Search

CN-115879064-B - Program running method and device, processor, chip and electronic equipment

CN115879064BCN 115879064 BCN115879064 BCN 115879064BCN-115879064-B

Abstract

The embodiment of the application provides a program running method, a program running device, a processor, a chip and electronic equipment, wherein the program running method comprises the steps of determining a program to be run, transmitting program information of the program to a safety device so that the safety device can match the program with a white list according to the program information of the program, receiving a matching result transmitted by the safety device, running the program if the matching result is that the program is matched with the white list, and starting a safety container if the matching result is that the program is not matched with the white list, and running the program in the safety container. The embodiment of the application can avoid higher false alarm rate of the white list mechanism under the condition of ensuring the safety of the computer system, and improves the flexibility of the computer system running program under the white list mechanism, thereby realizing the program running under the condition of considering both the safety and the flexibility.

Inventors

  • YING ZHIWEI

Assignees

  • 海光信息技术股份有限公司

Dates

Publication Date
20260505
Application Date
20221026

Claims (10)

  1. 1. A program running method, characterized by comprising: determining a program to be run; The method comprises the steps of transmitting program information of a program to a security device, so that the security device can match the program with a white list according to the program information of the program, and setting the white list to the security device in an initialization process of an operating system, wherein the security device is a hardware device and is in a trusted state and is not influenced by the operating system; receiving a matching result transmitted by the safety device; If the matching result is that the program is matched with the white list, the program is operated; if the matching result is that the program is not matched with the white list, starting a safety container, and running the program in the safety container, wherein the safety container is a confidential calculation sandbox realized based on a Trusted Execution Environment (TEE) of hardware, and a memory space corresponding to the safety container is encrypted by adopting an independent key; the secure container includes an encrypted virtual machine; The encryption virtual machine is a virtual machine based on a secure virtualization technology, the memory space of the encryption virtual machine is encrypted through a virtual machine key of the encryption virtual machine, and the memory space of the encryption virtual machine is isolated in a hardware mode; And if the matching result is that the program is not matched with the white list, starting a safety container, and running the program in the safety container comprises the following steps: if the matching result is that the program is not matched with the white list, starting a safety container, and running the program in the started safety container; judging whether the program is a malicious program or not in the process of running the program in the secure container; if the program is not a malicious program, maintaining the program running in the secure container; The method further comprises the steps of: if the program is a malicious program, outputting alarm information and blocking the running of the program; the determining whether the program is a malicious program includes: when the security device matches the program with the white list, if the security device determines that the program is not matched with the white list, the security device matches the program with the black list to obtain a matching result of the program and the black list; or according to sampling information of the program in the security container when the program runs historically, identifying whether the program is a malicious program.
  2. 2. The method according to claim 1, wherein the secure container further comprises an encryption kata container; the encryption kata container is a kata container with the encryption property of a key, wherein the kata container does not need to share the hardware resources and kernel of a host, and each kata container runs on a separate virtual machine, so that the kata containers are isolated by different virtual machines.
  3. 3. The program running method according to claim 1, wherein setting the whitelist to the security device during the initialization of the operating system comprises: initializing an operating system; Measuring elements involved in the initialization of the operating system in the trusted computing, and generating a trusted report according to the measurement result; transmitting the trusted report to a trusted server so that the trusted server can perform correctness feedback on the trusted report; Receiving a feedback result transmitted by the trusted server, and requesting a white list from the trusted server if the feedback result is that the trusted report is correct; the white list fed back by the trusted server is set in the security device.
  4. 4. The program running method according to claim 3, further comprising: And if the feedback result is that the trusted report is abnormal, performing shutdown processing.
  5. 5. A program execution method as in claim 3, wherein said measuring the elements involved in the initialization of the operating system by the trusted computing comprises: the basic input output system BIOS, GRand unified boot loader GRUB and kernel are measured.
  6. 6. The program running method according to claim 1, wherein if the matching result is that the program does not match the whitelist, starting a secure container in which the program is run comprises: if the matching result is that the program is not matched with the white list, judging whether the program is a malicious program or not; if the program is not a malicious program, starting a secure container, and running the program in the secure container; The method further comprises the steps of: and if the program is a malicious program, outputting alarm information and blocking the running of the program.
  7. 7. A program running apparatus, comprising: the program determining module is used for determining a program to be operated; The system comprises a program information transmission module, a white list setting module, a program information processing module and a program information processing module, wherein the program information transmission module is used for transmitting the program information of the program to a security device so that the security device can match the program with the white list according to the program information of the program; the matching result receiving module is used for receiving the matching result transmitted by the safety device; The program running module is used for running the program if the matching result is that the program is matched with the white list; The security container running program module is used for starting a security container to run the program in the security container if the matching result is that the program is not matched with the white list, wherein the security container is a confidential computing sandbox realized by a Trusted Execution Environment (TEE) based on hardware, and a memory space corresponding to the security container is encrypted by adopting an independent key; the secure container includes an encrypted virtual machine; The encryption virtual machine is a virtual machine based on a secure virtualization technology, the memory space of the encryption virtual machine is encrypted through a virtual machine key of the encryption virtual machine, and the memory space of the encryption virtual machine is isolated in a hardware mode; And if the matching result is that the program is not matched with the white list, starting a safety container, and running the program in the safety container comprises the following steps: if the matching result is that the program is not matched with the white list, starting a safety container, and running the program in the started safety container; judging whether the program is a malicious program or not in the process of running the program in the secure container; if the program is not a malicious program, maintaining the program running in the secure container; Further comprises: if the program is a malicious program, outputting alarm information and blocking the running of the program; the determining whether the program is a malicious program includes: when the security device matches the program with the white list, if the security device determines that the program is not matched with the white list, the security device matches the program with the black list to obtain a matching result of the program and the black list; or according to sampling information of the program in the security container when the program runs historically, identifying whether the program is a malicious program.
  8. 8. A processor configured to perform the program execution method of any one of claims 1-6.
  9. 9. A chip is characterized in that, the chip comprising the processor of claim 8.
  10. 10. An electronic device, characterized in that, the electronic device comprising the chip of claim 9.

Description

Program running method and device, processor, chip and electronic equipment Technical Field The embodiment of the application relates to the technical field of trusted computing, in particular to a program running method, a program running device, a processor, a chip and electronic equipment. Background Trusted computing (TrustedComputing) is a technology that is driven and developed by TCG (trusted computing group). One of the core goals of trusted computing is to ensure the integrity of computer systems and programs, thereby ensuring that computer systems and programs operate in a trusted state. The trusted computing involves the running of the program, so how to ensure the security of the computer system when the program is run, and improve the flexibility of the computer system in running the program, and the technical problem to be solved by those skilled in the art is urgent. Disclosure of Invention In view of this, the embodiments of the present application provide a program running method, apparatus, processor, chip and electronic device, so as to ensure the security of a computer system and improve the flexibility of running programs in the computer system when running the programs. In order to achieve the above purpose, the embodiment of the present application provides the following technical solutions. In a first aspect, an embodiment of the present application provides a program running method, including: determining a program to be run; transmitting the program information of the program to a security device so that the security device can match the program with a white list according to the program information of the program; receiving a matching result transmitted by the safety device; If the matching result is that the program is matched with the white list, the program is operated; and if the matching result is that the program is not matched with the white list, starting a secure container, and operating the program in the secure container. In a second aspect, an embodiment of the present application provides a program running apparatus, including: the program determining module is used for determining a program to be operated; The program information transmission module is used for transmitting the program information of the program to the safety device so that the safety device can match the program with the white list according to the program information of the program; the matching result receiving module is used for receiving the matching result transmitted by the safety device; The program running module is used for running the program if the matching result is that the program is matched with the white list; and the safe container operation program module is used for starting a safe container and operating the program in the safe container if the matching result is that the program is not matched with the white list. In a third aspect, embodiments of the present application provide a processor configured to perform the program running method as described in the first aspect above. In a fourth aspect, an embodiment of the present application provides a chip, where the chip includes a processor as described in the third aspect. In a fifth aspect, an embodiment of the present application provides an electronic device, including a chip as described in the fourth aspect above. In the program running method provided by the embodiment of the application, when a processor needs to run a program, the processor can transmit program information of the program to be run to a safety device, the safety device matches the program with a white list according to the program information of the program to determine a matching result, the processor can further obtain the matching result transmitted by the safety device, if the matching result is that the program is matched with the white list, the processor can normally run the program, and if the matching result is that the program is not matched with the white list, the processor can start a safety container, so that the program can be run in the safety container, and the untrusted program which is not matched with the white list can be executed in a safe and trusted environment provided by the safety container. The program running method provided by the embodiment of the application is realized based on a white list mechanism, is different from the mode that the white list mechanism alarms and blocks running aiming at an untrusted program, and can start a safety container and run the untrusted program in the safety container aiming at the untrusted program which is not matched with the white list, so that the error alarm and error blocking running of the program are avoided under the condition that the untrusted program is a non-malicious program, and meanwhile, the malicious program is not easy to escape from the safety container through the safety trusted environment provided by the safety container, and the safety influence of the running of the