CN206649517U - Server credible platform measures control system and the server including the system - Google Patents

Server credible platform measures control system and the server including the system Download PDF

Info

Publication number
CN206649517U
CN206649517U CN201720312791.0U CN201720312791U CN206649517U CN 206649517 U CN206649517 U CN 206649517U CN 201720312791 U CN201720312791 U CN 201720312791U CN 206649517 U CN206649517 U CN 206649517U
Authority
CN
China
Prior art keywords
code
switch
spi flash
server
tpcm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201720312791.0U
Other languages
Chinese (zh)
Inventor
黄坚会
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huada Semiconductor Co Ltd
Original Assignee
Huada Semiconductor Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huada Semiconductor Co Ltd filed Critical Huada Semiconductor Co Ltd
Priority to CN201720312791.0U priority Critical patent/CN206649517U/en
Application granted granted Critical
Publication of CN206649517U publication Critical patent/CN206649517U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

It the utility model is related to a kind of server credible platform measurement control system and the server including the system.The server credible platform measurement control system includes:First switch, it is arranged between baseboard management controller and the first SPI Flash, wherein the first SPI Flash is used to store the first code for baseboard management controller;Second switch, it is arranged between South Bridge chip and the second SPI Flash, wherein the second SPI Flash is used to store the second code for South Bridge chip;And TPCM modules, it is connected with the first SPI Flash and the second SPI Flash for carrying out confidence evaluation to code at least a portion in the first SPI Flash and the second SPI Flash, wherein the TPCM modules are connected with the control terminal of first switch and second switch to control the switch of first switch and second switch.The server includes the system.

Description

Server credible platform measures control system and the server including the system
Technical field
The utility model relates generally to information security field, measures and controls in particular to a kind of server credible platform System processed and the server including the system.
Background technology
Basic input output system (English:Basic Input Output System, BIOS) hereinafter referred to as start generation Code, is the program on one group of rom chip being cured in computer on mainboard, and its in store computer is most important to be used for substantially Self-check program and system self-triggered program after the programs of input and output, start.Read-write system it can be set from CMOS by BIOS Specifying information.BIOS major function is to provide the bottom, most direct hardware setting and control for computer.Now, BIOS has turned into the target of some viral wooden horses.Distorted once BIOS is destroyed, often result in serious consequence, or even hardware damage It is bad.
Baseboard management controller (English:Baseboard Management Controller, BMC) it is the one of server Individual important nextport hardware component NextPort, it monitors the state of server or other hardware driving equipment using sensor, and by only Vertical connection line communicates with system manager, and the software operated on BMC is referred to as BMC codes.BMC is that intelligent platform control connects Mouth (English:Intelligent Platform Management Interface, IPMI) a part and be generally positioned On server master board.If BMC codes are for example distorted by the malicious parties of such as hacker etc by virus attack, malicious parties Can passes through the whole server system of remote control.
Credible platform module (Trusted Platform Module, TPM) is a kind of hardware device, and it is with calculating owner Plate is connected, for verifying identity and handling the variable used by computer in trusted computation environment.TPM and it is stored therein Data generally separate with all other component of computer.
However, the credible platform module of the prior art for server is that one dominated by server master board is independent Module, therefore it can not ensure the integrality of the BIOS and BMC codes on server master board.And got in BIOS and BMC Come today that is more easy to be under attack and distorting, traditional TPM cannot be guaranteed the credibility of server platform.
Recently, it is proposed that for the credible platform control module for being measured to the BMC of server and (identifying or verify) (Trusted Platform Control Module, TPCM) and correlation method, such as entitled " a kind of real based on TPCM The Chinese patent of the method for existing BMC integrity measurements ", which discloses, discloses a kind of such method in CN105550579A, wherein TPCM SM3 algoritic modules are called to carry out integrity measurement to BMC startup program to judge whether BMC programs are complete, if It is imperfect, prompt user platform to be incredible and perform abnormality processing.However, lacked possessed by such TPCM or method Point is 1) power supply to BMC Flash carries out expected control (such as the upper electric precedence of control), this aspect meeting Electric BMC Flash circuits are caused to produce interference to TPCM measurement, on the other hand, BMC may be spent in its code Respective code has just been have read before amount so that BMC still may perform tampered code, so as to threaten the credible of platform Degree;2) other main control devices are not isolated when being measured to a main control device, this is likely to result in master control and set Standby abnormality, for example, in the case where being not isolated from, when TPCM reads BMC codes as BMC Flash main control devices, south Bridge can also be in main control device state, and so same Flash equipment is simultaneously in the presence of the connection of two main control devices can not normal work Make, its consequence is also difficult to expect.
Utility model content
From prior art, task of the present utility model is to provide a kind of server credible platform measurement control system, By the system, it can prevent electric BMC or South Bridge chip from producing interference to TPCM modules, and prevent BMC and CPU to not Code through measurement carries out undesirable reading, can moreover it is possible to reduce use so as to ensure the credible running environment of server Believe the improvement cost needed for platform metrics scheme.
Of the present utility model in a first aspect, the task measures control system to solve by a kind of server credible platform Certainly, the system includes:
First switch, it is arranged between baseboard management controller and the first SPI Flash, wherein the first SPI Flash is used for Store the first code for baseboard management controller;
Second switch, it is arranged between South Bridge chip and the second SPI Flash, is used wherein the second SPI Flash is used to store In the second code of South Bridge chip;And
TPCM modules, it is connected for the first SPI Flash and the 2nd SPI with the first SPI Flash and the second SPI Flash Code at least a portion in flash memory carries out confidence evaluation, wherein the TPCM modules and the control of first switch and second switch End processed is connected to control the switch of first switch and second switch.
Measuring control system or method according to server credible platform of the present utility model at least has following advantages:(1) By system of the present utility model or method, the BMC and startup code of server can be measured, so as to prevent because of operation Tampered code and influence the confidence level of system context;(2) by TPCM measure first code during disconnect BMC with Signal connection between first SPI Flash and disconnection South Bridge chip and the second SPI Flash during TPCM measures second code Between signal connection, can prevent electric BMC or South Bridge chip from producing to TPCM modules to disturb and prevent BMC and south simultaneously Reading of the bridge chip to the code without measurement, so as to ensure that credible running environment;(3) by BMC and the first SPI Flash Between signal connection on arrange in first switch and signal connection between South Bridge chip and the second SPI Flash and arrange the Two switches connect to interrupt and connect the signal, can reduce the improvement cost needed for using credible platform metric scheme, this Be because with being modified to the energy supply control module of mainboard come compared with postponing BMC and South Bridge chip upper electricity, by switch come Cut-off signal connection can be realized simply without carrying out larger change to mainboard chip, thus reduce improvement cost.
Provided in a preferred scheme of the present utility model, the first read port and the first SPI Flash of TPCM modules Connect and TPCM the second read port is connected with the second SPI Flash, and TPCM is additionally configured to perform following action:
It is consistent with the first reference Hash values in the first hashed value and when the second hashed value is consistent with the second reference Hash values Disconnect the connection between TPCM modules and the first SPI Flash by disabling the first read port and read by disabling second Port disconnects the connection between TPCM modules and the second SPI Flash.
Passing through the preferred scheme, it is possible to achieve TPCM modules are measured to parallel (simultaneously) of BMC codes and startup code, from And improve measurement speed;Meanwhile by disabling the first read port and the second read port after measuring successfully, it can prevent TPCM modules disturb the reading of BMC and South Bridge chip to respective code.But the program needs TPCM modules equipped with two readings Take port.
Provided in another preferred scheme of the present utility model, server credible platform measurement control system also includes selection Switch, the first choice input of the selecting switch are connected with the first SPI Flash, and the second selection of the selecting switch Input is connected with the second SPI Flash, and the output end of the selecting switch is connected with the flash memory read port of TPCM modules, And TPCM modules are additionally configured to perform following action:
The signal behavior control terminal of selecting switch is encouraged so that the flash memory read port of TPCM modules and the first SPI Flash to be connected Connect so that TPCM modules can read at least a portion of first code from the first SPI Flash;
The signal behavior control terminal of selecting switch is encouraged so that the flash memory read port of TPCM modules and the second SPI Flash to be connected Connect so that TPCM modules can read at least a portion of second code from the second SPI Flash;And
It is consistent with the first reference Hash values in the first hashed value and when the second hashed value is consistent with the second reference Hash values Encourage the signal behavior control terminal of selecting switch with by the flash memory read port of TPCM modules from the first SPI Flash and the 2nd SPI Flash memory disconnects.
Pass through the preferred scheme, it is possible to achieve TPCM modules are most to BMC codes and the successive measurement for starting code, the program It is slower that pipe measures speed compared with parallel scheme, but only needs TPCM modules to be equipped with single flash memory read port;This Outside, by disconnecting the flash memory read port of TPCM modules from the first SPI Flash and the second SPI Flash after measuring successfully, It is also possible to prevent the reading of the interference of TPCM modules BMC and South Bridge chip to respective code.
Provided in an expansion scheme of the present utility model, described at least a portion of first code is in first code Key code and/or described at least a portion of second code be key code in second code.Key code for example may be used To be the core in first code and second code.By the expansion scheme, data processing amount can be reduced, so as to improve Measure speed.
Provided in another expansion scheme of the present utility model, first switch, second switch and selecting switch select 1 choosing for 2 Logical device, wherein the two of first switch and second switch select one of input to be suspended, and two of selecting switch selections are defeated Enter end to be connected with the first SPI Flash and the second SPI Flash respectively.By the preferred scheme, can be realized with unified device above-mentioned Three switch elements, so as to reduce hardware cost.
In second aspect of the present utility model, foregoing task is realized by a kind of server, and the server includes root Control system is measured according to server credible platform of the present utility model.
By the server, aforementioned advantages can be equally realized, you can to prevent upper electric BMC or South Bridge chip to TPCM Module produces interference, and prevents BMC from carrying out undesirable reading to the code without measurement, so as to ensure the credible of server Running environment, moreover it is possible to reduce the improvement cost needed for using credible platform metric scheme.
In the third aspect of the present utility model, foregoing task is used for the measurement control of runtime server credible platform by one kind The method of system solves, and wherein server credible platform measurement control system includes:First switch, it is arranged in substrate pipe Manage between controller and the first SPI Flash, wherein the first SPI Flash is used to store the first generation for baseboard management controller Code;Second switch, it is arranged between South Bridge chip and the second SPI Flash, wherein the second SPI Flash, which is used to store, is used for south bridge The second code of chip;And TPCM modules, it is connected with the first SPI Flash and the second SPI Flash, and this method includes:
To electric in TPCM modules;
Disconnect first switch and second switch;
At least a portion of first code is read from the first SPI Flash by TPCM modules and from the second SPI Flash Read at least a portion of second code and generate at least one of first hashed value and the second generation of first code At least one of second hashed value of code;
First hashed value is compared with the first reference Hash values by TPCM modules and joined the second hashed value and second Hashed value is examined to compare;And
It is consistent with the first reference Hash values in the first hashed value and when the second hashed value is consistent with the second reference Hash values Close first switch and second switch so that baseboard management controller can load first code and South Bridge chip can load Second code.
With it, it can equally realize aforementioned advantages, you can to prevent upper electric BMC or South Bridge chip to TPCM moulds Block produces interference, and prevents BMC from carrying out undesirable reading to respective code, so as to ensure the credible operation ring of server Border, moreover it is possible to reduce the improvement cost needed for using credible platform metric scheme.
Provided in a preferred scheme of the present utility model, the first read port and the first SPI Flash of TPCM modules Connect and TPCM the second read port is connected with the second SPI Flash, and this method also includes:
It is consistent with the first reference Hash values in the first hashed value and when the second hashed value is consistent with the second reference Hash values The first read port is disabled to disconnect the connection between TPCM modules and the first SPI Flash and disable the second read port with disconnected Open the connection between TPCM modules and the second SPI Flash.
Passing through the preferred scheme, it is possible to achieve TPCM modules are measured to parallel (simultaneously) of BMC codes and startup code, from And improve measurement speed;Meanwhile by disabling the first read port and the second read port after measuring successfully, it can prevent TPCM modules disturb the reading of BMC and South Bridge chip to respective code.But the program needs TPCM modules equipped with two readings Take port.
Provided in another preferred scheme of the present utility model, the first choice input of the selecting switch and first SPI Flash is connected, and the second selection input of the selecting switch is connected with the second SPI Flash, and the selection is opened The output end of pass is connected with the flash memory read port of TPCM modules, and this method also includes:
The signal behavior control terminal of selecting switch is encouraged so that the flash memory read port of TPCM modules and the first SPI Flash to be connected Connect so that TPCM modules can read at least a portion of first code from the first SPI Flash;
The signal behavior control terminal of selecting switch is encouraged so that TPCM flash memory read port to be connected with the second SPI Flash, TPCM modules are enabled to read at least a portion of second code from the second SPI Flash;And
It is consistent with the first reference Hash values in the first hashed value and when the second hashed value is consistent with the second reference Hash values Encourage the signal behavior control terminal of selecting switch with by TPCM flash memory read port from the first SPI Flash and the second SPI Flash Disconnect.
Pass through the preferred scheme, it is possible to achieve TPCM modules are most to BMC codes and the successive measurement for starting code, the program It is slower that pipe measures speed compared with parallel scheme, but only needs TPCM modules to be equipped with single flash memory read port;This Outside, by disconnecting the flash memory read port of TPCM modules from the first SPI Flash and the second SPI Flash after measuring successfully, It is also possible to prevent the reading of the interference of TPCM modules BMC and South Bridge chip to respective code.
Provided in an expansion scheme of the present utility model, described at least a portion of first code is in first code Key code and/or described at least a portion of second code be key code in second code.Key code for example may be used To be the core in first code and second code.By the expansion scheme, data processing amount can be reduced, so as to improve Measure speed.
Brief description of the drawings
Fig. 1 shows the first embodiment that control system is measured according to server credible platform of the present utility model;
Fig. 2 shows the second embodiment that control system is measured according to server credible platform of the present utility model;
Fig. 3 shows the according to the method for the present utility model for runtime server credible platform measurement control system One embodiment;And
Fig. 4 shows the according to the method for the present utility model for runtime server credible platform measurement control system Two embodiments.
Embodiment
Fig. 1 shows the first embodiment that control system 100 is measured according to server credible platform of the present utility model.
As shown in figure 1, server credible platform measurement control system 100 includes first switch 101, it is arranged in substrate pipe Manage between controller BMC 106 and the first SPI Flash 104, wherein the first SPI Flash 104, which is used to store, is used for substrate management control The first code of device processed.First switch 101 both can be regular tap, or 2 select 1 gate, wherein selecting 1 gating 2 One of two selection inputs of first switch 101 are suspended in the case of device, and by between two selection inputs Switch to realize switching manipulation.
Server credible platform measurement control system 100 also include second switch 102, its be arranged in South Bridge chip 107 and Between second SPI Flash 105, wherein the second SPI Flash 105 is used to store the second code for South Bridge chip.Second switch 102 both can be regular tap, or 2 select 1 gate, wherein first switch 102 in the case of selecting 1 gate 2 Two select one of input to be suspended, and by selecting to switch to realize switching manipulation between input at two.
In addition, server credible platform measurement control system 100 also includes TPCM modules (credible platform control module) 103.TPCM modules 103 have the first read port 109 and the second read port 110, its respectively with the first SPI Flash 104 and Second SPI Flash 105 is connected for being enabled in port 109 and 110 in the case of (enabled) to the He of flash memory 104 105 are read out.And in the case of port 109 and 110 disabled (disabled), the SPI Flash of TPCM modules 103 and first 104 and second SPI Flash 105 disconnect.
TPCM modules 103 are configured as performing following action:
First switch 101 and second switch 102 are disconnected after electricity in TPCM modules 103, so as to prevent upper electric BMC 106 and operation (such as flash memory read and code metric) of the South Bridge chip 107 to TPCM modules produce and disturb and prevent upper electricity BMC 106 and South Bridge chip 107 code without measurement is read from the first SPI Flash 104 and the second SPI Flash 105.
At least a portion of first code is read from the first SPI Flash 104 and is read from the second SPI Flash 105 At least a portion of second code is taken, and generates at least one of first hashed value and second code of first code At least one of second hashed value.Described at least a portion of first code is preferably the key in first code Described at least a portion of code (such as core in code) and second code is preferably the pass in second code Key code, so as to reduce data processing amount, so as to improve measurement speed.
First hashed value is compared with the first reference Hash values and by the second hashed value and the second reference Hash values Compare.
It is consistent with the first reference Hash values in the first hashed value and the second hashed value is consistent with the second reference Hash values When disconnect the connection between the SPI Flash 104 of TPCM modules 103 and first by disabling the first read port 109 and pass through The second read port 110 is disabled to disconnect the connection between the SPI Flash 105 of TPCM modules 103 and second, so as to prevent TPCM Module 103 disturbs the reading of BMC 106 and South Bridge chip 107 to respective code.
Close first switch 101 and second switch 102 so that BMC 106 can load first code and south bridge core Piece 107 can load second code.Here, after first switch 101 or second switch 102 close, can be by such as TPCM Module 103 sends code to BMC 106 and South Bridge chip 107 respectively and reads instruction, such as to BMC 106 and South Bridge chip 107 Reseting port send reset signal to indicate that they read code from the first flash memory 103 and the second flash memory respectively.
When measuring successfully and after BMC 106 and the loading respective code of south bridge core 107, CPU 108 performs respective code, And making electricity on the miscellaneous equipment of server master board, system is subsequently into credible running environment.
If on the contrary, unsuccessful to the measurement of first code or second code, perform abnormality processing or make server Lower electricity is restarted.
From above it is known that in the first embodiment, it is possible to achieve code and south of the TPCM modules 103 to BMC 106 Parallel (simultaneously) measurement of the code of bridge chip 107, so as to improve measurement speed;Meanwhile by being disabled after measuring successfully First read port 109 and the second read port 110, it can prevent TPCM modules 103 from disturbing BMC 106 and South Bridge chip 107 Reading to respective code.But the program needs TPCM modules 103 equipped with two read ports 109 and 110.
Fig. 2 shows the second embodiment that control system 100 is measured according to server credible platform of the present utility model.
The difference of Fig. 2 second embodiment and Fig. 1 embodiment is that server credible platform measures control system 100 Also including selecting switch 111, the first choice input 112 of the selecting switch 111 is connected with the first SPI Flash 104, and Second selection input 113 of the selecting switch 111 is connected with the second SPI Flash 105, and the selecting switch 111 Output end 114 is connected with the flash memory read port 115 of TPCM modules 103.Selecting switch 111 can 2 select 1 gate.
TPCM modules 103 are additionally configured to perform following action:
First switch 101 and second switch 102 are disconnected after electricity in TPCM modules 103, so as to prevent upper electric BMC 106 and operation (such as flash memory read and code metric) of the South Bridge chip 107 to TPCM modules produce and disturb and prevent upper electricity BMC 106 and South Bridge chip 107 code without measurement is read from the first SPI Flash 104 and the second SPI Flash 105.
Encourage selecting switch 111 signal behavior control terminal (not shown) with by the flash memory of TPCM modules 103 read end Mouth 115 is connected with the first SPI Flash 104 so that TPCM modules 103 can read first code from the first SPI Flash 104 At least partially.
At least a portion of first code is read from the first SPI Flash 104.
The signal behavior control terminal of selecting switch 111 is encouraged with by the flash memory read port 115 of TPCM modules 103 and the Two SPI Flashes 105 connect so that TPCM modules 103 can read at least one of second code from the second SPI Flash 105 Point;
At least a portion of second code is read from the second SPI Flash 105.
Generate described at least a portion of at least one of first hashed value and second code of first code The second hashed value.Described at least a portion of first code is preferably key code in first code (such as in code Core) and described at least a portion of second code be preferably key code in second code, so as to reduce Data processing amount, so as to improve measurement speed.
First hashed value is compared with the first reference Hash values and by the second hashed value and the second reference Hash values Compare.
It is consistent with the first reference Hash values in the first hashed value and the second hashed value is consistent with the second reference Hash values The signal behavior control terminal of Shi Jili selecting switch with by the flash memory read port 115 of TPCM modules 103 from the first SPI Flash 104 and second SPI Flash 105 disconnect, so as to prevent TPCM modules 103 from disturbing BMC 106 and South Bridge chip 107 to respective code Reading.
Close first switch 101 and second switch 102 so that baseboard management controller BMC 106 can load first Code and South Bridge chip 107 can load second code.
When measuring successfully and after BMC 106 and the loading respective code of south bridge core 107, CPU 108 performs respective code, And making electricity on the miscellaneous equipment of server master board, system is subsequently into credible running environment.
If on the contrary, unsuccessful to the measurement of first code or second code, perform abnormality processing or make server Lower electricity is restarted.
From above it is known that in a second embodiment, it is possible to achieve code and south of the TPCM modules 103 to BMC 106 The successive or sequential metrics of the code of bridge chip 107, the program is slower although measuring speed compared with parallel scheme, but only TPCM modules 103 are needed to be equipped with single flash memory read port 115;In addition, by after measuring successfully by TPCM modules 103 flash memory read port 115 disconnects from the first SPI Flash 104 and the second SPI Flash 105, is also possible to prevent TPCM modules Readings of 103 the interference BMC 106 and South Bridge chip 107 to respective code.
Measuring control system 100 according to server credible platform of the present utility model at least has following advantages:(1) pass through System of the present utility model, the BMC 106 and startup code of server can be measured, it is tampered because running so as to prevent Code and influence the confidence level of system context;(2) by disconnecting BMC during TPCM modules 103 measure first code 106 and first signal connection between SPI Flash 104 and disconnect south bridge core during TPCM modules 103 measure second code Signal connection between the SPI Flash 105 of piece 107 and second, can prevent electric BMC 106 or South Bridge chip to TPCM modules 103 produce interference and prevent the reading of BMC 106 and South Bridge chip 107 to the code without measurement simultaneously, can so as to ensure that Believe running environment;(3) by arranging first switch 101 simultaneously in the signal connection between the SPI Flashes 104 of BMC 106 and first And second switch 102 is arranged to interrupt and connect institute in the signal connection between the SPI Flash 105 of South Bridge chip 107 and second State signal connection, the improvement cost needed for using credible platform metric scheme can be reduced because with the power supply to mainboard Control module is modified to be compared to postpone BMC with the upper electricity of South Bridge chip, by switching come cut-off signal connection without to master Board chip carries out larger change, but can simply realize, thus reduces improvement cost.
Fig. 3 shows the according to the method for the present utility model for runtime server credible platform measurement control system One embodiment 300.
In step 302, first switch 101 and second switch 102 are disconnected after electricity in TPCM modules 103, so as to prevent The operation (such as flash memory is read and code metric) of upper electric BMC 106 and South Bridge chip 107 to TPCM modules produces interference simultaneously And prevent electric BMC 106 and South Bridge chip 107 from reading non-longitude from the first SPI Flash 104 and the second SPI Flash 105 The code of amount.
In step 304, read by TPCM 103 from the first SPI Flash 104 first code at least a portion and from At least a portion of second code is read in second SPI Flash 105.
In step 306, at least one of first hashed value and the second generation of first code are generated by TPCM 103 At least one of second hashed value of code.Described at least a portion of first code is preferably the pass in first code Described at least a portion of key code (such as core in code) and second code is preferably in second code Key code, so as to reduce data processing amount, so as to improve measurement speed.
In step 308, the first hashed value is compared with the first reference Hash values by TPCM 103 and hashed second Value is compared with the second reference Hash values.
In step 310, and second hashed value consistent with the first reference Hash values in the first hashed value is with second with reference to scattered When train value is consistent the connection between the SPI Flash 104 of TPCM modules 103 and first is disconnected by disabling the first read port 109 And the connection between the SPI Flash 105 of TPCM modules 103 and second is disconnected by disabling the second read port 110, so as to anti- Only TPCM modules 103 disturb the reading of BMC 106 and South Bridge chip 107 to respective code.
Step 312, first switch 101 and second switch 102 are closed so that BMC 106 can load first code and South Bridge chip 107 can load second code.
Then method 300 terminates, and BMC 106 and south bridge core 107 load respective code, and then CPU 108 performs phase Code is answered, and electricity, system on the miscellaneous equipment of server master board is finally entered credible running environment.
If on the contrary, unsuccessful to the measurement of first code or second code, perform abnormality processing or make server Lower electricity is restarted.
Fig. 4 shows the according to the method for the present utility model for runtime server credible platform measurement control system Two embodiments 400.
In step 402, first switch 101 and second switch 102 are disconnected after electricity in TPCM modules 103, so as to prevent The operation (such as flash memory is read and code metric) of upper electric BMC 106 and South Bridge chip 107 to TPCM modules produces interference simultaneously And prevent electric BMC 106 and South Bridge chip 107 from reading non-longitude from the first SPI Flash 104 and the second SPI Flash 105 The code of amount.
In step 404, the signal behavior control terminal (not shown) of selecting switch 111 is encouraged with by the sudden strain of a muscle of TPCM modules 103 Deposit read port 115 to be connected with the first SPI Flash 104 so that TPCM modules 103 can read from the first SPI Flash 104 At least a portion of one code.
In step 406, at least a portion of first code is read from the first SPI Flash 104 by TPCM 103.
In step 408, the signal behavior control terminal of selecting switch 111 is encouraged so that the flash memory of TPCM modules 103 is read into end Mouth 115 is connected with the second SPI Flash 105 so that TPCM modules 103 can read second code from the second SPI Flash 105 At least partially;
In step 410, at least a portion of second code is read from the second SPI Flash 105 by TPCM 103.
In step 412, at least one of first hashed value and the second generation of first code are generated by TPCM 103 At least one of second hashed value of code.Described at least a portion of first code is preferably the pass in first code Described at least a portion of key code (such as core in code) and second code is preferably in second code Key code, so as to reduce data processing amount, so as to improve measurement speed.
In step 414, the first hashed value is compared with the first reference Hash values by TPCM 103 and hashed second Value is compared with the second reference Hash values.
In step 416, and second hashed value consistent with the first reference Hash values in the first hashed value is with second with reference to scattered The signal behavior control terminal of selecting switch is encouraged when train value is consistent with by the flash memory read port 115 from first of TPCM modules 103 The SPI Flash 105 of SPI Flash 104 and second disconnects, so as to prevent TPCM modules 103 from disturbing BMC 106 and South Bridge chip 107 right The reading of respective code.
In step 418, first switch 101 and second switch 102 are closed so that baseboard management controller BMC 106 can Load first code and South Bridge chip 107 can load second code.
Then method 400 terminates, and BMC 106 and south bridge core 107 load respective code, and then CPU 108 performs phase Code is answered, and electricity, system on the miscellaneous equipment of server master board is finally entered credible running environment.
If on the contrary, unsuccessful to the measurement of first code or second code, perform abnormality processing or make server Lower electricity is restarted.
Although some embodiments of the present utility model are described in present specification, to this area It is obvious to the skilled person that these embodiments are merely possible to shown in example.It may occur to persons skilled in the art that Numerous flexible program, alternative solution and improvement project and without departing from the scope of the utility model.Appended claims are intended to The scope of the utility model is limited, and thereby covers method and knot of these claims in itself and its in the range of equivalents Structure.

Claims (5)

1. a kind of server credible platform measures control system, including:
First switch, it is arranged between baseboard management controller and the first SPI Flash, wherein the first SPI Flash is used to store First code for baseboard management controller;
Second switch, it is arranged between South Bridge chip and the second SPI Flash, wherein the second SPI Flash, which is used to store, is used for south The second code of bridge chip;And
TPCM modules, it is connected for the first SPI Flash and the second SPI Flash with the first SPI Flash and the second SPI Flash In code at least a portion carry out confidence evaluation, wherein the TPCM modules and first switch and the control terminal of second switch Connect to control the switch of first switch and second switch.
2. server credible platform according to claim 1 measures control system, in addition to selecting switch, the selection are opened The first choice input of pass is connected with the first SPI Flash, and the second selection input of the selecting switch and the 2nd SPI Flash memory is connected, and the output end of the selecting switch is connected with the flash memory read port of TPCM modules.
3. the server credible platform measurement control system according to one of claim 1 to 2, wherein first code is described At least a portion is that described at least a portion of key code in first code and/or second code is pass in second code Key code.
4. the server credible platform measurement control system according to one of claim 1 to 2, wherein first switch, second Switch and selecting switch select 1 gate for 2, and wherein the two of first switch and second switch select one of input to be suspended, And two selection inputs of selecting switch are connected with the first SPI Flash and the second SPI Flash respectively.
5. a kind of server, the server includes the server credible platform measurement control according to one of Claims 1-4 System processed.
CN201720312791.0U 2017-03-28 2017-03-28 Server credible platform measures control system and the server including the system Active CN206649517U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201720312791.0U CN206649517U (en) 2017-03-28 2017-03-28 Server credible platform measures control system and the server including the system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201720312791.0U CN206649517U (en) 2017-03-28 2017-03-28 Server credible platform measures control system and the server including the system

Publications (1)

Publication Number Publication Date
CN206649517U true CN206649517U (en) 2017-11-17

Family

ID=60278582

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201720312791.0U Active CN206649517U (en) 2017-03-28 2017-03-28 Server credible platform measures control system and the server including the system

Country Status (1)

Country Link
CN (1) CN206649517U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111694782A (en) * 2020-05-23 2020-09-22 苏州浪潮智能科技有限公司 Framework and method for realizing automatic switching of trusted platform module
CN111769863A (en) * 2020-05-27 2020-10-13 苏州浪潮智能科技有限公司 Relay method and relay board card for TPCM communication

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111694782A (en) * 2020-05-23 2020-09-22 苏州浪潮智能科技有限公司 Framework and method for realizing automatic switching of trusted platform module
CN111694782B (en) * 2020-05-23 2022-03-04 苏州浪潮智能科技有限公司 Device and method for realizing automatic switching of trusted platform module
CN111769863A (en) * 2020-05-27 2020-10-13 苏州浪潮智能科技有限公司 Relay method and relay board card for TPCM communication
CN111769863B (en) * 2020-05-27 2022-02-18 苏州浪潮智能科技有限公司 Relay method and relay board card for TPCM communication

Similar Documents

Publication Publication Date Title
CN100568254C (en) A kind of credible platform module and active measure thereof
CN104160403B (en) Use single credible platform module measuring table part
LeMay et al. Cumulative attestation kernels for embedded systems
JP5607546B2 (en) Method and apparatus for controlling system access during a protected mode of operation
WO2018107595A1 (en) Measurement mechanism-based credible plc starting method
CN103080904B (en) Multistage lock-step integrity report mechanism is provided
TW200414051A (en) Encapsulation of a TCPA trusted platform module functionality within a server management coprocessor subsystem
CN100481107C (en) An identity control method based on credibility platform module and fingerprint identifying
CN107403098A (en) The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage
CN105718806A (en) Method for achieving trusted active measurement based on domestic BMC and TPM2.0
WO2012062023A1 (en) Bus monitor for improving system safety of system on chip (soc) and realizing method thereof
CN107451479A (en) The construction method and system of a kind of trust chain
US20220067165A1 (en) Security measurement method and security measurement device for startup of server system, and server
CN107665308A (en) For building and keeping the TPCM systems and correlation method of credible running environment
US7971048B2 (en) System and method for establishing a trust domain on a computer platform
CN106991327B (en) A kind of design method based on Power platform credible computer and control operation method
CN109670349A (en) The hardware structure of trusted computer and the credible starting method of computer
CN206649517U (en) Server credible platform measures control system and the server including the system
WO2022028057A1 (en) Tpm-based apparatus and method for multi-layer protection of server asset information
CN103049293A (en) Starting method of embedded trusted system
CN110659498A (en) Trusted computing measurement method, system thereof and computer readable storage medium
CN111125707A (en) BMC (baseboard management controller) safe starting method, system and equipment based on trusted password module
CN104699620B (en) A kind of system and method for speed-up chip interrupt control unit checking
CN111046392A (en) BIOS (basic input output System) credibility measuring method and device and terminal equipment
CN108629185A (en) Server credible platform measures control system and its operation method

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant