WO2024098594A1 - 代码保护系统、方法、虚拟系统架构、芯片及电子设备 - Google Patents

代码保护系统、方法、虚拟系统架构、芯片及电子设备 Download PDF

Info

Publication number
WO2024098594A1
WO2024098594A1 PCT/CN2023/079580 CN2023079580W WO2024098594A1 WO 2024098594 A1 WO2024098594 A1 WO 2024098594A1 CN 2023079580 W CN2023079580 W CN 2023079580W WO 2024098594 A1 WO2024098594 A1 WO 2024098594A1
Authority
WO
WIPO (PCT)
Prior art keywords
code
task
heterogeneous
heterogeneous acceleration
protection system
Prior art date
Application number
PCT/CN2023/079580
Other languages
English (en)
French (fr)
Inventor
应志伟
Original Assignee
海光信息技术股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 海光信息技术股份有限公司 filed Critical 海光信息技术股份有限公司
Priority to EP23820730.2A priority Critical patent/EP4394628A4/en
Publication of WO2024098594A1 publication Critical patent/WO2024098594A1/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/151Emulated environment, e.g. virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5072Grid computing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5077Logical partitioning of resources; Management or configuration of virtualized resources

Definitions

  • Embodiments of the present disclosure relate to a code protection system, method, virtual system architecture, chip, and electronic device.
  • Software code protection refers to providing security protection for software code, including providing data confidentiality protection for software code, as well as providing data integrity protection for software code.
  • a code protection solution can combine encryption technology and hardware isolation technology to provide an independent virtual operating environment for the software code, and enable the virtual operating environment to run in a hardware environment isolated by the host's OS (operating system) to achieve software code protection.
  • embodiments of the present disclosure provide a code protection system, method, virtual system architecture, chip, and electronic device to enhance the computing capability of the code protection solution.
  • the present disclosure also provides a code protection system, including:
  • a heterogeneous acceleration resource configured for the code protection system, the heterogeneous acceleration resource is used to execute a code execution task of the software, the code execution task includes running the code of the software and/or accessing the data of the software;
  • a heterogeneous acceleration module used to allocate code execution tasks to heterogeneous acceleration resources configured for the code protection system
  • the heterogeneous acceleration driver module is used to drive the configured heterogeneous acceleration resources to execute the assigned code execution tasks.
  • the heterogeneous acceleration resource is a heterogeneous acceleration device or a virtual heterogeneous module, and the heterogeneous acceleration resource is configured to the code protection system by a virtual machine manager.
  • the virtual heterogeneous module is created by the virtual machine manager based on a heterogeneous device driver corresponding to the heterogeneous acceleration device, and different virtual heterogeneous modules correspond to different memory areas in the heterogeneous acceleration device.
  • the heterogeneous acceleration resources only execute code execution tasks of the configured code protection system.
  • the code execution task is configured with identity information of the code protection system
  • the heterogeneous acceleration resource is used to execute the code execution task when the identity information of the code protection system to which the code execution task is assigned matches the identity information of the pre-configured code protection system.
  • the heterogeneous acceleration driving module is used to drive the configured heterogeneous acceleration resources to execute the assigned code execution tasks, including:
  • the heterogeneous acceleration resources are accessed based on a memory-mapped I/O interface.
  • it also includes a secure memory, in which task codes and/or task data for executing the code execution task are stored.
  • the heterogeneous acceleration resources include a command processor and a direct memory access DMA module;
  • the command processor is used to determine the address of the task code and/or task data to be accessed based on the task information of the code execution task allocated by the heterogeneous acceleration resource;
  • the DMA module is used to send a memory data access request to the input/output memory management unit according to the address of the task code and/or task data to be accessed, and receive the task code and/or task data transmitted by the input/output memory management unit.
  • the command processor determines the identity information of the code protection system corresponding to the code execution task based on the code execution task executed by the heterogeneous acceleration resources, and configures the identity information to the memory data access request.
  • the code protection system is used to provide a software-based trusted execution environment, and/or, the code protection system is used to provide an operating environment for multi-party secure computing and/or federated learning.
  • the embodiment of the present disclosure also provides a code protection method, which is applied to a code protection system.
  • the code protection system is configured with heterogeneous acceleration resources, including:
  • the driver configures the heterogeneous acceleration resources to execute the assigned code execution tasks.
  • the code execution task is configured with the identity information of the code protection system, so that the heterogeneous acceleration resource executes the code execution task when the identity information of the code protection system to which the code execution task is assigned matches the identity information of the pre-configured code protection system.
  • the heterogeneous acceleration resources configured by the driver execute the assigned code execution task, including:
  • the heterogeneous acceleration resources are accessed based on a memory-mapped I/O interface.
  • the task code and/or task data for executing the code execution task is stored in a secure memory, and the method further includes:
  • the task code and/or task data are transmitted to the heterogeneous acceleration resource; wherein the memory data access request is sent based on the address of the task code and/or task data that the heterogeneous acceleration resource needs to access, which is determined based on the task information of the code execution task.
  • the memory data access request is configured with identity information of a code protection system, and the identity information is determined based on a code execution task executed by the heterogeneous acceleration resource; and transmitting task code and/or task data to the heterogeneous acceleration resource based on the memory data access request of the heterogeneous acceleration resource includes:
  • the task code and/or task data are transmitted to the heterogeneous acceleration resource.
  • the embodiment of the present disclosure further provides a virtual system architecture, including: a secure virtual machine, a virtual machine manager, and a heterogeneous acceleration device; wherein the secure virtual machine is the code protection system described in the embodiment of the present disclosure.
  • the virtual machine manager is used to configure heterogeneous acceleration resources for the secure virtual machine
  • the heterogeneous acceleration resources are the heterogeneous acceleration devices or virtual heterogeneous modules
  • the virtual heterogeneous modules are created by the virtual machine manager based on the heterogeneous device drivers corresponding to the heterogeneous acceleration devices
  • different virtual heterogeneous The modules correspond to different memory areas within the heterogeneous acceleration device.
  • the virtual machine manager is used to configure a nested page table for the secure virtual machine, and the nested page table is used to indicate a mapping relationship between a user physical address of the secure virtual machine and a host physical address of a heterogeneous acceleration resource.
  • a secure memory and an input/output memory management unit the secure memory is configured to the secure virtual machine, and the secure memory stores task codes and/or task data for executing the code execution task;
  • the input-output memory management unit is used to receive a memory data access request sent by the heterogeneous acceleration resource, and based on the memory data access request, transmit the task code and/or task data to the heterogeneous acceleration resource.
  • the memory data access request is configured with identity information of a corresponding secure virtual machine
  • the input/output memory management unit is used to transmit the task code and/or task data to the heterogeneous acceleration resource based on the memory data access request, including:
  • the task code and/or task data are transmitted to the heterogeneous acceleration resource.
  • the embodiment of the present disclosure also provides a chip, comprising the above-mentioned code protection system.
  • An embodiment of the present disclosure also provides an electronic device, comprising the chip described above.
  • the code protection system includes: heterogeneous acceleration resources configured for the code protection system, the heterogeneous acceleration resources are used to execute code execution tasks of software, and the code execution tasks include running software code and/or accessing software data; a heterogeneous acceleration module, used to allocate code execution tasks to the heterogeneous acceleration resources configured for the code protection system; and a heterogeneous acceleration driver module, used to drive the configured heterogeneous acceleration resources to execute the allocated code execution tasks.
  • the embodiment of the present disclosure directly configures heterogeneous acceleration resources for the code protection system and sets corresponding modules so that the code protection system directly drives the configured heterogeneous acceleration resources to execute the assigned code execution tasks, thereby eliminating the need to call the heterogeneous acceleration device through the host, thereby improving the system's computing power while ensuring data security.
  • FIG1 is a schematic diagram of a system architecture of a virtualization environment based on secure virtualization technology
  • FIG2 is an optional structure of a code protection system provided by at least one embodiment of the present disclosure.
  • FIG3 is a schematic diagram of a system architecture of a virtualization environment based on secure virtualization technology provided by at least one embodiment of the present disclosure.
  • FIG. 4 is a flowchart of a code protection method provided by at least one embodiment of the present disclosure.
  • Software code protection refers to providing security protection for software codes, which not only provides data confidentiality protection for software codes, but also provides data integrity protection for software codes.
  • the software referred to here is not limited to application software, but can also be system software.
  • a code protection solution can combine encryption technology and hardware isolation technology to provide an independent virtual operating environment for the software code, and enable the virtual operating environment to run in a hardware environment isolated by the host's OS (operating system) to achieve software code protection.
  • the software code protection scheme can be implemented based on secure virtualization technology.
  • Secure virtualization technology is a virtualization technology improved on the basis of conventional virtualization technology, which can securely protect the memory of a virtual machine.
  • Reference Figure 1 shows a schematic diagram of the system architecture of a virtualization environment based on secure virtualization technology.
  • the system architecture may include: CPU (Central Processing Unit) 1, memory 2, host 3 and secure virtual machine 4.
  • CPU1 serves as a data processing core, and is used to provide a hardware foundation for data processing for the host 3 and the secure virtual machine 4
  • memory 2 serves as a data storage device, and is used to store data of the host 3 and the secure virtual machine 4
  • the host 3 can virtualize multiple secure virtual machines 4 based on secure virtualization technology
  • the secure virtual machine 4 runs independently in a hardware environment isolated by the OS (operating system) of the host 3.
  • the secure virtual machine 4 can provide an independent virtual operating environment for the software code through encryption technology and hardware isolation technology.
  • memory encryption technology the memory data is encrypted and stored, and the memory of different secure virtual machines is encrypted with different keys, and even the host cannot access the key, thereby ensuring the security of the secure virtual machine data.
  • secure memory 5 is set in memory 2, where different secure virtual machines are configured with secure memory in different areas, and the secure memory is only allowed to be accessed by the correspondingly configured secure virtual machine, thereby ensuring the security of the secure virtual machine. The security of machine data.
  • the secure virtual machine 4 can be understood as a trusted execution environment (TEE), which can be used as an optional code protection system to protect the confidential data (such as code) of the software.
  • TEE trusted execution environment
  • the secure virtual machine 4 can be encrypted using different encryption standards. It should be noted that the virtual machine generated using the secure virtualization technology encrypted using the Chinese national standard can be called a CSV (China Secure Virtualization, national standard secure virtualization technology) virtual machine.
  • the secure virtual machine can use the auxiliary acceleration program and heterogeneous acceleration module in the host through the acceleration interface to call the heterogeneous acceleration device for auxiliary calculation of data.
  • the heterogeneous acceleration device can be understood as a computing device with a different structure from the CPU, which has powerful computing power for specific types of data processing tasks.
  • this method requires data interaction with the host, and data security is difficult to guarantee.
  • the secure virtual machine as a code protection system, can only distinguish between the software code and data, and isolate the confidential data that the software needs to protect securely (the data that the software needs to protect securely can be called confidential data, and the non-secure data of the software can be called ordinary data) in the secure virtual machine.
  • the data is desensitized so that the desensitized data is no longer sensitive, and then the heterogeneous acceleration device calculates the desensitized data and ordinary data.
  • the embodiments of the present disclosure provide a code protection system, which directly configures heterogeneous acceleration resources for the code protection system and sets corresponding modules so that the code protection system directly drives the configured heterogeneous acceleration resources to execute the assigned code execution tasks, thereby eliminating the need to call heterogeneous acceleration devices through the host, thereby improving the system's computing power while ensuring data security.
  • the code protection system may include: a heterogeneous acceleration resource 10 , a heterogeneous acceleration module 11 and a heterogeneous acceleration driving module 12 .
  • the heterogeneous acceleration resource 10 can be a heterogeneous acceleration device in a hardware architecture, or a virtual heterogeneous module in a software architecture.
  • the computing power and/or space resources decomposed from the virtual heterogeneous modules can be regarded as independent modules at the software level, and can perform corresponding tasks based on the computing power and/or space resources decomposed from the virtual heterogeneous modules.
  • the computing power and/or space resources in the heterogeneous acceleration devices can be allocated according to actual needs, thereby maximizing the use of hardware resources.
  • the heterogeneous acceleration device may be a peripheral device, and correspondingly, the heterogeneous acceleration resources may be peripheral device resources.
  • the peripheral device may be, for example, a graphics processing unit (GPU), a general-purpose graphics processing unit (GPGPU), a deep computing unit, an artificial intelligence (AI) acceleration card, a field-programmable gate array (FPGA), and other devices for providing computing power and/or space resources, and correspondingly, the heterogeneous acceleration resources may be used to execute software code execution tasks, such as graphics processing, AI acceleration, and the like.
  • heterogeneous acceleration resources configured for the code protection system are exclusive resources, which only execute the code execution tasks of the configured code protection system, and do not execute the tasks of other code protection systems or host systems, thereby isolating the heterogeneous acceleration resources configured by the code protection system.
  • the heterogeneous acceleration resources configured for the code protection system can be isolated based on hardware isolation technology, thereby achieving isolated protection of data.
  • the heterogeneous acceleration resource can confirm the code protection system configured by the heterogeneous acceleration resource based on the identity information of the code protection system, and execute the corresponding code execution task when the identity information of the code protection system to which the code execution task to be executed belongs matches the identity information of the pre-configured code protection system.
  • the identity information of the code protection system can be the identity information of the software, or it can be the identity information configured by the system to indicate the identity of the code protection system.
  • the heterogeneous acceleration resource configured for the code protection system may be one or more, and the present disclosure does not make any specific limitation on this.
  • the code protection system can directly drive the configured heterogeneous acceleration resources, so that the heterogeneous acceleration resources can be combined with the trusted execution environment provided by the code protection system, thereby improving the computing power of the code protection system while ensuring data security.
  • the code execution task can be understood as the task required to be executed in the running software process.
  • the software is run through one or more code execution tasks. Run the software code and/or access the software data.
  • the code protection system can directly configure heterogeneous acceleration resources for the code protection system and set corresponding modules so that the code protection system directly drives the configured heterogeneous acceleration resources, so that the data in the software can be processed in a trusted execution environment, accordingly, the code and data in the software in the embodiments of the present disclosure do not need to distinguish between secure code and ordinary code, and distinguish between secure data and ordinary data based on the needs of security protection.
  • the heterogeneous acceleration module 11 is used to allocate code execution tasks to the heterogeneous acceleration resources configured by the code protection system.
  • the heterogeneous acceleration module can determine the code execution tasks that the heterogeneous acceleration resources need to execute based on the types of code execution tasks, the task execution efficiency of the code protection system, etc., so as to allocate corresponding code execution tasks to the heterogeneous acceleration resources.
  • the heterogeneous acceleration driving module 12 is used to drive the configured heterogeneous acceleration resources to execute the code execution task. After determining the code execution task assigned to the heterogeneous acceleration resource configured by the code protection system, the heterogeneous acceleration driving module can send the task information of the assigned code execution task to the heterogeneous acceleration resource, thereby driving the heterogeneous acceleration resource to execute the assigned code execution task.
  • the heterogeneous acceleration module 11 and the heterogeneous acceleration driving module 12 may be configured in a secure virtual machine, where the secure virtual machine is used to provide an operating system in an isolated environment for the code protection system and to provide code protection for the software running therein.
  • the code protection system further includes a secure memory 13 configured for the code protection system, wherein the secure memory 13 can be configured to the code protection system based on encryption technology and/or hardware isolation technology.
  • the secure memory 13 only allows access based on the identity information of the code protection system to ensure data security of the code protection system.
  • the heterogeneous acceleration resource can confirm the identity of the code protection system to which the code execution task is assigned based on the identity information configured in the code execution task. At the same time, based on the identity information and the task information of the code execution task, it can also access the task code and/or task data stored in the secure memory for executing the code execution task, thereby executing the code execution task.
  • a code protection system may include configuring heterogeneous acceleration resources for the code protection system, and configuring a heterogeneous acceleration module and a heterogeneous acceleration driving module.
  • the code protection system can directly allocate code execution tasks to heterogeneous acceleration resources and drive the heterogeneous acceleration resources to execute the allocated code execution tasks, thereby eliminating the need to call heterogeneous acceleration devices through the host. This improves the system's computing power while ensuring data security.
  • the embodiment of the present disclosure further provides a system architecture (also referred to as a virtual system architecture) of a virtualization environment based on secure virtualization technology, wherein the virtual system architecture includes a secure virtual machine 20, a virtual machine manager (Virtual Machine Monitor, VMM) 21, a heterogeneous acceleration device 22, an input/output memory management unit (Input/Output Memory Management Unit, IOMMU) 23 and a secure memory 24.
  • a system architecture also referred to as a virtual system architecture
  • the virtual system architecture includes a secure virtual machine 20, a virtual machine manager (Virtual Machine Monitor, VMM) 21, a heterogeneous acceleration device 22, an input/output memory management unit (Input/Output Memory Management Unit, IOMMU) 23 and a secure memory 24.
  • VMM Virtual Machine Monitor
  • IOMMU input/output Memory Management Unit
  • the secure virtual machine 20 can be understood as a code protection system, which is used to provide a trusted execution environment for software operation.
  • the virtual machine manager 21 is a management module configured in the host system, which is used to maintain/configure the page table, resource allocation, etc. of the secure virtual machine.
  • the heterogeneous acceleration device 22 is used to provide heterogeneous acceleration resources for the code protection system.
  • the input and output memory management unit 23 is used to collaboratively realize data transmission between the heterogeneous acceleration device and the secure memory 24.
  • the heterogeneous acceleration device 22 can be configured as one or more heterogeneous acceleration resources to a secure virtual machine.
  • the virtual machine manager can create multiple virtual heterogeneous modules for the heterogeneous acceleration device based on the heterogeneous device driver corresponding to the heterogeneous acceleration device, and different virtual heterogeneous modules correspond to different hardware resources of the heterogeneous acceleration device, and a virtual heterogeneous module serves as a heterogeneous acceleration resource.
  • different virtual heterogeneous modules correspond to different memory areas in the heterogeneous acceleration device, so that they can be configured as different heterogeneous acceleration resources to different secure virtual machines at the software level.
  • the virtual machine manager can configure the heterogeneous acceleration resources.
  • the host's OS system or other entities with heterogeneous acceleration resource configuration permissions can also perform configuration. This disclosure uses the virtual machine manager as an example for explanation.
  • the virtual machine manager can configure the corresponding heterogeneous acceleration resources (such as virtual heterogeneous modules) to the secure virtual machine through the configured heterogeneous device driver, so that the secure virtual machine can directly access the heterogeneous acceleration resources, thereby enabling the heterogeneous acceleration resources to be directly passed to the secure virtual machine for use.
  • the direct access of the secure virtual machine to the heterogeneous acceleration resources can be implemented based on the MMIO (memory mapped io, memory mapped I/O) interface technology.
  • the virtual machine manager can create and maintain a nested page of corresponding heterogeneous acceleration resources for the secure virtual machine. The table enables the heterogeneous acceleration driver module of the secure virtual machine to access the heterogeneous acceleration resources using the MMIO interface based on the nested page table.
  • the nested page table is used to indicate the mapping relationship between the user physical address GPA and the host physical address HPA.
  • the nested page table is created, the corresponding address mapping relationship has not yet been established. Therefore, when the secure virtual machine accesses the heterogeneous acceleration resources, a page fault exception may be generated (that is, the access address GPA given by the secure virtual machine cannot query the corresponding HPA).
  • the virtual machine manager can capture the secure virtual machine's access to the heterogeneous acceleration resources based on the page fault exception, and then configure the HPA corresponding to the heterogeneous acceleration resources for the GPA of the secure virtual machine based on the heterogeneous acceleration resources configured for the secure virtual machine.
  • the secure virtual machine can directly access the heterogeneous acceleration resources based on the nested page table in the subsequent access process.
  • heterogeneous acceleration resources for a secure virtual machine and enable the secure virtual machine to directly access the heterogeneous acceleration resources.
  • the heterogeneous acceleration resources configured by the secure virtual machine further access data in the secure memory. The following is an introduction to the process of heterogeneous acceleration resources accessing secure memory.
  • the corresponding code execution task may need to read other task codes in the secure memory or read the task data of the software stored in the secure memory. If it is read by the secure virtual machine and then transmitted to the heterogeneous acceleration resources, it will consume corresponding CPU resources and the corresponding processing time.
  • the heterogeneous acceleration resources can be based on direct memory access (DMA) technology and use the input/output memory management unit (IOMMU) to directly access data in the secure memory.
  • DMA direct memory access
  • IOMMU input/output memory management unit
  • the heterogeneous acceleration resource may further include a command processor (not shown in the figure) and a DMA module, wherein the command processor may determine the address of the task code and/or task data to be accessed based on the task information of the code execution task allocated by the heterogeneous acceleration resource, and the DMA module may issue a memory data access request to the input/output memory management unit according to the address of the task code and/or task data to be accessed, and the input/output memory management unit may read the corresponding task code and/or task data and transmit it to the heterogeneous acceleration resource.
  • the command processor may determine the address of the task code and/or task data to be accessed based on the task information of the code execution task allocated by the heterogeneous acceleration resource
  • the DMA module may issue a memory data access request to the input/output memory management unit according to the address of the task code and/or task data to be accessed, and the input/output memory management unit may read the corresponding task code and/or task data and transmit it to the hetero
  • the command processor may determine the security virtual machine corresponding to the code execution task based on the code execution task executed by the heterogeneous acceleration resource.
  • the identity information of the entire virtual machine is obtained, and the identity information is simultaneously configured to the memory data access request, and is sent by the DMA module to the input and output memory management unit, which confirms whether the address of the code or data it accesses matches the identity information. After confirming the identity information, data is transferred between the secure memory and the heterogeneous acceleration resources.
  • the data stored in the secure memory (including task code and/or task data) is encrypted data.
  • the input/output memory management unit can determine the key for storing data in the secure memory of the secure virtual machine based on the identity information, and then decrypt the encrypted data in the secure memory based on the key, thereby transmitting the corresponding data (including task code and/or task data) to the heterogeneous acceleration resource.
  • code protection system provided in the embodiment of the present disclosure, security is guaranteed and computing performance is improved, so that it can be used to provide a software-based trusted execution environment, and/or the code protection system is used to provide an operating environment for multi-party secure computing and/or federated learning.
  • MPC secure multi-party computation
  • Federated learning is an emerging basic technology of artificial intelligence.
  • Each institution with a data source trains a model, and uses encrypted information about each model (weight updates and gradient information of the model) to repeatedly interact and optimize, and then obtain a global model through model aggregation.
  • the trained federated learning model is not shared, but placed in each participant separately, and cooperates to form a prediction in actual use.
  • the code protection system provided by the embodiment of the present disclosure enables the MPC software to be executed directly using the computing power of the CPU, or to be executed using heterogeneous acceleration resources.
  • the heterogeneous acceleration resources therein can be used, such as GPGPU or other acceleration cards.
  • system architecture improves data computing performance while ensuring data security, and at the same time improves data transmission efficiency.
  • the embodiment of the present disclosure may also provide a code protection method, so that the software can run in a trusted execution environment based on the method.
  • Figure 4 shows a flow chart of a code protection method provided by at least one embodiment of the present disclosure.
  • the flow can be used to describe the flow of the code of the software in the code protection system when heterogeneous acceleration is required.
  • the software in the flow can run under the code protection system provided by the aforementioned embodiment; the content of the code protection method described below can be referenced to the content of the code protection system described above.
  • the process may include:
  • Step S10 Acquire a code execution task, where the code execution task includes running software code and/or accessing software data;
  • Step S11 allocating the code execution task to the heterogeneous acceleration resources configured by the code protection system
  • Step S12 driving the configured heterogeneous acceleration resources to execute the assigned code execution tasks.
  • the code execution task is configured with the identity information of the code protection system, so that the heterogeneous acceleration resource executes the code execution task when the identity information of the code protection system to which the code execution task is assigned matches the identity information of the pre-configured code protection system.
  • step S12 of driving the configured heterogeneous acceleration resources to execute the assigned code execution task may include:
  • the heterogeneous acceleration resources are accessed based on a memory-mapped I/O interface.
  • the task code and/or task data for executing the code execution task is stored in a secure memory, and the method further includes:
  • Step S13 based on the memory data access request of the heterogeneous acceleration resource, transmitting the task code and/or task data to the heterogeneous acceleration resource;
  • the memory data access request is sent based on the address of the task code and/or task data that the heterogeneous acceleration resource needs to access, determined based on the task information of the code execution task.
  • the memory data access request is configured with identity information of a code protection system, and the identity information is determined based on the code execution task executed by the heterogeneous acceleration resource; the step S13 transmits task code and/or task data to the heterogeneous acceleration resource based on the memory data access request of the heterogeneous acceleration resource, including:
  • the task code and/or task data are transmitted to the heterogeneous acceleration resource.
  • the authentication method provided by the embodiment of the present disclosure can improve data computing performance while ensuring data security, and at the same time improve data transmission efficiency.
  • the embodiment of the present disclosure further provides a chip, which may include the code protection system provided by the embodiment of the present disclosure.
  • an embodiment of the present disclosure further provides an electronic device, which may include the chip described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

本公开提供了一种代码保护系统、方法、虚拟系统架构、芯片及电子设备,该系统可以包括:为所述代码保护系统配置的异构加速资源,所述异构加速资源用于执行软件的代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;异构加速模块,用于为所述代码保护系统配置的异构加速资源分配代码执行任务;异构加速驱动模块,用于驱动所配置的异构加速资源执行所分配的代码执行任务。本公开的实施例可以提升代码保护方案的运算能力。

Description

代码保护系统、方法、虚拟系统架构、芯片及电子设备
本申请要求于2022年11月7日递交的中国专利申请第202211385501.7号的优先权,在此全文引用上述中国专利申请公开的内容以作为本申请的一部分。
技术领域
本公开的实施例涉及一种代码保护系统、方法、虚拟系统架构、芯片及电子设备。
背景技术
软件代码保护是指对软件的代码提供安全保护,包括提供对软件代码的数据机密性保护,以及,提供对软件代码的数据完整性保护等。
一种代码保护方案可以结合加密技术和硬件隔离技术,为软件的代码提供独立的虚拟运行环境,并使该虚拟运行环境运行于由主机的OS(操作系统)隔离出的硬件环境中,实现软件代码保护。
然而,上述代码保护方案的运算能力不足,如何提升代码保护方案的运算能力,一直是本领域技术人员研究的问题。
发明内容
有鉴于此,本公开实施例提供一种代码保护系统、方法、虚拟系统架构、芯片及电子设备,以提升代码保护方案的运算能力。
为实现上述目的,本公开实施例提供如下技术方案:
本公开实施例还提供一种代码保护系统,包括:
为所述代码保护系统配置的异构加速资源,所述异构加速资源用于执行软件的代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;
异构加速模块,用于为所述代码保护系统配置的异构加速资源分配代码执行任务;
异构加速驱动模块,用于驱动所配置的异构加速资源执行所分配的代码执行任务。
可选的,所述异构加速资源为异构加速设备或虚拟异构模块,且所述异构加速资源由虚拟机管理器配置至所述代码保护系统。
可选的,所述虚拟异构模块为虚拟机管理器基于对应异构加速设备的异构设备驱动创建,不同虚拟异构模块对应所述异构加速设备内的不同的内存区域。
可选的,所述异构加速资源仅执行所配置的代码保护系统的代码执行任务。
可选的,所述代码执行任务中配置有所述代码保护系统的身份信息,所述异构加速资源用于在所分配执行的代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行所述代码执行任务。
可选的,所述异构加速驱动模块用于驱动所配置的异构加速资源执行所分配的代码执行任务,包括:
基于内存映射I/O接口,访问所述异构加速资源。
可选的,还包括,安全内存,所述安全内存中存储有用于执行所述代码执行任务的任务代码和/或任务数据。
可选的,所述异构加速资源包括命令处理器和直接存储访问DMA模块;
所述命令处理器用于基于所述异构加速资源所分配的代码执行任务的任务信息,确定所需访问的任务代码和/或任务数据的地址;
所述DMA模块用于根据所需访问的任务代码和/或任务数据的地址,向输入输出内存管理单元发送内存数据访问请求,并接收输入输出内存管理单元传输所述任务代码和/或任务数据。
可选的,所述命令处理器基于异构加速资源所执行的代码执行任务,确定代码执行任务对应的代码保护系统的身份信息,并将所述身份信息配置至所述内存数据访问请求。
可选的,所述代码保护系统用于提供基于软件的可信执行环境,和/或,所述代码保护系统用于为多方安全计算和/或联邦学习提供运行环境。
本公开实施例还提供了一种代码保护方法,应用于代码保护系统,所述 代码保护系统配置有异构加速资源,包括:
获取代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;
将所述代码执行任务分配至所述代码保护系统配置的异构加速资源;
驱动所配置的异构加速资源执行所分配的代码执行任务。
可选的,所述代码执行任务中配置有所述代码保护系统的身份信息,以使得所述异构加速资源在所分配执行的代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行所述代码执行任务。
可选的,所述驱动所配置的异构加速资源执行所分配的代码执行任务,包括:
基于内存映射I/O接口,访问所述异构加速资源。
可选的,用于执行所述代码执行任务的任务代码和/或任务数据存储于安全内存中,所述方法还包括:
基于所述异构加速资源的内存数据访问请求,向所述异构加速资源传输任务代码和/或任务数据;其中,所述内存数据访问请求基于所述代码执行任务的任务信息确定的所述异构加速资源所需访问的任务代码和/或任务数据的地址发送。
可选的,所述内存数据访问请求配置有代码保护系统的身份信息,所述身份信息基于所述异构加速资源所执行的代码执行任务确定;所述基于所述异构加速资源的内存数据访问请求,向所述异构加速资源传输任务代码和/或任务数据,包括:
确定所述身份信息与所述内存数据访问请求所访问的地址是否匹配;
若匹配,向所述异构加速资源传输任务代码和/或任务数据。
本公开实施例还提供了一种虚拟系统架构,包括:安全虚拟机、虚拟机管理器、异构加速设备;其中,所述安全虚拟机为本公开实施例所述的代码保护系统。
可选的,所述虚拟机管理器用于为所述安全虚拟机配置异构加速资源,所述异构加速资源为所述异构加速设备或虚拟异构模块,所述虚拟异构模块为虚拟机管理器基于对应异构加速设备的异构设备驱动创建,不同虚拟异构 模块对应所述异构加速设备内的不同的内存区域。
可选的,所述虚拟机管理器用于为所述安全虚拟机配置嵌套页表,所述嵌套页表用于指示所述安全虚拟机的用户物理地址至异构加速资源的主机物理地址的映射关系。
可选的,还包括:安全内存和输入输出内存管理单元;所述安全内存配置至所述安全虚拟机,所述安全内存中存储有用于执行所述代码执行任务的任务代码和/或任务数据;
所述输入输出内存管理单元用于接收所述异构加速资源发送的内存数据访问请求,并基于所述内存数据访问请求,向所述异构加速资源传输所述任务代码和/或任务数据。
可选的,所述内存数据访问请求配置有对应安全虚拟机的身份信息,所述输入输出内存管理单元用于基于所述内存数据访问请求,向所述异构加速资源传输所述任务代码和/或任务数据,包括:
确定所述身份信息与所述内存数据访问请求所访问的地址是否匹配;
若匹配,向所述异构加速资源传输任务代码和/或任务数据。
本公开实施例还提供一种芯片,包括上述所述的代码保护系统。
本公开实施例还提供一种电子设备,包括上述所述的芯片。
本公开实施例所提供的代码保护系统包括:为所述代码保护系统配置的异构加速资源,所述异构加速资源用于执行软件的代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;异构加速模块,用于为所述代码保护系统配置的异构加速资源分配代码执行任务;异构加速驱动模块,用于驱动所配置的异构加速资源执行所分配的代码执行任务。
可以看出,本公开实施例通过直接为所述代码保护系统配置异构加速资源,并设置相应的模块使得代码保护系统直接驱动其所配置的异构加速资源执行所分配的代码执行任务,从而不必通过主机进行异构加速设备的调用,在保障数据安全的前提下,提升了系统的运算能力。
附图说明
为了更清楚地说明本公开实施例,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本公开的实施例,对 于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图获得其他的附图。
图1为一种基于安全虚拟化技术的虚拟化环境的系统架构示意图;
图2为本公开至少一实施例提供的一种代码保护系统的可选结构;
图3为本公开至少一实施例提供的一种基于安全虚拟化技术的虚拟化环境的系统架构的示意图;以及
图4为本公开至少一实施例提供的代码保护方法的流程图。
具体实施方式
软件代码保护是指对软件的代码提供安全保护,不仅提供对软件代码的数据机密性保护,还提供对软件代码的数据完整性保护;此处所指的软件并不限于应用软件,还可以是系统软件。
一种代码保护方案可以结合加密技术和硬件隔离技术,为软件的代码提供独立的虚拟运行环境,并使虚拟运行环境运行于由主机的OS(操作系统)隔离出的硬件环境中,实现软件代码保护。
在一个具体的实现中,软件代码保护方案可基于安全虚拟化技术实现,安全虚拟化技术是在常规虚拟化技术基础上改进的,可对虚拟机内存进行安全保护的虚拟化技术;参考图1示出了基于安全虚拟化技术的虚拟化环境的系统架构示意图,该系统架构可以包括:CPU(Central Processing Unit,中央处理器)1、内存2、主机3和安全虚拟机4。
其中,CPU1作为数据处理核心,用于为主机3和安全虚拟机4提供数据处理的硬件基础;内存2作为数据存储设备,用于存储主机3和安全虚拟机4的数据;主机3可以基于安全虚拟化技术,虚拟化出多台安全虚拟机4;安全虚拟机4独立运行于由主机3的OS(操作系统)隔离出的硬件环境中。
安全虚拟机4可以通过加密技术和硬件隔离技术为软件代码提供独立的虚拟运行环境。例如,通过内存加密技术,将内存数据加密存储,并且,不同安全虚拟机的内存通过不同的密钥进行加密,即便主机也无法访问密钥,从而保障安全虚拟机数据的安全性。或者,继续参考图1,通过硬件隔离技术,在内存2中设置安全内存5,其中,不同安全虚拟机配置不同区域的安全内存,且安全内存仅允许对应配置的安全虚拟机访问,从而保障安全虚拟 机数据的安全性。
其中,安全虚拟机4可以理解为可信执行环境(Trusted Execution Environment,TEE),可以作为一种可选的代码保护系统,实现软件的机密数据(例如代码)的保护。安全虚拟机4可以采用不同的加密标准进行加密,需要说明的是,采用中国国标加密的安全虚拟化技术生成的虚拟机可以称为CSV(China Secure Virtualization,国标安全虚拟化技术)虚拟机。
然而,此种软件代码保护方案的运算能力不足。这是由于,此种软件代码保护方案中,安全虚拟机仅能利用CPU的硬件资源进行数据的计算,计算资源有限,从而导致其运算能力不足。
在一种可选的实现中,继续参考图1,安全虚拟机可以通过加速接口,利用主机中的辅助加速程序和异构加速模块,调用异构加速设备进行数据的辅助计算。其中,异构加速设备可以理解为一种与CPU结构不同的计算设备,针对特定类型的数据处理任务,具有强大的算力。然而,此种方式需要与主机进行数据交互,数据安全难以保障。
在此基础上,若要保障数据安全,安全虚拟机作为代码保护系统,只能对软件的代码和数据进行区分,将软件需要安全保护的机密数据(软件需要安全保护的数据可称为机密数据,软件的非安全数据可称为普通数据)隔离在安全虚拟机内,在将机密数据相关的流程运行完毕后,进行数据的脱敏处理,以使得脱敏处理后的数据不再敏感,再由异构加速设备对脱敏后的数据和普通数据进行计算。
显然,上述流程过于复杂、且数据泄漏风险大,使得安全虚拟机运算能力的提升并不明显。
基于此,本公开实施例提供了一种代码保护系统,通过直接为所述代码保护系统配置异构加速资源,并设置相应的模块使得代码保护系统直接驱动其所配置的异构加速资源执行所分配的代码执行任务,从而不必通过主机进行异构加速设备的调用,在保障数据安全的前提下,提升了系统的运算能力。
参考图2示出的一种代码保护系统的可选结构,所述代码保护系统可以包括:异构加速资源10、异构加速模块11和异构加速驱动模块12。
所述异构加速资源10可以为硬件架构中的异构加速设备,也可以为软件架构中的虚拟异构模块。其中,虚拟异构模块可以理解为从异构加速设备 中分解出的算力和/或空间资源,其在软件层面可以看作独立的模块,能够基于其所分解出的算力和/或空间资源执行相应的任务。以虚拟异构模块作为异构加速资源进行配置,可以根据实际需求对异构加速设备中的算力和/或空间资源进行分配,从而最大化的利用硬件资源。
其中,所述异构加速设备可以为外设设备,对应的,所述异构加速资源可以为外设设备资源。所述外设设备例如可以为图形处理器(graphics processing unit,GPU)、通用图形处理器(General-purpose computing on graphics processing units,GPGPU)、深度计算单元、人工智能(Artificial Intelligence,AI)加速卡、现场可编程门阵列(Field-Programmable Gate Array,FPGA)等用于提供算力和/或空间资源的设备等,相应的,所述异构加速资源可以用于执行软件的代码执行任务,例如图形处理、AI加速等。
需要说明的是,为所述代码保护系统配置的异构加速资源为独占资源,其仅执行所配置的代码保护系统的代码执行任务,而不执行其他代码保护系统或主机系统的任务,从而隔离代码保护系统所配置的异构加速资源。在一个可选的示例中,可以基于硬件隔离技术对所述代码保护系统配置的异构加速资源进行隔离,进而实现对数据的隔离保护。
在一个具体的示例中,所述异构加速资源可以基于所述代码保护系统的身份信息进行所述异构加速资源所配置的代码保护系统的确认,在所需执行的代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行对应的代码执行任务。需要说明的是,所述代码保护系统的身份信息可以为软件的身份信息,也可以为系统配置的用于表明所述代码保护系统身份的身份信息。
其中,为所述代码保护系统配置的异构加速资源,可以为一个,也可以为多个,本公开对此并不做具体的限定。
可以理解的是,通过为所述代码保护系统配置异构加速资源,使得所述代码保护系统直接驱动其所配置的异构加速资源,从而可以将异构加速资源结合至所述代码保护系统所提供的可信执行环境中,在保证数据安全的前提下,提高了代码保护系统的运算能力。
所述代码执行任务可以理解为运行软件流程中所需执行的任务,通过一个或多个代码执行任务,实现软件的运行。其中,所述代码执行任务包括运 行软件的代码和/或存取软件的数据。
需要说明的是,在本公开实施例中,由于所述代码保护系统可以通过直接为所述代码保护系统配置异构加速资源,并设置相应的模块使得代码保护系统直接驱动其所配置的异构加速资源,从而使得所述软件中的数据均可以在可信执行环境中被处理,相应的,本公开实施例中软件中的代码和数据不必基于安全保护的需要区分安全代码和普通代码,以及区分安全数据和普通数据。
所述异构加速模块11用于为所述代码保护系统配置的异构加速资源分配代码执行任务。其中,所述异构加速模块可以基于代码执行任务的种类、代码保护系统的任务执行效率等,确定异构加速资源所需执行的代码执行任务,从而为异构加速资源分配相应的代码执行任务。
异构加速驱动模块12,用于驱动所配置的异构加速资源执行所述代码执行任务。其中,在确定所述代码保护系统配置的异构加速资源所分配的代码执行任务后,所述异构加速驱动模块可以将所分配的代码执行任务的任务信息发送至所述异构加速资源,从而驱动所述异构加速资源执行所分配的代码执行任务。
在一个可选的示例中,异构加速模块11和异构加速驱动模块12可以配置在安全虚拟机内,所述安全虚拟机用于为代码保护系统提供隔离环境的操作系统,为运行在其内的软件提供代码保护。
在进一步的可选示例中,所述代码保护系统还进一步包括为所述代码保护系统配置的安全内存13,其中,所述安全内存13可以基于加密技术和/或硬件隔离技术配置至所述代码保护系统。其中,所述安全内存13仅允许基于所述代码保护系统的身份信息的访问,以保证所述代码保护系统的数据安全。
可以理解的是,所述异构加速资源可以基于代码执行任务中配置的身份信息进行分配所述代码执行任务的代码保护系统的身份确认,同时,还可以基于所述身份信息和所述代码执行任务的任务信息,访问安全内存中存储的用于执行所述代码执行任务的任务代码和/或任务数据,从而执行所述代码执行任务。
可以看出,本公开实施例提供的一种代码保护系统,可以包括为所述代码保护系统配置异构加速资源,并通过设置异构加速模块和异构加速驱动模 块,使得代码保护系统可以直接为异构加速资源分配代码执行任务,并驱动所述异构加速资源执行所分配的代码执行任务,从而不必通过主机进行异构加速设备的调用,在保障数据安全的前提下,提升了系统的运算能力。
在进一步的可选示例中,参考图3,本公开实施例进一步提供了一种基于安全虚拟化技术的虚拟化环境的系统架构(也可称为虚拟系统架构),所述虚拟系统架构包括安全虚拟机20、虚拟机管理器(Virtual Machine Monitor,VMM)21、异构加速设备22、输入输出内存管理单元(Input/Output Memory Management Unit,IOMMU)23和安全内存24。
其中,所述安全虚拟机20可以理解为代码保护系统,用于为软件运行提供可信执行环境,所述虚拟机管理器21为主机系统中配置的管理模块,用于维护/配置安全虚拟机的页表、资源分配等,所述异构加速设备22用于为代码保护系统提供异构加速资源,所述输入输出内存管理单元23用于协同实现异构加速设备与安全内存24之间的数据传输。
所述异构加速设备22可以作为一个或多个异构加速资源配置至安全虚拟机。在所述异构加速设备作为多个异构加速资源进行配置时,可以由虚拟机管理器基于对应异构加速设备的异构设备驱动,为所述异构加速设备创建多个虚拟异构模块,不同虚拟异构模块对应所述异构加速设备的不同硬件资源,一虚拟异构模块作为一异构加速资源。例如,不同虚拟异构模块对应异构加速设备内的不同的内存区域,从而可以在软件层面作为不同异构加速资源配置至不同的安全虚拟机。
在所述安全虚拟机需要配置异构加速资源时(例如启动安全虚拟机时,或者,创建安全虚拟机时),可以由所述虚拟机管理器进行异构加速资源的配置。需要说明的是,在其他示例中,还可以主机的OS系统或其他具有异构加速资源配置权限的主体进行配置,本公开以虚拟机管理器为例进行说明。
具体的,虚拟机管理器可以通过其所配置的异构设备驱动,将对应的异构加速资源(例如虚拟异构模块)配置至所述安全虚拟机,使得所述安全虚拟机对异构加速资源直接访问,从而实现所述异构加速资源直通给所述安全虚拟机使用。其中,安全虚拟机对异构加速资源的直接访问,可以基于MMIO(memory mapped io,内存映射I/O)接口技术实现。具体在一个可选的示例中,虚拟机管理器可以为安全虚拟机创建并维护对应异构加速资源的嵌套页 表,从而使得安全虚拟机的异构加速驱动模块可以基于嵌套页表,利用MMIO接口对所述异构加速资源进行访问。
可以理解的是,嵌套页表用于指示用户物理地址GPA至主机物理地址HPA的映射关系。在嵌套页表创建时,对应的地址映射关系尚未建立,从而,在安全虚拟机对异构加速资源访问时,可以产生缺页异常(即安全虚拟机给出的访问地址GPA无法查询到对应的HPA),虚拟机管理器可以基于该缺页异常捕获安全虚拟机对异构加速资源的访问,进而基于为安全虚拟机配置的异构加速资源,为安全虚拟机的GPA配置对应该异构加速资源的HPA。在嵌套页表对应的地址映射关系建立后,安全虚拟机则可以在后续的访问过程中,直接基于嵌套页表进行异构加速资源的访问。
基于上述描述,可以实现为安全虚拟机配置异构加速资源,并使得安全虚拟机直接访问所述异构加速资源。然而,在一些可选的示例中,所述安全虚拟机配置的异构加速资源还进一步访问安全内存中的数据,下面,对异构加速资源访问安全内存的过程进行介绍。
可以理解的是,在进行软件的任务处理过程中,对应的代码执行任务可能需要读取安全内存中的其他任务代码或者读取安全内存中存储的软件的任务数据,若由安全虚拟机读取后再传输至异构加速资源,则需消耗相应的CPU资源,同时消耗相应的处理时长。
在一些可选的示例中,为提高数据传输效率,同时降低对CPU资源的消耗,所述异构加速资源可以基于直接存储访问(Direct Memory Access,DMA)技术,利用输入输出内存管理单元(Input/Output Memory Management Unit,IOMMU)进行安全内存的数据的直接存取。
具体的,所述异构加速资源中可以进一步包括命令处理器(图中未示出)和DMA模块,其中,命令处理器可以基于所述异构加速资源所分配的代码执行任务的任务信息,确定所需访问的任务代码和/或任务数据的地址,DMA模块则根据所需访问的任务代码和/或任务数据的地址,向输入输出内存管理单元发出内存数据访问请求,由输入输出内存管理单元读取相应的任务代码和/或任务数据后,传输至所述异构加速资源。
在一个可选的示例中,为保证安全虚拟机的数据安全,所述命令处理器可以基于异构加速资源所执行的代码执行任务,确定代码执行任务对应的安 全虚拟机的身份信息,并将所述身份信息同时配置至内存数据访问请求,并由DMA模块发送至输入输出内存管理单元,由输入输出内存管理单元确认其所访问的代码或数据的地址与所述身份信息是否匹配,进而在确认身份信息后,进行安全内存与异构加速资源之间的数据传输。
在进一步的可选示例中,所述安全内存中的存储的数据(包括任务代码和/或任务数据)为加密数据。相应的,所述输入输出内存管理单元可以基于所述身份信息,确定安全虚拟机在安全内存中存储数据的密钥,进而基于该密钥实现安全内存中加密数据的解密,从而将相应的数据(包括任务代码和/或任务数据)传输至所述异构加速资源。
基于本公开实施例提供的代码保护系统,安全性得以保障,运算性能得到提升,从而可以用于提供基于软件的可信执行环境,和/或,所述代码保护系统用于为多方安全计算和/或联邦学习提供运行环境。
其中,多方安全计算(Secure Multi-party Computation,MPC)是现代密码学的一个重要工具,对于隐私数据共享的巨大需求使得MPC受到密码学界的高度重视并发展成为解决各种隐私保护问题的关键技术。MPC是基于密码学的算法协议来实现隐私计算目的,可以看作多种密码学基础工具的综合应用。
联邦学习(federal learning,FL)是一种新兴的人工智能基础技术,通过由每一个拥有数据源的机构训练一个模型,并将各自模型相关信息(模型的权重更新和梯度信息)采取加密的方式反复交互优化,进而通过模型聚合得到一个全局模型。其中,已训练好的联邦学习模型不共享,分别置于各参与方,在实际使用时共同配合形成预测。
在一个具体的示例中,本公开实施例提供的代码保护系统使得MPC软件可以直接利用CPU的计算能力来执行,也可以利用异构加速资源来执行,对于FL中需要用到AI或者其他异构加速时则可以使用其中的异构加速资源,例如GPGPU或者其他加速卡。
可以看出,本公开实施例提供的系统架构,在保证数据安全的前提下,提升了数据运算性能,同时,提高了数据传输效率。
基于本公开实施例提供的代码保护系统,本公开实施例还可提供代码保护方法,使得软件可以基于该方法在可信执行环境下运行。
可选的,图4示出了本公开至少一实施例提供的代码保护方法的流程图,参照图4,该流程可用于描述代码保护系统中软件的代码在需要异构加速时的流程,该流程中的软件可以运行在前述实施例提供的代码保护系统下;下文描述的代码保护方法的内容,可与上文描述的代码保护系统的内容相互对应参照。
参照图4,该流程可以包括:
步骤S10:获取代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;
步骤S11:将所述代码执行任务分配至所述代码保护系统配置的异构加速资源;
步骤S12:驱动所配置的异构加速资源执行所分配的代码执行任务。
可选的,所述代码执行任务中配置有所述代码保护系统的身份信息,以使得所述异构加速资源在所分配执行的代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行所述代码执行任务。
可选的,步骤S12驱动所配置的异构加速资源执行所分配的代码执行任务可以包括:
基于内存映射I/O接口,访问所述异构加速资源。
可选的,用于执行所述代码执行任务的任务代码和/或任务数据存储于安全内存中,所述方法还包括:
步骤S13:基于所述异构加速资源的内存数据访问请求,向所述异构加速资源传输任务代码和/或任务数据;
其中,所述内存数据访问请求基于所述代码执行任务的任务信息确定的所述异构加速资源所需访问的任务代码和/或任务数据的地址发送。
可选的,所述内存数据访问请求配置有代码保护系统的身份信息,所述身份信息基于所述异构加速资源所执行的代码执行任务确定;所述步骤S13基于所述异构加速资源的内存数据访问请求,向所述异构加速资源传输任务代码和/或任务数据,包括:
确定所述身份信息与所述内存数据访问请求所访问的地址是否匹配;
若匹配,向所述异构加速资源传输任务代码和/或任务数据。
通过本公开实施例提供的认证方法,可以在保证数据安全的前提下,提升了数据运算性能,同时,提高了数据传输效率。
作为一种可选实现,本公开实施例还提供一种芯片,该芯片可以包括本公开实施例提供的代码保护系统。
作为一种可选实现,本公开实施例还提供一种电子设备,该电子设备可以包括上述所述的芯片。
上文描述了本公开的多个实施例,各实施例介绍的各可选方式可在不冲突的情况下相互结合、交叉引用,从而延伸出多种可能的实施例,这些均可认为是本公开的实施例披露。
虽然本公开实施例披露如上,但本公开并非限定于此。任何本领域技术人员,在不脱离本公开的精神和范围内,均可作各种更动与修改,因此本公开的保护范围应当以权利要求所限定的范围为准。

Claims (22)

  1. 一种代码保护系统,包括:
    为所述代码保护系统配置的异构加速资源,所述异构加速资源被配置为执行软件的代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;
    异构加速模块,被配置为为所述代码保护系统配置的所述异构加速资源分配所述代码执行任务;
    异构加速驱动模块,被配置为驱动所配置的所述异构加速资源执行所分配的所述代码执行任务。
  2. 根据权利要求1所述的代码保护系统,其中,所述异构加速资源为异构加速设备或虚拟异构模块,且所述异构加速资源由虚拟机管理器配置至所述代码保护系统。
  3. 根据权利要求2所述的代码保护系统,其中,所述虚拟异构模块为所述虚拟机管理器基于对应所述异构加速设备的异构设备驱动创建,不同虚拟异构模块对应所述异构加速设备内的不同的内存区域。
  4. 根据权利要求1-3任一项所述的代码保护系统,其中,所述异构加速资源仅执行所配置的所述代码保护系统的所述代码执行任务。
  5. 根据权利要求1-4任一项所述的代码保护系统,其中,所述代码执行任务中配置有所述代码保护系统的身份信息,所述异构加速资源被配置为在所分配执行的代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行所述代码执行任务。
  6. 根据权利要求1-5任一项所述的代码保护系统,其中,所述异构加速驱动模块被配置为驱动所配置的所述异构加速资源执行所分配的所述代码执行任务,包括:
    基于内存映射I/O接口,访问所述异构加速资源。
  7. 根据权利要求1-6任一项所述的代码保护系统,还包括安全内存,其中,所述安全内存中存储有被配置为执行所述代码执行任务的任务代码和/或任务数据。
  8. 根据权利要求7所述的代码保护系统,其中,所述异构加速资源包括 命令处理器和直接存储访问DMA模块;
    所述命令处理器被配置为基于所述异构加速资源所分配的所述代码执行任务的任务信息,确定所需访问的任务代码和/或任务数据的地址;
    所述DMA模块被配置为根据所述所需访问的任务代码和/或任务数据的地址,向输入输出内存管理单元发送内存数据访问请求,并接收所述输入输出内存管理单元传输所述任务代码和/或任务数据。
  9. 根据权利要求8所述的代码保护系统,其中,所述命令处理器基于所述异构加速资源所执行的所述代码执行任务,确定所述代码执行任务对应的代码保护系统的身份信息,并将所述身份信息配置至所述内存数据访问请求。
  10. 根据权利要求1-9任一项所述的代码保护系统,其中,所述代码保护系统被配置为提供基于软件的可信执行环境,和/或,所述代码保护系统被配置为为多方安全计算和/或联邦学习提供运行环境。
  11. 一种代码保护方法,应用于代码保护系统,所述代码保护系统配置有异构加速资源,所述代码保护方法包括:
    获取代码执行任务,所述代码执行任务包括运行软件的代码和/或存取软件的数据;
    将所述代码执行任务分配至所述代码保护系统配置的所述异构加速资源;以及
    驱动所配置的所述异构加速资源执行所分配的所述代码执行任务。
  12. 根据权利要求11所述的代码保护方法,其中,所述代码执行任务中配置有所述代码保护系统的身份信息,以使得所述异构加速资源在所分配执行的所述代码执行任务所属的代码保护系统的身份信息与预先配置的代码保护系统的身份信息相匹配时,执行所述代码执行任务。
  13. 根据权利要求11或12所述的代码保护方法,其中,所述驱动所配置的所述异构加速资源执行所分配的所述代码执行任务,包括:
    基于内存映射I/O接口,访问所述异构加速资源。
  14. 根据权利要求11-13任一项所述的代码保护方法,其中,被配置为执行所述代码执行任务的任务代码和/或任务数据存储于安全内存中,所述代码保护方法还包括:
    基于所述异构加速资源的内存数据访问请求,向所述异构加速资源传输 任务代码和/或任务数据;其中,所述内存数据访问请求基于所述代码执行任务的任务信息确定的所述异构加速资源所需访问的任务代码和/或任务数据的地址发送。
  15. 根据权利要求14所述的代码保护方法,其中,所述内存数据访问请求配置有代码保护系统的身份信息,所述身份信息基于所述异构加速资源所执行的所述代码执行任务确定;所述基于所述异构加速资源的所述内存数据访问请求,向所述异构加速资源传输任务代码和/或任务数据,包括:
    确定所述身份信息与所述内存数据访问请求所访问的地址是否匹配;
    若匹配,向所述异构加速资源传输任务代码和/或任务数据。
  16. 一种虚拟系统架构,包括:安全虚拟机、虚拟机管理器、异构加速设备;其中,所述安全虚拟机为权利要求1-10任一项所述的代码保护系统。
  17. 根据权利要求16所述的虚拟系统架构,其中,所述虚拟机管理器被配置为为所述安全虚拟机配置异构加速资源,所述异构加速资源为所述异构加速设备或虚拟异构模块,所述虚拟异构模块为所述虚拟机管理器基于对应所述异构加速设备的异构设备驱动创建,不同虚拟异构模块对应所述异构加速设备内的不同的内存区域。
  18. 根据权利要求16所述的虚拟系统架构,其中,所述虚拟机管理器被配置为为所述安全虚拟机配置嵌套页表,所述嵌套页表被配置为指示所述安全虚拟机的用户物理地址至异构加速资源的主机物理地址的映射关系。
  19. 根据权利要求16-18任一项所述的虚拟系统架构,还包括:安全内存和输入输出内存管理单元;其中,所述安全内存配置至所述安全虚拟机,所述安全内存中存储有被配置为执行代码执行任务的任务代码和/或任务数据;
    所述输入输出内存管理单元被配置为接收异构加速资源发送的内存数据访问请求,并基于所述内存数据访问请求,向所述异构加速资源传输所述任务代码和/或任务数据。
  20. 根据权利要求19所述的虚拟系统架构,其中,所述内存数据访问请求配置有对应安全虚拟机的身份信息,所述输入输出内存管理单元被配置为基于所述内存数据访问请求,向所述异构加速资源传输所述任务代码和/或任务数据,包括:
    确定所述身份信息与所述内存数据访问请求所访问的地址是否匹配;
    若匹配,向所述异构加速资源传输所述任务代码和/或任务数据。
  21. 一种芯片,包括权利要求1-10任一项所述的代码保护系统。
  22. 一种电子设备,包括权利要求21所述的芯片。
PCT/CN2023/079580 2022-11-07 2023-03-03 代码保护系统、方法、虚拟系统架构、芯片及电子设备 WO2024098594A1 (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP23820730.2A EP4394628A4 (en) 2022-11-07 2023-03-03 CODE PROTECTION SYSTEM AND METHOD, VIRTUAL SYSTEM ARCHITECTURE, CHIP AND ELECTRONIC DEVICE

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211385501.7 2022-11-07
CN202211385501.7A CN115659290B (zh) 2022-11-07 2022-11-07 代码保护系统、方法、虚拟系统、芯片及电子设备

Publications (1)

Publication Number Publication Date
WO2024098594A1 true WO2024098594A1 (zh) 2024-05-16

Family

ID=85016590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/079580 WO2024098594A1 (zh) 2022-11-07 2023-03-03 代码保护系统、方法、虚拟系统架构、芯片及电子设备

Country Status (3)

Country Link
EP (1) EP4394628A4 (zh)
CN (1) CN115659290B (zh)
WO (1) WO2024098594A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115659290B (zh) * 2022-11-07 2023-07-21 海光信息技术股份有限公司 代码保护系统、方法、虚拟系统、芯片及电子设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110348204A (zh) * 2019-06-17 2019-10-18 海光信息技术有限公司 一种代码保护系统、认证方法、装置、芯片及电子设备
US20200057664A1 (en) * 2018-08-20 2020-02-20 Intel Corporation Secure public cloud using extended paging and memory integrity
CN114238185A (zh) * 2021-12-20 2022-03-25 海光信息技术股份有限公司 直接存储访问及命令数据传输方法、装置及相关设备
CN115080183A (zh) * 2022-06-10 2022-09-20 阿里巴巴(中国)有限公司 一种vgpu加速方法、设备及存储介质
CN115659290A (zh) * 2022-11-07 2023-01-31 海光信息技术股份有限公司 代码保护系统、方法、虚拟系统架构、芯片及电子设备

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8274518B2 (en) * 2004-12-30 2012-09-25 Microsoft Corporation Systems and methods for virtualizing graphics subsystems
US8156298B1 (en) * 2007-10-24 2012-04-10 Adam Stubblefield Virtualization-based security apparatuses, methods, and systems
US8327059B2 (en) * 2009-09-30 2012-12-04 Vmware, Inc. System and method to enhance memory protection for programs in a virtual machine environment
EP2513810B1 (en) * 2009-12-14 2016-02-17 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
US8694781B1 (en) * 2012-03-30 2014-04-08 Emc Corporation Techniques for providing hardware security module operability
US8583920B1 (en) * 2012-04-25 2013-11-12 Citrix Systems, Inc. Secure administration of virtual machines
US10261813B2 (en) * 2013-09-25 2019-04-16 Arm Limited Data processing system for dispatching tasks from a plurality of applications to a shared resource provided by an accelerator
US10853118B2 (en) * 2015-12-21 2020-12-01 Intel Corporation Apparatus and method for pattern-driven page table shadowing for graphics virtualization
US10587412B2 (en) * 2017-11-07 2020-03-10 International Business Machines Corporation Virtual machine structure
JP2021503124A (ja) * 2017-11-15 2021-02-04 ホアウェイ・テクノロジーズ・カンパニー・リミテッド アクセラレーションリソーススケジューリング方法及び装置、並びにアクセラレーションシステム
WO2019178855A1 (zh) * 2018-03-23 2019-09-26 华为技术有限公司 一种虚拟机访问远端加速设备方法及系统
US20190114195A1 (en) * 2018-08-22 2019-04-18 Intel Corporation Virtual device composition in a scalable input/output (i/o) virtualization (s-iov) architecture
US11836091B2 (en) * 2018-10-31 2023-12-05 Advanced Micro Devices, Inc. Secure memory access in a virtualized computing environment
US11295008B2 (en) * 2019-02-13 2022-04-05 Nec Corporation Graphics processing unit accelerated trusted execution environment
US10817441B2 (en) * 2019-03-29 2020-10-27 Intel Corporation Shared accelerator memory systems and methods
CN110196754A (zh) * 2019-04-24 2019-09-03 苏州浪潮智能科技有限公司 一种GPU设备在Linux KVM下的直通方法及装置
CN112181583A (zh) * 2019-07-05 2021-01-05 中国电信股份有限公司 虚拟化管理系统、方法和计算机可读存储介质
US11288377B1 (en) * 2019-10-03 2022-03-29 Pavel Izhutov Virtual machine-based trusted execution environment
US11531770B2 (en) * 2019-12-23 2022-12-20 Intel Corporation Trusted local memory management in a virtualized GPU
CN112256331B (zh) * 2020-12-22 2021-04-27 鹏城实验室 虚拟机指令解析加速方法、装置和计算机存储介质
CN112286645B (zh) * 2020-12-29 2021-03-23 北京泽塔云科技股份有限公司 一种gpu资源池调度系统及方法
CN113254129B (zh) * 2021-05-13 2022-11-29 贵州海誉科技股份有限公司 一种云桌面gpu直通虚拟化重定向管理系统及方法
CN113434261B (zh) * 2021-08-27 2021-12-17 阿里云计算有限公司 异构计算设备虚拟化方法及系统
CN114237817A (zh) * 2021-11-30 2022-03-25 海光信息技术股份有限公司 虚拟机数据读写方法及相关装置
CN115130140B (zh) * 2022-08-31 2022-12-06 北京锘崴信息科技有限公司 多方隐私数据及金融隐私数据的安全联合分析方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200057664A1 (en) * 2018-08-20 2020-02-20 Intel Corporation Secure public cloud using extended paging and memory integrity
CN110348204A (zh) * 2019-06-17 2019-10-18 海光信息技术有限公司 一种代码保护系统、认证方法、装置、芯片及电子设备
CN114238185A (zh) * 2021-12-20 2022-03-25 海光信息技术股份有限公司 直接存储访问及命令数据传输方法、装置及相关设备
CN115080183A (zh) * 2022-06-10 2022-09-20 阿里巴巴(中国)有限公司 一种vgpu加速方法、设备及存储介质
CN115659290A (zh) * 2022-11-07 2023-01-31 海光信息技术股份有限公司 代码保护系统、方法、虚拟系统架构、芯片及电子设备

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4394628A4 *

Also Published As

Publication number Publication date
CN115659290B (zh) 2023-07-21
CN115659290A (zh) 2023-01-31
EP4394628A1 (en) 2024-07-03
EP4394628A4 (en) 2024-07-10

Similar Documents

Publication Publication Date Title
CN112005237B (zh) 安全区中的处理器与处理加速器之间的安全协作
CN101551784B (zh) 一种usb接口的ata类存储设备中数据的加密方法及装置
US20160366130A1 (en) Apparatus and method for providing security service based on virtualization
US20180253328A1 (en) Virtual machine exit support by a virtual machine function
WO2016107394A1 (zh) 虚拟机的深度证明方法、计算设备和计算机系统
CN104951688B (zh) 适用于Xen虚拟化环境下的专用数据加密方法及加密卡
WO2024098594A1 (zh) 代码保护系统、方法、虚拟系统架构、芯片及电子设备
CN114266035B (zh) 一种高性能密码卡及配置方法
CN114238185A (zh) 直接存储访问及命令数据传输方法、装置及相关设备
CN112035902A (zh) 一种面向高速高并发应用的加密模组
CN112035900B (zh) 一种高性能密码卡以及其通信方法
CN111967065B (zh) 一种数据保护方法、处理器及电子设备
EP4332810A1 (en) Method for realizing virtualized trusted platform module, and secure processor and storage medium
CN111158857B (zh) 数据加密方法、装置、设备及存储介质
CN113704041A (zh) Fpga设计的安全调试
CN116841691B (zh) 加密硬件的配置方法、数据机密计算方法及相关设备
KR100799305B1 (ko) 다중 암호엔진을 사용하는 고성능 암호화 장치
WO2023133862A1 (zh) 数据处理方法及系统
CN116418522A (zh) 一种基于虚拟化技术的云服务器密码机系统
JP7552999B2 (ja) データ伝送方法、装置、システム、コンピュータ機器及びコンピュータプログラム
CN107749862A (zh) 一种数据加密集中存储方法、服务器、用户终端及系统
WO2024168309A1 (en) Secure processing in a data transform accelerator using a virtual machine
US10678577B2 (en) Method for implementing virtual secure element
CN113157396A (zh) 一种虚拟化服务系统和方法
CN116450281A (zh) 访问处理方法、虚拟机标识配置方法、芯片及计算机设备

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2023820730

Country of ref document: EP

Effective date: 20231218