Search

CN-121979812-A - Memory management method, device, equipment and program product

CN121979812ACN 121979812 ACN121979812 ACN 121979812ACN-121979812-A

Abstract

The application discloses a memory management method, a device, equipment and a program product. The scheme includes that a logical physical memory protection entry is configured for at least one application program, a shadow table is maintained in a static random access memory to record the logical physical memory protection entry of the at least one application program, and the logical physical memory protection entry is used for defining a memory area and operation authority which the application program is allowed to access. And when the target application program accesses the memory address and triggers physical memory protection checking abnormality, inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table to judge whether the access of the target application program is legal or not. If the access request is judged to be legal, loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register, so that the physical memory protection check allows the access of the target application program to continue to be executed.

Inventors

  • LU HAO
  • ZHAO DENG
  • XU KAIJUN
  • HE SHIJIAN
  • LIU YUAN

Assignees

  • 中移物联网有限公司
  • 中国移动通信集团有限公司

Dates

Publication Date
20260505
Application Date
20251210

Claims (10)

  1. 1. The memory management method is applied to an embedded system and is characterized by comprising the following steps: Configuring a logical physical memory protection entry for at least one application program, and maintaining a shadow table in a static random access memory to record the logical physical memory protection entry of the at least one application program, wherein the logical physical memory protection entry is used for defining a memory area and an operation authority which are allowed to be accessed by the application program; when a target application program accesses a memory address and triggers physical memory protection checking abnormality, inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table to judge whether the access of the target application program is legal or not; If the access request is judged to be legal, loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register so that physical memory protection checking allows the access of the target application program to continue to be executed, wherein the physical memory protection cache slot supports the dynamic importing of the corresponding logical physical memory protection entry for the at least one application program.
  2. 2. The method of claim 1, wherein the step of determining the position of the substrate comprises, After loading the logical physical memory protection entry of the target application into a physical memory protection cache slot in a physical memory protection register, the method further comprises: Recording, by a tag register, an identification of a logical physical memory protection entry currently loaded in the physical memory protection cache slot, and/or, And recording the identification of the application program corresponding to the logical physical memory protection entry currently loaded in the physical memory protection cache slot through a tag register.
  3. 3. The method of claim 2, wherein the step of determining the position of the substrate comprises, When a target application program accesses a memory address and triggers physical memory protection check abnormality, querying a logical physical memory protection entry corresponding to the target application program in the shadow table to determine whether the access of the target application program is legal access, including: When a target application program accesses a memory address and triggers physical memory protection checking abnormality, judging whether a logic physical memory protection entry currently loaded in the physical memory protection cache slot is matched with the target application program or not based on the identification in the tag register; if the access request is not matched with the target application program, inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table to judge whether the access of the target application program is legal or not; And if so, directly judging that the access of the target application program is legal access.
  4. 4. The method of claim 3, wherein the step of, If the access is judged to be legal, loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register, wherein the method comprises the following steps: And if the legal access is judged, and the logical physical memory protection entry currently loaded in the physical memory protection cache slot is not matched with the target application program based on the identification of the tag register, loading the logical physical memory protection entry of the target application program into the physical memory protection cache slot in the physical memory protection register.
  5. 5. The method of claim 1, wherein the step of determining the position of the substrate comprises, Determining whether the access of the target application program is a legal access includes: comparing the access address of the target application program with a memory area defined by a corresponding logical physical memory protection entry in the shadow table; If the access address does not exceed the range of the memory area, judging that the access of the target application program is legal access; And if the access address exceeds the range of the memory area, judging that the access of the target application program is illegal access.
  6. 6. The method according to any one of claim 1 to 5, wherein, The physical memory protection register is configured with only one physical memory protection cache slot, and the physical memory protection cache slot loads only a logical physical memory protection entry of an application program at the same time.
  7. 7. The method according to any one of claim 1 to 5, wherein, Each application program is correspondingly configured with two types of logic physical memory protection strips, one type of logic physical memory protection strip is used for defining the memory area and executable authority of the code segment of the application program, and the other type of logic physical memory protection strip is used for defining the memory area, readable authority and writable authority of the data segment.
  8. 8. A memory management device applied to an embedded system, comprising: The configuration module is used for configuring a logical physical memory protection entry for at least one application program, and maintaining a shadow table in a static random access memory so as to record the logical physical memory protection entry of the at least one application program, wherein the logical physical memory protection entry is used for defining a memory area and an operation authority which are allowed to be accessed by the application program; the checking module is used for inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table when the target application program accesses the memory address and triggers physical memory protection checking abnormality so as to judge whether the access of the target application program is legal or not; And the decision module is used for loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register if the logical physical memory protection entry is judged to be legal, so that the physical memory protection check allows the access of the target application program to continue to be executed, wherein the physical memory protection cache slot supports the dynamic importing of the corresponding logical physical memory protection entry for the at least one application program.
  9. 9. An electronic device comprising a processor and a memory arranged to store computer executable instructions, wherein the executable instructions when executed cause the processor to perform the method of any of claims 1 to 7.
  10. 10. A computer program product comprising a computer readable storage medium storing a computer program, characterized in that the computer program is operable to cause a computer to perform the method of any one of claims 1 to 7.

Description

Memory management method, device, equipment and program product Technical Field The present application relates to the field of data security technologies, and in particular, to a memory management method, apparatus, device, and program product. Background With the wide access of internet of things equipment, the memory security protection requirement of an embedded system is increasingly prominent. At present, most embedded devices lacking a memory management unit (Memory Management Unit, MMU) cannot effectively isolate memory access, so that all Applications (APP) can randomly access the whole memory space, which threatens the privacy and security of Application data and brings uncertainty to the stability of an operating system. In a micro control unit (Microcontroller Unit, MCU) based on a reduced instruction set computer (Reduced Instruction Set Computer, RISC-V) architecture, basic memory isolation can be achieved by a physical memory protection (Physical Memory Protection, PMP) mechanism, but the number of hardware PMP entries is limited (typically 8-16), severely limiting the number of concurrency of protected applications. In addition, when the task is switched, the full heavy load PMP configuration is needed, so that delay linearly increases along with the increase of the application quantity, the real-time requirement is difficult to meet, and the fragmented memory layout cannot be flexibly dealt with. Disclosure of Invention The application provides a memory management method, a device, equipment and a program product, which aim to solve the problems of limited concurrent quantity of application programs and delay accumulation in task switching caused by limited physical memory protection hardware items in a micro-control unit based on a RISC-V architecture. Correspondingly, the technical scheme of the application is as follows: in a first aspect, a memory management method applied to an embedded system is provided, including: Configuring a logical physical memory protection entry for at least one application program, and maintaining a shadow table in a static random access memory to record the logical physical memory protection entry of the at least one application program, wherein the logical physical memory protection entry is used for defining a memory area and an operation authority which are allowed to be accessed by the application program; when a target application program accesses a memory address and triggers physical memory protection checking abnormality, inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table to judge whether the access of the target application program is legal or not; If the access request is judged to be legal, loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register so that physical memory protection checking allows the access of the target application program to continue to be executed, wherein the physical memory protection cache slot supports the dynamic importing of the corresponding logical physical memory protection entry for the at least one application program. In a second aspect, a memory management device applied to an embedded system is provided, including: The configuration module is used for configuring a logical physical memory protection entry for at least one application program, and maintaining a shadow table in a static random access memory so as to record the logical physical memory protection entry of the at least one application program, wherein the logical physical memory protection entry is used for defining a memory area and an operation authority which are allowed to be accessed by the application program; the checking module is used for inquiring a logical physical memory protection entry corresponding to the target application program in the shadow table when the target application program accesses the memory address and triggers physical memory protection checking abnormality so as to judge whether the access of the target application program is legal or not; And the decision module is used for loading the logical physical memory protection entry of the target application program into a physical memory protection cache slot in a physical memory protection register if the logical physical memory protection entry is judged to be legal, so that the physical memory protection check allows the access of the target application program to continue to be executed, wherein the physical memory protection cache slot supports the dynamic importing of the corresponding logical physical memory protection entry for the at least one application program. In a third aspect, an embodiment of the application provides an electronic device comprising a processor and a memory configured to store computer-executable instructions that, when executed, cause the processor to perform