CN115309577A - Embedded device and starting and recovering method thereof - Google Patents
Embedded device and starting and recovering method thereof Download PDFInfo
- Publication number
- CN115309577A CN115309577A CN202210943491.8A CN202210943491A CN115309577A CN 115309577 A CN115309577 A CN 115309577A CN 202210943491 A CN202210943491 A CN 202210943491A CN 115309577 A CN115309577 A CN 115309577A
- Authority
- CN
- China
- Prior art keywords
- uboot
- embedded device
- embedded
- tpcm
- backup
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
- G06F11/0736—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in functional embedded systems, i.e. in a data processing system designed as a combination of hardware and software dedicated to performing a certain function
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an embedded device and a starting and recovering method thereof in the technical field of embedded devices, wherein the starting and recovering method of the embedded device comprises the following steps: initiating UBOOT signature verification on the embedded device before the embedded device is started; if the UBOOT signature passes, allowing the embedded device to be powered on and started; if the UBOOT signature check does not pass, starting a UBOOT backup recovery flow, updating and recovering the main board storage area of the embedded device by using the backup UBOOT, and if the recovery is successful, restarting the UBOOT signature check on the embedded device. The invention can repair and restart the embedded device UBOOT in time after the UBOOT signature verification fails, effectively solves the problem of abnormal starting of the embedded device UBOOT, prolongs the service life of the embedded device and ensures the stable operation of the device.
Description
Technical Field
The invention belongs to the technical field of embedded devices, and particularly relates to an embedded device and a starting and recovering method thereof.
Background
At present, the embedded device mainly uses UBOOT to conduct boot starting work of an operating system, but once the UBOOT is damaged or the label is not checked, the device cannot be normally started directly, and operation and maintenance personnel are difficult to troubleshoot and process fault problems caused by the UBOOT, and can only repair the UBOOT by replacing a storage chip on a mainboard.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides an embedded device and a starting and recovering method thereof, which can repair and restart the embedded device in time after UBOOT signature verification failure, effectively solve the problem of abnormal starting of the embedded device UBOOT, prolong the service life of embedded equipment and ensure the stable operation of the equipment.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
in a first aspect, a method for starting and recovering an embedded device is provided, including: initiating UBOOT signature verification on the embedded device before the embedded device is started; if the UBOOT check label passes, allowing the embedded device to be powered on and started; if the UBOOT signature check does not pass, starting a UBOOT backup recovery flow, updating and recovering the main board storage area of the embedded device by using the backup UBOOT, and if the recovery is successful, restarting the UBOOT signature check on the embedded device.
Further, if the recovery is unsuccessful, the signature verification and the recovery upgrading abnormal log are recorded in the log storage area.
Further, starting a UBOOT backup recovery process, including: reading the plate type ID of the embedded device; and selecting a corresponding backup UBOOT mirror image according to the plate type ID of the embedded device, and writing the backup UBOOT mirror image into a host storage module of the embedded device for updating and recovering a main board storage area of the embedded device.
In a second aspect, an embedded device booting and recovering apparatus is provided, which includes a TPCM component, where the TPCM component includes a processor and a storage device, and the storage device stores a plurality of instructions for the processor to load and execute the steps of the method according to the first aspect.
Further, after the backup UBOOT image file is written into the storage device of the TPCM component, the TPCM component is triggered to call an encryption process, the backup UBOOT image file in the storage device is encrypted and covered to the original storage area, and the encrypted backup UBOOT is stored.
Further, the TPCM component is powered on preferentially over the embedded device, the SPI mode is switched to be the storage mode after the TPCM component is powered on and initialized, and the public key of the asymmetric key is used for checking the UBOOT mirror image stored at the host end of the embedded device.
Furthermore, the TPCM part is configured with an external storage area, and the server upgrades the encrypted backup UBOOT to the external storage area of the TPCM part through a serial port.
In a third aspect, an embedded device is provided, which includes an embedded host and the embedded device start-up and recovery device of the second aspect, wherein the embedded host is electrically connected to the embedded device start-up and recovery device.
Furthermore, a board type ID is set on the main board of the embedded host through the GPIO level of the peripheral module and is used as a unique identifier of different board types, so that one TPCM part can adapt to the host board types of various embedded devices; if two GPIOs are designed on the main board of the embedded device, the combination of high and low levels of the GPIOs corresponds to four board types, namely 00, 01, 10 and 11.
Further, the embedded host sends a downlink request recovery UBOOT protocol packet to the TPCM component through the SPI, and actively updates the recovery UBOOT from the TPCM component.
Compared with the prior art, the invention has the following beneficial effects: the invention initiates UBOOT signature verification to the embedded device before the embedded device is started; if the UBOOT signature passes, allowing the embedded device to be powered on and started; if the UBOOT signature check does not pass, starting a UBOOT backup recovery flow, updating and recovering a main board storage area of the embedded device by using the UBOOT backup, and if the UBOOT backup recovery flow succeeds, restarting the UBOOT signature check on the embedded device; the method can repair and restart the embedded device UBOOT in time after the UBOOT signature verification fails, effectively solves the problem of abnormal starting of the embedded device UBOOT, prolongs the service life of the embedded device and ensures the stable operation of the device.
Drawings
Fig. 1 is a schematic overall structure diagram of an embedded device according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating the process of encrypting and decrypting UBOOT by a TPCM component in the embodiment of the present invention;
FIG. 3 is a schematic diagram of a process flow for UBOOT startup and recovery in an embodiment of the present invention;
fig. 4 is a diagram of a recovery UBOOT interaction protocol between an embedded host and a TPCM component in an embodiment of the invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
The first embodiment is as follows:
a method for starting and recovering an embedded device comprises the following steps: initiating UBOOT signature verification on the embedded device before the embedded device is started; if the UBOOT signature passes, allowing the embedded device to be powered on and started; and if the UBOOT signature verification fails, starting a UBOOT backup recovery process, updating and recovering the main board storage area of the embedded device by using the backup UBOOT, and if the UBOOT signature verification succeeds, restarting UBOOT signature verification on the embedded device.
If the recovery is unsuccessful, recording the signature verification and recovering the abnormal upgrading log to the log storage area.
Starting a UBOOT backup recovery process, which comprises the following steps: reading the plate type ID of the embedded device; and selecting a corresponding backup UBOOT mirror image according to the plate type ID of the embedded device, and writing the backup UBOOT mirror image into a host storage module of the embedded device for updating and recovering a main board storage area of the embedded device.
Example two:
based on the method for starting and recovering an embedded device according to the first embodiment, the present embodiment provides a device for starting and recovering an embedded device, as shown in fig. 1 to 4, including a TPCM component, where the TPCM component includes a processor and a storage device, and the storage device stores a plurality of instructions for the processor to load and execute the steps of the method according to the first embodiment.
(1) The encrypted backup UBOOT is stored in a storage area at the TPCM component end, and four different UBOOT image files can be stored in a supporting way according to different mainboard designs of the embedded device.
The TPCM part is connected with the server through a serial port, and UBOOT image files needing to be backed up can be written into a storage module in the TPCM part during production, debugging and maintenance.
After the backup UBOOT image file is written into the TPCM storage area, the TPCM is triggered to call an encryption flow, the backup UBOOT in the storage area is encrypted and covered to the original storage area, and the encrypted backup UBOOT is stored, wherein the encryption flow of the UBOOT by the TPCM is shown in FIG. 2.
(2) The host end of the embedded device is designed with the plate type ID, so that different plate types are corresponding to the UBOOT mirror image, and four different plate type IDs can be supported.
The hardware mainboard GPIO module of the embedded device is designed with two GPIOs: and 0 and 1 are plate type IDs, and the high and low levels combined by GPIO correspond to four plate types of 00, 01, 10 and 11.
After UBOOT in a main board storage area of the TPCM part signature checking embedded device fails, the designed GPIO value can be read, and then backup UBOOT stored locally is called to restore to the embedded main board storage area.
(3) And the TPCM part checks and signs the host storage area UBOOT of the embedded device.
As shown in fig. 3, the TPCM component preferentially powers up and starts up and pulls down the host SOC power supply of the embedded device, and the peripheral modules of the host of the embedded device are normally powered up, so as to ensure that the peripheral circuits such as the memory module and the like normally operate.
And after the TPCM part completes initialization, the TPCM part switches the SPI mode into a storage mode, and a public key of the asymmetric key is used for verifying and signing the UBOOT mirror image stored at the host end of the embedded device.
And if the signature verification is successful, powering on to start a host of the embedded device, entering a starting process, and if the signature verification is not passed, entering a UBOOT recovery process.
(4) And starting a UBOOT recovery flow after the TPCM part fails to verify the UBOOT in the host storage area of the embedded device.
The TPCM component first reads the board ID of the host of the embedded device.
And the TPCM component selects a corresponding backup UBOOT mirror image from the local storage area according to the acquired plate type ID.
And the TPCM component switches the SPI mode into a storage mode and writes a backup UBOOT into the storage module at the embedded host end.
And if the upgrade is recovered successfully, the TPCM component jumps to the UBOOT label checking process, and the embedded host end UBOOT is checked again.
If the upgrade is failed to be recovered, recording the verification label and recovering the abnormal log of the upgrade to the storage log area of the TPCM component.
(5) The host side of the embedded device actively updates and recovers UBOOT from the TPCM component.
As shown in fig. 4, the host of the embedded device sends a downstream request recovery UBOOT protocol packet to the TPCM through the SPI, including a required profile ID and a request recovery UBOOT instruction.
And the TPCM component analyzes the downlink request message sent by the host end of the embedded device and enters a UBOOT recovery process.
The TPCM unit obtains the backup UBOOT for formulating the plate type ID from the memory and packages the backup UBOOT into an uplink protocol packet, wherein the backup UBOOT comprises the size and the mirror image of the backup UBOOT.
And the host end of the embedded device analyzes the data after receiving the uplink protocol packet, writes the data into a main UBOOT partition of the storage module and realizes UBOOT recovery.
The invention ensures the normal signature verification starting and active repairing of the UBOOT on the premise of ensuring the safe starting of the system. Because the UBOOT is stored in the storage module of the embedded host, abnormal errors such as bad blocks and the like may occur after the storage module runs for a long time, which may cause the UBOOT to fail to check the label, and further cause the equipment to run normally. By using a double UBOOT mode, backup UBOOT is stored in a TPCM part storage module, the problem of starting abnormity of the UBOOT can be effectively solved, the service life of the embedded equipment is prolonged, and the stable operation of the equipment is guaranteed.
Example three:
based on the method for starting and recovering the embedded device in the first embodiment and the device for starting and recovering the embedded device in the second embodiment, the embodiment provides an embedded device, which comprises an embedded host and the device for starting and recovering the embedded device in the second embodiment, wherein the embedded host is electrically connected with the device for starting and recovering the embedded device.
The master board of the embedded host sets a board type ID through GPIO level of the peripheral module as a unique identifier of different board types so as to realize that one TPCM component can adapt to the host board types of various embedded devices; if two GPIOs are designed on the main board of the embedded device, the combination of high and low levels of the GPIOs corresponds to four board types, namely 00, 01, 10 and 11.
The embedded host sends a downlink request recovery UBOOT protocol packet to the TPCM component through the SPI, and updates and recovers UBOOT from the TPCM component actively.
Embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The scheme in the embodiment of the application can be implemented by adopting various computer languages, such as object-oriented programming language Java and transliterated scripting language JavaScript.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A method for starting and recovering an embedded device is characterized by comprising the following steps:
initiating UBOOT signature verification on the embedded device before the embedded device is started;
if the UBOOT signature passes, allowing the embedded device to be powered on and started;
and if the UBOOT signature verification fails, starting a UBOOT backup recovery process, updating and recovering the main board storage area of the embedded device by using the backup UBOOT, and if the UBOOT signature verification succeeds, restarting UBOOT signature verification on the embedded device.
2. The embedded device booting and recovery method of claim 1 wherein if recovery is unsuccessful, logging the verification of the signature and recovering the upgrade exception log to the log storage area.
3. The method for starting and recovering the embedded device according to claim 1, wherein starting a UBOOT backup recovery process comprises:
reading the plate type ID of the embedded device;
and selecting a corresponding backup UBOOT mirror image according to the plate type ID of the embedded device, and writing the backup UBOOT mirror image into a host storage module of the embedded device for updating and recovering a main board storage area of the embedded device.
4. An embedded device starting and recovering device, comprising a TPCM component, wherein the TPCM component comprises a processor and a storage device, and the storage device stores a plurality of instructions, so that the processor loads and executes the steps of the method according to any one of claims 1 to 3.
5. The embedded device startup and recovery apparatus of claim 4, wherein the backup UBOOT image file triggers the TPCM component to invoke the encryption process after being written into the storage device of the TPCM component, and encrypts the backup UBOOT image file in the storage device and covers the backup UBOOT image file to the original storage area, thereby implementing storage of the encrypted backup UBOOT image file.
6. The embedded device startup and recovery apparatus of claim 4, wherein the TPCM component is powered on prior to the embedded device, and switches the SPI mode to the storage mode after the TPCM component is powered on and initialized, and uses the public key of the asymmetric key to verify the UBOOT image stored on the host side of the embedded device.
7. The embedded device startup and recovery device of claim 4 wherein the TPCM unit is configured with an external storage area, and the server upgrades the encrypted backup UBOOT to the external storage area of the TPCM unit via a serial port.
8. An embedded device, comprising an embedded host and the embedded device booting and recovering device as claimed in any one of claims 4 to 7, wherein the embedded host is electrically connected to the embedded device booting and recovering device.
9. The embedded device according to claim 8, wherein a board type ID is set on the motherboard of the embedded host by GPIO level of the peripheral module as a unique identifier for different board types, so that one TPCM component can adapt to host board types of multiple embedded devices; if two GPIOs are designed on the main board of the embedded device, the combination of high and low levels of the GPIOs corresponds to four board types, namely 00, 01, 10 and 11.
10. The embedded device of claim 8, wherein the embedded host actively updates the recovery UBOOT from the TPCM component by sending a downstream request recovery UBOOT protocol packet to the TPCM component through the SPI.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210943491.8A CN115309577A (en) | 2022-08-08 | 2022-08-08 | Embedded device and starting and recovering method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210943491.8A CN115309577A (en) | 2022-08-08 | 2022-08-08 | Embedded device and starting and recovering method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115309577A true CN115309577A (en) | 2022-11-08 |
Family
ID=83859874
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210943491.8A Pending CN115309577A (en) | 2022-08-08 | 2022-08-08 | Embedded device and starting and recovering method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115309577A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116775145A (en) * | 2023-05-04 | 2023-09-19 | 合芯科技(苏州)有限公司 | Method, device, equipment and storage medium for starting and recovering server |
-
2022
- 2022-08-08 CN CN202210943491.8A patent/CN115309577A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116775145A (en) * | 2023-05-04 | 2023-09-19 | 合芯科技(苏州)有限公司 | Method, device, equipment and storage medium for starting and recovering server |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106598635B (en) | Recovery method of baseboard management controller and baseboard management controller | |
| WO2022198972A1 (en) | Method, system and apparatus for fault positioning in starting process of server | |
| US20110307879A1 (en) | Program update device, program update method, and information processing device | |
| US8806265B2 (en) | LPAR creation and repair for automated error recovery | |
| TWI740158B (en) | A server system, a centralized flash memory module, and a method of updating flash firmware image | |
| CN110990124B (en) | Cloud host recovery method and device | |
| CN111143132B (en) | BIOS recovery method, device, equipment and readable storage medium | |
| CN114116280B (en) | Interactive BMC self-recovery method, system, terminal and storage medium | |
| CN115309589A (en) | Method, system and device for recovering temporary storage area of substrate management controller | |
| CN115309577A (en) | Embedded device and starting and recovering method thereof | |
| CN108737153B (en) | Block chain disaster recovery system, method, server and computer-readable storage medium | |
| CN114116305A (en) | BIOS firmware recovery method, system, terminal and storage medium based on PFR | |
| CN114579971A (en) | Starting method of safety control module and related device | |
| CN111427721B (en) | Abnormality recovery method and device | |
| CN106909382B (en) | Method and device for outputting different types of system starting information | |
| WO2024022212A1 (en) | Configuration information management method and apparatus, and server | |
| WO2018076696A1 (en) | Data synchronization method and out-of-band management device | |
| US11740969B2 (en) | Detecting and recovering a corrupted non-volatile random-access memory | |
| CN111198832A (en) | Processing method and electronic equipment | |
| CN115904831A (en) | Starting method of server firmware and terminal | |
| CN115827069A (en) | Starting control method, system and device for server mainboard | |
| CN102541585A (en) | Remote upgrade method and embedded system | |
| CN115730353A (en) | Starting file checking method, checking assembly and equipment | |
| CN107544868B (en) | Data recovery method and device | |
| CN118070292B (en) | Detection method based on TPCM double-system architecture safe starting technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |