CN116467015B - Mirror image generation method, system start verification method and related equipment - Google Patents
Mirror image generation method, system start verification method and related equipment Download PDFInfo
- Publication number
- CN116467015B CN116467015B CN202310732587.4A CN202310732587A CN116467015B CN 116467015 B CN116467015 B CN 116467015B CN 202310732587 A CN202310732587 A CN 202310732587A CN 116467015 B CN116467015 B CN 116467015B
- Authority
- CN
- China
- Prior art keywords
- image
- partition
- mirror
- check
- security check
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 186
- 238000000034 method Methods 0.000 title claims abstract description 150
- 238000005192 partition Methods 0.000 claims abstract description 638
- 230000015654 memory Effects 0.000 claims abstract description 97
- 238000005056 compaction Methods 0.000 claims abstract description 37
- 238000004806 packaging method and process Methods 0.000 claims abstract description 20
- 238000012856 packing Methods 0.000 claims abstract description 9
- 239000003550 marker Substances 0.000 claims description 23
- 230000009467 reduction Effects 0.000 claims description 9
- 238000012423 maintenance Methods 0.000 abstract description 8
- 230000008569 process Effects 0.000 description 56
- 238000012545 processing Methods 0.000 description 14
- 238000004891 communication Methods 0.000 description 13
- 230000006854 communication Effects 0.000 description 13
- 230000006870 function Effects 0.000 description 12
- 230000003068 static effect Effects 0.000 description 11
- 210000000988 bone and bone Anatomy 0.000 description 9
- 238000004590 computer program Methods 0.000 description 9
- 230000000694 effects Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 5
- 230000001360 synchronised effect Effects 0.000 description 5
- 238000013528 artificial neural network Methods 0.000 description 4
- 230000003190 augmentative effect Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 229920001621 AMOLED Polymers 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000036772 blood pressure Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 238000012858 packaging process Methods 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 239000011230 binding agent Substances 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 239000004020 conductor Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000945 filler Substances 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002138 osteoinductive effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000010349 pulsation Effects 0.000 description 1
- 239000002096 quantum dot Substances 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 230000010076 replication Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 239000004984 smart glass Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000001502 supplementing effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 230000001755 vocal effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
- G06F8/63—Image based installation; Cloning; Build to order
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a mirror image generation method, a system start verification method and related equipment, wherein the mirror image generation method comprises the following steps: determining a plurality of safe check partition images participating in image compaction based on a preset image compaction rule; adding a mirror image identification structure body for each security check partition mirror image, wherein the mirror image identification structure body is used for storing information of the corresponding security check partition mirror image; and packaging based on each safe check partition image added with the image identification structure body to obtain the safe check simplified image. By using the method, the number of the safety check subareas recorded in the subarea list can be reduced by packing the plurality of safety check subarea images into one safety check subarea image, so that the data volume and maintenance cost of the subarea list can be reduced, the occupation of memory space is reduced, the query efficiency of the subarea list is improved, and the image identification structure body is added in each safety check subarea image, so that the corresponding image content can be correctly read based on the image identification structure body in the subsequent check.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method for generating a mirror image, a method for verifying system startup, and related devices.
Background
In order to improve the operation safety of the electronic device, the electronic device generally performs validity check on the operating system image in a startup stage. For the kernel-based operating system, in the actual starting process, a boot program image, a kernel image and a main system image of the starting operating system can be sequentially loaded into a memory, the validity of each image is sequentially verified in the memory, the next image is loaded into the memory after the previous image is verified to be legal, and the main system image can be unfolded into a main system program which can be really seen by a user under the help of the kernel until the main system image is verified to be legal, so that the starting whole process of the electronic equipment is completed. If the validity check of the mirror image fails, the operating system cannot be started normally.
The image content of the image to be checked is generally stored in the safety check partitions, and the number of the safety check partitions is large because of the large number of the image to be checked, and if the operating system has the function of the A/B partition system, the number of the safety check partitions can be greatly increased. For the partition list used for recording the information of each safety check partition, as the number of the safety check partitions increases, the data volume of the partition list also increases, so that the maintenance cost of the partition list is high, the query efficiency of the partition list is reduced, and the partition list with large data volume also occupies more memory space, thereby wasting the memory space.
Disclosure of Invention
In view of the foregoing, it is necessary to provide a method for generating images, which solves the problems of large data size and high maintenance cost of a partition list by packing a plurality of security check partition images into one security check partition image and adding an image identification structure to each security check partition image.
In a first aspect, the present application provides a method for generating an image, including: determining a plurality of safe check partition images participating in image compaction based on a preset image compaction rule; adding a mirror image identification structure body for each of the plurality of security check partition mirror images, wherein the mirror image identification structure body is used for storing information of the corresponding security check partition mirror image; and packaging based on each safe check partition image added with the image identification structure body to obtain the safe check simplified image. By adopting the technical scheme, the plurality of security check partition images are packed into the security check partition image, so that the plurality of security check partition images can be stored by sharing one security check partition, the number of the security check partitions recorded in the partition list can be reduced, the data volume and maintenance cost of the partition list can be reduced, the occupation of memory space is reduced, the query efficiency of the partition list is improved, and the image identification structure is added in each security check partition image, so that corresponding image content can be correctly read based on the image identification structure when the subsequent image check is carried out.
In one possible implementation, after adding the image identification structure to each of the plurality of security check partition images, the method further includes: content filling is carried out on each security check partition image, so that each security check partition image reaches a preset size; based on each safe check partition image added with the image identification structure body, packaging to obtain a safe check simplified image, comprising the following steps: and based on each safe check partition image after content filling, packaging to obtain a safe check simplified image, wherein each safe check partition image in the safe check simplified image is provided with a different signature check key. By adopting the technical scheme, through filling each security check partition image to a preset size (for example, 4 KB), not only is each security check partition image ensured to be aligned in the security check simplified image, but also each security check partition image can be enabled to accord with the vbmeta image specification, and the signature check key of each security check partition image is reserved, so that the security of the image content of each security check partition image can be improved.
In one possible implementation, adding a mirror identification structure to each of a plurality of security check partition mirrors includes: and adding a mirror image identification structure body after the mirror image content of each security check partition mirror image. By adopting the technical scheme, the mirror image identification structure body is added after the mirror image content of each security check partition, so that the corresponding mirror image content can be correctly read based on the mirror image identification structure body when the mirror image check is carried out later, and the mirror image content can be conveniently separated from the filling content through the mirror image identification structure body later.
In one possible implementation, content population for each security check partition image includes: and filling preset contents after the mirror image identification structural body of each security check partition mirror image. By adopting the technical scheme, the original mirror image content and the filling content are conveniently separated by filling the content after the mirror image identification structural body, and the alignment of each safe check partition mirror image in the safe check simplified mirror image is ensured, and each safe check partition mirror image can be in accordance with the vbmeta mirror image specification.
In one possible implementation manner, the mirror image identification structure body includes a flag bit, a mirror image name bit, a start position bit and a stop position bit, the flag bit is used for locating the mirror image identification structure body, the mirror image name bit is used for storing the mirror image name of the corresponding security check partition mirror image, and the start position bit and the stop position bit are used for storing the start position and the stop position of the mirror image content of the corresponding security check partition mirror image in the security check reduced mirror image. By adopting the technical scheme, the mirror image identification structural body is set to comprise the marker bit, the mirror image name bit, the starting position bit and the ending position bit, so that the mirror image identification structural body can be rapidly positioned based on the marker bit in the mirror image identification structural body to acquire the mirror image name of the safe check partition mirror image added with the mirror image identification structural body and the starting position and the ending position of the mirror image content when the mirror image verification is carried out subsequently, the mirror image name of the safe check partition mirror image stored based on the mirror image name bit can be compared with the mirror image name of the safe check partition mirror image to be verified, and the mirror image content can be rapidly positioned based on the starting position and the ending position of the mirror image content of the safe check partition mirror image stored in the starting position bit and the ending position bit, so that the loading and the verification of the mirror image content are facilitated.
In one possible implementation, the preset image reduction rule includes: a secure check partition image with independent upgrade requirements and/or customization requirements does not participate in image compaction. By adopting the technical scheme, the safe check partition images with independent upgrading requirements and/or customizing requirements are eliminated from the image simplification, so that the safe check partition images can be independently upgraded or customized.
In a second aspect, the present application provides a system start-up verification method, including: acquiring a mirror image list to be checked; determining a target security check partition image to be loaded based on the image list; if the target security check partition image is a sub-image of the first type security check partition image, identifying an image identification structure of the security check reduced image, wherein the first type security check partition image is a security check reduced image obtained by packaging a plurality of security check partition images participating in image reduction; based on the mirror image identification structure body, acquiring position information of the mirror image content of the target security check partition mirror image in the security check simplified mirror image; loading mirror image content based on the position information; carrying out signature verification and hash verification on the loaded mirror image content; and if the signature verification and the hash verification pass, determining that the target security verification partition image is a legal image. By adopting the technical scheme, the second electronic equipment stores the first type of security check partition image and the second type of security check partition image. The first type of safe check partition image is a safe check simplified image obtained based on the packaging of the multiple safe check partition images, namely the multiple safe check partition images share one safe check partition. The second type of the safe check partition image may refer to a safe check partition image which does not participate in image compaction, that is, the second type of the safe check partition image is stored in the original safe check partition manner. When the mirror image verification is carried out, if the security verification partition mirror image to be loaded is a sub-mirror image of the first type of security verification partition mirror image, the security verification partition mirror image to be loaded is indicated to be the security verification partition mirror image participating in the mirror image simplification, the mirror image content of the security verification partition mirror image to be loaded needs to be read from the security verification partition where the security verification simplification mirror image is located, the current verification security verification partition mirror image can be determined to be a legal mirror image or an illegal mirror image through signature verification and hash verification on the loaded mirror image content, if the security verification partition mirror image is confirmed to be the legal mirror image, storage or mounting of the mirror image content can be carried out subsequently so as to finish startup of the second electronic equipment, and if the security verification partition mirror image is confirmed to be the illegal mirror image, storage or mounting of the illegal mirror image is prevented, and the second electronic equipment cannot be started.
In one possible implementation manner, the system start-up verification method further includes: and if the target safe check partition image is a second type safe check partition image, loading the image content based on the image name of the target safe check partition image, wherein the second type safe check partition image is a safe check partition image which does not participate in image simplification. By adopting the technical scheme, if the security check partition image to be loaded is the second type security check partition image, the security check partition image to be loaded is indicated not to participate in image compaction, namely, the security check partition image to be loaded is stored in the security check partition according to the existing mode, and image content can be read from the corresponding security check partition directly based on the image name of the security check partition image to be loaded.
In one possible implementation manner, loading the image content based on the image name of the target security check partition image includes: searching a security check partition corresponding to the mirror name of the mirror image of the target security check partition; and reading the mirror image content of the target security check partition mirror image from the corresponding security check partition. By adopting the technical scheme, for the second type of the security check partition image, the security check partition corresponding to the second type of the security check partition image only stores the image content of the security check partition image, and the corresponding security check partition can be searched based on the image name of the security check partition image to be loaded, and the image content of the security check partition image to be loaded can be read from the corresponding security check partition.
In one possible implementation, the method for identifying the image identification structure of the security check reduced image includes: analyzing the safe check simple image, and identifying a flag bit in the safe check simple image; and positioning the mirror image identification structure body based on the marker bit. By adopting the technical scheme, in the safe check simple mirror image, each mirror image identification structure corresponds to one safe check partition mirror image, each mirror image identification structure comprises the marker bit, the marker bit can be set to be obviously distinguished from the content of other parts, the marker bit in the safe check simple mirror image can be identified by analyzing the safe check simple mirror image, and then the mirror image identification structure can be positioned based on the marker bit.
In one possible implementation manner, based on the mirror image identification structure body, obtaining location information of the mirror image content of the target security check partition mirror image in the security check reduced mirror image includes: resolving the mirror image name bit in the mirror image identification structure body to obtain the mirror image name of the security check partition mirror image added with the mirror image identification structure body; if the mirror name of the safe check partition mirror image added with the mirror identification structure body is matched with the mirror name of the target safe check partition mirror image, analyzing a start position set and a stop position set in the mirror identification structure body to obtain the position information of the mirror image content of the target safe check partition mirror image in the safe check simplified mirror image. By adopting the technical scheme, after the mirror image identification structure body is positioned, the mirror image name bit in the mirror image identification structure body can be analyzed to obtain the mirror image name of the security check partition mirror image added with the mirror image identification structure body so as to match the mirror image name of the security check partition mirror image to be loaded, if the names are matched, the security check partition mirror image added with the mirror image identification structure body is the current security check partition mirror image to be loaded, and further, the starting position bit and the ending position bit in the mirror image identification structure body can be continuously analyzed to obtain the position information (starting position and ending position) of the mirror image content so as to facilitate the follow-up accurate reading of the mirror image content of the security check partition mirror image to be loaded, and if the names are not matched, the next marker bit in the security check simplified mirror image can be continuously identified to position the next mirror image identification structure body.
In one possible implementation, performing signature verification and hash verification on the loaded image content includes: carrying out signature verification on the loaded mirror image content; if the signature verification is passed, carrying out hash verification on the loaded mirror image content, wherein the hash verification comprises verification on a hash value calculated based on the loaded mirror image content or verification on a root hash value of a hash tree constructed based on the loaded mirror image content. By adopting the technical scheme, in order to ensure the safety of the mirror image content of the security check partition mirror image, the loaded mirror image content is generally ciphertext, if the pre-stored signature check key is used, the loaded mirror image content can be successfully converted into plaintext from ciphertext, the signature check of the mirror image content passes, if the pre-stored signature check key is used, the loaded mirror image content cannot be converted into plaintext from ciphertext, the signature check of the mirror image content does not pass, and if the signature check passes, the hash check can be continuously carried out on the loaded mirror image content. If the mirror image content of the security check partition mirror image is smaller, the mirror image content can be loaded into the memory at one time, the hash value of the mirror image content can be calculated to check to confirm whether the mirror image content is tampered, and if the mirror image content of the security check partition mirror image is larger, the mirror image content of the whole security check partition mirror image cannot be loaded into the memory at one time and needs to be loaded into the memory for multiple times. Therefore, the hash verification process is continuously performed in the process of loading the mirrored content of the secure check partition into the memory (hash values corresponding to the loading of the content can be constructed to obtain the hash tree), and in this case, the hash verification can be performed by calculating the root hash value of the hash tree, if the calculated hash value (root hash value) is the same as the expected hash value (expected root hash value), the hash verification is passed, and if the calculated hash value (root hash value) is different from the expected hash value (expected root hash value), the hash verification is not passed.
In a third aspect, the present application provides an electronic device comprising a memory and a processor, wherein the memory is configured to store program instructions; the processor is configured to read and execute the program instruction stored in the memory, and when the program instruction is executed by the processor, cause the electronic device to perform the image generation method of the first aspect or perform the system boot verification method of the second aspect.
In a fourth aspect, the present application provides a computer readable storage medium storing program instructions that, when run on an electronic device, cause the electronic device to perform the image generation method of the first aspect or to perform the system boot verification method of the second aspect.
In a fifth aspect, the present application provides a chip coupled to a memory in an electronic device, the chip being configured to control the electronic device to perform the image generation method of the first aspect, or to perform the system boot verification method of the second aspect.
The technical effects of the third to fifth aspects may be referred to in the description related to the method designed in the method section above, and are not repeated here.
Drawings
Fig. 1 is a flowchart of an electronic device according to an embodiment of the present application for performing validity check on an operating system image during a boot stage.
Fig. 2 is a flowchart of a method for generating an image according to an embodiment of the present application.
FIG. 3 is a schematic diagram of a secure enclave mirror according to an embodiment of the present application.
Fig. 4 is a schematic structural diagram of a security check thin image according to an embodiment of the present application.
Fig. 5 is a flowchart of a system start-up verification method according to an embodiment of the present application.
Fig. 6 is a flowchart of a method for generating an image according to another embodiment of the present application.
Fig. 7 is a flowchart of a method for generating an image according to still another embodiment of the present application.
Fig. 8 is a flowchart of a system start-up verification method according to another embodiment of the present application.
Fig. 9 is a hardware architecture diagram of a first electronic device according to an embodiment of the present application.
Fig. 10 is a hardware architecture diagram of a second electronic device according to an embodiment of the present application.
Detailed Description
For ease of understanding, a description of some of the concepts related to the embodiments of the application are given by way of example for reference.
It should be noted that the terms "first" and "second" in the embodiments of the present application are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. In describing embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as examples, illustrations, or descriptions. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. It is to be understood that, unless otherwise indicated, a "/" means or. For example, A/B may represent A or B. The "and/or" in the present application is merely one association relationship describing the association object, indicating that three relationships may exist. For example, a and/or B may represent: a exists alone, A and B exist simultaneously, and B exists alone. "at least one" means one or more. "plurality" means two or more than two. For example, at least one of a, b or c may represent: seven cases of a, b, c, a and b, a and c, b and c, a, b and c.
In order to facilitate understanding of the following description of various embodiments of the application, a portion of the generic terms will be described.
Operating System (OS): computer programs that manage computer hardware and software resources.
And (3) a kernel: a platform for communication between computer software and hardware is established, and the kernel provides system services such as file management, virtual memory, device Input/Output (I/O), etc.
Mirror (image): the method is a file storage form, and the data on one disk is a mirror image when an identical copy exists on the other disk.
The method provided by the embodiment of the application can be applied to various types of electronic equipment. The electronic device in the embodiment of the present application may be an electronic device such as a mobile phone, a tablet computer, a desktop, a laptop, a handheld computer, a notebook, an ultra-mobile personal computer (UMPC), a netbook, a cellular phone, a Personal Digital Assistant (PDA), an augmented reality (augmented reality, AR) \virtual reality (VR) device, and the specific form of the electronic device is not particularly limited.
In an embodiment of the present application, an electronic device may include a hardware layer, an operating system layer running above the hardware layer, and an application layer running above the operating system layer. The hardware layer includes hardware such as a central processing unit (central processingunit, CPU), a memory management unit (memory management unit, MMU), and a memory (also referred to as a main memory). The operating system can be any one or more computer operating systems for realizing business processing through processes (processes), such as an Android operating system, an iOS operating system or a Windows operating system, and the like. The application layer comprises applications such as a browser, an address book, word processing software, instant messaging software and the like.
Taking Android operating system as an example, the starting-up process of the electronic equipment is briefly described, and the starting-up process comprises the following steps:
(1) Boot Rom, when the Boot key is pressed, the Boot chip starts to execute from a preset code solidified in a Read-Only Memory (Rom), and then loads a Boot program into a Random Access Memory (RAM);
(2) Bootloader, also called a boot loader, is a section of program that runs before the operating system runs, and is the first program that runs to copy the operating system image into RAM, and then jump to the image's entry to execute the file, also called entering a boot loader mode;
(3) After Kernel is loaded into memory, kernel booting stage is entered first, and at last, start_kernel is called to enter Kernel starting stage, which is mainly to complete most of initialization work of Kernel. Start_kernel will eventually Start the init process of the user space;
(4) And after the kernel is initialized, the init process is started, and in the Android operating system, the process is directly or indirectly derived (fork) from the init process. The init process is responsible for creating the most critical several core daemon processes in the system, including but not limited to zygate and service manager. The zygate is the first dalvik virtual machine started by Android and is responsible for starting Java processes. service manager is the basis for Binder communication;
(5) A zygate process, which is the parent of all Java processes. For example, the zygate virtual machine starts a sub-process system_server, and defines a Socket for receiving a request of an activityManagerservice to start an application program;
(6) And initializing an ActivityManagerService when the System Server process is started. Meanwhile, a service library of a local system is loaded, a createSystemContext () is called to create a system context, an ActivityThread is created, various services are started, and the like;
(7) After the Home Activity is started up Activity Manager Service, the finishing booting () is called to finish the booting process, and meanwhile, a startup broadcast is sent, a Home interface is entered, and a desktop is displayed.
It should be noted that the description given herein is only a summary of the actual starting process, which is more complex, but the principles are the same, and different versions of the android system may make some adjustments in the details of some steps, which is not limited in detail herein.
In the above boot flow, bootloader performs validity check on the os image. Because the android system is an operating system based on a kernel, in the actual starting process, a boot program image, a kernel image and a main system image of the starting operating system can be sequentially loaded into a memory, the validity of each image is sequentially verified in the memory, the next image is loaded into the memory only after the previous image is verified to be legal, and the main system image can be unfolded into a main system program which can be really seen by a user under the help of the kernel until the main system image is also verified to be legal, so that the starting whole process of the electronic equipment is completed. In other words, it is necessary to check whether the main system image satisfies the validity before being developed as the main system program, and only after the validity check is passed, the main system image is developed as the main system program. And once the mirror image validity verification of the main system fails, the android system cannot be started normally.
In one implementation, the data integrity, reliability, and legitimacy of the system boot partition image may be verified in the Bootloader based on an android verification boot (Android verify boot, AVB) security mechanism. The AVB checking function is mainly implemented by external/AVB/libavb libraries, and the tasks mainly completed by the libraries include checking the images in each security check partition, signature verification, resolution of vbmeta images, and resolution of parameters required by device mapping check (device Mapper verity, dm-quality).
As shown in fig. 1, for a file-system-free image, such as boot. Img, ramdisk. Img, etc., verification may be performed by the following procedure, where verification of the file-system-free image generally occurs before kernel loading, i.e., the image that is verified before kernel loading is referred to as a file-system-free image (since the kernel is not yet loaded, i.e., there is no file system yet):
s101, acquiring a preset public key from a microkernel (LK), and checking the vbmeta image based on the public key.
In some embodiments, the vbmeta image (vbmeta. Img) holds the verification data, signature, and other information of each secure verification partition. In order to improve the content security of the vbmeta image, the vbmeta image burned into the electronic device is generally signed by the manufacturer of the electronic device by a private key, and in the startup phase, the vbmeta image is verified by acquiring a preset public key from LK and using the public key to verify whether the vbmeta image is made by the owner of the private key (i.e. the manufacturer of the electronic device). Wherein the private key for signing the vbmeta image and the preset public key in LK are a key pair.
S102, if the vbmeta image verification is passed, analyzing the vbmeta image to obtain a first image list to be verified.
In some embodiments, the image list may be in the form of a list or other forms, and embodiments of the present application are not limited in this respect, and the first image list may record image names of one or more security check partition images (security check partition images without file system), and image contents of the security check partition images are stored in corresponding security check partitions. If the vbmeta image verification is not passed, ending the process, namely, failing the image verification of the file system, and failing the starting of the electronic equipment.
In some embodiments, the image verification chain stored in the vbmeta image may be parsed to determine the security check partition images that need to be verified before the kernel is loaded, and the first image list may include the image names of all the respective security check partition images that need to be verified before the kernel is loaded. The mirror image verification chain can be a verification chain, and comprises each mirror image which needs to be verified in turn in the starting stage, and the corresponding execution rule can be that the next mirror image is verified after the previous mirror image is verified to be legal.
S103, loading the mirror image content of the security check partition mirror image recorded in the first mirror image list, and carrying out signature verification on the loaded mirror image content of the security check partition mirror image.
In some embodiments, the image content of the security check partition image may be read from the corresponding security check partition based on the image name of the security check partition image, so as to implement loading of the image content.
Because a plurality of security check partition images may be recorded in the first image list, sequential loading may be performed according to the ordering of each security check partition image in the first image list.
In some embodiments, the image content of the loaded secure check partition image is ciphertext, and signing the image content of the loaded secure check partition image may include: and judging whether the mirror image content of the security check partition mirror image can be converted into a plaintext by using a pre-stored signature check key. If the pre-stored signature verification key is used, the mirror image content of the security verification partition mirror image can be successfully converted from ciphertext to plaintext, namely the signature verification of the mirror image content of the security verification partition mirror image is passed.
If the signature verification is passed, step S104 is executed, if the signature verification is not passed, it indicates that the mirror image content of the security verification partition mirror image is illegal, that is, there is no failure in the mirror image verification of the file system, the electronic device fails to start, and the process ends.
In some embodiments, each secure check partition image in the first image list corresponds to a signature verification key, which may be stored in the vbmeta image, for example, the signature verification key may be a signature verification public key, and the corresponding signature verification private key may be stored by the electronic device manufacturer to add the signature.
And S104, if the signature verification is passed, calculating a hash value based on the mirror image content of the security verification partition mirror image, and verifying the hash value.
In some embodiments, for a file system-free image, the amount of data of the image content of the corresponding security check partition image is relatively small, and the image content of the entire security check partition image may be loaded into memory, and thus may be checked by calculating a hash value thereof.
By carrying out hash check on the mirror image content of the security check partition mirror image, whether the mirror image content of the read security check partition mirror image is tampered or not can be confirmed, for example, the calculated hash value is compared with an expected hash value (the expected hash value can be stored in the vbmeta mirror image), and whether the mirror image content of the read security check partition mirror image is tampered or not is confirmed. If the hash value passes the verification (i.e. the calculated hash value is the same as the expected hash value), step S105 is executed; if the hash value is not checked, the fact that the mirror image content of the security check partition mirror image is tampered is indicated, namely, the mirror image check of the file system is not failed, the electronic equipment is started to be failed, and the process is ended.
And S105, if the hash value passes the verification, storing the mirror image content of the loaded security verification partition mirror image.
If the hash value passes the verification, the mirror image content of the security check partition mirror image is not tampered, the security check partition mirror image is determined to be a legal mirror image, the loaded mirror image content of the security check partition mirror image can be stored into memory, and copying can be performed during subsequent kernel loading.
In some embodiments, after step S105, a load Kernel (Kernel) may be executed, an init process may be started, during which an image of the file system may be verified.
For images with file systems, such as system. Img, vendor. Img, etc., verification can be performed by the following procedure, which typically occurs after a kernel load:
s111, initializing fstab and obtaining enabling information of dm-quality.
fstab is the file system table that the kernel uses to mount the file system at startup. dm-quality provides an integrity check of block devices, including blocking mounted and write protected partitions. The dm-quality check mechanism allows the mirror to check during the read-write process, rather than checking the entire mirror at one time. By obtaining the enabling information of dm-quality, it can be determined whether the dm-quality checking mechanism is closed.
S112, if dm-quality is enabled, analyzing the vbmeta image to obtain a second image list to be checked.
In some embodiments, the second image list may record image names of one or more security check partition images (security check partition images with file system), and image contents of the security check partition images are stored in the corresponding security check partition. If dm-quality is in a non-enabled state, the electronic device is indicated to be configured to skip the mirror image verification of the file system, and the process is ended.
In some embodiments, the image verification chain stored in the vbmeta image may be parsed to determine the security check partition images that need to be verified after the kernel is loaded, and the second image list may include the image names of all the security check partition images that need to be verified after the kernel is loaded.
S113, loading the mirror image content of the security check partition mirror image recorded in the second mirror image list, and carrying out signature verification on the loaded mirror image content of the security check partition mirror image.
In some embodiments, the image content of the security check partition image may be read from the corresponding security check partition based on the image name of the security check partition image, so as to implement loading of the image content.
Because a plurality of safe check partition images may be recorded in the second image list, sequential loading may be performed according to the ordering of each safe check partition image in the second image list.
For example, the image content of the loaded secure check partition image is ciphertext, and performing signature verification on the image content of the loaded secure check partition image may include: and judging whether the mirror image content of the security check partition mirror image can be converted into a plaintext by using a pre-stored signature check key. If the pre-stored signature verification key is used, the mirror image content of the safe verification partition mirror image can be successfully converted from ciphertext to plaintext, namely the signature verification of the mirror image content of the safe verification partition mirror image is indicated to pass.
If the signature verification is passed, executing step S114; if the signature verification is not passed, the fact that the mirror image content of the security verification partition mirror image is illegal is indicated, namely the mirror image verification of the file system fails, the electronic equipment fails to start, and the process is finished.
In some embodiments, each secure check partition image in the second image list corresponds to a signature verification key, which may be stored in the vbmeta image.
And S114, if the signature verification of the security verification partition mirror image is passed, calculating a root hash value of the hash tree based on the mirror image content of the security verification partition mirror image, and verifying the root hash value.
In some embodiments, for the mirror image with the file system, the data size of the mirror image content of the corresponding secure check partition mirror image is relatively large, and the mirror image content of the entire secure check partition mirror image cannot be loaded into the memory at one time generally, so that the verification process can be continuously performed in the process of loading the mirror image content of the secure check partition mirror image into the memory (i.e. the mirror image content is loaded into the memory multiple times, hash values corresponding to the multiple loads of the content can be constructed to obtain the hash tree), and in this case, the verification can be performed by calculating the root hash value of the hash tree.
For example, for a mirror image with a file system, the mirror image may be cut into blocks with a size of 4KB, loaded into a memory according to the blocks, a hash value may be calculated based on the content of each block, then the hash values of every two blocks are combined into a new hash value, and then the combination is continued two by two, and finally a hash tree is formed, where the top end of the hash tree is the root hash value. The calculated root hash value may be compared with an expected root hash value (which may be stored in the vbmeta image) to determine whether the image content of the read secure check partition image is tampered. If the root hash value passes the verification (i.e. the calculated root hash value is the same as the expected root hash value), step S115 is executed, if the root hash value does not pass the verification, it indicates that the image content of the security check partition image is tampered, that is, the image check of the file system fails, the electronic device fails to start, and the flow ends.
And S115, if the root hash value passes the verification, mounting the mirror image content of the security verification partition mirror image.
If the root hash value passes the verification, the mirror image content of the security check partition mirror image is not tampered, the security check partition mirror image is determined to be a legal mirror image, the mirror image content of the security check partition mirror image can be mounted, and the subsequent init process can be conveniently called.
At present, android system terminals mostly adopt an Android A/B partition system or a virtual A/B partition system. The Android a/B partition system includes a base partition (common), a static partition, a dynamic partition, and a user data partition (user data). Wherein, both static partition and dynamic partition adopt double partition. The static partition may be divided into a first static partition (slotA) and a second static partition (slotB). The dynamic partition may be divided into a first dynamic partition (superA) and a second dynamic partition (superB). That is, the A/B partition has two sets of real logical partitions, each having a respective slot.
The virtual AB partition includes a base partition (common), a static partition, a dynamic partition, and a user data partition (user data). The method comprises the steps of dividing a static partition with smaller stored files, namely occupying smaller memory space, into a first static partition (slotA) and a second static partition (slotB); the dynamic partition (super) with larger storage space, which is larger than the stored file, adopts a single partition. Two logical partitions are partitioned inside the dynamic partition, but only one copy of the physical image data (e.g., logical partition a has physical data and logical partition B is a virtual device; or logical partition a is a virtual device and logical partition B has physical data). The virtual A/B partition system solves the problem that the A/B partition system occupies large space.
For an Android a/B partition system or a virtual a/B partition system, each image corresponds to two security check partition images, typically named vbmeta_xxx_a.img and vbmeta_xxx_b.img, e.g., for a system image, the two corresponding security check partition images are vbmeta_system_a.img and vbmeta_system_b.img.
As shown in Table 1 below, some mirror image correspondences with secure parity partitions are illustratively presented.
TABLE 1
In Table 1, each secure parity partition is used to store a corresponding secure parity partition image, e.g., secure parity partition vbmeta_system_a is used to store secure parity partition image vbmeta_system_a.img, and secure parity partition vbmeta_system_b is used to store secure parity partition image vbmeta_system_b.img. The mirror image names "xxxx", "xxxxx" in table 1 are only general terms of mirror image names and are not limited to the true existence of mirror images being named in this way.
The number of the corresponding safe check partitions is large due to the large number of the mirror images to be checked, and the partition list in the vbmeta mirror image records the information of each safe check partition, so that the data size of the partition list is large, the maintenance cost is high, the query efficiency of the partition list can be reduced, the partition list with large data size occupies more memory space, and the memory space is wasted.
In order to solve the technical problems, the embodiment of the application provides a mirror image generation method, which packages a plurality of security check partition mirror images under the same partition system into one security check partition mirror image, and stores the security check partition mirror image by using one security check partition, so that the number of the security check partitions recorded in a partition list can be reduced, the data volume and maintenance cost of the partition list can be reduced, the occupation of a memory space is reduced, and the query efficiency of the partition list is improved.
For example, the security check partition shown in table 1 may be reduced to obtain the correspondence between the mirror image and the security check partition shown in table 2, and in table 2, multiple security check partition mirror images are packaged into one security check partition mirror image and stored by using one security check partition, i.e. multiple mirror images correspond to the same security check partition vbmeta_yyy_a and vbmeta_yyy_b.
TABLE 2
In table 2, the secure parity partition vbmeta_yyyy_a is used to store the secure parity partition image vbmeta_yyy_a.img, the secure parity partition vbmeta_yy_b is used to store the secure parity partition image vbmeta_yy_b.img, and the secure parity partition vbmeta_xxxxx_a is used to store the secure parity partition image vbmeta_xxxxx_a.img.
The vbmeta_yy_a.img may be obtained by packing vbmeta_system_a.img, vbmeta_vendor_a.img, vbmeta_system_ext_a.img, vbmeta_odm_a.img, vbmeta_product_a.img, vbmeta_xxxx_a.img. The vbmeta_yy_b.img may be obtained by packing vbmeta_system_b.img, vbmeta_vendor_b.img, vbmeta_system_ext_b.img, vbmeta_odm_b.img, vbmeta_product_b.img, vbmeta_xxxx_b.img. The "yyy" name in vbmeta_yyy_a.img and vbmeta_yyy_b.img can be set according to actual requirements, and the embodiment of the application is not limited to this, and the "yyy" name can be optionally distinguished from the original mirror name in the operating system, for example, can be named by the name of the manufacturer of the electronic device.
In some embodiments, for images with independent upgrade requirements or customization requirements, the images may not participate in the compaction process, i.e., the images are still stored independently, leaving the original security check partition. For example, in table 2, the images with independent upgrade requirements include "xxxxx" images and "xxxxx" images, which do not participate in the compaction process.
For the safety check partition shown in table 1, the partition list in the vbmeta image needs to record information of 18 safety check partitions, and for the safety check partition shown in table 2, the partition list in the vbmeta image needs only to record information of 6 safety check partitions, so that the data volume of the partition list can be reduced.
Referring to fig. 2, a flowchart of a method for generating an image according to an embodiment of the present application is shown. The method can be applied to first electronic equipment, wherein the first electronic equipment is provided with a compiling tool and an avbtool tool, and the first electronic equipment can be a computer, a server and other equipment. The compiling tool may be used to compile the image, and the compiling tool installed in the first electronic device may be an existing compiling tool, which is not limited in the embodiment of the present application, and the avbtool tool may be used to implement simplification of the security check partition image. The image generation method may include:
s201, compiling a first image written based on the source code by using a compiling tool to obtain a second image expressed by machine code, wherein the first image comprises a vbmeta image and a plurality of security check partition images.
In some embodiments, the compilation tool may translate the image from source code into machine code that may be directly executed by computer hardware (e.g., a chip). The first electronic device may initiate a compilation tool to compile a first image written based on the source code to obtain a second image represented by the machine code. It is understood that the second image also includes a vbmeta image and a plurality of secure check partition images.
S202, configuring the avbtool tool and the operation authority of the second mirror image.
In some embodiments, the generation of vbmeta_yyy_a.img and vbmeta_yy_b.img depends on the avbtool tool, the vbmeta image, and the respective security check partition images. By configuring the operating rights for the avbtool tool and the second image, the second image is made readable, replicable, etc., and the avbtool tool can load the second image. For example, the first electronic device may configure the operation rights for the avbtool tool and the second image by executing the set_file_permission command.
S203, obtaining the mirror image information of the vbmeta mirror image.
In some embodiments, the image information of the vbmeta image may refer to information of the security check partition image included in the vbmeta image, and it may be determined which security check partition image is included in the vbmeta image by analyzing the vbmeta image. For example, the first electronic device may implement invoking the avbtool tool to obtain the image information of the vbmeta image by executing get_vbmeta_info and avbtoolinfo_image—image vbmeta.
S204, copying the target security check partition image to the specified folder based on the image information of the vbmeta image and a preset image simplifying rule.
In some embodiments, the target security check partition image is copied to the designated folder based on the image information of the vbmeta image and the preset image compaction rule, so that the avbtool tool can conveniently perform the image packaging operation subsequently. The preset image compaction rule specifies which security check partition images participate in image compaction, or specifies which security check partition images do not participate in image compaction, and the preset image compaction rule can be set according to actual requirements, which is not limited by the embodiment of the application. For example, the preset image compaction rule may be a white list, the developer may add the image name of the security check partition image participating in image compaction to the white list, and the image having the independent upgrade requirement or the customization requirement may not be added to the white list, that is, not participate in image compaction. The target secure check partition image may refer to a secure check partition image that participates in image compaction. For example, the target secure check partition image includes vbmeta_system_a.img, vbmeta_vendor_a.img, vbmeta_system_ext_a.img, vbmeta_odm_a.img, and the like.
For example, the first electronic device may implement replication of the target security check partition image by executing the cyp_vbmeta_img command.
In some embodiments, the safe check partition images participating in the image compaction can be screened out based on the image information of the vbmeta image and a preset image compaction rule, an image packaging list is built based on the screened safe check partition images, and the safe check partition images recorded in the image packaging list are target safe check partition images.
In some embodiments, a designated folder may be set for each partition A, B, with the target safe check partition image of partition a stored in one designated folder and the target safe check partition image of partition B stored in another designated folder.
In some embodiments, assuming that each of the secure check partition images of the vbmeta image record is currently stored in a folder (e.g., temp folder), step S204 may also include: and deleting the safe check partition images which do not participate in image simplification from the currently stored folder based on the image information of the vbmeta images and a preset image simplification rule. For example, the secure check partition images vbmeta_xxxxx_a, vbmeta_xxxxx_b, vbmeta_xxxxx_a, vbmeta_xxxxx_b that do not participate in image compaction may be deleted from temp folders.
S205, adding a mirror image identification structure body into the mirror image content of each target security check partition mirror image, and filling the mirror image content so that each target security check partition mirror image reaches a preset size.
In some embodiments, by adding the mirror image identification structure body in the mirror image content of each target security check partition mirror image, the corresponding security check partition mirror image and the mirror image content thereof can be positioned based on the information recorded in the mirror image identification structure body in the subsequent AVB checking process of each security check partition mirror image. For each target security check partition image, an image identification structure body can be added to the tail of the image content, and the application is not limited to the method.
In some embodiments, the mirror-image identification structure may be a footer structure, which may include four portions: a flag bit, a mirror name bit, a start bit set, and a stop bit set. The flag bit, the mirror name bit, the start position bit and the end position bit can be set as fixed bytes, the format of the footer structure bodies added to the mirror images of all the target security check partitions is the same, and only the content is different. The marker bit can be used for positioning the footer structure body, the marker bit in the footer structure body of each target safety check partition image can have the same content, the content of the marker bit can be set to be obviously separated from the content of the image, and the content of the image name bit, the starting position bit and the ending position bit can be obviously separated, so that the marker bit can be conveniently identified subsequently, and the footer structure body can be quickly positioned. The mirror name bit is used for storing the mirror name of the target security check partition mirror image added with the folder structure, the start position bit is used for storing the start position of the mirror content of the target security check partition mirror image added with the folder structure, and the end position bit is used for storing the end position of the mirror content of the target security check partition mirror image added with the folder structure, so that when the AVB check is carried out later, the mirror content of a certain security check partition mirror image can be quickly positioned through the start position and the end position stored by the folder structure, and loading and hash check of the mirror content can be carried out.
In some embodiments, the android system defines that the size of the vbmeta structure is generally 4KB, and if the size of each target security check partition image after adding the image identification structure is still smaller than 4KB, the size of each target security check partition image can be made to reach the size of 4KB by respectively filling content into each target security check partition image. For example, a "0" may be added behind the mirror identifier structure of each target security check partition mirror, so that each target security check partition mirror is 4KB in size, and alignment of each target security check partition mirror is achieved.
For example, the first electronic device may implement adding a footer structure and complementing a "0" to 4KB size to the target secure enclave image by executing the pad_vbmeta_img command.
As shown in FIG. 3, taking the secure check partition image vbmeta_system_a.img as an example, a folder structure may be added after the image content of vbmeta_system_a.img, and the size of "0" to 4KB may be added after the folder structure.
In some embodiments, if the mirror image contents of each target security check partition image are directly spliced (no "0" is added and a folder structure is added), the mirror image contents of each target security check partition image and each target security check partition image cannot be accurately positioned in the subsequent AVB checking process, and the mirror images of each target security check partition image cannot be aligned due to inconsistent sizes of the target security check partition images. If the mirror image contents of each target safety check partition image are directly supplemented with 0 to 4KB in size, a focus structure body is not added for splicing, and only the target safety check partition images can be aligned, the problem that each target safety check partition image and the mirror image contents of each target safety check partition image cannot be accurately positioned in the AVB check process still occurs, and because the mirror image sizes of each target safety check partition image are inconsistent, namely different quantities of 0's are supplemented after the mirror image contents of each target safety check partition image, the supplemented 0's cannot be effectively distinguished from the mirror image contents, and further, when the subsequent hash operation of the mirror image contents is carried out, the hash operation result is wrong, and the verification of the mirror image contents cannot be accurately carried out.
S206, based on each target safe check partition image after filling processing, packaging to obtain a safe check simplified image.
In some embodiments, after the addition and content population of the image identification structure is completed for each target security check partition image in a specified folder, a security check reduced image (vbmeta_yy_a.img/vbmeta_yy_b.img) may be packaged based on each target security check partition image in the specified folder.
In some embodiments, the flag bit, the mirror name bit, the start position bit, and the end position bit in each of the footer structures may be filled in during the packing stage.
In some embodiments, in step S205, the corresponding content may be filled into the flag bit and the mirror name bit in each of the footer structures, and in the packing stage, the corresponding content may be filled into the start position bit and the end position bit in each of the footer structures.
For example, the first electronic device may control the avbtool tool to perform image packaging by executing the pvbmeta command to obtain the security check reduced image.
Taking the example of the vcbmeta_yyy_a.img as the vcbmeta_yyy_a.img, the structure of the packed vcbmeta_yy_a.img may be as shown in fig. 4, and it is assumed that the vcbmeta_yy_a.img includes 7 secure check partition images with a size of 4KB, and the vcbmeta_yy_a.img may be stored in the secure check partition vbmeta_yy_a, that is, the secure check partition vbmeta_yy_a may be a storage area with a size of 28 KB.
According to the image generation method, a camera structure body is added at the tail of each security check partition image in the security check reduced image, the camera structure body can be used for separating the image content of the security check partition image from the filled ' 0 ', the camera structure body can be quickly positioned based on the marker bit in the camera structure body so as to acquire the image name of the security check partition image added with the camera structure body and the starting position and the ending position of the image content, the image name of the current security check partition image stored on the camera structure body can be used for enabling the image name stored in the camera structure body to be compared with the image name of the security check partition image to be checked in the subsequent AVB check process, the image content can be quickly positioned based on the starting position and the ending position of the image content of the security check partition image stored in the camera structure body, loading and checking of the image content are facilitated, and the security check partition size of each security check partition ' 0 ' is guaranteed to be equal to the size of each security check partition ' 0 ', and the security check partition's is enabled to meet the security check rule of each security check partition ' 0 '.
In some embodiments, after the security check reduced image is obtained, the security check reduced image and the security check partition image which does not participate in the image reduction may be burned into a corresponding security check partition in the second electronic device, so that the second electronic device may perform AVB check in a startup process. For example, the operating system is MagicOS, in the MagicOS cube development stage, a developer can use a first electronic device (such as a computer or a server) to generate a security check reduced image, and then the security check reduced image and a security check partition image which does not participate in image reduction can be burnt to a second electronic device (such as a mobile phone or a tablet computer), so that the mobile phone or the tablet computer provided with MagicOS cube can carry out AVB check based on the security check reduced image and the security check partition image which does not participate in image reduction in the starting process.
In some embodiments, the second electronic device includes, but is not limited to, a terminal device such as a mobile phone, a tablet computer, a smart watch, a smart bracelet, smart glasses, a head display device, and the like. For example, the second electronic device adopts an Android a/B partition system, vbmeta_yy_a.img, vbmeta_xxxxx_a.img may be burned to a corresponding security check partition under the a partition system of the second electronic device, and vbmeta_yy_b.img, vbmeta_xxxxx_b.img may be burned to a corresponding security check partition under the B partition system of the second electronic device.
According to the embodiment of the application, the plurality of safe check partition images are packed into one safe check simplified image, the signature check and the image names of the safe check partition images are reserved, namely, the packed safe check simplified image does not change the original safe check partition image, so that the second electronic device can still check based on the original image check chain in the AVB check process, and the safe check partition images can be checked sequentially based on the check sequence of the image check chain, namely, the image check can still be performed by adopting a check flow similar to that of FIG. 1.
Assuming that it is determined that vbmeta_system_a.img is currently required to be checked based on the mirror check chain, reading the mirrored content of vbmeta_system_a.img from vbmeta_yy_a.img may be achieved by:
a1: identifying a flag bit in vbmeta_yyy_a.img, and positioning a footer structure body based on the flag bit;
a2: resolving the mirror name bit in the folder structure body to obtain the mirror name of the security check partition mirror added with the folder structure body;
a3: if the resolved image name of the security check partition image does not match with vbmeta_system_a, the process may jump to step a1 to identify the next flag bit in vbmeta_yy_a.img;
a4: if the resolved mirror name of the security check partition mirror is matched with the vbmeta_system_a, continuing resolving a start position set and a stop position set in the folder structure body to obtain a start position and a stop position of the mirror content of the vbmeta_system_a.img;
a5: and reading the mirrored content of the vbmeta_system_a.img from the vbmeta_yyy_a.img based on the analyzed starting position and ending position so as to perform signature verification and hash verification.
Fig. 5 is a flowchart of a system start-up verification method according to an embodiment of the present application. The method can be applied to a second electronic device, the second electronic device can execute the system start-up verification method in the starting-up process, and the system start-up verification method can comprise the following steps:
s501, obtaining a preset public key from LK and checking the vbmeta image based on the public key.
In some embodiments, the vbmeta image (vbmeta. Img) holds the verification data, signature, and other information of each secure verification partition. In order to improve the content security of the vbmeta image, the vbmeta image burned into the second electronic device is generally signed by the second electronic device manufacturer, and in the startup phase, a preset public key is obtained from LK, and the public key is used to verify whether the vbmeta image is made by the owner of the private key (i.e. the second electronic device manufacturer). Wherein the private key for signing the vbmeta image and the preset public key in LK are a key pair. If the vbmeta image passes the verification, it indicates that the vbmeta image is made by the second electronic device manufacturer, and step S502 is executed.
If the vbmeta image verification is not passed, the second electronic device is indicated to be failed to start, and the process is ended.
S502, if the vbmeta image verification passes, analyzing the vbmeta image to obtain an image list to be verified.
In some embodiments, the image manifest may record one or more secure parity partition images to be verified. The second electronic device may obtain the image list to be checked by analyzing the image check chain in the vbmeta image.
In some embodiments, the second electronic device may store a secure check partition image that is divided into a first type of secure check partition image and a second type of secure check partition image. The first type of the safe check partition image is a safe check simplified image obtained by packaging the safe check partition images based on the plurality of the participation images. The first type of secure parity partition image includes image content of a plurality of secure parity partition images, i.e., the plurality of secure parity partition images share a secure parity partition. The second type of the safe check partition image may refer to a safe check partition image which does not participate in image compaction, that is, the second type of the safe check partition image is stored in the original safe check partition manner.
S503, determining the safe check partition image to be loaded based on the image list.
In some embodiments, the loading verification may be performed sequentially according to the order of the security check partition images recorded in the image list, and the order of the security check partition images in the image list may be the same as the verification order of the image check chain, so that the security check partition images to be loaded may be determined based on the image list.
For example, the current secure check partition image to be loaded is the secure check partition image ordered first in the image list, and after loading and checking of the secure check partition image are completed, the secure check partition image ordered second in the image list is reloaded next time until each secure check partition image in the image list is loaded and checked.
S504, if the security check partition image to be loaded is a sub-image of the security check partition image of the first type, analyzing the security check reduced image, identifying a flag bit in the security check reduced image, and positioning a footer structure body based on the flag bit.
In some embodiments, if the security check partition image to be loaded is a child image of the security check partition image of the first type, it indicates that the security check partition image to be loaded is a security check partition image participating in image compaction, and the image content of the security check partition image to be loaded needs to be read from the security check partition where the security check compact image is located.
The method is characterized in that the safe check reduced image is obtained by packing 20 safe check partition images, namely 20 Footer structures exist in the safe check reduced image, each Footer structure corresponds to one safe check partition image, and each Footer structure comprises a flag bit. The marker bit in the safe check simple image is identified by analyzing the safe check simple image, and then a folder structure body can be positioned based on the marker bit. After the folder structure is positioned, the mirror name bit in the folder structure can be analyzed to obtain the mirror name of the security check partition mirror image added with the folder structure so as to be matched with the mirror name of the security check partition mirror image to be loaded.
S505, resolving the mirror name bit in the folder structure body to obtain the mirror name of the security check partition mirror added with the folder structure body.
S506, judging whether the mirror name of the security check partition mirror image obtained through analysis is matched with the mirror name of the security check partition mirror image to be loaded.
In some embodiments, the resolved image name of the security check partition image may be compared with the image name of the security check partition image to be loaded to determine whether the names match.
S507, if the names are matched, continuing to analyze the start position set and the end position set in the folder structure.
In some embodiments, if the resolved image name of the security check partition image matches with the image name of the security check partition image to be loaded, it indicates that the security check partition image added with the footer structure body is the security check partition image to be loaded currently, and further, the starting position and the ending position of the image content can be obtained by continuously resolving the starting position and the ending position in the footer structure body, so as to accurately read the image content of the security check partition image to be loaded.
In some embodiments, if the names do not match, the flow may jump to step S505 to identify the next flag bit in the security check reduced image.
S508, loading the mirror image content based on the analyzed starting position and ending position.
In some embodiments, after resolving to obtain a starting position and an ending position of the mirror image content of the security check partition image to be loaded in the security check reduced image, the mirror image content can be read from the security check partition where the security check reduced image is located based on the starting position and the ending position, so that the mirror image content of the security check partition image to be loaded can be loaded into the memory.
And S509, if the security check partition image to be loaded is a second type security check partition image, loading the image content based on the image name of the security check partition image to be loaded.
In some embodiments, if the security check partition image to be loaded is the second type of security check partition image, it indicates that the security check partition image to be loaded does not participate in the security check partition image with reduced images, that is, the security check partition image to be loaded is stored in the a/B partition system or the virtual a/B partition system in the existing manner, and the image content of the security check partition image to be loaded can be directly read from the corresponding security check partition based on the image name of the security check partition image to be loaded, so that the image content of the security check partition image to be loaded can be loaded into the memory.
S510, signature verification is carried out on the loaded mirror image content.
In some embodiments, in order to ensure the security of the image content of the security check partition image, the loaded image content is generally ciphertext, and the vbmeta image stores the signature verification key of each security check partition image. Signature verification of the loaded image may include: and judging whether the loaded image content can be converted into a plaintext by using a pre-stored signature verification key (a signature verification key of the security verification partition image to which the image content belongs). If the loaded image content can be successfully converted from ciphertext to plaintext by using the pre-stored signature verification key, that is, the signature verification of the image content is passed, step S511 is performed.
In some embodiments, if the mirror image content of the security check partition mirror image is larger, the mirror image content of the entire security check partition mirror image cannot be loaded into the memory at one time, that is, the mirror image content of the security check partition mirror image needs to be loaded into the memory multiple times, where the signature verification may be performed only when the mirror image content of the security check partition mirror image is loaded for the first time.
If the signature verification is not passed, the second electronic equipment is indicated to be failed to start, and the process is ended.
S511, if the signature verification is passed, carrying out hash verification on the loaded mirror image content.
In some embodiments, if the image content of the security check partition image is smaller, the image content may be loaded into the memory at one time, and the verification may be performed by calculating the hash value of the image content, so as to confirm whether the image content is tampered. For example, the calculated hash value is compared with an expected hash value (the expected hash value can be stored in the vbmeta image), and whether the read image content of the security check partition image is tampered is confirmed. If the hash value passes the verification, step S512 is performed. If the hash value is not checked, the fact that the mirror image content of the security check partition mirror image is tampered is indicated, namely the second electronic equipment fails to start, and the process is finished.
If the mirror image content of the security check partition mirror image is large, the mirror image content of the whole security check partition mirror image cannot be loaded into the memory at one time, and the mirror image content needs to be loaded into the memory for multiple times. Therefore, the hash verification process is continuously performed in the process of loading the mirror image content of the mirror image of the secure check partition into the memory (hash values corresponding to the loading of multiple contents can be constructed to obtain a hash tree), and in this case, the verification can be performed by calculating the root hash value of the hash tree. For example, the calculated root hash value is compared with an expected root hash value (the expected root hash value can be stored in the vbmeta image), and whether the read image content of the security check partition image is tampered is confirmed. If the root hash value passes the verification, step S512 is performed. If the root hash value is not checked, the fact that the mirror image content of the security check partition mirror image is tampered is indicated, and the process is ended, namely the second electronic equipment fails to start.
And S512, if the hash check passes, determining that the safe check partition image is a legal image.
In some embodiments, if the hash check passes, it may be determined that the secure check partition image is a legal image, and then the image content may be saved or mounted. For example, if the security check partition image is an image that is checked before the kernel is started, the image content of the loaded security check partition image can be stored in the memory, so that copying can be performed during subsequent kernel loading; if the security check partition image is an image for checking after the kernel is started, the image content of the security check partition image can be mounted, so that the follow-up init process can be conveniently called.
In some embodiments, after step S512 is performed, the flow may jump back to step S503 to determine the next secure parity partition image to be loaded based on the image list until all the secure parity partition images in the image list complete the verification.
Referring to fig. 6, a flowchart of a method for generating an image according to another embodiment of the present application is shown. The method is applied to the first electronic equipment, and the first electronic equipment can be equipment for performing software development work, such as a computer and a server. The image generation method comprises the following steps:
s601, determining a plurality of target security check partition images participating in image compaction based on a preset image compaction rule.
In some embodiments, the preset image reduction rule may be set by a developer according to actual requirements, which is not limited by the embodiment of the present application. For example, the images with independent upgrading requirements or customizing requirements can be excluded, the images are not involved in image compaction, and the images are still stored independently according to the existing partition mode, namely, the original security check partition is adopted for storing the image content.
For example, the preset image compaction rule may be a white list, the developer may add the image name of the security check partition image participating in image compaction to the white list, the image having an independent upgrade requirement or a customization requirement is not added to the white list, the white list may be stored in the first electronic device, and further the first electronic device may determine a plurality of target security check partition images participating in image compaction based on the white list.
S602, adding a mirror image identification structure body for each target safe check partition mirror image in a plurality of target safe check partition mirror images, wherein the mirror image identification structure body is used for storing information of the corresponding target safe check partition mirror image.
By adding the mirror image identification structure body in the mirror image content of each target security check partition mirror image, the corresponding security check partition mirror image and the mirror image content thereof can be positioned based on the information recorded in the mirror image identification structure body in the subsequent AVB check process of each security check partition mirror image. For each target security check partition image, an image identification structure may be added to the end of the image content.
In some embodiments, the mirror-image identification structure may be a footer structure, which may include four portions: a flag bit, a mirror name bit, a start bit set, and a stop bit set. The flag bit, the mirror name bit, the start position bit and the end position bit can be set as fixed bytes, the format of the footer structure bodies added to the mirror images of all the target security check partitions is the same, and only the content is different. The marker bit can be used for positioning the footer structure body, the marker bit in the footer structure body of each target safety check partition image can have the same content, and the content of the marker bit can be set to be obviously separated from the content areas of the image content, the image name bit, the starting position bit and the ending position bit, so that the marker bit can be conveniently identified subsequently, and the footer structure body can be quickly positioned. The mirror name bit is used for storing the mirror name of the target security check partition mirror image added with the folder structure, the start position bit is used for storing the start position of the mirror content of the target security check partition mirror image added with the folder structure in the security check reduced mirror image, and the end position bit is used for storing the end position of the mirror content of the target security check partition mirror image added with the folder structure in the security check reduced mirror image, so that when AVB check is carried out later, the mirror content of a certain security check partition mirror image can be quickly positioned through the start position and the end position stored by the folder structure, and loading and hash check of the mirror content can be carried out.
S603, based on each target security check partition image added with the image identification structure, packaging to obtain a security check simplified image.
In some embodiments, after the addition of the image identification structure is completed for each target safe check partition image, the safe check reduced image may be packaged based on each target safe check partition image.
In some embodiments, each target security check partition image before packaging corresponds to a different signature check key, the image packaging process involves copy operations of the image content, and the signature check of each target security check partition image is preserved, i.e., in the security check reduced image, each security check partition image still corresponds to a different signature check key.
According to the image generation method, the plurality of safe check partition images are packaged into the safe check simplified image, the safe check partition images can be stored in one safe check partition, the number of the safe check partitions recorded in the partition list can be reduced, the data quantity, maintenance cost and occupation of memory space of the partition list can be reduced, the query efficiency of the partition list is improved, signature check and image information of each safe check partition image are reserved, corresponding image content can be read correctly during follow-up check, and check can be performed based on an original image check chain.
Referring to fig. 7, a flowchart of a method for generating an image according to another embodiment of the present application is shown. The method is applied to the first electronic equipment, and the first electronic equipment can be equipment for performing software development work, such as a computer and a server. The image generation method comprises the following steps:
s701, determining a plurality of target security check partition images participating in image compaction based on a preset image compaction rule.
Step S701 of the embodiment of the present application is similar to step S601 of the previous embodiment, and in order to avoid repetition, a description thereof is omitted here.
S702, adding a mirror image identification structure body for each target safe check partition mirror image in a plurality of target safe check partition mirror images, wherein the mirror image identification structure body is used for storing information of the corresponding target safe check partition mirror image.
Step S702 of the embodiment of the present application is similar to step S602 of the previous embodiment, and in order to avoid repetition, the description is omitted here.
S703, filling the content of each target security check partition image added with the image identification structure body, so that each target security check partition image reaches a preset size.
In some embodiments, the android system defines that the size of the vbmeta structure is generally 4KB, the size of each target security check partition image after the image identification structure is added may still be smaller than 4KB, and at this time, filling of preset content may be performed for each target security check partition image, so that each target security check partition image reaches the size of 4 KB. For example, "0" may be complemented behind the image identification structure of each target security check partition image, so that each target security check partition image is 4KB in size, so that each target security check partition image may be aligned in the security check reduced image, and the image content may be separated from the filler content by the image identification structure.
S704, based on each target safe check partition image after content filling, packaging to obtain a safe check simplified image.
In some embodiments, after adding the image identification structure and filling the content to each target security check partition image is completed, the security check reduced image may be obtained by packing based on each target security check partition image. Each target safe check partition image before packaging corresponds to different signature check keys, the image packaging process involves copy operation of image content, and signature check of each target safe check partition image is reserved, namely, in the safe check compact images, each safe check partition image still corresponds to different signature check keys.
According to the image generation method, the plurality of safe check partition images are packaged into the safe check simplified image, the safe check partition images can be stored in one safe check partition, the number of the safe check partition images recorded in the partition list can be reduced, the data quantity, the maintenance cost and the occupation of a memory space of the partition list can be reduced, the query efficiency of the partition list is improved, the signature check and image information of each safe check partition image are reserved, the corresponding image content can be correctly read during the follow-up check, the verification can be still carried out based on the original image check chain, and the alignment of each safe check partition image is ensured by supplementing each safe check partition image with the size of 0 to 4KB, so that each safe check partition image accords with the vbmeta image specification.
Referring to fig. 8, a flowchart of a system start-up verification method according to an embodiment of the present application is shown. The method is applied to the second electronic equipment, the second electronic equipment can execute the system start verification method in the starting process, and the second electronic equipment can be terminal equipment such as a mobile phone, a tablet personal computer, a notebook computer and the like. The system start verification method comprises the following steps:
s801, a mirror image list to be checked is obtained.
In some embodiments, the vbmeta image stores the verification data, signature, and other information of each secure verification partition. The second electronic device may obtain the image list to be checked by parsing the image check chain in the vbmeta image (the image check chain may be a check chain, including each image that needs to be verified in turn in the startup phase).
In some embodiments, the second electronic device stores a first type of secure check partition image and a second type of secure check partition image. The first type of the safe check partition image is a safe check simplified image obtained by packaging the safe check partition images based on the plurality of the participation images. The first type of secure parity partition image includes image content of a plurality of secure parity partition images, i.e., the plurality of secure parity partition images share a secure parity partition. The second type of the safe check partition image may refer to a safe check partition image which does not participate in image compaction, that is, the second type of the safe check partition image is stored in the original safe check partition manner.
The first security check reduced image is obtained based on the first to tenth security check partition images, which can be called as sub-images of the first security check reduced image.
S802, determining a safe check partition image to be loaded based on the image list.
In some embodiments, a plurality of security check partition images to be checked are recorded in the image list, and the order of each security check partition image to be checked in the image list may be the same as the check order of the image check chain, so that the security check partition image to be loaded may be determined based on the image list.
For example, the current secure check partition image to be loaded is the secure check partition image ordered first in the image list, and after loading and checking of the secure check partition image are completed, the secure check partition image ordered second in the image list is reloaded next time until each secure check partition image in the image list is loaded and checked.
S803, if the security check partition image to be loaded is a child image of the security check partition image of the first type, identifying an image identification structure of the security check reduced image.
In some embodiments, if the security check partition image to be loaded is a child image of the security check partition image of the first type, it indicates that the security check partition image to be loaded is a security check partition image participating in image compaction, and the image content of the security check partition image to be loaded needs to be read from the security check partition where the security check compact image is located.
In the safe check simple image, each image identification structure corresponds to one safe check partition image, each image identification structure comprises a marker bit, the marker bit in the safe check simple image can be identified by analyzing the safe check simple image, and then the image identification structure can be positioned based on the marker bit.
S804, based on the mirror image identification structure body, acquiring the position information of the mirror image content of the security check partition mirror image to be loaded in the security check compact mirror image.
In some embodiments, after locating the mirror identification structure, the mirror name bit in the mirror identification structure may be parsed to obtain the mirror name of the security check partition image to which the mirror identification structure is added, so as to match the mirror name of the security check partition image to be loaded.
If the resolved mirror name of the security check partition mirror image is matched with the mirror name of the security check partition mirror image to be loaded, the security check partition mirror image added with the mirror image identification structure body is the security check partition mirror image to be loaded currently, and further, the position information (the starting position and the ending position) of the mirror image content can be obtained by continuously resolving the starting position and the ending position in the mirror image identification structure body, so that the mirror image content of the security check partition mirror image to be loaded can be accurately read later.
In some embodiments, if the names do not match, the next flag bit in the security check reduced image may be continuously identified, and the next image identification structure may be located.
S805, loading the mirror image content based on the location information.
In some embodiments, after obtaining the start position and the end position of the mirrored content of the security check partition image to be loaded, the second electronic device may accurately read the mirrored content of the security check partition image to be loaded based on the start position and the end position.
And S806, if the security check partition image to be loaded is a second type security check partition image, loading the image content based on the image name of the security check partition image to be loaded.
In some embodiments, if the security check partition image to be loaded is the second type of security check partition image, it indicates that the security check partition image to be loaded does not participate in image compaction, that is, the security check partition image to be loaded is stored in the security check partition according to the existing manner, and the image content can be directly read from the corresponding security check partition based on the image name of the security check partition image to be loaded, so that the image content of the security check partition image to be loaded can be loaded into the memory. For example, the second electronic device may find a security check partition corresponding to the mirror name of the security check partition mirror to be loaded, and read the mirror content of the security check partition mirror to be loaded from the corresponding security check partition.
S807, signature verification and hash verification are carried out on the loaded mirror image content.
In some embodiments, in order to ensure the security of the image content of the security check partition image, the loaded image content is generally ciphertext, and the vbmeta image stores the signature verification key of each security check partition image. Signature verification of a loaded image may refer to: the loaded image content can be converted into plaintext using a pre-stored signature verification key (a signature verification key of a security verification partition image to which the image content belongs). If the pre-stored signature verification key is used, the loaded mirror image content can be successfully converted into a plaintext from the ciphertext, the signature verification of the mirror image content is passed, and if the pre-stored signature verification key is used, the loaded mirror image content cannot be converted into the plaintext from the ciphertext, the signature verification of the mirror image content is not passed.
In some embodiments, if the signature verification passes, the hash verification may continue on the loaded mirrored content. If the mirror image content of the security check partition mirror image is smaller, the mirror image content can be loaded into the memory at one time, and the hash value of the mirror image content can be calculated to check so as to confirm whether the mirror image content is tampered. For example, the calculated hash value is compared with an expected hash value (the expected hash value can be stored in the vbmeta image), and whether the read image content of the security check partition image is tampered is confirmed. If the calculated hash value is the same as the expected hash value, the hash check passes, and if the calculated hash value is different from the expected hash value, the hash check does not pass.
If the mirror image content of the security check partition mirror image is large, the mirror image content of the whole security check partition mirror image cannot be loaded into the memory at one time, and the mirror image content needs to be loaded into the memory for multiple times. Therefore, the hash verification process is continuously performed in the process of loading the mirror image content of the mirror image of the secure check partition into the memory (hash values corresponding to the loading of multiple contents can be constructed to obtain a hash tree), and in this case, the verification can be performed by calculating the root hash value of the hash tree. For example, the calculated root hash value is compared with an expected root hash value (the expected root hash value can be stored in the vbmeta image), and whether the read image content of the security check partition image is tampered is confirmed. If the calculated root hash value is the same as the expected root hash value, the hash check passes, and if the calculated root hash value is different from the expected root hash value, the hash check does not pass.
And S808, if the signature verification and the hash verification pass, determining that the safe check partition image is a legal image.
In some embodiments, if the signature verification and the hash verification of the security check partition image are both passed, the second electronic device may determine that the security check partition image is a legal image, and may store or mount the image content later. For example, if the security check partition image is an image that is checked before the kernel is started, the image content of the loaded security check partition image can be stored in the memory, so that copying can be performed during subsequent kernel loading; if the security check partition image is an image for checking after the kernel is started, the image content of the security check partition image can be mounted, so that the follow-up init process can be conveniently called.
S809, if the signature verification or the hash verification is not passed, determining that the security verification partition image is an illegal image.
In some embodiments, if the signature verification or the hash verification of the security check partition image is not passed, it indicates that the security check partition image is not issued by the second electronic device manufacturer or the image content of the security check partition image is tampered, and it is determined that the security check partition image is an illegal image, and the second electronic device cannot be started.
Referring to fig. 9, a first electronic device 1000 may be a computer, a server, or the like for performing a software development work. As shown in fig. 9, the first electronic device 100 may include a processor 1001, a memory 1002, and a communication bus 1003. The memory 1002 is used to store one or more computer programs 1004. One or more computer programs 1004 are configured to be executed by the processor 1001. The one or more computer programs 1004 include instructions that when executed by the processor 1001 may implement the image generation method described in fig. 2 or fig. 7 to be performed in the first electronic device 100.
It is to be understood that the structure illustrated in this embodiment does not constitute a specific limitation on the first electronic device 100. In other embodiments, the first electronic device 100 may include more or fewer components than shown, or may combine certain components, or split certain components, or a different arrangement of components.
The processor 1001 may include one or more processing units, such as: the processor 1001 may include an application processor (application processor, AP), a modem, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), a controller, a video codec, a digital signal processor (digital signal processor, DSP), a baseband processor, and/or a neural network processor (neural-network processing unit, NPU), etc. Wherein the different processing units may be separate devices or may be integrated in one or more processors.
The processor 1001 may also have a memory for storing instructions and data. In some embodiments, the memory in the processor 1001 is a cache memory. The memory may hold instructions or data that the processor 1001 has just used or recycled. If the processor 1001 needs to reuse the instruction or data, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 1001 is reduced, thus improving the efficiency of the system.
In some embodiments, the processor 1001 may include one or more interfaces. The interfaces may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous receiver transmitter (universal asynchronous receiver/transmitter, UART) interface, a mobile industry processor interface (mobile industry processor interface, MIPI), a general-purpose input/output (GPIO) interface, a SIM interface, and/or a USB interface, among others.
In some embodiments, memory 1002 may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card), at least one disk storage device, a Flash memory device, or other non-volatile solid state storage device.
Referring to fig. 10, the second electronic device 200 may be a mobile phone, a tablet computer, a desktop computer, a laptop computer, a handheld computer, a notebook computer, an ultra mobile personal computer (Ultramobile Personal Computer, UMPC), a netbook, a cellular phone, a personal digital assistant (Personal Digital Assistant, PDA), an augmented Reality (Augmented Reality, AR) device, a Virtual Reality (VR) device, an artificial intelligence (Artificial Intelligence, AI) device, a wearable device, a vehicle-mounted device, a smart home device, and/or a smart city device, and the specific type of the second electronic device 200 is not particularly limited in the embodiments of the present application.
The second electronic device 200 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (Universal Serial Bus, USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, keys 190, a motor 191, an indicator 192, a camera 193, a display 194, and a user identification module (Subscriber Identification Module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.
It should be understood that the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the second electronic device 200. In other embodiments of the application, the second electronic device 200 may include more or fewer components than shown, or may combine certain components, or may split certain components, or may have a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
The processor 110 may include one or more processing units, such as: the processor 110 may include an application processor (Application Processor, AP), a modem processor, a graphics processor (Graphics Processing Unit, GPU), an image signal processor (Image Signal Processor, ISP), a controller, a video codec, a digital signal processor (Digital Signal Processor, DSP), a baseband processor, and/or a Neural network processor (Neural-network Processing Unit, NPU), etc. Wherein the different processing units may be separate devices or may be integrated in one or more processors.
The controller can generate operation control signals according to the instruction operation codes and the time sequence signals to finish the control of instruction fetching and instruction execution.
A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby improving the efficiency of the system.
In some embodiments, the processor 110 may include one or more interfaces. The interfaces may include an integrated circuit (Inter-integrated Circuit, I2C) interface, an integrated circuit built-in audio (Inter-integrated Circuit Sound, I2S) interface, a pulse code modulation (Pulse Code Modulation, PCM) interface, a universal asynchronous receiver transmitter (universal asynchronous receiver/transmitter, UART) interface, a mobile industry processor interface (Mobile Industry Processor Interface, MIPI), a General-Purpose Input/Output (GPIO) interface, a subscriber identity module (Subscriber Identity Module, SIM) interface, and/or a universal serial bus (Universal Serial Bus, USB) interface, among others.
The I2C interface is a bi-directional synchronous Serial bus, comprising a Serial Data Line (SDA) and a Serial clock Line (Derail Clock Line, SCL). In some embodiments, the processor 110 may contain multiple sets of I2C buses. The processor 110 may be coupled to the touch sensor 180K, charger, flash, camera 193, etc., respectively, through different I2C bus interfaces. For example: the processor 110 may be coupled to the touch sensor 180K through an I2C interface, such that the processor 110 communicates with the touch sensor 180K through an I2C bus interface to implement a touch function of the second electronic device 200.
The I2S interface may be used for audio communication.
PCM interfaces may also be used for audio communication to sample, quantize and encode analog signals.
The UART interface is a universal serial data bus for asynchronous communications. The bus may be a bi-directional communication bus. It converts the data to be transmitted between serial communication and parallel communication.
The MIPI interface may be used to connect the processor 110 to peripheral devices such as a display 194, a camera 193, and the like. The MIPI interfaces include camera serial interfaces (Camera Serial Interface, CSI), display serial interfaces (Display Serial Interface, DSI), and the like. In some embodiments, the processor 110 and the display screen 194 communicate via a DSI interface to implement the display functionality of the second electronic device 200.
The GPIO interface may be configured by software. The GPIO interface may be configured as a control signal or as a data signal.
The USB interface 130 is an interface conforming to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, or the like.
It should be understood that the interfacing relationship between the modules illustrated in the embodiment of the present application is only schematically illustrated, and does not limit the structure of the second electronic device 200. In other embodiments of the present application, the second electronic device 200 may also use different interfacing manners, or a combination of multiple interfacing manners, as in the above embodiments.
The second electronic device 200 implements display functions through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or change display information.
The display screen 194 is used to display images, videos, and the like. The display 194 includes a display panel. The display panel may employ a liquid crystal display (Liquid Crystal Display, LCD), an Organic Light-Emitting Diode (OLED), an Active-Matrix Organic Light-Emitting Diode (AMOLED), a Flexible Light-Emitting Diode (FLED), a mini, a Micro-OLED, a quantum dot Light-Emitting Diode (QLED), or the like. In some embodiments, the second electronic device 200 may include 1 or N display screens 194, N being a positive integer greater than 1.
The digital signal processor is used for processing digital signals, and can process other digital signals besides digital image signals. For example, when the second electronic device 200 selects a frequency bin, the digital signal processor is used to fourier transform the frequency bin energy, or the like.
The internal Memory 121 may include one or more Random-Access memories (RAMs) and one or more nonvolatile memories (NVM).
The random access memory may include static random access memory (Static RandomAccess Memory, SRAM), dynamic random access memory (Dynamic Random Access Memory, DRAM), synchronous dynamic random access memory (Synchronous Dynamic Random Access Memory, SDRAM), double data rate synchronous dynamic random access memory (Double Data Rate Synchronous Dynamic Random Access Memory, DDR SDRAM, e.g., fifth generation DDR SDRAM is commonly referred to as DDR5 SDRAM), etc.; the nonvolatile memory may include a disk storage device, a flash memory (flash memory).
The FLASH memory may include NOR FLASH, NAND FLASH, 3D NAND FLASH, etc. divided according to an operation principle, may include Single-Level Cell (SLC), multi-Level Cell (MLC), triple-Level Cell (TLC), quad-Level Cell (QLC), etc. divided according to a storage specification, may include universal FLASH memory (Universal Flash Storage, UFS), embedded multimedia memory card (embedded Multi Media Card, eMMC), etc. divided according to a storage specification.
The random access memory may be read directly from and written to by the processor 110, may be used to store executable programs (e.g., machine instructions) for an operating system or other on-the-fly programs, may also be used to store data for users and applications, and the like.
The nonvolatile memory may store executable programs, store data of users and applications, and the like, and may be loaded into the random access memory in advance for the processor 110 to directly read and write.
The external memory interface 120 may be used to connect to an external non-volatile memory to enable expansion of the memory capabilities of the second electronic device 200. The external nonvolatile memory communicates with the processor 110 through the external memory interface 120 to implement a data storage function. For example, files such as music and video are stored in an external nonvolatile memory.
The internal memory 121 or the external memory interface 120 is used to store one or more computer programs. One or more computer programs are configured to be executed by the processor 110. The one or more computer programs include a plurality of instructions that when executed by the processor 110, implement the system boot verification method performed on the second electronic device 200 in the above embodiment to implement the handwriting input display function of the second electronic device 200.
The pressure sensor 180A is used to sense a pressure signal, and may convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194. The pressure sensor 180A is of various types, such as a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, and the like. The capacitive pressure sensor may be a capacitive pressure sensor comprising at least two parallel plates with conductive material. The capacitance between the electrodes changes when a force is applied to the pressure sensor 180A. The second electronic device 200 determines the strength of the pressure from the change in capacitance. When a touch operation is applied to the display screen 194, the second electronic device 200 detects the intensity of the touch operation according to the pressure sensor 180A. The second electronic device 200 may also calculate the location of the touch from the detection signal of the pressure sensor 180A. In some embodiments, touch operations that act on the same touch location, but at different touch operation strengths, may correspond to different operation instructions. For example: and executing an instruction for checking the short message when the touch operation with the touch operation intensity smaller than the first pressure threshold acts on the short message application icon. And executing an instruction for newly creating the short message when the touch operation with the touch operation intensity being greater than or equal to the first pressure threshold acts on the short message application icon.
The touch sensor 180K, also referred to as a "touch device". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is for detecting a touch operation acting thereon or thereabout. The touch sensor may communicate the detected touch operation to the application processor to determine the touch event type. Visual output related to touch operations may be provided through the display 194. In other embodiments, the touch sensor 180K may also be disposed on the surface of the second electronic device 200 at a different location than the display 194.
The bone conduction sensor 180M may acquire a vibration signal. In some embodiments, bone conduction sensor 180M may acquire a vibration signal of a human vocal tract vibrating bone pieces. The bone conduction sensor 180M may also contact the pulse of the human body to receive the blood pressure pulsation signal. In some embodiments, bone conduction sensor 180M may also be provided in a headset, in combination with an osteoinductive headset. The audio module 170 may analyze the voice signal based on the vibration signal of the sound portion vibration bone block obtained by the bone conduction sensor 180M, so as to implement a voice function. The application processor may analyze the heart rate information based on the blood pressure beat signal acquired by the bone conduction sensor 180M, so as to implement a heart rate detection function.
The keys 190 include a power-on key, a volume key, etc. The keys 190 may be mechanical keys. Or may be a touch key. The second electronic device 200 may receive key inputs, generating key signal inputs related to user settings and function controls of the second electronic device 200.
The motor 191 may generate a vibration cue. The motor 191 may be used for incoming call vibration prompting or touch vibration feedback. For example, touch operations acting on different applications (e.g., photographing, audio playing, etc.) may correspond to different vibration feedback effects. The motor 191 can also correspond to different vibration feedback effects by the touch operation on different areas of the display 194. Different application scenarios (such as time reminding, receiving information, alarm clock, game, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.
The indicator 192 may be an indicator light, may be used to indicate a state of charge, a change in charge, a message indicating a missed call, a notification, etc.
The SIM card interface 195 is used to connect a SIM card. The SIM card may be inserted into the SIM card interface 195 or removed from the SIM card interface 195 to enable contact and separation with the second electronic device 200. The second electronic device 200 may support 1 or N SIM card interfaces, N being a positive integer greater than 1. The SIM card interface 195 may support Nano SIM cards, micro SIM cards, and the like. The same SIM card interface 195 may be used to insert multiple cards simultaneously. The types of the plurality of cards may be the same or different. The SIM card interface 195 may also be compatible with different types of SIM cards. The SIM card interface 195 may also be compatible with external memory cards. The second electronic device 200 interacts with the network through the SIM card to realize functions such as communication and data communication. In some embodiments, the second electronic device 200 employs esims, namely: an embedded SIM card. The eSIM card can be embedded in the second electronic device 200 and cannot be separated from the second electronic device 200.
The present embodiment also provides a computer-readable storage medium having stored therein computer instructions that, when executed on the first electronic device 100, cause the first electronic device 100 to perform the above-described related method steps to implement the image generation method in the above-described embodiment, and when executed on the second electronic device 200, cause the second electronic device 200 to perform the above-described related method steps to implement the system start-up verification method in the above-described embodiment.
The present embodiment also provides a computer program product, which when run on a computer, causes the computer to perform the above-mentioned related steps to implement the image generation method or the system start-up verification method in the above-mentioned embodiments.
In addition, embodiments of the present application also provide an apparatus, which may be embodied as a chip, component or module, which may include a processor and a memory coupled to each other; the memory is used for storing computer-executed instructions, and when the device runs, the processor can execute the computer-executed instructions stored in the memory, so that the chip executes the mirror image generation method or the system start verification method in the method embodiments.
The electronic device, the computer readable storage medium, the computer program product or the chip provided in this embodiment are used to execute the corresponding method provided above, so that the beneficial effects thereof can be referred to the beneficial effects in the corresponding method provided above, and will not be described herein.
From the foregoing description of the embodiments, it will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of functional modules is illustrated, and in practical application, the above-described functional allocation may be implemented by different functional modules according to needs, i.e. the internal structure of the apparatus is divided into different functional modules to implement all or part of the functions described above.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another apparatus, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and the parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated unit may be stored in a readable storage medium if implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the embodiments of the present application may be essentially or a part contributing to the prior art or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including several instructions for causing a device (may be a single-chip microcomputer, a chip or the like) or a processor (processor) to perform all or part of the steps of the methods of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random-Access Memory (RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Finally, it should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present application and not for limiting the same, and although the present application has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the technical solution of the present application without departing from the spirit and scope of the technical solution of the present application.
Claims (15)
1. A method of image generation, the method comprising:
determining a plurality of safe check partition images participating in image compaction based on a preset image compaction rule;
adding a mirror image identification structure body for each of the plurality of security check partition mirror images, wherein the mirror image identification structure body is used for storing information of the corresponding security check partition mirror image, each security check partition mirror image corresponds to one security check partition one by one, and the security check partition is used for storing the corresponding mirror image;
and based on the images of each safety check partition added with the image identification structure body, packaging to obtain a safety check simplified image, wherein the safety check simplified image corresponds to one safety check partition, and the information stored by the image identification structure body comprises the position information of the image content of the corresponding safety check partition image in the safety check simplified image.
2. The image generation method of claim 1, wherein after adding an image identification structure to each of the plurality of secure check partition images, further comprising:
content filling is carried out on each security check partition image, so that each security check partition image reaches a preset size;
the step of packaging the images based on the images of each security check partition added with the image identification structure body to obtain the security check simplified image comprises the following steps:
and based on the content-filled safe check partition images, packaging to obtain the safe check reduced images, wherein each safe check partition image in the safe check reduced images is provided with a different signature check key.
3. The image generation method of claim 2, wherein adding an image identification structure for each of the plurality of secure check partition images comprises:
and adding the mirror image identification structural body after the mirror image content of each security check partition mirror image.
4. The image generating method as claimed in claim 3, wherein said content filling of each of the security check partition images comprises:
And filling preset contents after the mirror image identification structural body of each security check partition mirror image.
5. The image generating method according to any one of claims 1 to 4, wherein the image identification structure body includes a flag bit, an image name bit, a start position bit, and a stop position bit, the flag bit is used for locating the image identification structure body, the image name bit is used for storing an image name of a corresponding security check partition image, and the start position bit and the stop position bit are used for storing a start position and a stop position of an image content of the corresponding security check partition image in the security check reduced image.
6. The image generating method according to any one of claims 1 to 4, wherein the preset image reduction rule includes: a secure check partition image with independent upgrade requirements and/or customization requirements does not participate in image compaction.
7. A system start-up verification method, the method comprising:
acquiring a mirror image list to be checked;
determining a target security check partition image to be loaded based on the image list;
if the target safe check partition image is a sub-image of a first type of safe check partition image, identifying an image identification structure of the safe check reduced image, wherein the first type of safe check partition image is the safe check reduced image obtained by packing a plurality of safe check partition images participating in image reduction, each safe check partition image in the plurality of safe check partition images participating in image reduction corresponds to one safe check partition one by one, the safe check reduced image corresponds to one safe check partition, and the safe check partition is used for storing the corresponding image;
Based on the mirror image identification structure body, acquiring position information of the mirror image content of the target security check partition mirror image in the security check simple mirror image;
loading mirror image content based on the position information;
carrying out signature verification and hash verification on the loaded mirror image content;
and if the signature verification and the hash verification pass, determining that the target security verification partition image is a legal image.
8. The system boot verification method of claim 7, wherein the method further comprises:
and if the target safe check partition image is a second type safe check partition image, loading image content based on the image name of the target safe check partition image, wherein the second type safe check partition image is a safe check partition image which does not participate in image simplification.
9. The system boot verification method according to claim 8, wherein the loading of the image content based on the image name of the target security check partition image comprises:
searching a security check partition corresponding to the mirror name of the mirror image of the target security check partition;
and reading the mirror image content of the target security check partition mirror image from the corresponding security check partition.
10. The system boot verification method of claim 7, wherein the identifying the mirror identification structure of the security check reduced mirror comprises:
analyzing the safe check simple image and identifying a zone bit in the safe check simple image;
and positioning the mirror image identification structure body based on the marker bit.
11. The system boot verification method according to claim 10, wherein the obtaining, based on the image identification structure, location information of the image content of the target secure check partition image in the secure check reduced image includes:
resolving the mirror name bit in the mirror image identification structure body to obtain the mirror image name of the security check partition mirror image added with the mirror image identification structure body;
if the mirror name of the safe check partition mirror image added with the mirror identification structure body is matched with the mirror name of the target safe check partition mirror image, analyzing a start position set and a stop position set in the mirror identification structure body to obtain the position information of the mirror image content of the target safe check partition mirror image in the safe check simplified mirror image.
12. The system boot verification method according to any one of claims 7 to 11, wherein the performing signature verification and hash verification on the loaded image content includes:
Carrying out signature verification on the loaded mirror image content;
and if the signature verification is passed, carrying out hash verification on the loaded mirror image content, wherein the hash verification comprises verification on a hash value calculated based on the loaded mirror image content or verification on a root hash value of a hash tree constructed based on the loaded mirror image content.
13. An electronic device, the electronic device comprising a memory and a processor:
wherein the memory is used for storing program instructions;
the processor being configured to read and execute the program instructions stored in the memory, which when executed by the processor, cause the electronic device to perform the image generation method of any one of claims 1 to 6, or to perform the system boot verification method of any one of claims 7 to 12.
14. A computer readable storage medium, characterized in that the computer readable storage medium stores program instructions, which when run on an electronic device, cause the electronic device to perform the image generation method of any one of claims 1 to 6 or to perform the system start-up verification method of any one of claims 7 to 12.
15. A chip coupled to a memory in an electronic device, wherein the chip is configured to control the electronic device to perform the image generation method of any one of claims 1 to 6 or to perform the system start-up verification method of any one of claims 7 to 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310732587.4A CN116467015B (en) | 2023-06-20 | 2023-06-20 | Mirror image generation method, system start verification method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310732587.4A CN116467015B (en) | 2023-06-20 | 2023-06-20 | Mirror image generation method, system start verification method and related equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116467015A CN116467015A (en) | 2023-07-21 |
| CN116467015B true CN116467015B (en) | 2023-10-20 |
Family
ID=87181123
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310732587.4A Active CN116467015B (en) | 2023-06-20 | 2023-06-20 | Mirror image generation method, system start verification method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116467015B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117009003B (en) * | 2023-09-28 | 2024-01-09 | 飞腾信息技术有限公司 | Safe starting method and related device |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103955648A (en) * | 2014-05-15 | 2014-07-30 | 乐视致新电子科技(天津)有限公司 | Method and device for verifying legality of system image |
| CN113209633A (en) * | 2021-06-09 | 2021-08-06 | 腾讯科技(深圳)有限公司 | Mirror image processing method and device, electronic equipment and readable storage medium |
| CN113377391A (en) * | 2021-07-21 | 2021-09-10 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for making and burning mirror image file |
| CN113900673A (en) * | 2021-06-15 | 2022-01-07 | 荣耀终端有限公司 | System installation package management method, device, storage medium and program product |
| CN114185491A (en) * | 2021-12-13 | 2022-03-15 | 惠州Tcl移动通信有限公司 | Method and device for downloading partitioned file, storage medium and computer equipment |
| CN114706533A (en) * | 2022-04-24 | 2022-07-05 | 苏州睿芯集成电路科技有限公司 | Multi-file multi-stage starting and loading method and device based on GPT partition table |
| US11416233B1 (en) * | 2021-04-21 | 2022-08-16 | Dell Products, L.P. | Software upgrade system and method for a baseboard management controller configured in an information handling system |
| CN115328563A (en) * | 2022-10-09 | 2022-11-11 | 荣耀终端有限公司 | System starting method and electronic equipment |
-
2023
- 2023-06-20 CN CN202310732587.4A patent/CN116467015B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103955648A (en) * | 2014-05-15 | 2014-07-30 | 乐视致新电子科技(天津)有限公司 | Method and device for verifying legality of system image |
| US11416233B1 (en) * | 2021-04-21 | 2022-08-16 | Dell Products, L.P. | Software upgrade system and method for a baseboard management controller configured in an information handling system |
| CN113209633A (en) * | 2021-06-09 | 2021-08-06 | 腾讯科技(深圳)有限公司 | Mirror image processing method and device, electronic equipment and readable storage medium |
| CN113900673A (en) * | 2021-06-15 | 2022-01-07 | 荣耀终端有限公司 | System installation package management method, device, storage medium and program product |
| CN113377391A (en) * | 2021-07-21 | 2021-09-10 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for making and burning mirror image file |
| CN114185491A (en) * | 2021-12-13 | 2022-03-15 | 惠州Tcl移动通信有限公司 | Method and device for downloading partitioned file, storage medium and computer equipment |
| CN114706533A (en) * | 2022-04-24 | 2022-07-05 | 苏州睿芯集成电路科技有限公司 | Multi-file multi-stage starting and loading method and device based on GPT partition table |
| CN115328563A (en) * | 2022-10-09 | 2022-11-11 | 荣耀终端有限公司 | System starting method and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116467015A (en) | 2023-07-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11360696B2 (en) | System startup method and apparatus, electronic device, and storage medium | |
| US11256496B2 (en) | Apparatus and method for managing application | |
| CN106030525B (en) | Method for in-system provisioning of firmware for a hardware platform and hardware platform thereof | |
| CN109634628B (en) | Generating a checksum on a trusted storage device to speed up authentication | |
| KR101555210B1 (en) | Apparatus and method for downloadin contents using movinand in portable terminal | |
| TW201106194A (en) | Integrity verification using a peripheral device | |
| CN116467015B (en) | Mirror image generation method, system start verification method and related equipment | |
| CN108509215B (en) | System software replacing method and device, terminal equipment and storage medium | |
| CN108846129B (en) | Storage data access method, device and storage medium | |
| CN116266467A (en) | Memory device with secure boot update and auto-restore | |
| KR102405593B1 (en) | Electronic device and method for operating data of the same | |
| CN116700768B (en) | Application processing method and related device | |
| CN114096946A (en) | Method and apparatus for managing applications | |
| CN110045966A (en) | Processing method, device and the equipment of erector | |
| KR20200068275A (en) | Method and electronic device for initialization of storage | |
| CN114780120A (en) | Upgrading method, equipment and storage medium | |
| CN116661876B (en) | System starting method, file generating method, electronic equipment and server | |
| WO2024067053A1 (en) | Application program installation method and electronic device | |
| WO2022052739A1 (en) | Device tree repair method and system, and computer-readable storage medium | |
| CN117177246B (en) | Method for locking electronic equipment, electronic equipment and server | |
| US20230031974A1 (en) | Enabling spi firmware updates at runtime | |
| US20230393835A1 (en) | Patching code aligned with an executing base operating system | |
| CN116679946A (en) | Firmware upgrading method and terminal | |
| TW202009766A (en) | Electronic device having self-checking mechanism of application program, self-checking mechanism of application program, computer-readable medium, and application program product that opens and executes a Java application program when an application-end digital signature embedded in the Java application program matches a development-end digital signature | |
| TWM569868U (en) | Electronic device with application program based self-checking mechanism |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |