[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN115062307B - Open POWER-based program integrity checking method, system, terminal and storage medium - Google Patents

Open POWER-based program integrity checking method, system, terminal and storage medium Download PDF

Info

Publication number
CN115062307B
CN115062307B CN202210912654.6A CN202210912654A CN115062307B CN 115062307 B CN115062307 B CN 115062307B CN 202210912654 A CN202210912654 A CN 202210912654A CN 115062307 B CN115062307 B CN 115062307B
Authority
CN
China
Prior art keywords
verification
program
reference value
value library
logic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210912654.6A
Other languages
Chinese (zh)
Other versions
CN115062307A (en
Inventor
许鑫
吴保锡
韩春超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Inspur Intelligent Technology Co Ltd
Original Assignee
Suzhou Inspur Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Inspur Intelligent Technology Co Ltd filed Critical Suzhou Inspur Intelligent Technology Co Ltd
Priority to CN202210912654.6A priority Critical patent/CN115062307B/en
Publication of CN115062307A publication Critical patent/CN115062307A/en
Application granted granted Critical
Publication of CN115062307B publication Critical patent/CN115062307B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention relates to the technical field of servers, and particularly provides a program integrity checking method, a system, a terminal and a storage medium based on Open POWER, which comprise the following steps: initializing the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER, and registering the integrity verification logic to a dedicated interface layer; copying the program file to a kernel space, wherein the kernel space stores an initial system state when the program runs; acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer, and verifying the program file by using the standard verification information; confirming that verification is completed, and restoring the current system state to the initial system state; a process is created for the program file that passes the verification. According to the invention, a program verification environment independent of the operating system kernel is created, and a malicious program or a tampered operating system kernel cannot damage the logic, so that the reliability of program verification is improved compared with a common program integrity verification scheme.

Description

Open POWER-based program integrity checking method, system, terminal and storage medium
Technical Field
The invention belongs to the technical field of servers, and particularly relates to a program integrity checking method, a system, a terminal and a storage medium based on Open POWER.
Background
Typically, the integrity verification of a program on an operating system is performed by other programs (such as security software, antivirus software, etc.) or an operating system kernel (such as an IMA framework in a Linux kernel), and whether the program can run is determined according to the result of the integrity verification.
With the continuous improvement of malicious attack technology, the kernel of the operating system is also faced with malicious attack or malicious tampering. Once the operating system kernel is maliciously tampered with, the security software running in the operating system or the security architecture in the kernel is no longer trusted. After the attacker breaks the integrity framework of the kernel, the attacker can cause huge threat to the service environment of the user by matching with malicious programs.
Disclosure of Invention
Aiming at the problem that the existing kernel verification mode is not trusted after attack and upgrade, the invention provides a program integrity verification method, a system, a terminal and a storage medium based on Open POWER, which are used for solving the technical problems.
In a first aspect, the present invention provides a method for verifying program integrity based on Open POWER, including:
Initializing the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER, and registering the integrity verification logic to a dedicated interface layer;
Copying the program file to a kernel space, wherein the kernel space stores an initial system state when the program runs;
Acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer, and verifying the program file by using the standard verification information;
Confirming that verification is completed, and restoring the current system state to the initial system state;
a process is created for the program file that passes the verification.
Further, initializing the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER, and registering the integrity verification logic to the dedicated interface layer, including:
Loading the reference value library from the storage area to the memory after starting up, and if the reference value library and the system firmware data are stored in the same storage area, no operation of reading the reference value library is required to be executed when the system firmware runs;
The system firmware firstly completes a normal hardware initialization flow, and program verification logic is added after all conventional initialization operations are completed;
Copying the reference value library data into a service memory space when the system firmware operates, and ensuring that program verification logic can normally access the reference value library data;
all special interface layer information is stored in a special list for use by a calling object, and a program verification logic interface is registered in the special list.
Further, before initializing the Open POWER, the method further includes:
when the system firmware executes the update reference value library logic, acquiring a manufacturer verification certificate solidified in the system firmware;
Verifying the data of the reference value library to be imported by using the manufacturer verification certificate, and if the verification fails, exiting the updating operation; if the verification is successful, the original reference value library is firstly erased, and then the reference value library to be imported is written into the special memory chip.
Further, obtaining standard verification information corresponding to the program file from the reference value library through a special interface layer and verifying the program file by using the standard verification information comprises the following steps:
transferring the program file in the kernel space to a program verification logic interface independent of the kernel space by calling a special interface layer;
The program verification module to which the program verification logic interface belongs verifies the program file based on a reference value library;
and outputting the verification result to the kernel space of the operating system through the special interface layer.
Further, confirming that the verification is completed, and restoring the current system state to the initial system state includes:
And restoring the saved memory stack and processor register state to the state before the special interface layer call so as to enable the kernel and the program of the operating system to continue to run.
In a second aspect, the present invention provides an Open POWER-based program integrity verification system, including:
An initial loading unit, configured to initialize Open POWER firmware to load a reference value library and integrity verification logic of Open POWER, and register the integrity verification logic to a dedicated interface layer;
the state saving unit is used for copying the program file to a kernel space, and the kernel space saves the initial system state of the program during running;
The verification execution unit is used for acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer and verifying the program file by utilizing the standard verification information;
the state recovery unit is used for confirming that the verification is completed and recovering the current system state to the initial system state;
and the process creation unit is used for creating a process for the program file passing the verification.
Further, the initial loading unit includes:
The reference loading module is used for loading the reference value library from the storage area to the memory after the power-on, and if the reference value library and the system firmware data are stored in the same storage area, the operation of reading the reference value library is not needed to be executed when the system firmware runs;
the logic adding module is used for firstly completing a normal hardware initialization flow by the system firmware and adding program verification logic after all conventional initialization operations are completed;
The data copying module is used for copying the reference value library data into a service memory space when the system firmware operates, so that the program verification logic can normally access the reference value library data;
and the information storage module is used for storing all the special interface layer information into a special list for the calling object to use and registering the program verification logic interface into the special list.
Further, the system further comprises:
The certificate acquisition unit is used for acquiring a manufacturer verification certificate solidified in the system firmware when the system firmware executes the updating reference value library logic;
The data updating module is used for verifying the data of the reference value library to be imported by using the manufacturer verification certificate, and if the verification fails, the updating operation is exited; if the verification is successful, the original reference value library is firstly erased, and then the reference value library to be imported is written into the special memory chip.
In a third aspect, a terminal is provided, including:
A processor, a memory, wherein,
The memory is used for storing a computer program,
The processor is configured to call and run the computer program from the memory, so that the terminal performs the method of the terminal as described above.
In a fourth aspect, there is provided a computer storage medium having instructions stored therein which, when run on a computer, cause the computer to perform the method of the above aspects.
The OpenPOWER-based program integrity verification method, system, terminal and storage medium provided by the invention have the beneficial effects that the OpenPOWER-based program integrity verification environment independent of the operating system kernel is created, and a malicious program or a tampered operating system kernel cannot damage the logic, so that the reliability of program verification is improved compared with a common program integrity verification scheme.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the description of the embodiments or the prior art will be briefly described below, and it will be obvious to those skilled in the art that other drawings can be obtained from these drawings without inventive effort.
FIG. 1 is a schematic flow chart of a method of one embodiment of the invention.
FIG. 2 is a diagram of a verification environment for a method of one embodiment of the invention.
FIG. 3 is a memory state diagram of a method according to one embodiment of the invention.
FIG. 4 is an Open Power initialization flow chart of a method of one embodiment of the present invention.
Fig. 5 is a flowchart of a reference value library update of a method of one embodiment of the present invention.
FIG. 6 is a program loading system call execution flow diagram of a method of one embodiment of the invention.
Fig. 7 is a program verification flow chart of a method of one embodiment of the invention.
Fig. 8 is a schematic block diagram of a system of one embodiment of the present invention.
Fig. 9 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make the technical solution of the present invention better understood by those skilled in the art, the technical solution of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
The following explains key terms appearing in the present invention.
IMA: INTEGRITY MEASUREMENT ARCHITECTURE (integrity measurement architecture), IMA is a system for measuring and verifying the integrity of a program in a Linux kernel during running, and is used for calculating a measurement value (Hash value) of the running program, comparing the measurement value with a reference value, and judging whether the program can be loaded and run according to a comparison result.
And (3) system call: SYSTEM CALL the operating system kernel checks a set of interfaces provided by the application layer for implementing different functions. exec system calls can load program files and create processes.
OpenPOWER: a set of open source processor framework is widely applied to the field of servers.
OpenPOWER PNOR: the system firmware in the OpenPOWER architecture is used for initializing computer hardware, building an operating system running environment, booting an operating system and the like.
OPAL: openPOWER Abstraction Layer (OpenPOWER abstraction layer), one of the components of OpenPOWER PNOR is used to initialize computer hardware, initialize an operating system runtime environment, boot an operating system, and provide runtime services for the operating system.
Dedicated interface layer (OPAL API): OPAL application program interface, OPAL provides an interface for the operating system to run-time services.
The OpenPOWER introduces OPAL API mechanism, after initializing the hardware and booting the operating system at OpenPOWER PNOR, the operating system may continue to provide runtime services for the operating system, which may use OPAL the provided runtime services by calling OPAL API. And OPAL API is independent of the os kernel memory space, the os kernel can only use the functions provided by OPAL through the fixed interface provided by OPAL, but cannot modify the memory space of OPAL API, which can ensure that OPAL API is not disturbed by the os kernel or application program.
The invention provides a method for realizing the integrity verification of a program in running under OpenPOWER, which adds program integrity verification logic into system firmware, registers the logic as OPAL API, and simultaneously realizes the call logic to OPAL API in an operating system kernel, when exec (system call of loading and running an application program by the kernel) system call is executed in the kernel, OPAL API is firstly called to verify the integrity of the program, and whether the program can be loaded and run is judged according to the verification result.
FIG. 1 is a schematic flow chart of a method of one embodiment of the invention. The execution body of fig. 1 may be an Open POWER-based program integrity checking system.
As shown in fig. 1, the method includes:
Step 110, initializing the Open POWER firmware to load the reference value library and the integrity verification logic of the Open POWER, and registering the integrity verification logic to the dedicated interface layer;
step 120, copying the program file to kernel space, and the kernel space stores the initial system state of the program in running;
130, acquiring standard verification information corresponding to a program file from the reference value library through a special interface layer and verifying the program file by using the standard verification information;
step 140, confirming that the verification is completed, and restoring the current system state to the initial system state;
step 150, creating a process for the program file passing the verification.
Currently, an integrity verification technology based on trusted computing is available, which utilizes a trusted root chip (such as a TPM chip in international standard and a TCM chip in domestic standard) to collect integrity values of various components (such as system firmware or operating system kernel) when a computer is started, and the integrity values are compared with reference values before the operating system is started, so that the integrity of the operating system kernel is ensured. Compared with the prior art, the Open POWER-based program integrity checking method provided by the application has the following distinguishing points:
1) The computer based on the trusted computing integrity verification technology needs the support of independent trusted root hardware, and the invention does not need additional hardware support, but only needs to modify the existing firmware, operating system and other software;
2) The present technology for realizing integrity verification by using the trusted root is to verify key computer modules such as firmware, operating system kernel and the like before kernel starting, but not verify all programs on an operating system, and the present technology is to verify the integrity of all programs on the operating system when running, but not the integrity of the operating system when starting;
3) At present, a trusted computing technology is utilized to aim at a verification method when a program runs, a reference value is still stored in a file system of an operating system and is influenced by a kernel, and a reference value library is positioned in a memory space of firmware, so that the reference value library is not influenced by the kernel or other programs.
In order to facilitate understanding of the present invention, the principle of the Open POWER-based program integrity checking method of the present invention is used to further describe the Open POWER-based program integrity checking method according to the present invention in combination with a process of checking Open POWER-based program integrity in the embodiment.
Referring to fig. 2 and 3, the present invention integrates program integrity verification logic into OpenPOWER PNOR. After the computer is powered up, openPOWER PNOR completes initialization of computer hardware according to conventional logic, loads the verification reference value library, and registers the program verification logic interface as OPAL API for subsequent components. The new exec system call is added into the kernel of the operating system, which is different from the logic of loading and executing the program by the normal exec system call, the new exec system call firstly loads the binary file of the program, and the program integrity verification OPAL API provided by OpenPOWER is called, so as to measure and verify the program integrity, and whether to continue executing the program running logic is judged according to the verification result. OpenPOWER PNOR is stored by an independent memory chip, and after power-on, the computer can read the data in the chip and put the data into a memory designated position for execution. The program reference value library can be stored in the memory chip and loaded along with OpenPOWER PNOR loading, or can be stored in a separate memory chip. The reference value library reading method is related to a specific storage method, and the present invention is not limited thereto.
Specifically, the Open POWER-based program integrity checking method includes:
s1, initializing the OpenPOWER firmware to load a benchmark library of the OpenPOWER and integrity verification logic, and registering the integrity verification logic to a special interface layer.
Referring to fig. 4, the openpower PNOR initialization procedure includes: the reference value library relied on by the program verification logic operation needs to be copied to the designated memory space in OpenPOWER PNOR operation stage, and the following steps are specifically executed:
1) Loading system firmware data: after the computer is powered on, loading the system firmware data into the memory from the storage area, and if the reference value library and the system firmware data are stored in the same storage area, no operation of reading the reference value library is required to be executed when the system firmware runs;
2) Hardware initialization: the system firmware firstly completes a normal hardware initialization flow, and program verification logic is added after all conventional initialization operations are completed;
3) Copy reference value library: copying the reference value library data into a service memory space when the system firmware operates, and ensuring that the program verification logic can normally access the reference value library data.
4) Registration OPAL API: the program verification logic has a fixed interface to receive program data and return verification results, and all OPAL API information is stored in a table (OPAL API Table) for use by other calling objects. Finally, the program verification logic interface needs to be registered OPAL API Table for subsequent components to use the program verification function through index OPAL API Table.
In order to meet the requirement of upgrading or replacing the operating system by a user, openPOWER PNOR should also provide a function of updating the program reference value library, so as to ensure that the application program can normally run after the operating system is replaced. In order to ensure the safety of the update logic and prevent a malicious attacker from damaging the verified reference value by attacking the operating system, the reference value update logic can only be executed in the OpenPOWER PNOR operation stage when the computer is started, the update function cannot be registered as OPAL API for other components to call, and the reference value library of the firmware verification logic is ensured not to be damaged after other components are damaged. Meanwhile, in order to further ensure the safety of the updated logic, the program reference value library can only be issued by a computer manufacturer, and in OpenPOWER PNOR, the manufacturer digital certificate is solidified, and when the reference value library is imported, the integrity and the legality of the reference value library are verified by using the certificate, so that the safety and the credibility of the content of the logic reference value library are ensured. When a computer user uses the customization system, a list of program reference values may be provided to the computer manufacturer, where a new library of reference values is issued by the computer manufacturer.
The specific reference value library updating flow is shown in fig. 5, in order to ensure the security and reliability of the reference value library, the updating operation of the reference value library is only allowed to be executed in the running stage of the system firmware, and other components cannot execute the logic, namely, the computer needs to be restarted and the system firmware logic needs to be executed again each time the reference value library needs to be updated. The method specifically comprises the following steps:
1) Acquiring a verification certificate: when the system firmware executes the update reference value library logic, firstly acquiring a manufacturer verification certificate solidified in the system firmware;
2) Verifying a reference value library to be imported: verifying the reference value library data to be imported by using the certificate obtained in the step 1), if the verification fails, the reference value library data imported at the present time is destroyed or no approval of a computer manufacturer is obtained, and the updating operation should be exited;
3) Updating a reference value library: after the data of the imported reference value library passes the verification, the original reference value library is firstly erased, and then a new reference value library is written into the memory chip.
S2, copying the program file to a kernel space, and storing an initial system state of the program in the kernel space during running. And acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer, and verifying the program file by using the standard verification information. And confirming that the verification is completed, and restoring the current system state to the initial system state.
Referring to FIG. 6, before the operating system kernel creates a process, it is necessary to map the program binary file to kernel space and then create the process. Therefore, the integrity of the program needs to be verified by calling OPAL API before each process is created, and the specific steps are as follows:
1) Program file mapping: copying program binary file data in a file system to a kernel space, and creating a process by a subsequent kernel according to the data in the memory space;
2) Saving stack, register state: the operating system kernel stores the state of the memory stack, the processor register and the like in the current running process so as to restore the processing state after the call OPAL API;
3) Call OPAL API: transferring the program data mapped in the kernel space to a program verification logic interface independent of the kernel space by calling OPAL API;
4) Obtaining OPAL API execution results: after the program verification logic is executed, the kernel of the operating system can acquire a verification result through OPAL API;
5) Restoring stack, register state: restoring the saved memory stack and processor register state to OPAL API before call so that the operating system kernel and the user program can continue to run;
6) The creation process: after the program verification is passed, the kernel creates and schedules the process according to the normal process creation flow.
The program verification process is shown in fig. 7, and the program verification process refers to a process triggered by calling a program verification logic interface through OPAL API, and includes the following steps:
1) Index reference value library: according to the file path, indexing the reference value library, and if no corresponding reference value entry exists, considering the program as an illegal program and refusing to run;
2) The metrology interface inputs data: and calculating the Hash value of the input program data.
3) Verifying program integrity: comparing the reference value indexed in the step 1) with the Hash value calculated in the step 2), if the reference value is consistent with the Hash value, the program is considered to be safe and reliable, the kernel is allowed to create the process, otherwise, the verification failure is returned, and the kernel terminates the process.
S5, creating a process for the program file passing the verification.
According to the method, an operating system on the OpenPOWER platform can call OpenPOWER PONR a program verification interface provided in the OpenPOWER platform to verify the integrity of an operating program, program verification logic operates in a memory space independent of an operating system kernel, and a malicious program or a tampered operating system kernel cannot damage the logic, so that compared with a common program integrity verification scheme, the security is improved.
Meanwhile, in consideration of the diversity of the operating system of the computer user, reference value library updating logic is added in OpenPOWER PNOR to allow the user to update the reference value library after upgrading or replacing the operating system. In order to ensure the safety of the updating flow, the logic is only effective in OpenPOWER PNOR operation, does not provide interfaces for other components, and prevents the components which are maliciously tampered from damaging the reference value library. And the signature verification reference value library is used for further ensuring the safety of the update logic during update.
As shown in fig. 8, the system 800 includes:
An initial loading unit 810, configured to initialize the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER, and register the integrity verification logic to a dedicated interface layer;
A state saving unit 820 for copying the program file to kernel space, the kernel space saving the initial system state when the program is running;
the verification execution unit 830 is configured to obtain standard verification information corresponding to a program file from the reference value library through a dedicated interface layer, and verify the program file by using the standard verification information;
A state recovery unit 840, configured to confirm that the verification is completed, and recover the current system state to the initial system state;
The process creation unit 850 is configured to create a process for the program file that passes the verification.
Optionally, as an embodiment of the present invention, the initial loading unit includes:
The reference loading module is used for loading the reference value library from the storage area to the memory after the power-on, and if the reference value library and the system firmware data are stored in the same storage area, the operation of reading the reference value library is not needed to be executed when the system firmware runs;
the logic adding module is used for firstly completing a normal hardware initialization flow by the system firmware and adding program verification logic after all conventional initialization operations are completed;
The data copying module is used for copying the reference value library data into a service memory space when the system firmware operates, so that the program verification logic can normally access the reference value library data;
and the information storage module is used for storing all the special interface layer information into a special list for the calling object to use and registering the program verification logic interface into the special list.
Optionally, as an embodiment of the present invention, the system further includes:
The certificate acquisition unit is used for acquiring a manufacturer verification certificate solidified in the system firmware when the system firmware executes the updating reference value library logic;
The data updating module is used for verifying the data of the reference value library to be imported by using the manufacturer verification certificate, and if the verification fails, the updating operation is exited; if the verification is successful, the original reference value library is firstly erased, and then the reference value library to be imported is written into the special memory chip.
Fig. 9 is a schematic structural diagram of a terminal 900 according to an embodiment of the present invention, where the terminal 900 may be used to execute the Open POWER program integrity checking method according to the embodiment of the present invention.
The terminal 900 may include: processor 910, memory 920, and communication unit 930. The components may communicate via one or more buses, and it will be appreciated by those skilled in the art that the configuration of the server as shown in the drawings is not limiting of the invention, as it may be a bus-like structure, a star-like structure, or include more or fewer components than shown, or may be a combination of certain components or a different arrangement of components.
The memory 920 may be used to store instructions for execution by the processor 910, and the memory 920 may be implemented by any type of volatile or nonvolatile memory terminal or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk, or optical disk. The execution of the instructions in memory 920, when executed by processor 910, enables terminal 900 to perform some or all of the steps in the method embodiments described below.
The processor 910 is a control center of the storage terminal, connects various parts of the entire electronic terminal using various interfaces and lines, and performs various functions of the electronic terminal and/or processes data by running or executing software programs and/or modules stored in the memory 920, and invoking data stored in the memory. The processor may be comprised of an integrated circuit (INTEGRATED CIRCUIT, simply referred to as an IC), for example, a single packaged IC, or may be comprised of multiple packaged ICs connected to one another for the same function or for different functions. For example, the processor 910 may include only a central processing unit (Central Processing Unit, CPU for short). In the embodiment of the invention, the CPU can be a single operation core or can comprise multiple operation cores.
A communication unit 930, configured to establish a communication channel, so that the storage terminal may communicate with other terminals. Receiving user data sent by other terminals or sending the user data to other terminals.
The present invention also provides a computer storage medium in which a program may be stored, which program may include some or all of the steps in the embodiments provided by the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), a random-access memory (random access memory RAM), or the like.
Therefore, the present invention creates a program verification environment independent of the operating system kernel through OpenPOWER, and the malicious program or tampered operating system kernel cannot destroy the logic, so that compared with the common program integrity verification scheme, the reliability of program verification is improved, and the technical effects achieved by the present embodiment can be seen from the above description, and are not repeated here.
It will be apparent to those skilled in the art that the techniques of embodiments of the present invention may be implemented in software plus a necessary general purpose hardware platform. Based on such understanding, the technical solution in the embodiments of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium such as a U-disc, a mobile hard disc, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk or an optical disk, etc. various media capable of storing program codes, including several instructions for causing a computer terminal (which may be a personal computer, a server, or a second terminal, a network terminal, etc.) to execute all or part of the steps of the method described in the embodiments of the present invention.
The same or similar parts between the various embodiments in this specification are referred to each other. In particular, for the terminal embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and reference should be made to the description in the method embodiment for relevant points.
In the several embodiments provided by the present invention, it should be understood that the disclosed systems and methods may be implemented in other ways. For example, the system embodiments described above are merely illustrative, e.g., the division of the elements is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple elements or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, system or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
Although the present invention has been described in detail by way of preferred embodiments with reference to the accompanying drawings, the present invention is not limited thereto. Various equivalent modifications and substitutions may be made in the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and it is intended that all such modifications and substitutions be within the scope of the present invention/be within the scope of the present invention as defined by the appended claims. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (9)

1. An Open POWER-based program integrity checking method is characterized by comprising the following steps:
Initializing the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER, and registering the integrity verification logic to a dedicated interface layer;
Copying the program file to a kernel space, wherein the kernel space stores an initial system state when the program runs;
Acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer, and verifying the program file by using the standard verification information;
Confirming that verification is completed, and restoring the current system state to the initial system state;
Creating a process for the program file passing the verification;
Obtaining standard verification information corresponding to the program file from the reference value library through a special interface layer and verifying the program file by using the standard verification information, wherein the method comprises the following steps:
transferring the program file in the kernel space to a program verification logic interface independent of the kernel space by calling a special interface layer;
The program verification module to which the program verification logic interface belongs verifies the program file based on a reference value library;
and outputting the verification result to the kernel space of the operating system through the special interface layer.
2. The method of claim 1, wherein initializing the Open POWER firmware to load a reference value library and integrity verification logic of the Open POWER and register the integrity verification logic with the dedicated interface layer comprises:
Loading the reference value library from the storage area to the memory after starting up, and if the reference value library and the system firmware data are stored in the same storage area, no operation of reading the reference value library is required to be executed when the system firmware runs;
The system firmware firstly completes a normal hardware initialization flow, and program verification logic is added after all conventional initialization operations are completed;
Copying the reference value library data into a service memory space when the system firmware operates, and ensuring that program verification logic can normally access the reference value library data;
all special interface layer information is stored in a special list for use by a calling object, and a program verification logic interface is registered in the special list.
3. The method of claim 1, wherein prior to initializing Open POWER, the method further comprises:
when the system firmware executes the update reference value library logic, acquiring a manufacturer verification certificate solidified in the system firmware;
Verifying the data of the reference value library to be imported by using the manufacturer verification certificate, and if the verification fails, exiting the updating operation; if the verification is successful, the original reference value library is firstly erased, and then the reference value library to be imported is written into the special memory chip.
4. The method of claim 1, wherein confirming that the verification is complete, restoring the current system state to the initial system state comprises:
And restoring the saved memory stack and processor register state to the state before the special interface layer call so as to enable the kernel and the program of the operating system to continue to run.
5. An Open POWER-based program integrity verification system, comprising:
An initial loading unit, configured to initialize Open POWER firmware to load a reference value library and integrity verification logic of Open POWER, and register the integrity verification logic to a dedicated interface layer;
the state saving unit is used for copying the program file to a kernel space, and the kernel space saves the initial system state of the program during running;
The verification execution unit is used for acquiring standard verification information corresponding to the program file from the reference value library through a special interface layer and verifying the program file by utilizing the standard verification information;
the state recovery unit is used for confirming that the verification is completed and recovering the current system state to the initial system state;
a process creation unit for creating a process for the program file passing the verification;
Obtaining standard verification information corresponding to the program file from the reference value library through a special interface layer and verifying the program file by using the standard verification information, wherein the method comprises the following steps:
transferring the program file in the kernel space to a program verification logic interface independent of the kernel space by calling a special interface layer;
The program verification module to which the program verification logic interface belongs verifies the program file based on a reference value library;
and outputting the verification result to the kernel space of the operating system through the special interface layer.
6. The system of claim 5, wherein the initial loading unit comprises:
The reference loading module is used for loading the reference value library from the storage area to the memory after the power-on, and if the reference value library and the system firmware data are stored in the same storage area, the operation of reading the reference value library is not needed to be executed when the system firmware runs;
the logic adding module is used for firstly completing a normal hardware initialization flow by the system firmware and adding program verification logic after all conventional initialization operations are completed;
The data copying module is used for copying the reference value library data into a service memory space when the system firmware operates, so that the program verification logic can normally access the reference value library data;
and the information storage module is used for storing all the special interface layer information into a special list for the calling object to use and registering the program verification logic interface into the special list.
7. The system of claim 5, wherein the system further comprises:
The certificate acquisition unit is used for acquiring a manufacturer verification certificate solidified in the system firmware when the system firmware executes the updating reference value library logic;
The data updating module is used for verifying the data of the reference value library to be imported by using the manufacturer verification certificate, and if the verification fails, the updating operation is exited; if the verification is successful, the original reference value library is firstly erased, and then the reference value library to be imported is written into the special memory chip.
8. A terminal, comprising:
A processor;
a memory for storing execution instructions of the processor;
Wherein the processor is configured to perform the method of any of claims 1-4.
9. A computer readable storage medium storing a computer program, which when executed by a processor implements the method of any one of claims 1-4.
CN202210912654.6A 2022-07-30 2022-07-30 Open POWER-based program integrity checking method, system, terminal and storage medium Active CN115062307B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210912654.6A CN115062307B (en) 2022-07-30 2022-07-30 Open POWER-based program integrity checking method, system, terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210912654.6A CN115062307B (en) 2022-07-30 2022-07-30 Open POWER-based program integrity checking method, system, terminal and storage medium

Publications (2)

Publication Number Publication Date
CN115062307A CN115062307A (en) 2022-09-16
CN115062307B true CN115062307B (en) 2024-06-25

Family

ID=83207879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210912654.6A Active CN115062307B (en) 2022-07-30 2022-07-30 Open POWER-based program integrity checking method, system, terminal and storage medium

Country Status (1)

Country Link
CN (1) CN115062307B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116679967B (en) * 2023-07-28 2023-11-03 苏州浪潮智能科技有限公司 Firmware upgrading method and device for basic input/output system
CN116880884B (en) * 2023-09-08 2023-11-24 鼎铉商用密码测评技术(深圳)有限公司 Updating method of electronic device, updating device and readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102332070A (en) * 2011-09-30 2012-01-25 中国人民解放军海军计算技术研究所 Trust chain transfer method for trusted computing platform
CN111159691A (en) * 2019-12-23 2020-05-15 北京工业大学 Dynamic credibility verification method and system for application program

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060101310A1 (en) * 2004-10-22 2006-05-11 Nimrod Diamant Device, system and method for verifying integrity of software programs
CN111159762B (en) * 2019-12-23 2022-08-12 北京工业大学 Subject credibility verification method and system under mandatory access control
CN112445537B (en) * 2020-12-11 2022-04-15 中国科学院信息工程研究所 Trusted starting method and device of operating system, mobile terminal and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102332070A (en) * 2011-09-30 2012-01-25 中国人民解放军海军计算技术研究所 Trust chain transfer method for trusted computing platform
CN111159691A (en) * 2019-12-23 2020-05-15 北京工业大学 Dynamic credibility verification method and system for application program

Also Published As

Publication number Publication date
CN115062307A (en) 2022-09-16

Similar Documents

Publication Publication Date Title
JP5512610B2 (en) Method, system, and machine-readable storage medium for permitting or blocking access to memory from non-firmware agent
CN103718165B (en) BIOS flash memory attack protection and notice
KR101643072B1 (en) Providing an immutable antivirus payload for internet ready compute nodes
US5844986A (en) Secure BIOS
US10599419B2 (en) Secure firmware updates using virtual machines to validate firmware packages
US20140250290A1 (en) Method for Software Anti-Rollback Recovery
US20050289646A1 (en) Virtual firmware smart card
CN115062307B (en) Open POWER-based program integrity checking method, system, terminal and storage medium
CN103329093A (en) Updating software
US20190236279A1 (en) Perform security action based on inventory comparison
CN107567629B (en) Dynamic firmware module loader in trusted execution environment container
CN102298529A (en) Providing silicon integrated code for a system
CN113448682B (en) Virtual machine monitor loading method and device and electronic equipment
CN114818012B (en) Linux file integrity measuring method based on white list
KR101013419B1 (en) Guarding apparatus and method for system
CN112115477B (en) Kernel repairing method and device, electronic equipment and storage medium
CN117494232B (en) Method, device, system, storage medium and electronic equipment for executing firmware
CN111158771A (en) Processing method and device and computer equipment
CN112054895A (en) Trusted root construction method and application
CN118427147B (en) Secure starting method of server motherboard based on eISPI and related equipment
CN113868700B (en) BIOS mirror image offline signature method, system, terminal and storage medium
US11797682B2 (en) Pre-OS resiliency
US20230094673A1 (en) Information handling systems and related methods to prevent tampering and verify the integrity of non-volatile data stored within non-volatile memory
CN116185859A (en) Method, system, terminal and storage medium for testing secure boot function
CN111382433B (en) Module loading method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant