Summary of the invention
The object of the present invention is to provide a kind of production image method for designing of the network equipment of support software safety on-line upgrade.
A kind of production image method for designing of the network equipment of support software safety on-line upgrade is characterized in that making full use of network processing unit online programming ability, by software safety on line security mechanism, makes up the VxWorks production image of support software online upgrading.Technical solution of the present invention is as follows:
Make full use of network processing unit online programming ability,, make up the VxWorks production image of support software online upgrading by software safety on line security mechanism.
Production image is divided into two parts, is kept at different local; Be divided into direct product map module and comprise the network equipment and use, can download the production image module of execution; Direct product map module is kept on the Flash chip, and the production image module that can download execution is kept at ftp server; To comprise the network equipment by direct product map module and use, can download the production image module process network download of execution to equipment and execution.
Comprise the secure file download module in direct product map module, this module realizes following effect: the authentication key by sharing, connect authentication between the ftp server and the network equipment, and pretend to be attack to prevent identity; After authentication, all interactive information are all carried out encipherment protection by traffic encryption key and the block encryption algorithm of sharing between the ftp server and the network equipment, prevent that the production image file transfer that can download execution from divulging a secret.
To link by compilation tool and generate an application target module with micro engine microcode map module, the StrongARM nuclear run time version module that network equipment application function is closely related, adopt the static linkage method with application target module and vxworks operating system link then, generate the production image file that to download execution; Upgrade this document by network, realize the software upgrading of networking products.
The application module that utilizes vxworks operating system to provide automatically performs DLL (dynamic link library), and the application module in the vxworks operating system core internal memory is called in programming---StrongARM nuclear run time version module and micro engine microcode map module; Utilize microcode downloader DLL (dynamic link library), realize the download and the execution of microcode map.
Call relation is as follows automatically between each software module of production image of the present invention: after the network equipment powers up, StrongARM nuclear automatically performs the direct product map that is arranged in the Flash chip, get through safe confidential corespondence channel by the secure file download module in this map, after the production image that can download execution downloads to internal memory from ftp server; Directly move this map then, automatically perform DLL (dynamic link library) by the application that provides in the OS module, call StrongARM nuclear run time version module, micro engine microcode map module downloads to micro engine and carries out the most at last.
1, general introduction
The network device architecture that the present invention relates to is as follows: select vxworks operating system for use, with the IXP1200 network processing unit is core processing unit, with Flash chip (Flash chip, can preserve the storage chip of memory contents after a kind of outage) as storage unit, the VxWorks production image of generation is kept in Flash chip and the ftp server.At this network device architecture design, propose to support IXP1200 network processing unit, the VxWorks production image method for designing of support software safety on-line upgrade.
The IXP1200 network processing unit adopts many CPU core structure, and computing unit examines (StrongARM nuclear, a kind of 32 CPU processor) by a StrongARM and six micro engines are formed, and each micro engine comprises 4 separate hardware threads.StrongARM nuclear and six micro engine shared drives and bus resource have equal opportunities.The application program of IXP1200 network processing unit is made up of two modules: StrongARM nuclear run time version module and micro engine microcode map module.StrongARM nuclear run time version module is responsible for agreement controlling layer and micro engine management.Micro engine microcode map module is responsible for the high-speed data packets of data plane and is handled.
The VxWorks production image generally includes BSP (BSP, Board Support Packet, plate support package) module, OS (OS, Operation System, operating system) module, application module.At the IXP1200 network processing unit, application module can be divided into StrongARM nuclear run time version module and micro engine microcode map module again.
2, technical essential design
2.1 VxWorks map type design
The Integrated Development Environment of vxworks operating system generates and can generate four types VxWorks map: VxWorks Boot map, VxWorks Downloadable map, ROM-Resident map, ROM-Based map.This method generates two kinds of maps (part) by the Integrated Development Environment of VxWorks: VxWorks Boot map and VxWorks Downloadable map.These two kinds of VxWorks maps are kept at different local: direct product map module piece VxWorks Boot map is kept on the Flash chip, comprise production image module VxWorks Downloadable map network equipment application function, that can download execution and be kept at (FTP on the ftp server, FileTransfer Protocol, file transfer protocol (FTP)).
After the network equipment powered up, StrongARM nuclear automatically performed the VxWorks Boot map that is arranged in the Flash chip, gets through the Network Transmission escape way by this map.By this Network Transmission escape way, VxWorks Downloadable map downloaded to Installed System Memory from ftp server after, directly move this map then.
2.2 VxWorks application module link
Micro engine microcode map module and StrongARM nuclear run time version module all belong to application module from the vxworks operating system view.Vxworks operating system provides the static linkage pattern and the dynamic link pattern of application module.This method is selected the static linkage pattern, at first micro engine microcode map module and StrongARM nuclear run time version module are generated an application target module by the compilation tool link, adopt the static linkage method that application target module, BSP module, OS Module Links are generated a VxWorks Downloadable map then.
In this manner, the invoked procedure of application target module is as follows: VxWorks Boot map downloads to internal memory with VxWorks Downloadable map from ftp server, the application module that utilizes VxWorks to provide then automatically performs DLL (dynamic link library), directly the application module in the call operation system core internal memory---StrongARM nuclear run time version module and micro engine microcode map module.
2.3 the VxWorks application module automatically performs
Be based on design of the VxWorks production image of IXP1200 network processing unit and main difference: except micro engine microcode map module being statically linked to vxworks operating system based on the typical VxWorks production image design of single 32 bit CPUs, also microcode must be downloaded to micro engine, and start execution.In the microengine code debug process, be responsible for download, the execution management work of microcode by the microcode developing instrument.In the VxWorks production image design phase, must solve the microcode operational management of micro engine.
The micro engine management DLL (dynamic link library) that provides in the StrongARM nuclear Software Development Library is provided, just can be realized the download and the execution of microcode map.The microcode operational management module of micro engine is carried out as follows: microcode downloader library initialization, micro engine initialization, microcode image file are written into internal memory, stop the micro engine thread, the microcode map writes micro engine, activate micro engine and corresponding port, release microcode object indexing.
This method proposes: the application module that utilizes VxWorks Downloadable map to provide automatically performs DLL (dynamic link library), at first call the relevant initialization function in the StrongARM nuclear run time version module, dispose the initialization context of micro engine micro code program operation, carry out the microcode operational management module of micro engine then.
2.4 on-line software updating security mechanism design
Owing to comprised micro engine microcode map module and StrongARM nuclear run time version module in the VxWorks Downloadable map; belong to the core processing software module; so during from ftp server download VxWorks Downloadable map; should take safety protecting mechanism, prevent that transmission in the network service from divulging a secret and palm off the identity upgrading.
The on-line software updating secure scheme is made up of following components:
(1) shared secret is to generating
For the unique device identification numbering of each devices allocation, generate a set of cipher key simultaneously.Comprise two keys in the set of cipher key, authentication key, traffic encryption key.The authentication key is used for ftp server verifying apparatus identity; Traffic encryption key is used for all groupings of communication process are encrypted.Corresponding one by one between set of cipher key, device identification numbering, the equipment.Authentication, transmission are encrypted and are adopted unified block encryption algorithm.
(2) authentication
When connecting between equipment and the ftp server, ftp server utilizes the three-way handshake agreement that equipment is carried out authentication.When equipment after ftp server sends authentication request, beginning three-way handshake authentication: after the ftp server authentication request, transmit a random number to equipment; Equipment is encrypted this random number with the authentication key of sharing, and will encrypt back result and device identification numbering then and send to ftp server; Ftp server is numbered according to device identification, searches the set of cipher key of equipment, checks this result with the authentication secret key decryption of sharing, and sends authentication success or failure to the client.Cryptographic algorithm adopts block encryption algorithm.
(3) VxWorks Downloadable image file is downloaded
The authentication of receiving ftp server when equipment is by after the message, and the traffic encryption key that all communications all will adopt both sides to share between equipment and the ftp server carries out encipherment protection, sets up safe confidential corespondence channel between equipment and ftp server.Should contain unencrypted device identification number information in the enciphered data message, select the traffic encryption key of relevant device that the encrypt data that equipment sends is decrypted for ftp server.VxWorks Downloadable map downloads to equipment by safety confidential corespondence channel from ftp server.
3, realize technical scheme
Technical essential realizes on the analysis foundation in front, but the inventor thinks and comprises following key element and step thereof based on IXP1200 network processing unit, VxWorks production image implementation method with safety guarantee online upgrading:
● the Integrated Development Environment by VxWorks generates two kinds of maps: VxWorks Boot map and VxWorks Downloadable map.VxWorks Boot map is kept on the Flash chip.VxWorks Downloadable map is kept on the ftp server.
● secure file download module design: generate the shared secret key in advance; The authentication key of ftp server by sharing finished the connection authentication to the network equipment, prevents that identity from pretending to be attack; After authentication, all interactive information are all carried out encipherment protection by traffic encryption key and the block encryption algorithm of sharing between the network ftp server and the network equipment, prevent that the transmission of VxWorks Downloadable map from divulging a secret.The secure file download module is included in VxWorks Boot map.
● VxWorks Downloadable map generates: at first micro engine microcode map module and StrongARM nuclear run time version module are generated the application target module by the compilation tool link, adopt the static linkage method that BSP module, the OS Module Links of application target module and VxWorks are generated a VxWorks Downloadable map then.
● utilize VxWorks to provide application module to automatically perform DLL (dynamic link library), directly call the application module in the vxworks operating system core internal memory---StrongARM nuclear run time version module and micro engine microcode map module.
● utilize microcode downloader DLL (dynamic link library), realize the download and the execution of microcode map.The microcode operational management module of micro engine is carried out as follows: microcode downloader library initialization, micro engine initialization, microcode image file are written into internal memory, stop the micro engine thread, the microcode map writes micro engine, activate micro engine and corresponding port, release microcode object indexing.
● each calling software module relation of production image of the present invention is as follows: after the network equipment powers up, StrongARM nuclear automatically performs the VxWorks Boot map that is arranged in the Flash chip, get through safe confidential corespondence channel by the secure file download module in this map, VxWorks Downloadable map is downloaded to internal memory from ftp server after; Directly move this map then.Automatically perform DLL (dynamic link library) by the application that provides in the OS module, call StrongARM nuclear run time version module, micro engine microcode map module downloads to micro engine and carries out the most at last.
4, conclusion
The present invention is a kind of support software safety on-line upgrade, based on the VxWorks production image method for designing of IXP1200 network processing unit.Typical VxWorks production image design is primarily aimed at the hardware mainboard that constitutes based on single 32 bit CPUs.The hardware platform that adopts network processing unit to constitute then is distinct hardware architecture.In VxWorks production image when design at the hardware platform of design processor Network Based, need to consider following new problem: how to allow the VxWorks production image support network processing unit based on multi-CPU structure; How to make full use of network processing unit online programming ability, make up the VxWorks production image of support software online upgrading; How to ensure the security of on-line software updating process.This method has comprehensively solved above-mentioned three technical matterss, and has been applied in real network equipment at the network equipment based on IXP1200 network processing unit and vxworks operating system.Technical field of the present invention is a computer network communication.