[go: up one dir, main page]

CN115168837A - Software operation control method, microprocessor, computer device and storage medium - Google Patents

Software operation control method, microprocessor, computer device and storage medium Download PDF

Info

Publication number
CN115168837A
CN115168837A CN202211057415.3A CN202211057415A CN115168837A CN 115168837 A CN115168837 A CN 115168837A CN 202211057415 A CN202211057415 A CN 202211057415A CN 115168837 A CN115168837 A CN 115168837A
Authority
CN
China
Prior art keywords
execution environment
software
memory space
storage address
target software
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211057415.3A
Other languages
Chinese (zh)
Other versions
CN115168837B (en
Inventor
张博锋
邓强
旷小红
顾剑
刘勇鹏
李信德
王培�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Phytium Technology Co Ltd
Original Assignee
Phytium Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phytium Technology Co Ltd filed Critical Phytium Technology Co Ltd
Priority to CN202211057415.3A priority Critical patent/CN115168837B/en
Publication of CN115168837A publication Critical patent/CN115168837A/en
Application granted granted Critical
Publication of CN115168837B publication Critical patent/CN115168837B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a software operation control method, a microprocessor, computer equipment and a storage medium, wherein the microprocessor is loaded with a first execution environment and a second execution environment, and the security level of the first execution environment is higher than that of the second execution environment; the microprocessor comprises a control unit and a first memory space, and the software operation control method comprises the following operations executed by the control unit: when target software running in a first execution environment is started, acquiring data required by running the target software from an image file of the target software; the mapping file of the target software is stored in a first storage address in a first memory space, the first storage address of the first memory space is lower than a second storage address, and the second storage address is a default loading address when the mapping file of the software running in the first execution environment is loaded into the first memory space. By adopting the scheme, the memory space of the software running in the first execution environment can be enlarged.

Description

Software operation control method, microprocessor, computer device and storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a software operation control method, a microprocessor, a computer device, and a computer-readable storage medium.
Background
Setting an execution environment with a higher security level in a computer system, and dividing hardware resources of the computer system are common schemes for ensuring data security of the computer system.
For the memory resource, part of the memory space in the memory is allocated to the execution environment with higher security level for exclusive use. Before starting and running the software running in the execution environment with higher security level, loading the image file of the software to the memory space which is exclusively shared by the execution environment with higher security level, and then reading the data required by running the software from the image file when the software is started.
However, as the variety and functions of software applications become more abundant, these memory spaces have not been able to satisfy the memory requirements of software running in the execution environment with higher security level.
Disclosure of Invention
Based on the above technical current situation, the present application provides a software operation control method, a microprocessor, a computer device, and a computer readable storage medium, which can expand the available memory space of an execution environment with a higher security level, thereby meeting the requirement of software running in the execution environment with a higher security level on the memory.
The first aspect of the present application proposes a software operation control method, which is applied to a microprocessor, where the microprocessor is loaded with a first execution environment and a second execution environment, and a security level of the first execution environment is higher than a security level of the second execution environment; the microprocessor comprises a control unit and a first memory space, and the software operation control method comprises the following operations executed by the control unit: when target software running in a first execution environment is started, acquiring data required by running the target software from an image file of the target software; the mapping file of the target software is stored in a first storage address in a first memory space, the first storage address is a storage address obtained by changing a second storage address according to a preset address, the first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address is a default loading address when the mapping file of any software running in the first execution environment is loaded into the first memory space.
A second aspect of the present application provides a microprocessor, where the microprocessor is loaded with a first execution environment and a second execution environment, and a security level of the first execution environment is higher than a security level of the second execution environment; the microprocessor comprises a control unit and a first memory space, wherein the control unit is used for: when target software running in a first execution environment is started, acquiring data required by running the target software from an image file of the target software; the mapping file of the target software is stored in a first storage address in a first memory space, the first storage address is a storage address obtained by changing a second storage address according to a preset address, the first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address is a default loading address when the mapping file of any software running in the first execution environment is loaded into the first memory space.
The third aspect of the present application provides another microprocessor, where the microprocessor is loaded with a first execution environment and a second execution environment, and a security level of the first execution environment is higher than a security level of the second execution environment; the microprocessor comprises a control unit and a first memory space; the first memory space is at least used for storing an image file of any software running in the first execution environment; the control unit is used for executing the software running control method.
A fourth aspect of the present application provides a computer device, comprising the above microprocessor.
A fifth aspect of the present application provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the software operation control method is implemented.
According to any one of the first aspect to the fifth aspect, after the image file of the target software running in the first execution environment is loaded to the default load address in the first memory space, the storage address of the image file of the target software is updated to the first storage address lower than the default load address. On this basis, when the target software running in the first execution environment is started, the microprocessor acquires data required for running the target software from the image file of the target software stored in the first storage address of the first memory space, so that the memory space actually accessed by the target software during running is the memory space above the first storage address in the first memory space, namely the memory space larger than the memory space above the default loading address. Therefore, the above-mentioned solution provided in the present application enables the software running in the first execution environment to access a larger memory space, so that the requirement of the software running in the first execution environment for the memory space can be satisfied.
In one implementation, acquiring data required for running the target software from an image file of the target software includes: and addressing by taking the first storage address of the first memory space as a base address to acquire data required by running the target software. In this way, the first storage address of the first memory space is set as the base address of the data required by the control unit to operate the target software from the first memory space, so that the control unit can acquire the data required by operating the target software from the image file of the target software according to a conventional addressing mode of the base address + the offset without changing an existing data acquisition mode.
In one implementation, the software operation control method further includes: and migrating the image file of the target software loaded to the second storage address of the first memory space to the first storage address of the first memory space. Through the processing, the control unit performs storage location migration on the image file of the target software running in the first execution environment, so that when the control unit accesses the image file of the target software, a larger memory space can be accessed. Meanwhile, the control unit executes the migration of the mapping file, which is beneficial to the control unit to realize the overall control of the software operation, namely, the control unit can determine the target address of the migration of the mapping file under the allowable condition, so that the memory can be expanded more flexibly.
In one implementation manner, the image file of the target software carries a file migration instruction, where the file migration instruction indicates the preset address change, so as to migrate the image file of the target software to the first storage address of the first memory space according to the preset address change. According to the mode, the file migration instruction is directly embedded into the image file of the target software, so that the control unit does not need to separately memorize which image files of the software need to be migrated, or memorize when the image file migration is carried out, and does not need to separately configure a file migration program at the control unit, and the control unit can realize file migration by executing the file migration instruction in the image file of the target software when the target software is started, so that the real-time performance and the mobility of file migration are improved.
In one implementation, the file migration instruction is a boot instruction added to the start position of an image file of the target software when the target software is compiled into the image file of the target software. According to the mode, the file migration instruction is added to the initial position of the mapping file of the target software in a boot instruction mode, so that the file migration instruction can be executed by the microprocessor at the first moment of accessing the mapping file of the target software, the migration of the mapping file is realized, and the smooth execution of the subsequent data acquisition action is ensured.
In one implementation, the first execution environment comprises a trusted execution environment and the second execution environment comprises a normal execution environment. According to the method, the software running control method provided by the application is implemented in the trusted execution environment, so that the software running in the trusted execution environment can have a larger memory space, more software can run in the trusted execution environment, and the running smoothness of the software running in the trusted execution environment is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic diagram of memory space division according to an embodiment of the present application.
Fig. 2 is a schematic structural diagram of a microprocessor according to an embodiment of the present disclosure.
Fig. 3 is a schematic diagram of a computer system architecture according to an embodiment of the present application.
Fig. 4 is a schematic flowchart of a software operation control method according to an embodiment of the present application.
Fig. 5 is a schematic diagram illustrating a storage location of an image file of target software in a first memory space according to an embodiment of the present application.
Fig. 6 is a schematic flowchart of another software operation control method according to an embodiment of the present application.
Fig. 7 is a schematic view illustrating loading of a TEE software image file according to an embodiment of the present application.
Fig. 8 is a schematic view illustrating loading of another TEE software image file according to an embodiment of the present application.
Fig. 9 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Summary of the application
Setting an execution environment with a higher security level in a computer system, and dividing hardware resources of the computer system are common schemes for ensuring data security of the computer system. For example, the Execution Environment of the computer system is divided into a Trusted Execution Environment (TEE) and a Rich Execution Environment (REE).
Here, the REE may operate based on a general region of a System On Chip (SOC), for example, may operate a general operating System, a general program, and store general data.
The TEE is an execution environment with a higher security level relative to the REE, and can perform data communication, data processing, data storage and the like in a hardware environment completely isolated from the REE based on a security area of the SOC, ensure the security of data and data processing processes in the TEE, and provide security services for the REE.
Before the software runs, the software code is compiled into a software image file and stored in the non-volatile memory, and then the software image file is loaded from the non-volatile memory into a system memory (e.g., a first memory space in the present application). When the software runs, instructions and data are read from the image file of the software by accessing the memory so as to realize the running of the software.
Based on the above technical ideas, in order to ensure the security of the execution environment with a higher security level, it is necessary to isolate the execution environment with a higher security level from the execution environment with a general security level. For memory resources, it is necessary to set an exclusive memory space for the execution environment with higher security level. This portion of memory space is accessible only by software running in the higher security level execution environment and not by software running in the general security level execution environment.
Referring to fig. 1, the R1 portion of the memory space in the memory is set to only allow the software running in the TEE to access, but not to allow the software running in the REE to access. And meanwhile, a default loading address is set in the R1 memory space, the mapping file of the software running in the TEE is loaded to the default loading address of the R1 memory space before the software is started, and after the software is started, instructions and data are read from the mapping file stored at the default loading address of the R1, so that the software runs.
The default loading address is established in the system, and the memory space is divided for the TEE and cannot be changed any more, and any software running in the TEE must be loaded into the memory through the default loading address when running.
Meanwhile, the software is addressed in a mode of base address + offset when running, and the offsets are upward offsets, so that the software can only access the memory space above the base address. And the base address is the starting address of the software image file. Therefore, the memory space that can be accessed by the software running in the TEE is the memory space above the default load address in the R1 memory space shown in fig. 1. Even if the memory space dedicated to the TEE has a lower first address (as indicated by the dashed line in fig. 1) than the default load address, the memory space accessible by software in the TEE cannot be expanded.
However, as the variety and functions of software applications become more abundant, these memory spaces have not been able to satisfy the memory requirements of software running in the execution environment with higher security level. Even if a larger memory space is allocated to an execution environment with a higher security level, the memory space that can be accessed by the software running in the execution environment is only the memory space above the default load address.
In view of the above technical current situation, the present application provides a new technical solution, which implements improvement of a software running process running in the execution environment with a higher security level, so that the software running in the execution environment with a higher security level can access a larger memory space, thereby meeting the requirement of the software running in the execution environment with a higher security level on the memory space, and enabling the execution environment with a higher security level to support operation and execution of more software and more functions.
Exemplary implementation Environment
Referring to fig. 2, fig. 2 is a schematic diagram of a hardware implementation environment to which the present invention is applied.
The technical solution of the present embodiment is applicable to the microprocessor 100 shown in fig. 2, where the microprocessor 100 includes a control unit 101 and a first memory space 102. The microprocessor 100 is loaded with a first execution environment 200 and a second execution environment 210.
Microprocessor 100 may be, for example, a system on a chip (SOC) or a portion thereof, or another system or portion thereof capable of performing logic operations and data processing. It is understood that, in practical applications, the microprocessor 100 may also include more other modules or structures, and that the main structural units in the microprocessor 100 are mainly shown and described in the embodiment of the present application.
The microprocessor 100 is provided with the first execution environment 200 and the second execution environment 210, and may be provided with more execution environments, for example, a third execution environment, a fourth execution environment, and the like. The security levels of these execution environments differ. For example, the first execution environment 200 and the second execution environment 210 are used, and the security level of the first execution environment 200 is higher than that of the second execution environment 210. For example, the first execution environment 200 is a TEE and the second execution environment 210 is a REE.
The first execution environment 200 and the second execution environment 210 are isolated from each other, and the first execution environment 200 may receive a first type of request, run software or a program capable of responding to the first type of request; the second execution environment 210 may receive the second type of request, run software or programs that can respond to the second type of request. Wherein the first type of request has higher requirement on data security than the second type of request. Therefore, processing and operation which have higher requirements on data security can be executed in independent execution environments, and data security can be ensured.
In the conventional scheme, execution Level (EL) EL0-EL 3 is used to determine the operation Level of the processor, wherein the EL0-EL2 levels are divided into Secure world (Secure world) and Normal world (Normal world), as shown in fig. 3. The security level of the secure world is higher than that of the normal world, that is, the secure world corresponds to the first execution environment 200, and the normal world corresponds to the second execution environment 210.
EL0 is user mode, and the application program is operated;
EL1 is an operating system Kernel mode (OS Kernel mode), runs an operating system, and is divided into a general operating system (Guest OS) (with the grade of EL 1) running in a normal world and a trusted operating system (Trust OS) (with the grade of S-EL 1) running in a secure world;
EL2 is a virtual machine monitor mode, and a virtual machine is operated;
EL3 is a security monitoring mode secure monitor, which is responsible for switching between the secure world and the normal world of the processor.
In order to ensure the memory requirements and memory security of the first execution environment 200, the present embodiment provides the first memory space 102 in the microprocessor 100 to be shared by the first execution environment 200. The first memory space 102 may be a part of a specific memory space defined by a specific first address and a specific last address in a memory, such as an R1 memory space divided from a complete memory as shown in fig. 1, or may be a separately configured complete memory, such as a DDR specially allocated to the first execution environment 200. In order to be able to meet the memory requirements of the software in the first execution environment 200, the first memory space may be configured to be a larger value or a maximum value within an allowable range, subject to not affecting the memory requirements of other execution environments, or determined by negotiating with other execution environments to divide the memory space.
In addition, microprocessor 100 may include additional memory or memory space for use by other execution environments. For example, the memory space other than R1 in fig. 1, or other separately configured memories may be shared or shared by software in other execution environments.
The control unit 101 is mainly used for accessing a memory and reading and writing data. Specifically, whether the software is executed in the first execution environment 200 or the software is executed in the second execution environment 210, when there is a need to access the memory, the control unit 101 needs to access the memory.
In the embodiment of the present application, a processing procedure of the control unit 101 accessing the memory when the software running in the first execution environment 200 is running is mainly described. When software in other execution environments is running, the memory access process performed by the control unit 101 may also be executed by referring to the description of the embodiments of the present application.
Exemplary method
The embodiment of the present application proposes a software operation control method, which is applicable to the microprocessor 100 shown in fig. 2 and is executed by the control unit 101 in the microprocessor 100 shown in fig. 2.
Referring to fig. 4, the method includes:
s101, judging whether target software running in a first execution environment is started or not;
when the target software running in the first execution environment is started, step S102 is executed to obtain data required for running the target software from the image file of the target software.
The target software is started, and any one or more software running in the first execution environment is started, or one or more software functions in any one or more software running in the first execution environment are started. For example, the payment software is activated, or a part of the functions in the payment software, such as encryption and decryption functions, is activated or triggered.
Before the target software running in the first execution environment is started, the image file of the target software is loaded to the first memory space special for the first execution environment in advance. Therefore, when the target software running in the first execution environment is started, the control unit 101 acquires data required for running the target software from the image file of the target software stored in the first memory space.
In an embodiment of the present application, the image file of the target software is stored at a first storage address of the first memory space. The first storage address is obtained by changing the second storage address according to a preset address.
The first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address of the first memory space is a default loading address when the image file of any software running in the first execution environment is loaded into the first memory space.
The preset address change refers to a preset rule for adjusting the storage address of the image file of the target software.
As shown in fig. 1, the memory space indicated by R1 is used as the first memory space, where the default load address is the second storage address of the first memory space. According to the conventional system software operation rule, when an image file of any software operating in the first execution environment is loaded to the first memory space, the image file must be loaded to the default loading address of the first memory space, that is, to the second storage address of the first memory space. When any piece of software running in the first execution environment is started, the control unit 101 obtains data required for running the software from the image file stored at the second storage address of the first memory space, so as to implement running of the software.
In the embodiment of the present application, after the image file of the target software is loaded to the second storage address of the first memory space, the storage address of the image file of the target software is adjusted according to the preset address change, the storage address of the image file of the target software is adjusted to a storage address lower than the second storage address, and the adjusted storage address of the image file of the target software is used as the first storage address. Therefore, in the embodiment of the present application, the image file of the target software is finally stored at the first storage address of the first memory space.
Then, according to the software operation control method provided in this embodiment of the application, when the target software running in the first execution environment is started, the control unit 101 obtains data required for running the target software from the image file of the target software stored at the first storage address of the first memory space, and processes the obtained data, that is, implements the running of the target software on the microprocessor 100.
As can be appreciated with reference to fig. 5, the first memory address in the first memory space is a lower memory address than the default load address of the first memory space. When the microprocessor 100 starts to run the target software, the control unit 101 obtains data required for running the target software from the image file of the target software stored at the first storage address of the first memory space, so that the memory space accessed by the target software during running is the memory space in the first memory space above the first storage address. Compared with the method for storing the image file of the target software to the first storage address of the first memory space, the technical scheme of the embodiment of the application can enable the control unit 101 to access a larger memory space, that is, enable the software running in the first execution environment to access the larger memory space during running, thereby further improving the running smoothness of the software running in the first execution environment, meeting the requirement of the software running in the first execution environment on the memory, and being beneficial to enabling the limited memory space to support more software and software functions.
In some embodiments, the first storage address of the first memory space may be any storage address lower than the first memory space, that is, any storage address located below the second storage address of the first memory space. It can be understood that, after the image file of any software running in the first execution environment is loaded to the second storage address of the first memory space, the storage address of the image file of the software is adjusted according to the change of the preset address, and the storage address is adjusted to the first storage address of the first memory space, that is, to a lower storage address, so that when the software runs, the microprocessor 100 can access a more accessible memory space, thereby making the software run more smoothly, and at the same time, the first memory space can support the running of more software and more functions.
In a preferred embodiment, the first storage address of the first memory space may be the lowest storage address of the first memory space. In this embodiment, when the microprocessor 100 runs any software in the first execution environment 200, it can access all of the first memory space, so as to maximize the accessible memory space, avoid memory space waste, and improve the utilization rate of memory resources.
In some embodiments, the first Execution Environment 200 may be a Trusted Execution Environment (TEE), or may be an Execution Environment with a higher security level, such as a Secure Element (SE) subsystem Environment; the second Execution Environment 210 may be a normal Execution Environment (REE) (which may also be referred to as a Rich Execution Environment).
Typically, most computer software may run in a common execution environment, while only a relatively small amount of software needs to run in an execution environment with a higher security level. Therefore, in the conventional memory partitioning method, most of the memory is partitioned into the second execution environment, and a small part of the memory is partitioned into the first execution environment. However, with the development of the internet, computer technology and artificial intelligence, more and more software or software functions relate to user privacy or data security, and therefore, the software or software functions need to be operated in a more secure execution environment, so that the demand of the first execution environment for the memory is higher and higher, and the available memory of the first execution environment becomes more strained. Therefore, the software operation control method provided by the embodiment of the application mainly aims at software in the first execution environment.
In some embodiments, the control unit 101 obtains data required for running the target software from the image file of the target software, and the data obtaining may be performed in an addressing manner.
Specifically, inside the computer system, the software is addressed in a base address + offset manner during running, which is also a rule that is required to ensure that the computer system is normally operated. Therefore, when the microprocessor 100 starts the target software, the control unit 101 acquires data required for operating the target software from the image file of the target software by using the base address + offset method.
Since the image file of the target software is stored at the first storage address of the first memory space, the control unit 101 addresses upward with the first storage address of the first memory space as a base address, accesses the image file of the target software, and obtains data required for operating the target software therefrom.
In some embodiments, the control unit 101 of the microprocessor 100 further migrates the image file of the target software loaded to the second storage address of the first memory space to the first storage address of the first memory space before acquiring the data required for operating the target software from the image file of the target software.
As an alternative implementation, referring to fig. 6, when the target software running in the first execution environment is started, the control unit 101 first performs step 202, and migrates the image file of the target software loaded to the second storage address of the first memory space to the first storage address of the first memory space. On this basis, step S203 is executed again to acquire data required for operating the target software from the image file of the target software.
For example, after the image file of the target software is loaded to the second storage address of the first memory space, the control unit 101 performs storage location migration on the entire image file of the target software, and migrates it to the first storage address of the first memory space. For example, the control unit 101 executes a file migration program to migrate the image file of the target software from the second storage address of the first memory space to the first storage address of the first memory space.
It should be noted that, in the embodiments of the present application, the image file of the software is stored in the first storage address or the second storage address of the first memory space, specifically, the storage location of the software in the first memory space is defined, and the first storage address or the second storage address of the first memory space is used as a starting address. For example, assuming that the image file of the target software is 10M in size, the image file of the target software is stored in the first memory address or the second memory address of the first memory space, and actually the image file of the target software is stored in the 10M memory space with the first memory address or the second memory address of the first memory space as the starting address.
For example, as shown in fig. 7, after the TEE software is compiled to generate a TEE software image file, the TEE software image file is first programmed into spi Flash, and then the TEE software image file in the spi Flash is loaded to the second storage address 0xFC000000 of the DDR memory (first memory space).
When the TEE software is started, the control unit 101 transfers the TEE software mapping file stored in the second memory address 0xFC000000 in the DDR memory to the first memory address 0xF0000000, and the memory address of the TEE software mapping file in the DDR memory is changed from 0xFC000000 to 0xF0000000. The control unit 101 obtains data required for running the TEE software from a TEE software image file stored at 0xF0000000 of the DDR memory. It can be seen that the DDR memory space actually accessed by the control unit 101 is a memory space above 0xF0000000, which is increased by 192M compared to a memory space above 0xFC000000.
It should be noted that the first memory address in the example shown in fig. 7 may also be a memory address lower than 0xF0000000, but is not limited to 0xF0000000. The first storage address may theoretically be any storage address in the memory space allocated to the TEE, and the address range of the memory space allocated to the TEE in all memory resources of the computer system may be determined according to the memory requirements of the TEE and other execution environments.
Steps S201 and S203 in the embodiment shown in fig. 6 correspond to steps S101, S102, respectively, in the embodiment shown in fig. 4. For the specific processing contents of the above steps S201 and S203, reference may be made to the corresponding contents in the embodiment shown in fig. 4.
In some embodiments, when the target software running in the first execution environment is compiled, a file migration instruction is added to an image file of the target software, so that the image file of the target software obtained by final compilation carries the file migration instruction.
The file migration instruction indicates the preset address change, so that the mapping file of the target software is migrated to the first storage address of the first memory space according to the preset address change.
That is, when the file migration instruction is executed, the image file of the target software can be migrated from the second storage address of the first memory space to the first storage address of the first memory space according to the preset address change.
The file migration instruction may be any type of computer instruction in any form that can be executed by the control unit 101 in the microprocessor 100.
In some embodiments, the file migration instruction described above is set to have a distinct identification, stored at a particular storage address, or configured to be executed or fetched preferentially. In this way, when the control unit 101 accesses the image file of the target software, the file migration instruction can be acquired and executed more quickly and accurately, or the file migration instruction can be acquired and executed at the first time when the image file of the target software is accessed, so that the image file of the target software is migrated.
In some embodiments, the file migration instruction may be in the form of a boot instruction. When the target software running in the first execution environment is compiled, a boot instruction used for migrating the image file of the target software to a first storage address of a first memory space according to preset address change is added at the initial position of the image file of the target software obtained by compiling.
Referring to fig. 8, the start position of the TEE software image file obtained by compiling the TEE software is a boot instruction. After the TEE software image file is loaded to the second memory address 0xFC000000 of the DDR memory, when the TEE software is started, the boot instruction of the start position of the TEE software image file is executed first, and the TEE software image file can be entirely migrated to the address 0xF0000000 of the DDR memory by executing the boot instruction. Then, the control unit 101 acquires data required to run the TEE software from the TEE software image file at the address 0xF0000000.
It should be noted that, since the boot instruction needs to occupy a certain storage space and is set at the start position of the TEE software image file, it is known that the boot instruction actually starts from the end position of the boot instruction in the TEE software image file shown in fig. 8, and is the actual image file storage position of the TEE software image file.
Therefore, after the migration of the TEE software hardware file is realized through the boot instruction, when the control unit 101 acquires data required for running the TEE software from the TEE software image file, the boot instruction at the head of the TEE software image file can be skipped directly.
For example, assuming that the size of the boot instruction is 34 bytes in the scenario shown in fig. 8, when the control unit 101 acquires data required to run the TEE software from the TEE software image file stored at the address of 0xF0000000, the data required to run the TEE software is acquired by addressing up with 0xF0000034 as the base address.
Exemplary devices
Corresponding to the software operation control method, an embodiment of the present application further provides a microprocessor, as shown in fig. 2, where the microprocessor 100 is loaded with a first execution environment 200 and a second execution environment 210, and a security level of the first execution environment 200 is higher than a security level of the second execution environment 210; the microprocessor comprises a control unit 101 and a first memory space 102, the control unit 101 being configured to:
when target software running in a first execution environment is started, acquiring data required by running the target software from an image file of the target software;
the mapping file of the target software is stored in a first storage address in a first memory space, the first storage address is obtained by changing a second storage address according to a preset address, the first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address is a default loading address when the mapping file of any software running in the first execution environment is loaded into the first memory space.
In another embodiment of the present application, another microprocessor is also provided, and as also shown in fig. 2, the microprocessor is loaded with a first execution environment 200 and a second execution environment 210, where a security level of the first execution environment 200 is higher than a security level of the second execution environment 210; the microprocessor comprises a control unit 101 and a first memory space 102;
the first memory space 102 is at least used for storing an image file of any software running in the first execution environment;
the control unit 101 is configured to execute the software operation control method described in any of the above embodiments.
In the microprocessor, after the image file of the target software running in the first execution environment is loaded to the default load address in the first memory space, the image file is migrated to the first storage address lower than the default load address. On this basis, when the target software running in the first execution environment is started, the control unit 101 obtains data required for running the target software from the image file of the target software stored at the first storage address of the first memory space, in this process, the memory space that can be actually accessed by the target software is the memory space in the first memory space that is above the first storage address, and compared with the memory space that is above the default loading address, the software running control method provided by the present application can enable the software running in the first execution environment to access a larger memory space, so that the requirement of the software running in the first execution environment on the memory space can be satisfied.
In some embodiments of the microprocessor, the control unit 101 is configured to, when acquiring data required for operating the target software from the image file of the target software, perform addressing using the first storage address of the first memory space as a base address to acquire the data required for operating the target software. In this way, the first storage address of the first memory space is set as the base address of the data required by the control unit 101 to operate the target software from the first memory space, so that the control unit 101 can acquire the data required to operate the target software from the image file of the target software by executing a conventional addressing manner of base address + offset.
In some embodiments of the microprocessor, the control unit 101 is further configured to migrate the image file of the target software loaded to the second storage address of the first memory space to the first storage address of the first memory space. Through this processing, the control unit 101 performs storage location migration on the image file of the target software running in the first execution environment, so that when the control unit 101 accesses the image file of the target software, a larger memory space can be accessed.
In some embodiments of the microprocessor, the image file of the target software carries a file migration instruction, where the file migration instruction indicates the preset address change, so as to migrate the image file of the target software to the first storage address of the first memory space according to the preset address change. According to the mode, the file migration instruction is directly embedded into the image file of the target software, so that the control unit does not need to separately memorize which image files of the software need to be migrated, or memorize when the image files are migrated, or a file migration program is not separately configured in the control unit, and the control unit can realize file migration by executing the file migration instruction in the image file of the target software when the target software is started, thereby improving the real-time property and the mobility of file migration.
In some embodiments of the microprocessor, the file migration instruction is a boot instruction added to a start position of an image file of the target software when the target software is compiled into the image file of the target software. According to the mode, the file migration instruction is added to the initial position of the mapping file of the target software in a boot instruction mode, so that the microprocessor can execute the file migration instruction at the first moment of accessing the mapping file of the target software, migration of the mapping file is realized, and smooth execution of subsequent data acquisition action is guaranteed.
In some embodiments of the microprocessor, the first execution environment comprises a trusted execution environment and the second execution environment comprises a normal execution environment. According to the method, the software running control method provided by the application is implemented in the trusted execution environment, so that the software running in the trusted execution environment can have a larger memory space, more software can run in the trusted execution environment, and the running smoothness of the software running in the trusted execution environment is improved.
The microprocessor provided in this embodiment belongs to the same application concept as the software operation control method provided in the foregoing embodiments of the present application, can execute the software operation control method provided in any of the foregoing embodiments of the present application, and has functional modules and beneficial effects corresponding to the execution method. For details of the software operation control method provided in the foregoing embodiments of the present application, reference may be made to specific processing contents of the software operation control method provided in the foregoing embodiments, and details are not described herein again.
Exemplary electronic device
Another embodiment of the present application further provides a computer device, which includes one or more microprocessors described in any of the above embodiments.
Referring to fig. 9, the computer apparatus includes:
one or more memories 200 and one or more microprocessors 210;
wherein, the memory 200 is connected with the microprocessor 210 for storing programs;
the microprocessor 210 is configured to implement the software operation control method disclosed in any of the above embodiments by executing the program stored in the memory 200.
In some embodiments, the computer device may further include: a bus, a communication interface 220, an input device 230, and an output device 240.
The microprocessor 210, the memory 200, the communication interface 220, the input device 230, and the output device 240 are connected to each other through a bus. Wherein:
a bus may comprise a pathway that transfers information between various components of a computer device.
The microprocessor 210 may be a general-purpose processor, such as a general-purpose Central Processing Unit (CPU), etc., an application-specific integrated circuit (ASIC), or one or more ics for controlling the execution of programs according to the present invention. But may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components.
The microprocessor 210 may also include a main processor, and may also include a baseband chip, modem, and the like.
The memory 200 stores programs for executing the technical solution of the present invention, and may also store an operating system and other key services. In particular, the program may include program code including computer operating instructions. More specifically, memory 200 may include a read-only memory (ROM), another type of static storage device that may store static information and instructions, a Random Access Memory (RAM), another type of dynamic storage device that may store information and instructions, a magnetic disk storage, a flash, and so forth.
The input device 230 may include a means for receiving data and information input by a user, such as a keyboard, mouse, camera, scanner, light pen, voice input device, touch screen, pedometer, or gravity sensor, among others.
Output device 240 may include equipment that allows output of information to a user, such as a display screen, printer, speakers, etc.
Communication interface 220 may include any device that uses any transceiver or the like to communicate with other devices or communication networks, such as an ethernet network, a Radio Access Network (RAN), a Wireless Local Area Network (WLAN), etc.
The microprocessor 210 executes the program stored in the memory 200 and calls other devices, which can be used to implement the steps of any one of the software operation control methods provided in the above embodiments of the present application.
Exemplary computer program product and storage Medium
In addition to the methods and apparatus described above, embodiments of the present application may also be a computer program product comprising computer program instructions that, when executed by a processor, cause the processor to perform the steps in the software execution control method described in the "exemplary methods" section of this specification above.
The computer program product may be written with program code for performing the operations of embodiments of the present application in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, the embodiments of the present application may also be a computer-readable storage medium on which a computer program is stored, the computer program, when executed by a processor, implementing the steps in any one of the software operation control methods described in the above section of "exemplary methods" of this specification.
While, for purposes of simplicity of explanation, the foregoing method embodiments have been described as a series of acts or combination of acts, it will be appreciated by those skilled in the art that the present application is not limited by the order of acts or acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the application. Further, those skilled in the art will recognize that the embodiments described in this specification are preferred embodiments and that acts or modules referred to are not necessarily required for this application.
It should be noted that, in this specification, each embodiment is described in a progressive manner, and each embodiment focuses on differences from other embodiments, and portions that are the same as and similar to each other in each embodiment may be referred to. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The steps in the methods of the embodiments of the present application may be sequentially adjusted, combined, and deleted according to actual needs, and technical features described in the embodiments may be replaced or combined.
The modules and sub-modules in the device and the terminal in the embodiments of the application can be combined, divided and deleted according to actual needs.
In the several embodiments provided in the present application, it should be understood that the disclosed terminal, apparatus and method may be implemented in other manners. For example, the above-described terminal embodiments are merely illustrative, and for example, the division of a module or a sub-module is only one logical function division, and other division manners may be available in actual implementation, for example, a plurality of sub-modules or modules may be combined or integrated into another module, or some features may be omitted, or not executed. In addition, the shown or discussed coupling or direct coupling or communication connection between each other may be through some interfaces, indirect coupling or communication connection between devices or modules, and may be in an electrical, mechanical or other form.
The modules or sub-modules described as separate components may or may not be physically separate, and the components described as modules or sub-modules may or may not be physical modules or sub-modules, may be located in one place, or may be distributed on a plurality of network modules or sub-modules. Some or all of the modules or sub-modules can be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, each functional module or sub-module in the embodiments of the present application may be integrated into one processing module, or each module or sub-module may exist alone physically, or two or more modules or sub-modules may be integrated into one module. The integrated modules or sub-modules can be implemented in the form of hardware, and can also be implemented in the form of software functional modules or sub-modules.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the technical solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software unit executed by a processor, or in a combination of the two. The software cells may be located in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. The software operation control method is characterized by being applied to a microprocessor, wherein the microprocessor is provided with a first execution environment and a second execution environment, and the security level of the first execution environment is higher than that of the second execution environment; the microprocessor comprises a control unit and a first memory space, and the software operation control method comprises the following operations executed by the control unit:
when target software running in the first execution environment is started, acquiring data required by running the target software from an image file of the target software;
the mapping file of the target software is stored in a first storage address in the first memory space, the first storage address is a storage address obtained by changing a second storage address according to a preset address, the first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address is a default loading address when the mapping file of any software running in the first execution environment is loaded into the first memory space.
2. The method of claim 1, wherein obtaining data required to run the target software from the image file of the target software comprises:
and addressing by taking the first storage address of the first memory space as a base address to acquire data required by running the target software.
3. The method of claim 1, further comprising:
and migrating the image file of the target software loaded to the second storage address of the first memory space to the first storage address of the first memory space.
4. The method according to any one of claims 1 to 3, wherein the image file of the target software carries a file migration instruction, and the file migration instruction indicates the preset address change, so as to migrate the image file of the target software to the first storage address of the first memory space according to the preset address change.
5. The method according to claim 4, wherein the file migration instruction is a boot instruction added to a start position of an image file of the target software when the target software is compiled into the image file of the target software.
6. The method of claim 1, wherein the first execution environment comprises a trusted execution environment and the second execution environment comprises a normal execution environment.
7. A microprocessor is provided with a first execution environment and a second execution environment, wherein the security level of the first execution environment is higher than that of the second execution environment; the microprocessor comprises a control unit and a first memory space, wherein the control unit is used for:
when target software running in the first execution environment is started, acquiring data required by running the target software from an image file of the target software;
the mapping file of the target software is stored in a first storage address in the first memory space, the first storage address is a storage address obtained by changing a second storage address according to a preset address, the first storage address of the first memory space is lower than the second storage address of the first memory space, and the second storage address is a default loading address when the mapping file of any software running in the first execution environment is loaded into the first memory space.
8. A microprocessor is characterized in that the microprocessor is provided with a first execution environment and a second execution environment, wherein the security level of the first execution environment is higher than that of the second execution environment; the microprocessor comprises a control unit and a first memory space;
the first memory space is at least used for storing an image file of any software running in the first execution environment;
the control unit is configured to execute the software operation control method according to any one of claims 1 to 6.
9. A computer device comprising the microprocessor of claim 8.
10. A computer-readable storage medium, characterized in that a computer program is stored thereon, which, when being executed by a processor, implements the software operation control method according to any one of claims 1 to 6.
CN202211057415.3A 2022-08-30 2022-08-30 Software operation control method, microprocessor, computer device and storage medium Active CN115168837B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211057415.3A CN115168837B (en) 2022-08-30 2022-08-30 Software operation control method, microprocessor, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211057415.3A CN115168837B (en) 2022-08-30 2022-08-30 Software operation control method, microprocessor, computer device and storage medium

Publications (2)

Publication Number Publication Date
CN115168837A true CN115168837A (en) 2022-10-11
CN115168837B CN115168837B (en) 2023-01-10

Family

ID=83481219

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211057415.3A Active CN115168837B (en) 2022-08-30 2022-08-30 Software operation control method, microprocessor, computer device and storage medium

Country Status (1)

Country Link
CN (1) CN115168837B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102135908A (en) * 2010-01-25 2011-07-27 研祥智能科技股份有限公司 Method, device and computer system for switching operating system
US20130124675A1 (en) * 2011-11-10 2013-05-16 Sang-dok MO Apparatus and method for software migration in mobile environment
CN107621927A (en) * 2017-09-29 2018-01-23 南京宏海科技有限公司 A kind of Longitudinal Extension method and its device based on super emerging system
CN113282239A (en) * 2021-05-21 2021-08-20 维沃移动通信有限公司 Data migration method, memory and controller
CN113641413A (en) * 2021-08-25 2021-11-12 Oppo广东移动通信有限公司 Target model loading and updating method and apparatus, readable medium and electronic device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102135908A (en) * 2010-01-25 2011-07-27 研祥智能科技股份有限公司 Method, device and computer system for switching operating system
US20130124675A1 (en) * 2011-11-10 2013-05-16 Sang-dok MO Apparatus and method for software migration in mobile environment
CN107621927A (en) * 2017-09-29 2018-01-23 南京宏海科技有限公司 A kind of Longitudinal Extension method and its device based on super emerging system
CN113282239A (en) * 2021-05-21 2021-08-20 维沃移动通信有限公司 Data migration method, memory and controller
CN113641413A (en) * 2021-08-25 2021-11-12 Oppo广东移动通信有限公司 Target model loading and updating method and apparatus, readable medium and electronic device

Also Published As

Publication number Publication date
CN115168837B (en) 2023-01-10

Similar Documents

Publication Publication Date Title
US12007906B2 (en) Method and apparatus for first operating system to access resource of second operating system
US10423435B1 (en) Page swapping in virtual machine environment
US7082509B2 (en) Method and system for allocating memory during system boot to reduce operating system memory resource consumption at run-time
US7797507B2 (en) Virtual machine system and operating method thereof
JP6258940B2 (en) Layout and execution of software applications using BPRAM
US20120036334A1 (en) Access to shared memory segments by multiple application processes
CN104583948A (en) Use BPRAM to place and execute the operating system
US11994988B2 (en) Multi-ring shared, traversable, and dynamic advanced database
CN112925718A (en) Call stack backtracking method, device, equipment and medium
US11604656B2 (en) Method and apparatus for managing application
CN104750623B (en) A kind of method and device of internal memory virtualization
US20170277632A1 (en) Virtual computer system control method and virtual computer system
CN110286996A (en) Container instance IP switching method, device, computer equipment and storage medium
CN115952017A (en) Memory processing method, device, equipment and medium
US7395400B2 (en) Adaptive address space operating system
CN115168837B (en) Software operation control method, microprocessor, computer device and storage medium
US11422823B2 (en) Starting method for multi-mode IoT device, multi-mode IoT device, and storage medium
CN111344667A (en) System and method for compiling and executing code within virtual memory sub-pages of one or more virtual memory pages
CN115129619A (en) Firmware switching method, device, equipment and medium
US12481506B2 (en) Embedded payload metadata signatures for tracking dispersed basic input output system components during operating system and pre-boot operations
CN117421429A (en) Boot animation processing method, device, computer equipment and storage medium
JP5891963B2 (en) Address management apparatus and program
US8813075B2 (en) Virtual computer system and method of installing virtual computer system
US12373119B2 (en) Memory management method and semiconductor device adjusting size of contiguous memory allocation area
CN119883581B (en) Memory expansion method and related equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant