WO2023098569A1 - Patch processing method and apparatus, and computer device - Google Patents

Patch processing method and apparatus, and computer device Download PDF

Info

Publication number
WO2023098569A1
WO2023098569A1 PCT/CN2022/134180 CN2022134180W WO2023098569A1 WO 2023098569 A1 WO2023098569 A1 WO 2023098569A1 CN 2022134180 W CN2022134180 W CN 2022134180W WO 2023098569 A1 WO2023098569 A1 WO 2023098569A1
Authority
WO
WIPO (PCT)
Prior art keywords
firmware
program
patch
storage space
processor
Prior art date
Application number
PCT/CN2022/134180
Other languages
French (fr)
Chinese (zh)
Inventor
宋东匡
李佩聪
樊文跃
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023098569A1 publication Critical patent/WO2023098569A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/658Incremental updates; Differential updates

Definitions

  • the present application relates to the field of computer technology, in particular to a patch processing method, device and computer equipment.
  • BIOS Basic Input Output System
  • OS operating system
  • BIOS is a bridge between the operating system (OS) and computer hardware, and is responsible for the hardware configuration when the computer is turned on. Detection, device initialization, operating system boot and providing service interface to the operating system.
  • the BIOS After the computer equipment is powered on, the BIOS first completes the hardware initialization process of the computer equipment, and then starts the OS to execute user services.
  • the BIOS may need to be modified during the operation of the computer device. For example, when a computer device fails, the failure can be resolved by modifying the BIOS.
  • the BIOS when the BIOS needs to be updated/upgraded, the BIOS also needs to be modified.
  • the following method is adopted: modifying the BIOS, storing the updated BIOS in the computer device, and restarting the computer device, so that the computer device executes the updated BIOS after restarting.
  • the present application provides a patch processing method, device, and computer equipment, which can solve computer equipment failures or implement firmware updates/upgrades by executing firmware patches without restarting the computer equipment, thereby avoiding business interruption.
  • the present application provides a patch processing method, and the execution subject of the method may be a computer device.
  • the computer device stores a first program and a firmware program of the computer device, the firmware program includes a firmware startup program and a firmware running program, and the method includes: the firmware running program obtains a firmware patch, and the firmware patch comes from the first program; the firmware running program executes Firmware patch, the firmware patch takes effect.
  • the firmware patch refers to a section of program written to solve computer equipment failures or to implement firmware updates/upgrades.
  • the above-mentioned computer equipment faults may be hardware firmware, firmware program faults, etc.
  • Firmware updates/upgrades may include, but are not limited to: improving existing firmware functions, patching vulnerabilities of existing firmware functions, adding new firmware functions, enhancing firmware stability, etc.
  • the first program may be other programs except the firmware program executed by the computer device during the running phase.
  • the first program may be an operating system.
  • the first program may be a baseboard management controller (Baseboard Management Controller, BMC) program.
  • BMC Baseboard Management Controller
  • the firmware patch from the first program is acquired through the firmware running program, and the firmware patch is executed to make the patch take effect, thereby solving the failure of the computer equipment or implementing firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
  • the firmware running program may obtain the firmware patch in the following manner: the firmware running program obtains patch location information from the first storage space, and the patch location information is used to indicate that the firmware patch is in the second storage space storage location; the firmware running program obtains the firmware patch from the second storage space according to the patch location information.
  • the firmware running program before the firmware running program obtains the patch location information from the first storage space, it also includes: the first program stores the firmware patch in the second storage space; the first program stores the patch location information in the second storage space; a storage space.
  • the first program transfers the firmware patch to the firmware running program through the first storage space and the second storage space.
  • Both the first storage space and the second storage space are storage spaces that can be accessed jointly by the first program and the firmware running program.
  • the first storage space may be a shared memory between the first program and the firmware running program.
  • the second storage space may be a register, a mailbox, a shared memory, and the like that are jointly accessible by the first program and the second firmware running program.
  • the first program before the first program stores the firmware patch in the second storage space, it also includes: the first program obtains the firmware calling method; the first program determines the first storage space and the second storage space according to the firmware calling method. space.
  • the firmware invoking method refers to a method in which the operating system notifies/calls the firmware running program, so that the firmware running program executes the firmware patch.
  • the firmware calling method can be divided into internal calling method and external calling method.
  • the internal calling method refers to calling within the same processor, and the external calling method refers to calling across processors.
  • the first program may acquire the firmware calling method in the following manner: the first program receives the firmware calling method sent by the firmware program.
  • the firmware startup program in the startup stage of the computer device, when the firmware startup program starts and loads the operating system, the firmware startup program sends the firmware calling method to the operating system.
  • the firmware running program sends the firmware calling method to the operating system.
  • the computer device includes at least one processor; the first program determines the first storage space and the second storage space according to a firmware calling method, including:
  • the first program determines the first storage space and the second storage space in the storage space of the first processor; the first processor runs the processor of the first program.
  • the firmware calling method is an internal calling method, it means that the firmware running program and the operating system run on the same processor, that is, both run on the first processor. Therefore, the operating system can determine the first storage space and the second storage space in the storage space of the first processor. Since the firmware running program is also executed by the first processor, the first storage space and the second storage space can also be accessed by the firmware running program.
  • the second storage space may be the memory space of the first processor.
  • the first storage space may be a preset register of the first processor.
  • the computer device includes at least one processor; the first program determines the first storage space and the second storage space according to a firmware calling method, including:
  • the first program determines the first storage space and the second storage space in the storage space accessible by the first processor and the second processor; wherein, the first processor is to run the second A processor with a program, the second processor is a processor that does not run the first program.
  • the firmware calling method is an external calling method, it means that the firmware running program and the operating system run on different processors. Therefore, the operating system can determine the first storage space and the second storage space in the storage spaces commonly accessible by the first processor and the second processor. In this way, it is ensured that the first storage space and the second storage space can also be accessed by the firmware running program.
  • the second storage space may be a shared memory space of the first processor and the second processor.
  • the first storage space may be a preset mailbox.
  • the first program and the firmware running program run on the same processor, and the firmware calling method is an internal calling method; the first program and the firmware running program run on different processors, and the firmware calling method For external calls.
  • processors refer to two physically different processors, and the two processors may be of the same type or of different types. These two processors can be packaged in a system-on-chip (SoC).
  • SoC system-on-chip
  • the firmware calling method is an internal calling method; before the firmware running program obtains the patch location information from the first storage space, it also includes: the first program executes a preset instruction, so that the processor where the first program is located Execute the firmware runner.
  • the preset instruction refers to an instruction for adjusting the execution authority of the processor.
  • the firmware calling method is an internal calling method
  • the firmware running program and the first program run in the same processor, and the execution rights of the processor to execute the firmware running program and the first program are usually different. Therefore, by executing the preset instruction through the first program, the execution authority of the processor can be switched to the execution authority corresponding to the firmware execution program, so that the processor executes the firmware execution program.
  • the firmware running program executes the firmware patch, it further includes: the firmware running program executes a preset instruction, so as to switch the execution authority of the processor to the execution authority corresponding to the first program, so that the processor continues to Execute the first program.
  • the method further includes: the firmware running program acquires the firmware patch function identifier from the first storage space; the firmware running program obtains the firmware patch function identifier from the patch location information according to the Obtaining the firmware patch in the second storage space includes: the firmware running program determines the firmware service interface corresponding to the firmware patch function identifier according to the firmware patch function identifier; through the firmware service interface according to the patch location information, and acquire the firmware patch from the second storage space.
  • firmware service interface is a software interface.
  • it may be an API interface.
  • the firmware running program may acquire the firmware patch in the following manner: the firmware running program receives a first message from the first program, where the first message includes the firmware patch.
  • the first program can deliver the firmware patch to the firmware running program through the message interaction interface.
  • the firmware running program may execute the firmware patch in the following manner: obtain signature information from the firmware patch; verify the integrity and/or legality of the firmware patch according to the signature information , to obtain a verification result; if the verification result is verified, execute the firmware patch.
  • the integrity and/or legality of the firmware patch is verified, and the firmware patch is executed only when the verification is passed, so as to ensure safe operation of the computer device.
  • the firmware running program can execute the firmware patch in the following manner: determine the file format type of the firmware patch, the file format type is binary type or bytecode type; if the file format type is byte code type, then parse and execute the firmware patch to make the firmware patch take effect; if the file format type is binary type, execute the firmware patch to make the firmware patch take effect.
  • the firmware running program adopts different execution methods for different file format types by judging the file format type of the firmware patch, so that the application scheme is not only applicable to the firmware patch in the binary format, but also applicable to the bytecode format
  • the firmware patch makes the application scenarios more extensive.
  • the present application provides a patch processing device, including: a first processing module and a second processing module; wherein the second processing module is used to obtain a firmware patch, the firmware patch comes from the first processing module, The second processing module is also used to execute the firmware patch, and the firmware patch takes effect.
  • the second processing module is specifically configured to: acquire patch location information from the first storage space, where the patch location information is used to indicate the storage location of the firmware patch in the second storage space; The patch location information is used to obtain the firmware patch from the second storage space.
  • the first processing module is configured to: store the firmware patch in the second storage space, and store the patch location information in the first storage space.
  • the first processing module is further configured to: acquire a firmware calling method; and determine the first storage space and the second storage space according to the firmware calling method.
  • the first processing module is specifically configured to: receive the firmware calling manner sent by the second processing module.
  • the patch processing apparatus is applied to computer equipment, and the computer equipment includes at least one processor; the first processing module is specifically configured to: if the firmware calling method is an internal calling method, then determining said first memory space and said second memory space in a memory space of a first processor; or,
  • the calling method of the firmware is an external calling method, then determining the first storage space and the second storage space in a storage space commonly accessible by the first processor and the second processor;
  • the first processor runs the first processing module, and the second processor does not run the first processing module.
  • the first processing module and the second processing module run in the same processor, and the firmware calling method is the internal calling method; the first processing module and the second processing module The two processing modules run in different processors, and the firmware calling method is the external calling method.
  • the firmware calling method is the internal calling method; the first processing module is further configured to: execute a preset instruction, so that the processor where the first processing module is located executes the Second processing module.
  • the second processing module is further configured to: obtain the firmware patch function identifier from the first storage space; determine the corresponding A firmware service interface; acquiring the firmware patch from the second storage space through the firmware service interface according to the patch location information.
  • the second processing module is specifically configured to: receive a first message from the first processing module, where the first message includes the firmware patch.
  • the first processing module is an operating system OS; or, the first processing module is a baseboard management controller (BMC) program.
  • OS operating system
  • BMC baseboard management controller
  • the present application provides a computer device, including:
  • the memory stores a computer program; the one or more processors run the computer program to implement the method described in the first aspect or any possible implementation manner of the first aspect.
  • the present application provides a chip, including:
  • the memory stores a computer program; the one or more processors run the computer program to implement the method described in the first aspect or any possible implementation manner of the first aspect.
  • the present application provides a computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed, any possible Implement the method described in the manner.
  • the present application provides a computer program product, where the computer program product includes a computer program, and when the computer program is run, it implements the first aspect or any possible implementation of the first aspect. method.
  • the present application provides a patch processing method, device, and computer equipment.
  • the computer equipment stores a first program and a firmware program of the computer equipment.
  • the firmware program includes a firmware startup program and a firmware running program.
  • the method includes: the firmware running program acquires a firmware patch, The firmware patch comes from the first program; the firmware running program executes the firmware patch, and the firmware patch takes effect, so as to solve computer equipment failure or implement firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
  • FIG. 1 is a schematic diagram of a hardware structure of a computer device provided by an embodiment of the present application
  • FIG. 2 is a schematic diagram of a layered architecture of a computer device provided by an embodiment of the present application
  • FIG. 3 is a schematic diagram of the running sequence of the computer equipment provided by the embodiment of the present application.
  • FIG. 4 is a schematic flowchart of a patch processing method provided in an embodiment of the present application.
  • FIG. 5 is a schematic diagram of a manner in which a firmware running program provided by an embodiment of the present application obtains a firmware patch
  • FIG. 6 is a schematic diagram of another way for the firmware running program to obtain the firmware patch provided by the embodiment of the present application.
  • FIG. 7 is a schematic diagram of the running state of a computer device provided by the embodiment of the present application.
  • FIG. 8 is a schematic diagram of another computer device operating state provided by the embodiment of the present application.
  • FIG. 9 is a schematic flow chart of another patch processing method provided by the embodiment of the present application.
  • FIG. 10 is a schematic flowchart of another patch processing method provided by the embodiment of the present application.
  • FIG. 11 is a schematic diagram of an interaction process between an operating system and a firmware program provided by an embodiment of the present application.
  • FIG. 12 is a schematic structural diagram of a patch processing device provided by an embodiment of the present application.
  • Computer equipment refers to a machine that can perform number crunching.
  • Computer equipment includes but is not limited to: mobile phone (cellphone), smart phone (smartphone), computer (computer), tablet computer (tablet computer), wearable device (wearable device), personal digital assistant (personal digital assistant, PDA), Mobile Internet device (mobile internet device, MID), IoT device, e-book reader (e-book reader), server, etc.
  • FIG. 1 is a schematic diagram of a hardware structure of a computer device provided by an embodiment of the present application.
  • a computer device 100 includes: a processor 101 and a memory 102 .
  • a processor 101, a memory 102, and a communication interface 103 are communicatively connected to each other.
  • the processor 101, the memory 102, and the communication interface 103 may be connected by a network to realize a communication connection.
  • the above computer device 100 may further include a bus 104 .
  • the processor 101 , the memory 102 , and the communication interface 103 are connected to each other through the bus 104 .
  • the number of processors 101 may be one or more. Each processor 101 may include one or more processing cores.
  • the processor 101 may also be called a processing unit, a processing subsystem, and the like.
  • the processor 101 may include at least one of the following: a central processing unit (central processing unit, CPU), an application specific integrated circuit (application specific integrated circuit, ASIC), an application processor (application processor, AP), a modem processing processor, graphics processing unit (graphics processing unit, GPU), image signal processor (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, neural Network processor (neural-network processing unit, NPU), etc.
  • the memory 102 may include: a non-volatile memory (non-volatile memory, NVM) and a random access memory (random access memory, RAM).
  • NVM non-volatile memory
  • RAM random access memory
  • the non-volatile memory can be read-only memory (read-only memory, ROM), such as programmable read-only memory (programmable read-only memory, PROM), erasable programmable read-only memory (erasable programmable read-only memory) only memory, EPROM), electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), etc.
  • the non-volatile memory may also be a flash memory, a magnetic memory, such as a magnetic tape, a floppy disk, a hard disk, and the like.
  • the non-volatile memory can also be an optical disk. When the computer equipment is powered off, the data stored in the non-volatile memory will not be lost.
  • Random access memory also called main memory, is an internal memory that directly exchanges data with the processor 101 . It can be read and written at any time, and the speed is very fast, and it is usually used as a temporary data storage medium for operating systems or other running programs. When RAM is working, information can be written (stored) or read (taken out) from any specified address at any time. The biggest difference between it and ROM is the volatility of data, that is, the stored data will be lost once the power is turned off. RAM is used in computers and digital systems to temporarily store programs, data, and intermediate results.
  • the communication interface 103 uses a transceiver module such as but not limited to a transceiver to implement communication between the computer device 100 and other devices or communication networks.
  • a transceiver module such as but not limited to a transceiver to implement communication between the computer device 100 and other devices or communication networks.
  • the computer device can acquire the firmware patch through the communication interface 103 .
  • the bus 104 may be an industry standard architecture (industry standard architecture, ISA) bus, a peripheral component interconnect (peripheral component, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, etc.
  • the bus can be divided into address bus, data bus, control bus and so on.
  • the buses in the drawings of the present application are not limited to only one bus or one type of bus.
  • the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 100 .
  • the electronic device 100 may include more or fewer components than shown in the figure, or combine certain components, or separate certain components, or adopt different component arrangements.
  • the memory 102 may be used to store firmware programs, operating systems (operating system, OS), application programs, and the like.
  • firmware programs operating systems (operating system, OS), application programs, and the like.
  • the above-mentioned firmware program, operating system, application program, etc. may be stored in a non-volatile memory.
  • the processor 101 can execute firmware programs, operating systems, application programs, etc. stored in the memory 102 to make the computer device perform certain functions.
  • the memory 102 may also store data, intermediate results, etc. created during the operation of the computer device.
  • data and intermediate results created during the operation of the above-mentioned computer device may be stored in a random access memory.
  • the firmware program may include a basic input output system (basic input output system, BIOS) and other firmware programs.
  • BIOS basic input output system
  • the BIOS stores the most important basic input and output programs of computer equipment, self-test programs after power-on, and system self-start programs. It can read and write specific information about system settings from complementary metal oxide semiconductors (CMOS).
  • CMOS complementary metal oxide semiconductors
  • the main function of BIOS is to provide the lowest-level and most direct hardware setting and control for computer equipment.
  • BIOS also provides some system parameters to the operating system.
  • FIG. 2 is a schematic diagram of a layered architecture of a computer device provided by an embodiment of the present application. As shown in FIG. 2 , the bottom layer is the hardware layer of the computer equipment, the firmware program layer is above the hardware layer, and the operating system layer is above the firmware program layer.
  • the firmware program includes a firmware startup program (ie, boot-time firmware) and a firmware running program (ie, run-time firmware).
  • the firmware startup program is used to provide functions such as hardware detection, hardware configuration, hardware initialization, and operating system booting during the startup process of the computer device.
  • the firmware running program is used to provide runtime services, system parameters, etc. to the operating system during the running of the operating system.
  • FIG. 3 is a schematic diagram of the running sequence of the computer device provided by the embodiment of the present application.
  • the running process of the computer device can be divided into a startup phase and a running phase.
  • the computer device executes the firmware startup program to detect and initialize the hardware, and guide the operating system to start. After the operating system is started, the firmware startup program ends.
  • the computer device executes the operating system and firmware running programs.
  • the firmware running program provides the operating system with the service of executing firmware patches.
  • the operating system can call this service to make the firmware running program execute Firmware patch, the firmware patch takes effect, so as to solve the fault or implement firmware update/upgrade. There is no need to restart the computer equipment during this process, and the business of the computer equipment will not be affected.
  • FIG. 4 is a schematic flowchart of a patch processing method provided by an embodiment of the present application.
  • the method in this embodiment can be executed by a computer device.
  • the computer device stores the first program and the firmware program of the computer device.
  • the firmware program includes a firmware running program and a firmware starting program.
  • the patch processing method described in the embodiment of the present application may also be called a firmware patch processing method, or a firmware update method, or a firmware upgrade method.
  • the method of this embodiment includes:
  • a firmware running program acquires a firmware patch, where the firmware patch comes from the first program.
  • the first program may be other programs except the firmware program executed by the computer device during the running phase.
  • the first program may be an operating system.
  • the first program may be a baseboard management controller (Baseboard Management Controller, BMC) program.
  • BMC Baseboard Management Controller
  • the operating system can be any one of the following: Windows, MacOS, Linux, Chrome OS, iOS, Android, Hongmeng OS, KaiOS, Ipad OS, Fuchsia OS. This embodiment does not limit it.
  • BMC is used to monitor and control the system hardware of computer equipment, for example, monitor the temperature, voltage, fan, power supply, etc. of the system hardware, and make corresponding adjustments to ensure that the system hardware is in a healthy operating state.
  • the BMC program can be regarded as an independent system, which does not depend on other hardware (such as processor, memory, etc.) on the computer device, nor does it depend on BIOS, operating system, etc. Messages can be exchanged between the BMC and the BIOS.
  • a firmware patch refers to a program written to solve computer equipment failures or to implement firmware updates/upgrades.
  • the above-mentioned computer equipment faults may be hardware firmware, firmware program faults, etc.
  • Firmware updates/upgrades may include, but are not limited to: improving existing firmware functions, patching vulnerabilities of existing firmware functions, adding new firmware functions, enhancing firmware stability, etc.
  • a firmware patch includes independent and complete code for realizing a certain function, without relying on other programs other than the firmware patch.
  • Firmware patches can be in binary or bytecode file format.
  • the control bit is a register.
  • the operating system or the BMC program has low execution authority and has no right to access the register.
  • the register can only be modified by a firmware program with higher execution authority. In this case, the following firmware patch can be written to modify the above registers:
  • the firmware running program may acquire the firmware patch from the first program in the following possible ways.
  • FIG. 5 is a schematic diagram of a manner in which a firmware running program obtains a firmware patch provided by an embodiment of the present application.
  • the first program stores the firmware patch in the second storage space, and stores the patch location information in the first storage space.
  • the patch location information is used to indicate the storage location of the firmware patch in the second storage space.
  • the firmware running program obtains the patch location information from the first storage space, and obtains the firmware patch from the second storage space according to the patch location information.
  • the patch location information may include a start address and an end address of the firmware patch in the second storage space.
  • the patch location information may include a starting location of the firmware patch in the second storage space and a length of the firmware patch.
  • the first program transfers the firmware patch to the firmware running program through the first storage space and the second storage space.
  • Both the first storage space and the second storage space are storage spaces that can be accessed jointly by the first program and the firmware running program.
  • the first storage space may be a shared memory between the first program and the firmware running program.
  • the second storage space may be a register, a mailbox (Mailbox), a shared memory, and the like that are jointly accessible by the first program and the second firmware running program.
  • FIG. 6 is a schematic diagram of another manner in which a firmware running program obtains a firmware patch provided by an embodiment of the present application.
  • the first program sends a first message to the firmware running program, and the first message includes a firmware patch.
  • the firmware running program receives the first message from the first program, and obtains the firmware patch from the first message.
  • the first program can deliver the firmware patch to the firmware running program through the message interaction interface.
  • the firmware running program acquires the firmware patch, it executes the firmware patch to make the firmware patch take effect, so as to solve the failure of the computer equipment or implement firmware update/upgrade.
  • executing the firmware patch may be: executing the code in the firmware patch; performing corresponding processing according to the code logic of the firmware patch to realize the function/logic implemented by the firmware patch.
  • Another form of expression for the firmware patch to take effect may be: the computer device implements the function/logic implemented by the firmware patch; the computer device continues to run according to the function/logic implemented by the firmware patch.
  • the computer equipment failure scenario as an example, after the firmware running program executes the firmware patch, the failure of the computer equipment is resolved, so that the computer equipment resumes normal operation.
  • the firmware update/upgrade scenario as an example, when the firmware running program executes the firmware patch, the computer equipment runs according to the updated/upgraded firmware, and achieves the operation effect after the firmware update/upgrade, for example, the function of the original firmware is improved. , Repair the loopholes of the original firmware function, increase the new firmware function, improve the stability of the firmware, etc.
  • the firmware server pushes the firmware patch to the computer device, or the developer uploads the firmware patch to the computer device, so that the first program of the computer device obtains Firmware patches.
  • the first program may use the above-mentioned method 1 or the above-mentioned method 2 to transfer the firmware patch to the firmware running program, so that the firmware running program obtains the firmware patch.
  • the firmware running program executes the firmware patch, so that the firmware patch takes effect, solves the failure of the computer equipment or implements firmware update/upgrade.
  • the firmware patch from the first program is acquired through the firmware running program, and the firmware patch is executed to make the firmware patch take effect, thereby solving the problem of the computer equipment or realizing Firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
  • computer equipment may include one or more processors.
  • the firmware running program and the operating system run simultaneously. In this way, the operation of the firmware running program and the operating system can be divided into the following two situations.
  • Case 1 The firmware runner and the operating system run on the same processor.
  • Case 2 The firmware runner and the operating system run on different processors.
  • the different processors refer to two physically different processors, and the two processors may be of the same type or of different types, which is not limited in this embodiment. These two processors can be packaged in a system-on-chip (SoC).
  • SoC system-on-chip
  • the computer device includes a processor. Both the operating system and firmware runners are executed by the processor.
  • FIG. 7 is a schematic diagram of the running state of a computer device provided by the embodiment of the present application. As shown in FIG. 7 , both the operating system and the firmware running program are executed by the processor.
  • the processor executes the operating system and the firmware running program in a time-sharing manner, that is, only one of the operating system and the firmware running program can be executed at the same time.
  • the firmware running program is in a suspended state (or called a sleep state). When the processor needs to execute the firmware running program, it can suspend the execution of the operating system and wake up the firmware running program.
  • the processor wakes up the operating system so that the operating system can continue to execute.
  • the operating system is run by the CPU of the processor, and the firmware running program can be run by a supporting chip of the processor, such as a bridge chip.
  • the computer device includes multiple processors.
  • the operating system can be executed by one of the processors, and the firmware running program can be distributed and executed by different processors.
  • FIG. 8 is a schematic diagram of another operating state of a computer device provided by an embodiment of the present application. As shown in FIG. 8 , it is illustrated by taking a computer device including a processor A and a processor B as an example.
  • the processor A executes an operating system and a firmware running program
  • the processor B executes the firmware running program.
  • the firmware running programs executed by the processor A and the processor B may be completely the same or different.
  • processor A executes part of the functions of the firmware running program
  • processor B executes part of the functions of the firmware running program.
  • some functions of the firmware running program executed by the processor A may overlap with some functions of the firmware running program executed by the processor B.
  • the firmware running program and the operating system run on the same processor, which belongs to the above case 1.
  • the operating system is run by the CPU of processor A
  • the firmware running program can be run by a supporting chip of processor A, such as a bridge chip.
  • firmware running program in processor B the firmware running program and the operating system run on different processors, which belongs to the above-mentioned case 2.
  • FIG. 8 uses two processors as an example for illustration, and when the computer device includes more processors, the principle is similar, and details are not repeated here.
  • FIG. 9 is a schematic flowchart of another patch processing method provided by the embodiment of the present application.
  • the method in this embodiment may be executed when the operating system determines that a firmware patch needs to be applied during the execution of the computer device.
  • the method of this embodiment includes:
  • S901 The operating system determines a firmware calling method.
  • the method of invoking the firmware refers to a method in which the operating system notifies/calls the firmware running program, so that the firmware running program executes the firmware patch.
  • Firmware calling methods can be divided into internal calling methods and external calling methods.
  • the internal calling method refers to calling within the same processor, and the external calling method refers to calling across processors.
  • the operating system and the firmware running program run on the same processor, and the calling method of the firmware is an internal calling method.
  • the operating system and the firmware running program run on different processors, and the firmware calling method is an external calling method.
  • the operating system determines the first storage space and the second storage space in the storage space of the first processor, where the first processor is a processor running the operating system.
  • the operating system stores the firmware patch in the second storage space, and stores patch location information in the first storage space, where the patch location information is used to indicate a storage location of the firmware patch in the second storage space.
  • the firmware calling method is an internal calling method, it means that the firmware running program and the operating system run on the same processor, that is, both run on the first processor, which corresponds to the above case 1. Therefore, the operating system can determine the first storage space and the second storage space in the storage space of the first processor. Since the firmware running program is also executed by the first processor, the first storage space and the second storage space can also be accessed by the firmware running program.
  • the second storage space may be the memory space of the first processor.
  • the first storage space may be a preset register of the first processor.
  • the first processor executes the operating system Execute permissions when executing the firmware are usually different from the execution permissions when executing the firmware runtime program.
  • the execution authority corresponding to the firmware running program may be higher than the execution authority corresponding to the operating system. Therefore, in some possible implementation manners, after performing S903, the operating system may further perform the following S904.
  • S904 The operating system executes a preset instruction, so that the first processor executes a firmware running program.
  • the preset instruction refers to an instruction for adjusting the execution permission of the first processor.
  • the preset instructions to be executed by the operating system are usually different.
  • the operating system executes a preset instruction to switch the execution authority of the first processor to the execution authority corresponding to the firmware running program, so that the first processor executes the firmware running program.
  • Example 1 if the first processor is an ARM architecture processor, the execution rights of the first processor can be divided into four levels: EL3, EL2, EL1, and EL0 from high to low.
  • the execution permission corresponding to the operating system is usually EL2 or EL1.
  • the execution authority corresponding to the BIOS running program is usually EL3.
  • the operating system may switch the execution authority of the first processor from EL2/EL1 to EL3 by executing the SMC instruction, so that the first processor executes the BIOS running program.
  • Example 2 if the first processor is a RISC-V architecture processor, the execution rights of the first processor can be divided into three levels: M-mode, S-mode, and U-mode from high to low.
  • the execution permission corresponding to the operating system is usually S-mode.
  • the execution permission corresponding to the BIOS running program is usually M-mode.
  • the operating system may switch the execution authority of the first processor from S-mode to M-mode by executing the ECLL instruction, so that the first processor executes the BIOS running program.
  • Example 3 if the first processor is a processor of X86 architecture.
  • the execution permission corresponding to the operating system is non-SMM mode, and the execution permission corresponding to the BIOS running program is SMM mode.
  • the operating system can switch the execution authority of the first processor from non-SMM mode to SMM mode by executing an operation instruction that generates an SMI interrupt, so that the first processor executes the BIOS running program.
  • the operating system determines the first storage space and the second storage space in the storage space accessible by the first processor and the second processor, and the first processor runs the operating system processor, and the second processor is a processor that does not run an operating system.
  • the operating system stores the firmware patch in the second storage space, and stores patch location information in the first storage space, where the patch location information is used to indicate a storage location of the firmware patch in the second storage space.
  • the firmware calling method is an external calling method, it means that the firmware running program and the operating system implementing the embodiment of the present application run on different processors, which corresponds to the above case 2.
  • the firmware execution program implementing the embodiment of the present application is executed by processor B, and the operating system is executed by processor A. Therefore, the operating system can determine the first storage space and the second storage space in the storage spaces accessible by both processor A and processor B. In this way, it is ensured that the first storage space and the second storage space can also be accessed by the firmware running program.
  • the second storage space may be a shared memory space of the first processor and the second processor.
  • the first storage space may be a preset mailbox.
  • the firmware running program acquires patch location information from the first storage space, and acquires a firmware patch from the second storage space according to the patch location information.
  • the firmware running program executes preset instructions to switch the execution authority of the processor to the execution authority corresponding to the operating system, so that the first processor continues to execute the operating system.
  • the above embodiment shown in FIG. 9 mainly describes how the operating system transfers the firmware patch to the firmware running program in the case 1 and the case 2.
  • the specific implementation process of the firmware patch after the firmware running program acquires the firmware patch is described below in conjunction with a specific embodiment.
  • FIG. 10 is a schematic flowchart of another patch processing method provided by the embodiment of the present application. As shown in Figure 10, the method of this embodiment includes:
  • the firmware running program obtains the patch location information and the firmware patch function identifier from the first storage space, and the patch location is used to indicate the storage location of the firmware patch in the second storage space.
  • the firmware running program determines the firmware service interface corresponding to the firmware patch function identifier according to the firmware patch function identifier.
  • the firmware running program can provide various calling functions to the operating system.
  • the firmware patch function is one of them.
  • Each calling function corresponds to a service interface.
  • the service interface corresponding to the firmware patch function is the firmware service interface.
  • firmware service interface is a software interface.
  • it may be an application programming interface (Application Programming Interface, API) or the like.
  • the operating system When the operating system stores the patch location information in the first storage space, it may also store the firmware patch function identifier in the first storage space.
  • the firmware patch function identifier is used to inform the firmware that the running program needs to call the firmware patch function.
  • the firmware running program can determine that the firmware service interface needs to be executed according to the firmware patch function identifier.
  • the following firmware patch execution process from S1003 to S1007 is completed by calling the firmware service interface.
  • the firmware patch may include a file header, a code area and a signature area.
  • S1004 Obtain signature information from the firmware patch through the firmware service interface, and verify the integrity and/or legality of the firmware patch according to the signature information, and obtain a verification result.
  • the signature information can be obtained from the signature area of the firmware patch.
  • the integrity and/or legality of the firmware patch is verified by using the signature information, and a verification result is obtained.
  • the integrity and/or legality of the firmware patch is verified, and the firmware patch is executed only when the verification is passed, so as to ensure safe operation of the computer equipment.
  • the computer device cannot directly recognize the firmware patch of the bytecode type, and needs to be parsed first, converted into a form that the computer device can recognize, and then executed.
  • the firmware patch of the binary type the computer device can directly execute it. As described in S1006 and S1007 below.
  • the firmware running program adopts different execution methods for different file format types by judging the file format type of the firmware patch, so that the solution of this application is not only applicable to the firmware patch in the binary format, but also applicable to the bytecode format
  • the firmware patch makes the application scenarios more extensive.
  • a firmware program may specify a firmware calling method, and notify the operating system of the firmware calling method.
  • FIG. 11 is a schematic diagram of an interaction process between an operating system and a firmware program provided by an embodiment of the present application.
  • the firmware program can send the firmware calling method to the operating system, and correspondingly, the operating system receives the firmware calling method from the firmware program, so that the operating system can learn the firmware calling method.
  • the firmware startup program when the firmware startup program starts and loads the operating system, the firmware startup program sends the firmware calling method to the operating system.
  • the firmware running program sends the firmware calling method to the operating system.
  • the BIOS program sends the function information table to the operating system.
  • the function information table includes calling functions supported by the BIOS running program, and a BIOS calling method corresponding to each calling function.
  • the function information table includes header information (Header) and a function list (Call ID[n]).
  • the function list adopts the form of an array, and the subscript of the array element is the identification of the calling function supported by the BIOS running program, and the value of Call ID[n] indicates the BIOS calling method corresponding to the calling function identification n.
  • the identifier of each calling function may be agreed in advance.
  • the identifier of the firmware patch function is 0, the corresponding identifier of another calling function is 1, and so on.
  • the meaning of the value of Call ID[n] is as follows:
  • BIOS call mode is a special instruction call (that is, the internal call mode in the above-mentioned embodiment);
  • BIOS call method is a mailbox call (that is, the external call method in the above-mentioned embodiment);
  • the operating system can determine the firmware call method corresponding to the firmware patch function according to the value of Call ID[0].
  • the function information table may also include mailbox information (Mailbox).
  • the mailbox information includes address information of at least one mailbox.
  • the firmware call method corresponding to the firmware patch function is mailbox call (that is, the external call method in the above-mentioned embodiment)
  • the mailbox specified in the mailbox information may be used to transmit the patch location information of the firmware patch.
  • the function information table is sent to the operating system through the BIOS, so that the operating system can know whether the BIOS running program supports the firmware patch function, and which firmware calling method is adopted. In this way, when the operating system needs to apply a firmware patch, it can call the BIOS running program to execute the firmware patch based on the firmware calling method.
  • FIG. 12 is a schematic structural diagram of a patch processing device provided by an embodiment of the present application.
  • the patch processing apparatus 1200 provided in this embodiment includes: a first processing module 1201 and a second processing module 1202 .
  • the second processing module 1202 is used to obtain a firmware patch
  • the firmware patch is from the first processing module 1201
  • the second processing module 1202 is also used to execute the firmware patch
  • the firmware patch takes effect.
  • the second processing module 1202 is specifically configured to: acquire patch location information from the first storage space, where the patch location information is used to indicate the storage location of the firmware patch in the second storage space; The patch location information is to obtain the firmware patch from the second storage space.
  • the first processing module 1201 is configured to: store the firmware patch in the second storage space, and store the patch location information in the first storage space.
  • the first processing module 1201 is further configured to: obtain a firmware calling method; and determine the first storage space and the second storage space according to the firmware calling method.
  • the first processing module 1201 is specifically configured to: receive the firmware calling manner sent by the second processing module.
  • the patch processing apparatus provided in this embodiment is applied to computer equipment, and the computer equipment includes at least one processor; the first processing module 1201 is specifically configured to: if the firmware calling method is internal calling mode, then determine the first storage space and the second storage space in the storage space of the first processor; or,
  • the calling method of the firmware is an external calling method, then determining the first storage space and the second storage space in a storage space commonly accessible by the first processor and the second processor;
  • the first processor runs the first processing module, and the second processor does not run the first processing module.
  • the first processing module 1201 and the second processing module 1202 run on the same processor, and the firmware calling method is the internal calling method; the first processing module 1201 and the The second processing module 1202 runs in a different processor, and the firmware calling method is the external calling method.
  • the firmware calling method is the internal calling method; the first processing module 1201 is further configured to: execute a preset instruction, so that the processor where the first processing module 1201 is located executes The second processing module 1202 .
  • the second processing module 1202 is further configured to: acquire the firmware patch function identifier from the first storage space; determine the firmware patch function identifier according to the firmware patch function identifier A corresponding firmware service interface: acquiring the firmware patch from the second storage space through the firmware service interface according to the patch location information.
  • the second processing module 1202 is specifically configured to: receive a first message from the first processing module 1201, where the first message includes the firmware patch.
  • the first processing module 1201 is an operating system OS; or, the first processing module 1201 is a baseboard management controller (BMC) program.
  • OS operating system
  • BMC baseboard management controller
  • the patch processing device provided in this embodiment can be used to execute the patch processing method provided in any of the above method embodiments, and its implementation principle and technical effect are similar, and details are not described here.
  • An embodiment of the present application further provides a computer device, the structure of which may be shown in FIG. 1 , and the computer device includes one or more processors, and a memory.
  • the memory stores computer programs.
  • the computer program may include the first program and a firmware program of the computer device, and the firmware program includes a firmware running program.
  • the one or more processors run the computer program to implement the patch processing method provided by the above method embodiment, the implementation principle and technical effect are similar, and will not be repeated here.
  • An embodiment of the present application further provides a chip, and the chip includes: one or more processors, and a memory.
  • the memory stores computer programs.
  • the computer program may include the first program and a firmware program of the chip, and the firmware program includes a firmware running program.
  • the one or more processors run the computer program to implement the patch processing method provided by the above method embodiment, the implementation principle and technical effect are similar, and will not be repeated here.
  • An embodiment of the present application also provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium.
  • the computer program includes a first program and/or a firmware program.
  • the firmware program includes a firmware running program.
  • An embodiment of the present application further provides a computer program product, where the computer program product includes a computer program.
  • the computer program includes a first program and/or a firmware program
  • the firmware program includes a firmware running program.
  • the disclosed devices and methods may be implemented in other ways.
  • the device embodiments described above are only illustrative.
  • the division of the modules is only a logical function division. In actual implementation, there may be other division methods, for example, multiple modules can be combined or integrated. to another system, or some features may be ignored, or not implemented.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or modules may be in electrical, mechanical or other forms.
  • modules described as separate components may or may not be physically separated, and the components shown as modules may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional module in each embodiment of the present application may be integrated into one processing unit, each module may exist separately physically, or two or more modules may be integrated into one unit.
  • the units formed by the above modules can be implemented in the form of hardware, or in the form of hardware plus software functional units.
  • the above-mentioned integrated modules implemented in the form of software function modules can be stored in a computer-readable storage medium.
  • the above-mentioned software functional modules are stored in a storage medium, and include several instructions to enable a computer device (which may be a personal computer, server, or network device, etc.) or a processor (English: processor) to execute the functions described in various embodiments of the present application. part of the method.
  • the above-mentioned storage medium can be realized by any type of volatile or non-volatile storage device or their combination, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable In addition to programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read-only memory
  • EPROM programmable read-only memory
  • ROM read-only memory
  • magnetic memory magnetic memory
  • flash memory magnetic disk or optical disk.
  • a storage media may be any available media that can be accessed by a general purpose or special purpose computer.
  • An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium.
  • the storage medium may also be a component of the processor.
  • the processor and the storage medium may be located in Application Specific Integrated Circuits (ASIC for short).
  • ASIC Application Specific Integrated Circuits
  • the processor and the storage medium can also exist in the electronic device or the main control device as discrete components.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)

Abstract

Provided in the present application are a patch processing method and apparatus, and a computer device. The computer device stores a first program and a firmware program of the computer device, wherein the firmware program comprises a firmware starting program and a firmware running program. The method comprises: a firmware running program acquiring a firmware patch, wherein the firmware patch is from a first program; and the firmware running program executing the firmware patch, and the firmware patch taking effect. Therefore, a fault of a computer device is handled, or an update/upgrade of firmware is realized. Since a firmware program of the computer device is not updated during the process, there is no need to restart the computer device, and thus a service of the computer device is not affected.

Description

补丁处理方法、装置及计算机设备Patch processing method, device and computer equipment
本申请要求于2021年12月01日提交中国专利局、申请号为202111455778.8、申请名称为“补丁处理方法、装置及计算机设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with application number 202111455778.8 and application title "patch processing method, device and computer equipment" filed with China Patent Office on December 01, 2021, the entire contents of which are incorporated by reference in this application middle.
技术领域technical field
本申请涉及计算机技术领域,尤其涉及一种补丁处理方法、装置及计算机设备。The present application relates to the field of computer technology, in particular to a patch processing method, device and computer equipment.
背景技术Background technique
固件程序是计算机设备的重要组合部分。例如,基本输入输出系统(basic input output system,BIOS)即是计算机设备的一种固件程序,BIOS是操作系统(operating system,OS)和计算机硬件之间连接的一个桥梁,负责计算机开机时的硬件检测、设备初始化、操作系统引导并向操作系统提供服务接口。Firmware programs are an integral part of computer equipment. For example, the Basic Input Output System (BIOS) is a firmware program of computer equipment. BIOS is a bridge between the operating system (OS) and computer hardware, and is responsible for the hardware configuration when the computer is turned on. Detection, device initialization, operating system boot and providing service interface to the operating system.
在计算机设备上电后,首先由BIOS完成计算机设备的硬件初始化过程,进而启动OS,执行用户业务。一些场景下,在计算机设备运行过程中,可能需要对BIOS进行修改。例如,当计算机设备发生故障时,可以通过修改BIOS来解决故障。又例如,在需要对BIOS进行更新/升级时,也需要对BIOS进行修改。通常采用如下方式:修改BIOS,将更新后的BIOS存储到计算机设备中,重启计算机设备,以使计算机设备重启后执行更新后的BIOS。After the computer equipment is powered on, the BIOS first completes the hardware initialization process of the computer equipment, and then starts the OS to execute user services. In some scenarios, the BIOS may need to be modified during the operation of the computer device. For example, when a computer device fails, the failure can be resolved by modifying the BIOS. For another example, when the BIOS needs to be updated/upgraded, the BIOS also needs to be modified. Usually, the following method is adopted: modifying the BIOS, storing the updated BIOS in the computer device, and restarting the computer device, so that the computer device executes the updated BIOS after restarting.
然而,上述过程需要对计算机设备进行重启,会导致业务中断,甚至还可能导致计算机设备无法启动的风险。However, the above-mentioned process needs to restart the computer equipment, which will cause business interruption, and may even cause the risk that the computer equipment cannot be started.
发明内容Contents of the invention
本申请提供一种补丁处理方法、装置及计算机设备,能够在不对计算机设备进行重启的情况下,通过执行固件补丁解决计算机设备故障或者实现固件更新/升级,避免业务造成中断。The present application provides a patch processing method, device, and computer equipment, which can solve computer equipment failures or implement firmware updates/upgrades by executing firmware patches without restarting the computer equipment, thereby avoiding business interruption.
第一方面,本申请提供一种补丁处理方法,该方法的执行主体可以为计算机设备。所述计算机设备存储有第一程序和计算机设备的固件程序,固件程序包括固件启动程序和固件运行程序,该方法包括:固件运行程序获取固件补丁,固件补丁来自于第一程序;固件运行程序执行固件补丁,固件补丁生效。In a first aspect, the present application provides a patch processing method, and the execution subject of the method may be a computer device. The computer device stores a first program and a firmware program of the computer device, the firmware program includes a firmware startup program and a firmware running program, and the method includes: the firmware running program obtains a firmware patch, and the firmware patch comes from the first program; the firmware running program executes Firmware patch, the firmware patch takes effect.
其中,固件补丁是指为了解决计算机设备故障或者为了实现固件更新/升级而编写的一段程序。上述的计算机设备故障可以为硬件固件、固件程序故障等。固件更新/升级可以包括但不限于:完善已有固件功能、修补已有固件功能的漏洞、增加新的固件功能、增强固件稳定性等。第一程序可以是计算机设备在运行阶段执行的、除固件程序之外的其他程序。一些实施例中,第一程序可以为操作系统。另一些实施例中,第一程序可以为基板管理控制器(Baseboard Management Controller,BMC)程序。Wherein, the firmware patch refers to a section of program written to solve computer equipment failures or to implement firmware updates/upgrades. The above-mentioned computer equipment faults may be hardware firmware, firmware program faults, etc. Firmware updates/upgrades may include, but are not limited to: improving existing firmware functions, patching vulnerabilities of existing firmware functions, adding new firmware functions, enhancing firmware stability, etc. The first program may be other programs except the firmware program executed by the computer device during the running phase. In some embodiments, the first program may be an operating system. In some other embodiments, the first program may be a baseboard management controller (Baseboard Management Controller, BMC) program.
本申请中,在计算机设备运行过程中,通过固件运行程序获取来自于第一程序的 固件补丁,并执行该固件补丁,即可使补丁生效,从而解决计算机设备故障或者实现固件更新/升级。由于上述过程并未对计算机设备的固件程序进行更新,使得上述过程无需重启计算机设备,因此,不会对计算机设备的业务造成影响。In this application, during the operation of the computer equipment, the firmware patch from the first program is acquired through the firmware running program, and the firmware patch is executed to make the patch take effect, thereby solving the failure of the computer equipment or implementing firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
一种可能的实现方式中,固件运行程序可以采用如下方式获取固件补丁:固件运行程序从第一存储空间获取补丁位置信息,所述补丁位置信息用于指示所述固件补丁在第二存储空间中的存储位置;固件运行程序根据所述补丁位置信息,从第二存储空间中获取固件补丁。In a possible implementation manner, the firmware running program may obtain the firmware patch in the following manner: the firmware running program obtains patch location information from the first storage space, and the patch location information is used to indicate that the firmware patch is in the second storage space storage location; the firmware running program obtains the firmware patch from the second storage space according to the patch location information.
一种可能的实现方式中,固件运行程序从第一存储空间获取补丁位置信息之前,还包括:第一程序将固件补丁存储至第二存储空间;第一程序将所述补丁位置信息存储至第一存储空间。In a possible implementation manner, before the firmware running program obtains the patch location information from the first storage space, it also includes: the first program stores the firmware patch in the second storage space; the first program stores the patch location information in the second storage space; a storage space.
该方式中,第一程序通过第一存储空间和第二存储空间将固件补丁传递至固件运行程序。第一存储空间和第二存储空间均为第一程序和固件运行程序可共同访问的存储空间。In this way, the first program transfers the firmware patch to the firmware running program through the first storage space and the second storage space. Both the first storage space and the second storage space are storage spaces that can be accessed jointly by the first program and the firmware running program.
可选的,第一存储空间可以为第一程序和固件运行程序之间的共享内存。第二存储空间可以为第一程序和第二固件运行程序可共同访问的寄存器、邮箱、共享内存等。Optionally, the first storage space may be a shared memory between the first program and the firmware running program. The second storage space may be a register, a mailbox, a shared memory, and the like that are jointly accessible by the first program and the second firmware running program.
一种可能的实现方式中,第一程序将固件补丁存储至第二存储空间之前,还包括:第一程序获取固件调用方式;第一程序根据固件调用方式,确定第一存储空间和第二存储空间。In a possible implementation manner, before the first program stores the firmware patch in the second storage space, it also includes: the first program obtains the firmware calling method; the first program determines the first storage space and the second storage space according to the firmware calling method. space.
固件调用方式是指操作系统通知/调用固件运行程序,以使固件运行程序执行固件补丁的方式。固件调用方式可以分为内部调用方式和外部调用方式,内部调用方式是指在同一处理器内部进行调用,外部调用方式是指跨处理器进行调用。The firmware invoking method refers to a method in which the operating system notifies/calls the firmware running program, so that the firmware running program executes the firmware patch. The firmware calling method can be divided into internal calling method and external calling method. The internal calling method refers to calling within the same processor, and the external calling method refers to calling across processors.
一种可能的实现方式中,第一程序可以采用如下方式获取固件调用方式:第一程序接收固件程序发送的所述固件调用方式。In a possible implementation manner, the first program may acquire the firmware calling method in the following manner: the first program receives the firmware calling method sent by the firmware program.
以第一程序为操作系统为例,可选的,在计算机设备启动阶段,固件启动程序启动并加载操作系统过程中,由固件启动程序向操作系统发送固件调用方式。可选的,在计算机设备运行阶段,由固件运行程序向操作系统发送固件调用方式。Taking the first program as the operating system as an example, optionally, in the startup stage of the computer device, when the firmware startup program starts and loads the operating system, the firmware startup program sends the firmware calling method to the operating system. Optionally, in the running phase of the computer device, the firmware running program sends the firmware calling method to the operating system.
一种可能的实现方式中,计算机设备包括至少一个处理器;第一程序根据固件调用方式,确定第一存储空间和第二存储空间,包括:In a possible implementation manner, the computer device includes at least one processor; the first program determines the first storage space and the second storage space according to a firmware calling method, including:
若固件调用方式为内部调用方式,则第一程序在第一处理器的存储空间中确定第一存储空间和第二存储空间;第一处理器运行第一程序的处理器。If the calling method of the firmware is an internal calling method, the first program determines the first storage space and the second storage space in the storage space of the first processor; the first processor runs the processor of the first program.
以第一程序为操作系统为例,应理解,若固件调用方式为内部调用方式,说明固件运行程序和操作系统运行在同一个处理器,即均运行在第一处理器中。因此,操作系统可以在第一处理器的存储空间中确定第一存储空间和第二存储空间。由于固件运行程序也由第一处理器执行,因此,第一存储空间和第二存储空间也能够被固件运行程序访问。Taking the first program as the operating system as an example, it should be understood that if the firmware calling method is an internal calling method, it means that the firmware running program and the operating system run on the same processor, that is, both run on the first processor. Therefore, the operating system can determine the first storage space and the second storage space in the storage space of the first processor. Since the firmware running program is also executed by the first processor, the first storage space and the second storage space can also be accessed by the firmware running program.
可选的,第二存储空间可以为第一处理器的内存空间。第一存储空间可以为第一处理器的预设寄存器。Optionally, the second storage space may be the memory space of the first processor. The first storage space may be a preset register of the first processor.
一种可能的实现方式中,计算机设备包括至少一个处理器;第一程序根据固件调用方式,确定第一存储空间和第二存储空间,包括:In a possible implementation manner, the computer device includes at least one processor; the first program determines the first storage space and the second storage space according to a firmware calling method, including:
若固件调用方式为外部调用方式,则第一程序在第一处理器和第二处理器可共同访问的存储空间中确定第一存储空间和第二存储空间;其中,第一处理器为运行第一程序的处理器,第二处理器为不运行第一程序的处理器。If the calling method of the firmware is an external calling method, the first program determines the first storage space and the second storage space in the storage space accessible by the first processor and the second processor; wherein, the first processor is to run the second A processor with a program, the second processor is a processor that does not run the first program.
应理解,若固件调用方式为外部调用方式,说明固件运行程序和操作系统运行在不同的处理器。因此,操作系统可以在第一处理器和第二处理器可共同访问的存储空间中确定第一存储空间和第二存储空间。这样,保证了第一存储空间和第二存储空间也能够被固件运行程序访问。It should be understood that if the firmware calling method is an external calling method, it means that the firmware running program and the operating system run on different processors. Therefore, the operating system can determine the first storage space and the second storage space in the storage spaces commonly accessible by the first processor and the second processor. In this way, it is ensured that the first storage space and the second storage space can also be accessed by the firmware running program.
可选的,第二存储空间可以为第一处理器和第二处理器的共享内存空间。第一存储空间可以为预设邮箱。Optionally, the second storage space may be a shared memory space of the first processor and the second processor. The first storage space may be a preset mailbox.
一种可能的实现方式中,第一程序和固件运行程序运行于同一处理器中,固件调用方式为内部调用方式;第一程序和所述固件运行程序运行于不同的处理器中,固件调用方式为外部调用方式。In a possible implementation, the first program and the firmware running program run on the same processor, and the firmware calling method is an internal calling method; the first program and the firmware running program run on different processors, and the firmware calling method For external calls.
其中,不同的处理器是指物理上不同的两个处理器,这两个处理器可以是相同类型,也可以是不同类型。这两个处理器可以封装在一个系统级芯片(system on chip,SoC)内。Wherein, different processors refer to two physically different processors, and the two processors may be of the same type or of different types. These two processors can be packaged in a system-on-chip (SoC).
一种可能的实现方式中,固件调用方式为内部调用方式;固件运行程序从第一存储空间获取补丁位置信息之前,还包括:第一程序执行预设指令,以使第一程序所在的处理器执行固件运行程序。In a possible implementation, the firmware calling method is an internal calling method; before the firmware running program obtains the patch location information from the first storage space, it also includes: the first program executes a preset instruction, so that the processor where the first program is located Execute the firmware runner.
其中,预设指令是指用于调整处理器的执行权限的指令。Wherein, the preset instruction refers to an instruction for adjusting the execution authority of the processor.
当固件调用方式为内部调用方式时,固件运行程序和第一程序运行在同一个处理器中,而处理器执行固件运行程序和执行第一程序的执行权限通常不同。因此,通过第一程序执行预设指令,可以将处理器的执行权限切换为固件运行程序对应的执行权限,从而使得处理器执行固件运行程序。When the firmware calling method is an internal calling method, the firmware running program and the first program run in the same processor, and the execution rights of the processor to execute the firmware running program and the first program are usually different. Therefore, by executing the preset instruction through the first program, the execution authority of the processor can be switched to the execution authority corresponding to the firmware execution program, so that the processor executes the firmware execution program.
一种可能的实现方式中,固件运行程序执行完固件补丁之后,还包括:固件运行程序执行预设指令,以将处理器的执行权限切换为第一程序对应的执行权限,以使处理器继续执行第一程序。In a possible implementation, after the firmware running program executes the firmware patch, it further includes: the firmware running program executes a preset instruction, so as to switch the execution authority of the processor to the execution authority corresponding to the first program, so that the processor continues to Execute the first program.
一种可能的实现方式中,所述方法还包括:所述固件运行程序从所述第一存储空间中获取所述固件补丁功能标识;所述固件运行程序根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁,包括:所述固件运行程序根据所述固件补丁功能标识,确定所述固件补丁功能标识对应的固件服务接口;通过所述固件服务接口根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。In a possible implementation manner, the method further includes: the firmware running program acquires the firmware patch function identifier from the first storage space; the firmware running program obtains the firmware patch function identifier from the patch location information according to the Obtaining the firmware patch in the second storage space includes: the firmware running program determines the firmware service interface corresponding to the firmware patch function identifier according to the firmware patch function identifier; through the firmware service interface according to the patch location information, and acquire the firmware patch from the second storage space.
其中,固件服务接口为软件接口。例如,可以为API接口。Wherein, the firmware service interface is a software interface. For example, it may be an API interface.
一种可能的实现方式中,固件运行程序可以采用如下方式获取固件补丁:所述固件运行程序接收来自于所述第一程序的第一消息,所述第一消息包括所述固件补丁。In a possible implementation manner, the firmware running program may acquire the firmware patch in the following manner: the firmware running program receives a first message from the first program, where the first message includes the firmware patch.
该方式中,第一程序和固件运行程序之间存在消息交互接口。第一程序可以通过消息交互接口将固件补丁传递至固件运行程序。In this manner, there is a message interaction interface between the first program and the firmware running program. The first program can deliver the firmware patch to the firmware running program through the message interaction interface.
一种可能的实现方式中,固件运行程序可以采用如下方式执行固件补丁:从所述固件补丁中获取签名信息;根据所述签名信息,对所述固件补丁的完整性和/或合法性进行验证,得到验证结果;若验证结果为验证通过,则执行所述固件补丁。In a possible implementation, the firmware running program may execute the firmware patch in the following manner: obtain signature information from the firmware patch; verify the integrity and/or legality of the firmware patch according to the signature information , to obtain a verification result; if the verification result is verified, execute the firmware patch.
该实现方式中,在执行固件补丁之前,通过对固件补丁的完整性和/或合法性进行验证,在验证通过的情况下才执行固件补丁,保证计算机设备的安全运行。In this implementation manner, before executing the firmware patch, the integrity and/or legality of the firmware patch is verified, and the firmware patch is executed only when the verification is passed, so as to ensure safe operation of the computer device.
一种可能的实现方式中,固件运行程序可以采用如下方式执行固件补丁:确定所述固件补丁的文件格式类型,所述文件格式类型为二进制类型或者字节码类型;若文件格式类型为字节码类型,则解析并执行固件补丁以使固件补丁生效;若所述文件格式类型为二进制类型,则执行所述固件补丁以使固件补丁生效。In a possible implementation, the firmware running program can execute the firmware patch in the following manner: determine the file format type of the firmware patch, the file format type is binary type or bytecode type; if the file format type is byte code type, then parse and execute the firmware patch to make the firmware patch take effect; if the file format type is binary type, execute the firmware patch to make the firmware patch take effect.
该实现方式中,固件运行程序通过判断固件补丁的文件格式类型,针对不同的文件格式类型采用不同的执行方式,从而使得本申请方案既适用于二进制格式的固件补丁,还适用于字节码格式的固件补丁,使得应用场景更加广泛。In this implementation, the firmware running program adopts different execution methods for different file format types by judging the file format type of the firmware patch, so that the application scheme is not only applicable to the firmware patch in the binary format, but also applicable to the bytecode format The firmware patch makes the application scenarios more extensive.
第二方面,本申请提供一种补丁处理装置,包括:第一处理模块和第二处理模块;其中,第二处理模块用于获取固件补丁,所述固件补丁来自于所述第一处理模块,第二处理模块还用于执行固件补丁,固件补丁生效。In a second aspect, the present application provides a patch processing device, including: a first processing module and a second processing module; wherein the second processing module is used to obtain a firmware patch, the firmware patch comes from the first processing module, The second processing module is also used to execute the firmware patch, and the firmware patch takes effect.
一种可能的实现方式中,第二处理模块具体用于:从第一存储空间获取补丁位置信息,所述补丁位置信息用于指示所述固件补丁在第二存储空间中的存储位置;根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。In a possible implementation manner, the second processing module is specifically configured to: acquire patch location information from the first storage space, where the patch location information is used to indicate the storage location of the firmware patch in the second storage space; The patch location information is used to obtain the firmware patch from the second storage space.
一种可能的实现方式中,第一处理模块用于:将所述固件补丁存储至所述第二存储空间,并将所述补丁位置信息存储至所述第一存储空间。In a possible implementation manner, the first processing module is configured to: store the firmware patch in the second storage space, and store the patch location information in the first storage space.
一种可能的实现方式中,第一处理模块还用于:获取固件调用方式;根据所述固件调用方式,确定所述第一存储空间和所述第二存储空间。In a possible implementation manner, the first processing module is further configured to: acquire a firmware calling method; and determine the first storage space and the second storage space according to the firmware calling method.
一种可能的实现方式中,第一处理模块具体用于:接收所述第二处理模块发送的所述固件调用方式。In a possible implementation manner, the first processing module is specifically configured to: receive the firmware calling manner sent by the second processing module.
一种可能的实现方式中,所述补丁处理装置应用于计算机设备,所述计算机设备包括至少一个处理器;所述第一处理模块具体用于:若所述固件调用方式为内部调用方式,则在第一处理器的存储空间中确定所述第一存储空间和所述第二存储空间;或者,In a possible implementation manner, the patch processing apparatus is applied to computer equipment, and the computer equipment includes at least one processor; the first processing module is specifically configured to: if the firmware calling method is an internal calling method, then determining said first memory space and said second memory space in a memory space of a first processor; or,
若所述固件调用方式为外部调用方式,则在第一处理器和第二处理器可共同访问的存储空间中确定所述第一存储空间和所述第二存储空间;If the calling method of the firmware is an external calling method, then determining the first storage space and the second storage space in a storage space commonly accessible by the first processor and the second processor;
其中,所述第一处理器运行所述第一处理模块,所述第二处理器不运行所述第一处理模块。Wherein, the first processor runs the first processing module, and the second processor does not run the first processing module.
一种可能的实现方式中,所述第一处理模块和所述第二处理模块运行于同一处理器中,所述固件调用方式为所述内部调用方式;所述第一处理模块和所述第二处理模块运行于不同的处理器中,所述固件调用方式为所述外部调用方式。In a possible implementation manner, the first processing module and the second processing module run in the same processor, and the firmware calling method is the internal calling method; the first processing module and the second processing module The two processing modules run in different processors, and the firmware calling method is the external calling method.
一种可能的实现方式中,所述固件调用方式为所述内部调用方式;所述第一处理模块还用于:执行预设指令,以使所述第一处理模块所在的处理器执行所述第二处理模块。In a possible implementation manner, the firmware calling method is the internal calling method; the first processing module is further configured to: execute a preset instruction, so that the processor where the first processing module is located executes the Second processing module.
一种可能的实现方式中,所述第二处理模块还用于:从所述第一存储空间中获取所述固件补丁功能标识;根据所述固件补丁功能标识,确定所述固件补丁功能标识对应的固件服务接口;通过所述固件服务接口根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。In a possible implementation manner, the second processing module is further configured to: obtain the firmware patch function identifier from the first storage space; determine the corresponding A firmware service interface; acquiring the firmware patch from the second storage space through the firmware service interface according to the patch location information.
一种可能的实现方式中,所述第二处理模块具体用于:接收来自于所述第一处理模块的第一消息,所述第一消息包括所述固件补丁。In a possible implementation manner, the second processing module is specifically configured to: receive a first message from the first processing module, where the first message includes the firmware patch.
一种可能的实现方式中,所述第一处理模块为操作系统OS;或者,所述第一处理模块为基板管理控制器BMC程序。In a possible implementation manner, the first processing module is an operating system OS; or, the first processing module is a baseboard management controller (BMC) program.
第三方面,本申请提供一种计算机设备,包括:In a third aspect, the present application provides a computer device, including:
一个或者多个处理器,one or more processors,
以及,存储器;其中,and, memory; where,
所述存储器存储有计算机程序;所述一个或者多个处理器运行所述计算机程序,以实现如第一方面或者第一方面任一种可能的实现方式所述的方法。The memory stores a computer program; the one or more processors run the computer program to implement the method described in the first aspect or any possible implementation manner of the first aspect.
第四方面,本申请提供一种芯片,包括:In a fourth aspect, the present application provides a chip, including:
一个或者多个处理器,one or more processors,
以及,存储器;其中,and, memory; where,
所述存储器存储有计算机程序;所述一个或者多个处理器运行所述计算机程序,以实现如第一方面或者第一方面任一种可能的实现方式所述的方法。The memory stores a computer program; the one or more processors run the computer program to implement the method described in the first aspect or any possible implementation manner of the first aspect.
第五方面,本申请提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,当所述计算机程序被运行时,实现如第一方面或者第一方面任一种可能的实现方式所述的方法。In a fifth aspect, the present application provides a computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed, any possible Implement the method described in the manner.
第六方面,本申请提供一种计算机程序产品,所述计算机程序产品包括计算机程序,当所述计算机程序被运行时,实现如第一方面或者第一方面任一种可能的实现方式所述的方法。In a sixth aspect, the present application provides a computer program product, where the computer program product includes a computer program, and when the computer program is run, it implements the first aspect or any possible implementation of the first aspect. method.
本申请提供一种补丁处理方法、装置及计算机设备,计算机设备存储有第一程序和计算机设备的固件程序,固件程序包括固件启动程序和固件运行程序,该方法包括:固件运行程序获取固件补丁,固件补丁来自于第一程序;固件运行程序执行固件补丁,固件补丁生效,从而解决计算机设备故障或者实现固件更新/升级。由于上述过程并未对计算机设备的固件程序进行更新,使得上述过程无需重启计算机设备,因此,不会对计算机设备的业务造成影响。The present application provides a patch processing method, device, and computer equipment. The computer equipment stores a first program and a firmware program of the computer equipment. The firmware program includes a firmware startup program and a firmware running program. The method includes: the firmware running program acquires a firmware patch, The firmware patch comes from the first program; the firmware running program executes the firmware patch, and the firmware patch takes effect, so as to solve computer equipment failure or implement firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
附图说明Description of drawings
图1为本申请实施例提供的一种计算机设备的硬件结构示意图;FIG. 1 is a schematic diagram of a hardware structure of a computer device provided by an embodiment of the present application;
图2为本申请实施例提供的计算机设备的分层架构示意图;FIG. 2 is a schematic diagram of a layered architecture of a computer device provided by an embodiment of the present application;
图3为本申请实施例提供的计算机设备的运行时序示意图;FIG. 3 is a schematic diagram of the running sequence of the computer equipment provided by the embodiment of the present application;
图4为本申请实施例提供的一种补丁处理方法的流程示意图;FIG. 4 is a schematic flowchart of a patch processing method provided in an embodiment of the present application;
图5为本申请实施例提供的固件运行程序获取固件补丁的一种方式的示意图;FIG. 5 is a schematic diagram of a manner in which a firmware running program provided by an embodiment of the present application obtains a firmware patch;
图6为本申请实施例提供的固件运行程序获取固件补丁的另一种方式的示意图;FIG. 6 is a schematic diagram of another way for the firmware running program to obtain the firmware patch provided by the embodiment of the present application;
图7为本申请实施例提供的一种计算机设备运行状态示意图;FIG. 7 is a schematic diagram of the running state of a computer device provided by the embodiment of the present application;
图8为本申请实施例提供的另一种计算机设备运行态的示意图;FIG. 8 is a schematic diagram of another computer device operating state provided by the embodiment of the present application;
图9为本申请实施例提供的另一种补丁处理方法的流程示意图;FIG. 9 is a schematic flow chart of another patch processing method provided by the embodiment of the present application;
图10为本申请实施例提供的又一种补丁处理方法的流程示意图;FIG. 10 is a schematic flowchart of another patch processing method provided by the embodiment of the present application;
图11为本申请实施例提供的一种操作系统与固件程序的交互过程示意图;FIG. 11 is a schematic diagram of an interaction process between an operating system and a firmware program provided by an embodiment of the present application;
图12为本申请实施例提供的一种补丁处理装置的结构示意图。FIG. 12 is a schematic structural diagram of a patch processing device provided by an embodiment of the present application.
具体实施方式Detailed ways
在本申请中,计算机设备是指可以进行数字运算的机器。计算机设备包括但不限于:移动电话(cellphone)、智能手机(smartphone)、计算机(computer)、平板电脑(tablet computer)、可穿戴设备(wearable device)、个人数码助理(personal digital assistant,PDA)、移动互联网设备(mobile internet device,MID)、物联网设备、电子书阅读器(e-book reader)、服务器等。In this application, computer equipment refers to a machine that can perform number crunching. Computer equipment includes but is not limited to: mobile phone (cellphone), smart phone (smartphone), computer (computer), tablet computer (tablet computer), wearable device (wearable device), personal digital assistant (personal digital assistant, PDA), Mobile Internet device (mobile internet device, MID), IoT device, e-book reader (e-book reader), server, etc.
为了便于理解本申请的技术方案,首先结合图1对计算机设备的结构进行说明。In order to facilitate the understanding of the technical solution of the present application, firstly, the structure of the computer equipment will be described with reference to FIG. 1 .
图1为本申请实施例提供的一种计算机设备的硬件结构示意图。如图1所示,计算机设备100,包括:处理器101和存储器102。可选的,处理器101、存储器102、通信接口103。其中,处理器101、存储器102、通信接口103之间彼此通信连接。例如,处理器101、存储器102、通信接口103之间可以采用网络连接的方式,实现通信连接。或者,如图1所示,上述计算机设备100还可以包括总线104。处理器101、存储器102、通信接口103通过总线104实现彼此之间的通信连接。FIG. 1 is a schematic diagram of a hardware structure of a computer device provided by an embodiment of the present application. As shown in FIG. 1 , a computer device 100 includes: a processor 101 and a memory 102 . Optionally, a processor 101, a memory 102, and a communication interface 103. Wherein, the processor 101, the memory 102, and the communication interface 103 are communicatively connected to each other. For example, the processor 101, the memory 102, and the communication interface 103 may be connected by a network to realize a communication connection. Alternatively, as shown in FIG. 1 , the above computer device 100 may further include a bus 104 . The processor 101 , the memory 102 , and the communication interface 103 are connected to each other through the bus 104 .
其中,处理器101的数量可以为一个或者多个。每个处理器101可以包括一个或者多个处理核。处理器101也可以称为处理单元、处理子系统等。处理器101可以包括下述中的至少一种:中央处理单元(central processing unit,CPU)、专用集成电路(application specific integrated circuit,ASIC)、应用处理器(application processor,AP)、调制解调处理器、图形处理器(graphics processing unit,GPU)、图像信号处理器(image signal processor,ISP)、控制器、视频编解码器、数字信号处理器(digital signal processor,DSP)、基带处理器、神经网络处理器(neural-network processing unit,NPU)等。Wherein, the number of processors 101 may be one or more. Each processor 101 may include one or more processing cores. The processor 101 may also be called a processing unit, a processing subsystem, and the like. The processor 101 may include at least one of the following: a central processing unit (central processing unit, CPU), an application specific integrated circuit (application specific integrated circuit, ASIC), an application processor (application processor, AP), a modem processing processor, graphics processing unit (graphics processing unit, GPU), image signal processor (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, neural Network processor (neural-network processing unit, NPU), etc.
存储器102可以包括:非易失性存储器(non-volatile memory,NVM)和随机存取存储器(random access memory,RAM)。The memory 102 may include: a non-volatile memory (non-volatile memory, NVM) and a random access memory (random access memory, RAM).
其中,非易失性存储器可以为只读存储器(read-only memory,ROM),例如可编程只读存储器(programmable read-only memory,PROM)、可擦除可编程只读存储器(erasable programmable read-only memory,EPROM)、电可擦除可编程只读存储器(electrically erasable programmable read-only memory,EEPROM)等。非易失性存储器也可以为快闪存储器(flash memory)、磁存储器,例如磁带(magnetic tape)、软盘(floppy disk)、硬盘等。非易失性存储器也可以为光盘。当计算机设备断电后,非易失性存储器所存储的数据不会丢失。Wherein, the non-volatile memory can be read-only memory (read-only memory, ROM), such as programmable read-only memory (programmable read-only memory, PROM), erasable programmable read-only memory (erasable programmable read-only memory) only memory, EPROM), electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), etc. The non-volatile memory may also be a flash memory, a magnetic memory, such as a magnetic tape, a floppy disk, a hard disk, and the like. The non-volatile memory can also be an optical disk. When the computer equipment is powered off, the data stored in the non-volatile memory will not be lost.
随机存取存储器也叫主存,是与处理器101直接交换数据的内部存储器。它可以随时读写,而且速度很快,通常作为操作系统或其他正在运行中的程序的临时数据存储介质。RAM工作时可以随时从任何一个指定的地址写入(存入)或读出(取出)信息。它与ROM的最大区别是数据的易失性,即一旦断电所存储的数据将随之丢失。RAM在计算机和数字系统中用来暂时存储程序、数据和中间结果。Random access memory, also called main memory, is an internal memory that directly exchanges data with the processor 101 . It can be read and written at any time, and the speed is very fast, and it is usually used as a temporary data storage medium for operating systems or other running programs. When RAM is working, information can be written (stored) or read (taken out) from any specified address at any time. The biggest difference between it and ROM is the volatility of data, that is, the stored data will be lost once the power is turned off. RAM is used in computers and digital systems to temporarily store programs, data, and intermediate results.
通信接口103使用例如但不限于收发器一类的收发模块,来实现计算机设备100与其他设备或通信网络之间的通信。例如,本申请实施例中,计算机设备可以通过通信接口103获取固件补丁。The communication interface 103 uses a transceiver module such as but not limited to a transceiver to implement communication between the computer device 100 and other devices or communication networks. For example, in the embodiment of the present application, the computer device can acquire the firmware patch through the communication interface 103 .
总线104可以是工业标准体系结构(industry standard architecture,ISA)总线、外部设备互连(peripheral component,PCI)总线或扩展工业标准体系结构(extended industry standard architecture,EISA)总线等。总线可以分为地址总线、数据总线、控制总线等。为便于表示,本申请附图中的总线并不限定仅有一根总线或一种类型的总线。The bus 104 may be an industry standard architecture (industry standard architecture, ISA) bus, a peripheral component interconnect (peripheral component, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, etc. The bus can be divided into address bus, data bus, control bus and so on. For ease of representation, the buses in the drawings of the present application are not limited to only one bus or one type of bus.
可以理解的是,本申请实施例示意的结构并不构成对电子设备100的具体限定。在本申请另一些实施例中,电子设备100可以包括比图示更多或更少的部件,或者组合某些部件,或者拆分某些部件,或者采用不同的部件布置。It can be understood that, the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 100 . In other embodiments of the present application, the electronic device 100 may include more or fewer components than shown in the figure, or combine certain components, or separate certain components, or adopt different component arrangements.
在本申请实施例中,存储器102可用于存储固件程序、操作系统(operating system,OS)、应用程序等。示例性的,上述的固件程序、操作系统、应用程序等可以存储在非易失性存储器中。处理器101可以运行存储器102中存储的固件程序、操作系统、应用程序等,以使计算机设备执行某些功能。In this embodiment of the present application, the memory 102 may be used to store firmware programs, operating systems (operating system, OS), application programs, and the like. Exemplarily, the above-mentioned firmware program, operating system, application program, etc. may be stored in a non-volatile memory. The processor 101 can execute firmware programs, operating systems, application programs, etc. stored in the memory 102 to make the computer device perform certain functions.
存储器102还可以存储计算机设备运行过程中所创建的数据、中间结果等。示例性的,上述的计算机设备运行过程中创建的数据、中间结果等可以存储在随机存取存储器中。The memory 102 may also store data, intermediate results, etc. created during the operation of the computer device. Exemplarily, the data and intermediate results created during the operation of the above-mentioned computer device may be stored in a random access memory.
本申请实施例中,固件程序可以包括基本输入输出系统(basic input output system,BIOS)、以及其他固件程序。BIOS保存着计算机设备最重要的基本输入输出的程序、开机后自检程序和系统自启动程序,它可从互补金属氧化物半导体(complementary metal oxide semiconductor,CMOS)中读写系统设置的具体信息。BIOS的主要功能是为计算机设备提供最底层的、最直接的硬件设置和控制。此外,BIOS还向操作系统提供一些系统参数。In the embodiment of the present application, the firmware program may include a basic input output system (basic input output system, BIOS) and other firmware programs. The BIOS stores the most important basic input and output programs of computer equipment, self-test programs after power-on, and system self-start programs. It can read and write specific information about system settings from complementary metal oxide semiconductors (CMOS). The main function of BIOS is to provide the lowest-level and most direct hardware setting and control for computer equipment. In addition, BIOS also provides some system parameters to the operating system.
图2为本申请实施例提供的计算机设备的分层架构示意图。如图2所示,最底层为计算机设备的硬件层,在硬件层之上是固件程序层,固件程序层之上为操作系统层。FIG. 2 is a schematic diagram of a layered architecture of a computer device provided by an embodiment of the present application. As shown in FIG. 2 , the bottom layer is the hardware layer of the computer equipment, the firmware program layer is above the hardware layer, and the operating system layer is above the firmware program layer.
继续参见图2,本申请实施例中,固件程序包括固件启动程序(即,boot-time firmware)和固件运行程序(即,run-time firmware)。其中,固件启动程序用于在计算机设备启动过程中提供硬件检测、硬件配置、硬件初始化、操作系统引导等功能。固件运行程序用于在操作系统运行过程中,向操作系统提供运行时服务、系统参数等。Continuing to refer to FIG. 2, in the embodiment of the present application, the firmware program includes a firmware startup program (ie, boot-time firmware) and a firmware running program (ie, run-time firmware). Wherein, the firmware startup program is used to provide functions such as hardware detection, hardware configuration, hardware initialization, and operating system booting during the startup process of the computer device. The firmware running program is used to provide runtime services, system parameters, etc. to the operating system during the running of the operating system.
图3为本申请实施例提供的计算机设备的运行时序示意图。如图3所示,计算机设备的运行过程可以分为启动阶段和运行阶段。在启动阶段,计算机设备执行固件启动程序,以对硬件进行检测、初始化,并引导操作系统启动。当操作系统启动完成后,固件启动程序运行结束。在运行阶段,计算机设备执行操作系统和固件运行程序。FIG. 3 is a schematic diagram of the running sequence of the computer device provided by the embodiment of the present application. As shown in FIG. 3 , the running process of the computer device can be divided into a startup phase and a running phase. In the startup phase, the computer device executes the firmware startup program to detect and initialize the hardware, and guide the operating system to start. After the operating system is started, the firmware startup program ends. During the run phase, the computer device executes the operating system and firmware running programs.
在本申请提供的技术方案中,固件运行程序向操作系统提供了执行固件补丁的服务,在计算机设备发生故障或者需要进行固件更新/升级时,操作系统可以调用该服务,以使固件运行程序执行固件补丁,固件补丁生效,从而解决故障或者实现固件更新/升级。该过程中无需重启计算机设备,不会对计算机设备的业务造成影响。In the technical solution provided by this application, the firmware running program provides the operating system with the service of executing firmware patches. When the computer equipment fails or needs to be updated/upgraded, the operating system can call this service to make the firmware running program execute Firmware patch, the firmware patch takes effect, so as to solve the fault or implement firmware update/upgrade. There is no need to restart the computer equipment during this process, and the business of the computer equipment will not be affected.
下面结合具体的实施例对本申请提供的技术方案进行详细说明。下面几个具体的实施例可以相互结合,对于相同或相似的概念或过程可能在某些实施例中不再赘述。The technical solutions provided by the present application will be described in detail below in conjunction with specific embodiments. The following specific embodiments may be combined with each other, and the same or similar concepts or processes may not be repeated in some embodiments.
图4为本申请实施例提供的一种补丁处理方法的流程示意图。本实施例的方法可以由计算机设备执行。计算机设备存储有第一程序和计算机设备的固件程序。固件程 序包括固件运行程序和固件启动程序。在一些场景中,本申请实施例所述的补丁处理方法也可以称为固件补丁处理方法,或者称为固件更新方法,或者,称为固件升级方法。FIG. 4 is a schematic flowchart of a patch processing method provided by an embodiment of the present application. The method in this embodiment can be executed by a computer device. The computer device stores the first program and the firmware program of the computer device. The firmware program includes a firmware running program and a firmware starting program. In some scenarios, the patch processing method described in the embodiment of the present application may also be called a firmware patch processing method, or a firmware update method, or a firmware upgrade method.
如图4所示,本实施例的方法,包括:As shown in Figure 4, the method of this embodiment includes:
S401:固件运行程序获取固件补丁,所述固件补丁来自于所述第一程序。S401: A firmware running program acquires a firmware patch, where the firmware patch comes from the first program.
第一程序可以是计算机设备在运行阶段执行的、除固件程序之外的其他程序。一些实施例中,第一程序可以为操作系统。另一些实施例中,第一程序可以为基板管理控制器(Baseboard Management Controller,BMC)程序。The first program may be other programs except the firmware program executed by the computer device during the running phase. In some embodiments, the first program may be an operating system. In some other embodiments, the first program may be a baseboard management controller (Baseboard Management Controller, BMC) program.
其中,操作系统可以为下述中的任意一种:Windows、MacOS、Linux、Chrome OS、iOS、Android、鸿蒙系统、KaiOS、Ipad OS、Fuchsia OS。本实施例对此不作限定。Among them, the operating system can be any one of the following: Windows, MacOS, Linux, Chrome OS, iOS, Android, Hongmeng OS, KaiOS, Ipad OS, Fuchsia OS. This embodiment does not limit it.
BMC用于实现对计算机设备的系统硬件进行监视和控制的功能,例如,监视系统硬件的温度、电压、风扇、电源等,并做相应的调节工作,以保证系统硬件处于健康运行的状态。BMC程序可以视为一个独立的系统,不依赖于计算机设备上的其他硬件(例如处理器、存储器等),也不依赖于BIOS、操作系统等。BMC与BIOS之间可以进行消息交互。BMC is used to monitor and control the system hardware of computer equipment, for example, monitor the temperature, voltage, fan, power supply, etc. of the system hardware, and make corresponding adjustments to ensure that the system hardware is in a healthy operating state. The BMC program can be regarded as an independent system, which does not depend on other hardware (such as processor, memory, etc.) on the computer device, nor does it depend on BIOS, operating system, etc. Messages can be exchanged between the BMC and the BIOS.
本申请实施例中,固件补丁是指为了解决计算机设备故障或者为了实现固件更新/升级而编写的一段程序。上述的计算机设备故障可以为硬件固件、固件程序故障等。固件更新/升级可以包括但不限于:完善已有固件功能、修补已有固件功能的漏洞、增加新的固件功能、增强固件稳定性等。固件补丁包括独立、完整的实现某个功能的代码,而不依赖固件补丁之外的其他程序。固件补丁可以为二进制文件格式,也可以为字节码文件格式。In this embodiment of the application, a firmware patch refers to a program written to solve computer equipment failures or to implement firmware updates/upgrades. The above-mentioned computer equipment faults may be hardware firmware, firmware program faults, etc. Firmware updates/upgrades may include, but are not limited to: improving existing firmware functions, patching vulnerabilities of existing firmware functions, adding new firmware functions, enhancing firmware stability, etc. A firmware patch includes independent and complete code for realizing a certain function, without relying on other programs other than the firmware patch. Firmware patches can be in binary or bytecode file format.
举例而言,假设在计算机设备运行过程中,发现计算机设备的Flash出现故障,需要对Flash安全访问控制位进行修改。该控制位是一个寄存器,操作系统或者BMC程序的执行权限较低,无权访问该寄存器,只能由具有更高执行权限的固件程序对该寄存器进行修改。该情况下,可以编写如下固件补丁,以实现对上述寄存器的修改:For example, suppose that during the operation of the computer device, it is found that the Flash of the computer device is faulty, and the security access control bit of the Flash needs to be modified. The control bit is a register. The operating system or the BMC program has low execution authority and has no right to access the register. The register can only be modified by a firmware program with higher execution authority. In this case, the following firmware patch can be written to modify the above registers:
Figure PCTCN2022134180-appb-000001
Figure PCTCN2022134180-appb-000001
本申请实施例中,固件运行程序可以采用如下几种可能的方式,获取来自于第一程序的固件补丁。In the embodiment of the present application, the firmware running program may acquire the firmware patch from the first program in the following possible ways.
方式1:Method 1:
图5为本申请实施例提供的固件运行程序获取固件补丁的一种方式的示意图。如图5所示,第一程序将固件补丁存储至第二存储空间,以及将补丁位置信息存储至第一存储空间。其中,补丁位置信息用于指示固件补丁在第二存储空间的存储位置。相应的,固件运行程序从第一存储空间获取补丁位置信息,并根据补丁位置信息,从第二存储空间中获取固件补丁。FIG. 5 is a schematic diagram of a manner in which a firmware running program obtains a firmware patch provided by an embodiment of the present application. As shown in FIG. 5 , the first program stores the firmware patch in the second storage space, and stores the patch location information in the first storage space. Wherein, the patch location information is used to indicate the storage location of the firmware patch in the second storage space. Correspondingly, the firmware running program obtains the patch location information from the first storage space, and obtains the firmware patch from the second storage space according to the patch location information.
示例性的,补丁位置信息可以包括固件补丁在第二存储空间中的起始地址和结束 地址。或者,补丁位置信息可以包括固件补丁在第二存储空间中的起始位置和固件补丁的长度。Exemplarily, the patch location information may include a start address and an end address of the firmware patch in the second storage space. Alternatively, the patch location information may include a starting location of the firmware patch in the second storage space and a length of the firmware patch.
该方式中,第一程序通过第一存储空间和第二存储空间将固件补丁传递至固件运行程序。第一存储空间和第二存储空间均为第一程序和固件运行程序可共同访问的存储空间。In this way, the first program transfers the firmware patch to the firmware running program through the first storage space and the second storage space. Both the first storage space and the second storage space are storage spaces that can be accessed jointly by the first program and the firmware running program.
可选的,第一存储空间可以为第一程序和固件运行程序之间的共享内存。第二存储空间可以为第一程序和第二固件运行程序可共同访问的寄存器、邮箱(Mailbox)、共享内存等。Optionally, the first storage space may be a shared memory between the first program and the firmware running program. The second storage space may be a register, a mailbox (Mailbox), a shared memory, and the like that are jointly accessible by the first program and the second firmware running program.
方式2:Method 2:
图6为本申请实施例提供的固件运行程序获取固件补丁的另一种方式的示意图。如图6所示,第一程序向固件运行程序发送第一消息,第一消息中包括固件补丁。相应的,固件运行程序接收来自于第一程序的第一消息,并从第一消息中获取固件补丁。FIG. 6 is a schematic diagram of another manner in which a firmware running program obtains a firmware patch provided by an embodiment of the present application. As shown in FIG. 6 , the first program sends a first message to the firmware running program, and the first message includes a firmware patch. Correspondingly, the firmware running program receives the first message from the first program, and obtains the firmware patch from the first message.
该方式中,第一程序和固件运行程序之间存在消息交互接口。第一程序可以通过消息交互接口将固件补丁传递至固件运行程序。In this manner, there is a message interaction interface between the first program and the firmware running program. The first program can deliver the firmware patch to the firmware running program through the message interaction interface.
S402:固件运行程序执行所述固件补丁,所述固件补丁生效。S402: The firmware running program executes the firmware patch, and the firmware patch takes effect.
本实施例中,固件运行程序获取到固件补丁之后,执行固件补丁,以使固件补丁生效,从而解决计算机设备故障或者实现固件更新/升级。In this embodiment, after the firmware running program acquires the firmware patch, it executes the firmware patch to make the firmware patch take effect, so as to solve the failure of the computer equipment or implement firmware update/upgrade.
其中,执行固件补丁的另一些表述形式可以为:执行固件补丁中的代码;按照固件补丁的代码逻辑,执行相应的处理以实现固件补丁所实现的功能/逻辑。Wherein, other expression forms of executing the firmware patch may be: executing the code in the firmware patch; performing corresponding processing according to the code logic of the firmware patch to realize the function/logic implemented by the firmware patch.
固件补丁生效的另一些表述形式可以为:计算机设备实现了固件补丁实现的功能/逻辑;计算机设备按照固件补丁实现的功能/逻辑继续运行。以计算机设备故障场景为例,当固件运行程序执行固件补丁之后,计算机设备的故障解决,使得计算机设备恢复正常运行。以固件更新/升级场景为例,当固件运行程序执行固件补丁之后,计算机设备按照更新/升级后的固件运行,并达到固件更新/升级后的运行效果,例如,对原有固件功能进行了完善、修补了原有固件功能的漏洞、增加了新的固件功能、提高了固件稳定性等。Another form of expression for the firmware patch to take effect may be: the computer device implements the function/logic implemented by the firmware patch; the computer device continues to run according to the function/logic implemented by the firmware patch. Taking the computer equipment failure scenario as an example, after the firmware running program executes the firmware patch, the failure of the computer equipment is resolved, so that the computer equipment resumes normal operation. Taking the firmware update/upgrade scenario as an example, when the firmware running program executes the firmware patch, the computer equipment runs according to the updated/upgraded firmware, and achieves the operation effect after the firmware update/upgrade, for example, the function of the original firmware is improved. , Repair the loopholes of the original firmware function, increase the new firmware function, improve the stability of the firmware, etc.
举例而言,一个示例性的场景中,在计算机设备运行过程中,固件服务器将固件补丁推送至计算机设备,或者,开发人员将固件补丁上传至计算机设备,从而,计算机设备的第一程序获取到固件补丁。第一程序可以采用上述方式1或者上述方式2,将固件补丁传递至固件运行程序,使得固件运行程序获得固件补丁。进而,固件运行程序执行固件补丁,使得固件补丁生效,解决计算机设备故障或者实现固件更新/升级。For example, in an exemplary scenario, during the operation of the computer device, the firmware server pushes the firmware patch to the computer device, or the developer uploads the firmware patch to the computer device, so that the first program of the computer device obtains Firmware patches. The first program may use the above-mentioned method 1 or the above-mentioned method 2 to transfer the firmware patch to the firmware running program, so that the firmware running program obtains the firmware patch. Furthermore, the firmware running program executes the firmware patch, so that the firmware patch takes effect, solves the failure of the computer equipment or implements firmware update/upgrade.
由此可见,本实施例中,在计算机设备运行过程中,通过固件运行程序获取来自于第一程序的固件补丁,并执行该固件补丁,即可使固件补丁生效,从而解决计算机设备故障或者实现固件更新/升级。由于上述过程并未对计算机设备的固件程序进行更新,使得上述过程无需重启计算机设备,因此,不会对计算机设备的业务造成影响。It can be seen that in this embodiment, during the operation of the computer equipment, the firmware patch from the first program is acquired through the firmware running program, and the firmware patch is executed to make the firmware patch take effect, thereby solving the problem of the computer equipment or realizing Firmware update/upgrade. Since the above-mentioned process does not update the firmware program of the computer equipment, the above-mentioned process does not need to restart the computer equipment, therefore, it will not affect the business of the computer equipment.
在上述实施例的基础上,下面以第一程序为操作系统为例,对本申请方案进行更详细的描述。On the basis of the foregoing embodiments, the solution of the present application will be described in more detail below by taking the first program as an operating system as an example.
实际应用中,计算机设备可能包括一个或者多个处理器。参见前述图3所示,计算机设备在运行阶段,固件运行程序和操作系统同时运行。这样,固件运行程序和操 作系统的运行可以分为如下两种情况。In practical applications, computer equipment may include one or more processors. Referring to the aforementioned FIG. 3 , when the computer device is running, the firmware running program and the operating system run simultaneously. In this way, the operation of the firmware running program and the operating system can be divided into the following two situations.
情况1:固件运行程序和操作系统运行在同一个处理器中。Case 1: The firmware runner and the operating system run on the same processor.
情况2:固件运行程序和操作系统运行在不同的处理器中。其中,不同的处理器是指物理上不同的两个处理器,这两个处理器可以是相同类型,也可以是不同类型,本实施例对此不作限定。这两个处理器可以封装在一个系统级芯片(system on chip,SoC)内。Case 2: The firmware runner and the operating system run on different processors. The different processors refer to two physically different processors, and the two processors may be of the same type or of different types, which is not limited in this embodiment. These two processors can be packaged in a system-on-chip (SoC).
一种可能的场景中,计算机设备包括一个处理器。操作系统和固件运行程序均由该处理器执行。该场景属于上述的情况1。图7为本申请实施例提供的一种计算机设备运行状态示意图,如图7所示,操作系统和固件运行程序均由处理器执行。该场景中,处理器采用分时方式来执行操作系统和固件运行程序,即,在同一时刻只能执行操作系统和固件运行程序中的其中一个。示例性的,处理器在执行操作系统时,固件运行程序处于暂停状态(或者称为休眠状态)。当处理器需要执行固件运行程序时,可以先暂停执行操作系统,唤醒固件运行程序。当固件运行程序执行完成,处理器唤醒操作系统,以使操作系统继续执行。一些可能的场景中,操作系统由处理器的CPU运行,固件运行程序可以由该处理器的配套芯片运行,例如桥片等。In a possible scenario, the computer device includes a processor. Both the operating system and firmware runners are executed by the processor. This scenario belongs to case 1 above. FIG. 7 is a schematic diagram of the running state of a computer device provided by the embodiment of the present application. As shown in FIG. 7 , both the operating system and the firmware running program are executed by the processor. In this scenario, the processor executes the operating system and the firmware running program in a time-sharing manner, that is, only one of the operating system and the firmware running program can be executed at the same time. Exemplarily, when the processor is executing the operating system, the firmware running program is in a suspended state (or called a sleep state). When the processor needs to execute the firmware running program, it can suspend the execution of the operating system and wake up the firmware running program. When the execution of the firmware running program is completed, the processor wakes up the operating system so that the operating system can continue to execute. In some possible scenarios, the operating system is run by the CPU of the processor, and the firmware running program can be run by a supporting chip of the processor, such as a bridge chip.
另一种可能的场景中,计算机设备包括多个处理器。该场景中,操作系统可以由其中一个处理器执行,而固件运行程序可以分布在不同的处理器执行。图8为本申请实施例提供的另一种计算机设备运行态的示意图。如图8所示,以计算机设备包括处理器A和处理器B为例进行示意,处理器A执行操作系统以及固件运行程序,处理器B执行固件运行程序。该情况下,处理器A和处理器B所执行的固件运行程序可以完全相同,也可以所有不同。例如,处理器A执行固件运行程序的部分功能,处理器B执行固件运行程序的部分功能。一些场景中,处理器A执行的固件运行程序的部分功能与处理器B执行的固件运行程序的部分功能可以存在重叠。In another possible scenario, the computer device includes multiple processors. In this scenario, the operating system can be executed by one of the processors, and the firmware running program can be distributed and executed by different processors. FIG. 8 is a schematic diagram of another operating state of a computer device provided by an embodiment of the present application. As shown in FIG. 8 , it is illustrated by taking a computer device including a processor A and a processor B as an example. The processor A executes an operating system and a firmware running program, and the processor B executes the firmware running program. In this case, the firmware running programs executed by the processor A and the processor B may be completely the same or different. For example, processor A executes part of the functions of the firmware running program, and processor B executes part of the functions of the firmware running program. In some scenarios, some functions of the firmware running program executed by the processor A may overlap with some functions of the firmware running program executed by the processor B.
该场景中,对于处理器A中的固件运行程序而言,该固件运行程序和操作系统运行在同一个处理器,属于上述情况1。一些可能的场景中,操作系统由处理器A的CPU运行,固件运行程序可以由处理器A的配套芯片运行,例如桥片等。In this scenario, for the firmware running program in processor A, the firmware running program and the operating system run on the same processor, which belongs to the above case 1. In some possible scenarios, the operating system is run by the CPU of processor A, and the firmware running program can be run by a supporting chip of processor A, such as a bridge chip.
对于处理器B中的固件运行程序而言,该固件运行程序和操作系统运行在不同的处理器,属于上述的情况2。For the firmware running program in processor B, the firmware running program and the operating system run on different processors, which belongs to the above-mentioned case 2.
应理解,图8是以两个处理器为例进行举例说明,当计算机设备包括更多个处理器时,其原理是类似的,此处不做赘述。It should be understood that FIG. 8 uses two processors as an example for illustration, and when the computer device includes more processors, the principle is similar, and details are not repeated here.
上述图4所示实施例中,当操作系统和固件运行程序采用上述方式1来传递固件补丁时,针对上述的情况1和情况2,具体实现方式有所不同。下面结合图9所示实施例,分别针对两种情况进行说明。In the above-mentioned embodiment shown in FIG. 4 , when the operating system and the firmware running program use the above-mentioned method 1 to transfer the firmware patch, the specific implementation methods are different for the above-mentioned case 1 and case 2. In the following, the two cases will be described respectively with reference to the embodiment shown in FIG. 9 .
图9为本申请实施例提供的另一种补丁处理方法的流程示意图。本实施例的方法可以在计算机设备执行过程中,操作系统确定需要打固件补丁的情况下执行。如图9所示,本实施例的方法,包括:FIG. 9 is a schematic flowchart of another patch processing method provided by the embodiment of the present application. The method in this embodiment may be executed when the operating system determines that a firmware patch needs to be applied during the execution of the computer device. As shown in Figure 9, the method of this embodiment includes:
S901:操作系统确定固件调用方式。S901: The operating system determines a firmware calling method.
本申请实施例中,固件调用方式是指操作系统通知/调用固件运行程序,以使固件运行程序执行固件补丁的方式。固件调用方式可以分为内部调用方式和外部调用方式, 内部调用方式是指在同一处理器内部进行调用,外部调用方式是指跨处理器进行调用。In the embodiment of the present application, the method of invoking the firmware refers to a method in which the operating system notifies/calls the firmware running program, so that the firmware running program executes the firmware patch. Firmware calling methods can be divided into internal calling methods and external calling methods. The internal calling method refers to calling within the same processor, and the external calling method refers to calling across processors.
针对上述情况1,操作系统和固件运行程序运行在同一个处理器中,固件调用方式为内部调用方式。For the above case 1, the operating system and the firmware running program run on the same processor, and the calling method of the firmware is an internal calling method.
针对上述情况2,操作系统和固件运行程序运行在不同的处理器中,固件调用方式为外部调用方式。For the above case 2, the operating system and the firmware running program run on different processors, and the firmware calling method is an external calling method.
S902:若固件调用方式为内部调用方式,则操作系统在第一处理器的存储空间中确定第一存储空间和第二存储空间,第一处理器为运行操作系统的处理器。S902: If the calling method of the firmware is an internal calling method, the operating system determines the first storage space and the second storage space in the storage space of the first processor, where the first processor is a processor running the operating system.
S903:操作系统将固件补丁存储在第二存储空间中,将补丁位置信息存储在第一存储空间中,补丁位置信息用于指示固件补丁在第二存储空间中的存储位置。S903: The operating system stores the firmware patch in the second storage space, and stores patch location information in the first storage space, where the patch location information is used to indicate a storage location of the firmware patch in the second storage space.
应理解,若固件调用方式为内部调用方式,说明固件运行程序和操作系统运行在同一个处理器,即均运行在第一处理器中,对应上述情况1。因此,操作系统可以在第一处理器的存储空间中确定第一存储空间和第二存储空间。由于固件运行程序也由第一处理器执行,因此,第一存储空间和第二存储空间也能够被固件运行程序访问。It should be understood that if the firmware calling method is an internal calling method, it means that the firmware running program and the operating system run on the same processor, that is, both run on the first processor, which corresponds to the above case 1. Therefore, the operating system can determine the first storage space and the second storage space in the storage space of the first processor. Since the firmware running program is also executed by the first processor, the first storage space and the second storage space can also be accessed by the firmware running program.
示例性的,第二存储空间可以为第一处理器的内存空间。第一存储空间可以为第一处理器的预设寄存器。Exemplarily, the second storage space may be the memory space of the first processor. The first storage space may be a preset register of the first processor.
针对操作系统和固件运行程序均由第一处理器执行的场景(例如,第一处理器为图7中的处理器,或者为图8中的处理器A),第一处理器在执行操作系统时的执行权限,与在执行固件运行程序时的执行权限通常不同。示例性的,固件运行程序对应的执行权限可能高于操作系统对应的执行权限。因此,一些可能的实现方式中,操作系统在执行S903之后,还可以执行下述的S904。For the scenario where both the operating system and the firmware running program are executed by the first processor (for example, the first processor is the processor in FIG. 7, or the processor A in FIG. 8), the first processor executes the operating system Execute permissions when executing the firmware are usually different from the execution permissions when executing the firmware runtime program. Exemplarily, the execution authority corresponding to the firmware running program may be higher than the execution authority corresponding to the operating system. Therefore, in some possible implementation manners, after performing S903, the operating system may further perform the following S904.
S904:操作系统执行预设指令,以使第一处理器执行固件运行程序。S904: The operating system executes a preset instruction, so that the first processor executes a firmware running program.
其中,预设指令是指用于调整第一处理器的执行权限的指令。针对不同架构的处理器,操作系统所需执行的预设指令通常不同。本实施例中,操作系统执行预设指令,以将第一处理器的执行权限切换为固件运行程序对应的执行权限,从而使得第一处理器执行固件运行程序。Wherein, the preset instruction refers to an instruction for adjusting the execution permission of the first processor. For processors with different architectures, the preset instructions to be executed by the operating system are usually different. In this embodiment, the operating system executes a preset instruction to switch the execution authority of the first processor to the execution authority corresponding to the firmware running program, so that the first processor executes the firmware running program.
下面以固件运行程序为BIOS运行程序为例,进行举例说明。The following takes the firmware running program as the BIOS running program as an example for illustration.
示例一,若第一处理器为ARM架构的处理器,第一处理器的执行权限由高到低可以分为EL3、EL2、EL1、EL0四个层级。操作系统对应的执行权限通常为EL2或者EL1。BIOS运行程序对应的执行权限通常为EL3。操作系统可以通过执行SMC指令,将第一处理器的执行权限由EL2/EL1切换为EL3,以使第一处理器执行BIOS运行程序。Example 1, if the first processor is an ARM architecture processor, the execution rights of the first processor can be divided into four levels: EL3, EL2, EL1, and EL0 from high to low. The execution permission corresponding to the operating system is usually EL2 or EL1. The execution authority corresponding to the BIOS running program is usually EL3. The operating system may switch the execution authority of the first processor from EL2/EL1 to EL3 by executing the SMC instruction, so that the first processor executes the BIOS running program.
示例二,若第一处理器为RISC-V架构的处理器,第一处理器的执行权限由高到低可以分为M-mode、S-mode、U-mode三个层级。操作系统对应的执行权限通常为S-mode。BIOS运行程序对应的执行权限通常为M-mode。操作系统可以通过执行ECLL指令,将第一处理器的执行权限由S-mode切换为M-mode,以使第一处理器执行BIOS运行程序。Example 2, if the first processor is a RISC-V architecture processor, the execution rights of the first processor can be divided into three levels: M-mode, S-mode, and U-mode from high to low. The execution permission corresponding to the operating system is usually S-mode. The execution permission corresponding to the BIOS running program is usually M-mode. The operating system may switch the execution authority of the first processor from S-mode to M-mode by executing the ECLL instruction, so that the first processor executes the BIOS running program.
示例三,若第一处理器为X86架构的处理器。操作系统对应的执行权限为非SMM mode,BIOS运行程序对应的执行权限为SMM mode。操作系统可以通过执行产生SMI中断的操作指令,将第一处理器的执行权限由非SMM mode切换为SMM mode,以使 第一处理器执行BIOS运行程序。Example 3, if the first processor is a processor of X86 architecture. The execution permission corresponding to the operating system is non-SMM mode, and the execution permission corresponding to the BIOS running program is SMM mode. The operating system can switch the execution authority of the first processor from non-SMM mode to SMM mode by executing an operation instruction that generates an SMI interrupt, so that the first processor executes the BIOS running program.
S905:若固件调用方式为外部调用方式,则操作系统在第一处理器和第二处理器可共同访问的存储空间中确定第一存储空间和第二存储空间,第一处理器为运行操作系统的处理器,第二处理器为不运行操作系统的处理器。S905: If the calling method of the firmware is an external calling method, the operating system determines the first storage space and the second storage space in the storage space accessible by the first processor and the second processor, and the first processor runs the operating system processor, and the second processor is a processor that does not run an operating system.
S906:操作系统将固件补丁存储在第二存储空间中,将补丁位置信息存储在第一存储空间中,补丁位置信息用于指示固件补丁在第二存储空间中的存储位置。S906: The operating system stores the firmware patch in the second storage space, and stores patch location information in the first storage space, where the patch location information is used to indicate a storage location of the firmware patch in the second storage space.
应理解,若固件调用方式为外部调用方式,说明实现本申请实施例的固件运行程序和操作系统运行在不同的处理器,即对应上述情况2。例如,图8所示示例中,实现本申请实施例的固件运行程序由处理器B执行,操作系统由处理器A执行。因此,操作系统可以在处理器A和处理器B可共同访问的存储空间中确定第一存储空间和第二存储空间。这样,保证了第一存储空间和第二存储空间也能够被固件运行程序访问。It should be understood that if the firmware calling method is an external calling method, it means that the firmware running program and the operating system implementing the embodiment of the present application run on different processors, which corresponds to the above case 2. For example, in the example shown in FIG. 8 , the firmware execution program implementing the embodiment of the present application is executed by processor B, and the operating system is executed by processor A. Therefore, the operating system can determine the first storage space and the second storage space in the storage spaces accessible by both processor A and processor B. In this way, it is ensured that the first storage space and the second storage space can also be accessed by the firmware running program.
示例性的,第二存储空间可以为第一处理器和第二处理器的共享内存空间。第一存储空间可以为预设邮箱。Exemplarily, the second storage space may be a shared memory space of the first processor and the second processor. The first storage space may be a preset mailbox.
S907:固件运行程序从第一存储空间获取补丁位置信息,并根据所述补丁位置信息,从第二存储空间中获取固件补丁。S907: The firmware running program acquires patch location information from the first storage space, and acquires a firmware patch from the second storage space according to the patch location information.
S908:固件运行程序执行固件补丁,固件补丁生效。S908: The firmware running program executes the firmware patch, and the firmware patch takes effect.
一种可能的实现方式中,针对上述情况1,即,操作系统和固件运行程序运行在同一个处理器的场景,若固件运行程序与操作系统对应的执行权限不同,则固件运行程序执行完固件补丁之后,还包括:固件运行程序执行预设指令,以将处理器的执行权限切换为操作系统对应的执行权限,以使第一处理器继续执行操作系统。In a possible implementation, for the above case 1, that is, the scenario where the operating system and the firmware running program run on the same processor, if the execution permissions of the firmware running program and the operating system are different, the firmware running program finishes executing the firmware After the patch, it also includes: the firmware running program executes preset instructions to switch the execution authority of the processor to the execution authority corresponding to the operating system, so that the first processor continues to execute the operating system.
上述图9所示实施例主要描述了在情况1和情况2下,操作系统如何将固件补丁传递给固件运行程序。下面结合一个具体的实施例描述固件运行程序在获取到固件补丁之后,对固件补丁的具体执行过程。The above embodiment shown in FIG. 9 mainly describes how the operating system transfers the firmware patch to the firmware running program in the case 1 and the case 2. The specific implementation process of the firmware patch after the firmware running program acquires the firmware patch is described below in conjunction with a specific embodiment.
图10为本申请实施例提供的又一种补丁处理方法的流程示意图。如图10所示,本实施例的方法,包括:FIG. 10 is a schematic flowchart of another patch processing method provided by the embodiment of the present application. As shown in Figure 10, the method of this embodiment includes:
S1001:固件运行程序从第一存储空间获取补丁位置信息和固件补丁功能标识,补丁位置性用于指示固件补丁在第二存储空间中的存储位置。S1001: The firmware running program obtains the patch location information and the firmware patch function identifier from the first storage space, and the patch location is used to indicate the storage location of the firmware patch in the second storage space.
S1002:固件运行程序根据固件补丁功能标识,确定固件补丁功能标识对应的固件服务接口。S1002: The firmware running program determines the firmware service interface corresponding to the firmware patch function identifier according to the firmware patch function identifier.
本实施例中,固件运行程序可以向操作系统提供多种调用功能。固件补丁功能是其中的一种。每种调用功能对应有服务接口。固件补丁功能对应的服务接口为固件服务接口。In this embodiment, the firmware running program can provide various calling functions to the operating system. The firmware patch function is one of them. Each calling function corresponds to a service interface. The service interface corresponding to the firmware patch function is the firmware service interface.
应理解,固件服务接口为软件接口。例如,可以为应用程序接口(Application Programming Interface,API)等。It should be understood that the firmware service interface is a software interface. For example, it may be an application programming interface (Application Programming Interface, API) or the like.
操作系统在将补丁位置信息存储至第一存储空间时,还可以将固件补丁功能标识也存储至第一存储空间。其中,固件补丁功能标识用于告知固件运行程序需要调用固件补丁功能。这样,固件运行程序根据固件补丁功能标识,可以确定需要执行固件服务接口。进而,通过调用固件服务接口完成下述S1003至S1007的固件补丁执行过程。When the operating system stores the patch location information in the first storage space, it may also store the firmware patch function identifier in the first storage space. Wherein, the firmware patch function identifier is used to inform the firmware that the running program needs to call the firmware patch function. In this way, the firmware running program can determine that the firmware service interface needs to be executed according to the firmware patch function identifier. Furthermore, the following firmware patch execution process from S1003 to S1007 is completed by calling the firmware service interface.
S1003:通过固件服务接口根据补丁位置信息,从第二存储空间中获取固件补丁。S1003: Obtain the firmware patch from the second storage space according to the patch location information through the firmware service interface.
一个示例中,如表1所示,固件补丁可以包括文件头、代码区和签名区。In an example, as shown in Table 1, the firmware patch may include a file header, a code area and a signature area.
表1Table 1
Figure PCTCN2022134180-appb-000002
Figure PCTCN2022134180-appb-000002
S1004:通过固件服务接口从固件补丁中获取签名信息,并根据签名信息对固件补丁的完整性和/或合法性进行验证,得到验证结果。S1004: Obtain signature information from the firmware patch through the firmware service interface, and verify the integrity and/or legality of the firmware patch according to the signature information, and obtain a verification result.
示例性的,可以根据表1所示的固件补丁的文件结构,从固件补丁的签名区获取签名信息。利用签名信息对固件补丁的完整性和/或合法性进行验证,得到验证结果。Exemplarily, according to the file structure of the firmware patch shown in Table 1, the signature information can be obtained from the signature area of the firmware patch. The integrity and/or legality of the firmware patch is verified by using the signature information, and a verification result is obtained.
若验证结果为验证不通过,则不再执行固件补丁。若验证结果为验证通过,则继续执行后续的S1005至S1007。If the verification result is that the verification fails, the firmware patch will not be executed. If the verification result is that the verification is passed, continue to execute subsequent steps S1005 to S1007.
本实施例中,在执行固件补丁之前,通过对固件补丁的完整性和/或合法性进行验证,在验证通过的情况下才执行固件补丁,保证计算机设备的安全运行。In this embodiment, before executing the firmware patch, the integrity and/or legality of the firmware patch is verified, and the firmware patch is executed only when the verification is passed, so as to ensure safe operation of the computer equipment.
S1005:若验证结果为验证通过,则通过固件服务接口确定固件补丁的文件格式类型,所述文件格式类型为二进制类型或者字节码类型。S1005: If the verification result is that the verification is passed, determine the file format type of the firmware patch through the firmware service interface, and the file format type is a binary type or a bytecode type.
应理解,针对字节码类型的固件补丁,计算机设备无法直接识别,需要先进行解析处理,转换为计算机设备可以识别的形式,然后再执行。针对二进制类型的固件补丁,计算机设备可以直接执行。如下面的S1006和S1007所述。It should be understood that the computer device cannot directly recognize the firmware patch of the bytecode type, and needs to be parsed first, converted into a form that the computer device can recognize, and then executed. For the firmware patch of the binary type, the computer device can directly execute it. As described in S1006 and S1007 below.
S1006:若文件格式类型为字节码类型,则通过固件服务接口解析并执行固件补丁,以使固件补丁生效。S1006: If the file format type is a bytecode type, parse and execute the firmware patch through the firmware service interface, so that the firmware patch takes effect.
S1007:若文件格式类型为二进制类型,则通过固件服务接口执行固件补丁,以使固件补丁生效。S1007: If the file format type is a binary type, execute the firmware patch through the firmware service interface, so that the firmware patch takes effect.
本实施例中,固件运行程序通过判断固件补丁的文件格式类型,针对不同的文件格式类型采用不同的执行方式,从而使得本申请方案既适用于二进制格式的固件补丁,还适用于字节码格式的固件补丁,使得应用场景更加广泛。In this embodiment, the firmware running program adopts different execution methods for different file format types by judging the file format type of the firmware patch, so that the solution of this application is not only applicable to the firmware patch in the binary format, but also applicable to the bytecode format The firmware patch makes the application scenarios more extensive.
上述图9所示实施例中,操作系统在需要打固件补丁时,需要根据固件调用方式,来确定采用何种方式通知/调用固件运行程序。一些可能的实现方式中,可以由固件程序指定固件调用方式,并将该固件调用方式通知给操作系统。In the above-mentioned embodiment shown in FIG. 9 , when the operating system needs to apply a firmware patch, it needs to determine which method to use to notify/call the firmware running program according to the firmware calling method. In some possible implementation manners, a firmware program may specify a firmware calling method, and notify the operating system of the firmware calling method.
图11为本申请实施例提供的一种操作系统与固件程序的交互过程示意图。如图11所示,固件程序可以向操作系统发送固件调用方式,相应的,操作系统从固件程序接收固件调用方式,这样,使得操作系统获知固件调用方式。FIG. 11 is a schematic diagram of an interaction process between an operating system and a firmware program provided by an embodiment of the present application. As shown in FIG. 11 , the firmware program can send the firmware calling method to the operating system, and correspondingly, the operating system receives the firmware calling method from the firmware program, so that the operating system can learn the firmware calling method.
可选的,在计算机设备启动阶段,固件启动程序启动并加载操作系统过程中,由固件启动程序向操作系统发送固件调用方式。Optionally, in the startup stage of the computer device, when the firmware startup program starts and loads the operating system, the firmware startup program sends the firmware calling method to the operating system.
可选的,在计算机设备运行阶段,由固件运行程序向操作系统发送固件调用方式。Optionally, in the running phase of the computer device, the firmware running program sends the firmware calling method to the operating system.
下面以固件程序为BIOS程序为例进行举例说明。BIOS程序向操作系统发送功能信息表。功能信息表包括BIOS运行程序所支持的调用功能,以及每个调用功能对应的BIOS调用方式。The following takes the firmware program as the BIOS program as an example for illustration. The BIOS program sends the function information table to the operating system. The function information table includes calling functions supported by the BIOS running program, and a BIOS calling method corresponding to each calling function.
一个示例中,功能信息表的内容如表2所示。该功能信息表包括表头信息(Header)以及功能列表(Call ID[n])。其中,功能列表采用数组形式,数组元素的下标为BIOS运行程序所支持的调用功能的标识,Call ID[n]的取值表示调用功能标识n对应的BIOS调用方式。In an example, the content of the function information table is shown in Table 2. The function information table includes header information (Header) and a function list (Call ID[n]). Wherein, the function list adopts the form of an array, and the subscript of the array element is the identification of the calling function supported by the BIOS running program, and the value of Call ID[n] indicates the BIOS calling method corresponding to the calling function identification n.
应理解,每个调用功能的标识可以事先约定。例如,固件补丁功能的标识为0,另一个调用功能对应的标识为1,等。Call ID[n]的取值的含义如下:It should be understood that the identifier of each calling function may be agreed in advance. For example, the identifier of the firmware patch function is 0, the corresponding identifier of another calling function is 1, and so on. The meaning of the value of Call ID[n] is as follows:
00h表示不支持该功能;00h means the function is not supported;
01h表示BIOS调用方式为专用指令调用(即上述实施例中的内部调用方式);01h represents that the BIOS call mode is a special instruction call (that is, the internal call mode in the above-mentioned embodiment);
10h表示BIOS调用方式为邮箱调用(即上述实施例中的外部调用方式);10h represents that the BIOS call method is a mailbox call (that is, the external call method in the above-mentioned embodiment);
11h表示未定义。11h means undefined.
这样,操作系统根据Call ID[0]的取值,即可确定固件补丁功能对应的固件调用方式。In this way, the operating system can determine the firmware call method corresponding to the firmware patch function according to the value of Call ID[0].
表2Table 2
Figure PCTCN2022134180-appb-000003
Figure PCTCN2022134180-appb-000003
可选的,如表2所示,功能信息表中还可以包括邮箱信息(Mailbox)。邮箱信息中包括至少一个邮箱的地址信息。举例而言,当固件补丁功能对应的固件调用方式为邮箱调用(即上述实施例中的外部调用方式)时,可以使用邮箱信息中所指定的邮箱来传递固件补丁的补丁位置信息。Optionally, as shown in Table 2, the function information table may also include mailbox information (Mailbox). The mailbox information includes address information of at least one mailbox. For example, when the firmware call method corresponding to the firmware patch function is mailbox call (that is, the external call method in the above-mentioned embodiment), the mailbox specified in the mailbox information may be used to transmit the patch location information of the firmware patch.
本实施例中,通过BIOS向操作系统发送功能信息表,使得操作系统可以获知BIOS运行程序是否支持固件补丁功能,以及采用何种固件调用方式。这样,操作系统在需要打固件补丁时,可以基于该固件调用方式来调用BIOS运行程序执行固件补丁。In this embodiment, the function information table is sent to the operating system through the BIOS, so that the operating system can know whether the BIOS running program supports the firmware patch function, and which firmware calling method is adopted. In this way, when the operating system needs to apply a firmware patch, it can call the BIOS running program to execute the firmware patch based on the firmware calling method.
图12为本申请实施例提供的一种补丁处理装置的结构示意图。如图12所示,本实施例提供的补丁处理装置1200,包括:第一处理模块1201和第二处理模块1202。FIG. 12 is a schematic structural diagram of a patch processing device provided by an embodiment of the present application. As shown in FIG. 12 , the patch processing apparatus 1200 provided in this embodiment includes: a first processing module 1201 and a second processing module 1202 .
其中,第二处理模块1202用于获取固件补丁,所述固件补丁来自于所述第一处理模块1201,第二处理模块1202还用于执行固件补丁,固件补丁生效。Wherein, the second processing module 1202 is used to obtain a firmware patch, the firmware patch is from the first processing module 1201, and the second processing module 1202 is also used to execute the firmware patch, and the firmware patch takes effect.
一种可能的实现方式中,第二处理模块1202具体用于:从第一存储空间获取补丁位置信息,所述补丁位置信息用于指示所述固件补丁在第二存储空间中的存储位置;根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。In a possible implementation manner, the second processing module 1202 is specifically configured to: acquire patch location information from the first storage space, where the patch location information is used to indicate the storage location of the firmware patch in the second storage space; The patch location information is to obtain the firmware patch from the second storage space.
一种可能的实现方式中,第一处理模块1201用于:将所述固件补丁存储至所述第二存储空间,并将所述补丁位置信息存储至所述第一存储空间。In a possible implementation manner, the first processing module 1201 is configured to: store the firmware patch in the second storage space, and store the patch location information in the first storage space.
一种可能的实现方式中,第一处理模块1201还用于:获取固件调用方式;根据所述固件调用方式,确定所述第一存储空间和所述第二存储空间。In a possible implementation manner, the first processing module 1201 is further configured to: obtain a firmware calling method; and determine the first storage space and the second storage space according to the firmware calling method.
一种可能的实现方式中,第一处理模块1201具体用于:接收所述第二处理模块发送的所述固件调用方式。In a possible implementation manner, the first processing module 1201 is specifically configured to: receive the firmware calling manner sent by the second processing module.
一种可能的实现方式中,本实施例提供的补丁处理装置应用于计算机设备,所述计算机设备包括至少一个处理器;所述第一处理模块1201具体用于:若所述固件调用方式为内部调用方式,则在第一处理器的存储空间中确定所述第一存储空间和所述第二存储空间;或者,In a possible implementation manner, the patch processing apparatus provided in this embodiment is applied to computer equipment, and the computer equipment includes at least one processor; the first processing module 1201 is specifically configured to: if the firmware calling method is internal calling mode, then determine the first storage space and the second storage space in the storage space of the first processor; or,
若所述固件调用方式为外部调用方式,则在第一处理器和第二处理器可共同访问的存储空间中确定所述第一存储空间和所述第二存储空间;If the calling method of the firmware is an external calling method, then determining the first storage space and the second storage space in a storage space commonly accessible by the first processor and the second processor;
其中,所述第一处理器运行所述第一处理模块,所述第二处理器不运行所述第一处理模块。Wherein, the first processor runs the first processing module, and the second processor does not run the first processing module.
一种可能的实现方式中,所述第一处理模块1201和所述第二处理模块1202运行于同一处理器中,所述固件调用方式为所述内部调用方式;所述第一处理模块1201和所述第二处理模块1202运行于不同的处理器中,所述固件调用方式为所述外部调用方式。In a possible implementation manner, the first processing module 1201 and the second processing module 1202 run on the same processor, and the firmware calling method is the internal calling method; the first processing module 1201 and the The second processing module 1202 runs in a different processor, and the firmware calling method is the external calling method.
一种可能的实现方式中,所述固件调用方式为所述内部调用方式;所述第一处理模块1201还用于:执行预设指令,以使所述第一处理模块1201所在的处理器执行所述第二处理模块1202。In a possible implementation manner, the firmware calling method is the internal calling method; the first processing module 1201 is further configured to: execute a preset instruction, so that the processor where the first processing module 1201 is located executes The second processing module 1202 .
一种可能的实现方式中,所述第二处理模块1202还用于:从所述第一存储空间中获取所述固件补丁功能标识;根据所述固件补丁功能标识,确定所述固件补丁功能标 识对应的固件服务接口;通过所述固件服务接口根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。In a possible implementation manner, the second processing module 1202 is further configured to: acquire the firmware patch function identifier from the first storage space; determine the firmware patch function identifier according to the firmware patch function identifier A corresponding firmware service interface: acquiring the firmware patch from the second storage space through the firmware service interface according to the patch location information.
一种可能的实现方式中,所述第二处理模块1202具体用于:接收来自于所述第一处理模块1201的第一消息,所述第一消息包括所述固件补丁。In a possible implementation manner, the second processing module 1202 is specifically configured to: receive a first message from the first processing module 1201, where the first message includes the firmware patch.
一种可能的实现方式中,所述第一处理模块1201为操作系统OS;或者,所述第一处理模块1201为基板管理控制器BMC程序。In a possible implementation manner, the first processing module 1201 is an operating system OS; or, the first processing module 1201 is a baseboard management controller (BMC) program.
本实施例提供的补丁处理装置,可用于执行上述任意方法实施例提供的补丁处理方法,其实现原理和技术效果类似,此处不做赘述。The patch processing device provided in this embodiment can be used to execute the patch processing method provided in any of the above method embodiments, and its implementation principle and technical effect are similar, and details are not described here.
本申请实施例还提供一种计算机设备,计算机设备的结构可以如图1所示,该计算机设备包括一个或者多个处理器,以及,存储器。其中,存储器存储有计算机程序。可选的,计算机程序可以包括第一程序和计算机设备的固件程序,固件程序包括固件运行程序。所述一个或者多个处理器运行所述计算机程序,以实现上述方法实施例提供的补丁处理方法,其实现原理和技术效果类似,此处不做赘述。An embodiment of the present application further provides a computer device, the structure of which may be shown in FIG. 1 , and the computer device includes one or more processors, and a memory. Wherein, the memory stores computer programs. Optionally, the computer program may include the first program and a firmware program of the computer device, and the firmware program includes a firmware running program. The one or more processors run the computer program to implement the patch processing method provided by the above method embodiment, the implementation principle and technical effect are similar, and will not be repeated here.
本申请实施例还提供一种芯片,该芯片包括:一个或者多个处理器,以及,存储器。其中,所述存储器存储有计算机程序。可选的,计算机程序可以包括第一程序和所述芯片的固件程序,所述固件程序包括固件运行程序。所述一个或者多个处理器运行所述计算机程序,以实现上述方法实施例提供的补丁处理方法,其实现原理和技术效果类似,此处不做赘述。An embodiment of the present application further provides a chip, and the chip includes: one or more processors, and a memory. Wherein, the memory stores computer programs. Optionally, the computer program may include the first program and a firmware program of the chip, and the firmware program includes a firmware running program. The one or more processors run the computer program to implement the patch processing method provided by the above method embodiment, the implementation principle and technical effect are similar, and will not be repeated here.
本申请实施例还提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序。可选的,计算机程序包括第一程序和/或固件程序。所述固件程序包括固件运行程序。当上述计算机程序被运行时,实现上述方法实施例提供的补丁处理方法,其实现原理和技术效果类似,此处不做赘述。An embodiment of the present application also provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium. Optionally, the computer program includes a first program and/or a firmware program. The firmware program includes a firmware running program. When the above computer program is run, the patch processing method provided by the above method embodiment is implemented, and its implementation principle and technical effect are similar, and details are not described here.
本申请实施例还提供一种计算机程序产品,所述计算机程序产品包括计算机程序。可选的,计算机程序包括第一程序和/或固件程序,所述固件程序包括固件运行程序。当计算机程序被运行时,实现上述方法实施例提供的补丁处理方法,其实现原理和技术效果类似,此处不做赘述。An embodiment of the present application further provides a computer program product, where the computer program product includes a computer program. Optionally, the computer program includes a first program and/or a firmware program, and the firmware program includes a firmware running program. When the computer program is run, the patch processing method provided by the above method embodiment is implemented, and its implementation principle and technical effect are similar, and details are not described here.
在本申请所提供的几个实施例中,应该理解到,所揭露的设备和方法,可以通过其它的方式实现。例如,以上所描述的设备实施例仅仅是示意性的,例如,所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个模块可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或模块的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed devices and methods may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the modules is only a logical function division. In actual implementation, there may be other division methods, for example, multiple modules can be combined or integrated. to another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or modules may be in electrical, mechanical or other forms.
所述作为分离部件说明的模块可以是或者也可以不是物理上分开的,作为模块显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。The modules described as separate components may or may not be physically separated, and the components shown as modules may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本申请各个实施例中的各功能模块可以集成在一个处理单元中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个单元中。上述模块成的单元既可以采用硬件的形式实现,也可以采用硬件加软件功能单元的形式实现。In addition, each functional module in each embodiment of the present application may be integrated into one processing unit, each module may exist separately physically, or two or more modules may be integrated into one unit. The units formed by the above modules can be implemented in the form of hardware, or in the form of hardware plus software functional units.
上述以软件功能模块的形式实现的集成的模块,可以存储在一个计算机可读取存储介质中。上述软件功能模块存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(英文:processor)执行本申请各个实施例所述方法的部分步骤。The above-mentioned integrated modules implemented in the form of software function modules can be stored in a computer-readable storage medium. The above-mentioned software functional modules are stored in a storage medium, and include several instructions to enable a computer device (which may be a personal computer, server, or network device, etc.) or a processor (English: processor) to execute the functions described in various embodiments of the present application. part of the method.
上述存储介质可以是由任何类型的易失性或非易失性存储设备或者它们的组合实现,如静态随机存取存储器(SRAM),电可擦除可编程只读存储器(EEPROM),可擦除可编程只读存储器(EPROM),可编程只读存储器(PROM),只读存储器(ROM),磁存储器,快闪存储器,磁盘或光盘。存储介质可以是通用或专用计算机能够存取的任何可用介质。The above-mentioned storage medium can be realized by any type of volatile or non-volatile storage device or their combination, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable In addition to programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
一种示例性的存储介质耦合至处理器,从而使处理器能够从该存储介质读取信息,且可向该存储介质写入信息。当然,存储介质也可以是处理器的组成部分。处理器和存储介质可以位于专用集成电路(Application Specific Integrated Circuits,简称:ASIC)中。当然,处理器和存储介质也可以作为分立组件存在于电子设备或主控设备中。An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be a component of the processor. The processor and the storage medium may be located in Application Specific Integrated Circuits (ASIC for short). Of course, the processor and the storage medium can also exist in the electronic device or the main control device as discrete components.
以上所述,仅为本申请实施例的具体实施方式,但本申请实施例的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请实施例揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请实施例的保护范围之内。因此,本申请实施例的保护范围应以权利要求的保护范围为准。The above is only the specific implementation of the embodiment of the present application, but the scope of protection of the embodiment of the present application is not limited thereto. Anyone familiar with the technical field can easily Any changes or substitutions that come to mind should be covered within the protection scope of the embodiments of the present application. Therefore, the protection scope of the embodiments of the present application should be determined by the protection scope of the claims.

Claims (26)

  1. 一种补丁处理方法,其特征在于,应用于计算机设备,所述计算机设备存储有第一程序和所述计算机设备的固件程序,所述固件程序包括固件运行程序,所述方法包括:A patch processing method, characterized in that it is applied to a computer device, the computer device stores a first program and a firmware program of the computer device, the firmware program includes a firmware running program, and the method includes:
    所述固件运行程序获取固件补丁,所述固件补丁来自于所述第一程序;The firmware running program obtains a firmware patch, and the firmware patch comes from the first program;
    所述固件运行程序执行所述固件补丁,所述固件补丁生效。The firmware running program executes the firmware patch, and the firmware patch takes effect.
  2. 根据权利要求1所述的方法,其特征在于,所述固件运行程序获取固件补丁,包括:The method according to claim 1, wherein the firmware running program obtains a firmware patch, comprising:
    所述固件运行程序从第一存储空间获取补丁位置信息,所述补丁位置信息用于指示所述固件补丁在第二存储空间中的存储位置;The firmware running program obtains patch location information from the first storage space, and the patch location information is used to indicate the storage location of the firmware patch in the second storage space;
    所述固件运行程序根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。The firmware running program acquires the firmware patch from the second storage space according to the patch location information.
  3. 根据权利要求2所述的方法,其特征在于,所述固件运行程序从第一存储空间获取补丁位置信息之前,还包括:The method according to claim 2, wherein, before the firmware running program obtains the patch location information from the first storage space, further comprising:
    所述第一程序将所述固件补丁存储至所述第二存储空间;The first program stores the firmware patch in the second storage space;
    所述第一程序将所述补丁位置信息存储至所述第一存储空间。The first program stores the patch location information in the first storage space.
  4. 根据权利要求3所述的方法,其特征在于,所述第一程序将所述固件补丁存储至所述第二存储空间之前,还包括:The method according to claim 3, wherein before the first program stores the firmware patch in the second storage space, it also includes:
    所述第一程序获取固件调用方式;The first program acquires a firmware calling method;
    所述第一程序根据所述固件调用方式,确定所述第一存储空间和所述第二存储空间。The first program determines the first storage space and the second storage space according to the calling method of the firmware.
  5. 根据权利要求4所述的方法,其特征在于,所述第一程序获取固件调用方式,包括:The method according to claim 4, wherein said first program obtains a firmware calling method, comprising:
    所述第一程序接收所述固件程序发送的所述固件调用方式。The first program receives the firmware calling method sent by the firmware program.
  6. 根据权利要求4或5所述的方法,其特征在于,所述计算机设备包括至少一个处理器;所述第一程序根据所述固件调用方式,确定所述第一存储空间和所述第二存储空间,包括:The method according to claim 4 or 5, wherein the computer device includes at least one processor; the first program determines the first storage space and the second storage space according to the calling method of the firmware. space, including:
    若所述固件调用方式为内部调用方式,则所述第一程序在第一处理器的存储空间中确定所述第一存储空间和所述第二存储空间;If the firmware calling method is an internal calling method, the first program determines the first storage space and the second storage space in the storage space of the first processor;
    或者,or,
    若所述固件调用方式为外部调用方式,则所述第一程序在第一处理器和第二处理器可共同访问的存储空间中确定所述第一存储空间和所述第二存储空间;If the calling method of the firmware is an external calling method, the first program determines the first storage space and the second storage space in a storage space accessible by the first processor and the second processor;
    其中,所述第一处理器运行所述第一程序,所述第二处理器不运行所述第一程序。Wherein, the first processor runs the first program, and the second processor does not run the first program.
  7. 根据权利要求6所述的方法,其特征在于,The method according to claim 6, characterized in that,
    所述第一程序和所述固件运行程序运行于同一处理器中,所述固件调用方式为所述内部调用方式;The first program and the firmware running program run in the same processor, and the firmware calling method is the internal calling method;
    所述第一程序和所述固件运行程序运行于不同的处理器中,所述固件调用方式为所述外部调用方式。The first program and the firmware running program run on different processors, and the firmware calling method is the external calling method.
  8. 根据权利要求6或7所述的方法,其特征在于,所述固件调用方式为所述内部 调用方式;所述固件运行程序从第一存储空间获取补丁位置信息之前,还包括:The method according to claim 6 or 7, wherein the calling method of the firmware is the internal calling method; before the firmware running program obtains the patch location information from the first storage space, it also includes:
    所述第一程序执行预设指令,以使所述第一程序所在的处理器执行所述固件运行程序。The first program executes preset instructions, so that the processor where the first program resides executes the firmware running program.
  9. 根据权利要求2至8任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 2 to 8, wherein the method further comprises:
    所述固件运行程序从所述第一存储空间中获取所述固件补丁功能标识;The firmware running program acquires the firmware patch function identifier from the first storage space;
    所述固件运行程序根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁,包括:The firmware running program obtains the firmware patch from the second storage space according to the patch location information, including:
    所述固件运行程序根据所述固件补丁功能标识,确定所述固件补丁功能标识对应的固件服务接口;The firmware running program determines the firmware service interface corresponding to the firmware patch function identifier according to the firmware patch function identifier;
    通过所述固件服务接口根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。Obtain the firmware patch from the second storage space through the firmware service interface according to the patch location information.
  10. 根据权利要求1所述的方法,其特征在于,所述固件运行程序获取固件补丁,包括:The method according to claim 1, wherein the firmware running program obtains a firmware patch, comprising:
    所述固件运行程序接收来自于所述第一程序的第一消息,所述第一消息包括所述固件补丁。The firmware running program receives a first message from the first program, and the first message includes the firmware patch.
  11. 根据权利要求1至10任一项所述的方法,其特征在于,所述第一程序为操作系统OS;或者,The method according to any one of claims 1 to 10, wherein the first program is an operating system OS; or,
    所述第一程序为基板管理控制器BMC程序。The first program is a baseboard management controller (BMC) program.
  12. 一种补丁处理装置,其特征在于,包括:第一处理模块和第二处理模块;A patch processing device, characterized by comprising: a first processing module and a second processing module;
    所述第二处理模块用于获取固件补丁,所述固件补丁来自于所述第一处理模块;The second processing module is used to acquire a firmware patch, and the firmware patch comes from the first processing module;
    所述第二处理模块还用于执行所述固件补丁,所述固件补丁生效。The second processing module is further configured to execute the firmware patch, and the firmware patch takes effect.
  13. 根据权利要求12所述的装置,其特征在于,所述第二处理模块具体用于:The device according to claim 12, wherein the second processing module is specifically used for:
    从第一存储空间获取补丁位置信息,所述补丁位置信息用于指示所述固件补丁在第二存储空间中的存储位置;Obtain patch location information from the first storage space, where the patch location information is used to indicate the storage location of the firmware patch in the second storage space;
    根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。Acquire the firmware patch from the second storage space according to the patch location information.
  14. 根据权利要求13所述的装置,其特征在于,所述第一处理模块用于:The device according to claim 13, wherein the first processing module is used for:
    将所述固件补丁存储至所述第二存储空间;storing the firmware patch in the second storage space;
    将所述补丁位置信息存储至所述第一存储空间。storing the patch location information in the first storage space.
  15. 根据权利要求14所述的装置,其特征在于,所述第一处理模块还用于:The device according to claim 14, wherein the first processing module is also used for:
    获取固件调用方式;Get the firmware calling method;
    根据所述固件调用方式,确定所述第一存储空间和所述第二存储空间。The first storage space and the second storage space are determined according to the calling method of the firmware.
  16. 根据权利要求15所述的装置,其特征在于,所述第一处理模块具体用于:The device according to claim 15, wherein the first processing module is specifically used for:
    接收所述第二处理模块发送的所述固件调用方式。Receive the firmware calling method sent by the second processing module.
  17. 根据权利要求15或16所述的装置,其特征在于,所述补丁处理装置应用于计算机设备,所述计算机设备包括至少一个处理器;所述第一处理模块具体用于:The apparatus according to claim 15 or 16, wherein the patch processing apparatus is applied to computer equipment, and the computer equipment includes at least one processor; the first processing module is specifically used for:
    若所述固件调用方式为内部调用方式,则在第一处理器的存储空间中确定所述第一存储空间和所述第二存储空间;If the firmware calling method is an internal calling method, then determine the first storage space and the second storage space in the storage space of the first processor;
    或者,or,
    若所述固件调用方式为外部调用方式,则在第一处理器和第二处理器可共同访问 的存储空间中确定所述第一存储空间和所述第二存储空间;If the firmware calling method is an external calling method, then determine the first storage space and the second storage space in a storage space that can be accessed by the first processor and the second processor;
    其中,所述第一处理器运行所述第一处理模块,所述第二处理器不运行所述第一处理模块。Wherein, the first processor runs the first processing module, and the second processor does not run the first processing module.
  18. 根据权利要求17所述的装置,其特征在于,The device according to claim 17, characterized in that,
    所述第一处理模块和所述第二处理模块运行于同一处理器中,所述固件调用方式为所述内部调用方式;The first processing module and the second processing module run in the same processor, and the firmware calling method is the internal calling method;
    所述第一处理模块和所述第二处理模块运行于不同的处理器中,所述固件调用方式为所述外部调用方式。The first processing module and the second processing module run in different processors, and the firmware calling method is the external calling method.
  19. 根据权利要求17或18所述的装置,其特征在于,所述固件调用方式为所述内部调用方式;所述第一处理模块还用于:The device according to claim 17 or 18, wherein the firmware calling method is the internal calling method; the first processing module is also used for:
    执行预设指令,以使所述第一处理模块所在的处理器执行所述第二处理模块。Executing preset instructions, so that the processor where the first processing module is located executes the second processing module.
  20. 根据权利要求13至19任一项所述的装置,其特征在于,所述第二处理模块还用于:The device according to any one of claims 13 to 19, wherein the second processing module is further configured to:
    从所述第一存储空间中获取所述固件补丁功能标识;Obtain the firmware patch function identifier from the first storage space;
    根据所述固件补丁功能标识,确定所述固件补丁功能标识对应的固件服务接口;According to the firmware patch function identifier, determine the firmware service interface corresponding to the firmware patch function identifier;
    通过所述固件服务接口根据所述补丁位置信息,从所述第二存储空间中获取所述固件补丁。Obtain the firmware patch from the second storage space through the firmware service interface according to the patch location information.
  21. 根据权利要求12所述的装置,其特征在于,所述第二处理模块具体用于:The device according to claim 12, wherein the second processing module is specifically used for:
    接收来自于所述第一处理模块的第一消息,所述第一消息包括所述固件补丁。A first message is received from the first processing module, the first message includes the firmware patch.
  22. 根据权利要求12至21任一项所述的装置,其特征在于,所述第一处理模块为操作系统OS;或者,The device according to any one of claims 12 to 21, wherein the first processing module is an operating system OS; or,
    所述第一处理模块为基板管理控制器BMC程序。The first processing module is a baseboard management controller (BMC) program.
  23. 一种计算机设备,其特征在于,包括:A computer device, characterized in that it includes:
    一个或者多个处理器,以及,one or more processors, and,
    存储器;其中,memory; of which,
    所述存储器存储有计算机程序;所述一个或者多个处理器运行所述计算机程序,以实现如权利要求1至11任一项所述的方法。The memory stores a computer program; the one or more processors run the computer program to implement the method according to any one of claims 1 to 11.
  24. 一种芯片,其特征在于,包括:A chip, characterized in that it comprises:
    一个或者多个处理器,以及,one or more processors, and,
    存储器;其中,memory; of which,
    所述存储器存储有计算机程序;所述一个或者多个处理器运行所述计算机程序,以实现如权利要求1至11任一项所述的方法。The memory stores a computer program; the one or more processors run the computer program to implement the method according to any one of claims 1 to 11.
  25. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机程序,当所述计算机程序被运行时,实现如述权利要求1至11任一项所述的方法。A computer-readable storage medium, wherein the computer-readable storage medium stores a computer program, and when the computer program is executed, the method according to any one of claims 1 to 11 is realized.
  26. 一种计算机程序产品,其特征在于,所述计算机程序产品包括计算机程序,当所述计算机程序被运行时,实现如权利要求1至11任一项所述的方法。A computer program product, characterized in that the computer program product includes a computer program, and when the computer program is executed, the method according to any one of claims 1 to 11 is implemented.
PCT/CN2022/134180 2021-12-01 2022-11-24 Patch processing method and apparatus, and computer device WO2023098569A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111455778.8 2021-12-01
CN202111455778.8A CN116204216A (en) 2021-12-01 2021-12-01 Patch processing method and device and computer equipment

Publications (1)

Publication Number Publication Date
WO2023098569A1 true WO2023098569A1 (en) 2023-06-08

Family

ID=86508221

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/134180 WO2023098569A1 (en) 2021-12-01 2022-11-24 Patch processing method and apparatus, and computer device

Country Status (2)

Country Link
CN (1) CN116204216A (en)
WO (1) WO2023098569A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180307479A1 (en) * 2017-04-24 2018-10-25 American Megatrends, Inc. System and method for performing firmware update by patching
CN110928570A (en) * 2019-11-27 2020-03-27 北京知道创宇信息技术股份有限公司 Firmware upgrading method and device and readable storage medium
CN111125709A (en) * 2019-11-29 2020-05-08 苏州浪潮智能科技有限公司 Server security vulnerability repairing method and device
CN113031999A (en) * 2021-03-25 2021-06-25 山东英信计算机技术有限公司 Method, device and equipment for controlling firmware upgrade of server component and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180307479A1 (en) * 2017-04-24 2018-10-25 American Megatrends, Inc. System and method for performing firmware update by patching
CN110928570A (en) * 2019-11-27 2020-03-27 北京知道创宇信息技术股份有限公司 Firmware upgrading method and device and readable storage medium
CN111125709A (en) * 2019-11-29 2020-05-08 苏州浪潮智能科技有限公司 Server security vulnerability repairing method and device
CN113031999A (en) * 2021-03-25 2021-06-25 山东英信计算机技术有限公司 Method, device and equipment for controlling firmware upgrade of server component and storage medium

Also Published As

Publication number Publication date
CN116204216A (en) 2023-06-02

Similar Documents

Publication Publication Date Title
US9189631B2 (en) Firmware authentication
CN106030525B (en) Method for in-system provisioning of firmware for a hardware platform and hardware platform thereof
US10452404B2 (en) Optimized UEFI reboot process
US11468170B2 (en) Techniques for processor boot-up
KR100855803B1 (en) Cooperative embedded agents
US11194588B2 (en) Information handling systems and method to provide secure shared memory access at OS runtime
EP2831722B1 (en) Method and system for verifying proper operation of a computing device after a system change
CN107567629B (en) Dynamic firmware module loader in trusted execution environment container
US10572434B2 (en) Intelligent certificate discovery in physical and virtualized networks
US10303487B2 (en) System and method for booting an information handling system
US20210357202A1 (en) Firmware updating
WO2016062146A1 (en) Serial number information update method, device and terminal
US20190325139A1 (en) Secure updating of computing system firmware
CN114969713A (en) Equipment verification method, equipment and system
US12069184B2 (en) Embedded MMC device with secure boot updates by loading golden boot image from write-protected partition and validating self-recovery using public key
CN106708596B (en) Method for adjusting input and output virtualized resources and processor
US20200264893A1 (en) System and method of initiating multiple adaptors in parallel
WO2023098569A1 (en) Patch processing method and apparatus, and computer device
US11977753B2 (en) BIOS NVRAM storage extension system and method for secure and seamless access for various boot architectures
CN115827522A (en) BIOS setting method, BIOS chip and electronic equipment
US20230099455A1 (en) Dynamic boot configuration
US11960337B2 (en) Customized thermal and power policies in computers
US11995452B2 (en) Firmware memory map namespace for concurrent containers
US11068276B2 (en) Controlled customization of silicon initialization
US20240241728A1 (en) Host and dpu coordination for dpu maintenance events

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22900374

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE