CN116010974A - Control method, device, equipment and medium for forced restarting of android vehicle-mounted system - Google Patents

Control method, device, equipment and medium for forced restarting of android vehicle-mounted system Download PDF

Info

Publication number
CN116010974A
CN116010974A CN202310130093.9A CN202310130093A CN116010974A CN 116010974 A CN116010974 A CN 116010974A CN 202310130093 A CN202310130093 A CN 202310130093A CN 116010974 A CN116010974 A CN 116010974A
Authority
CN
China
Prior art keywords
android
starting
vehicle
lock
program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310130093.9A
Other languages
Chinese (zh)
Inventor
周辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ecarx Hubei Tech Co Ltd
Original Assignee
Ecarx Hubei Tech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ecarx Hubei Tech Co Ltd filed Critical Ecarx Hubei Tech Co Ltd
Priority to CN202310130093.9A priority Critical patent/CN116010974A/en
Publication of CN116010974A publication Critical patent/CN116010974A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Stored Programmes (AREA)

Abstract

The invention discloses a forced restarting control method, a forced restarting control device, forced restarting control equipment and forced restarting control media of an security Zhuo Chezai system. The method comprises the following steps: after the android vehicle-mounted equipment is powered on, initializing a hardware environment and a trusted execution environment of the android vehicle-mounted system; acquiring a decryption state code of a starting boot program lock of an android starting boot program when the android vehicle-mounted system is in a quick starting mode; the starting boot program lock is used for controlling whether mirror image programming of the android starting boot program is allowed to be executed or not; setting a flag bit in the android starting bootstrap program as a decryption state code; controlling whether mirror image programming of the android starting boot program is allowed to be executed or not according to the zone bit in the android starting boot program so as to forcedly restart the android vehicle-mounted system; the software control mode of the startup bootstrap lock is adopted, the android vehicle-mounted system is controlled to execute mirror image programming of the android startup bootstrap to realize forced restarting, and the safety of forced restarting is improved while the forced restarting mode is reserved after the android vehicle-mounted system leaves a factory.

Description

Control method, device, equipment and medium for forced restarting of android vehicle-mounted system
Technical Field
The invention relates to the technical field of android vehicle-mounted systems, in particular to a forced restarting control method, device, equipment and medium of an android Zhuo Chezai system.
Background
The operating system is responsible for managing the hardware resources of the device, and the boot loader is a program used to boot the operating system. One core function of the boot loader is to ensure that a trusted operating system is started, and the other core function is to boot another normal trusted system to execute a recovery system when the operating system of the device has a problem, so that the system is forced to restart.
At present, the main method for forced system restarting of the vehicle-mounted android system is to start a forced programming mirror image mode of the vehicle-mounted android system through a GPIO switch on a dial-up main board, so that mirror image programming of an android starting guide program (Android Boot Loader, ABL) which can be executed by the vehicle-mounted android system is realized, and then the vehicle-mounted android system is forced to restart.
However, the method for starting the forced programming mirror image mode of the vehicle-mounted android system in the driving mode of the dial switch can be executed by any user, and the safety is not guaranteed. Therefore, the mode is generally reserved only before the vehicle-mounted android system leaves the factory and is used by development or testing personnel and the like; the function is permanently closed after leaving the factory, so that the safety of the vehicle-mounted android system is ensured. And after the forced programming mirror image mode is permanently closed, when the operating system of the equipment is in a problem, the forced restarting of the android vehicle-mounted system cannot be realized, and the forced programming mirror image mode is not used for fault investigation, perfection and later upgrading of the operating system.
Disclosure of Invention
The invention provides a forced restarting control method, a device, equipment and a medium of an android Zhuo Chezai system, which are used for solving the problems that the safety of a forced programming mirror image mode of an existing vehicle-mounted android system started by adopting a driving mode of a dial switch is not high and the vehicle-mounted equipment cannot be used continuously after leaving a factory; the forced restarting method is reserved after the android vehicle-mounted system leaves a factory, and meanwhile the safety of forced restarting is improved.
According to an aspect of the present invention, there is provided a forced restart control method of an security Zhuo Chezai system, including:
after the android vehicle-mounted equipment is powered on, initializing a hardware environment and a trusted execution environment of the android vehicle-mounted system;
acquiring a decryption state code of a starting boot program lock of an android starting boot program when the android vehicle-mounted system is in a quick starting mode; the starting bootstrap program lock is used for controlling whether mirror image programming of the android starting bootstrap program is allowed to be executed or not;
setting a zone bit in the android starting bootstrap program as the decryption state code;
and controlling whether to allow the mirror image programming of the android starting and guiding program to be executed or not according to the zone bit in the android starting and guiding program so as to forcedly restart the android vehicle-mounted system.
According to another aspect of the present invention, there is provided a forced restarting control device of an security Zhuo Chezai system, including:
the initialization module is used for initializing the hardware environment and the trusted execution environment of the android vehicle-mounted system after the android vehicle-mounted device is powered on;
the acquisition module is used for acquiring a decryption state code of a starting bootstrap lock of the android starting bootstrap when the android vehicle-mounted system is in a quick starting mode; the starting bootstrap program lock is used for controlling whether mirror image programming of the android starting bootstrap program is allowed to be executed or not;
the setting module is used for setting the zone bit in the android starting guide program as the decryption state code;
and the determining module is used for controlling whether to allow the mirror image programming of the android starting boot program to be executed according to the zone bit in the android starting boot program so as to forcedly restart the android vehicle-mounted system.
According to another aspect of the present invention, there is provided an android in-vehicle device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores a computer program executable by the at least one processor, and the computer program is executed by the at least one processor, so that the at least one processor can execute the forced restarting control method of the android vehicle-mounted system according to any embodiment of the present invention.
According to another aspect of the present invention, there is provided a computer readable storage medium storing computer instructions for causing a processor to implement the forced restart control method of the android vehicle-mounted system according to any one of the embodiments of the present invention when executed.
According to the technical scheme, after the android vehicle-mounted equipment is electrified, the hardware environment and the trusted execution environment of the android vehicle-mounted system are initialized; acquiring a decryption state code of a starting boot program lock of an android starting boot program when the android vehicle-mounted system is in a quick starting mode; the starting boot program lock is used for controlling whether mirror image programming of the android starting boot program is allowed to be executed or not; setting a flag bit in the android starting bootstrap program as a decryption state code; controlling whether mirror image programming of the android starting boot program is allowed to be executed or not according to the zone bit in the android starting boot program so as to forcedly restart the android vehicle-mounted system; the software control mode of the startup boot program lock is adopted, the android vehicle-mounted system is controlled to execute mirror programming of the android startup boot program to realize forced restarting, compared with the method that a dial switch is adopted to control the starting or closing of the mirror programming of the android startup boot program according to requirements, the forced restarting mode is reserved after the android vehicle-mounted system leaves a factory, meanwhile, the safety of the forced restarting is improved, and the problems that the safety of a forced programming mirror mode of the existing vehicle-mounted android system started by adopting a driving mode of the dial switch is not high and vehicle-mounted equipment cannot be used continuously after leaving the factory are solved.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a forced restarting control method of an security Zhuo Chezai system according to an embodiment of the present invention;
fig. 2A is a flowchart of a forced restarting control method of an security Zhuo Chezai system according to a second embodiment of the present invention;
fig. 2B is a complete flowchart of a forced restarting control method of an security Zhuo Chezai system according to a second embodiment of the present invention
Fig. 3 is a schematic structural diagram of a forced restarting control device of an security Zhuo Chezai system according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an android vehicle-mounted device for implementing the forced restarting control method of the android vehicle-mounted system according to the embodiment of the invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It is noted that the terms "comprises" and "comprising," and any variations thereof, in the description and claims of the present invention and in the foregoing figures, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus.
Example 1
Fig. 1 is a flowchart of a forced restarting control method of an android Zhuo Chezai system according to an embodiment of the present invention, where the method may be implemented by a forced restarting device when a problem occurs in an android onboard system, and the forced restarting device may be implemented in a hardware and/or software form, and the forced restarting device may be configured in the android onboard device (i.e., the onboard device on which the android system is installed). As shown in fig. 1, the method includes:
s110, initializing a hardware environment and a trusted execution environment of the android vehicle-mounted system after the android vehicle-mounted device is powered on.
The android vehicle-mounted equipment refers to vehicle-mounted equipment carrying an android system; the operating system of the android vehicle-mounted device is an android vehicle-mounted system based on the android operating system.
Specifically, after the android vehicle-mounted device is powered on, the android vehicle-mounted system enters an initialization process, an initialized code is solidified on a boot chip BootRom of a read-only memory, and once the android vehicle-mounted device is delivered, the android vehicle-mounted system cannot be changed, and the android vehicle-mounted system has the main functions of verifying and starting a mirror image (Secondary Boot Loader, SBL) of a secondary loading boot program; the main functions of SBL are to initialize hardware environment (e.g. Double Data Rate (DDR), clock Clocks, universal Serial Bus (USB)), and trusted execution environment (e.g. trust zone, which may be specifically referred to as Trusted execution environment, TEE).
S120, acquiring a decryption state code of a starting bootstrap lock of an android starting bootstrap when the android vehicle-mounted system is in a quick starting mode; the boot loader lock is used for controlling whether to allow the mirror image programming of the android boot loader to be executed.
Unlike BootRom, the secondary load boot SBL, which is typically stored on eMMC, can be modified so that the SBL can be written and updated, carrying the tasks of the bottommost recovery device. An important job of SBL is also to verify and load the mirror image of the android boot loader (Android Boot Loader, ABL; also called aboot), called uboot in the generic linux system. The android boot loader is a program for booting and starting an android operating system. The android boot loader ABL runs a mini operating system LK (Little Kernel) inside, so ABL is also called LK. In the conventional method for controlling the android vehicle-mounted system to enter a forced programming mirror image mode by adopting a dial switch, in the forced programming mirror image mode, after the execution of the SBL is completed, an android starting guide program ABL is verified and loaded, the main function of the ABL is to verify and load bootimg, then Linux Kernel is started, and then the android operating system is restarted.
In this embodiment, in order to improve the security of forced restarting of the android in-vehicle system, a startup boot program lock is set for the android startup boot program of the android in-vehicle system. The boot loader lock is used for controlling whether to allow the mirror image programming of the android boot loader to be executed. Only when the mirror image programming of the android starting boot program is allowed to be executed, the mirror image of the android starting boot program can be loaded, and then the android operating system is forcedly started. The decrypted status code of the boot lock may be understood as a status code of the boot lock after decryption, where the status code is used to indicate the locked or unlocked status of the boot lock.
Specifically, the android starting boot program ABL has an important function of providing a fast startup fastboot mode and having a function of forcedly restarting an android vehicle-mounted system by programming a mirror image in the fastboot mode. For example, the fastboot mode can be selectively entered in the bootstrap after the android in-vehicle device is powered up.
In the quick starting mode, the decryption state code of the starting boot program lock of the android starting boot program in the android vehicle-mounted system is obtained, and the lock state (such as a locking state or an unlocking state) of the starting boot program lock can be determined based on the decryption state code of the starting boot program lock, so that whether mirror image programming of the android starting boot program is allowed to be executed or not is determined, and forced restarting of the android operating system is completed.
S130, setting a zone bit in the android starting guide program as a decryption state code.
Wherein, the flag bit in the android boot loader can be understood as a flag bit for indicating the state of the boot loader lock. The embodiment of the invention does not limit the selection of the zone bit.
Specifically, a flag bit is set in the android boot program, and a decryption state code is assigned to the flag bit in the android boot program, so that the state that the start boot program lock is represented by the flag bit is realized.
And S140, controlling whether to allow the mirror image programming of the android starting bootstrap program to be executed or not according to the zone bit in the android starting bootstrap program so as to forcedly restart the android vehicle-mounted system.
Specifically, because the flag bit in the android boot program can represent the state of the boot program lock, and the boot program lock is used for controlling whether to allow the mirror programming of the android boot program to be executed, whether to allow the mirror programming of the android boot program to be executed can be directly determined based on the flag bit, in the fast boot mode, the mirror of the android boot program can be programmed, bootimg is verified and loaded through the android boot program, then Linux Kernel is started, and the android operating system is restarted.
According to the technical scheme, after the android vehicle-mounted equipment is electrified, the hardware environment and the trusted execution environment of the android vehicle-mounted system are initialized; acquiring a decryption state code of a starting boot program lock of an android starting boot program when the android vehicle-mounted system is in a quick starting mode; the starting boot program lock is used for controlling whether mirror image programming of the android starting boot program is allowed to be executed or not; setting a flag bit in the android starting bootstrap program as a decryption state code; controlling whether mirror image programming of the android starting boot program is allowed to be executed or not according to the zone bit in the android starting boot program so as to forcedly restart the android vehicle-mounted system; the software control mode of the startup boot program lock is adopted, the android vehicle-mounted system is controlled to execute mirror image programming of the android startup boot program to realize forced restarting, and compared with the method that a dial switch is adopted to control the starting or closing of the mirror image programming of the android startup boot program according to requirements, the forced restarting mode is reserved after the android vehicle-mounted system leaves a factory, and meanwhile the safety of forced restarting is improved.
Example two
Fig. 2A is a flowchart of a forced restarting control method of an android Zhuo Chezai system according to a second embodiment of the present invention, where the embodiment further defines the step S120 of the above embodiment to obtain the decryption status code of the boot loader lock of the android boot loader. As shown in fig. 2A, the method includes:
s210, after the android vehicle-mounted equipment is powered on, receiving an encryption status code of a boot loader lock issued by an authorization center through a set application, and writing the encryption status code into a data partition of the android vehicle-mounted system; the encryption state code is obtained by generating a state code by an authorization center based on a state code application of a boot program lock submitted by a setting application and encrypting the state code application; the status code application carries user identity information and the application status of the boot program lock.
The encrypted state code of the boot loader lock can be understood as the encrypted state code of the boot loader lock. The authorization center is a platform or application for auditing the state code application information carried by the state code application and generating an encrypted state code; the status code application information is information required for applying to modify the status of the boot lock, and may include user identity information (e.g., a user ID, a department or role in which the user is located, a user password, etc.) and an application status of the boot lock (e.g., may include applying to lock the boot lock in a locked state or applying to lock the boot lock in an unlocked state).
Specifically, after the android vehicle-mounted equipment is electrified, state code application information such as user identity information, state application information of a starting program lock and the like is received through the setting application, and a state code application carrying the state code application information is submitted to an authorization center. After receiving the status code application, the authorization center checks the user identity information carried by the status code application and the application status of starting the bootstrap lock; if the verification passes, generating a state code according to the application state of the boot program lock, encrypting to obtain an encrypted state code, and transmitting the encrypted state code to the android vehicle-mounted operating system. Therefore, after the android vehicle-mounted equipment is powered on, the encryption status code issued by the authorization center can be received through the setting application, and the encryption status code is stored in the data partition of the android vehicle-mounted system for the android operating system to use.
It will be appreciated that the identity information of the claim terms with the status code for initiating the boot-strap program lock may be stored in advance at the authority.
The encryption status code of the boot loader lock in the embodiment has the status code issued by the authorization center after the identity information of the auditing user passes, so that the status of the boot loader lock can be ensured to be modified only by users with authority, the situation that the boot loader lock is modified by common vehicle users after leaving the factory is avoided, the android vehicle-mounted operating system is tampered at will, and the restarting safety of the android vehicle-mounted equipment is improved.
S230, the application is set to call a trusted application program in a trusted execution environment, and a decryption key of the encryption status code is written into a replay protection partition of the android vehicle-mounted system.
The trusted execution environment (TrustedExecutionEnvironment, TEE) is a tamper-resistant processing environment running on a separate core, provides assurance for the authenticity and runtime integrity of the execution code, and provides assurance for the information such as code, data, running state and the like stored in the persistent memory of the execution code, and the TEE also provides remote attestation and a third party trust mechanism. The application running on the TEE is called a trusted application (Trusted Application).
The replay protection partition (replay protect memory block, rpmb), also called the loop protection partition, is one of the emmcs that has security features. When the eMMC writes data into the RPMB, the legitimacy of the data can be checked, only the appointed host can write, and meanwhile, when the data is read, a signature mechanism is also provided, so that the data read by the host is the data in the RPMB, and the data which is not forged by an attacker is ensured. In practical applications, RPMB is generally used to store some data that is required to prevent illegal tampering.
Specifically, the trusted application program in the trusted execution environment can be called through the setting application, and the decryption key of the encryption status code is written into the replay protection partition of the android vehicle-mounted system through the trusted application program for use when the android operating system decrypts the encryption status code.
According to the embodiment of the invention, the decryption key of the encryption status code is written into the replay protection partition of the android vehicle-mounted system, so that the safety of restarting control of the android vehicle-mounted system is further improved.
S230, initializing a hardware environment and a trusted execution environment of the android vehicle-mounted system.
S240, acquiring an encryption state code of a starting bootstrap lock of the android starting bootstrap from a data partition of the android onboard system when the android onboard system is in a quick starting mode.
Specifically, in the case that the android vehicle-mounted system is in the fast starting mode, forced programming mirror image and forced starting are needed to be performed on the android vehicle-mounted system, and the android starting bootstrap program ABL obtains the pre-stored encryption state code of the starting bootstrap program lock from the data partition of the android vehicle-mounted system.
S250, acquiring a decryption key of a starting boot program lock of the android starting boot program from a replay protection partition of the android vehicle-mounted system.
Specifically, after the encrypted state code of the boot lock is obtained, the encrypted state code is in an encrypted state, so that the actual information of the state code cannot be directly obtained, and the encrypted state code needs to be decrypted for use. Thus, invoking the trusted application TA obtains the pre-saved decryption key to start the boot lock from the replay protection partition of the android in-vehicle system.
S260, decrypting the encrypted state code based on the decryption key to obtain the decryption state code for starting the bootstrap lock.
Specifically, after the obtained decryption key and the encryption status code, the encryption status code may be decrypted based on the decryption key to obtain a decryption status code of the boot lock, where the decryption status code may represent a status of the boot lock to be modified.
S270, setting a zone bit in the android starting guide program as a decryption state code;
specifically, a flag bit is set in the android boot program, and a decryption state code is assigned to the flag bit in the android boot program, so that the state that the start boot program lock is represented by the flag bit is realized.
Illustratively, the decrypted state code may include two states, LOCK or UNLOCK, and after the decrypted state code is assigned to a flag bit in the android boot loader, the flag bit in the android boot loader may include LOCK or UNLOCK.
Optionally, if the encrypted state code of the boot loader lock does not exist in the data partition or decryption of the encrypted state code of the boot loader lock fails based on the decryption key, a flag bit in the android boot loader is kept in a locked state.
Specifically, if the encrypted state code of the boot program lock of the android boot program is not present in the data partition in the process of acquiring the decryption key of the boot program lock of the android boot program; or if decryption fails in the process of decrypting the encrypted state code based on the decryption key, the decrypted state code is invalid, and the flag bit in the corresponding android starting boot program keeps a default value, namely the LOCK state LOCK. In addition, if the value of the flag bit is an illegal value, the BootLoader is locked in the same way, and the mirror image programming of the android boot loader is not allowed to be executed.
And S280, if the zone bit in the android starting guide program is in a locking state, the android vehicle-mounted system is not allowed to execute mirror image programming of the android starting guide program, and the android vehicle-mounted system cannot be restarted forcedly.
Specifically, the value of the zone bit in the android boot loader is judged, if the value of the zone bit is a default value, namely, a LOCK state LOCK is set, a BootLoader is locked, and the android vehicle-mounted system is not allowed to execute mirror image programming of the android boot loader, so that the android vehicle-mounted system cannot be restarted forcedly.
And S290, if the zone bit in the android starting guide program is in an unlocking state, executing mirror image programming of the android starting guide program so as to forcedly restart the android vehicle-mounted system.
Specifically, if the value of the flag bit is UNLOCK state UNLOCK, the BootLoader is unlocked, and the android vehicle-mounted system allows executing the mirror image programming of the android boot program. Therefore, mirror image programming of the android starting guide program can be executed, and forced restarting of the android vehicle-mounted system is realized.
According to the technical scheme, the software control mode of the startup boot program lock is provided, the android vehicle-mounted system is controlled to execute mirror image programming of the startup boot program to realize forced restarting, and compared with the method that a dial switch is used to control the starting or closing of the mirror image programming of the startup boot program according to requirements, the method is reserved after the android vehicle-mounted system leaves a factory. On the basis, the control of the locking and unlocking state of the starting boot program lock based on the user information is realized, the safety of forced restarting of the android vehicle-mounted system is further improved, and illegal programming is avoided.
In a specific example, fig. 2B is a complete flowchart of a forced restarting control method of the security Zhuo Chezai system, as shown in fig. 2B, after the android vehicle-mounted device is powered on, the application submits a status code application for starting the bootstrap lock to the authorization center, and the authorization center performs an audit according to user identity information carried by the status code application and an application state of the startup bootstrap lock. If the verification is passed, generating an encryption state, and issuing an encryption state code to the setting application, so that the setting application writes the encryption state code into a data partition of the android vehicle-mounted system; and the trusted application program is called through the setting application, and a decryption key of the encryption status code is written into a replay protection partition of the android vehicle-mounted system. After the verification is passed and the encryption state and the decryption state code are finished, or after the verification is not passed, restarting the android vehicle-mounted system, running a boot chip BootRom, and initializing the hardware environment and the trusted execution environment of the android vehicle-mounted system; and running a secondary loading bootstrap program SBL and an android starting bootstrap program ABL, and acquiring an encryption state code of a starting bootstrap program lock from a data partition of the android vehicle-mounted system. Judging whether an encryption state code exists or not, if not, setting a flag bit as a LOCK state LOCK, and enabling the android vehicle-mounted system to not allow mirror image programming of the android starting guide program; if so, the trusted application TA is called to acquire a decryption key for starting the boot program lock from the replay protection partition, and the encryption status code is decrypted based on the decryption key. Judging whether decryption is successful, if not, setting a flag bit as LOCK state LOCK, and enabling the android vehicle-mounted system to not allow mirror image programming of the android starting guide program. And if the decryption is successful, assigning the decryption state code to a flag bit in the android starting bootstrap program. Judging whether the zone bit is unlocked or not, if so, the android vehicle-mounted system does not allow mirror image programming of the android starting guide program, and the android vehicle-mounted system cannot be restarted forcefully; if not, the android vehicle-mounted system allows mirror image programming of the android startup boot program, and can be forcefully restarted.
Example III
Fig. 3 is a schematic structural diagram of a forced restarting control device of an safety Zhuo Chezai system according to a third embodiment of the present invention. As shown in fig. 3, the apparatus includes:
an initialization module 310, configured to initialize a hardware environment and a trusted execution environment of the android in-vehicle system after the android in-vehicle device is powered on;
the obtaining module 320 is configured to obtain a decryption status code of a boot loader lock of the android boot loader when the android in-vehicle system is in a fast start mode; the starting bootstrap program lock is used for controlling whether mirror image programming of the android starting bootstrap program is allowed to be executed or not;
a setting module 330, configured to set a flag bit in the android startup bootstrap as the decryption status code;
and the determining module 340 is configured to control whether to allow the mirror image programming of the android boot program to be executed according to the flag bit in the android boot program, so as to force restarting of the android in-vehicle system.
Optionally, the acquiring module is specifically configured to:
acquiring an encryption state code of a starting boot program lock of the android starting boot program from a data partition of the android vehicle-mounted system;
obtaining a decryption key of a starting boot program lock of the android starting boot program from a replay protection partition of the android vehicle-mounted system;
and decrypting the encrypted state code based on the decryption key to obtain the decryption state code of the boot loader lock.
Optionally, the method further comprises:
the encryption state code writing module is used for receiving the encryption state code of the starting bootstrap lock issued by the authorization center through the set application after the android onboard equipment is electrified and before the encryption state code of the starting bootstrap lock of the android starting bootstrap is obtained from the data partition of the android onboard system, and writing the encryption state code into the data partition of the android onboard system;
the encryption status code is obtained by the authorization center by encrypting the status code application information of the boot loader lock submitted by the setting application; the state code application information is generated by the setting application based on the received user identity information and the state application information of the start-up bootstrap lock.
Optionally, the method further comprises:
and the decryption key writing module is used for writing the decryption key of the encryption status code into the replay protection partition of the android vehicle-mounted system by setting a trusted application program which is called in the trusted execution environment after the android vehicle-mounted device is electrified and before the decryption key of the start-up boot program lock of the android start-up boot program is acquired from the replay protection partition of the android vehicle-mounted system.
Optionally, the method further comprises:
and the lock keeping state module is used for keeping the flag bit in the android boot program in a lock state if the encryption state code of the boot program lock does not exist in the data partition or decryption failure is carried out on the encryption state code of the boot program lock based on the decryption key.
Optionally, the determining module is specifically configured to:
if the zone bit in the android starting guide program is in a locking state, the android vehicle-mounted system is not allowed to execute mirror image programming of the android starting guide program, and the android vehicle-mounted system cannot be restarted forcedly;
and if the zone bit in the android starting and guiding program is in an unlocking state, executing mirror image programming of the android starting and guiding program, and forcibly restarting the android vehicle-mounted system.
The forced restarting control device of the android vehicle-mounted system provided by the embodiment of the invention can execute the forced restarting control method of the android vehicle-mounted system provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example IV
Fig. 4 shows a schematic structural diagram of an android in-vehicle device 10 that may be used to implement an embodiment of the present invention. Android onboard devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Android onboard devices may also represent various forms of mobile equipment, such as personal digital processing, cellular telephones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing equipment. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 4, the android in-vehicle apparatus 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM13, various programs and data required for the operation of the android in-vehicle apparatus 10 can also be stored. The processor 11, the ROM 12 and the RAM13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
A number of components in the android in-vehicle device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the android in-vehicle device 10 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the respective methods and processes described above, for example, a forced restart control method of the android in-vehicle system.
In some embodiments, the forced restart control method of the android in-vehicle system may be implemented as a computer program, which is tangibly embodied on a computer-readable storage medium, such as the storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the android in-vehicle device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into the RAM13 and executed by the processor 11, one or more steps of the forced restart control method of the android in-vehicle system described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the forced restart control method of the android onboard system in any other suitable way (e.g. by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an android in-vehicle device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or a trackball) through which a user can provide input to the android in-vehicle device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims (10)

1. A forced restart control method of an Zhuo Chezai system, comprising:
after the android vehicle-mounted equipment is powered on, initializing a hardware environment and a trusted execution environment of the android vehicle-mounted system;
acquiring a decryption state code of a starting boot program lock of an android starting boot program when the android vehicle-mounted system is in a quick starting mode; the starting bootstrap program lock is used for controlling whether mirror image programming of the android starting bootstrap program is allowed to be executed or not;
setting a zone bit in the android starting bootstrap program as the decryption state code;
and controlling whether to allow the mirror image programming of the android starting and guiding program to be executed or not according to the zone bit in the android starting and guiding program so as to forcedly restart the android vehicle-mounted system.
2. The method of claim 1, wherein the obtaining the decryption state code of the boot loader lock of the android boot loader comprises:
acquiring an encryption state code of a starting boot program lock of the android starting boot program from a data partition of the android vehicle-mounted system;
obtaining a decryption key of a starting boot program lock of the android starting boot program from a replay protection partition of the android vehicle-mounted system;
and decrypting the encrypted state code based on the decryption key to obtain the decryption state code of the boot loader lock.
3. The method of claim 2, further comprising, after powering on the android in-vehicle device and before obtaining the encrypted state code of the boot loader lock of the android boot loader from the data partition of the android in-vehicle system:
receiving an encryption status code of the starting bootstrap lock issued by an authorization center through a set application, and writing the encryption status code into a data partition of the android vehicle-mounted system;
the encryption status code is obtained by the authorization center through encryption based on a status code application of the boot loader lock submitted by a setting application; the state code application carries user identity information and the application state of the start-up bootstrap lock.
4. The method of claim 2, wherein after powering on the android in-vehicle device and before obtaining a decryption key for a boot lock of the android boot from a replay protection partition of the android in-vehicle system, further comprises:
and writing the decryption key of the encryption status code into a replay protection partition of the android in-vehicle system by setting an application to call a trusted application program in a trusted execution environment.
5. The method as recited in claim 2, further comprising:
and if the encrypted state code of the starting boot program lock does not exist in the data partition or the encrypted state code of the starting boot program lock is decrypted based on the decryption key, the flag bit in the android starting boot program is kept in a locking state.
6. The method according to any one of claims 1-5, wherein controlling whether to allow the execution of the mirror programming of the android boot loader according to the flag bit in the android boot loader to force the restarting of the android in-vehicle system comprises:
if the zone bit in the android starting guide program is in a locking state, the android vehicle-mounted system is not allowed to execute mirror image programming of the android starting guide program, and the android vehicle-mounted system cannot be restarted forcedly;
and if the zone bit in the android starting guide program is in an unlocking state, executing mirror image programming of the android starting guide program to forcibly restart the android vehicle-mounted system.
7. A forced restarting control device of an Zhuo Chezai system, comprising:
the initialization module is used for initializing the hardware environment and the trusted execution environment of the android vehicle-mounted system after the android vehicle-mounted device is powered on;
the acquisition module is used for acquiring a decryption state code of a starting bootstrap lock of the android starting bootstrap when the android vehicle-mounted system is in a quick starting mode; the starting bootstrap program lock is used for controlling whether mirror image programming of the android starting bootstrap program is allowed to be executed or not;
the setting module is used for setting the zone bit in the android starting guide program as the decryption state code;
and the determining module is used for controlling whether to allow the mirror image programming of the android starting boot program to be executed according to the zone bit in the android starting boot program so as to forcedly restart the android vehicle-mounted system.
8. The apparatus of claim 7, wherein the obtaining module is specifically configured to:
acquiring an encryption state code of a starting boot program lock of the android starting boot program from a data partition of the android vehicle-mounted system;
obtaining a decryption key of a starting boot program lock of the android starting boot program from a replay protection partition of the android vehicle-mounted system;
and decrypting the encrypted state code based on the decryption key to obtain the decryption state code of the boot loader lock.
9. An android in-vehicle device, characterized in that it comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the forced restart control method of the android onboard system of any one of claims 1-6.
10. A computer readable storage medium, wherein the computer readable storage medium stores computer instructions for causing a processor to implement the forced restart control method of the android in-vehicle system of any one of claims 1 to 6 when executed.
CN202310130093.9A 2023-02-17 2023-02-17 Control method, device, equipment and medium for forced restarting of android vehicle-mounted system Pending CN116010974A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310130093.9A CN116010974A (en) 2023-02-17 2023-02-17 Control method, device, equipment and medium for forced restarting of android vehicle-mounted system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310130093.9A CN116010974A (en) 2023-02-17 2023-02-17 Control method, device, equipment and medium for forced restarting of android vehicle-mounted system

Publications (1)

Publication Number Publication Date
CN116010974A true CN116010974A (en) 2023-04-25

Family

ID=86025001

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310130093.9A Pending CN116010974A (en) 2023-02-17 2023-02-17 Control method, device, equipment and medium for forced restarting of android vehicle-mounted system

Country Status (1)

Country Link
CN (1) CN116010974A (en)

Similar Documents

Publication Publication Date Title
KR101213807B1 (en) System and method to lock tpm always 'on' using a monitor
US8909940B2 (en) Extensible pre-boot authentication
US6609199B1 (en) Method and apparatus for authenticating an open system application to a portable IC device
JP5992457B2 (en) Protecting operating system configuration values
RU2385483C2 (en) System and method for hypervisor use to control access to computed given for rent
US7139915B2 (en) Method and apparatus for authenticating an open system application to a portable IC device
US7917762B2 (en) Secure execution environment by preventing execution of unauthorized boot loaders
US8214632B2 (en) Method of booting electronic device and method of authenticating boot of electronic device
US20130254906A1 (en) Hardware and Software Association and Authentication
US8898797B2 (en) Secure option ROM firmware updates
CN102063591B (en) Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform
US10474454B2 (en) System and method for updating a trusted application (TA) on a device
TW201518989A (en) Method of authorizing an operation to be performed on a targeted computing device
CN101432752B (en) Trusted platform field upgrade system and method
US9710652B1 (en) Verifying boot process of electronic device
CN107292176B (en) Method and system for accessing a trusted platform module of a computing device
TW201512878A (en) Mobile communication device and method of operating thereof
US20150378846A1 (en) Method, computer program, and computer for restoring set of variables
CN112148314A (en) Mirror image verification method, device, equipment and storage medium of embedded system
CN110730079B (en) System for safe starting and trusted measurement of embedded system based on trusted computing module
CN116010974A (en) Control method, device, equipment and medium for forced restarting of android vehicle-mounted system
TW201905703A (en) Securing a host machine against direct memory access (dma) attacks via expansion card slots
WO2007000670A1 (en) Information updating method, program for the same and information processing unit
US20230409339A1 (en) Muscle/memory wire lock of device component(s)
CN116089967B (en) Data rollback prevention method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination