CN116431189B - Board card upgrading method, device, equipment and storage medium based on PCIE link - Google Patents
Board card upgrading method, device, equipment and storage medium based on PCIE link Download PDFInfo
- Publication number
- CN116431189B CN116431189B CN202310688310.6A CN202310688310A CN116431189B CN 116431189 B CN116431189 B CN 116431189B CN 202310688310 A CN202310688310 A CN 202310688310A CN 116431189 B CN116431189 B CN 116431189B
- Authority
- CN
- China
- Prior art keywords
- data packet
- packet
- program
- area
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000012795 verification Methods 0.000 claims description 48
- 230000006870 function Effects 0.000 claims description 11
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000013524 data verification Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1415—Saving, restoring, recovering or retrying at system level
- G06F11/1433—Saving, restoring, recovering or retrying at system level during software upgrading
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a board card upgrading method, device, equipment and storage medium based on PCIE links, and relates to the technical field of computers.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for upgrading a board card based on PCIE links.
Background
PCIE (Peripheral Component Interconnect Express ) is generally applied to hardware devices that need to transmit data at a high speed, such as PCIE cryptographic cards, as a high-speed serial computer expansion bus standard. The PCIE cipher card is used as a hardware device for encrypting and decrypting data, and is connected with a computer main board through a PCIE interface so as to encrypt and decrypt the data in the data transmission process, thereby protecting the security of the data.
There are two ways to online upgrade PCIE password cards currently, such as factory return maintenance and burning through JTAG (Joint Test Action Group, joint test workgroup) interfaces or online upgrade through host software. In the mode of adopting the upper computer software, an upgrade data packet to be upgraded is placed in the upper computer, and the upper computer sends the upgrade data packet to the PCIE password card in a data stream mode through a PCIE link.
However, the online method easily causes program leakage of the upgrade package or code stream errors, and causes upgrade failure, so that the PCIE password card cannot be used normally, and the use of the PCIE password card is seriously affected.
Disclosure of Invention
The application provides a board card upgrading method, device, equipment and storage medium based on PCIE links, which can effectively realize online upgrading of PCIE password cards.
In a first aspect, the present application provides a board card upgrading method based on a PCIE link, where the board card upgrading method is applied to a board card, where data transmission is performed between the board card and an upper computer through the PCIE link, and a storage space of the board card includes a boot loading area, a checking area and a program area, where the method includes:
after receiving a ciphertext packet sent by an upper computer through a PCIE link, invoking a bootstrap program of a bootstrap loading area to decrypt the ciphertext packet so as to obtain a decrypted data packet;
according to a preset verification algorithm, verifying the data packet and determining whether the data packet passes the verification;
if the data packet passes the verification, judging the type of the data packet, determining the packet type information and the corresponding programming path of the data packet, and writing the data packet into a corresponding program area according to the programming path;
reading a data packet from a program area, and running an upgrading program in the data packet to upgrade software;
and calling the application program of the boot loading area under the condition that bad blocks appear in the program area so as to maintain the operation of the board card, wherein the application program and the upgrading program are programs with the same functions.
Preferably, the ciphertext packet is encrypted based on an SM4 encryption algorithm that corresponds to the output feedback mode.
Preferably, the data packet includes plaintext data and a first check value; according to a preset verification algorithm, verifying the data packet and determining whether the data packet passes the verification, wherein the method comprises the following steps:
MD5 checking is carried out on the plaintext data so as to obtain a second checking value;
comparing the first check value with the second check value, and determining whether the first check value is consistent with the second check value;
and if the first check value is consistent with the second check value, determining that the data packet passes the check.
Preferably, if the data packet fails to pass the verification, the upgrade waiting program of the boot loader is called, and the next upgrade is waited.
Preferably, if the data packet passes the verification, performing type judgment on the data packet, determining packet type information and a corresponding programming path of the data packet, and writing the data packet into a corresponding program area according to the programming path, including:
determining packet type information of the data packet according to the identifier recorded by the flag bit of the data packet;
determining whether the data packet is any one of a firmware packet, a symmetrical algorithm unit packet or an asymmetrical algorithm unit packet according to the packet type information;
based on packet type information of the data packet, selecting a programming path corresponding to the packet type information;
if the packet type information is the firmware packet type, writing the data packet into the corresponding program area according to the programming path corresponding to the firmware packet type.
Preferably, before the data packet is read from the program area to run the upgrade program in the data packet for software upgrade, the method further comprises:
after the writing of the data packet is completed, adding an identifier in the check area;
performing a warm restart operation in the event that an identifier is added to the check area;
and in response to the hot restart operation, performing restart verification on the storage space.
Preferably, in response to a hot restart operation, performing a restart check on the storage space includes:
determining whether the verification area records the identifier based on the identifier;
judging whether the upgrade program is stored in the program area or not under the condition that the identifier is recorded in the check area;
if the upgrade program is stored in the program area, it is determined to perform a program reading operation.
In a second aspect, the present application further provides a board upgrade apparatus, where the apparatus includes:
the data receiving module is configured to call a bootstrap program of the bootstrap loading area to decrypt the ciphertext packet after receiving the ciphertext packet sent by the upper computer through the PCIE link so as to obtain a decrypted data packet;
the data verification module is configured to verify the data packet according to a preset verification algorithm and determine whether the data packet passes the verification;
the data judging module is configured to judge the type of the data packet if the data packet passes the verification, determine the packet type information and the corresponding programming path of the data packet, and write the data packet into the corresponding program area according to the programming path;
the equipment upgrading module is configured to read the data packet from the program area and run an upgrading program in the data packet to upgrade software;
and the board card maintaining module is configured to call the application program of the boot loading area under the condition that the program area has bad blocks so as to maintain the operation of the board card, wherein the application program and the upgrading program are programs with the same functions.
In a third aspect, the present application further provides an electronic device, including:
one or more processors;
and the storage device is used for storing one or more programs, and when the one or more programs are executed by one or more processors, the one or more processors realize the board card upgrading method based on the PCIE link.
In a fourth aspect, the present application further provides a storage medium storing computer-executable instructions that, when executed by a processor, are configured to perform a PCIE link-based board upgrade method as described above.
According to the method and the device, the updating data is downloaded through the PCIE link, encrypted data is transmitted in the form of data stream, the board card decrypts and verifies the received data, the possibility of data leakage is reduced, meanwhile, the correctness of the data is guaranteed, and corresponding programming paths are provided for different types of data, so that corresponding programs are reasonably and orderly scheduled, and online updating is achieved more quickly. And under the condition that bad blocks appear in the program area, the board card can call the application program of the boot loading area, so that the situation that the board card cannot finish software upgrading and is down or even cannot run is avoided.
Drawings
Fig. 1 is a flowchart of steps of a board card upgrading method according to an embodiment of the present application.
Fig. 2 is a flowchart illustrating steps for checking a data packet according to an embodiment of the present application.
Fig. 3 is a flowchart illustrating steps for storing a data packet according to an embodiment of the present application.
Fig. 4 is a flowchart illustrating steps for performing a hot restart operation according to an embodiment of the present application.
FIG. 5 is a flowchart illustrating steps for performing a memory space reboot check in an embodiment of the present application.
Fig. 6 is a schematic structural diagram of a board card upgrading device according to an embodiment of the present application.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Embodiments of the present application are described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the embodiments of the application and are not limiting of the embodiments of the application. It should be further noted that, for convenience of description, only some, but not all structures related to the embodiments of the present application are shown in the drawings, and those skilled in the art will appreciate that any combination of technical features may constitute alternative embodiments as long as the technical features are not contradictory to each other after reading the specification of the present application.
The terms first, second and the like in the description and in the claims, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged, as appropriate, such that embodiments of the present application may be implemented in sequences other than those illustrated or described herein, and that the objects identified by "first," "second," etc. are generally of a type and not limited to the number of objects, e.g., the first object may be one or more. Furthermore, in the description and claims, "and/or" means at least one of the connected objects, and the character "/", generally means that the associated object is an "or" relationship. In the description of the present application, "a plurality" means two or more, and "a number" means one or more.
The PCIE password card is used as a board card with golden fingers, and the golden fingers are inserted into a PCIE interface of an upper computer in the process of online upgrading the PCIE password card, so that a PCIE link is formed between the PCIE password card and the upper computer, data interaction between the PCIE password card and the upper computer can be realized, and further, a data packet for upgrading is transmitted to the PCIE password card.
Therefore, for board upgrade, the embodiment of the present application provides a board upgrade method based on PCIE links, as shown in fig. 1, fig. 1 is a step flowchart of the board upgrade method provided by the embodiment of the present application, where the method is applied to a board, and specifically, the board upgrade method of the present application includes the following steps:
and step S110, after receiving the ciphertext packet sent by the upper computer through the PCIE link, invoking a bootstrap program of the bootstrap loading area to decrypt the ciphertext packet so as to obtain a decrypted data packet.
On a PCIE password card, a storage space of the board card comprises a boot loading area, a verification area and a program area, wherein the boot loading area stores a boot program, and the boot program is burnt in the boot loading area before the board card leaves a factory; the check area stores check codes, identifiers and the like for checking; the program area is used for storing programs, such as programs corresponding to the updated firmware.
After the board card receives the ciphertext packet sent by the upper computer, the board card calls a bootstrap program of the bootstrap loading area to decrypt the ciphertext packet, and further the decrypted data packet is obtained.
In one embodiment, the ciphertext packet is encrypted based on an SM4 encryption algorithm that corresponds to the output feedback mode. It will be appreciated that the host computer also needs to encrypt the upgrade firmware before sending it to the board card, i.e. the upgrade firmware is encrypted using the output feedback mode (OFB, output Feedback Mode) in the SM4 encryption algorithm.
In the OFB mode, the output of the cipher algorithm is fed back to the input of the cipher algorithm, i.e. the output of the last block cipher algorithm is the input of the current block cipher algorithm, and the ciphertext block is generated by xoring the plaintext block with the output of the cipher algorithm. Wherein, upgrade firmware is regarded as the plaintext block, and ciphertext packet is ciphertext block produced.
Therefore, the upper computer encrypts the upgrading firmware through the SM4-OFB encryption algorithm and converts the transmission of the ciphertext package into a stream mode, so that the board card can better receive the ciphertext package.
And step S120, checking the data packet according to a preset checking algorithm, and determining whether the data packet passes the checking.
Of course, in order to avoid the data packet from being tampered, after decrypting the ciphertext packet to obtain the data packet, the card needs to check the data packet to store the data packet passing the check.
For example, in one embodiment, the data packet includes plaintext data and a first check value, where the first check value is a hash value obtained by the upper computer after performing MD5 check on the plaintext data before encrypting the plaintext data. Therefore, the board card can acquire the plaintext data and the first check value through analyzing the data packet.
Fig. 2 is a flowchart of a step of checking a data packet according to an embodiment of the present application, as shown in the fig. 2, a board card upgrading method of the present application further includes the following steps:
step S210, MD5 checking is carried out on the plaintext data so as to obtain a second checking value.
Step S220, comparing the first check value with the second check value, and determining whether the first check value is consistent with the second check value.
Step S230, if the first check value is consistent with the second check value, determining that the data packet passes the check.
It can be understood that after the board card obtains the plaintext data, MD5 verification is performed on the plaintext data, so as to obtain a second verification value. The board card compares the first check value with the second check value and determines whether the first check value and the second check value are consistent, namely if the plaintext data is unchanged, the first check value and the second check value are equal, so that the board card can determine that the plaintext data is unchanged under the condition that the first check value and the second check value are consistent, and further determine that the data packet passes the check.
Therefore, the scheme can judge whether the transmitted data is wrong or not by utilizing the hash value obtained by calculating the plaintext data before and after transmission, thereby realizing the verification of the data and effectively avoiding the occurrence of upgrading by adopting the wrong data.
And step 130, if the data packet passes the verification, judging the type of the data packet, determining the packet type information and the corresponding programming path of the data packet, and writing the data packet into a corresponding program area according to the programming path.
For the data packet passing the verification, the board card needs to store the data packet to a corresponding storage position. In the scheme of the application, the board judges the type of the data packet, and stores the data packet according to the judging result. And the board card is provided with a programming path for each type of data, and after the packet type information of the data packet is determined, the data packet can be written into a corresponding program area according to the programming path corresponding to the packet type.
Fig. 3 is a flowchart of a step of storing a data packet according to an embodiment of the present application, and in an embodiment, as shown in fig. 3, the board card upgrading method of the present application further includes the following steps:
step S310, determining packet type information of the data packet according to the identification recorded by the flag bit of the data packet.
Step S320, according to the packet type information, it is determined whether the data packet is any one of a firmware packet, a symmetric algorithm unit packet, or an asymmetric algorithm unit packet.
Step S330, based on the packet type information of the data packet, selecting a programming path corresponding to the packet type information.
Step S340, if the packet type information is the firmware packet type, the data packet is written into the corresponding program area according to the programming path corresponding to the firmware packet type.
It can be understood that a flag bit is set in the data packet, where the flag bit is used to record an identifier corresponding to the packet type information, that is, the board card can determine the packet type information of the data packet according to the identifier, so as to determine whether the data packet is any one of a firmware packet, a symmetric algorithm unit packet and an asymmetric algorithm unit packet. In the board card, the corresponding firmware package, the symmetrical algorithm unit package and the asymmetrical algorithm unit package are respectively corresponding to different programming paths, but the storage positions corresponding to the programming paths are all located in the program area.
Therefore, after the packet type information of the data packet is determined, the board card writes the data packet into the corresponding storage position according to the corresponding programming path. For example, if the packet type information is a firmware packet type, the data packet is written into the corresponding program area according to the programming path corresponding to the firmware packet type.
Therefore, the board card can preset corresponding programming paths for different types of data packets, and further write the data packets into corresponding storage positions according to the corresponding programming paths so as to facilitate subsequent calling.
And step S140, reading the data packet from the program area, and running the upgrading program in the data packet to upgrade the software.
The data packet comprises an upgrade program for upgrading, and when the software is upgraded, the board card reads the stored upgrade program from the corresponding program area, and then operates the upgrade program to realize the software upgrade.
And step S150, calling an application program of the boot loading area under the condition that bad blocks appear in the program area so as to maintain the operation of the board card, wherein the application program and the upgrading program are programs with the same functions.
An application program is also stored in the boot loading area, and has the same function as the upgrading program, and can maintain the operation of the board card. It is contemplated that certain flash areas, which are bad blocks, cannot be erased and programmed when present in the memory space. Therefore, under the condition that bad blocks appear in the program area, the board card can call the application program of the boot loading area, so that the situation that the board card cannot finish software upgrading and is down or even cannot run is avoided.
According to the scheme, the upgrade data is downloaded through the PCIE link, the encrypted data is transmitted in the form of a data stream, the board card decrypts and verifies the received data, the possibility of data leakage is reduced, the correctness of the data is ensured, and corresponding programming paths are provided for different types of data, so that corresponding programs are reasonably and orderly scheduled, and online upgrade is realized more quickly.
In some embodiments, if the data packet fails verification, the board card invokes the upgrade waiting program in the boot loader area, so that the board card runs the upgrade waiting program and waits for the next upgrade. In the process of running the upgrade waiting program, the board waits for the upper computer to send a new ciphertext package, and when the board receives the ciphertext package, the board pulls out the card to call the bootstrap program so as to decrypt the ciphertext package and further upgrade the board. Therefore, the board running the upgrade waiting program can more quickly respond to decryption and verification of the ciphertext package, so that the board is upgraded.
In some embodiments, the board card has written the data packet into the program area according to the corresponding writing path, and before the upgrade program is read to perform the software upgrade, the board card also needs to perform a hot-reboot operation. Fig. 4 is a flowchart of a step of performing a hot restart operation according to an embodiment of the present application, as shown in the drawing, a board card upgrading method of the present application further includes the following steps:
step S410, after the writing of the data packet is completed, an identifier is added in the check area.
Step S420, in the case that the identifier is added to the check area, a hot restart operation is performed.
Step S430, in response to the hot restart operation, performing restart verification on the storage space.
The check area is used to store a check code, an identifier, etc. for performing a check. Thus, after the writing operation of the data packet is completed, the board card generates a corresponding identifier and stores the identifier in the verification area, and it is understood that the identifier is used to identify that the writing of the data packet is completed, and the identifier is also associated with the data packet, that is, different data packets correspond to different identifiers.
After the identifier is added, the board is restarted thermally, namely the board starts the application program in a state of being continuously powered off. After the hot restarting operation is completed, the board card also performs restarting verification on the storage space, namely, whether data packets such as firmware packets are successfully written into the storage space or not is verified.
For example, according to the writing path corresponding to the data packet, a storage location corresponding to the writing path is detected to determine whether the data packet exists in the storage location.
Therefore, the board card sets the corresponding identifier for the data packet which is written in, and stores the identifier in the verification area, so that the identifier can be verified after restarting, the condition that the board card is halted and cannot be recovered due to incomplete data is prevented, and the upgrading stability of the board card is improved.
Fig. 5 is a flowchart of a step of restarting the memory space in an embodiment of the present application, as shown in fig. 5, in an embodiment, the board card further needs to restart the memory space after being restarted, and the board card upgrading method of the present application further includes the following steps:
step S510, based on the identifier, determining whether the identifier is recorded in the check area.
In step S520, if the identifier is recorded in the check area, it is determined whether the upgrade program is stored in the program area.
In step S530, if the upgrade program is stored in the program area, it is determined to execute the program reading operation.
It can be understood that after the board card writes the upgrade program, a corresponding identifier is added in the check area, so that the board card detects whether the check area records the identifier, so as to determine that the received data packet is completely written in the corresponding program area, and avoid upgrade failure caused by incomplete data due to factors such as transmission interruption, power failure and the like.
In addition, after the identifier is detected and recorded, whether the upgrade program is stored in the set storage position, that is, the preset storage position of the board card in the program area is checked to determine whether the upgrade program is stored correctly. And after the upgrade program is confirmed to be stored, the board card executes program reading operation, namely, the upgrade program is read so as to upgrade the software.
Therefore, after the board card is determined to be restarted, the upgrading program is still stored in the corresponding storage position through restarting verification, the integrity of data is ensured, the occurrence of upgrading failure is effectively reduced, and the upgrading power-off protection function is realized.
Fig. 6 is a schematic structural diagram of a board card upgrading device according to an embodiment of the present application, where the device is configured to execute the board card upgrading method based on PCIE links provided in the foregoing embodiment, and has functional modules and beneficial effects of the execution method. As shown in fig. 6, the board upgrade apparatus includes a data receiving module 601, a data verifying module 602, a data discriminating module 603, a device upgrade module 604, and a board maintaining module 605.
The data receiving module 601 is configured to invoke a bootstrap program of the boot loader to decrypt the ciphertext packet after receiving the ciphertext packet sent by the upper computer through the PCIE link, so as to obtain a decrypted data packet; the data verification module 602 is configured to verify the data packet according to a preset verification algorithm, and determine whether the data packet passes the verification; the data discriminating module 603 is configured to determine a type of the data packet if the data packet passes the verification, determine packet type information and a corresponding programming path of the data packet, and write the data packet into a corresponding program area according to the programming path; the device upgrade module 604 is configured to read the data packet from the program area, and run an upgrade program in the data packet to perform software upgrade; the board maintenance module 605 is configured to call the application program of the boot loading area to maintain the operation of the board when the bad block occurs in the program area, wherein the application program and the upgrade program are the programs with the same function.
On the basis of the above embodiment, the ciphertext packet is encrypted based on the SM4 encryption algorithm that corresponds to the output feedback mode.
Based on the above embodiment, the data packet includes plaintext data and a first check value, and the data check module 602 is further configured to:
MD5 checking is carried out on the plaintext data so as to obtain a second checking value;
comparing the first check value with the second check value, and determining whether the first check value is consistent with the second check value;
and if the first check value is consistent with the second check value, determining that the data packet passes the check.
On the basis of the above embodiment, the board upgrade module further includes a waiting upgrade module configured to:
and if the data packet does not pass the verification, calling an upgrade waiting program of the boot loader area and waiting for the next upgrade.
On the basis of the above embodiment, the data discrimination module 603 is further configured to:
determining packet type information of the data packet according to the identifier recorded by the flag bit of the data packet;
determining whether the data packet is any one of a firmware packet, a symmetrical algorithm unit packet or an asymmetrical algorithm unit packet according to the packet type information;
based on packet type information of the data packet, selecting a programming path corresponding to the packet type information;
if the packet type information is a firmware packet type, writing the data packet into a corresponding program area according to a programming path corresponding to the firmware packet type
On the basis of the above embodiment, the board card upgrading device further includes a restart verification module configured to:
after the writing of the data packet is completed, adding an identifier in the check area;
performing a warm restart operation in the event that an identifier is added to the check area;
and in response to the hot restart operation, performing restart verification on the storage space.
On the basis of the above embodiment, the restart verification module is further configured to:
determining whether the verification area records the identifier based on the identifier;
judging whether the upgrade program is stored in the program area or not under the condition that the identifier is recorded in the check area;
if the upgrade program is stored in the program area, it is determined to perform a program reading operation.
It should be noted that, in the embodiment of the board card upgrading device, each included functional module is only divided according to the functional logic, but not limited to the above division, so long as the corresponding function can be realized; in addition, the specific names of the functional modules are only for distinguishing from each other, and are not used for limiting the protection scope of the application.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application, where the device is configured to execute a PCIE link-based board upgrading method provided in the foregoing embodiment, and has corresponding functional modules and beneficial effects of the executing method, such as a PCIE password card, a PCIE acquisition card, and other boards. As shown, it includes a processor 701, a memory 702, an input device 703, and an output device 704. The number of processors 701 may be one or more, one processor 701 being illustrated; the processor 701, the memory 702, the input device 703 and the output device 704 may be connected by a bus or other means, in the figures by way of example. The memory 702 is used as a computer readable storage medium, and can be used to store software programs, computer executable programs and modules, such as program instructions/modules corresponding to the PCIE link-based board card upgrading method in the embodiment of the present application. The processor 701 executes software programs, instructions and modules stored in the memory 702, thereby executing corresponding various functional applications and data processing, that is, implementing the above-mentioned board upgrading method based on PCIE links.
The memory 702 may include primarily a program storage area and a data storage area, wherein the program storage area may store an operating system, at least one application program required for functionality; the storage data area may store data or the like recorded or created according to the use process. In addition, the memory 702 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device.
The input device 703 is operable to input corresponding numerical or character information to the processor 701 and to generate key signal inputs related to user settings and function control of the apparatus; the output means 704 may be used to send or display key signal outputs related to user settings and function control of the device.
The embodiments of the present application also provide a storage medium storing computer executable instructions that, when executed by a processor, are configured to perform related operations in the PCIE link-based board card upgrade method provided in any of the embodiments of the present application.
Computer-readable storage media, including both permanent and non-permanent, removable and non-removable media, may be implemented in any method or technology for storage of information. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises an element.
Note that the above is only a preferred embodiment of the present application and the technical principle applied. Those skilled in the art will appreciate that the present application is not limited to the particular embodiments described herein, but is capable of numerous obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the present application. Therefore, while the present application has been described in connection with the above embodiments, the present application is not limited to the above embodiments, but may include many other equivalent embodiments without departing from the spirit of the present application, the scope of which is defined by the scope of the appended claims.
Claims (7)
1. The board card upgrading method based on the PCIE link is characterized by being applied to a board card, wherein the board card and an upper computer perform data transmission through the PCIE link, and a storage space of the board card comprises a boot loading area, a verification area and a program area, and the method comprises the following steps:
after receiving a ciphertext packet sent by the upper computer through the PCIE link, invoking a bootstrap program of the bootstrap loading area to decrypt the ciphertext packet so as to obtain a decrypted data packet;
checking the data packet according to a preset checking algorithm, and determining whether the data packet passes the checking;
if the data packet passes the verification, judging the type of the data packet, determining the packet type information of the data packet and a corresponding programming path, and writing the data packet into a corresponding program area according to the programming path;
reading the data packet from the program area, and running an upgrading program in the data packet to upgrade software;
calling an application program of the boot loading area to maintain the operation of the board card under the condition that bad blocks appear in the program area, wherein the application program and the upgrading program are programs with the same function;
if the data packet passes the verification, performing type judgment on the data packet, determining packet type information and a corresponding programming path of the data packet, and writing the data packet into a corresponding program area according to the programming path, wherein the method comprises the following steps:
determining packet type information of the data packet according to the identifier recorded by the flag bit of the data packet;
determining whether the data packet is any one of a firmware packet, a symmetrical algorithm unit packet or an asymmetrical algorithm unit packet according to the packet type information;
based on the packet type information of the data packet, selecting a programming path corresponding to the packet type information;
if the packet type information is a firmware packet type, writing the data packet into a corresponding program area according to a programming path corresponding to the firmware packet type;
before the data packet is read from the program area to run the upgrade program in the data packet for software upgrade, the method further comprises:
when the writing of the data packet is completed, an identifier is added in the check area;
performing a hot restart operation in the event that the identifier is added to the check area;
responding to the hot restart operation, and performing restart verification on the storage space;
the responding to the hot restart operation, performing a restart check on the storage space, includes:
determining whether the identifier is recorded in the check area based on the identifier;
judging whether the upgrading program is stored in the program area or not under the condition that the identifier is recorded in the checking area;
and if the upgrading program is stored in the program area, determining to execute a program reading operation.
2. The PCIE link-based board upgrade method according to claim 1, wherein the ciphertext packet is encrypted based on SM4 encryption algorithm corresponding to the output feedback mode.
3. The PCIE link-based board upgrade method of claim 1 wherein the data packet includes plaintext data and a first check value;
the step of verifying the data packet according to a preset verification algorithm and determining whether the data packet passes the verification comprises the following steps:
performing MD5 verification on the plaintext data to obtain a second verification value;
comparing the first check value with the second check value, and determining whether the first check value is consistent with the second check value;
and if the first check value is consistent with the second check value, determining that the data packet passes the check.
4. The PCIE link-based board upgrading method according to claim 1 or 2, further comprising:
and if the data packet fails to pass the verification, calling an upgrade waiting program of the boot loader area and waiting for the next upgrade.
5. The utility model provides a board upgrading device which characterized in that is applied to the board, the board carries out data transmission through PCIE link with the host computer, the memory space of board includes guide loading district, check-up district and program area, the device includes:
the data receiving module is configured to call a bootstrap program of the bootstrap loading area to decrypt the ciphertext packet after receiving the ciphertext packet sent by the upper computer through the PCIE link so as to obtain a decrypted data packet;
the data verification module is configured to verify the data packet according to a preset verification algorithm and determine whether the data packet passes the verification;
the data judging module is configured to judge the type of the data packet if the data packet passes the verification, determine the packet type information of the data packet and a corresponding programming path, and write the data packet into a corresponding program area according to the programming path;
the equipment upgrading module is configured to read the data packet from the program area and run an upgrading program in the data packet to upgrade software;
the board card maintaining module is configured to call the application program of the boot loading area under the condition that the program area has bad blocks so as to maintain the operation of the board card, wherein the application program and the upgrading program are programs with the same functions;
the data discrimination module is further configured to:
determining packet type information of the data packet according to the identifier recorded by the flag bit of the data packet;
determining whether the data packet is any one of a firmware packet, a symmetrical algorithm unit packet or an asymmetrical algorithm unit packet according to the packet type information;
based on the packet type information of the data packet, selecting a programming path corresponding to the packet type information;
if the packet type information is a firmware packet type, writing the data packet into a corresponding program area according to a programming path corresponding to the firmware packet type;
the system further comprises a restart verification module configured to:
when the writing of the data packet is completed, an identifier is added in the check area;
performing a hot restart operation in the event that the identifier is added to the check area;
responding to the hot restart operation, and performing restart verification on the storage space;
the restart verification module is further configured to:
determining whether the identifier is recorded in the check area based on the identifier;
judging whether the upgrading program is stored in the program area or not under the condition that the identifier is recorded in the checking area;
and if the upgrading program is stored in the program area, determining to execute a program reading operation.
6. An electronic device, the electronic device comprising:
one or more processors;
a storage device, configured to store one or more programs, where one or more programs are executed by one or more processors, and the one or more processors implement the PCIE link-based board upgrading method according to any one of claims 1 to 4.
7. A storage medium storing computer executable instructions which, when executed by a processor, are for performing the PCIE link based board upgrade method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310688310.6A CN116431189B (en) | 2023-06-12 | 2023-06-12 | Board card upgrading method, device, equipment and storage medium based on PCIE link |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310688310.6A CN116431189B (en) | 2023-06-12 | 2023-06-12 | Board card upgrading method, device, equipment and storage medium based on PCIE link |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116431189A CN116431189A (en) | 2023-07-14 |
| CN116431189B true CN116431189B (en) | 2024-02-27 |
Family
ID=87081802
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310688310.6A Active CN116431189B (en) | 2023-06-12 | 2023-06-12 | Board card upgrading method, device, equipment and storage medium based on PCIE link |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116431189B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105117237A (en) * | 2015-04-22 | 2015-12-02 | 北京天诚盛业科技有限公司 | Flash based program hierarchical storage, running and upgrading method and apparatus |
| CN105975308A (en) * | 2016-05-04 | 2016-09-28 | 烽火通信科技股份有限公司 | Remote upgrading system for low-memory overheads in home gateways and remote upgrading method |
| CN106599697A (en) * | 2016-11-30 | 2017-04-26 | 北京三未信安科技发展有限公司 | Method and system for safe upgrade of programs in PCI password card |
| CN106648768A (en) * | 2016-12-09 | 2017-05-10 | 福建三元达网络技术有限公司 | Method and system for upgrading equipment |
| CN110955442A (en) * | 2019-11-11 | 2020-04-03 | 郑州信大先进技术研究院 | Bootloader suitable for PCI-E password card |
| CN111309364A (en) * | 2020-05-11 | 2020-06-19 | 深圳市科信通信技术股份有限公司 | Chip program upgrading method and device and storage medium |
| CN111984298A (en) * | 2020-07-17 | 2020-11-24 | 歌尔光学科技有限公司 | Program upgrading area in flash memory, program upgrading method and system |
| WO2021174860A1 (en) * | 2020-03-03 | 2021-09-10 | 上海御渡半导体科技有限公司 | Special code-based method for batch upgrading multi-firmware distributed board card |
| CN114168171A (en) * | 2021-11-08 | 2022-03-11 | 陕西千山航空电子有限责任公司 | Program online subsection upgrading method and application thereof |
| CN114860291A (en) * | 2022-04-06 | 2022-08-05 | 沈阳中科奥维科技股份有限公司 | Method for guiding and flexibly storing and upgrading application program |
| CN115065471A (en) * | 2022-03-31 | 2022-09-16 | 中安云科科技发展(山东)有限公司 | Method for safely and remotely upgrading password card |
| CN115495136A (en) * | 2022-09-26 | 2022-12-20 | 深圳市中微信息技术有限公司 | BMC rapid online upgrading method based on domestic Feiteng platform |
-
2023
- 2023-06-12 CN CN202310688310.6A patent/CN116431189B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105117237A (en) * | 2015-04-22 | 2015-12-02 | 北京天诚盛业科技有限公司 | Flash based program hierarchical storage, running and upgrading method and apparatus |
| CN105975308A (en) * | 2016-05-04 | 2016-09-28 | 烽火通信科技股份有限公司 | Remote upgrading system for low-memory overheads in home gateways and remote upgrading method |
| CN106599697A (en) * | 2016-11-30 | 2017-04-26 | 北京三未信安科技发展有限公司 | Method and system for safe upgrade of programs in PCI password card |
| CN106648768A (en) * | 2016-12-09 | 2017-05-10 | 福建三元达网络技术有限公司 | Method and system for upgrading equipment |
| CN110955442A (en) * | 2019-11-11 | 2020-04-03 | 郑州信大先进技术研究院 | Bootloader suitable for PCI-E password card |
| WO2021174860A1 (en) * | 2020-03-03 | 2021-09-10 | 上海御渡半导体科技有限公司 | Special code-based method for batch upgrading multi-firmware distributed board card |
| CN111309364A (en) * | 2020-05-11 | 2020-06-19 | 深圳市科信通信技术股份有限公司 | Chip program upgrading method and device and storage medium |
| CN111984298A (en) * | 2020-07-17 | 2020-11-24 | 歌尔光学科技有限公司 | Program upgrading area in flash memory, program upgrading method and system |
| CN114168171A (en) * | 2021-11-08 | 2022-03-11 | 陕西千山航空电子有限责任公司 | Program online subsection upgrading method and application thereof |
| CN115065471A (en) * | 2022-03-31 | 2022-09-16 | 中安云科科技发展(山东)有限公司 | Method for safely and remotely upgrading password card |
| CN114860291A (en) * | 2022-04-06 | 2022-08-05 | 沈阳中科奥维科技股份有限公司 | Method for guiding and flexibly storing and upgrading application program |
| CN115495136A (en) * | 2022-09-26 | 2022-12-20 | 深圳市中微信息技术有限公司 | BMC rapid online upgrading method based on domestic Feiteng platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116431189A (en) | 2023-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8533492B2 (en) | Electronic device, key generation program, recording medium, and key generation method | |
| CN102171704B (en) | External encryption and recovery management with hardware encrypted storage devices | |
| CN101578609B (en) | Secure booting a computing device | |
| JP4048382B1 (en) | Information processing system and program | |
| CN109445705B (en) | Firmware authentication method and solid state disk | |
| CN110990045A (en) | double-BMC FLASH upgrading method and equipment | |
| CN101968834A (en) | Encryption method and device for anti-copy plate of electronic product | |
| CN104951701B (en) | A kind of method of the terminal device booting operating system based on USB controller | |
| JP6585072B2 (en) | Safe reading of data into non-volatile memory or secure elements | |
| EP2367129A1 (en) | Method for checking data consistency in a system on chip | |
| CN110363010B (en) | System safety starting method based on MPSoC chip | |
| US9262631B2 (en) | Embedded device and control method thereof | |
| JP4791250B2 (en) | Microcomputer and its software falsification prevention method | |
| CN102650944A (en) | Operation system security bootstrap device and bootstrap device | |
| JP5466645B2 (en) | Storage device, information processing device, and program | |
| JP2019514147A (en) | Method and apparatus for handling cryptographic change failure of ciphertext in a database | |
| US11531769B2 (en) | Information processing apparatus, information processing method, and computer program product | |
| CN112749383A (en) | Software authentication method and related product | |
| CN101447009A (en) | Method, device and system for installing software | |
| JP6256781B2 (en) | Management device for file security to protect the system | |
| CN113360914A (en) | BIOS updating method, system, equipment and medium | |
| CN116431189B (en) | Board card upgrading method, device, equipment and storage medium based on PCIE link | |
| CN115062330B (en) | TPM-based intelligent password key password application interface implementation method | |
| CN115357908B (en) | Network equipment kernel credibility measurement and automatic restoration method | |
| CN115688120A (en) | Secure chip firmware importing method, secure chip and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |