CN117687833A

CN117687833A - Method, device and storage medium for testing data security

Info

Publication number: CN117687833A
Application number: CN202311537323.XA
Authority: CN
Inventors: 蔡磊; 黎建根; 梁礼学
Original assignee: China Great Wall Technology Group Co ltd
Current assignee: China Great Wall Technology Group Co ltd
Priority date: 2023-11-15
Filing date: 2023-11-15
Publication date: 2024-03-12

Abstract

The application discloses a method for testing data security, which comprises the following steps: before entering an operating system of the electronic equipment, setting a test memory address field, wherein the test memory address field comprises a fault memory address; writing test data into a test memory address field after entering an operating system of the electronic device, wherein the byte number of the test data is determined according to the size of a minimum data block of the operating system of the electronic device; after each time of writing test data, reading the data of the address section of the test memory, and immediately writing the read data into the hard disk; when the test data is detected to be written into the fault memory address, the CPU is utilized to perform interrupt processing; and comparing the content of the stored data in the hard disk with the content of the written test data to obtain a test result. The testing method can more completely and intuitively test whether the interrupt delay processing of the central processing unit meets the requirement when the memory fails, thereby ensuring the data safety.

Description

Method, device and storage medium for testing data security

Technical Field

The application belongs to the field of testing, and particularly relates to a method, a device and a storage medium for testing data security.

Background

With the development of computer technology, more and more CPUs are beginning to support ECC memory. ECC memory is a memory bank which can realize error checking and correcting technology (Error Checking and Correcting, ECC), can tolerate data errors through parity check and correct errors, so that a computer system can continuously and normally work without interruption caused by errors, and has better stability. Data security testing for ECC memory is also becoming particularly important. During operation of the server, memory storage locations may experience bit (bit) jumps, but such errors may be corrected by ECC techniques. Those errors that cannot be corrected are referred to as uncorrectable errors (Uncorrectable Error, UCE).

When a UCE error is generated, it is particularly important whether the CPU generates an interrupt in time. If the CPU is not interrupted timely, the error data is reserved and even written into the system, so that the data security of the system is jeopardized. In the traditional scheme, when UCE errors are generated in the memory, after the CPU is interrupted, fault information is printed only on a serial port or a management system side. For development and testing personnel, a more perfect and visual mode is needed, and whether the CPU can interrupt in time when UCE errors are generated in the test memory is tested, so that whether the data security requirement is met is detected.

Therefore, how to perfectly and intuitively test whether the CPU interrupts in time when the UCE error occurs in the memory, so as to detect whether the data security requirement is met is a technical problem to be solved.

Disclosure of Invention

The purpose of the application is to provide a method for testing data security, which can perfectly and intuitively test whether a CPU is interrupted in time when a UCE error is generated in a memory, so as to detect whether the data security requirement is met.

In a first aspect, an embodiment of the present application provides a method for testing data security, applied to an electronic device, where the method includes:

before entering an operating system of the electronic equipment, setting a test memory address field, wherein the test memory address field comprises a fault memory address;

writing test data into a test memory address field after entering an operating system of the electronic device, wherein the byte number of the test data is determined according to the size of a minimum data block of the operating system of the electronic device;

after each time of writing test data, reading the data of the address section of the test memory, and immediately writing the read data into the hard disk;

when the test data is detected to be written into the fault memory address, the CPU is utilized to perform interrupt processing;

and comparing the content of the stored data in the hard disk with the content of the written test data to obtain a test result, wherein the test result is used for indicating whether the CPU interruption delay meets the requirement of preventing the error data from dropping.

In a possible implementation manner of the first aspect, each bit of the test data is "0", or each bit of the test data is "1";

in a possible implementation manner of the first aspect, comparing the content of the stored data with the content of the written test data in the hard disk to obtain a test result includes:

when the content of the stored data in the hard disk is the same as the content of the written test data, determining that the CPU interruption delay meets the requirement of preventing the error data from falling; or,

when the content of the data in the hard disk is different from the content of the test data, determining that the CPU interruption delay does not meet the requirement of error data not to drop.

In a possible implementation manner of the first aspect, the test memory address segment is a physical address interval, or the test memory address segment is a virtual address interval after the physical address interval is mapped.

In a possible implementation manner of the first aspect, the faulty memory address includes a first memory address and/or a second memory address, the first memory address being a memory address known to generate an uncorrectable error UCE, and the second memory address being a memory address generated by UCE error injection during writing of the test data.

In a possible implementation manner of the first aspect, the method further includes: when the CPU is used for carrying out interrupt processing, a system event log is generated, and the system event log is used for recording error information generated by the CPU for UCE errors.

In a possible implementation manner of the first aspect, the method further includes: when the test memory address segment is detected to be occupied by the operating system, the test memory address segment is reselected.

In a second aspect, the present application also provides an apparatus for testing data security, the apparatus having the functionality to implement the method of the first aspect or any possible implementation thereof. In particular, the apparatus comprises means for implementing the method of the first aspect or any possible implementation thereof.

In one embodiment thereof, the apparatus comprises:

the setting unit is used for setting a test memory address field before entering an operating system of the electronic equipment, wherein the test memory address field comprises a fault memory address;

the processing unit is used for writing test data into the test memory address field after entering the operating system of the electronic equipment, and the byte number of the test data is determined according to the size of the minimum data block of the operating system of the electronic equipment; after each time of writing test data, reading the data of the address section of the test memory, and immediately writing the read data into the hard disk; when the test data is detected to be written into the fault memory address, the CPU is utilized to perform interrupt processing;

and the comparison unit is used for comparing the content of the stored data in the hard disk with the content of the written test data to obtain a test result, and the test result is used for indicating whether the CPU interruption delay meets the requirement of preventing the error data from dropping.

In a third aspect, the present application also provides an electronic device. The electronic device includes a memory, a processor, and a computer program stored in the memory and executable on the processor. The processor, when executing the computer program, implements the method of any implementation manner of the first aspect.

In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium stores a computer program which when executed by a processor implements the method of any one of the implementations of the first aspect described above.

In a fifth aspect, the present application also provides a computer program product for causing an electronic device to perform the method of any one of the implementations of the first aspect described above when the computer program product is run on the electronic device.

Compared with the prior art, the embodiment of the application has the beneficial effects that:

according to the method and the device, the test data are continuously read from the memory and written into the hard disk, after the CPU interruption is caused by the fault memory address, whether error data generated by the fault memory address exist in the hard disk is checked, and therefore whether the processing delay of the CPU interruption reaches the data safety requirement is detected. When the data passes through the fault memory address to generate error data, if the CPU is not interrupted timely, the error data can be written into the hard disk, and for upper layer business, the data security is difficult to ensure. Compared with the traditional scheme that when a memory fault occurs, only the CPU interrupt display error information is reported, the scheme of the embodiment of the application further detects the effectiveness of the CPU interrupt delay on the basis, and the CPU can generate interrupt in one instruction period under normal conditions by continuously writing test data with the preset byte number, and whether the CPU is interrupted timely is detected by using whether the error data falls down or not, so that the data security is detected. The detection content of the scheme of the embodiment of the application is more comprehensive and detailed.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the following description will briefly introduce the drawings that are needed in the embodiments or the description of the prior art, it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flow chart of a method for testing data security provided in the present application.

Fig. 2 is a flow chart of a method for testing data security provided in the present application.

Fig. 3 is a schematic block diagram of a method of testing data security provided herein.

Fig. 4 is a schematic structural diagram of a device for testing data security provided in the present application.

Fig. 5 is a schematic structural diagram of an electronic device provided in the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.

With the rapid development of internet services, the availability of infrastructure is also receiving increasing attention. The loss caused by hardware failures, especially memory failures, tends to be huge, greatly affecting the Reliability (Availability), availability (Availability) and Serviceability (Serviceability) of the system. Currently, more and more central processing units (Central Processing Unit, CPU) support memory with error checking and correcting (Error Correcting Code, ECC) functions. Specifically, the memory controller uses an error correction code, which is a redundant bit added when storing data, and by calculating the data, bit errors in the memory can be detected and corrected. Among other types of errors, the types of errors can be categorized into repairable errors (Correctable Error, CE) and non-repairable errors (Uncorrectable Error, UCE). UCE errors are typically caused by hardware failures or bad memory granules.

When a UCE error occurs, the CPU makes a corresponding interrupt process. It is particularly important if the CPU generates an interrupt in time. Since normal data can change after passing through the fault memory, if the CPU is not timely interrupted, that is, the CPU does not immediately stop the current instruction after finding the memory UCE, the changed data, namely error data or dirty data, can be reserved and written into the system, so that the data security of the system is jeopardized.

The conventional scheme only pays attention to whether the CPU reports and processes when UCE errors occur, and no effective scheme is available for testing whether delay exists in the processing process. For example, the Intel CPU of the X86 platform, the Feiteng CPU of the Arm platform and the like, the CPU of the server platform supports the ECC function of the memory, and when the memory is affected by external or self faults to generate UCE errors, fault information is printed only at the serial port or the management system side.

Therefore, the present application proposes a method for testing data security, which uses a CPU to write test data into a memory, and then immediately reads data from the memory and writes the data into a hard disk. In the process, after the CPU accesses the fault memory to generate an interrupt, whether the UCE error data of the memory is written into the hard disk is confirmed by checking the data content in the hard disk, so that the aim of testing the data security is fulfilled.

Fig. 1 is a flow chart of a method for testing data security provided in the present application. The method of the present application is applied to an electronic device, which in some embodiments may be any one of a mobile phone, a wearable device (such as a smart watch, a smart bracelet, smart glasses, smart jewelry, etc.), a tablet computer (Tablet Personal Computer, tablet pc), an augmented Reality (Augmented Reality, AR)/Virtual Reality (VR) device, a notebook computer, an Ultra-mobile Personal Computer, a UMPC), a netbook, a personal digital assistant (Personal Digital Assistant, PDA), or a smart panel, etc., and may also be any one of a server terminal, an in-vehicle terminal, or an on-board terminal, etc. The type of electronic device is not limited herein.

Specifically, the method for testing data security provided by the application comprises the following steps:

s101, before entering an operating system of the electronic equipment, setting a test memory address field, wherein the test memory address field comprises a fault memory address.

The setting of the test memory address segment may preserve the fault memory address to be tested, for example under the BIOS UEFI Shell, from being used by the Operating System before the Operating System (OS) is not entered. UEFI (unified extensible firmware interface) is a new generation of firmware interface for replacing traditional BIOS firmware. UEFI provides more functionality and flexibility, making the computer more stable and efficient. UEFI Shell is a command line interface provided by UEFI through which advanced system configuration and troubleshooting operations can be performed.

The failed memory address refers to a memory address that may have generated a UCE error, which may have been previously checked by a tool. In one implementation, address segments adjacent to each other above and below the failed memory address may be used as test memory address segments. For example, the failed memory address is 0x0001000000, and the test memory address segment may be set to an address of 0x0000f00000 to 0x000f000000. It should be understood that, when setting the test memory address segment, only the fault memory address needs to be ensured to be in the test memory address segment, and the specific test memory address segment can be set according to actual requirements.

S102, after entering an operating system of the electronic equipment, writing test data into a test memory address field.

The byte number of the test data is determined according to the size of the minimum data block of the operating system of the electronic equipment;

specifically, the number of bytes of test data is determined according to the type of operating system. On a 64-bit operating system, the data block size that the CPU can operate in one instruction cycle is 8 bytes (Byte), and then the test data is 8Byte data. On a 32-bit operating system, the data block size that the CPU can operate in one instruction cycle is 4 bytes, and then the test data is 4 bytes of data. The byte number of the test data is set to be the length of the minimum data block of the operating system, and the CPU can operate to finish the test data only by one instruction period. The following steps are all described by taking a 64-bit operating system as an example.

After entering the operating system, test data is written from the start address in the test memory address field, that is, the test data is stored in the test memory address field continuously, and in the 64-bit operating system, the test data corresponds to 8Byte data.

S103, after each time of writing test data, reading the data of the test memory address field, and immediately writing the read data into the hard disk.

After each execution of step S102, the test data is written into the test memory address segment, the data in the test memory address segment is read, and the read data is immediately written into the hard disk. That is, when the operating system is 64 bits, every time 8 bytes of test data are written in the test memory address field, the 8 bytes of test data are immediately read out and then written into the hard disk.

S104, when the test data writing into the fault memory address is detected, the CPU is used for interrupt processing.

Step S102 and step S103 are performed in a loop before the test data is written to the failed memory address until the test data is detected to be written to the failed memory address, at which time the central processing unit CPU generates an interrupt. In an ideal case, the memory fails, the CPU immediately generates interrupt processing, and step S103 is not executed, that is, the error data in the failed memory address is not read and written into the hard disk. However, if there is a delay in the interrupt processing of the CPU, the step S103 may continue to be performed during the delay time, which causes erroneous data in the failed memory address to remain and be written into the hard disk, thereby affecting the security of the data.

S105, comparing the content of the stored data in the hard disk with the content of the written test data to obtain a test result, wherein the test result is used for indicating whether the CPU interrupt delay meets the requirement that the error data does not fall off.

After the CPU performs interrupt processing, the content of the stored data in the hard disk is compared with the content of the written test data, so that a test result can be obtained.

In one implementation, the test results may be derived by comparing the sizes of the two data. For example, when the stored data in the hard disk is 32 bytes and the written test data is 40 bytes, it can be judged that one 8Byte test data is not written in the hard disk at this time, and it is determined that the 8Byte test data is the error data stored in the failed memory address, so that the CPU interrupt delay can be obtained to meet the requirement that the error data is not dropped. Otherwise, it can be determined that the CPU interruption delay does not meet the requirement that error data does not fall on the disk, and the data security is difficult to guarantee.

In another implementation, the test result may be obtained by comparing whether the contents of both data are the same. If all the test data and the data stored in the hard disk are the same in each bit of data, the CPU interrupt delay can be judged to meet the requirement that the error data does not fall on the disk. Otherwise, it can be determined that the CPU interrupt delay does not meet the requirement that the error data does not fall on the disk.

According to the method and the device, the test data are continuously read from the memory and written into the hard disk, after the CPU interruption is caused by the fault memory address, whether error data generated by the fault memory address exist in the hard disk is checked, and therefore whether the processing delay of the CPU interruption reaches the data safety requirement is detected. When the data passes through the fault memory address to generate error data, if the interruption is not timely, the error data can be written into the hard disk, and for the upper layer business, the data security is difficult to ensure. Compared with the traditional scheme that when a memory fault occurs, only the interrupt display error information is reported, the scheme of the embodiment of the application further detects the effectiveness of interrupt delay on the basis, and the CPU can generate interrupt in one instruction period under normal conditions by continuously writing test data with the preset byte number, and whether the CPU is interrupted timely is detected by using whether the error data falls down or not, so that data safety is detected. The detection content of the scheme of the embodiment of the application is more comprehensive and detailed.

Fig. 2 is a flow chart of a method for testing data security provided in the present application. Fig. 2 may be regarded as a specific example of the method shown in fig. 1. In the present embodiment, a 64-bit system is still illustrated.

S201, powering up the system.

The test is performed using a faulty memory known to generate UCE errors and capable of being started up normally, and the faulty memory address in the memory can be obtained by a diagnostic tool or the like, for example, the faulty memory address is 0x0001000000. It should be understood that the address values herein are merely examples.

S202, setting the fault memory address with UCE as the reserved memory of the system.

In the test process, the related memory address may be a physical address of a real memory or a virtual address corresponding to the physical address. That is, the test address field including the faulty memory address of the UCE is set as the system reserved memory, where the system reserved memory may be a physical address interval or a virtual address interval in which the physical address interval is mapped.

Specifically, in one implementation, before entering the operating system, a shortcut key or the like is used to enter the BIOS UEFI command line interface, so that all memory addresses used for testing are isolated by using physical memory, so as to prevent the memory addresses from being occupied by the operating system. By isolating the physical memory, the test address segment is isolated, e.g., at a faulty memory address of 0x0001000000, the isolated physical memory address interval may be 0x0000f00000 to 0x000f000000. It should be understood that the physical memory address intervals are merely examples, and may be set according to the actual situation of the memory.

In another implementation, all memory addresses used for testing are virtually address mapped prior to entering the operating system, thus eliminating the need to isolate physical memory. By way of example, the virtual address corresponding to the physical address may be obtained by applying for the hugpage virtual address through the mmap command, and the virtual memory may be used for testing.

After the system reserved memory is set, it is further checked whether the system reserved memory is occupied. After entering the operating system, checking whether the isolated physical memory is occupied by the operating system or not, and checking the state of the reserved memory of the system in a command line mode. For example, in a Linux system, the state of the reserved memory of the system can be obtained through a cat/proc/iomem command, and when the reserved memory of the system is detected to be occupied by an operating system, the address segment of the test memory is reselected, that is, the reserved memory of the system is reset.

S203, writing test data of all 0 'S or all 1' S8 Bytes into the reserved memory address. This step can be regarded as a specific example of step S102.

In one implementation, each bit of test data is a "0" or each bit of test data is a "1". Specifically, under a 64-bit operating system, the test data is data of all "0" or all "1" of 8 Byte.

S204, the 8Byte data is immediately written into the hard disk.

And writing the test data of 8Byte into the reserved memory of the system, and then reading and writing the test data into the hard disk from the reserved memory, so that the process of reading and writing the data is circularly executed until hardware interrupt processing is generated by using the CPU when the test data is written into the fault memory address in the reserved memory of the system, and the process of reading and writing the data is stopped.

S205, when the computer is abnormally interrupted or the program is run completely, the content of the hard disk file is checked.

An exception is generated after the data passes through the failed memory address, and at this time, the CPU generates interrupt reporting and interrupt processing. When a UCE interrupt is generated for reporting and processing, it is known that the data passes through the failed memory address and produces erroneous data, otherwise known as dirty data. By checking the stored data content in the hard disk, whether dirty data falls on the disk or not can be judged.

In one implementation, when interrupt processing is performed by the central processing unit CPU, a system event log is also generated, where the system event log is used to record error information generated by the CPU for UCE errors. The error information includes interrupt time, interrupt cause, and the like.

S206, judging whether the UCE dirty data of the memory is written into the hard disk.

And checking the data written into the hard disk, and judging whether the CPU interruption meets the requirement of data security by comparing the content of the data stored in the hard disk with the content of the written test data.

In one implementation, the data content in the hard disk may be checked by way of a command line. Illustratively, under the Linux system, the content may be checked using the universal command hexadump. It should be appreciated that other ways than command lines may be used to view the contents of the data already stored in the hard disk, and are not illustrated here.

Because the test data in the embodiment of the present application is the data with each bit being "0" or both being "1", when the data passes through the failed memory address, if the interrupt delay does not meet the data security requirement, the data with each bit being "1" appears in the data with all "0" or the data with each bit being "0" appears in the data with all "1". At this time, whether the UCE dirty data is written into the hard disk can be judged according to the content of the data.

S207, CPU interrupt processing delay does not meet the data security requirement.

When the content of the stored data in the hard disk is different from the content of the written test data, that is, when the test data is the data with each bit being 0, and the data with the bit being 1 appears in the stored data in the hard disk, the test result that the CPU interrupt processing delay does not meet the data safety requirement is judged. Or the test data is the data with each bit being 1, and when the data with the bit being 0 appears in the stored data content in the hard disk, the test result that the CPU interrupt processing delay does not meet the data safety requirement can be judged.

S208, the CPU interrupt processing delay meets the data security requirement.

When the content of the stored data in the hard disk is the same as the content of the written test data, that is, when the test data is the data with each bit being 0, and the content of the stored data in the hard disk is the data with each bit being 0, the test result that the CPU interrupt processing delay meets the data security requirement is judged at this time. Or when the test data is the data with each bit being 1, and the stored data content in the hard disk is the data with each bit being 1, the test result that the CPU interrupt processing delay meets the data safety requirement can be judged.

In the embodiment of the application, under the condition that a memory UCE is known, after an operating system is entered, test data of all 0's or all 1's are written into a preset test memory address segment from a start address, and the test data are synchronously written into a hard disk from the memory by using a CPU. After the test data is written into the hard disk through the memory fault address, the method reads the data in the address and writes the data into the hard disk, and after the data content of the hard disk file is checked, whether UCE error data of the memory can be written into the hard disk can be known, so that whether the CPU interrupt delay meets the data security is determined. The testing method can more comprehensively and carefully test whether the CPU interrupt delay processing meets the requirement when the memory fails, thereby ensuring the data safety.

Fig. 3 is a schematic block diagram of a method of testing data security provided herein. Fig. 3 can also be regarded as a specific example of the method shown in fig. 1. In the present embodiment, a 64-bit system is still illustrated.

Unlike the embodiment shown in fig. 2, the failed memory address in the embodiment shown in fig. 2 is a memory address that is known to generate an uncorrectable error UCE, whereas the failed memory address in the embodiment of the present application is a memory address that generates a UCE error by UCE error injection during writing of test data.

Specifically, the method of the embodiment of the application comprises the following steps:

s301, writing test data of all 0 'S or all 1' S into a system reserved memory through a CPU. This step may be regarded as a specific example of step S102, and will not be described here.

S302, reading test data from a system reserved memory through a CPU.

S303, the CPU writes the test data read from the system reserved memory into the hard disk. Step S302 and step S303 in combination may be regarded as a specific example of step S103, and will not be described here.

S304, during the loop execution of step S302 and step S303, UCE errors are generated in the reserved memory of the system by a UCE fault injection method.

UCE fault injection refers to a technical means of artificially introducing UCE errors or faults into a system to test its reliability, stability and fault tolerance. The original normal memory address is changed into a fault memory address through fault injection, and similarly, the memory address of the data subjected to fault injection is changed. At this time, whether the interrupt delay meets the requirement is judged by comparing the content of the stored data of the hard disk.

S305, the content of the stored data in the hard disk is checked.

When UCE fault injection occurs, the CPU ideally immediately generates an interrupt, and the data read from the faulty memory (error data) is not written to the hard disk. Therefore, by checking the content of the stored data in the hard disk, whether the interrupt delay meets the requirement of data security can be judged. The specific implementation process of this step refers to the description of step S105 or step S205 to step S208, and will not be repeated here.

The foregoing description of the method of the embodiments of the present application is provided primarily with reference to the accompanying drawings. It should be noted that all values presented above are only examples and do not limit the present application in any way. It should also be understood that, although the steps in the flowcharts related to the embodiments described above are shown in order, these steps are not necessarily performed in the order shown in the figures. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages. The apparatus according to the embodiments of the present application will be described below with reference to the accompanying drawings. For brevity, the description of the apparatus will be omitted appropriately, and the related content may refer to the related description in the description of the method above, and the description will not be repeated.

As shown in fig. 4, the apparatus 1000 includes a setting unit 1001, a processing unit 1002, and a comparing unit 1003. The apparatus 1000 is capable of performing any of the above methods of testing data security. For example, the setting unit 1001 may be used to perform step S101, the processing unit 1002 may be used to perform steps S102 to S104, and the comparing unit 1003 may be used to perform step S105. For another example, the setting unit 1001 may be used to perform step S202, the processing unit 1002 may be used to perform step S202 to step S205, and the comparing unit 1003 may be used to perform step S206 to step S208. For another example, the processing unit 1002 may be configured to perform steps S302 to S304, and the comparing unit 1003 may be configured to perform step S305.

In one implementation, the apparatus 1000 may further include a storage unit for storing data such as test data. The memory unit may be integrated in any one of the above units, or may be a unit independent of all the above units.

Fig. 5 is a schematic structural diagram of an electronic device provided in the present application. As shown in fig. 5, the electronic apparatus 3000 of this embodiment includes: at least one processor 3001 (only one is shown in fig. 5), a memory 3002, and a computer program 3003 stored in the memory 3002 and executable on the at least one processor 3001, the steps in the above embodiments being implemented by the processor 3001 when executing the computer program 3003.

The processor 3001 may be a central processing unit (Central Processing Unit, CPU), the processor 3001 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

Memory 3002 may be an internal storage unit of electronic device 3000 in some embodiments, such as a hard disk or memory of electronic device 3000. The memory 3002 may also be an external storage device of the electronic device 3000 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the electronic device 3000. Further, the memory 3002 may also include both internal storage units and external storage devices of the electronic device 3000. The memory 3002 is used for storing an operating system, application programs, boot Loader (Boot Loader) data, other programs, and the like, such as program codes of computer programs, and the like. The memory 3002 may also be used to temporarily store data that has been output or is to be output.

It should be noted that, because the content of information interaction and execution process between the above units is based on the same concept as the method embodiment of the present application, specific functions and technical effects thereof may be referred to in the method embodiment section, and will not be described herein again.

It will be apparent to those skilled in the art that the above-described functional units are merely illustrated in terms of division for convenience and brevity, and that in practical applications, the above-described functional units and modules may be allocated to different functional units or modules according to needs, i.e., the internal structure of the apparatus may be divided into different functional units or modules to perform all or part of the above-described functions. The functional units in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present application. The specific working process of the units in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.

The embodiments of the present application also provide a computer readable storage medium storing a computer program, where the computer program when executed by a processor implements steps of the foregoing method embodiments.

The computer readable medium may include at least: any entity or device capable of carrying computer program code to a camera device/electronic apparatus, a recording medium, a computer Memory, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a U-disk, removable hard disk, magnetic or optical disk, etc. In some jurisdictions, computer readable media may not be electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.

Embodiments of the present application provide a computer program product enabling the implementation of the above-mentioned methods when the computer program product is run on a computer. The computer program comprises computer program code which may be in source code form, object code form, executable file or in some intermediate form, etc.

The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application implements all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above.

It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way. In the description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.

It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It should also be understood that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.

Furthermore, in the description of the present application and the claims, the terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless otherwise specifically noted.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus, computer device, and method may be implemented in other manners. For example, the apparatus, computer device embodiments described above are merely illustrative, e.g., the partitioning of elements is merely a logical functional partitioning, and there may be additional partitioning in actual implementation, e.g., multiple elements or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.

The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims

1. A method of testing data security, applied to an electronic device, comprising:

writing test data into the test memory address field after entering the operating system of the electronic equipment, wherein the byte number of the test data is determined according to the size of the minimum data block of the operating system of the electronic equipment;

after each time of writing the test data, reading the data of the test memory address field, and immediately writing the read data into a hard disk;

when the test data is detected to be written into the fault memory address, a Central Processing Unit (CPU) is utilized to perform interrupt processing;

2. The method of claim 1, wherein each bit of the test data is a "0" or each bit of the test data is a "1".

3. The method of claim 1, wherein comparing the content of the stored data with the content of the written test data in the hard disk to obtain the test result comprises:

4. The method of claim 1, wherein the test memory address field is a physical address field or the test memory address field is a virtual address field in which the physical address field is mapped.

5. The method of claim 1, wherein the failed memory address comprises a first memory address and/or a second memory address, the first memory address being a memory address known to produce an unrepairable error UCE, the second memory address being a memory address that produced a UCE error by UCE error injection during writing of test data.

6. The method of claim 5, wherein the method further comprises:

when the CPU is used for carrying out interrupt processing, a system event log is generated, and the system event log is used for recording error information generated by the CPU aiming at UCE errors.

7. The method according to any one of claims 1 to 6, further comprising:

and when the test memory address segment is detected to be occupied by the operating system, reselecting the test memory address segment.

8. An apparatus for testing data security, comprising:

the processing unit is used for writing test data into the test memory address field after entering the operating system of the electronic equipment, and the byte number of the test data is determined according to the size of the minimum data block of the operating system of the electronic equipment; after each time of writing the test data, reading the data of the test memory address field, and immediately writing the read data into a hard disk; when the test data is detected to be written into the fault memory address, a Central Processing Unit (CPU) is utilized to perform interrupt processing;

9. An electronic device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor, when executing the computer program, causes the electronic device to implement the method of any one of claims 1 to 7.

10. A computer readable storage medium storing a computer program, characterized in that the computer program, when executed by an electronic device, implements the method of any one of claims 1 to 7.