CN115185359B - Crypto-coprocessor system and power-down protection method thereof - Google Patents
Crypto-coprocessor system and power-down protection method thereof Download PDFInfo
- Publication number
- CN115185359B CN115185359B CN202211102517.2A CN202211102517A CN115185359B CN 115185359 B CN115185359 B CN 115185359B CN 202211102517 A CN202211102517 A CN 202211102517A CN 115185359 B CN115185359 B CN 115185359B
- Authority
- CN
- China
- Prior art keywords
- power supply
- processing unit
- central processing
- power
- circuit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000004146 energy storage Methods 0.000 claims abstract description 54
- 238000001514 detection method Methods 0.000 claims abstract description 41
- 230000002159 abnormal effect Effects 0.000 claims description 16
- 230000001360 synchronised effect Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
- G06F1/26—Power supply means, e.g. regulation thereof
- G06F1/30—Means for acting in the event of power-supply failure or interruption, e.g. power-supply fluctuations
-
- H—ELECTRICITY
- H02—GENERATION; CONVERSION OR DISTRIBUTION OF ELECTRIC POWER
- H02J—CIRCUIT ARRANGEMENTS OR SYSTEMS FOR SUPPLYING OR DISTRIBUTING ELECTRIC POWER; SYSTEMS FOR STORING ELECTRIC ENERGY
- H02J9/00—Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting
- H02J9/04—Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting in which the distribution system is disconnected from the normal source and connected to a standby source
- H02J9/06—Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting in which the distribution system is disconnected from the normal source and connected to a standby source with automatic change-over, e.g. UPS systems
- H02J9/061—Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting in which the distribution system is disconnected from the normal source and connected to a standby source with automatic change-over, e.g. UPS systems for DC powered loads
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Emergency Management (AREA)
- Power Engineering (AREA)
- Power Sources (AREA)
Abstract
The invention discloses a secret computing coprocessor system and a power failure protection method thereof, wherein the system comprises a secret computing coprocessor and a server, and the secret computing coprocessor comprises: the power supply circuit, the energy storage circuit, the voltage detection circuit and the central processing unit; the power supply circuit is used for accessing input voltage provided by the server; the power supply circuit is used for supplying power to the central processing unit according to the input voltage accessed by the power supply circuit or the power supply voltage provided by the energy storage circuit; the energy storage circuit is used for charging according to the input voltage provided by the power supply circuit and supplying power to the central processing unit when the server is powered off; the voltage detection circuit is used for detecting the input voltage of the power supply circuit and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage; and the central processing unit is used for controlling the energy storage circuit to supply power according to the interrupt signal and storing the key information and the key data. The method and the device can store the key data and the key information under the condition that the server is powered off.
Description
Technical Field
The invention relates to the technical field of security computing, in particular to a cryptographic coprocessor system and a power failure protection method thereof.
Background
With the development of coprocessor technology, a Central Processing Unit (CPU) can offload specific tasks to a coprocessor, and release the CPU power to upper-layer applications. Currently, a common coprocessor includes a Graphics Processing Unit (GPU) and a Data Processing Unit (DPU). The coprocessor is generally small in size and powered by the server, and if the server is abnormally powered down, key data in the coprocessor is lost. However, a secret computing coprocessor (SPU) is used to run a security application for secret computing, where stored data is very important, and if a server is powered down, the last state and processed event of the SPU are not saved, such as loss of key information, which may cause damage to the SPU system and result in failure to start the SPU system again. For example, a power failure while the SPU is writing to the hard disk may cause the file system on the hard disk to be corrupted, which may result in the SPU being restarted without being mounted, and thus system software or business programs on the SPU cannot run normally.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
In view of the above-mentioned deficiencies of the prior art, it is an object of the present invention to provide a cryptographic coprocessor system and a power-down protection method thereof, so as to solve the problem of loss of key information and data caused by the power-down of the existing SPU in the server.
The technical scheme of the invention is as follows:
a cryptographic coprocessor system comprising a confidential compute coprocessor and a server, said confidential compute coprocessor comprising: the power supply circuit, the energy storage circuit, the voltage detection circuit and the central processing unit; wherein,
the power supply circuit is respectively connected with the server, the energy storage circuit and the power supply circuit, and is used for accessing input voltage provided by the server and respectively inputting the input voltage to the power supply circuit and the energy storage circuit;
the power supply circuit is respectively connected with the power supply circuit, the energy storage circuit and the central processing unit, and the power supply circuit is used for supplying power to the central processing unit according to input voltage accessed by the power supply circuit or power supply voltage provided by the energy storage circuit;
the energy storage circuit is respectively connected with the power supply circuit and the power supply circuit, and is used for charging according to the input voltage provided by the power supply circuit and supplying power to the central processing unit when the server is powered off;
the voltage detection circuit is respectively connected with the power supply circuit and the central processing unit, and is used for detecting the input voltage of the power supply circuit and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage;
and the central processor is used for controlling the energy storage circuit to supply power and storing key information and key data according to the interrupt signal.
In a further arrangement of the invention, the server comprises: an onboard power supply and an ATX power supply; wherein,
the power circuit is respectively connected with the onboard power supply and the ATX power supply and selectively connected into the onboard power supply or the ATX power supply according to load requirements.
According to a further arrangement of the present invention, the normal operating voltage of the input voltage is 12V; the voltage threshold is 10V.
A power down protection method applied to the confidential computing coprocessor system of the confidential computing coprocessor system comprises the following steps:
detecting the input voltage in real time through a voltage detection circuit, and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage;
and when the central processing unit receives the interrupt signal, the power supply circuit is controlled to supply power to the central processing unit through the energy storage circuit, and key information and key data are stored.
In a further aspect of the present invention, the power down protection method for the confidential computing coprocessor system further comprises:
when the voltage detection circuit detects that the input voltage reaches the normal working voltage, the input voltage provided by the power supply circuit is output to the power supply circuit to supply power to the central processing unit and charge the energy storage circuit.
In a further aspect of the present invention, the step of detecting the input voltage in real time by the voltage detection circuit and feeding back the interrupt signal to the central processing unit when the input voltage is lower than the threshold voltage includes:
when the voltage detection circuit detects that the input voltage is lower than the threshold voltage, a high level signal is fed back to the central processing unit to trigger interruption.
The invention is further arranged in that when the central processing unit receives the interrupt signal, the step of controlling the power supply circuit to supply power to the central processing unit through the energy storage circuit and storing the key information and the key data comprises the following steps:
after the central processing unit is started, driving and registering an interrupt processing function of abnormal power failure;
when the central processing unit runs, the driver receives a request for increasing the callback function from the registration interface, and adds the callback function to a callback function list;
receiving a request for deleting the callback function from the unregistered interface, and deleting the target callback function from the callback function list;
and when the server is abnormally powered off, triggering the interrupt processing function to traverse and call back the functions in the function list through the interrupt signal and executing the functions.
The further arrangement of the present invention, after the step of triggering the interrupt processing function to traverse and call back the functions in the function list by the interrupt signal and executing when the server is abnormally powered off, further comprises:
and when the interrupt processing function traverses the functions in the callback function list and is executed, entering a dead loop to wait for the server to be powered off.
The invention further sets up that when the interrupt processing function traverses the function in the callback function list, the synchronous operation function traverses the mounted file system in the current system, and if the file system has a storage entity, the synchronous operation is carried out.
In a further arrangement of the present invention, the synchronization operation function is a first function on the callback function list, and is executed first in the interrupt processing function.
The invention provides a secret computing coprocessor system and a power failure protection method thereof, wherein the secret computing coprocessor system comprises a secret computing coprocessor and a server, and the secret computing coprocessor comprises: the power supply circuit, the energy storage circuit, the voltage detection circuit and the central processing unit. The power supply circuit is used for accessing an input voltage provided by the server and inputting the input voltage to the power supply circuit and the energy storage circuit respectively; the power supply circuit is used for supplying power to the central processing unit according to the input voltage accessed by the power supply circuit or the power supply voltage provided by the energy storage circuit; the energy storage circuit is used for charging according to the input voltage provided by the power supply circuit and supplying power to the central processing unit when the server is powered off; the voltage detection circuit is used for detecting the input voltage of the power supply circuit and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage; and the central processor is used for controlling the energy storage circuit to supply power and storing key information and key data according to the interrupt signal. The invention is connected with the server through the power circuit, when the server supplies power normally, the input voltage provided by the server is accessed and respectively input to the power supply circuit and the energy storage circuit, the power supply circuit supplies power to the central processing unit through the accessed input voltage, and meanwhile, the accessed input voltage charges the energy storage circuit. Meanwhile, the voltage detection circuit detects the magnitude of the input voltage in real time, if the input voltage is detected to be lower than the threshold voltage (namely when the server is abnormally powered down), an interrupt signal is fed back to the central processing unit, the central processing unit triggers the interrupt, the energy storage circuit is controlled to supply power, and the key information and the key data are stored, so that the problem that the key data and the key information are lost under the condition that the server is powered down can be prevented.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
FIG. 1 is a functional block diagram of a cryptographic coprocessor system of the present invention.
Fig. 2 is a flow chart illustrating a power down protection method of a cryptographic coprocessor system in the present invention.
The various symbols in the drawings: 100. a secret computing coprocessor; 110. a power supply circuit; 120. a power supply circuit; 130. a tank circuit; 140. a voltage detection circuit; 150. a central processing unit; 200. a server; 210. an on-board power supply; 220. an ATX power supply.
Detailed Description
The invention provides a secret computing coprocessor system and a power failure protection method thereof, and in order to make the purpose, technical scheme and effect of the invention clearer and clearer, the invention is further described in detail below by referring to the attached drawings and taking examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In the embodiments and claims, the articles "a", "an", "the" and "the" may include plural forms as well, unless the context specifically dictates otherwise. If there is a description of "first", "second", etc. in an embodiment of the present invention, the description of "first", "second", etc. is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature.
It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
In addition, technical solutions between various embodiments may be combined with each other, but must be realized by a person skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope of the present invention.
Referring to FIG. 1, the present invention provides a preferred embodiment of a cryptographic coprocessor system.
As shown in fig. 1, the present invention provides a cryptographic coprocessor system, which comprises a secret computing coprocessor 100 and a server 200, wherein the secret computing coprocessor 100 comprises: a power supply circuit 110, a power supply circuit 120, a tank circuit 130, a voltage detection circuit 140 and a central processing unit 150; the power circuit 110 is respectively connected to the server 200, the tank circuit 130, and the power supply circuit 120, and the power circuit 110 is configured to access an input voltage provided by the server 200 and respectively input the input voltage to the power supply circuit 120 and the tank circuit 130; the power supply circuit 120 is respectively connected to the power supply circuit 110, the tank circuit 130 and the central processing unit 150, and the power supply circuit 120 is configured to supply power to the central processing unit 150 according to an input voltage accessed by the power supply circuit 110 or a power supply voltage provided by the tank circuit 130; the tank circuit 130 is connected to the power circuit 110 and the power circuit 120, respectively, and the tank circuit 130 is configured to charge according to the input voltage provided by the power circuit 110 and supply power to the central processing unit 150 when the server 200 is powered off; the voltage detection circuit 140 is respectively connected to the power circuit 110 and the central processing unit 150, and the voltage detection circuit 140 is configured to detect an input voltage of the power circuit 110 and feed back an interrupt signal to the central processing unit 150 when the input voltage is lower than a threshold voltage; the central processor 150 is configured to control the tank circuit 130 to supply power according to the interrupt signal and store key information and key data.
Specifically, the secret computing coprocessor 100 is connected to the server 200, and the server 200 supplies power to the secret computing coprocessor 100. The power supply circuit 120 is connected to the power supply circuit 110, the energy storage circuit 130 and the central processing unit 150, the power supply circuit 120 can supply power to the central processing unit 150 through the voltage provided by the power supply circuit 110 or the energy storage circuit 130, and the voltage detection circuit 140 is connected to the power supply circuit 110 and the central processing unit 150, and can detect the input voltage accessed by the power supply circuit 110 in real time.
After the power supply circuit is normally powered on, the power supply circuit 110 accesses the input voltage provided by the server 200 and respectively inputs the input voltage to the power supply circuit 120 and the tank circuit 130, and the power supply circuit 120 supplies power to the central processing unit 150 through the accessed input voltage and charges the tank circuit 130 at the same time, so that a part of electric energy is stored in the confidential calculation coprocessor 100. Because the voltage detection circuit 140 detects the input voltage of the power circuit 110 in real time, after the server 200 is abnormally powered down (or the server is abnormally shut down), the input voltage detected by the voltage detection circuit 140 will be reduced, and when the input voltage is smaller than the threshold voltage, that is, when the power supply provided by the server 200 fails, an interrupt signal will be fed back to the central processing unit 150, so that the central processing unit 150 triggers the interrupt, at this time, the energy storage circuit 130 discharges, the central processing unit 150 supplies power through the energy storage circuit 130 to support the central processing unit 150 to perform interrupt processing, and meanwhile, the central processing unit 150 performs storage work of important data and important information.
As can be seen, the present invention is connected to the server 200 through the power circuit 110, and when the server 200 is normally powered, the input voltage provided by the server 200 is accessed and respectively input to the power supply circuit 120 and the energy storage circuit 130, the power supply circuit 120 supplies power to the central processing unit 150 through the accessed input voltage, and the energy storage circuit 130 is charged through the accessed input voltage. Meanwhile, the voltage detection circuit 140 detects the magnitude of the input voltage in real time, if it is detected that the input voltage is lower than the threshold voltage (i.e., when the server has an abnormal power failure), an interrupt signal is fed back to the central processing unit 150, the central processing unit 150 triggers an interrupt to control the energy storage circuit 130 to supply power and store key information and key data, so that the server 200 has time to respond to the power failure to store the key data and key information, the system is prevented from being damaged due to the abnormal power failure, the confidential calculation coprocessor can normally operate when being restarted, and the reliability of the system is improved.
In some embodiments, the normal operating voltage of the input voltage is 12V; the voltage threshold is 10V.
Specifically, after the server 200 is powered on, the secret computing coprocessor 100 is powered on by the server 200. When the confidential calculation coprocessor 100 normally works, the voltage detection circuit 140 detects the input voltage 12V of the power supply circuit 110 in real time, if the detected input voltage is normal, that is, the detected input voltage is 12V, the voltage detection circuit 140 sets "0" to the central processing unit 150, if the voltage detection circuit 140 detects that the input voltage 12V is powered down to the threshold voltage 10V, the voltage detection circuit sends a signal "1" to the central processing unit 150 to trigger hardware interruption, at this time, the central processing unit 150 supplies power through the energy storage circuit 130 to save critical data and critical information, when the input voltage reaches 12V, the power supply circuit 110 stably outputs power to the power supply circuit 120, and supplies power to the central processing unit 150 through the power supply circuit 120, so that the central processing unit 150 is ensured to supply power stably.
Referring to fig. 1, in some embodiments, the server 200 includes: an onboard power supply 210 and an ATX power supply 220; the power circuit 110 is connected to the onboard power supply 210 and the ATX power supply 220, and selectively connects to the onboard power supply 210 or the ATX power supply 220 according to a load requirement.
Specifically, the power circuit 110 is a power selection circuit, which is respectively connected to the onboard power supply 210 (motherboard power) of the server 200 and the ATX power supply 220 (power that converts ac 220V power into dc 5V,12v,24v used inside the computer), and the power selection circuit may select whether to supply power through the onboard power supply 210 or the ATX power supply 220 according to the load requirement, for example, when the required supply voltage is 12V, the 12V supply voltage provided by the ATX power supply 220 may be accessed.
Referring to fig. 2, in some embodiments, the present invention further provides a power down protection method for a secret computing coprocessor system of the secret computing coprocessor system, which includes the steps of:
s100, detecting the input voltage in real time through a voltage detection circuit, and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage;
specifically, after the server is powered on, the secret computing coprocessor is powered on by the server. The normal working voltage of the confidential calculation coprocessor is 12V, and when the input voltage is switched off to the threshold voltage of 10V, the power supply is considered to be abnormal. When the confidential calculation coprocessor normally works, the input voltage accessed by the power circuit is monitored in real time through the voltage detection circuit, and if the voltage detection circuit detects that the input voltage is powered down to 10V of threshold voltage, an interrupt signal is fed back to the central processing unit to trigger hardware interrupt.
S200, when the central processing unit receives the interrupt signal, the power supply circuit is controlled to supply power to the central processing unit through the energy storage circuit, and key information and key data are stored;
specifically, after the server is abnormally powered off, the central processing unit receives an interrupt signal, and at the moment, the confidential calculation coprocessor can be switched to the energy storage circuit to supply power so as to support the central processing unit to continue working. Because the central processing unit is provided with a program matched with the energy storage circuit, the central processing unit is switched to an interrupt processing program when receiving an interrupt signal under the power supply support of the energy storage circuit so as to store key data and key information.
In the technical scheme, the power supply circuit is connected with the server, when the server supplies power normally, the input voltage provided by the server is accessed and respectively input to the power supply circuit and the energy storage circuit, the power supply circuit supplies power to the central processing unit through the accessed input voltage, and meanwhile, the energy storage circuit is charged through the accessed input voltage. Meanwhile, the voltage detection circuit monitors the magnitude of the input voltage in real time, if the input voltage is detected to be lower than the threshold voltage (namely when the server has abnormal power failure), an interrupt signal is fed back to the central processing unit, the central processing unit triggers interrupt, the energy storage circuit is switched to supply power, and key information and key data are stored, so that the key data and the key information can be stored in response when the server has power failure, the system is prevented from being damaged due to abnormal power failure, the normal operation of the confidential calculation coprocessor when the confidential calculation coprocessor is restarted is guaranteed, and the reliability of the system is improved.
In some embodiments, the power down protection method of the confidential computing coprocessor system further comprises the steps of:
and S300, when the voltage detection circuit detects that the input voltage reaches the normal working voltage, outputting the input voltage provided by the power supply circuit to supply power to the central processing unit and charge the energy storage circuit.
Specifically, when the server supplies power abnormally, the energy storage circuit supplies power for the central processing unit temporarily, and when the server supplies power normally, the power supply circuit outputs power to the power supply circuit stably, and the central processing unit is supplied power through the power supply circuit. Meanwhile, the power supply circuit charges the energy storage circuit, and when abnormal power failure occurs next time, the central processing unit can be powered by the energy storage circuit.
In some embodiments, step S100 includes the steps of:
s110, when the voltage detection circuit detects that the input voltage is lower than the threshold voltage, a high level signal is fed back to the central processing unit to trigger interruption.
Specifically, if the input voltage is detected to be normal, the voltage detection circuit is set to "0", and a low level signal is fed back to the central processing unit. And if the voltage detection circuit detects that the input voltage is powered down to the threshold voltage of 10V, setting a signal to be 1 to the central processing unit, and triggering hardware interruption.
In some embodiments, step S200 includes the steps of:
s210, after the central processing unit is started, driving an interrupt processing function for registering abnormal power failure;
s220, when the central processing unit runs, the driver receives a request for increasing the callback function from the registration interface, and adds the callback function to a callback function list;
s230, receiving a request for deleting the callback function from the de-registration interface, and deleting the target callback function from the callback function list;
s240, when the server is abnormally powered off, triggering the interrupt processing function to traverse and call back functions in the function list through the interrupt signal and executing the functions;
and S250, entering endless loop to wait for the server to lose power after the interrupt processing function traverses the functions in the callback function list and is executed.
Specifically, the interrupt processing function (exception _ shutdown _ handle) is triggered and executed by an interrupt signal of abnormal power down. The register interface function (register _ exception _ shutdown _ callback) is a processing function used for providing a register interface for other drivers and service programs to register abnormal power failure, and the register interface is added into a callback function list (callback _ list). And the unregistered interface function is used for providing an interface for registration, is used by other drivers and service programs which register call backs, and deletes the corresponding processing function in the call back function list when the drivers are removed or the service programs are finished. The callback function list is executed in a traversal mode in the interrupt processing function, the first element in the callback function list is a synchronous operation function, and other drivers or services can add processing logic to the callback list through the registration interface.
And after the counting unit is started, driving and registering an interrupt processing function of abnormal power failure. In the operation process, the driver receives a request for adding a callback function from the registration interface, adds the callback function to the callback function list, receives a request for deleting the callback function from the de-registration interface, and deletes the target callback function from the callback function list. When the server is abnormally powered off, an interrupt signal fed back by the voltage detection circuit triggers an interrupt processing function to traverse functions in the callback function list and execute the functions so as to switch the energy storage circuit to supply power and store key data and key information, ensure that the confidential calculation coprocessor can normally run when being restarted, and enter a dead loop to wait for the server to be powered off after the execution is finished.
When the interrupt processing function traverses the function in the callback function list, the synchronous operation function traverses the mounted file system in the current system, and if the file system has a storage entity, the synchronous operation is carried out. And the synchronous operation function is the first function on the callback function list and is executed by the first function in the interrupt processing function so as to ensure the reliability of the file system.
In summary, the cryptographic coprocessor system and the power-down protection method thereof provided by the invention have the following beneficial effects:
after the server is abnormally powered off or is abnormally shut down, the confidential calculation coprocessor can be switched to the energy storage circuit for supplying power, and an interrupt signal is fed back to the central processing unit through the voltage detection circuit, so that the central processing unit can store important data and important information, the system is prevented from being damaged due to abnormal power failure, the confidential calculation coprocessor can normally run when being restarted, and the reliability of the system is improved.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.
Claims (10)
1. A cryptographic coprocessor system comprising a cryptographic coprocessor and a server, said cryptographic coprocessor comprising: the power supply circuit, the energy storage circuit, the voltage detection circuit and the central processing unit; wherein,
the power supply circuit is respectively connected with the server, the energy storage circuit and the power supply circuit, and is used for accessing input voltage provided by the server and respectively inputting the input voltage to the power supply circuit and the energy storage circuit;
the power supply circuit is respectively connected with the power supply circuit, the energy storage circuit and the central processing unit, and the power supply circuit is used for supplying power to the central processing unit according to input voltage accessed by the power supply circuit or power supply voltage provided by the energy storage circuit;
the energy storage circuit is respectively connected with the power supply circuit and the power supply circuit, and is used for charging according to the input voltage provided by the power supply circuit and supplying power to the central processing unit when the server is powered off;
the voltage detection circuit is respectively connected with the power supply circuit and the central processing unit and is used for detecting the input voltage of the power supply circuit and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage;
the central processing unit is used for controlling the energy storage circuit to supply power according to the interrupt signal and storing key information and key data;
the voltage detection circuit detects the magnitude of input voltage in real time, and feeds an interrupt signal back to the central processing unit when abnormal power failure of the server is detected, and the central processing unit triggers interrupt, controls the energy storage circuit to supply power and stores key information and key data;
after the central processing unit is started, an interrupt processing function of abnormal power failure is driven to be registered, when the central processing unit runs, the drive receives a request for adding a callback function from a registration interface, the callback function is added to a callback function list, when the server is in abnormal power failure, the central processing unit triggers the interrupt processing function to traverse the functions in the callback function list and execute the functions through an interrupt signal fed back by the voltage detection circuit, and after the execution is finished, the central processing unit enters a dead cycle to wait for the server to be in power failure.
2. The confidential computing coprocessor system of claim 1, wherein the server comprises: an onboard power supply and an ATX power supply; wherein,
the power circuit is respectively connected with the onboard power supply and the ATX power supply and selectively connected into the onboard power supply or the ATX power supply according to load requirements.
3. The confidential compute coprocessor system of claim 1, wherein the normal operating voltage of the input voltage is 12V; the threshold voltage is 10V.
4. A power down protection method for a secret computing coprocessor system of any one of claims 1-3, comprising:
the voltage detection circuit is used for detecting the input voltage in real time and feeding back an interrupt signal to the central processing unit when the input voltage is lower than the threshold voltage;
and when the central processing unit receives the interrupt signal, the power supply circuit is controlled to supply power to the central processing unit through the energy storage circuit, and key information and key data are stored.
5. The method of power down protection for a confidential computing coprocessor system of claim 4, further comprising:
when the voltage detection circuit detects that the input voltage reaches the normal working voltage, the input voltage provided by the power supply circuit is output to the power supply circuit to supply power to the central processing unit and charge the energy storage circuit.
6. The power down protection method of secret computing coprocessor system according to claim 4, wherein the step of detecting the input voltage in real time by the voltage detection circuit and feeding back an interrupt signal to the central processing unit when the input voltage is lower than a threshold voltage comprises:
when the voltage detection circuit detects that the input voltage is lower than the threshold voltage, a high level signal is fed back to the central processing unit to trigger interruption.
7. The power-fail protection method of a confidential computing coprocessor system according to claim 4, wherein the step of controlling the power supply circuit to supply power to the central processing unit through the energy storage circuit and storing key information and key data when the central processing unit receives the interrupt signal comprises:
after the central processing unit is started, driving and registering an interrupt processing function of abnormal power failure;
when the central processing unit runs, the driver receives a request for increasing the callback function from the registration interface, and adds the callback function to a callback function list;
receiving a request for deleting the callback function from the unregistered interface, and deleting the target callback function from the callback function list;
and when the server is abnormally powered off, triggering the interrupt processing function to traverse and call back the functions in the function list through the interrupt signal and executing the functions.
8. The power-fail protection method for secret computing coprocessor system according to claim 7, wherein the step of triggering the interrupt processing function to traverse and execute the functions in the callback function list by the interrupt signal when the server is abnormally powered down further comprises:
and when the interrupt processing function traverses the functions in the callback function list and is executed, the server enters a dead loop to wait for power failure of the server.
9. The power-fail safeguard method for the confidential calculation coprocessor system according to claim 7, wherein when the interrupt processing function traverses the functions in the callback function list, the synchronization operation function traverses the file system mounted in the current system, and if there is a storage entity in the file system, the synchronization operation is performed.
10. The power down protection method for a confidential computing coprocessor system of claim 9, wherein said synchronization operation function is a first function on a callback function list, executed first in said interrupt handling function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211102517.2A CN115185359B (en) | 2022-09-09 | 2022-09-09 | Crypto-coprocessor system and power-down protection method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211102517.2A CN115185359B (en) | 2022-09-09 | 2022-09-09 | Crypto-coprocessor system and power-down protection method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115185359A CN115185359A (en) | 2022-10-14 |
| CN115185359B true CN115185359B (en) | 2023-01-06 |
Family
ID=83524658
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211102517.2A Active CN115185359B (en) | 2022-09-09 | 2022-09-09 | Crypto-coprocessor system and power-down protection method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115185359B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101788949A (en) * | 2010-03-10 | 2010-07-28 | 中兴通讯股份有限公司 | Method and device for realizing embedded type system function monitoring |
| JP2011125124A (en) * | 2009-12-09 | 2011-06-23 | Sanyo Electric Co Ltd | Server and uninterruptible power supply housed in the server |
| CN102156679A (en) * | 2011-04-18 | 2011-08-17 | 苏州捷泰科信息技术有限公司 | PCIE interface-based solid state disk power-down protection method and device |
| CN202166957U (en) * | 2011-07-21 | 2012-03-14 | 曙光信息产业股份有限公司 | Novel power source for blade server |
| CN106602698A (en) * | 2015-10-19 | 2017-04-26 | 沈阳新松机器人自动化股份有限公司 | Power-off loss prevention system of operating parameter of servo system |
| CN208569547U (en) * | 2018-06-11 | 2019-03-01 | 山东超越数控电子股份有限公司 | A kind of storage power failure protection of equipment power supply device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI427471B (en) * | 2011-07-28 | 2014-02-21 | Quanta Comp Inc | Rack server system and operation method thereof |
| CN105528308A (en) * | 2014-10-24 | 2016-04-27 | 中兴通讯股份有限公司 | Power failure processing method and device and electronic apparatus |
| CN114281492A (en) * | 2021-11-12 | 2022-04-05 | 北京智芯微电子科技有限公司 | Interrupt processing method and device, chip, electronic equipment and storage medium |
-
2022
- 2022-09-09 CN CN202211102517.2A patent/CN115185359B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2011125124A (en) * | 2009-12-09 | 2011-06-23 | Sanyo Electric Co Ltd | Server and uninterruptible power supply housed in the server |
| CN101788949A (en) * | 2010-03-10 | 2010-07-28 | 中兴通讯股份有限公司 | Method and device for realizing embedded type system function monitoring |
| CN102156679A (en) * | 2011-04-18 | 2011-08-17 | 苏州捷泰科信息技术有限公司 | PCIE interface-based solid state disk power-down protection method and device |
| CN202166957U (en) * | 2011-07-21 | 2012-03-14 | 曙光信息产业股份有限公司 | Novel power source for blade server |
| CN106602698A (en) * | 2015-10-19 | 2017-04-26 | 沈阳新松机器人自动化股份有限公司 | Power-off loss prevention system of operating parameter of servo system |
| CN208569547U (en) * | 2018-06-11 | 2019-03-01 | 山东超越数控电子股份有限公司 | A kind of storage power failure protection of equipment power supply device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115185359A (en) | 2022-10-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP0813707B1 (en) | A computer system with unattended on-demand availability | |
| US8086883B2 (en) | Hardware driven processor state storage prior to entering a low power | |
| US8028177B2 (en) | Method for changing power states of a computer | |
| US7409537B2 (en) | Fast booting an operating system from an off state | |
| US5902352A (en) | Method and apparatus for task scheduling across multiple execution sessions | |
| TW439025B (en) | Multiprocessor computer | |
| US8032773B2 (en) | Power-saving control apparatus and method for computer system in standby mode | |
| JPS62169219A (en) | Information processing system | |
| US6681336B1 (en) | System and method for implementing a user specified processing speed in a computer system and for overriding the user specified processing speed during a startup and shutdown process | |
| US5590340A (en) | Apparatus and method for suspending and resuming software application on a computer | |
| EP2843502B1 (en) | Information processing device, information processing method, and program | |
| US11216053B2 (en) | Systems, apparatus, and methods for transitioning between multiple operating states | |
| US7240189B2 (en) | Fast resume to normal operation of a computer in a power saving mode | |
| JPH11288334A (en) | Method and device for power down for computer system | |
| WO2013065115A1 (en) | Information processing device, method for controlling information processing device, virtual machine control program, and information processing system | |
| CN115904231A (en) | RAID card power failure processing method and related device | |
| US6738898B1 (en) | Information processor, method for saving/loading data, and information recorded | |
| CN101436097B (en) | Electronic device and wake-up method thereof | |
| CN115185359B (en) | Crypto-coprocessor system and power-down protection method thereof | |
| US7802119B2 (en) | Method and system for saving power of central processing unit | |
| US20060221751A1 (en) | Memory power supply backup system | |
| US8959255B2 (en) | Computer protection system and method | |
| EP1229430A1 (en) | Power management system and method | |
| JPH10240367A (en) | Computer system and suspend control method for the same | |
| JP3487127B2 (en) | Information processing device, product registration device, and program storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20221014 Assignee: Shenzhen Qiangji Computing Technology Co.,Ltd. Assignor: Guangdong Hong Kong Macao Dawan District Digital Economy Research Institute (Futian) Contract record no.: X2023980045750 Denomination of invention: A Confidential Computing Coprocessor System and Its Power Down Protection Method Granted publication date: 20230106 License type: Exclusive License Record date: 20231103 |