CN116702161A - Micro control unit storage partitioning method, device, equipment and storage medium - Google Patents

Micro control unit storage partitioning method, device, equipment and storage medium Download PDF

Info

Publication number
CN116702161A
CN116702161A CN202210181599.8A CN202210181599A CN116702161A CN 116702161 A CN116702161 A CN 116702161A CN 202210181599 A CN202210181599 A CN 202210181599A CN 116702161 A CN116702161 A CN 116702161A
Authority
CN
China
Prior art keywords
access
configuration information
control unit
authority
partition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210181599.8A
Other languages
Chinese (zh)
Inventor
何俊伶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nationz Technologies Inc
Original Assignee
Nationz Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nationz Technologies Inc filed Critical Nationz Technologies Inc
Priority to CN202210181599.8A priority Critical patent/CN116702161A/en
Publication of CN116702161A publication Critical patent/CN116702161A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a micro-control unit storage partitioning method, a micro-control unit storage partitioning device, micro-control unit storage partitioning equipment and a storage medium. The method comprises the following steps: obtaining partition configuration information; performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users; and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information. Therefore, by dividing the area of the flash main storage area and setting the access authority, the contents of the on-chip storage areas used by different users can be effectively protected, the code and the data in each application storage subarea can only be accessed by the access mode conforming to the access authority of the subarea, illegal access and tampering cannot be caused, and simultaneously, the out-of-range operation of the user can be effectively prevented.

Description

Micro control unit storage partitioning method, device, equipment and storage medium
Technical Field
The present application relates to the field of memory partitioning technologies, and in particular, to a method, an apparatus, a device, and a storage medium for partitioning a micro control unit memory.
Background
At present, along with the rapid development of the internet of things, the security has become an indispensable part of the internet of things, and very strict requirements are applied to the security of a micro control unit (Microcontroller Unit, MCU), and the access to a storage area (usually flash) in the control unit directly affects the security of the control unit. The micro control unit is used as a trusted platform module and is a device capable of independently generating and encrypting and decrypting the key, an independent processor and a storage unit are arranged in the device, the key and characteristic data can be stored, encryption and security authentication services are provided for a computer, the micro control unit is used for encryption, the key is stored in hardware, and the stolen data cannot be decrypted, so that business privacy and data security are protected. However, in the practical application process, there is a situation that one micro control unit stores data of multiple users at the same time and is accessed by the multiple users, so that the security of the data in the micro control unit is reduced, and therefore, in this situation, how to reasonably partition the micro control unit and protect the security of the data content in each storage partition is a problem to be solved urgently.
Disclosure of Invention
In view of the foregoing, an object of the present application is to provide a method, apparatus, device, and medium for partitioning a memory of a micro control unit, which can realize that codes and data in each application memory sub-area can only be accessed by an access manner conforming to the access authority of the sub-area, and cannot be illegally accessed and tampered, and can effectively prevent a user from crossing a boundary. The specific scheme is as follows:
in a first aspect, the present application discloses a method for partitioning a micro control unit memory, including:
obtaining partition configuration information;
performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users;
and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information.
Optionally, the performing area division on the flash main storage area of the micro control unit according to the partition configuration information includes:
according to the starting program size in the starting program partition configuration contained in the partition configuration information, carrying out region division on a flash main storage area of the micro control unit to obtain a starting program partition and a shared storage partition;
and carrying out region division on the shared memory partition according to the shared memory partition configuration contained in the partition configuration information to obtain sub-regions corresponding to different users.
Optionally, the obtaining partition configuration information includes:
obtaining partition configuration information by calling a preset program patch interface;
the partition configuration information comprises a starter partition configuration and a shared storage partition configuration; the shared memory partition configuration includes a number of regions and a region address, the number of regions being a number associated with a number of users, and the region addresses of different sub-regions being discontinuous.
Optionally, the access mode includes any one or more of user register access, static random access memory access, direct memory access, and debug interface access.
Optionally, the access operation authority includes any one or more of an address access authority, a read operation authority, a write operation authority and an erase operation authority.
Optionally, the configuring the access operation authority of each sub-region for different access modes according to the access authority configuration information includes:
according to the access authority configuration information, configuring the access operation authority of a target user register of a user corresponding to the subarea as an address access authority, a read operation authority, a write operation authority and an erase operation authority;
and configuring the access operation authority of the subarea aiming at the access modes except the access operation of the target user register as the access authority.
Optionally, after the configuring the access operation authority of each sub-area for different access modes according to the access authority configuration information, the method further includes:
and configuring illegal access alarm prompts for each subarea according to the configured access operation rights so as to generate corresponding illegal access alarm prompts when the subarea is accessed outside the access operation rights corresponding to the subarea.
In a second aspect, the present application discloses a micro control unit memory partitioning apparatus, comprising:
the partition configuration information acquisition module is used for acquiring partition configuration information;
the region division module is used for dividing the region of the flash main storage region of the micro control unit according to the partition configuration information so as to obtain sub regions corresponding to different users;
the access right configuration module is used for acquiring the access right configuration information corresponding to each subarea and configuring the access operation right of each subarea aiming at different access modes according to the access right configuration information.
In a third aspect, the present application discloses an electronic device, comprising:
a memory for storing a computer program;
and the processor is used for executing the computer program to realize the micro control unit storage partitioning method.
In a fourth aspect, the present application discloses a computer-readable storage medium for storing a computer program; wherein the computer program, when executed by the processor, implements the micro control unit memory partitioning method described previously.
In the application, the partition configuration information is obtained; performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users; and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information. Therefore, the area of the flash main storage area is divided and the access rights are set according to the access rights configuration information corresponding to each sub-area, so that the content of the on-chip storage area used by different users can be effectively protected, codes and data in each application storage sub-area can only be accessed by the access manner conforming to the access rights of the sub-area, illegal access and tampering can not be realized, and simultaneously the user out-of-range operation can be effectively prevented.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for partitioning a micro control unit memory according to the present application;
FIG. 2 is a schematic diagram of a partition structure of a micro control unit according to the present application;
FIG. 3 is a schematic diagram of a partition structure of a micro control unit according to the present application;
FIG. 4 is a flowchart of a method for partitioning a micro control unit memory according to one embodiment of the present application;
FIG. 5 is a schematic diagram of a memory partition device of a micro control unit according to the present application;
fig. 6 is a block diagram of an electronic device according to the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In the prior art, the security of the micro control unit is strictly required, the access to the storage area in the control unit directly affects the security of the control unit, and in the practical application process, the situation that one micro control unit stores data of multiple users simultaneously and is accessed by the multiple users exists, so that the security of the data in the micro control unit is reduced. In order to overcome the technical problems, the application provides a micro control unit memory partitioning method which can realize that codes and data in each application memory subarea can only be accessed by an access mode conforming to the access authority of the subarea, cannot be illegally accessed and tampered, and can effectively prevent user from crossing the boundary.
The embodiment of the application discloses a micro control unit memory partitioning method, which is shown in fig. 1, and can comprise the following steps:
step S11: and obtaining partition configuration information.
In this embodiment, partition configuration information is first acquired so as to divide the memory area in the micro control unit based on the partition configuration information. The partition configuration information comprises a starting program partition configuration and a shared storage partition configuration, the starting program partition configuration is used for dividing the starting program area stored in the storage area, the shared storage partition configuration is used for dividing the area stored with different user data in the storage area, the shared storage partition configuration comprises the number of areas and area addresses, the number of the areas is the number associated with the number of users, and the area addresses of the different sub-areas are discontinuous.
Step S12: and carrying out region division on the flash main storage area of the micro control unit according to the partition configuration information so as to obtain subareas corresponding to different users.
In this embodiment, after the partition configuration information is obtained, the flash main storage area of the micro control unit is divided into areas according to the partition configuration information, so as to obtain user sub-areas that do not overlap each other, that is, a plurality of user area divisions are performed on the flash in a single MCU chip according to the partition configuration information for the MCU.
In this embodiment, the obtaining partition configuration information may include: obtaining partition configuration information by calling a preset program patch interface; the partition configuration information comprises a starter partition configuration and a shared storage partition configuration; the shared memory partition configuration includes a number of regions and a region address, the number of regions being a number associated with a number of users, and the region addresses of different sub-regions being discontinuous.
In this embodiment, the performing area division on the flash main storage area of the micro control unit according to the partition configuration information may include: according to the starting program size in the starting program partition configuration contained in the partition configuration information, carrying out region division on a flash main storage area of the micro control unit to obtain a starting program partition and a shared storage partition; and carrying out region division on the shared memory partition according to the shared memory partition configuration contained in the partition configuration information to obtain sub-regions corresponding to different users.
For example, as shown in fig. 2, partition configuration information is obtained by calling a pre-reserved program patch interface, and a Boot program partition (Boot area in fig. 2) and a shared memory partition (Share area in fig. 2) are obtained by dividing according to the Boot program (Boot) size in the Boot program partition configuration contained in the partition configuration information, that is, the Boot program partition and the shared memory partition are divided by default after the Flash main memory area is powered on. In addition, in this embodiment, the area addresses of different sub-areas may be discontinuous, for example, as shown in fig. 3, when the number of areas is 3, that is, the corresponding storage areas need to be divided for 3 USERs, USER1, USER2, and USER3 are obtained according to the area address corresponding to each USER, that is, the starting address and the area size. Specifically, the corresponding sub-region addresses can be protected according to the number of the regions and the region addresses configured by the shared memory partition through a pre-written script, the user start address of the Share region can be unfixed, the software program ensures that the address ranges of the users cannot overlap, the address ranges cannot exceed the Flash range, and the region division can be realized through hardware design. Therefore, in the embodiment, the partition protection application design optimizes the division of the storage area of the micro control unit, so that a user can perform discontinuous address partition in the storage area.
Step S13: and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information.
In this embodiment, after the regions are divided, access authority configuration information corresponding to each sub-region is obtained, and access operation authorities of the sub-region facing different access modes are configured for the corresponding sub-region according to the access authority configuration information. In this embodiment, the access manner may include any one or more of a user register access, a static random access memory access, a direct memory access, and a debug interface access. In this embodiment, the access operation authority may include any one or more of an address access authority, a read operation authority, a write operation authority, and an erase operation authority. Therefore, the contents of the on-chip storage areas used by different users can be effectively protected, and the fact that codes and data in each application storage subarea can only be accessed by an access mode conforming to the access authority of the subarea is realized, and illegal access and tampering cannot be caused.
In this embodiment, after configuring the access operation rights of each sub-region for different access manners according to the access rights configuration information, the method may further include: and configuring illegal access alarm prompts for each subarea according to the configured access operation rights so as to generate corresponding illegal access alarm prompts when the subarea is accessed outside the access operation rights corresponding to the subarea. Namely, when each sub-area receives all corresponding unauthorized operations, an abnormal alarm is triggered, and the error of illegal access of a memory and a protected register can be indicated, so that the Flash partition protection function under multiple users is realized.
As can be seen from the above, in this embodiment, partition configuration information is obtained; performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users; and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information. Therefore, the area of the flash main storage area is divided and the access rights are set according to the access rights configuration information corresponding to each sub-area, so that the content of the on-chip storage area used by different users can be effectively protected, codes and data in each application storage sub-area can only be accessed by the access manner conforming to the access rights of the sub-area, illegal access and tampering can not be realized, and simultaneously the user out-of-range operation can be effectively prevented.
Based on the above embodiments, the embodiments of the present application disclose a specific method for partitioning a micro control unit memory, as shown in fig. 4, where the method may include the following steps:
step S21: and obtaining partition configuration information.
Step S22: and carrying out region division on the flash main storage area of the micro control unit according to the partition configuration information so as to obtain subareas corresponding to different users.
Step S23: and obtaining access authority configuration information corresponding to each sub-region.
Step S24: and configuring access operation authorities of target user registers of users corresponding to the subareas as address taking authorities, reading operation authorities, writing operation authorities and erasing operation authorities according to the access authority configuration information.
In this embodiment, according to the access authority configuration information, the access operation authority of the target user register used by the user corresponding to each sub-area is configured to be an address access authority, a read operation authority, a write operation authority and an erase operation authority. I.e. each user sub-area is configured to be accessible to all rights by the registers of that user. For example, taking User1, user2, user3 sub-regions as an example, as shown in table 1 below, before partitioning, user1, user2, and User3 are considered as the same region, and all Flash spaces default to User1; the access modes include User register access (User 1 code, user2 code, user3 code), static random access memory access (Sram code), direct memory access (DMA, direct Memory Access), debug interface access, which may include, but is not limited to, SWD interface access, JTAG interface access. Wherein, "I" represents an address authority, "R" represents a read operation authority, "W" represents a write operation authority, and "E" represents an erase operation authority. Therefore, the operation authority of each region of the Flash main storage region is managed through user region division, and the memory access control is realized. If the size of the User1 area is not set, the User1 area does not have an access right management function.
Table 1:
step S25: and configuring the access operation authority of the subarea aiming at the access modes except the access operation of the target user register as the access authority.
In this embodiment, the access operation authority of each sub-area for the access modes other than the access operation of the target User register corresponding to the sub-area is configured as the address access authority, that is, as shown in the above table 1, for example, only the User register of User1 may perform the address access, the read, the write and the erase operations on the User1 sub-area, and the static random access memory, the direct memory and the debug interface may only perform the address access operations on the User1 sub-area. Therefore, by configuring each user sub-region to be accessed by the register of the user and configuring the access authorities of other access modes as the address, different users in the chip can be prevented from directly reading or modifying Flash contents of other user regions through CPU instructions, and the exclusive authority protection of the user register is designated, so that independent spaces can be set for different applications to prevent user out-of-range operations; and, can set up the access right to debug interfaces such as SWD, JTAG, etc., and set up the access right to DMA access storage area data.
For the specific process of the step S21 to the step S23, reference may be made to the corresponding content disclosed in the foregoing embodiment, and a detailed description is omitted herein.
As can be seen from the above, in this embodiment, according to the access right configuration information, the access operation rights of the target user register of the user corresponding to the sub-region are configured as an address access right, a read operation right, a write operation right and an erase operation right; and configuring the access operation authority of the subarea aiming at the access modes except the access operation of the target user register as the access authority. The Flash content of other user areas can be prevented from being directly read or modified by different users in the chip through CPU instructions, and the exclusive authority protection of the user register is designated, so that independent spaces can be set for different applications, and out-of-range operation of the users is prevented.
Correspondingly, the embodiment of the application also discloses a micro-control unit storage partition device, which is shown in fig. 5, and comprises:
a partition configuration information acquisition module 11, configured to acquire partition configuration information;
the region division module 12 is configured to perform region division on the flash main memory area of the micro control unit according to the partition configuration information so as to obtain sub-regions corresponding to different users;
the access right configuration module 13 is configured to obtain access right configuration information corresponding to each sub-region, and configure access operation rights of each sub-region for different access modes according to the access right configuration information.
As can be seen from the above, in this embodiment, partition configuration information is obtained; performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users; and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information. Therefore, the area of the flash main storage area is divided and the access rights are set according to the access rights configuration information corresponding to each sub-area, so that the content of the on-chip storage area used by different users can be effectively protected, codes and data in each application storage sub-area can only be accessed by the access manner conforming to the access rights of the sub-area, illegal access and tampering can not be realized, and simultaneously the user out-of-range operation can be effectively prevented.
In some specific embodiments, the area dividing module 12 may specifically include:
the first dividing unit is used for dividing the area of the flash main storage area of the micro control unit according to the size of the starting program in the starting program partition configuration contained in the partition configuration information to obtain a starting program partition and a shared storage partition;
and the second dividing unit is used for dividing the shared memory partition according to the shared memory partition configuration contained in the partition configuration information to obtain subareas corresponding to different users.
In some embodiments, the partition configuration information obtaining module 11 may be specifically configured to obtain partition configuration information by calling a preset program patch interface;
wherein the partition configuration information comprises a starter partition configuration and a shared memory partition configuration; the shared memory partition configuration includes a number of regions and a region address, the number of regions being a number associated with a number of users, and the region addresses of different sub-regions being discontinuous.
In some embodiments, the access manner may specifically include any one or more of a user register access, a static random access memory access, a direct memory access, and a debug interface access.
In some specific embodiments, the access operation authority may specifically include any one or more of an address authority, a read operation authority, a write operation authority, and an erase operation authority.
In some specific embodiments, the access right configuration module 13 may specifically include:
the first authority configuration unit is used for configuring the access operation authority of the target user register of the user corresponding to the subarea into an address access authority, a read operation authority, a write operation authority and an erase operation authority according to the access authority configuration information;
and the second authority configuration unit is used for configuring the access operation authority of the subarea aiming at the access modes except the access operation of the target user register as the access authority.
In some embodiments, the micro-control unit storage partitioning apparatus may specifically include:
the alarm prompt configuration unit is used for configuring illegal access alarm prompts for each subarea according to the configured access operation authorities so as to generate corresponding illegal access alarm prompts when the subarea is accessed outside the access operation authorities corresponding to the subareas.
Further, the embodiment of the application also discloses an electronic device, and referring to fig. 6, the content in the drawing should not be considered as any limitation on the application scope of the application.
Fig. 6 is a schematic structural diagram of an electronic device 20 according to an embodiment of the present application. The electronic device 20 may specifically include: at least one processor 21, at least one memory 22, a power supply 23, a communication interface 24, an input output interface 25, and a communication bus 26. Wherein the memory 22 is configured to store a computer program that is loaded and executed by the processor 21 to implement the relevant steps of the micro control unit memory partitioning method disclosed in any of the foregoing embodiments.
In this embodiment, the power supply 23 is configured to provide an operating voltage for each hardware device on the electronic device 20; the communication interface 24 can create a data transmission channel between the electronic device 20 and an external device, and the communication protocol to be followed is any communication protocol applicable to the technical solution of the present application, which is not specifically limited herein; the input/output interface 25 is used for acquiring external input data or outputting external output data, and the specific interface type thereof may be selected according to the specific application requirement, which is not limited herein.
The memory 22 may be a carrier for storing resources, such as a read-only memory, a random access memory, a magnetic disk, or an optical disk, and the resources stored thereon include an operating system 221, a computer program 222, and data 223 including partition configuration information, and the storage may be temporary storage or permanent storage.
The operating system 221 is used for managing and controlling various hardware devices on the electronic device 20 and the computer program 222, so as to implement the operation and processing of the processor 21 on the mass data 223 in the memory 22, which may be Windows Server, netware, unix, linux, etc. The computer program 222 may further include a computer program that can be used to perform other specific tasks in addition to the computer program that can be used to perform the micro control unit memory partitioning method performed by the electronic device 20 disclosed in any of the previous embodiments.
Further, the embodiment of the application also discloses a computer storage medium, wherein the computer storage medium stores computer executable instructions, and when the computer executable instructions are loaded and executed by a processor, the steps of the micro control unit storage partitioning method disclosed in any embodiment are realized.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, so that the same or similar parts between the embodiments are referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing describes in detail a method, apparatus, device and medium for partitioning a micro control unit storage, and specific examples are applied to illustrate the principles and embodiments of the present application, where the foregoing examples are only for helping to understand the method and core idea of the present application; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present application, the present description should not be construed as limiting the present application in view of the above.

Claims (10)

1. A method for partitioning a memory of a micro control unit, comprising:
obtaining partition configuration information;
performing region division on a flash main storage area of the micro control unit according to the partition configuration information to obtain subareas corresponding to different users;
and acquiring access authority configuration information corresponding to each sub-region, and configuring access operation authorities of each sub-region aiming at different access modes according to the access authority configuration information.
2. The method for partitioning the memory of the micro control unit according to claim 1, wherein the partitioning the flash main memory area of the micro control unit according to the partition configuration information includes:
according to the starting program size in the starting program partition configuration contained in the partition configuration information, carrying out region division on a flash main storage area of the micro control unit to obtain a starting program partition and a shared storage partition;
and carrying out region division on the shared memory partition according to the shared memory partition configuration contained in the partition configuration information to obtain sub-regions corresponding to different users.
3. The method for partitioning the storage of a micro control unit according to claim 2, wherein the obtaining partition configuration information comprises:
obtaining partition configuration information by calling a preset program patch interface;
the partition configuration information comprises a starter partition configuration and a shared storage partition configuration; the shared memory partition configuration includes a number of regions and a region address, the number of regions being a number associated with a number of users, and the region addresses of different sub-regions being discontinuous.
4. The method of claim 1, wherein the access mode includes any one or more of a user register access, a static random access memory access, a direct memory access, and a debug interface access.
5. The method according to claim 4, wherein the access operation authority includes any one or more of an address authority, a read operation authority, a write operation authority, and an erase operation authority.
6. The method of claim 5, wherein the configuring access operation rights of each sub-region for different access manners according to the access rights configuration information includes:
according to the access authority configuration information, configuring the access operation authority of a target user register of a user corresponding to the subarea as an address access authority, a read operation authority, a write operation authority and an erase operation authority;
and configuring the access operation authority of the subarea aiming at the access modes except the access operation of the target user register as the access authority.
7. The method for partitioning a micro control unit storage according to any one of claims 1 to 6, wherein after said configuring access operation rights of each of said sub-areas for different access manners according to said access rights configuration information, further comprises:
and configuring illegal access alarm prompts for each subarea according to the configured access operation rights so as to generate corresponding illegal access alarm prompts when the subarea is accessed outside the access operation rights corresponding to the subarea.
8. A micro-control unit memory partitioning apparatus, comprising:
the partition configuration information acquisition module is used for acquiring partition configuration information;
the region division module is used for dividing the region of the flash main storage region of the micro control unit according to the partition configuration information so as to obtain sub regions corresponding to different users;
the access right configuration module is used for acquiring the access right configuration information corresponding to each subarea and configuring the access operation right of each subarea aiming at different access modes according to the access right configuration information.
9. An electronic device, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the micro control unit memory partitioning method of any one of claims 1 to 7.
10. A computer-readable storage medium storing a computer program; wherein the computer program when executed by a processor implements the micro control unit memory partitioning method of any one of claims 1 to 7.
CN202210181599.8A 2022-02-25 2022-02-25 Micro control unit storage partitioning method, device, equipment and storage medium Pending CN116702161A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210181599.8A CN116702161A (en) 2022-02-25 2022-02-25 Micro control unit storage partitioning method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210181599.8A CN116702161A (en) 2022-02-25 2022-02-25 Micro control unit storage partitioning method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116702161A true CN116702161A (en) 2023-09-05

Family

ID=87822696

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210181599.8A Pending CN116702161A (en) 2022-02-25 2022-02-25 Micro control unit storage partitioning method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116702161A (en)

Similar Documents

Publication Publication Date Title
EP3937525B1 (en) Methods, apparatuses, devices and systems for backtracking service behavior
US9560026B1 (en) Secure computer operations
JP5149195B2 (en) Mobile security system and method
JP6286034B2 (en) Process authentication and resource permissions
US6449720B1 (en) Public cryptographic control unit and system therefor
CN106997439B (en) TrustZone-based data encryption and decryption method and device and terminal equipment
US6539480B1 (en) Secure transfer of trust in a computing system
JP6921831B2 (en) Associating user accounts with corporate workspaces
Arfaoui et al. Trusted execution environments: A look under the hood
US20030061494A1 (en) Method and system for protecting data on a pc platform using bulk non-volatile storage
CN104318176B (en) Data management method and device for terminal and terminal
CN108351922B (en) Method, system, and medium for applying rights management policies to protected files
US10735190B1 (en) Persistent TPM-based identifier and key pair
US20100229219A1 (en) Detecting unauthorized computer access
US11063922B2 (en) Virtual content repository
CN112384922B (en) Encryption key distribution
US11849038B2 (en) Self-service device encryption key access
US20080313471A1 (en) Electronic system and digital right management methods thereof
US10606813B2 (en) Systems and methods for securely managing program execution
US10218713B2 (en) Global attestation procedure
CN108009432B (en) Management method, device and equipment for accessing storage system
CN116702161A (en) Micro control unit storage partitioning method, device, equipment and storage medium
WO2022100247A1 (en) Method for switching execution environment and related device
CN111357003A (en) Data protection in a pre-operating system environment
US20240022418A1 (en) Cryptographic processing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination