CN114925339A - Method, device, equipment and medium for managing and controlling permission time of server firmware - Google Patents
Method, device, equipment and medium for managing and controlling permission time of server firmware Download PDFInfo
- Publication number
- CN114925339A CN114925339A CN202210606673.6A CN202210606673A CN114925339A CN 114925339 A CN114925339 A CN 114925339A CN 202210606673 A CN202210606673 A CN 202210606673A CN 114925339 A CN114925339 A CN 114925339A
- Authority
- CN
- China
- Prior art keywords
- time
- server firmware
- license
- firmware
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 107
- 230000008569 process Effects 0.000 claims abstract description 75
- 238000013475 authorization Methods 0.000 claims abstract description 29
- 238000012544 monitoring process Methods 0.000 claims abstract description 29
- 230000006870 function Effects 0.000 claims description 51
- 238000007726 management method Methods 0.000 claims description 19
- 230000002159 abnormal effect Effects 0.000 claims description 11
- 238000012795 verification Methods 0.000 claims description 10
- 230000008676 import Effects 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 2
- 239000000126 substance Substances 0.000 claims 1
- 238000012937 correction Methods 0.000 description 8
- 238000012545 processing Methods 0.000 description 7
- 238000013461 design Methods 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0751—Error or fault detection not based on redundancy
- G06F11/0754—Error or fault detection not based on redundancy by exceeding limits
- G06F11/0757—Error or fault detection not based on redundancy by exceeding limits by exceeding a time limit, i.e. time-out, e.g. watchdogs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Quality & Reliability (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention belongs to the technical field of server firmware license time management and control, and particularly provides a method, a device, equipment and a medium for managing and controlling license time of server firmware, wherein the method comprises the following steps: the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized; after the authorization function of the server firmware is available, starting an operation time timing process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time timing process; acquiring the current server firmware system time and the server firmware running time value; comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license. Not affected by network or firmware update or firmware restart, etc.
Description
Technical Field
The invention relates to the technical field of server license time management and control, in particular to a method, a device, equipment and a medium for managing and controlling license time of server firmware.
Background
The out-of-band management firmware (BMC) of the server provides a remote management function for the server by using a virtual keyboard, an interface, a mouse, a power supply and the like, and can monitor physical characteristics of the server, such as temperature, voltage, fan working state, power supply, case intrusion and the like of each component, which are important for the management of the server. For some special functions of the BMC, a server manufacturer performs authorization control through License technology to limit the use duration and use users of the special functions. For the time limit of License, generally, after License authorization is obtained, the time validity period of License is controlled by recording the deadline in License and periodically comparing the current system time with the deadline of License, and if the system time is greater than the deadline, the License is considered to be expired and stopped. However, if the device suffers from abnormal system time tampering, the system time is always less than the license expiration time, so that the license cannot expire according to the appointed time, the usage right management is inaccurate, and even the benefit of a server developer is lost.
By connecting the software to the License remote server and utilizing the remote server to provide time correction or record the current equipment state, the accuracy of time recording is relatively improved because a user hardly falsifies data in the remote server. Or by recording the use time of the software in a registry or file system of the software or periodically recording the system time to prevent the user from modifying the time to reuse the License.
Time correction is provided through a remote server, a network is required, but a plurality of data centers do not provide connection with the Internet for better safety protection, correction cannot be performed at the moment, and the design defect still exists; recording the software use time through a registry or a file system, and when the user reinstalls or reregisters the software after modifying the time, the License time management and control still possibly fails; by recording the system time through the file, when the file is maliciously accessed, the recorded content can be tampered, and the License time management can still be inaccurate; the method only judges whether the software reaches the License deadline according to the system time, and also counts the period when the software is not used by the client, so that the method is a loss and poor in usability for the client.
Disclosure of Invention
Aiming at providing time correction through a remote server, the network is required, but a plurality of data centers do not provide connection with the Internet for better safety protection, correction cannot be performed at the moment, and the design defect still exists; recording the software use time through a registry or a file system, and when the user reinstalls or reregisters the software after modifying the time, the License time management and control still possibly fails; by recording the system time through the file, when the file is maliciously accessed, the recorded content can be tampered, and the License time management is still inaccurate; the invention provides a method, a device, equipment and a medium for managing and controlling License time of server firmware, which are used for judging whether License deadline time of software is reached only according to system time and solving the problems that the License deadline time is calculated when a client does not use the software and the client is lost and poor in usability.
The technical scheme of the invention is as follows:
in a first aspect, a technical solution of the present invention provides a method for managing and controlling license time of server firmware, including the following steps:
the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized;
after the authorization function of the server firmware is available, starting an operation time timing process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time timing process;
acquiring the current server firmware system time and the server firmware running time value;
comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
Further, the step of importing the license into the server firmware and making the authorization of the server firmware function controlled by the license successful comprises:
a1: importing a license into the server firmware, and acquiring the start time I1 and the end time E1 of the license and license identification information;
a2: acquiring the system time of the current server firmware;
a3: judging whether the acquired server firmware system time is earlier than or equal to the allowable starting time or not; if yes, executing step A4, otherwise, executing step A5;
a4: storing the information obtained in step A1 and step A2, the license controlled server firmware function authorization is successful.
A5: and when the server firmware system time is not accurate or the license authorization time is abnormal, outputting user prompt information and stopping importing.
Further, the information obtained in step a1 and step a2 is stored; the step of licensing the controlled server firmware function successfully includes:
a41: storing the information obtained in the step A1 and the step A2 into a nonvolatile storage device, and allowing the controlled server firmware function to be successfully authorized;
a42: judging whether the system time of the server firmware reaches the permission starting time every other first time threshold; if yes, executing A43, otherwise, executing A42;
a43: the functions authorized by the server firmware are available.
Further, after the server firmware authorization function is available, the step of starting the running time timing process to record the running time value of the server firmware, and simultaneously starting the monitoring process to monitor the running time timing process comprises the following steps:
b1: after the authorization function of the server firmware is available, starting an operation time timing process, and simultaneously starting a monitoring process to monitor the operation time timing process;
b2: when the running time timing process is normal, updating the running time once every first time threshold, namely the running time + 1;
b3: the recorded runtime value and the server firmware system time are stored.
Further, the step of comparing the obtained system time of the server firmware with the permitted end time, comparing the obtained running time value of the server firmware with the permitted effective time, and outputting the prompt message of the comparison result includes:
comparing the obtained system time of the server firmware with the permitted end time, and simultaneously comparing the obtained running time value of the server firmware with the permitted effective time;
when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is less than the valid time of the license, the license is valid and the obtained running time value of the server firmware is stored;
when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is greater than the valid time of the license, the license is immediately invalidated, and prompt information of safety risk that the system time of the server firmware is tampered is output;
when the system time of the server firmware is longer than the end time of the permission and the running time value of the server firmware is shorter than the valid time of the permission, the permission is valid and stores the obtained running time value of the server firmware, and meanwhile, the server firmware sends out an alarm to remind that a fault possibly exists;
when the system time of the server firmware is larger than the end time of the license and the running time value of the server firmware is larger than the valid time of the license, the license is invalid, the authorized function is unavailable and the license invalidation prompt message is output.
Further, in the step of starting the monitoring process to monitor the running time timing process, the watchdog process of the server firmware is used to monitor the timing task of the running time timing process, and whether the running time timing process is blocked is judged, which specifically includes:
setting an overtime flag bit for an operating time timing process;
starting a watchdog process, setting the timeout time of the watchdog, and setting the set timeout flag bit;
if the overtime mark of the monitored task is cleared within the overtime time, kicking off the watchdog, enabling the watchdog to count down again, and canceling the setting of the overtime mark of the monitored task;
if the overtime mark of the monitored task is not cleared within the overtime time, the watchdog is overtime, the running time timing process is considered to be abnormal, and the server firmware is restarted.
Further, the method further comprises:
and after the server firmware is restarted, judging whether the permission is in the time validity device or not.
Further, the server firmware includes a BMC.
In a second aspect, the technical solution of the present invention further provides a device for managing and controlling license time of server firmware, including an importing module, a record executing module, an obtaining module, and a verification judging module;
the import module is used for importing the license into the server firmware and enabling the server firmware function controlled by the license to be successfully authorized;
the record execution module is used for starting an operating time timing process to record an operating time value of the server firmware after the authorization function of the server firmware is available, and simultaneously starting a monitoring process to monitor the operating time timing process;
the acquisition module is used for acquiring the current server firmware system time and the server firmware operation time value;
the verification judging module is used for comparing the acquired system time of the server firmware with the permitted end time, comparing the acquired running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
Furthermore, the import module comprises an import unit, a first acquisition unit, a first judgment unit, a storage execution unit and a prompt output unit;
the system comprises an importing unit, a license processing unit and a license identification unit, wherein the importing unit is used for importing a license to the server firmware and acquiring the starting time I1 and the ending time E1 of the license and license identification information;
the first acquisition unit is used for acquiring the current server firmware system time;
the first judging unit is used for judging whether the system time of the server firmware reaches the permission starting time every a first time threshold;
and the storage execution unit is used for storing the information acquired by the import unit and the first acquisition unit into the nonvolatile storage equipment, and authorizing the controlled server firmware function successfully.
And the prompt output unit is used for outputting user prompt information and stopping importing when the first judgment unit outputs that the system time of the server firmware is not earlier than the start time of the license and the server firmware system time is not accurate or the license authorization time is abnormal.
Furthermore, the record execution module comprises a starting and monitoring unit, an updating unit and an execution unit;
the starting and monitoring unit is used for starting the running time timing process after the authorization function of the server firmware is available, and simultaneously starting the monitoring process to monitor the running time timing process;
the updating unit is used for updating the running time, namely the running time +1, every first time threshold when the running time process is normal;
and the execution unit is used for storing the recorded running time value and the server firmware system time.
Further, the verification judging module is specifically configured to compare the acquired server firmware system time with the permitted end time, and compare the acquired server firmware running time value with the permitted effective time; when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is less than the valid time of the license, the license is valid and the obtained running time value of the server firmware is stored; when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is greater than the valid time of the license, the license is immediately invalidated, and prompt information of safety risk of tampering the system time of the server firmware is output; when the system time of the server firmware is longer than the end time of the license and the running time value of the server firmware is shorter than the valid time of the license, the license is valid and stores the obtained running time value of the server firmware, and meanwhile, the server firmware sends an alarm to remind that a fault possibly exists; when the system time of the server firmware is larger than the end time of the license and the running time value of the server firmware is larger than the valid time of the license, the license is invalid, the authorized function is unavailable and the license invalidation prompting message is output.
Further, the starting and monitoring unit monitors the timing task of the running time timing process by using a watchdog process of the server firmware, and judges whether the running time timing process is blocked, wherein the starting and monitoring unit specifically comprises a first setting submodule, a setting processing submodule and a judging processing submodule;
the first setting submodule is used for setting an overtime flag bit for the running time timing process;
the setting processing submodule is used for starting a watchdog process, setting the timeout time of the watchdog and setting the set timeout flag bit;
the second setting submodule is used for kicking off the watchdog if the overtime mark of the monitored task is cleared within the overtime time, so that the watchdog counts down again, and the overtime mark of the monitored task is set and cancelled;
and the restarting submodule is used for judging that the running time timing process is abnormal if the overtime mark of the monitored task is not cleared within the overtime, restarting the server firmware, and sending information to the verification judging module after restarting is finished.
In a third aspect, a technical solution of the present invention further provides an electronic device, where the electronic device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores computer program instructions executable by the at least one processor to enable the at least one processor to perform the method of license time management of server firmware of the first aspect.
In a fourth aspect, the present invention also provides a non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute the license time management method for server firmware according to the first aspect.
According to the technical scheme, the invention has the following advantages: the time control of the License firmware of the server is realized, and the accuracy of the time control of the License is improved; the method realizes the dual-system time management and control based on the system time of the server and the BMC running time, is not influenced by network or firmware updating or firmware restarting and the like, and has stronger tamper-resistant capability, easy realization and low cost.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Therefore, compared with the prior art, the invention has prominent substantive features and remarkable progress, and the beneficial effects of the implementation are also obvious.
Drawings
In order to more clearly illustrate the embodiments or prior art solutions of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
Fig. 2 is a schematic flow diagram of a method of another embodiment of the invention.
Fig. 3 is a schematic block diagram of an apparatus of one embodiment of the present invention.
Detailed Description
By connecting the software to the License remote server and utilizing the remote server to provide time correction or record the current equipment state, the accuracy of time recording is relatively improved because a user hardly falsifies data in the remote server. Or by recording the use time of the software in a registry or file system of the software or periodically recording the system time to prevent the user from modifying the time to reuse the License.
Time correction is provided through a remote server, a network is required, but a plurality of data centers do not provide connection with the Internet for better safety protection, correction cannot be performed at the moment, and the design defect still exists; recording the software use time through a registry or a file system, and when the user reinstalls or reregisters the software after modifying the time, the License time management and control still possibly fails; by recording the system time through the file, when the file is maliciously accessed, the recorded content can be tampered, and the License time management can still be inaccurate; the method only judges whether the software reaches the License deadline according to the system time, and counts the period when the software is not used by the client, so that the method is a loss to the client and has poor usability. In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a method for managing and controlling license time of server firmware, including the following steps:
step 1: the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized;
step 2: after the authorization function of the server firmware is available, starting an operation time timing process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time timing process;
and 3, step 3: acquiring the current server firmware system time and the server firmware running time value;
and 4, step 4: comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the permit is the difference between the end time of the permit and the start time of the permit.
In this embodiment, the server firmware may be a BMC, and according to the characteristics that the BMC starts to use and continuously provides services when being powered on, the accumulated running time is recorded, and whether the license time is in the valid period is jointly determined by combining two modes of the system time. The running time is independently timed according to the actual running time of the BMC by using a method of a time source different from the system time, and the storage space of the time is protected to ensure that the storage space is not tampered maliciously. In addition, for the characteristic that the BMC firmware may be frequently refreshed or powered down, the storage space of the running time is ensured not to be emptied or changed, and the time validity period of the firmware License is verified after the newly refreshed firmware is refreshed or the BMC is restarted due to faults, so that the License time management and control are ensured to be more accurate. The method is realized by utilizing the server BMC, is not influenced by factors such as network and firmware updating, has enhanced defense capability against tampering, and has more accurate time control and judgment.
In some embodiments, in step 1, the step of importing the license into the server firmware and enabling the authorization of the server firmware function controlled by the license to be successful, where the server firmware is a BMC, specifically includes:
a1: a license is led into the BMC, and the start time I1 and the end time E1 of the license and license identification information are obtained;
a2: acquiring the current BMC system time;
a3: judging whether the acquired BMC system time is earlier than or equal to the allowed starting time; if yes, executing step A4, otherwise, executing step A5;
a4: and D, storing the information acquired in the step A1 and the step A2, and allowing the controlled BMC function to be successfully authorized. Judging whether the BMC system time reaches the allowed starting time every a first time threshold (namely, one minute), and after the BMC system time reaches the allowed starting time, enabling the function;
in this step, the information is stored, that is, the information is stored in a nonvolatile storage device (an EEPROM or a configuration file), so that the information is not lost when the power is lost or restarted or refreshed; and a specific area is set in the storage device or a specific authority is set in the configuration file, only the License specific process is allowed to carry out read-write operation, and the others have no authority to access.
A5: and when the server firmware system time is not accurate or the license authorization time is abnormal, outputting user prompt information and stopping importing.
In some embodiments, in step 2, after the server firmware authorization function is available, the step of starting a runtime timing process to record a runtime value of the server firmware, and the step of starting a monitoring process to monitor the runtime timing process includes:
b1: after the authorization function of the server firmware is available, starting an operation time timing process, and simultaneously starting a monitoring process to monitor the operation time timing process;
b2: when the running time timing process is normal, updating the running time, namely the running time +1, every first time threshold (one minute);
b3: the recorded runtime value and the server firmware system time are stored.
That is, after the BMC authorization function is available, an operation time timing process is started synchronously, and the operation state of the process is monitored; updating the running time, namely the running time +1, every one minute; storing an online running time value and BMC time; it should be noted that, when the BMC is in a non-running state, such as when the BMC is powered off or has failed, the last recorded running time is the BMC running time value. In the periodic (per minute) operation of steps a4 and B2, the BMC watch Timer is used to set the Timer.
In some embodiments, the step 4 of comparing the obtained system time of the server firmware with the end time of the license, comparing the obtained running time value of the server firmware with the valid time of the license, and outputting the prompt message of the comparison result includes:
comparing the obtained system time of the server firmware with the permitted end time, and simultaneously comparing the obtained running time value of the server firmware with the permitted effective time;
when the system time of the server firmware is less than the end time of the permission and the running time value of the server firmware is less than the valid time of the permission, the permission is valid and the obtained running time value of the server firmware is stored;
when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is greater than the valid time of the license, the license is immediately invalidated, and prompt information of safety risk of tampering the system time of the server firmware is output;
when the system time of the server firmware is longer than the end time of the license and the running time value of the server firmware is shorter than the valid time of the license, the license is valid and stores the obtained running time value of the server firmware, and meanwhile, the server firmware sends an alarm to remind that a fault possibly exists;
when the system time of the server firmware is larger than the end time of the license and the running time value of the server firmware is larger than the valid time of the license, the license is invalid, the authorized function is unavailable and the license invalidation prompt message is output.
In this embodiment, the server firmware is BMC, and the current BMC system time is acquired and set as T1; acquiring a BMC running time value, and setting the BMC running time value as T2;
the specific judgment method is as follows:
when T1< E1, and T2< (E1-I1), license is considered valid, T1 is stored;
when T1< E1 and T2> (E1-I1) indicate that the BMC time is possibly tampered and other security risks exist, and license is immediately disabled;
when T1 is greater than E1 and T2< (E1-I1), it is indicated that the server has faults that the AC power-down BMC is not operated or the BMC is restarted, the license is valid, T1 is stored, and the BMC sends an alarm to remind a user that the faults possibly exist;
when T1> E1, and T2> (E1-I1), it indicates that the license is expired, the license is disabled, the authorized function is not available and a prompt is given.
As shown in fig. 2, in some embodiments, to ensure the reliability of the runtime timing process, the step of starting the monitoring process to monitor the runtime timing process uses the watchdog process of the server firmware to monitor the timing task of the runtime timing process and determine whether the timing task is blocked. The timing task is monitored using the BMC's WattdogAPP process to determine if it is blocked (i.e., if polling is interrupted). The method comprises the following specific steps: setting an overtime flag bit for the Watchdog APP, setting overtime time to be 10 seconds, and if the Watchdog is cleared of the monitored task overtime flag within the overtime time, kicking off the hardware Watchdog, so that the Watchdog counts down again, and setting and canceling the monitored task overtime flag; if the overtime mark is not cleared within the overtime time, the hardware Watchdog is overtime, the monitored process is considered to be abnormal, and the BMC is restarted to ensure the running timing accuracy of the BMC. After the BMC is restarted, whether License is in the time validity period or not is judged according to the steps, and if the License exceeds the time validity period, the License authorization control function is inaccessible. The time control of the firmware License is realized by comprehensively utilizing the technologies of access control, process monitoring, Watchdog, automatic detection, safe storage and the like, the anti-tampering and accurate timing of the firmware License time are ensured, and the License validity period control function is realized.
As shown in fig. 3, the technical solution of the present invention further provides a device for managing and controlling license time of server firmware, which includes an importing module, a record executing module, an obtaining module, and a verification judging module;
the import module is used for importing the license into the server firmware and enabling the server firmware function controlled by the license to be successfully authorized;
the record execution module is used for starting an operation time timing process to record an operation time value of the server firmware after the authorization function of the server firmware is available, and simultaneously starting a monitoring process to monitor the operation time timing process;
the acquisition module is used for acquiring the system time of the current server firmware and the running time value of the server firmware;
the verification judging module is used for comparing the acquired system time of the server firmware with the permitted end time, comparing the acquired running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the permit is the difference between the end time of the permit and the start time of the permit.
In some examples, the import module comprises an import unit, a first acquisition unit, a first judgment unit, a storage execution unit and a prompt output unit;
the system comprises an importing unit, a license acquiring unit and a license identification unit, wherein the importing unit is used for importing a license to the server firmware and acquiring the starting time I1 and the ending time E1 of the license and the license identification information;
the first acquisition unit is used for acquiring the current server firmware system time;
the first judging unit is used for judging whether the system time of the server firmware reaches the permission starting time every a first time threshold;
and the storage execution unit is used for storing the information acquired by the import unit and the first acquisition unit into the nonvolatile storage equipment, and authorizing the controlled server firmware function successfully.
And the prompt output unit is used for outputting user prompt information and stopping importing when the server firmware system time output by the first judgment unit is not earlier than the allowable starting time and the server firmware system time is considered to be inaccurate or the allowable authorized time is abnormal.
In some cases, the record execution module includes a starting and monitoring unit, an updating unit and an execution unit;
the starting and monitoring unit is used for starting the running time timing process after the authorization function of the server firmware is available, and simultaneously starting the monitoring process to monitor the running time timing process;
the updating unit is used for updating the running time once every first time threshold when the running time timing process is normal, namely the running time + 1;
and the execution unit is used for storing the recorded running time value and the server firmware system time.
In some cases, the verification judgment module is specifically configured to compare the acquired server firmware system time with the permitted end time, and compare the acquired server firmware running time value with the permitted effective time; when the system time of the server firmware is less than the end time of the permission and the running time value of the server firmware is less than the valid time of the permission, the permission is valid and the obtained running time value of the server firmware is stored; when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is greater than the valid time of the license, the license is immediately invalidated, and prompt information of safety risk of tampering the system time of the server firmware is output; when the system time of the server firmware is longer than the end time of the permission and the running time value of the server firmware is shorter than the valid time of the permission, the permission is valid and stores the obtained running time value of the server firmware, and meanwhile, the server firmware sends out an alarm to remind that a fault possibly exists; when the system time of the server firmware is larger than the end time of the license and the running time value of the server firmware is larger than the valid time of the license, the license is invalid, the authorized function is unavailable and the license invalidation prompting message is output.
In some cases, the starting and monitoring unit monitors a timing task of the running time timing process by using a watchdog process of the server firmware, and judges whether the running time timing process is blocked, wherein the starting and monitoring unit specifically comprises a first setting submodule, a setting processing submodule and a judging processing submodule;
the first setting submodule is used for setting an overtime flag bit for the running time timing process;
the setting processing submodule is used for starting a watchdog process, setting the overtime time of the watchdog and setting the set overtime flag bit;
the second setting submodule is used for kicking off the watchdog if the overtime mark of the monitored task is cleared within the overtime time, so that the watchdog counts down again, and the overtime mark of the monitored task is set and cancelled;
and the restarting submodule is used for judging that the running time timing process is abnormal if the overtime mark of the monitored task is not cleared within the overtime, restarting the server firmware, and sending information to the verification judging module after restarting is finished.
An embodiment of the present invention further provides an electronic device, where the electronic device includes: the system comprises a processor, a communication interface, a memory and a bus, wherein the processor, the communication interface and the memory are communicated with each other through the bus. The bus may be used for information transfer between the electronic device and the sensor. The processor may call logic instructions in memory to perform the following method: step 1: the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized; and 2, step: after the authorization function of the server firmware is available, starting an operation time timing process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time timing process; and step 3: acquiring the current server firmware system time and the server firmware running time value; and 4, step 4: comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
In addition, the logic instructions in the memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Embodiments of the present invention provide a non-transitory computer-readable storage medium storing computer instructions that cause a computer to perform a method provided by the above method embodiments, for example, including: step 1: the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized; step 2: after the authorization function of the server firmware is available, starting an operation time timing process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time timing process; and step 3: acquiring the current server firmware system time and the server firmware operation time value; and 4, step 4: comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for managing and controlling the permission time of server firmware is characterized by comprising the following steps:
the license is led into the server firmware, and the server firmware function controlled by the license is successfully authorized;
after the authorization function of the server firmware is available, starting an operation time counting process to record an operation time value of the server firmware, and simultaneously starting a monitoring process to monitor the operation time counting process;
acquiring the current server firmware system time and the server firmware running time value;
comparing the obtained system time of the server firmware with the permitted end time, simultaneously comparing the obtained running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
2. The method for managing license time of server firmware according to claim 1, wherein the step of importing the license into the server firmware and making the authorization of the server firmware function controlled by the license succeed comprises:
a1: importing a license into the server firmware, and acquiring the start time I1 and the end time E1 of the license and license identification information;
a2: acquiring the system time of the current server firmware;
a3: judging whether the acquired server firmware system time is earlier than or equal to the allowable starting time; if yes, executing step A4, otherwise executing step A5;
a4: storing the information obtained in step A1 and step A2, and allowing the controlled server firmware function to be successfully authorized;
a5: and when the server firmware system time is not accurate or the license authorization time is abnormal, outputting user prompt information and stopping importing.
3. The license time management method of server firmware according to claim 2, characterized in that the information acquired in step a1 and step a2 is stored; the step of licensing the controlled server firmware function successfully includes:
a41: storing the information obtained in the step A1 and the step A2 into a nonvolatile storage device, and allowing the controlled server firmware function to be successfully authorized;
a42: judging whether the system time of the server firmware reaches the permission starting time every other first time threshold; if yes, executing A43, otherwise, executing A42;
a43: the functions authorized by the server firmware are available.
4. The method for managing and controlling the license time of the server firmware according to claim 2, wherein after the authorization function of the server firmware is available, the step of starting a runtime timing process to record the runtime value of the server firmware, and the step of starting a monitoring process to monitor the runtime timing process comprises:
b1: after the authorization function of the server firmware is available, starting an operation time counting process, and simultaneously starting a monitoring process to monitor the operation time counting process;
b2: when the running time timing process is normal, updating the running time once every first time threshold, namely the running time + 1;
b3: the recorded runtime value and the server firmware system time are stored.
5. The method as claimed in claim 2, wherein the step of comparing the obtained system time of the server firmware with the end time of the license, comparing the obtained running time value of the server firmware with the valid time of the license, and outputting a prompt message indicating the comparison result includes:
comparing the obtained system time of the server firmware with the permitted end time, and simultaneously comparing the obtained running time value of the server firmware with the permitted effective time;
when the system time of the server firmware is less than the end time of the permission and the running time value of the server firmware is less than the valid time of the permission, the permission is valid and the obtained running time value of the server firmware is stored;
when the system time of the server firmware is less than the end time of the license and the running time value of the server firmware is greater than the valid time of the license, the license is immediately invalidated, and prompt information of safety risk of tampering the system time of the server firmware is output;
when the system time of the server firmware is longer than the end time of the license and the running time value of the server firmware is shorter than the valid time of the license, the license is valid and stores the obtained running time value of the server firmware, and meanwhile, the server firmware sends an alarm to remind that a fault possibly exists;
when the system time of the server firmware is larger than the end time of the license and the running time value of the server firmware is larger than the valid time of the license, the license is invalid, the authorized function is unavailable and the license invalidation prompt message is output.
6. The method for managing and controlling the license time of the server firmware according to claim 2, wherein in the step of starting the monitoring process to monitor the running time timing process, a watchdog process of the server firmware is used to monitor a timing task of the running time timing process, and determine whether the running time timing process is blocked, and specifically includes:
setting an overtime flag bit for an operating time counting process;
starting a watchdog process, setting the timeout time of the watchdog, and setting the set timeout flag bit;
if the overtime mark of the monitored task is cleared within the overtime time, kicking off the watchdog, enabling the watchdog to count down again, and canceling the setting of the overtime mark of the monitored task;
if the overtime mark of the monitored task is not cleared within the overtime time, the watchdog is overtime, the running time timing process is considered to be abnormal, and the server firmware is restarted.
7. The method according to claim 6, further comprising:
and after restarting the server firmware, judging whether the license is in the time validity device.
8. A permission time management and control device of server firmware is characterized by comprising an importing module, a record executing module, an obtaining module and a verification judging module;
the import module is used for importing the license into the server firmware and enabling the server firmware function controlled by the license to be successfully authorized;
the record execution module is used for starting an operating time timing process to record an operating time value of the server firmware after the authorization function of the server firmware is available, and simultaneously starting a monitoring process to monitor the operating time timing process;
the acquisition module is used for acquiring the current server firmware system time and the server firmware operation time value;
the verification judging module is used for comparing the acquired system time of the server firmware with the permitted end time, comparing the acquired running time value of the server firmware with the permitted effective time, and outputting prompt information of the comparison result; the validity time of the license is the difference between the end time of the license and the start time of the license.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores computer program instructions executable by at least one processor to enable the at least one processor to perform the method of license time management of server firmware of any one of claims 1 to 7.
10. A non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute a license time management method of a server firmware according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210606673.6A CN114925339A (en) | 2022-05-31 | 2022-05-31 | Method, device, equipment and medium for managing and controlling permission time of server firmware |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210606673.6A CN114925339A (en) | 2022-05-31 | 2022-05-31 | Method, device, equipment and medium for managing and controlling permission time of server firmware |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114925339A true CN114925339A (en) | 2022-08-19 |
Family
ID=82812311
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210606673.6A Pending CN114925339A (en) | 2022-05-31 | 2022-05-31 | Method, device, equipment and medium for managing and controlling permission time of server firmware |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114925339A (en) |
-
2022
- 2022-05-31 CN CN202210606673.6A patent/CN114925339A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8327125B2 (en) | Content securing system | |
| US20200320193A1 (en) | Baseboard management controller to perform security action based on digital signature comparison in response to trigger | |
| CN105308609B (en) | The system and method for storing event data | |
| US9154499B2 (en) | Offline data delete with false trigger protection | |
| AU2010307632B2 (en) | Microcomputer and operation method thereof | |
| US20050038757A1 (en) | Memory card device, rights managing system and time managing method | |
| US8190923B2 (en) | Method to securely initialize, protect and recover system date/time | |
| KR20070084258A (en) | Special pc mode entered upon detection of undesired state | |
| JP6385842B2 (en) | Information processing terminal, information processing method, and information processing system | |
| US20190018964A1 (en) | Secure Persistent Software Updates | |
| JP2008161511A (en) | Game system | |
| CN114925339A (en) | Method, device, equipment and medium for managing and controlling permission time of server firmware | |
| US8308819B2 (en) | Method for detecting the removal of a processing unit from a printed circuit board | |
| US20220164198A1 (en) | Information processing apparatus and bios management method | |
| CN112770318B (en) | Terminal registration method and device | |
| CN114077395A (en) | Protection against undesirable content changes in DRAM during standby mode | |
| JP2018072889A (en) | Image formation apparatus and control method thereof | |
| CN112306410A (en) | Data processing method and device for electric energy meter, storage medium and electric energy meter | |
| CN1329786C (en) | Method for avoiding dictionary attack | |
| CN114328222A (en) | Offline software expiration checking method and device, computing equipment and storage medium | |
| CN115497263B (en) | Gas detection method and device | |
| US11789716B2 (en) | Electronic apparatus capable of updating firmware program securely and method of updating firmware program securely | |
| CN113065173A (en) | Encryption method and device for protecting processor embedded algorithm and storage medium | |
| JP2020135882A (en) | Electronic element, system including such electronic element, and method of monitoring processor | |
| CN112084085A (en) | System power-off recording method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |