and fig. 1 is a REE side on the left and a TEE side on the right. The REE side APP (Application) is a software Application running in Rich OS, which may be an operating system such as Windows, Unix, Linux, or the like. RPMB (playback Protected Memory Block) is a partition with security features provided by an EMMC (Embedded multimedia controller). The Rich OS FS (file system) is a file system provided by the Rich OS. TA at the TEE side is Trust Application which runs above TEEOS and meets GP standard; the TEEOS at the TEE side is an operating system which accords with GP specifications and can be OS or OPTEEOS provided by manufacturers; the implementation mode of the fTPM is to implement an fTPM TA (fTPM Trust Application) in the TEEOS for implementing the computing function of the TPM, use the RPMB or Rich OS FS file system as the trusted storage of the fTPM in the Rich OS, use the secure storage function of the TEE, and store the persistent data of the TPM in the secure encrypted RPMB or Rich OS FS in a read-write mode of the shared memory.

The TEE and the REE must interact through an SMC (System Management Controller) instruction of firmware/Secure Monitor of an EL3 layer, after the NS (Secure read-write) identification bit is controlled to be equal to 0 or equal to 1, the ARM CPU can enter into REE environment or TEE environment, and the switching of the operating environment and the data transmission in the whole process are processed by the firmware/Secure Monitor. The Hypervisor (virtual machine monitor) layer of the El2 layer on the REE side is a virtualization layer, and is used for converting an IPA (Internet Protocol Address, which refers to a virtual machine Physical Address of a virtual machine) of the virtual machine into a PA (Physical Address, real Physical Address), and in the existing implementation process of the fTPM, the Hypervisor layer is not used, so that virtualization is not implemented in the implementation manner of the whole fTPM, and the fTPM cannot naturally provide TPM services for the virtual machine running on the ARM Physical host. That is, the implementation manner of the fTPM in the related art can only be implemented on the ARM physical host, and cannot be used by the virtual machine on the ARM host.

In view of this, how to implement firmware-based trusted platform virtualization on the ARM platform is a technical problem that needs to be solved by those skilled in the art.

Disclosure of Invention

The application provides a virtualization implementation method and device, electronic equipment, a readable storage medium and an ARM platform, and the virtualization of a trusted platform based on firmware is implemented on the ARM platform.

In order to solve the above technical problems, embodiments of the present invention provide the following technical solutions:

an embodiment of the present invention provides a virtualization implementation method, including:

initializing an ARM platform running a target virtual machine with a vfTPM (virtual machine platform Module) function based on a virtualization type in advance;

when a target vfTPM request of the target virtual machine is received, packaging an instruction carrying a real physical address converted from a virtual physical address of the target virtual machine and identification information of the target virtual machine, and switching a current running state to a trusted execution environment;

in the trusted execution environment, calling a corresponding target virtual machine trusted execution environment context to process the target vfTPM request according to the identification information, and sending a storage address carrying a processing result and a result feedback instruction of the identification information;

packaging the result feedback instruction, and switching the current running state to a rich execution environment; in the rich execution environment, the storage address and the identification information are obtained by analyzing the result feedback instruction, and the converted storage address is sent to the target virtual machine according to the identification information.

Optionally, after the invoking of the corresponding target virtual machine trusted execution environment context to process the target vfTPM request, the method further includes:

and storing the processing result into a shared memory.

Optionally, the initializing, based on the virtualization type, an ARM platform running a target virtual machine configured with a vfTPM function includes:

powering on an ARM platform, and loading a target firmware and a trusted execution environment operating system of the ARM platform;

when the trusted execution environment operating system is started, configuring a memory for the trusted execution environment operating system and carrying out memory initialization processing;

and initializing the rich execution environment based on the virtualization type of the target virtual machine.

Optionally, the configuring a memory for the trusted execution environment operating system and performing memory initialization processing includes:

dividing the memory of the trusted execution environment operating system into an operation memory and a virtual request execution memory; the running memory is used for processing a bottom layer request, and the virtual request execution memory is used for processing a vfTPM request of a virtual machine;

in a flash memory chip, configuring a special memory for realizing the function of the vfTPM for the trusted execution environment operating system;

and loading a storage driver into the trusted execution environment operating system, initializing the private memory by using the storage driver, and partitioning the private memory.

Optionally, the initializing a rich execution environment based on the virtualization type to which the target virtual machine belongs includes:

and if the target virtual machine adopts a QEMU KVM virtualization technology, loading the rich execution environment operating system.

if the target virtual machine adopts the Xen virtualization technology, starting a BIOS and starting a Xen virtualized image file at the same time;

in the starting process, taking a virtual machine monitor as a virtual machine with a preset identifier, and distributing a corresponding virtual machine trusted execution environment instance and a virtual machine trusted execution environment context for the virtual machine monitor;

loading a vfTPM trusted application through the virtual machine trusted execution environment instance; in the loading process of the vfTPM trusted application, reading and writing the special memory by using the storage driver, and allocating a special storage area for the Xen virtual machine monitor in the special memory;

and returning the processing result of the vfTPM request of the virtual machine monitor to the virtual machine monitor, and starting the virtual machine monitor.

Optionally, before receiving the vfTPM request of the target virtual machine, the method further includes:

the rich execution environment issues a virtual machine creation instruction, and corresponding identification information is distributed to the target virtual machine with the vfTPM function;

packaging the identification information and the virtual machine creating instruction, and switching the current running state to the trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system allocates a target virtual machine trusted execution environment context, a target virtual machine trusted execution environment instance and a memory space for the target virtual machine based on the virtual machine creation instruction; loading a vfTPM trusted application through the target virtual machine trusted execution environment instance, starting a TPM, and initializing the memory space and the vfTPM of the target virtual machine;

and packaging the initialization result of the vfTPM of the target virtual machine and the identification information, and switching the current running state to the rich execution environment so as to complete the creation operation of the target virtual machine in the rich execution environment based on the initialization result.

Optionally, the initializing the memory space includes:

if the target virtual machine has a corresponding target storage space in a flash memory chip, allocating the target storage space to a vfTPM function of the target virtual machine;

if the target virtual machine has a corresponding storage partition in a flash memory chip, when the residual storage space of the flash memory chip is larger than a preset space threshold, distributing a target storage space for the vfTPM function of the target virtual machine through a storage driver;

binding the target storage space with the identification information;

wherein the target storage space is used as NVRAM of the vfTPM of the target virtual machine; and the read-write function of the target storage space is executed in the trusted execution environment by the target virtual machine.

Optionally, after the initializing process is performed on the ARM platform running the target virtual machine configured with the vfTPM function, the method further includes:

when a virtual machine destroying instruction is received, in the rich execution environment, obtaining a destroying identifier of the virtual machine to be destroyed by analyzing the virtual machine destroying instruction;

packaging the parameterized virtual machine destruction instruction and the destruction identification, and switching the current running state to be the trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system sends the virtual machine destruction instruction to a destruction virtual machine trusted execution environment instance corresponding to the virtual machine to be destroyed based on the destruction identification; the destroying virtual machine trusted execution environment instance deletes the destroying virtual machine trusted execution environment context and deletes the storage partition of the to-be-destroyed virtual machine corresponding to the flash memory chip; feeding back a virtual machine destruction completion instruction carrying the destruction identification;

packaging the parameterized virtual machine destruction completion instruction and the destruction identification, and switching the current running state to the rich execution environment;

and deleting the virtual machine to be destroyed in the rich execution environment according to the virtual machine destruction completion instruction and the destruction identifier.

Optionally, after the initialization processing is performed on the ARM platform running the target virtual machine configured with the vfTPM function, the method further includes:

when a virtual machine closing instruction is received, in the rich execution environment, a closing identifier of the virtual machine to be closed is obtained by analyzing the virtual machine closing instruction;

packaging the parameterized virtual machine closing instruction and the closing identifier, and switching the current running state into the trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system sends the virtual machine closing instruction to a virtual machine trusted execution environment closing instance corresponding to the virtual machine to be closed based on the closing identifier; the virtual machine trusted execution environment closing instance deletes the virtual machine trusted execution environment closing context and updates the vfTPM of the virtual machine closing in the trusted execution environment; feeding back a virtual machine closing completion instruction carrying the closing identifier;

encapsulating the parameterized virtual machine closing completion instruction and the closing identifier, and switching the current running state into the rich execution environment;

and in the rich execution environment, closing the virtual machine to be closed according to the virtual machine closing completion instruction and the closing identifier.

Another aspect of the embodiments of the present invention provides a virtualization implementation apparatus, including:

the initialization processing module is used for initializing an ARM platform running a target virtual machine with a vfTPM configuration function based on a virtualization type in advance;

the virtualization request issuing module is used for packaging an instruction carrying a real physical address converted from a virtual physical address of the target virtual machine and identification information of the target virtual machine when receiving a target vfTPM request of the target virtual machine, and switching a current running state to a trusted execution environment;

the virtualization request processing module is used for calling a corresponding target virtual machine trusted execution environment context to process the target vfTPM request in the trusted execution environment according to the identification information and sending a storage address carrying a processing result and a result feedback instruction of the identification information;

the processing result feedback module is used for packaging the result feedback instruction and switching the current running state to a rich execution environment; in the rich execution environment, the storage address and the identification information are obtained by analyzing the result feedback instruction, and the converted storage address is sent to the target virtual machine according to the identification information.

An embodiment of the present invention further provides an electronic device, which includes a processor, and the processor is configured to implement the steps of the virtualization implementation method according to any one of the foregoing embodiments when executing the computer program stored in the memory.

An embodiment of the present invention further provides a readable storage medium, where a computer program is stored on the readable storage medium, and when being executed by a processor, the computer program implements the steps of the virtualization implementing method according to any one of the foregoing embodiments.

The embodiment of the present invention finally provides an ARM platform, which is used for implementing the steps of the virtualization implementation method described in any one of the above when executing a computer program, and includes an application layer, a system layer, a virtualization layer, and a firmware layer;

the application layer comprises a plurality of virtual machine application programs located in the rich execution environment and a trusted application set located in the trusted execution environment, wherein the trusted application set comprises trusted applications for realizing the vfTPM function;

the system layer comprises a host processing module located in the rich execution environment and a trusted management module located in the trusted execution environment;

the virtualization layer comprising a virtual machine monitor located in the rich execution environment;

the firmware layer comprises a firmware processing module, and the firmware processing module is used for receiving instructions of the host machine processing module, the virtual machine monitor and the trusted management module; and executing the switching of the running state, and forwarding the virtual machine identification information in the received instruction in the process of executing the switching of the running state.

The technical scheme provided by the application has the advantages that the ARM platform is initialized correspondingly for different virtualization technologies, so that the realization of various virtualization technologies of the ARM platform can be supported. After receiving a vfTPM request issued by an upper layer virtual machine, the rich execution environment encapsulates a real physical address converted by the virtual machine and an identifier of the virtual machine so as to be processed when switching to a trusted execution environment. After the state is switched, the trusted execution environment calls the matched virtual machine context to process the request based on the identifier, the request processing result and the identifier are packaged again, and after the state is switched to the rich execution environment, the rich execution environment sends the vfTPM request processing result to the virtual machine, so that the support of the fTPM on the ARM platform for the virtual machine is realized, the research and development cost can be saved, and the safety of cloud computing products can be improved.

In addition, the embodiment of the invention also provides a corresponding implementation device, electronic equipment, a readable storage medium and an ARM platform aiming at the virtualization implementation method, so that the method has higher practicability, and the device, the electronic equipment, the readable storage medium and the ARM platform have corresponding advantages.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions of the related art, the drawings required to be used in the description of the embodiments or the related art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.

Fig. 1 is a schematic diagram of a framework of an exemplary application scenario in the related art according to an embodiment of the present invention;

fig. 2 is a schematic flowchart of a virtualization implementation method according to an embodiment of the present invention;

fig. 3 is a structural diagram of a specific embodiment of a virtualization implementing device according to an embodiment of the present invention;

fig. 4 is a block diagram of an embodiment of an electronic device according to the present invention;

fig. 5 is a structural diagram of an embodiment of an ARM platform according to the present invention;

fig. 6 is a structural diagram of another embodiment of an ARM platform according to an embodiment of the present invention;

fig. 7 is a structural diagram of a specific implementation of a trusted management module according to an embodiment of the present invention;

fig. 8 is a flowchart illustrating an ARM platform initialization method according to an embodiment of the present invention;

fig. 9 is a schematic flowchart of a virtual machine creation method according to an embodiment of the present invention;

fig. 10 is a schematic diagram illustrating a flow of a vfTPM request and a response according to an embodiment of the present invention;

fig. 11 is a schematic view of a flow of destroying and closing a virtual machine according to an embodiment of the present invention.

Detailed Description

In order that those skilled in the art will better understand the disclosure, reference will now be made in detail to the embodiments of the disclosure as illustrated in the accompanying drawings. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The terms "first," "second," "third," "fourth," and the like in the description and claims of this application and in the foregoing drawings are used for distinguishing between different objects and not necessarily for describing a particular sequential order. Furthermore, the terms "comprising" and "having," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may include other steps or elements not expressly listed.

Having described the technical solutions of the embodiments of the present invention, various non-limiting embodiments of the present application are described in detail below.

Referring to fig. 2, fig. 2 is a flowchart illustrating a virtualization implementation method according to an embodiment of the present invention, where the embodiment of the present invention is applied to an ARM platform, and based on a TrustZone trusted technology, an ARM execution environment may include a trusted execution environment and a rich execution environment, and the ARM execution environment may be switched to be in the trusted execution environment or in the rich execution environment by changing a value of an NS bit through an SMC instruction. For example, NS of the trusted execution environment is 0 and NS of the rich execution environment is 1. The virtual machine is deployed in a rich execution environment, the fTPM which realizes the calculation and storage resources of the TPM in the TrustZone runs in one trusted application TA in the trusted execution environment, the trusted execution environment comprises a plurality of TAs, namely the trusted execution environment comprises a plurality of fTPM instances, the calculation function and the realization of the vfTPM of the virtual machine depend on the fTPM, namely the vfTPM request processing of the virtual machine is realized in the trusted execution environment. Based on this, the process from the virtual machine issuing the vfTPM request to the virtual machine receiving the processing result of the vfTPM request may include the following:

s201: and initializing an ARM platform running a target virtual machine with a vfTPM (virtual machine platform) function based on a virtualization type in advance.

In this step, the virtualization type refers to a virtualization technology supported by the ARM platform, or a virtualization platform of the ARM, and the virtualization type includes, but is not limited to, KVM (Kernel-based Virtual Machine) and Xen. And the rich execution environment issues a virtual machine creating instruction, and distributes unique identification information for each virtual machine as the information for uniquely identifying the virtual machine. Responding to the virtual machine creating instruction, the ARM platform executes creating operation at the rich execution environment and the trusted execution environment simultaneously, creates a virtual machine at an application layer of the rich execution environment, creates a virtual machine trusted execution environment instance and a trusted execution environment context corresponding to the virtual machine of the rich execution environment at the trusted execution environment, and the trusted execution environment context is used for processing a vfTPM request of the virtual machine corresponding to the rich execution environment. In order to realize the support of the fTPM on the ARM Platform for the Virtual machine, a Virtual firmware-based Trusted Platform Module (vfTPM) function needs to be configured for the Virtual machine mounted on the ARM Platform. The ARM platform can run a plurality of virtual machines, each virtual machine can be based on different virtualization types, the target virtual machine is any one virtual machine running on the ARM platform, and in order to avoid ambiguity, the embodiment refers to a virtual machine which needs to perform vfTPM calculation, that is, a virtual machine which issues a vfTPM request, as a target virtual machine. The number of the target virtual machines can be multiple or 1, which does not affect the implementation of the present application.

S202: when a target vfTPM request of a target virtual machine is received, packaging an instruction carrying a real physical address converted from a virtual physical address of the target virtual machine and identification information of the target virtual machine, and switching a current running state to a trusted execution environment.

For the ARM platform which completes initialization, any virtual machine running on the ARM platform can issue a vfTPM request to achieve the computing function of the vfTPM of the virtual machine. In the rich execution environment, the operating system of the virtual machine sends a vfTPM request, and in order to avoid ambiguity, the vfTPM request issued by the target virtual machine is referred to as a target vfTPM request in this embodiment. The operating system kernel of the virtual machine converts the vfTPM request and the virtual memory address VA of the virtual machine into a virtual machine physical address IPA considered by the virtual machine, the operating system of the rich execution environment receives the vfTPM request, the operating system of the rich execution environment converts the virtual machine physical address IPA into a real physical address, the operating system of the rich execution environment is a system layer, a functional module for realizing running state switching is located in a firmware layer, and in order to transmit the request command across layers, a parameterization processing needs to be performed on the request command, namely a command comprising the converted real physical address and identification information of a target virtual machine, namely, the command is transmitted across layers in a parameter mode through a fixed function. And after the converted real physical address and the identification information of the target virtual machine are sent to the firmware layer, the firmware layer packages the real physical address and the identification information of the target virtual machine, and after the packaging is finished, the firmware layer switches the current operating environment to a trusted execution environment by executing an SMC instruction.

S203: in the trusted execution environment, according to the identification information, calling the corresponding trusted execution environment context of the target virtual machine to process the target vfTPM request, and sending a result feedback instruction carrying a storage address of a processing result and the identification information.

After the current operating environment is switched to the trusted execution environment in the last step, the trusted execution environment acquires the packaged instruction, and obtains the real physical address of the target virtual machine and the identification information of the target virtual machine by analyzing the instruction. And acquiring a virtual machine trusted execution environment instance and a context which are distributed in a trusted execution environment when the target virtual machine is created according to the identification information, carrying out vfTPM data calculation on the target vfTPM request by calling the virtual machine trusted execution environment instance and the context to obtain a processing result, and storing the processing result. And sending the storage address for storing the processing result and the identification information of the target virtual machine to a firmware layer as a result feedback instruction, packaging the result feedback instruction after the firmware layer receives the result feedback instruction, and switching the current operating environment to a rich execution environment by the firmware layer through executing an SMC instruction after the packaging is finished. In order to improve efficiency and reduce resource efficiency, the trusted execution environment allocates a shared memory, and the processing result may be stored in the shared memory, and accordingly, the storage address of the result feedback instruction is the shared memory address.

S204: packaging the result feedback instruction, and switching the current running state to a rich execution environment; in the rich execution environment, the storage address and the identification information are obtained through the analysis result feedback instruction, and the converted storage address is sent to the target virtual machine according to the identification information.

After the operating environment is switched to the rich execution environment, the operating system of the rich execution environment acquires an encapsulated result feedback instruction, acquires a storage address and identification information by analyzing the result feedback instruction, converts the storage address into a physical address considered by the virtual machine, sends the physical address to a corresponding target virtual machine based on the identification information, converts the physical address into a virtual machine memory address by a target virtual machine kernel, and transmits the virtual machine memory address to the operating system of the target virtual machine, and the target virtual machine reads a processing result requested by the vfTPM based on the address.

In the technical scheme provided by the embodiment of the invention, different virtualization technologies are correspondingly initialized for the ARM platform, so that the realization of various virtualization technologies of the ARM platform can be supported. After receiving a vfTPM request issued by an upper layer virtual machine, the rich execution environment encapsulates a real physical address converted by the virtual machine and an identifier of the virtual machine so as to be processed when switching to a trusted execution environment. After the state is switched, the trusted execution environment calls the matched virtual machine context to process the request based on the identifier, the request processing result and the identifier are packaged again, and after the trusted execution environment is switched to the rich execution environment, the rich execution environment sends the vfTPM request processing result to the virtual machine, so that the support of the fppm on the ARM platform for the virtual machine is realized, the research and development cost can be saved, and the safety of cloud computing products can be improved.

It should be noted that, in the present application, there is no strict sequential execution order among the steps, and as long as the logical order is met, the steps may be executed simultaneously or according to a certain preset order, and fig. 2 is only an exemplary manner, and does not represent that only the execution order is the order.

The above embodiment does not limit the initialization process of the ARM platform at all, and this embodiment also provides an optional implementation manner of the initialization of the ARM platform, which may include the following contents:

and powering on the ARM platform, and loading the target firmware and the trusted execution environment operating system of the ARM platform. When the trusted execution environment operating system is started, configuring a memory for the trusted execution environment operating system and carrying out memory initialization processing; and initializing the rich execution environment based on the virtualization type of the target virtual machine.

The platform power-on process is related to the ARM chip and the firmware thereof, and the platform power-on can be carried out based on the existing process. The target Firmware refers to Firmware which needs to be started in the initialization process of the ARM platform, such as starting a TrustZone function and loading a Firmware/Secure Monitor Firmware management module.

In the prior art, the persistent storage of the fTPM is usually stored on the REE side, which increases security risk, and in order to further improve security performance, the storage of the fTPM can be stored in a special flash memory, so that the fTPM can only be read in the TEE. Correspondingly, the process of configuring the memory and performing the memory initialization processing on the operating system of the trusted execution environment may include:

dividing a memory of a trusted execution environment operating system into an operation memory and a virtual request execution memory; in a flash memory chip, configuring a special memory for realizing the function of the vfTPM for a trusted execution environment operating system; and loading the storage driver into the trusted execution environment operating system, initializing the private memory by using the storage driver, and partitioning the private memory.

In this embodiment, the run memory is used for processing the bottom layer request, and the run memory is responsible for processing the bottom layer implementation, such as SMC instruction processing, memory management, thread management, and the like. The virtual request execution memory is used for processing a vfTPM request of the virtual machine, namely, is responsible for functions of processing a specific request, loading a TA, executing the TA, and the like. The special memory is used for storing data of the vfTPM, if the special memory is large enough, each virtual machine has a corresponding partition to store own data of the vfTPM, and a storage interval can be allocated in the special memory for each virtual machine in advance, namely, the special memory is partitioned.

The initialization process flow of the rich execution environment is different for different virtualization types, for example, for Xen, the hypervisor can be used as a virtual machine, so that the hypervisor needs to be used as a virtual machine to perform corresponding initialization process in the initialization process. The present embodiment provides an initialization procedure of the rich execution environment for KVM and Xen, which may include the following steps:

and if the target virtual machine adopts the QEMU KVM virtualization technology, loading the rich execution environment operating system.

If the target virtual machine adopts the Xen virtualization technology, starting a BIOS and starting a Xen virtualized image file at the same time; in the starting process, taking a virtual machine monitor as a virtual machine with a preset identifier, and distributing a corresponding virtual machine trusted execution environment instance and a virtual machine trusted execution environment context for the virtual machine monitor; loading a vfTPM trusted application through a virtual machine trusted execution environment instance; in the loading process of the trusted application of the vfTPM, a storage driver is used for reading and writing the private memory, and a private storage area is allocated to the Xen virtual machine monitor in the private memory; and returning the processing result of the vfTPM request of the virtual machine monitor to the virtual machine monitor, and starting the virtual machine monitor.

Inevitably, the ARM platform needs to create a virtual machine, and the above embodiment does not limit the creation of the virtual machine, and the present application also provides an alternative creation manner of the virtual machine, which may include the following:

issuing a virtual machine creation instruction in a rich execution environment, and distributing corresponding identification information for a target virtual machine configured with a vfTPM function;

packaging the identification information and the virtual machine creating instruction, and switching the current running state to a trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system allocates a target virtual machine trusted execution environment context, a target virtual machine trusted execution environment instance and a memory space for the target virtual machine based on the virtual machine creation instruction; loading a vfTPM trusted application through a target virtual machine trusted execution environment instance, starting a TPM, and initializing a memory space and a vfTPM of a target virtual machine;

and packaging the initialization result and the identification information of the vfTPM of the target virtual machine, and switching the current running state to the rich execution environment so as to complete the creation operation of the target virtual machine in the rich execution environment based on the initialization result.

Further, in order to improve the security performance, aiming at the security risk existing in the prior art that the persistent storage of the fTPM is stored on the REE side, the storage of the fTPM can be stored on a special flash memory, so that the fTPM can only be read in the TEE. Correspondingly, the implementation process of initializing the memory space in the virtual machine creation process may include:

if the target virtual machine has a corresponding target storage space in the flash memory chip, allocating the target storage space to the vfTPM function of the target virtual machine; if the target virtual machine has a corresponding storage partition in the flash memory chip, when the residual storage space of the flash memory chip is larger than a preset space threshold value, distributing a target storage space for the vfTPM function of the target virtual machine through a storage driver; and binding the target storage space with the identification information.

The target storage space is used as NVRAM of the vfTPM of the target virtual machine; and the read-write function of the target storage space is executed by the target virtual machine in the trusted execution environment. The preset spatial threshold value can be flexibly selected according to the actual application scene, and the method is not limited in any way. By partitioning on the flash memory chip, a partition is provided for each virtual machine's vfTPM for NVRAM storage. As a flash driver on TEEOS, the method sets the permission for reading and writing the flash, can be operated only on the TEE side, and can operate a flash partition corresponding to the virtual machine identifier, namely a target storage space, only by the virtual machine, thereby effectively improving the overall safety performance.

In an actual application scenario, after the virtual machine is created, the virtual machine is not always in a running state, and the virtual machine is set to be in the running state or the created virtual machine is destroyed according to actual requirements, so as to improve the practicability and improve the user experience, based on the above embodiment, the present application further provides a virtual machine destruction implementation method, which may include the following contents:

when a virtual machine destruction instruction is received, in a rich execution environment, obtaining a destruction identifier of the virtual machine to be destroyed by analyzing the virtual machine destruction instruction;

packaging the parameterized virtual machine destruction instruction and the destruction identifier, and switching the current running state into a trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system sends a virtual machine destruction instruction to a virtual machine trusted execution environment instance to be destroyed, wherein the virtual machine destruction instruction corresponds to the virtual machine to be destroyed; deleting the context of the trusted execution environment of the destroyed virtual machine and deleting the storage partition of the virtual machine to be destroyed, which corresponds to the flash memory chip; feeding back a virtual machine destruction completion instruction carrying the destruction identification;

packaging the parameterized virtual machine destruction completion instruction and the destruction identifier, and switching the current running state to be a rich execution environment;

and deleting the virtual machine to be destroyed in the rich execution environment according to the virtual machine destruction completion instruction and the destruction identification.

In this embodiment, in order to avoid ambiguity, a virtual machine that needs to be destroyed is referred to as a virtual machine to be destroyed, and identification information of the virtual machine to be destroyed is referred to as a destruction identification. The virtual machine instance and the context of the virtual machine to be destroyed, which correspond to the trusted execution environment, are called as a virtual machine trusted execution environment instance, and the virtual machine trusted execution environment context is destroyed.

In an actual application scenario, after the virtual machine is created, the virtual machine is not always in an operating state, and the virtual machine is set to be in an operating state or a closed state according to actual requirements, so as to improve the practicability and improve the user experience, based on the above embodiment, the present application further provides an implementation manner for closing the virtual machine, which may include the following contents:

when a virtual machine closing instruction is received, in a rich execution environment, obtaining a closing identifier of the virtual machine to be closed by analyzing the virtual machine closing instruction;

packaging the parameterized virtual machine closing instruction and the closing identifier, and switching the current running state into a trusted execution environment;

in the trusted execution environment, the trusted execution environment operating system sends a virtual machine closing instruction to a virtual machine closing trusted execution environment instance corresponding to the virtual machine to be closed based on the closing identifier; closing the virtual machine trusted execution environment instance, deleting the context of the virtual machine trusted execution environment, and updating and closing the vfTPM of the virtual machine in the trusted execution environment; feeding back a virtual machine closing completion instruction carrying a closing identifier;

packaging the parameterized virtual machine closing completion instruction and the closing identifier, and switching the current running state into a rich execution environment;

In this embodiment, in order to avoid ambiguity, a virtual machine that needs to be closed is referred to as a virtual machine to be closed, and identification information of the virtual machine to be closed is referred to as a closing identification. The virtual machine instance and the context of the virtual machine to be closed, which correspond to the trusted execution environment, are called as a virtual machine trusted execution environment instance, and the virtual machine trusted execution environment context is closed.

The embodiment of the invention also provides a corresponding device for the virtualization implementation method, so that the method has higher practicability. Wherein the means can be described separately from the functional module point of view and the hardware point of view. In the following, the virtualization implementation apparatus provided in the embodiment of the present invention is introduced, and the virtualization implementation apparatus described below and the virtualization implementation method described above may be referred to correspondingly.

Based on the angle of the functional module, referring to fig. 3, fig. 3 is a structural diagram of a virtualization implementation apparatus according to an embodiment of the present invention, where the apparatus may include:

the initialization processing module 301 is configured to initialize an ARM platform running a target virtual machine configured with a vfTPM function in advance based on a virtualization type;

a virtualization request issuing module 302, configured to encapsulate, when receiving a target vfTPM request of a target virtual machine, an instruction carrying a real physical address converted from a virtual physical address of the target virtual machine and identification information of the target virtual machine, and switch a current operating state to a trusted execution environment;

the virtualization request processing module 303 is configured to, in the trusted execution environment, invoke a corresponding context of the trusted execution environment of the target virtual machine to process the target vfTPM request according to the identification information, and send a result feedback instruction carrying a storage address of a processing result and the identification information;

a processing result feedback module 304, configured to encapsulate the result feedback instruction and switch the current operating state to a rich execution environment; in the rich execution environment, the storage address and the identification information are obtained through the analysis result feedback instruction, and the converted storage address is sent to the target virtual machine according to the identification information.

Optionally, in some embodiments of this embodiment, the apparatus may further include a storage module, configured to store the processing result in the shared memory.

Optionally, in other embodiments of this embodiment, the initialization processing module 301 may further include: the ARM platform is powered on, and target firmware and a trusted execution environment operating system of the ARM platform are loaded; when the trusted execution environment operating system is started, configuring a memory for the trusted execution environment operating system and carrying out memory initialization processing; and initializing the rich execution environment based on the virtualization type of the target virtual machine.

As an optional implementation manner of the foregoing embodiment, the initialization processing module 301 may be further configured to: dividing a memory of a trusted execution environment operating system into an operation memory and a virtual request execution memory; the running memory is used for processing the bottom layer request, and the virtual request execution memory is used for processing the vfTPM request of the virtual machine; in a flash memory chip, configuring a special memory for realizing the function of the vfTPM for a trusted execution environment operating system; and loading the storage driver into the trusted execution environment operating system, initializing the private memory by using the storage driver, and partitioning the private memory.

As another optional implementation manner of the foregoing embodiment, the initialization processing module 301 may be further configured to: and if the target virtual machine adopts the QEMU KVM virtualization technology, loading the rich execution environment operating system.

As yet another optional implementation manner of the foregoing embodiment, the initialization processing module 301 may be further configured to: if the target virtual machine adopts the Xen virtualization technology, starting a BIOS and starting a Xen virtualized image file at the same time; in the starting process, taking a virtual machine monitor as a virtual machine with a preset identifier, and distributing a corresponding virtual machine trusted execution environment instance and a virtual machine trusted execution environment context for the virtual machine monitor; loading a vfTPM trusted application through a virtual machine trusted execution environment instance; in the loading process of the trusted application of the vfTPM, a storage driver is used for reading and writing the private memory, and a private storage area is allocated to the Xen virtual machine monitor in the private memory; and returning the processing result of the vfTPM request of the virtual machine monitor to the virtual machine monitor, and starting the virtual machine monitor.

Optionally, in some other embodiments of this embodiment, the apparatus may further include a virtual machine creation module, for example, configured to issue a virtual machine creation instruction in the rich execution environment, and allocate corresponding identification information to the target virtual machine configured with the vfTPM function; packaging the identification information and the virtual machine creating instruction, and switching the current running state to a trusted execution environment; in the trusted execution environment, the trusted execution environment operating system allocates a target virtual machine trusted execution environment context, a target virtual machine trusted execution environment instance and a memory space for the target virtual machine based on the virtual machine creation instruction; loading a vfTPM trusted application through a target virtual machine trusted execution environment instance, starting a TPM, and initializing a memory space and a vfTPM of a target virtual machine; and packaging the initialization result and the identification information of the vfTPM of the target virtual machine, and switching the current running state to the rich execution environment so as to complete the creation operation of the target virtual machine in the rich execution environment based on the initialization result.

As an optional implementation manner of the foregoing embodiment, the virtual machine creation module may be further configured to: if the target virtual machine has a corresponding target storage space in the flash memory chip, allocating the target storage space to the vfTPM function of the target virtual machine; if the target virtual machine has a corresponding storage partition in the flash memory chip, when the residual storage space of the flash memory chip is larger than a preset space threshold value, distributing a target storage space for the vfTPM function of the target virtual machine through a storage driver; binding the target storage space with the identification information; the target storage space is used as NVRAM of the vfTPM of the target virtual machine; and the read-write function of the target storage space is executed by the target virtual machine in the trusted execution environment.

Optionally, in some other embodiments of this embodiment, the apparatus may further include a virtual machine destruction module, for example, configured to, when receiving the virtual machine destruction instruction, in the rich execution environment, obtain a destruction identifier of the virtual machine to be destroyed by analyzing the virtual machine destruction instruction; packaging the parameterized virtual machine destruction instruction and the destruction identifier, and switching the current running state into a trusted execution environment; in the trusted execution environment, the trusted execution environment operating system sends a virtual machine destruction instruction to a virtual machine trusted execution environment instance to be destroyed, wherein the virtual machine destruction instruction corresponds to the virtual machine to be destroyed; deleting the context of the trusted execution environment of the destroyed virtual machine and deleting the storage partition of the virtual machine to be destroyed, which corresponds to the flash memory chip; feeding back a virtual machine destruction completion instruction carrying the destruction identification; packaging the parameterized virtual machine destruction completion instruction and the destruction identification, and switching the current running state into a rich execution environment; and deleting the virtual machine to be destroyed in the rich execution environment according to the virtual machine destruction completion instruction and the destruction identification.

Optionally, in some other embodiments of this embodiment, the apparatus may further include, for example, a virtual machine closing module, configured to, when the virtual machine closing instruction is received, in the rich execution environment, obtain a closing identifier of the virtual machine to be closed by analyzing the virtual machine closing instruction; packaging the parameterized virtual machine closing instruction and the closing identifier, and switching the current running state into a trusted execution environment; in the trusted execution environment, the trusted execution environment operating system sends a virtual machine closing instruction to a virtual machine closing trusted execution environment instance corresponding to the virtual machine to be closed based on the closing identifier; closing the virtual machine trusted execution environment instance, deleting the context of the virtual machine trusted execution environment, and updating and closing the vfTPM of the virtual machine in the trusted execution environment; feeding back a virtual machine closing completion instruction carrying a closing identifier; packaging the parameterized virtual machine closing completion instruction and the closing identifier, and switching the current running state into a rich execution environment; and in the rich execution environment, closing the virtual machine to be closed according to the virtual machine closing completion instruction and the closing identifier.

The functions of the functional modules of the virtualization implementing device in the embodiment of the present invention may be specifically implemented according to the method in the foregoing method embodiment, and the specific implementation process may refer to the related description of the foregoing method embodiment, which is not described herein again.

Therefore, the embodiment of the invention can realize the TPM function of the virtual machine of the ARM platform.

The virtualization implementation apparatus mentioned above is described from the perspective of a functional module, and further, the present application also provides an electronic device, which is described from the perspective of hardware. Fig. 4 is a schematic structural diagram of an electronic device provided in an embodiment of the present application in an implementation manner. As shown in fig. 4, the electronic device includes a memory 40 for storing a computer program; a processor 41, configured to implement the steps of the virtualization implementation method according to any one of the above embodiments when executing the computer program.

The processor 41 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and the processor 41 may also be a controller, a microcontroller, a microprocessor or other data processing chip, and the like. The processor 41 may be implemented in at least one hardware form of a DSP (Digital Signal Processing), an FPGA (Field-Programmable Gate Array), and a PLA (Programmable Logic Array). The processor 41 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 41 may be integrated with a GPU (Graphics Processing Unit), which is responsible for rendering and drawing the content that the display screen needs to display. In some embodiments, processor 41 may further include an AI (Artificial Intelligence) processor for processing computational operations related to machine learning.

Memory 40 may include one or more computer-readable storage media, which may be non-transitory. Memory 40 may also include high speed random access memory as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. The memory 40 may in some embodiments be an internal storage unit of the electronic device, e.g. a hard disk of a server. The memory 40 may also be an external storage device of the electronic device in other embodiments, such as a plug-in hard disk provided on a server, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 40 may also include both an internal storage unit and an external storage device of the electronic device. The memory 40 can be used for storing application software installed in the electronic device and various data, such as: the code of the program or the like that executes the vfTPM calculation processing method may also be used to temporarily store data that has been output or is to be output. In this embodiment, the memory 40 is at least used for storing a computer program 401, wherein after being loaded and executed by the processor 41, the computer program can implement the relevant steps of the virtualization implementation method disclosed in any of the foregoing embodiments. In addition, the resources stored in the memory 40 may also include an operating system 402, data 403, and the like, and the storage manner may be a transient storage or a permanent storage. Operating system 402 may include, among other things, Windows, Unix, Linux, and the like. Data 403 may include, but is not limited to, data corresponding to virtualization implementation results, and the like.

In some embodiments, the electronic device may further include a display 42, an input/output interface 43, a communication interface 44, alternatively referred to as a network interface, a power supply 45, and a communication bus 46. The display 42 and the input/output interface 43, such as a Keyboard (Keyboard), belong to a user interface, and the optional user interface may further include a standard wired interface, a wireless interface, and the like. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, as appropriate, is used for displaying information processed in the electronic device and for displaying a visualized user interface. The communication interface 44 may optionally include a wired interface and/or a wireless interface, such as a WI-FI interface, a bluetooth interface, etc., typically used to establish a communication connection between an electronic device and other electronic devices. The communication bus 46 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 4, but this does not indicate only one bus or one type of bus.

Those skilled in the art will appreciate that the configuration shown in fig. 4 is not intended to be limiting of the electronic device and may include more or fewer components than those shown, such as sensors 47, for example, to perform various functions.

The functions of the functional modules of the electronic device according to the embodiments of the present invention may be specifically implemented according to the method in the above method embodiments, and the specific implementation process may refer to the description related to the above method embodiments, which is not described herein again.

It is to be understood that, if the virtualization implementation method in the above embodiments is implemented in the form of a software functional unit and sold or used as a stand-alone product, it may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application may be substantially or partially implemented in the form of a software product, which is stored in a storage medium and executes all or part of the steps of the methods of the embodiments of the present application, or all or part of the technical solutions. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), an electrically erasable programmable ROM, a register, a hard disk, a multimedia card, a card type Memory (e.g., SD or DX Memory, etc.), a magnetic Memory, a removable magnetic disk, a CD-ROM, a magnetic or optical disk, and other various media capable of storing program codes.

Based on this, an embodiment of the present invention further provides a readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the steps of the virtualization implementation method according to any one of the above embodiments are provided.

Finally, an embodiment of the present invention provides an ARM platform, please refer to fig. 5, where the ARM platform is used for implementing the steps of the virtualization implementation method according to any one of the above embodiments when executing a computer program, and the ARM platform may include an application layer 501, a system layer 502, a virtualization layer 503, and a firmware layer 504.

The application layer 501 may include a plurality of virtual machine applications located in a rich execution environment, and a trusted application set located in a trusted execution environment, where the trusted application set includes trusted applications for implementing the vfTPM function. The system layer 502 may include a host processing module located in a rich execution environment and a trusted management module located in a trusted execution environment. The virtualization layer 503 includes a virtual machine monitor located in a rich execution environment. Firmware layer 504 may include a firmware processing module to receive instructions from a host processing module, a virtual machine monitor, and a trusted management module; the firmware layer 504 simultaneously performs the switching of the operating states and forwards the virtual machine identification information in the received instruction during the switching of the operating states.

In the embodiment, both KVM (Kernel-based Virtual Machine) and Xen virtualization technologies are supported. Based on this, the host processing module realizes the memory address conversion of the virtual machine in the KVM virtualization realization process. That is, the host processing module completes the conversion between IPA and PA, which is the implementation of stage2 in the ARM virtualization implementation. In a request stage, namely a vfTPM request stage sent by a virtual machine operating system, a request command and a converted physical memory address of the virtual machine operating system, namely gusto, are parameterized by a host processing module, namely, are transferred from a system layer to a firmware layer in a parameter form by a fixed function, and are transferred to a firmware processing module of the firmware layer 504 by a virtual machine identifier VMID.

Aiming at the stage2 translation process realized by the virtual machine monitor in ARM virtualization in the Xen virtualization realization process, the virtual machine monitor also is Hypervisor, and the IPA address is translated into the PA address. In a request stage, namely a vfTPM request stage sent by a virtual machine operating system, parameterizing request parameters and memory addresses of GuestOS through Hypervisor, and transmitting an additional VMID to a firmware processing module. Unlike KVM, the VMID of XenHypervisor is 0, representing Hypervisor itself, whose request is consistent with the virtual machine request, but it has no stage2 translation process.

The firmware processing module of the firmware layer 504 receives the request of the host processing module, the Hypervisor and the trusted management module, changes the value of the NS bit through the SMC instruction, switches the TEE or REE operating environment, and transmits and forwards the VMID incidentally received in the SMC request conversion process.

In the embodiment, the TEEOS completes the support of the TEEOS on virtualization by modifying a TEEOS operating system, the TEE side comprises a trusted management module and a trusted application set, the trusted application set comprises a plurality of trusted applications for realizing the function of the vfTPM, and each trusted application is internally provided with a fTPM module, so that a plurality of fTPM instances are operated in a trusted execution environment. The fttpm module, that is, the vfTPM module, is used as an implementation manner of an fttpm used by a virtual machine, which implements virtualization of computing and virtualization of persistent storage, and the implementation of the computing function of the vfTPM may adopt any prior art, which is not limited in this application. The trusted management module may include a storage driver and a virtual machine data processing module, where the virtual machine data processing module may be a vmContext module shown in fig. 6, the virtual machine data processing module corresponds to a virtual machine one to one, that is, one virtual machine corresponds to one virtual machine data processing module, and the module is configured to process a vfTPM request of the corresponding virtual machine, and stores a virtual machine trusted execution environment instance of the corresponding virtual machine and a context thereof. The trusted management module of this embodiment is improved on the basis of the original TEEOS, and specifically, the original TEEOS instance is divided into two parts, one part may be referred to as a running memory Nexus, and the other part may be referred to as a virtual request execution memory vm, where the running memory part is responsible for processing the implementation of the bottom layer, such as SMC instruction processing, memory management, thread management, and the like. As shown in fig. 7, in the TEE implementation process, there is one Nexus instance and multiple vm TEE instances, where one vm TEE instance corresponds to one virtual machine on the REE side, and in order to distinguish between memory processing and requests for operating the memory and virtual request execution memory, a memory processing function for operating the memory is modified in a differentiated manner, for example, processing of the Nexus instance for operating the memory may be referred to as "nex _ data", "nex _ bss", "nex _ nozi", "nex _ heap, and the like, and the vm TEE instance still uses the original memory processing request.

In this embodiment, a trusted execution environment conforming to the GP standard is modified, so that multiple fTPM instances can be run in a TrustZone to provide TPM functions for virtual machines, and the TPM functions of the virtual machines are not affected by each other, so as to achieve isolation capabilities of the virtual machines.

In order to further improve the security performance, this embodiment also provides an optional storage manner of the fTPM, that is, the storage of the fTPM is stored in a special flash memory, so that it can only be read in the TEE. Correspondingly, the storage Driver, that is, the NV Driver module shown in fig. 6, may implement a Driver for implementing a read-write problem of a special flash, where functions of flash partitioning, flash reading and writing, permission control, and the like are implemented, and an NVRAM persistent storage object is provided for the fTPM. The principle is to partition on the flash, and provide a partition for each virtual machine vfTPM for NVRAM storage. As a flash driver on TEEOS, the read-write permission of flash is set, the flash can be operated only on the TEE side, and only vm can operate a flash partition corresponding to VMID.

The functions of each functional module of the ARM platform according to the embodiments of the present invention can be specifically implemented according to the method in the embodiments of the method, and the specific implementation process thereof can refer to the related description of the embodiments of the method, which is not described herein again.

In order to make the whole technical solution more clear to those skilled in the art, based on the ARM platform architecture shown in fig. 6, the present application further provides an illustrative example in conjunction with fig. 8-11, where the illustrative example includes an initialization process of the ARM platform, a virtual machine creation process, a virtual machine request and response process, and a virtual machine destruction shutdown process, in this embodiment, the TEE OS is a trusted execution environment operating system, the NV Driver is a storage Driver, the VMID is virtual machine identification information, the vm TEE instance and the context are a virtual machine trusted execution environment instance and a virtual machine trusted execution environment instance context, vm represents a virtual machine, the RichOS represents a rich execution environment operating system, NVRVM (Non-Volatile Random Access Memory) represents a target storage space, Hypervisor represents a virtual machine monitor of a virtualization layer, GuestOS represents a virtual machine operating system, and may include the following:

the initialization process of the ARM platform may include the following steps:

a1: and powering on the ARM platform.

A2: and (3) Firmware loading, wherein in the Firmware loading process, equipment is initialized, the TrustZone function is started, a Firmware/SecureModor Firmware management module is loaded, and the Firmware management module realizes the VMID forwarding function.

A3: and TEEOS loading, namely finding the TEE OS mirror image firmware from the firmware storage flash and loading, and configuring a memory and initializing NV Driver for the TEE OS in the TEE.

A4: and initializing the flash chip for the fTPM by using the NVdriver, wherein the initialization includes but is not limited to generation of metadata, generation of a flash encryption key, storage of the encryption key, permission setting and permission processing at a partition.

A5: if QEMU (virtual operating system simulator) KVM virtualization, the loading to RichOS is completed.

A6: if the Xen virtualization is adopted, an image file of the Xen virtualization is searched, and the image file is started along with the BIOS.

A7: in the BIOS startup process, Xen Hypervisor performs processing as vm0, executes a virtual machine creation process, and allocates a vm TEE instance and a context in the TEE OS, where VMID is 0.

A8: the vm tee instance loads the vfTPM TA.

A9: in the TA loading process, initializing the nvram of the TPM, namely reading and writing the TPM storage flash through the NV Driver, and distributing an nvram partition on the flash for the use of the vfTPM with the VMID equal to 0.

A10: returning the data processed by the vfTPM to the Xen Hypervisor through a vfTPM request and response flow;

a10: and (5) the Hypervisor enters a starting process to finish starting.

The creating process of the virtual machine may include:

b1: RichOS or Hypervisor initiates an instruction to create a virtual machine and requires that this virtual machine be configured with a vfTPM.

B2: in the process of creating the virtual machine called by RichOS or Hypervisor, initialization operations related to vfTPM, namely A3 and a4 in the initialization flow, are completed on the TEE side, so that the RichOS or Hypervisor first transmits a block of VMID allocated to the virtual machine by the RichOS or Hypervisor to the firmware processing module of the firmware layer. B3: the firmware processing module receives a request for virtual machine creation, encapsulates the request parameters, attaches the VMID to the SMC instruction, sends an SMC _ VM _ CREATE instruction, sends the instruction to TEEOS on the TEE side, and switches the operating environment to TEE.

B4: nexus TEE on the TEEOS side receives the SMC instruction and analyzes that this virtual machine requires a vfTPM device.

B5: TEEOS allocates a vm tee instance and context to the virtual machine, and the vm tee context is used to process all requests related to the virtual machine, including loading and execution of vfTPM.

B6: the fttpm TA is loaded and the vfTPM initialization operation is performed. Specifically, during the initialization operation, in addition to starting the TPM, the NVRVM needs to be initialized. The initialization process of the NVRVM comprises the following steps: and completing the distribution of the flash partitions by using the NV Driver, directly distributing the partitions to the vfTPM as NVRVM for use if the virtual machine has the corresponding flash partitions, and creating a partition for the virtual machine by the NV Driver under the condition that the flash space is sufficient if the vfTPM of the virtual machine does not have the corresponding flash partitions, and implementing NVRVM initialization operation on the partition according to the TPM specification.

B7: NVRVM initialization is completed, and other initialization work of the TPM specification is continuously completed.

B8: finishing initialization work of the fTPM, and returning a return result to the RichOS or Hypervisor layer through the TEEOS and the firmware processing module;

b9: the RichOS completes the subsequent creation work of the virtual machine.

The vfTPM request and response flow for the virtual machine may be as follows:

c1: GuestOS sends a vfTPM request.

C2: the GustOS kernel converts the vfTPM request instruction and VA to IPA.

C3: RichOS or Hypervisor converts GuestOS commands to PA, while additional VMID is sent to the firmware processing module.

C4: and the firmware processing module encapsulates the instruction, attaches the VMID, executes the SMC instruction and switches the running state to TEEOS.

C5: TEEOS processes the vfTPM request according to the VMID assigned to the corresponding vm tee context.

C6: the TEEOS allocates a shared memory, stores a processing result in the shared memory, and sends a shared memory address and the VMID to the firmware processing module.

C7: and after the firmware processing module encapsulates the request parameters, the SMC instruction is executed to switch the execution environment to the REE, and the result is sent to the Hypervisor or the RichOS.

C8: the RichOS or Hypervisor converts the shared memory address into IPA, and returns the result to the corresponding virtual machine according to the VMID.

C9: the virtual machine kernel converts IPA to VA and delivers GuestOS APP for processing.

C10: GustOS APP obtains the processing result of the vfTPM request.

The process of destroying and closing the virtual machine can be as follows:

d1: and the user issues an instruction for destroying or closing the virtual machine through the application layer, and the RichOS or Hypervisor receives the instruction for destroying or closing the virtual machine so as to release the vfTPM resource by executing the execution.

D2: and converting the instruction parameters of the virtual machine to be processed, namely the virtual machine to be destroyed or the virtual machine to be closed, and adding the VMID to forward the VMID to the firmware processing module.

D3: the firmware processing module encapsulates the instruction generated by D2 while appending the VMID, executes the SMC _ VM _ DESTROY instruction, and switches the operating state to TEEOS.

D4: the TEEOS receives an instruction for destroying or closing the virtual machine, and sends the instruction to the corresponding vm tee according to the parameters and the VMID of the instruction.

D5: and judging whether the command is a command for thoroughly destroying and deleting the virtual machine or normally closing the virtual system.

D6: if the command is a command for closing the virtual machine system, refreshing the data of the vfTPM on the TEE side, and deleting the vm context;

d7: if the virtual machine is destroyed, the vm context is deleted on the TEE side, and the storage partition of the vfTPM allocated to the virtual machine on the flash, namely the target storage space, is deleted.

D8: and returning the processing result to RichOS or Hypervisor through TEEOS and a firmware management module.

D9: RichOS or Hypervisor performs the operation of destroying or deleting vm at REE.

Therefore, the invention completes the support of TEEOS on virtualization and supports KVM and Xen virtualization technologies by modifying TEEOS; by improving the implementation mode of the fTPM, the support of the fTPM on the virtual machine on the ARM platform is realized; by improving the storage mode of the fTPM, the storage of the fTPM is stored in a special flash memory, so that the fTPM can only be read in the TEE, and the safety of the fTPM is enhanced; the storage mode of the fTPM is virtualized, and the virtualization problem of the fTPM is solved. Therefore, the TPM function is realized on the ARM platform based on firmware, virtualization is realized, the ARM platform can be used by an ARM virtual machine, the physical cost can be saved on the research and development level, the safety of cloud computing products can be improved by realizing fTPM virtualization, and the competitiveness in the aspect of the cloud computing industry is improved.

In the present specification, the embodiments are described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same or similar parts between the embodiments are referred to each other. For hardware including devices, electronic devices and ARM platforms disclosed by the embodiments, the description is relatively simple because the hardware corresponds to the method disclosed by the embodiments, and the relevant points can be referred to the description of the method.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

The virtualization implementation method, the virtualization implementation device, the electronic device, the readable storage medium and the ARM platform provided by the present application are described in detail above. The principles and embodiments of the present invention have been described herein using specific examples, which are presented only to assist in understanding the method and its core concepts of the present invention. It should be noted that, for those skilled in the art, it is possible to make various improvements and modifications to the present invention without departing from the principle of the present invention, and those improvements and modifications also fall within the scope of the claims of the present application.

Claims

1. A virtualization implementation method is characterized by comprising the following steps:

2. The virtualization implementation method of claim 1, wherein after processing the target vfTPM request by invoking the corresponding target virtual machine trusted execution environment context, the method further comprises:

and storing the processing result into a shared memory.

3. The virtualization implementation method of claim 1, wherein initializing an ARM platform running a target virtual machine configured with a vfTPM function based on the virtualization type comprises:

the method comprises the steps that an ARM platform is powered on, and target firmware and a trusted execution environment operating system of the ARM platform are loaded;

4. The virtualization implementation method of claim 3, wherein the configuring the memory for the trusted execution environment operating system and performing the memory initialization process comprises:

5. The virtualization implementation method according to claim 4, wherein initializing a rich execution environment based on the virtualization type to which the target virtual machine belongs comprises:

6. The virtualization implementation method according to claim 4, wherein initializing a rich execution environment based on the virtualization type to which the target virtual machine belongs includes:

loading a vfTPM trusted application through the virtual machine trusted execution environment instance; in the loading process of the vfTPM trusted application, reading and writing the special memory by using the storage driver, and allocating a special storage area for the virtual machine monitor in the special memory;

7. The virtualization implementation method according to any one of claims 1 to 6, wherein before receiving the vfTPM request of the target virtual machine, the virtualization implementation method further comprises:

8. The virtualization implementation method of claim 7, wherein the initializing the memory space comprises:

binding the target storage space with the identification information;

9. The virtualization implementation method according to any one of claims 1 to 6, wherein after the initializing the ARM platform running the target virtual machine configured with the vfTPM function, the method further includes:

when a virtual machine destruction instruction is received, in the rich execution environment, obtaining a destruction identifier of the virtual machine to be destroyed by analyzing the virtual machine destruction instruction;

in the trusted execution environment, the trusted execution environment operating system sends the virtual machine destruction instruction to a destruction virtual machine trusted execution environment instance corresponding to the virtual machine to be destroyed based on the destruction identification; the instance of the trusted execution environment of the destroyed virtual machine deletes the context of the trusted execution environment of the destroyed virtual machine and deletes the storage partition of the virtual machine to be destroyed, which corresponds to the flash memory chip; feeding back a virtual machine destruction completion instruction carrying the destruction identification;

10. The virtualization implementation method according to any one of claims 1 to 6, wherein after the initializing the ARM platform running the target virtual machine configured with the vfTPM function, the method further includes:

when a virtual machine closing instruction is received, in the rich execution environment, obtaining a closing identifier of the virtual machine to be closed by analyzing the virtual machine closing instruction;

packaging the parameterized virtual machine closing completion instruction and the closing identifier, and switching the current running state into the rich execution environment;

11. A virtualization implementation apparatus, comprising:

the virtualization request processing module is used for calling a corresponding target virtual machine trusted execution environment context to process the target vfTPM request according to the identification information in the trusted execution environment, and sending a storage address carrying a processing result and a result feedback instruction of the identification information;

12. An electronic device comprising a processor and a memory, the processor being configured to implement the steps of the virtualization implementation method according to any one of claims 1 to 10 when executing a computer program stored in the memory.

13. A readable storage medium, characterized in that the readable storage medium has stored thereon a computer program which, when being executed by a processor, implements the steps of the virtualization implementation method according to any one of claims 1 to 10.

14. An ARM platform, when used to execute a computer program to implement the steps of the virtualization implementation method of any one of claims 1 to 10, comprising an application layer, a system layer, a virtualization layer, and a firmware layer;