CN116820605A - Baseboard management controller safety starting method, device, equipment and storage medium - Google Patents

Abstract

The application relates to a method, a device, equipment and a storage medium for safely starting a baseboard management controller. The method comprises the following steps: setting a master image and a backup image for starting a baseboard management controller; when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image; when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image; and after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time. By adopting the method, the safe starting of the baseboard management controller can be ensured, and the mirror recovery starting can be realized under the condition of single mirror image or double mirror images abnormality.

Description

Baseboard management controller safety starting method, device, equipment and storage medium

Technical Field

The present application relates to the field of server technologies, and in particular, to a method and apparatus for safely starting a baseboard management controller, a computer device, and a storage medium.

Background

Platform management represents a series of monitoring and control functions, the object of operation being the system hardware. Such as by monitoring the temperature, voltage, fans, power supplies, etc. of the system and making corresponding adjustments to ensure that the system is in a healthy state. Of course, if the system is not normal, the system can be restarted by resetting. Meanwhile, platform management is also responsible for recording information and log records of various hardware and is used for prompting a user and positioning subsequent problems.

These functions may be integrated into a controller called a Baseboard Management Controller (BMC). It should be noted that, the BMC is an independent system, and does not depend on other hardware on the system, such as a CPU, a memory, and the like, nor depends on BIOS (basic input output system), OS (operating system), and the like, but the BMC may interact with the BIOS and the OS, so that a better platform management effect may be achieved, and system management software under the OS may cooperate with the BMC to achieve a better management effect.

At present, BMC is widely applied to the fields of servers and switch equipment, and in order to save cost, a flash memory mode is generally adopted, namely, only one flash memory (flash) chip stores BMC images, so that the problem that the BMC images cannot be started normally once the BMC image information is destroyed exists; in mass production products, BMC chips are welded on BMC board cards, and once the BMC chips are started abnormally, the work of re-burning the mirror images becomes abnormal and troublesome; in the daily development and debugging process, a BMC mirror image debugging scene exists, the debugging mirror image cannot be ensured to be started normally, and further the defects of the mode are further amplified.

In order to avoid the problem that a single mirror image fails and cannot be started, some products adopt a double-mirror image design, but the strategy is too simple, and the mirror image is switched to the standby mirror image through a hardware timeout strategy only when the main mirror image cannot be started, so that the standby mirror image is not conscious whether the standby mirror image can be normally started or not and whether the main mirror image can be automatically recovered or not.

Disclosure of Invention

Based on the above, it is necessary to provide a method, an apparatus, a computer device and a storage medium for safely starting a baseboard management controller, which adopt a dual-image design mode, and provide an abnormal image self-recovery mechanism and an escape upgrade means while ensuring that a standby image can be started when an image is started abnormally by a hardware timeout mechanism, and ensure that the image can still be recovered to be normal when the image is tampered or destroyed illegally by multiple strategies together, so as to ensure that the baseboard management controller is started safely.

In one aspect, a method for safely starting a baseboard management controller is provided, the method comprising:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

and after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

In one embodiment, the step of setting the primary image and the backup image for the baseboard management controller to start includes:

setting a master image and a backup image, wherein the master image and the backup image comprise an image bootstrap program, a kernel and a file system;

writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

when the baseboard management controller is started, the mirror image bootstrap program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the duration of starting the baseboard management controller by adopting the main mirror image.

In one embodiment, after the backup image is used to start the baseboard management controller, if the master image is checked to be abnormal, the method further includes:

and deleting the master image and storing the backup image copy as a new master image.

In one embodiment, the step of deleting the master image and saving the backup image copy as a new master image includes:

acquiring a storage position of a main mirror image in a main mirror image flash memory chip;

deleting the master mirror stored in the master mirror flash memory chip;

and copying the backup image to a storage position of the main image flash memory chip and storing the backup image as a new main image.

In one embodiment, the method further comprises:

in response to the time period for starting the baseboard management controller by the master image exceeding the first time period, and the time period for starting the baseboard management controller by the backup image exceeding the first time period, starting the baseboard management controller by the master image and the backup image again;

and in response to the total number of times of starting the baseboard management controller by adopting the master mirror image and the backup mirror image being larger than a first threshold value, starting the baseboard management controller by adopting a network boot memory mirror image in a common file transfer protocol mode.

In one embodiment, the step of booting the memory image to start the baseboard management controller through the network in the normal file transfer protocol mode includes:

loading the memory mirror image in a common file transfer protocol mode;

deleting the backup image and storing the memory image copy as a new backup image;

the baseboard management controller is started with the new backup image.

In one embodiment, when the total number of times of starting the baseboard management controller by adopting the master image and the backup image is greater than the first threshold, the step of starting the baseboard management controller by the network boot memory image in a common file transfer protocol mode further includes:

when a new backup mirror image is adopted to start the baseboard management controller, the baseboard management controller is controlled to restart;

and deleting the master image and saving a new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

In another aspect, there is provided a baseboard management controller safety initiation device, the device comprising:

The double-mirror image setting module is used for setting a main mirror image and a backup mirror image for starting the baseboard management controller;

a controller start module for starting the baseboard management controller by using the main mirror image when the baseboard management controller is started;

the mirror image switching module is used for starting the baseboard management controller by adopting the backup mirror image when the time for starting the baseboard management controller by adopting the master mirror image exceeds the first time and the baseboard management controller is not started;

and the abnormal starting control module is used for checking whether the primary mirror image is abnormal after the backup mirror image is adopted to start the baseboard management controller, and if so, setting that the time for starting the baseboard management controller by adopting the primary mirror image exceeds the second time without starting the baseboard management controller, and starting the baseboard management controller by adopting the backup mirror image, wherein the second time is smaller than the first time.

In yet another aspect, a computer device is provided comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

When the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

and after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

In yet another aspect, a computer readable storage medium is provided, having stored thereon a computer program which when executed by a processor performs the steps of:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

and after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

According to the method, the device, the computer equipment and the storage medium for safely starting the baseboard management controller, the double-mirror design mode is adopted, the standby mirror image can be started when the mirror image is started abnormally through the hardware timeout mechanism, the abnormal mirror image self-recovery mechanism and the escape upgrading means are provided, the multiple strategies jointly ensure that the mirror image can still be recovered to be normal when the mirror image is illegally tampered or destroyed, the baseboard management controller is ensured to be safely started, the mirror image recovery can be realized under the condition that the single mirror image or the double mirror images are abnormal, and the debugging efficiency and the product stability in the research and development process are greatly improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a diagram of an application environment for a baseboard management controller secure boot method in one embodiment;

FIG. 2 is a flow chart of a method for secure boot of a baseboard management controller according to one embodiment;

FIG. 3 is a flowchart illustrating steps for providing a master image and a backup image for baseboard management controller startup in one embodiment;

FIG. 4 is a flow diagram of the steps of deleting a master image and saving a backup image copy as a new master image in one embodiment;

FIG. 5 is a flowchart illustrating steps performed by a network boot memory mirror to boot a baseboard management controller according to a common file transfer protocol mode in response to a total number of times the baseboard management controller is booted by a primary mirror and a backup mirror being greater than a first threshold;

FIG. 6 is a block diagram of a baseboard management controller security initiation device in one embodiment;

fig. 7 is an internal structural diagram of a computer device in one embodiment.

Detailed Description

The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.

Example 1

The embodiment 1 of the application creatively provides a safe starting method of a baseboard management controller, adopts a double-mirror design mode, and provides an abnormal mirror image self-recovery mechanism and an escape upgrading means while ensuring that a standby mirror image can be started when the mirror image is started abnormally through a hardware timeout mechanism, and multiple strategies jointly ensure that the BMC mirror image can still be recovered to be normal when the BMC mirror image is illegally tampered or destroyed.

(1) Dual mirror switching mechanism

The BMC image contains three parts, U-boot, kernel (kernel) and file system. The U-boot is a mirror image bootstrap program, and when the U-boot starts normal booting, the watchdog timing function of the BMCAspeed chip is started, and the function of the watchdog is a time countdown counter. For example, the watchdog timeout time is 60 seconds, the U-boot starts the boot image program to start timing, if the kernel information is not successfully booted within 60 seconds, the watchdog will not close and timeout. The BMCAspeed chip is set to switch the spi interface to the standby flash information by overtime action, namely, the flash is started continuously from the standby flash, so that the double-mirror image switching logic is realized.

In addition, if the U-boot successfully guides the kernel information, the kernel starting program can update the watchdog timeout time again, namely, the kernel starting process timeout time is set, so that the problem that the starting process is blocked and the mirror image cannot be switched due to the fact that information systems such as kernel panic and the like appear in the kernel starting process is avoided.

The exception of any step in the mirror image starting process is ensured through the time-out mechanism limitation of the U-boot process and the kernel process, and the mirror image switching mechanism can be triggered.

(2) Mirror image anomaly recovery mechanism

The BMC can be started from the master image under normal conditions, but when the master image is started abnormally, an image switching mechanism is started, and if the standby image can be started normally, the starting process is completed by the standby image. After the starting is finished, the BMC performs self-checking according to the expected chip register, detects the starting time of the current mirror image, whether the mirror image is started overtime or not and the like, and determines that the starting main mirror image is in an abnormal state once the starting time is found to exceed the expected time of normal starting and the mirror image starting sequence is not manually switched, so that the starting main mirror image needs to be recovered immediately, and the problem that the starting time is overlong due to the fact that the mirror image switching mechanism is started again in the next starting is avoided.

The specific implementation process of the BMC main image recovery mechanism is as follows:

the BMC starts from the standby mirror image at the time, firstly, performs all erasing actions on the flash memory (flash) information of the main mirror image, then, copies and stores the standby mirror image content to a/var/log directory through a dd command, and independently stores the configuration related partition; and finally, the copy mirror image and the configuration information are written into the main mirror image flash chip according to the partition position again.

(3) The escape method comprises the following steps: BMC for upgrading U-boot

The two strategies can cope with the situation that the main image cannot be started due to abnormality, but the standby image can be started normally; if the standby mirror image is not started, the BMC can not be updated and recovered on line, the BMC chip can only be taken down from the main board, and the BMC chip can be refreshed off line by using the burner, so that a large amount of manpower and material resources are wasted. Therefore, the escape method for upgrading the BMC by the U-boot can trigger the recovery strategy of the U-boot image of the standby image even if the standby image cannot be started.

Firstly, a U-boot part in a BMC image is burnt on a flash chip protection partition, namely, no matter how the image is damaged, a U-boot starting program is not affected. When the primary image fails to start and the standby image also fails to start, the specific implementation steps are as follows:

1. starting the main mirror image, triggering a mirror image switching mechanism to switch to the standby mirror image for starting due to abnormal mirror images;

2. the standby image continues to start, but the image is also abnormal, cannot start normally, and triggers an image switching mechanism, so that the system tries to start from the main image again.

3. The master image is started again, the U-boot startup procedure detects the expected register information in the startup process, and the backup image can be judged to be unable to be started normally by finding the image switching mechanism triggered by the two times of watchdog overtime.

4. The master image U-boot triggers an image recovery mechanism, the BMC image can be loaded into BMC memory information through tftp, and then the U-boot guides the BMC image loaded in the memory, but not the abnormal image which cannot be started in the master flash chip. After the memory image is successfully guided, the BMC self-checking process can find out multiple image starting failure information so as to trigger an image abnormal recovery mechanism.

5. When the mirror image exception recovery mechanism is triggered, the BMC is started from the main mirror image position at the moment, but the mirror image in the main flash machine chip is not loaded, but the mirror image is loaded into the memory in a common file transfer protocol mode. A common file transfer protocol (TrivialFileTransferProtocol, TFTP) is used to provide the boot image for the client. Theoretically, any server, on any platform, can be used as long as these protocols are implemented. Therefore, when the abnormal image recovery mechanism is triggered, the standby image of the BMC is erased and rewritten. After the mirror image recovery is completed, the standby mirror image is recovered to be normal, and an abnormal mirror image recovery mechanism is started for the main mirror image when the standby mirror image is started next time.

In summary, the present embodiment has the following main contents:

(1) Switching between two physical Flash through WATCHDOG timeout mechanism; even if any FLASH image content is completely destroyed, another standby image can ensure the normal starting of the BMC, and the problem that the BMC cannot be started under the serious destruction condition that a single FLASH is erased and the like is solved.

(2) By the mirror image recovery mechanism, when the problem that the FLASH fails in mirror image starting is perceived, the abnormal mirror image can be automatically recovered, and the problem of abnormal starting of the mirror image is solved when the FLASH is started next time.

(3) And reserving a U-boot upgrading escape means, wherein even if two physical FLASH are verified and destroyed and cannot be started, the U-boot program on the partition can be protected, the network is used for guiding the image to start in a tftp mode, and after the image is started, the user can start.

In the safe starting method of the baseboard management controller, a double-mirror design mode is adopted, the standby mirror image can be started when the mirror image is started abnormally through a hardware timeout mechanism, an abnormal mirror image self-recovery mechanism and an escape upgrading means are provided, multiple strategies jointly ensure that the mirror image can still be recovered to be normal when the mirror image is illegally tampered or destroyed, the safe starting of the baseboard management controller is ensured, the mirror image recovery can be realized under the condition that the single mirror image or the double mirror images are abnormal, and the debugging efficiency and the product stability in the research and development process are greatly improved.

Example 2

The method for safely starting the baseboard management controller can be applied to an application environment shown in figure 1. The master mirror image flash memory chip 1 and the backup mirror image flash memory chip 2 are respectively written with the master mirror image and the backup mirror image, the master mirror image and the backup mirror image can both start the baseboard management controller 3 (BMC), the baseboard management controller 3 (BMC) is a chip, in addition, a guide image can be provided for the baseboard management controller 3 (BMC) through a common file transfer protocol (TrivialFileTransferProtocol, TFTP), the guide image is a memory mirror image, and the guide image is stored in the guide memory 4, and is not the master mirror image and the backup mirror image stored in the master mirror image flash memory chip 1 and the backup mirror image flash memory chip 2.

In one embodiment, as shown in fig. 2, a method for safely starting a baseboard management controller is provided, and the method is applied to the structure in fig. 1 for illustration, and includes the following steps:

step S1, setting a main mirror image and a backup mirror image for starting a baseboard management controller;

step S2, when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

step S3, when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time, starting the baseboard management controller by adopting the backup mirror image;

and S4, after the backup mirror image is adopted to start the baseboard management controller, checking whether the main mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the main mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time, and starting the baseboard management controller by adopting the backup mirror image.

By setting the second time length smaller than the first time length, the application can enable the backup mirror image to be recovered immediately in the process of starting the baseboard management controller when the primary mirror image is abnormal, and avoid overlong starting time caused by starting the mirror image switching mechanism again in the next starting.

As shown in fig. 3, in this embodiment, the steps of setting the primary mirror and the backup mirror for the baseboard management controller to start include:

step S11, setting a master image and a backup image to comprise an image bootstrap program, a kernel and a file system;

step S12, writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

step S13, when the baseboard management controller is started, the mirror image guiding program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the time for starting the baseboard management controller by adopting the main mirror image.

The time countdown counter is a watchdog timing function of the BMCAspeed chip, for example, the watchdog timeout time is 60 seconds, the U-boot starts the boot mirror program to start timing, and if the kernel information is not successfully booted within 60 seconds, the watchdog cannot be closed and times out. The BMCAspeed chip is set to switch the spi interface to the standby flash information by overtime action, namely, the flash is started continuously from the standby flash, so that the double-mirror image switching logic is realized.

In this embodiment, after the backup image is adopted to start the baseboard management controller, if the master image is checked to be abnormal, the method further includes:

And deleting the master image and storing the backup image copy as a new master image.

By deleting the master image and storing the backup image copy as a new master image, when the starting abnormality of the master image occurs, an image switching mechanism is started, and if the standby image can be started normally, the standby image covers the master image to realize BMC master image recovery.

As shown in fig. 4, in this embodiment, the step of deleting the primary image and saving the backup image copy as a new primary image includes:

step S41, obtaining the storage position of the main mirror image in the main mirror image flash memory chip;

step S42, deleting the master mirror stored in the master mirror flash memory chip;

in step S43, the backup image is copied to the storage location of the flash memory chip of the primary image and stored as a new primary image.

Specifically, the BMC starts from the standby mirror image, firstly performs all erasing actions on flash memory (flash) information of the main mirror image, then performs mirror image copying and storing to a/var/log directory through dd command on the standby mirror image content, and independently stores the configuration related partition; and finally, the copy mirror image and the configuration information are written into the main mirror image flash chip according to the partition position again. The way to save the backup image copy as a new master image is very convenient.

As shown in fig. 2, in this embodiment, the method further includes:

step S5, in response to the fact that the time length of starting the baseboard management controller by the master mirror image exceeds the first time length, and when the time length of starting the baseboard management controller by the backup mirror image exceeds the first time length, starting the baseboard management controller by the master mirror image and the backup mirror image again;

and S6, in response to the total times of starting the baseboard management controller by adopting the master mirror image and the backup mirror image being larger than a first threshold value, starting the baseboard management controller by adopting the network boot memory mirror image in a common file transfer protocol mode.

The method is to reserve a U-boot upgrading escape means, even if two physical FLASH are verified and destroyed and cannot be started, the U-boot program on the partition can be protected, the network is used for guiding the image to start in a tftp mode, and after the image is started.

It can be understood that the application can not only adopt the network boot memory mirror image of the common file transfer protocol (tftp) mode to start the baseboard management controller, but also adopt remote control to upgrade the main mirror image and the backup mirror image for starting the baseboard management controller at the same time, and can also upgrade the main mirror image and the backup mirror image for starting the baseboard management controller at the same time in an external U-disk mode, thus being capable of directly covering the main mirror image and the backup mirror image which are destroyed to generate errors and increasing the reliability of the system.

As shown in fig. 5, in this embodiment, the step of booting the memory mirror to start the baseboard management controller through the network in the normal file transfer protocol manner includes:

step S61, loading the memory mirror image in a common file transfer protocol mode;

step S62, deleting the backup image, and storing the memory image copy as a new backup image;

in step S63, the baseboard management controller is started up by using the new backup image.

The master image U-boot triggers an image recovery mechanism, the BMC image can be loaded into BMC memory information through tftp, and then the U-boot guides the BMC image loaded in the memory, but not the abnormal image which cannot be started in the master flash chip. After the memory image is successfully guided, the BMC self-checking process can find out multiple image starting failure information so as to trigger an image abnormal recovery mechanism.

As shown in fig. 2, in this embodiment, when the total number of times of starting the baseboard management controller by using the primary mirror and the backup mirror is greater than the first threshold, the step of starting the baseboard management controller by booting the memory mirror through the network in the normal file transfer protocol manner further includes:

Step S7, after the baseboard management controller is started by adopting the new backup mirror image, the baseboard management controller is controlled to restart;

and S8, deleting the master image and saving the new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

When the mirror image exception recovery mechanism is triggered, the BMC is started from the main mirror image position at the moment, but the mirror image in the main flash machine chip is not loaded, but the mirror image is loaded into the memory in a common file transfer protocol mode. A common file transfer protocol (Trivial File Transfer Protocol, TFTP) is used to provide the boot image for the client. Theoretically, any server, on any platform, can be used as long as these protocols are implemented. Therefore, when the abnormal image recovery mechanism is triggered, the standby image of the BMC is erased and rewritten. After the mirror image recovery is completed, the standby mirror image is recovered to be normal, and an abnormal mirror image recovery mechanism is started for the main mirror image when the standby mirror image is started next time. After the backup image is updated, the backup image is started again, the main image is automatically deleted, and a new backup image copy is stored as a new main image, so that the simultaneous updating of the main image is avoided.

In the safe starting method of the baseboard management controller, a double-mirror design mode is adopted, the standby mirror image can be started when the mirror image is started abnormally through a hardware timeout mechanism, an abnormal mirror image self-recovery mechanism and an escape upgrading means are provided, multiple strategies jointly ensure that the mirror image can still be recovered to be normal when the mirror image is illegally tampered or destroyed, the safe starting of the baseboard management controller is ensured, the mirror image recovery can be realized under the condition that the single mirror image or the double mirror images are abnormal, and the debugging efficiency and the product stability in the research and development process are greatly improved.

It should be understood that, although the steps in the flowcharts of fig. 2-5 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in fig. 2-5 may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the sub-steps or stages are performed necessarily occur in sequence, but may be performed alternately or alternately with at least a portion of the other steps or sub-steps of other steps.

In one embodiment, as shown in fig. 6, there is provided a baseboard management controller security initiation device 10, comprising: the system comprises a double-mirror image setting module 1, a controller starting module 2, a mirror image switching module 3 and an abnormal starting control module 4.

The dual-mirror setting module 1 is used for setting a master mirror image and a backup mirror image for starting the baseboard management controller.

The controller activation module 2 is configured to activate the baseboard management controller using the primary mirror when the baseboard management controller is activated.

The mirror image switching module 3 is configured to activate the baseboard management controller by using the backup mirror image when the duration of activating the baseboard management controller by using the primary mirror image exceeds the first duration.

The abnormal starting control module 4 is configured to, after the backup mirror image is used to start the baseboard management controller, check whether the primary mirror image is abnormal, if yes, set that the duration of starting the baseboard management controller by the primary mirror image exceeds a second duration, and start the baseboard management controller by the backup mirror image, where the second duration is less than the first duration.

In this embodiment, the dual-image setting module 1 is configured to set a primary image and a backup image for starting up a baseboard management controller, and includes:

Setting a master image and a backup image, wherein the master image and the backup image comprise an image bootstrap program, a kernel and a file system;

writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

when the baseboard management controller is started, the mirror image bootstrap program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the duration of starting the baseboard management controller by adopting the main mirror image.

In this embodiment, the abnormal start control module 4 is configured to, after starting the baseboard management controller by using the backup image, if the master image is checked to be abnormal, further include:

and deleting the master image and storing the backup image copy as a new master image.

In this embodiment, the step of deleting the primary image and saving the backup image copy as a new primary image includes:

acquiring a storage position of a main mirror image in a main mirror image flash memory chip;

deleting the master mirror stored in the master mirror flash memory chip;

and copying the backup image to a storage position of the main image flash memory chip and storing the backup image as a new main image.

In this embodiment, the baseboard management controller security initiation device 10 further includes: and a mirror repair module 5.

The mirror image switching module 3 starts the baseboard management controller by adopting the main mirror image and the backup mirror image when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started by adopting the backup mirror image;

and the mirror image restoration module 5 is used for starting the baseboard management controller by guiding the memory mirror image through the network in a common file transmission protocol mode in response to the total times of starting the baseboard management controller by adopting the main mirror image and the backup mirror image is larger than a first threshold value.

In this embodiment, when the total number of times of starting the baseboard management controller by using the master image and the backup image is greater than the first threshold, the step of starting the baseboard management controller by using the network boot memory image in the normal file transfer protocol manner includes:

loading the memory mirror image in a common file transfer protocol mode;

deleting the backup image and storing the memory image copy as a new backup image;

the baseboard management controller is started with the new backup image.

In this embodiment, when the total number of times of starting the baseboard management controller by using the master image and the backup image is greater than the first threshold, the image repairing module 5 further includes, after the step of starting the baseboard management controller by using the network boot memory image in the normal file transfer protocol manner:

When a new backup mirror image is adopted to start the baseboard management controller, the baseboard management controller is controlled to restart;

and deleting the master image and saving a new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

In the safety starting device of the baseboard management controller, a double-mirror design mode is adopted, the standby mirror image can be started when the mirror image is started abnormally through a hardware timeout mechanism, an abnormal mirror image self-recovery mechanism and an escape upgrading means are provided, multiple strategies jointly ensure that the mirror image can still be recovered to be normal when the mirror image is illegally tampered or destroyed, the safety starting of the baseboard management controller is ensured, the mirror image recovery can be realized under the condition that the single mirror image or the double mirror images are abnormal, and the debugging efficiency and the product stability in the research and development process are greatly improved.

The specific limitation of the baseboard management controller security initiation device can be referred to above for the limitation of the baseboard management controller security initiation method, and will not be described herein. The above-mentioned each module in the baseboard management controller safety starting device can be realized by all or part of software, hardware and combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.

In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 7. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing the baseboard management controller security initiation data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program when executed by a processor implements a baseboard management controller secure boot method.

It will be appreciated by those skilled in the art that the structure shown in FIG. 7 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

In one embodiment, a computer device is provided comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of when executing the computer program:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

and after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

In one embodiment, the processor when executing the computer program further performs the steps of:

the step of setting the master image and the backup image for starting the baseboard management controller comprises the following steps:

setting a master image and a backup image, wherein the master image and the backup image comprise an image bootstrap program, a kernel and a file system;

Writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

when the baseboard management controller is started, the mirror image bootstrap program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the duration of starting the baseboard management controller by adopting the main mirror image.

In one embodiment, the processor when executing the computer program further performs the steps of:

when the backup mirror image is adopted to start the baseboard management controller and the master mirror image is checked to be abnormal, the method further comprises the following steps:

and deleting the master image and storing the backup image copy as a new master image.

In one embodiment, the processor when executing the computer program further performs the steps of:

the step of deleting the master image and storing the backup image copy as a new master image includes:

acquiring a storage position of a main mirror image in a main mirror image flash memory chip;

deleting the master mirror stored in the master mirror flash memory chip;

and copying the backup image to a storage position of the main image flash memory chip and storing the backup image as a new main image.

In one embodiment, the processor when executing the computer program further performs the steps of:

The method further comprises the steps of:

in response to the time period for starting the baseboard management controller by the master image exceeding the first time period, and the time period for starting the baseboard management controller by the backup image exceeding the first time period, starting the baseboard management controller by the master image and the backup image again;

and in response to the total number of times of starting the baseboard management controller by adopting the master mirror image and the backup mirror image being larger than a first threshold value, starting the baseboard management controller by adopting a network boot memory mirror image in a common file transfer protocol mode.

In one embodiment, the processor when executing the computer program further performs the steps of:

when the total times of starting the baseboard management controller by adopting the main mirror image and the backup mirror image is larger than a first threshold value, the step of starting the baseboard management controller by adopting the network boot memory mirror image in a common file transfer protocol mode comprises the following steps:

loading the memory mirror image in a common file transfer protocol mode;

deleting the backup image and storing the memory image copy as a new backup image;

the baseboard management controller is started with the new backup image.

In one embodiment, the processor when executing the computer program further performs the steps of:

When the total times of starting the baseboard management controller by adopting the main mirror image and the backup mirror image is larger than a first threshold value, the step of starting the baseboard management controller by the network boot memory mirror image in a common file transfer protocol mode further comprises the following steps:

when a new backup mirror image is adopted to start the baseboard management controller, the baseboard management controller is controlled to restart;

and deleting the master image and saving a new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

The specific limitation concerning the implementation steps of the processor when executing the computer program may be referred to as limitation of the method for secure booting of the baseboard management controller, which is not described herein.

In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

And after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

In one embodiment, the computer program when executed by the processor further performs the steps of:

the step of setting the master image and the backup image for starting the baseboard management controller comprises the following steps:

setting a master image and a backup image, wherein the master image and the backup image comprise an image bootstrap program, a kernel and a file system;

writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

when the baseboard management controller is started, the mirror image bootstrap program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the duration of starting the baseboard management controller by adopting the main mirror image.

In one embodiment, the computer program when executed by the processor further performs the steps of:

when the backup mirror image is adopted to start the baseboard management controller and the master mirror image is checked to be abnormal, the method further comprises the following steps:

And deleting the master image and storing the backup image copy as a new master image.

In one embodiment, the computer program when executed by the processor further performs the steps of:

the step of deleting the master image and storing the backup image copy as a new master image includes:

acquiring a storage position of a main mirror image in a main mirror image flash memory chip;

deleting the master mirror stored in the master mirror flash memory chip;

and copying the backup image to a storage position of the main image flash memory chip and storing the backup image as a new main image.

In one embodiment, the computer program when executed by the processor further performs the steps of:

the method further comprises the steps of:

in response to the time period for starting the baseboard management controller by the master image exceeding the first time period, and the time period for starting the baseboard management controller by the backup image exceeding the first time period, starting the baseboard management controller by the master image and the backup image again;

and in response to the total number of times of starting the baseboard management controller by adopting the master mirror image and the backup mirror image being larger than a first threshold value, starting the baseboard management controller by adopting a network boot memory mirror image in a common file transfer protocol mode.

In one embodiment, the computer program when executed by the processor further performs the steps of:

when the total times of starting the baseboard management controller by adopting the main mirror image and the backup mirror image is larger than a first threshold value, the step of starting the baseboard management controller by adopting the network boot memory mirror image in a common file transfer protocol mode comprises the following steps:

loading the memory mirror image in a common file transfer protocol mode;

deleting the backup image and storing the memory image copy as a new backup image;

the baseboard management controller is started with the new backup image.

In one embodiment, the computer program when executed by the processor further performs the steps of:

when the total times of starting the baseboard management controller by adopting the main mirror image and the backup mirror image is larger than a first threshold value, the step of starting the baseboard management controller by the network boot memory mirror image in a common file transfer protocol mode further comprises the following steps:

when a new backup mirror image is adopted to start the baseboard management controller, the baseboard management controller is controlled to restart;

and deleting the master image and saving a new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

For specific limitations regarding implementation steps of the computer program when executed by the processor, reference may be made to the above limitation of the method for secure booting of the baseboard management controller, which is not repeated here.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims (10)

1. A method for safely starting a baseboard management controller, comprising:

setting a master image and a backup image for starting a baseboard management controller;

when the baseboard management controller is started, starting the baseboard management controller by adopting the main mirror image;

when the time for starting the baseboard management controller by adopting the main mirror image exceeds the first time and the baseboard management controller is not started, starting the baseboard management controller by adopting the backup mirror image;

And after the backup mirror image is adopted to start the baseboard management controller, checking whether the master mirror image is abnormal, and if so, setting that the time for starting the baseboard management controller by adopting the master mirror image exceeds a second time without starting the baseboard management controller, wherein the second time is smaller than the first time.

2. The baseboard management controller security startup method of claim 1, wherein the step of setting up a primary mirror and a backup mirror for baseboard management controller startup comprises:

setting a master image and a backup image, wherein the master image and the backup image comprise an image bootstrap program, a kernel and a file system;

writing the master image and the backup image into the master image flash memory chip and the backup image flash memory chip respectively;

when the baseboard management controller is started, the mirror image bootstrap program guides the kernel to start the baseboard management controller, and a countdown counter in the baseboard management controller is started to count the duration of starting the baseboard management controller by adopting the main mirror image.

3. The baseboard management controller security startup method of claim 2, wherein after starting the baseboard management controller by using the backup image, if the master image is checked to be abnormal, further comprising:

And deleting the master image and storing the backup image copy as a new master image.

4. The baseboard management controller security startup method of claim 3, wherein the step of deleting the master image and saving the backup image copy as a new master image comprises:

acquiring a storage position of a main mirror image in a main mirror image flash memory chip;

deleting the master mirror stored in the master mirror flash memory chip;

and copying the backup image to a storage position of the main image flash memory chip and storing the backup image as a new main image.

5. The baseboard management controller secure launch method of claim 1, further comprising:

in response to the time period for starting the baseboard management controller by the master image exceeding the first time period, and the time period for starting the baseboard management controller by the backup image exceeding the first time period, starting the baseboard management controller by the master image and the backup image again;

and in response to the total number of times of starting the baseboard management controller by adopting the master mirror image and the backup mirror image being larger than a first threshold value, starting the baseboard management controller by adopting a network boot memory mirror image in a common file transfer protocol mode.

6. The method according to claim 5, wherein the step of booting the memory image via the normal file transfer protocol mode network to start the baseboard management controller in response to the total number of times the baseboard management controller is started using the master image and the backup image being greater than a first threshold value comprises:

loading the memory mirror image in a common file transfer protocol mode;

deleting the backup image and storing the memory image copy as a new backup image;

the baseboard management controller is started with the new backup image.

7. The method for securely starting up a baseboard management controller according to claim 6, wherein the step of starting up the baseboard management controller by the normal file transfer protocol mode network boot memory image further comprises, when the total number of times of starting up the baseboard management controller by the master image and the backup image is greater than a first threshold value:

when a new backup mirror image is adopted to start the baseboard management controller, the baseboard management controller is controlled to restart;

and deleting the master image and saving a new backup image copy as a new master image when the master image is checked to be abnormal in the restarting process of the baseboard management controller.

8. A baseboard management controller safety initiation device, the device comprising:

the double-mirror image setting module is used for setting a main mirror image and a backup mirror image for starting the baseboard management controller;

a controller start module for starting the baseboard management controller by using the main mirror image when the baseboard management controller is started;

the mirror image switching module is used for starting the baseboard management controller by adopting the backup mirror image when the time for starting the baseboard management controller by adopting the master mirror image exceeds the first time and the baseboard management controller is not started;

and the abnormal starting control module is used for checking whether the primary mirror image is abnormal after the backup mirror image is adopted to start the baseboard management controller, and if so, setting that the time for starting the baseboard management controller by adopting the primary mirror image exceeds the second time without starting the baseboard management controller, and starting the baseboard management controller by adopting the backup mirror image, wherein the second time is smaller than the first time.

9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 7 when the computer program is executed by the processor.

10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.