CN116820748A - Method and system for managing session resources of password card - Google Patents
Method and system for managing session resources of password card Download PDFInfo
- Publication number
- CN116820748A CN116820748A CN202310536182.3A CN202310536182A CN116820748A CN 116820748 A CN116820748 A CN 116820748A CN 202310536182 A CN202310536182 A CN 202310536182A CN 116820748 A CN116820748 A CN 116820748A
- Authority
- CN
- China
- Prior art keywords
- session
- resource information
- memory
- resources
- abnormal closing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 324
- 230000002159 abnormal effect Effects 0.000 claims abstract description 91
- 230000004044 response Effects 0.000 claims abstract description 10
- 238000013507 mapping Methods 0.000 claims abstract description 7
- 230000006870 function Effects 0.000 claims description 6
- 238000007689 inspection Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 2
- 238000007726 management method Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 238000004904 shortening Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5022—Mechanisms to release resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5016—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a system for managing session resources of a password card, wherein the method comprises the following steps: applying for a memory for recording session resource information, and mapping the memory into a process address space by the SDK; in response to a request for opening a password card session, the SDK judges whether an abnormal closing process exists between an application program on a host and the password card; when an abnormal closing process exists, releasing session resources corresponding to the abnormal closing process; when no abnormal closing process exists, or after session resources corresponding to the abnormal closing process are released, resources are allocated for the newly opened session; allocating an idle memory space for a new session, and storing session resource information corresponding to the new session into the idle memory space; therefore, the invention can realize the active release of the session resources under the abnormal closing scene of the process by checking the abnormal closing process and releasing the corresponding session resources and then distributing the session resources for the new session, thereby improving the utilization rate of the session resources of the password card.
Description
Technical Field
The invention relates to the technical field of password cards, in particular to a password card session resource management method and system.
Background
The cryptographic card SDK manages and operates the cryptographic card based on the session, and the access to the cryptographic card needs to open the session first, and the session stores the resource information of the cryptographic card, such as DMA channel and semaphore information, and the resources are actively released when the session is closed.
However, when the process or thread of opening the session is abnormally closed, the resources stored in the session cannot be actively released, so that the session resources of the password card are leaked, the utilization rate is seriously reduced, and even the password card cannot be normally used; for example, the number of the DMA channels of the password card is N, each session occupies one DMA channel, and if all the sessions are not closed in time, the DMA channels are exhausted, so that the password card cannot open a new session.
Disclosure of Invention
The present invention aims to solve at least one of the technical problems in the related art to some extent.
Therefore, a first object of the present invention is to provide a method for managing session resources of a cryptographic card, which is capable of actively releasing session resources in a scene of abnormal process closure by checking an abnormal process and releasing corresponding session resources and then allocating session resources to a new session, thereby improving the utilization rate of session resources of the cryptographic card.
A second object of the present invention is to provide a cryptographic card session resource management system.
To achieve the above objective, an embodiment of a first aspect of the present invention provides a method for managing session resources of a cryptographic card, including the following steps: applying for a memory for recording session resource information; in response to a request to open a device, the SDK maps the memory into a process address space; responding to a request for opening a password card session, and judging whether an abnormal closing process exists between an application program on a host and the password card by the SDK according to the process running state corresponding to each session resource information stored in the memory; when an abnormal closing process exists, the SDK calls a driver to release session resources corresponding to the abnormal closing process; when no abnormal closing process exists, or after session resources corresponding to the abnormal closing process are released, resources are allocated for the newly opened session, and resource information corresponding to the new session is acquired; and allocating an idle memory space for the new session, and storing session resource information corresponding to the new session into the idle memory space.
In a specific embodiment of the first aspect, when applying for the memory for recording session resource information, performing: storing N structural body type elements in the memory, wherein each structural body type element res [ i ] records session resource information of a password card session; wherein i is more than or equal to 0 and less than or equal to N-1, N is set according to the total number of DMA channels of the password card; and respectively defining each member in the element res [ i ] of the structure body type as a process ID, a thread ID, a ringID of a DMA channel and a semaphore name in the session resource information.
In a specific embodiment of the first aspect, in response to a request for opening a session of the cryptographic card, when the SDK determines, according to a process running state corresponding to each session resource information stored in the memory, whether an abnormal closing process exists between an application program on the host and the cryptographic card, the method is executed: when receiving a request for opening a password card session from an application program, the SDK searches an abnormal closing process based on session resource information stored in the memory and the process ID list; the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
In a specific embodiment of the first aspect, when the SDK finds an abnormal shutdown process based on session resource information stored in the memory and the process ID list, the SDK executes: the SDK traverses/proc catalogue, and saves the process ID corresponding to the running cryptographic card session process into the process ID list; acquiring session resource information stored in the memory, and extracting a member process ID from the session resource information; and comparing each member process ID with the process IDs in the process ID list one by one, and finding out an abnormal closing process according to the process ID comparison result.
In a specific embodiment of the first aspect, comparing each member process ID with the process IDs in the process ID list one by one, when the abnormal shutdown process is found according to the process ID comparison result, executing:
let i=0; judging whether i in res [ i ] is smaller than N; if i is less than N, extracting the member res [ i ] pid in the res [ i ], and comparing the extracted member res [ i ] pid with all process IDs in the process ID list one by one; wherein, the member res [ i ] pid in res [ i ] represents the process ID corresponding to the ith session resource information;
if the process ID which is the same as the member res [ i ]. Pid is found in the process ID list, i=i+1 is caused, and the steps of judging whether i in res [ i ] is smaller than N and subsequent steps are repeatedly executed until i=N is jumped out;
if the process ID same as the member res [ i ] pid is not found in the process ID list, marking the process corresponding to the member res [ i ] pid as an abnormal closing process, enabling i=i+1, and repeatedly executing the steps of judging whether i in res [ i ] is smaller than N and subsequent steps until i=N.
In a specific embodiment of the first aspect, when the SDK call driver releases the session resource corresponding to the abnormal closing process, the method further includes: the SDK calls a driver, and empties a structural body corresponding to the abnormal closing process in the memory so as to empty a memory space occupied by the abnormal closing process in the memory; the SDK calls the driver and clears a register corresponding to the session resource of the abnormal closing process in the password card; and the password card returns a closing success message to the SDK through the drive.
In a specific embodiment of the first aspect, when allocating resources for a newly opened session and obtaining resource information corresponding to the new session, executing: applying for and distributing a DMA channel and a signal quantity for the new session, and acquiring the ring ID and the signal quantity name of the distributed DMA channel, wherein the value range of the ring ID is [0, N-1]; a process is allocated for the new session, and a process ID corresponding to the new session is acquired through a getpid () function; distributing threads for the new session, and acquiring a thread ID corresponding to the new session through a pthread_self () function; and taking the process ID, the thread ID, the ringID of the DMA channel and the semaphore name corresponding to the new session as the resource information corresponding to the new session.
In a specific embodiment of the first aspect, when allocating a free memory space for a new session and storing new session resource information in the free memory space, performing: searching out an idle structure body by traversing the elements of the structure body type stored in the memory in a for-loop mode; the idle structure refers to an element of the first member process ID res [ i ]. Pid= 0 in the memory; and allocating an idle memory space for a new session according to the idle structure body, and storing resource information corresponding to the new session into the idle structure body.
In order to achieve the above objective, an embodiment of a second aspect of the present invention provides a cryptographic card session resource management system, which includes a driving end and a process end, wherein the driving end is communicatively interconnected with the process end, the driving end includes a memory creation module, and the process end includes M process management subunits, where M is greater than or equal to 1 and less than or equal to N; each process management subunit comprises an inspection module, a release module, an allocation module and a storage module which are sequentially connected;
the memory creation module is used for applying for a memory for recording session resource information; and mapping the memory into a process address space in response to a request to open the device; the checking module is used for responding to the request for opening the password card session and judging whether an abnormal closing process exists between the application program on the host and the password card according to the process running state corresponding to each session resource information stored in the memory; the release module is used for releasing session resources corresponding to the abnormal closing process when the abnormal closing process exists; the allocation module is used for allocating resources for the newly opened session and acquiring resource information corresponding to the new session when no abnormal closing process exists or after session resources corresponding to the abnormal closing process are released; the storage module is used for distributing an idle memory space for the new session and storing session resource information corresponding to the new session into the idle memory space.
In a specific embodiment of the second aspect, the inspection module is specifically configured to: responding to a request for opening a password card session from an application program, and searching out an abnormal closing process based on session resource information stored in the memory and the process ID list; the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
The beneficial effects of the invention are as follows:
the invention records the session resource information of each password card session by creating the memory, when each time the resources are allocated to the new session, firstly checks the abnormal closing process in the memory and releases the corresponding session resources, then allocates the session resources to the new session and stores the session resources in the idle structure in the memory, and realizes the active release of the session resources corresponding to the abnormal closing process when the new session is opened, thereby avoiding the leakage of the password card session resources and the occurrence of the situation that the password card session resources cannot be normally used, further improving the utilization rate of the password card session resources, and the active release of the session resources is automatically managed by the program without the attention of the user to specific details, thereby greatly improving the release efficiency.
Drawings
FIG. 1 is a timing diagram of a method for managing resources of a cryptographic card session according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for managing resources of a cryptographic card session according to an embodiment of the present invention;
fig. 3 is a schematic block diagram of a cryptographic card session resource management system according to an embodiment of the present invention.
Detailed Description
In order that the above-recited objects, features and advantages of the present invention will be more clearly understood, a more particular description of the invention will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings.
Example 1
When an application program on a host needs to call the password card device to perform encryption and decryption and other operations, a password card session between the application program and the password card device needs to be established; the embodiment provides a specific implementation mode of a password card session resource management method.
As shown in fig. 1, the method for managing the session resources of the password card comprises the following steps:
applying for a memory MEM for recording session resource information;
the memory MEM refers to a block of memory MEM used for recording session resource information applied by the cryptographic card driver before an application program on the host needs to open the cryptographic card device;
the memory MEM is a virtual memory, and the same virtual memory is used for recording the resource information of the password card session corresponding to the same password card device;
the session resource information is set in one-to-one correspondence with the session channels of the password card;
in response to an open device request from an application, the SDK maps the memory MEM into a process address space;
specifically, the SDK maps the memory MEM into a process address space in a mmap mode for accessing and using processes and/or threads corresponding to the password card session;
it should be noted that, the invention records the resource information of each session by creating the memory MEM, and establishes the mapping relationship between the memory address in the driving layer and the process address of the application layer by mapping the memory MEM into the process address space, so as to achieve the effect that the processes and/or threads allocated by each session access the same memory MEM in the driving layer to access the session resource information by operating the process address of the application layer, thereby effectively shortening the access time of the session resource information and further improving the management efficiency of new session resources;
responding to a request for opening a password card session from an application program, and judging whether an abnormal closing process exists in a process between the application program and the password card on a host according to a process running state corresponding to each session resource information stored in the memory MEM by the SDK;
when no abnormal closing process exists, calling a password card to allocate resources for the newly opened session, and acquiring corresponding resource information; allocating an idle memory space for a newly opened session, and storing resource information corresponding to the new session into the idle memory space in the memory MEM;
when an abnormal closing process exists, calling and driving to release session resources corresponding to the abnormal closing process by a password card SDK, after releasing the session resources corresponding to the abnormal closing process, distributing resources for a newly opened session, and acquiring resource information corresponding to the new session; and allocating an idle memory space for the new session, and storing resource information corresponding to the new session into the idle memory space in the memory MEM.
In some embodiments, the application program, SDK (Software Development Kit) and the driver are all running on the host, belonging to software matched with the password card; including but not limited to PCI-E password cards.
When the driver is installed, the memory MEM is applied, and when the driver is uninstalled, the memory MEM is released, thereby improving the utilization rate of the memory resources.
It should be noted that, in this embodiment, when the password card device is opened by applying for a virtual memory through the driver, a mapping relationship between an address of the driver layer (virtual memory address) and an address of the application layer (process address) is established through address mapping; when a new session is opened, detecting whether an abnormal closing process (a process occupying a memory space but not running) exists, if one or more abnormal closing processes exist, firstly releasing the memory space occupied by the abnormal closing process and clearing a corresponding register in the password card, then applying for new session resources to the password card and storing the new session resources in a memory MEM; if no abnormal closing process exists, the new session resource is directly applied to the password card and stored in the memory MEM.
Therefore, the embodiment can timely, actively and rapidly release the session resources corresponding to the abnormal closing process when a new session is opened, thereby avoiding the situation that the password card session resources are revealed and the password card cannot be normally used, further improving the utilization rate of the password card session resources, automatically managing the mode of actively releasing the session resources by a program, avoiding the user from paying attention to specific details, greatly improving the release efficiency and ensuring the normal work of the password card.
As shown in fig. 1, in some embodiments, when applying for the memory MEM for recording session resource information, performing:
storing N structural body type elements in the memory MEM, wherein each structural body type element res [ i ] records session resource information of a password card session;
wherein i is more than or equal to 0 and less than or equal to N-1, N is set according to the total number of DMA channels of the password card;
and respectively defining each member in the element res [ i ] of the structure body type as a process ID, a thread ID, a ringID of a DMA channel and a semaphore name in the session resource information.
It should be noted that, one cryptographic card device corresponds to a plurality of cryptographic card sessions, and one cryptographic card session occupies one DMA channel, so N is equal to the total number of DMA channels of the cryptographic card; the resource information of a cipher card session is correspondingly stored in a group of structural bodies;
for example, the resource information of this session is stored in the structure res [ i ], and specific codes are:
struct res{
int pid;// Process ID
int tid;// thread ID
int ringID;// DMA channel resource ringID
char sem;// semaphore name
};
Wherein, pid refers to the process ID allocated for the session, tid refers to the thread ID allocated for the session, ringID refers to the sequence number of the DMA channel resource storing the session, and the value range of ringID is [0, N-1]; sem refers to the semaphore name for the session.
As shown in fig. 1, in some embodiments, in response to a request for opening a session of a cryptographic card, when the SDK determines, according to a process running state corresponding to each session resource information stored in the memory MEM, whether an abnormal closing process exists between an application program on a host and the cryptographic card, the SDK performs:
monitoring whether a request from an application to open a cryptographic card session is received,
when receiving a request for opening a password card session from an application program, the SDK traverses a process ID list, and searches an abnormal closing process based on session resource information stored in the memory MEM and the process ID list;
the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
As shown in fig. 2, in some embodiments, when the SDK finds an abnormal shutdown process based on session resource information stored in the memory MEM and the process ID list, the SDK performs:
the SDK traverses/proc catalogue, and saves the process ID corresponding to the running cryptographic card session process into the process ID list; it can be understood that the use/proc directory can query information about system hardware and current running processes, and the SDK traversal/proc directory can determine the running cryptographic card session processes;
acquiring session resource information stored in the memory MEM, and extracting a member process ID from the session resource information;
and comparing each member process ID with the process IDs in the process ID list one by one, and finding out an abnormal closing process according to the process ID comparison result.
It should be noted that, each set of session resource information in the memory MEM records resource information corresponding to a session process of a cryptographic card, even if an abnormal process is closed, session resource information corresponding to the abnormal closing process still has recorded data, and the session resource information corresponding to the abnormal closing process in the memory MEM is also occupied; however, recorded in the process ID LIST is a process ID corresponding to the running cryptographic card session process, and a process ID corresponding to the abnormally closed process is not recorded in the process ID LIST;
therefore, each member res [ i ] pid stored in the session resource information is compared with all process IDs in the process ID LIST one by one, if one or more res [ i ] pid can not find the same process ID in the process ID LIST, it means that the processes corresponding to the process IDs are not in the running state, but occupy the cryptocard session resource, and the processes are the exiting processes, and the processes are determined as abnormal closing processes.
When the application program opens the password card session, firstly, the running process ID LIST is scanned, the process ID of the exiting process is found out by comparing the process IDs in the process ID LIST with the pid stored in the session resource information, the session corresponding to the abnormal closing process is determined by the process ID, the DMA channel, the semaphore and other resources corresponding to the session are released, and the structure corresponding to the session is emptied.
As shown in fig. 2, in some embodiments, each member process ID is compared with the process IDs in the process ID list one by one, and when an abnormal shutdown process is found according to the process ID comparison result, the method is executed:
let i=0; where i is the sequence number of the structure res [ i ], res [ i ] represents the ith session resource information;
judging whether i in res [ i ] is smaller than N; wherein i is more than or equal to 0 and less than or equal to N-1;
if i is less than N, extracting the member res [ i ] pid in the res [ i ], comparing the extracted member res [ i ] pid with all the process IDs in the process ID list one by one, and judging whether the process ID identical to the member res [ i ] pid can be found in the process ID list; wherein, the member res [ i ] pid in res [ i ] represents the process ID corresponding to the ith session resource information;
if the process ID which is the same as the member res [ i ]. Pid is found in the process ID list, i=i+1 is caused, and the steps of judging whether i in res [ i ] is smaller than N and subsequent steps are repeatedly executed until i=N is jumped out;
if the process ID same as the member res [ i ] pid is not found in the process ID list, marking the process corresponding to the member res [ i ] pid as an abnormal closing process, enabling i=i+1, and repeatedly executing the steps of judging whether i in res [ i ] is smaller than N and subsequent steps until i=N.
If i=n and there is no abnormal closing process, allocating resources for the newly opened session and obtaining the resource information of the new session.
It can be understood that when the process IDs are compared, the purpose of judging whether the sequence number i of the structure res [ i ] is smaller than N is to make the process IDs in each group of structures perform a one-by-one comparison with all the process IDs in the process ID LIST until i=n, that is, the process IDs in the N groups of structures are all one-by-one compared with all the process IDs in the process ID LIST, so as to ensure that after the resources of the session corresponding to the abnormal closing process have been released, resources are allocated for the newly opened session, and resource information of the new session is acquired.
For example, when N is 2, let i=0, judge if subscript i of res [ i ] is smaller than N, because 0< N, compare member res [0]. Pid in res [0] with all process IDs in process ID list one by one, judge if can find the same process ID as res [0]. Pid in process ID list;
if the process ID same as res [0] pid is found, namely that the res [0] pid corresponds to a normal password card session, the variable i is increased by 1, namely i=1 at the moment, whether the subscript i of res [ i ] is smaller than N is judged again, and because 1<N, the members res [1] pid in res [1] and all the process IDs in the process ID LIST LIST are compared one by one, and whether the process ID same as res [1] pid can be found in the process ID LIST LIST is judged;
if the process ID same as res [0] pid is not found, the fact that res [0] pid corresponds to an abnormally closed password card session is indicated, session resources corresponding to res [0] pid are released, a variable i is increased by 1, namely i=1 at the moment, whether the subscript i of res [ i ] is smaller than N is judged again, and as 1<N, members res [1] pid in res [1] are compared with all process IDs in a process ID LIST LIST one by one, and whether the process ID same as res [1] pid can be found in the process ID LIST LIST is judged;
if the same process ID can be found in the process ID LIST LIST as res [1] pid, which means that res [1] pid corresponds to a normal password card session, the variable i is increased by 1, i.e. i=2 at this time, whether the subscript i of res [ i ] is smaller than N is judged again, and the cycle is jumped out because of 2=N;
if the process ID identical to res [1] pid cannot be found in the process ID LIST, which indicates that res [1] pid corresponds to an abnormally closed cryptographic card session, releasing the session resource corresponding to res [1] pid, and increasing the variable i by 1, i.e. i=2 at this time, again judging whether the subscript i of res [ i ] is smaller than N, and since 2=n, jumping out of the loop.
As shown in fig. 1, in some embodiments, when the SDK call driver releases the session resource corresponding to the abnormal closing process, the method further includes:
the SDK calls a driver, and the structural body corresponding to the abnormal closing process is emptied in the memory MEM, so that the memory space occupied by the abnormal closing process in the memory MEM is emptied;
the SDK calls the driver and clears a register corresponding to the session resource of the abnormal closing process in the password card;
and the password card returns a closing success message to the SDK through the drive.
Because the memory address of the driving layer is mapped to the address of the application layer in advance, the SDK can empty the structure corresponding to the abnormal closing process in the memory MEM by operating the address of the application layer, thereby deleting the session resource information corresponding to the abnormal closing process stored in the memory of the driving layer.
As shown in fig. 2, in some embodiments, when resources are allocated for a newly opened session and resource information corresponding to the new session is acquired, the steps are performed:
applying for and distributing session resources such as a DMA channel and a semaphore for the new session, and acquiring a ring ID and a semaphore name sem of the distributed DMA channel, wherein the ring ID is used for storing a sequence number of the DMA channel, and the value range of the ring ID is [0, N-1];
a process is allocated for the new session, and a process ID corresponding to the new session is acquired through a getpid () function;
distributing threads for the new session, and acquiring a thread ID (tid) corresponding to the new session through a pthread_self () function;
and taking the process ID, the thread ID, the ringID of the DMA channel and the semaphore name corresponding to the new session as the resource information corresponding to the new session.
As shown in fig. 1, in some embodiments, when allocating a free memory space for a new session and storing new session resource information in the free memory space, performing:
searching out an idle structure body by circularly traversing the elements of the structure body type stored in the memory MEM; the idle structure refers to an element of the first member process ID res [ i ]. Pid= 0 in the memory MEM;
and allocating an idle memory space for a new session according to the idle structure body, and storing resource information corresponding to the new session into the idle structure body.
Example 2
On the basis of embodiment 1, this embodiment provides a specific implementation manner of a cryptographic card session resource management system, as shown in fig. 3;
the password card session resource management system comprises a driving end and a process end, wherein the driving end is in communication interconnection with the process end, the driving end comprises a memory creation module, the process end comprises M process management subunits, M is more than or equal to 1 and less than or equal to N, and N is set according to the total number of DMA channels of the password card; each process management subunit comprises an inspection module, a release module, an allocation module and a storage module which are sequentially connected;
the memory creation module is used for applying for a memory MEM for recording session resource information; and is further configured to map the memory MEM into a process address space in response to a request to open the device;
the checking module is used for responding to the request of opening the password card session, and judging whether an abnormal closing process exists between the application program on the host and the password card according to the process running state corresponding to each session resource information stored in the memory MEM;
the release module is used for releasing session resources corresponding to the abnormal closing process when the abnormal closing process exists;
the allocation module is used for allocating resources for the newly opened session and acquiring resource information corresponding to the new session when no abnormal closing process exists or after session resources corresponding to the abnormal closing process are released;
the storage module is a virtual module and is used for distributing an idle memory space for a new session and storing session resource information corresponding to the new session into the idle memory space.
In some embodiments, the inspection module is specifically configured to:
responding to a request for opening a password card session from an application program, and searching out an abnormal closing process based on session resource information stored in the memory MEM and the process ID list;
the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
It can be understood that when the application program on the host opens the password card session, the application program automatically checks the exiting process and actively releases the session resource corresponding to the exiting process, that is, the program automatically manages and releases the invalid resource information, so that the release efficiency is high, the application program is transparent to the user, and the user does not need to pay attention to specific details.
It should be noted that, in the password card session resource management system, the memory MEM is created by the driving end, each process management subunit at the process end is provided with the inspection module to find out the abnormal closing process, the release module is set to release the resource for the abnormal closing process, the allocation module is set to allocate the resource for the newly opened session, the storage module is set to record the session resource information corresponding to the process, so as to automatically release the session resource corresponding to the abnormal closing or exiting process when the session is opened, and then allocate the corresponding resource for the opened session, thereby solving the problem that the password card cannot be normally used due to the exhaustion of the DMA channel resource allocation.
Claims (10)
1. The method for managing the session resources of the password card is characterized by comprising the following steps:
applying for a memory for recording session resource information;
in response to a request to open a device, the SDK maps the memory into a process address space;
responding to a request for opening a password card session, and judging whether an abnormal closing process exists between an application program on a host and the password card by the SDK according to the process running state corresponding to each session resource information stored in the memory;
when an abnormal closing process exists, the SDK calls a driver to release session resources corresponding to the abnormal closing process;
when no abnormal closing process exists, or after session resources corresponding to the abnormal closing process are released, resources are allocated for the newly opened session, and resource information corresponding to the new session is acquired;
and allocating an idle memory space for the new session, and storing session resource information corresponding to the new session into the idle memory space.
2. The method for managing session resources of a cryptographic card according to claim 1, wherein when applying for a memory for recording session resource information, performing:
storing N structural body type elements in the memory, wherein each structural body type element res [ i ] records session resource information of a password card session;
wherein i is more than or equal to 0 and less than or equal to N-1, N is set according to the total number of DMA channels of the password card;
and respectively defining each member in the element res [ i ] of the structure body type as a process ID, a thread ID, a ringID of a DMA channel and a semaphore name in the session resource information.
3. The method for managing session resources of a cryptographic card according to claim 2, wherein in response to a request for opening a session of a cryptographic card, when the SDK determines whether an abnormal closing process exists between an application program on a host and the cryptographic card according to a process running state corresponding to each session resource information stored in the memory, the method is executed:
when receiving a request for opening a password card session from an application program, the SDK searches an abnormal closing process based on session resource information stored in the memory and the process ID list;
the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
4. The method for managing session resources of a cryptographic card according to claim 3, wherein when the SDK finds an abnormal shutdown process based on session resource information stored in the memory and the process ID list, the method is executed:
the SDK traverses/proc catalogue, and saves the process ID corresponding to the running cryptographic card session process into the process ID list;
acquiring session resource information stored in the memory, and extracting a member process ID from the session resource information;
and comparing each member process ID with the process IDs in the process ID list one by one, and finding out an abnormal closing process according to the process ID comparison result.
5. The method for managing resources of a cryptographic card session according to claim 4, wherein comparing each member process ID with the process IDs in the process ID list one by one, and executing when an abnormal shutdown process is found according to the process ID comparison result:
let i=0;
judging whether i in res [ i ] is smaller than N;
if i is less than N, extracting the member res [ i ] pid in the res [ i ], and comparing the extracted member res [ i ] pid with all process IDs in the process ID list one by one; wherein, the member res [ i ] pid in res [ i ] represents the process ID corresponding to the ith session resource information;
if the process ID which is the same as the member res [ i ]. Pid is found in the process ID list, i=i+1 is caused, and the steps of judging whether i in res [ i ] is smaller than N and subsequent steps are repeatedly executed until i=N is jumped out;
if the process ID same as the member res [ i ] pid is not found in the process ID list, marking the process corresponding to the member res [ i ] pid as an abnormal closing process, enabling i=i+1, and repeatedly executing the steps of judging whether i in res [ i ] is smaller than N and subsequent steps until i=N.
6. The method for managing session resources of a cryptographic card according to claim 1, wherein when the SDK call driver releases session resources corresponding to the abnormal closing process, the method comprises the steps of:
the SDK calls a driver, and empties a structural body corresponding to the abnormal closing process in the memory so as to empty a memory space occupied by the abnormal closing process in the memory;
the SDK calls the driver and clears a register corresponding to the session resource of the abnormal closing process in the password card;
and the password card returns a closing success message to the SDK through the drive.
7. The method for managing resources of a cryptographic card session according to claim 1, wherein when resources are allocated for a newly opened session and resource information corresponding to the new session is acquired, the method is performed:
applying for and distributing a DMA channel and a signal quantity for the new session, and acquiring the ring ID and the signal quantity name of the distributed DMA channel, wherein the value range of the ring ID is [0, N-1];
a process is allocated for the new session, and a process ID corresponding to the new session is acquired through a getpid () function;
distributing threads for the new session, and acquiring a thread ID corresponding to the new session through a pthread_self () function;
and taking the process ID, the thread ID, the ringID of the DMA channel and the semaphore name corresponding to the new session as the resource information corresponding to the new session.
8. The method for managing resources of a cryptographic card session according to claim 2, wherein when allocating a free memory space for a new session and storing new session resource information in the free memory space, performing:
searching out an idle structure body by traversing the elements of the structure body type stored in the memory in a for-loop mode; the idle structure refers to an element of the first member process ID res [ i ]. Pid= 0 in the memory;
and allocating an idle memory space for a new session according to the idle structure body, and storing resource information corresponding to the new session into the idle structure body.
9. The password card session resource management system is characterized by comprising a driving end and a process end, wherein the driving end is in communication interconnection with the process end, the driving end comprises a memory creation module, and the process end comprises M process management subunits, wherein M is more than or equal to 1 and less than or equal to N; each process management subunit comprises an inspection module, a release module, an allocation module and a storage module which are sequentially connected;
the memory creation module is used for applying for a memory for recording session resource information; and mapping the memory into a process address space in response to a request to open the device;
the checking module is used for responding to the request for opening the password card session and judging whether an abnormal closing process exists between the application program on the host and the password card according to the process running state corresponding to each session resource information stored in the memory;
the release module is used for releasing session resources corresponding to the abnormal closing process when the abnormal closing process exists;
the allocation module is used for allocating resources for the newly opened session and acquiring resource information corresponding to the new session when no abnormal closing process exists or after session resources corresponding to the abnormal closing process are released;
the storage module is used for distributing an idle memory space for the new session and storing session resource information corresponding to the new session into the idle memory space.
10. The cryptographic card session resource management system according to claim 9, wherein the checking module is specifically configured to:
responding to a request for opening a password card session from an application program, and searching out an abnormal closing process based on session resource information stored in the memory and the process ID list;
the session resource information comprises a process ID, a thread ID, a ring ID of a DMA channel and a semaphore name, and the process ID list is used for recording a process ID corresponding to the running password card session process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310536182.3A CN116820748A (en) | 2023-05-12 | 2023-05-12 | Method and system for managing session resources of password card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310536182.3A CN116820748A (en) | 2023-05-12 | 2023-05-12 | Method and system for managing session resources of password card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116820748A true CN116820748A (en) | 2023-09-29 |
Family
ID=88123059
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310536182.3A Pending CN116820748A (en) | 2023-05-12 | 2023-05-12 | Method and system for managing session resources of password card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116820748A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117707796A (en) * | 2024-02-06 | 2024-03-15 | 苏州元脑智能科技有限公司 | Resource management method, device, electronic equipment and storage medium |
-
2023
- 2023-05-12 CN CN202310536182.3A patent/CN116820748A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117707796A (en) * | 2024-02-06 | 2024-03-15 | 苏州元脑智能科技有限公司 | Resource management method, device, electronic equipment and storage medium |
| CN117707796B (en) * | 2024-02-06 | 2024-04-09 | 苏州元脑智能科技有限公司 | Resource management method, device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1266590C (en) | Progress pole/linear procedure pole management method of construction member oriented backbone system internal core | |
| CN108763099A (en) | Startup method, apparatus, electronic equipment and the storage medium of system | |
| US9213562B2 (en) | Garbage collection safepoint system using non-blocking asynchronous I/O call to copy data when the garbage collection safepoint is not in progress or is completed | |
| CN101414272B (en) | Method and apparatus for detecting memory leakage | |
| US8073673B2 (en) | Emulated memory management | |
| CN111367659B (en) | Resource management method, equipment and medium for nodes in Kubernetes | |
| CN109582590B (en) | Pointers in a memory managed system | |
| CN102063338A (en) | Method and device for requesting exclusive resource | |
| CN110532109B (en) | Shared multi-channel process communication memory structure and method | |
| CN105357042B (en) | A kind of highly available cluster system and its host node and from node | |
| CN116820748A (en) | Method and system for managing session resources of password card | |
| US20140068351A1 (en) | Blackbox Memory Monitoring with a Calling Context Memory Map and Semantic Extraction | |
| US20240095174A1 (en) | Method for detecting error of operating system kernel memory in real time | |
| CN111273968A (en) | Object calling method, device, equipment and medium | |
| CN112445686A (en) | Memory leak detection method, device and computer-readable storage medium | |
| CN112612623A (en) | Method and equipment for managing shared memory | |
| CN115617504A (en) | Memory management system, leakage detection method and storage medium | |
| CN116028290A (en) | Solid state disk testing method, device, equipment and medium | |
| CN112698912B (en) | Java Card virtual machine running environment and memory management method | |
| CN113051038A (en) | Data access method and device under cloud service multi-tenant environment | |
| US20070234114A1 (en) | Method, apparatus, and computer program product for implementing enhanced performance of a computer system with partially degraded hardware | |
| CN113220495B (en) | Method and device for processing process abnormal event, electronic equipment and storage medium | |
| CN114157717B (en) | System and method for dynamic current limiting of micro-service | |
| CN106406771A (en) | Log recording method and log recorder | |
| CN107688479A (en) | Android system network cluster and its method built, the method and system of android system network cluster data processing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |