Search

CN-121997327-A - TPCM authentication trusted starting method and device based on X86 platform and storage medium

CN121997327ACN 121997327 ACN121997327 ACN 121997327ACN-121997327-A

Abstract

The application provides a trusted starting method, a trusted starting device and a storage medium for TPCM authentication based on an X86 platform. The method comprises the steps of controlling a switchable interface circuit to be in a first communication state for communicating a flash memory with an SPI interface of a TPCM when the system is electrified for the first time, controlling a nuclear power supply circuit to supply power to a central processing unit and controlling the switchable interface circuit to be switched to be in a second communication state for communicating the flash memory with the SPI interface of the central processing unit, controlling the switchable interface circuit to be kept in the second communication state when the system is restarted, outputting a reset trigger signal to the TPCM again by a trigger checking circuit and controlling the switchable interface circuit to be switched to be in the first communication state when the system is in a suspension state, and controlling the switchable interface circuit to be restored to be in the second communication state when a restarting checking result indicates that a starting firmware passes checking so as to finish starting control of the restarting process of the system. The application can introduce a TPCM authentication starting mechanism into the X86 platform, improve the integrity of a starting chain and enhance the safety and reliability of the first power-on and restarting process.

Inventors

  • MA CHENKAI
  • CHAI JUN
  • XING WEI
  • LI ZHE
  • WANG HAIBO
  • CAO JIAO

Assignees

  • 北京和利时系统集成有限公司

Dates

Publication Date
20260508
Application Date
20251203

Claims (10)

  1. 1. The trusted starting method for TPCM authentication based on X86 platform is characterized by comprising the following steps: When the power is firstly applied, the switchable interface circuit is controlled to be in a first communication state for communicating the flash memory with the SPI interface of the TPCM, and a trigger check circuit outputs a reset trigger signal to the TPCM, so that the TPCM reads starting firmware from the flash memory through the first communication state and performs integrity check on the starting firmware to obtain a first power-on check result; When the first power-on verification result indicates that the starting firmware passes verification, controlling a nuclear power supply circuit to supply power to the central processing unit, and controlling a switchable interface circuit to be switched into a second communication state for communicating the flash memory with an SPI interface of the central processing unit, so that the central processing unit loads and executes the starting firmware from the flash memory through the second communication state to complete starting control of first power-on; When the system is restarted, the switchable interface circuit is controlled to be kept in the second communication state, so that the CPU reads starting firmware from the flash memory and enters a suspension state; Under the suspension state, a trigger check circuit outputs a reset trigger signal to the TPCM again, and controls the switchable interface circuit to switch to the first communication state, so that the TPCM reads starting firmware from the flash memory through the first communication state, and performs integrity check on the starting firmware to obtain a restarting check result; And when the restarting verification result represents that the starting firmware passes the verification, controlling the switchable interface circuit to restore to the second communication state, and enabling the central processing unit to continue loading and executing the starting firmware from the flash memory through the second communication state so as to complete the starting control of the restarting process of the system.
  2. 2. The method of claim 1, wherein controlling the switchable interface circuit to be in a first communication state that communicates the flash memory with the SPI interface of the TPCM upon first power up comprises: When the mainboard is electrified, an analog switch in the switchable interface circuit is set to be connected with the SPI interface side of the TPCM and disconnected with the SPI interface side of the central processing unit, so that the flash memory is only connected with the SPI interface of the TPCM, and in a state that the nuclear power supply circuit does not supply power to the central processing unit, a trigger check circuit outputs a reset trigger signal to the TPCM, so that the TPCM reads starting firmware from the flash memory through the first communication state and performs integrity check on the starting firmware.
  3. 3. The method of claim 2, wherein the outputting, by the trigger checking circuit, a reset trigger signal to the TPCM, to cause the TPCM to read boot firmware from the flash memory through the first connection state and perform integrity checking on the boot firmware, to obtain a first power-on check result, includes: In the power-on process of the main board, a trigger check circuit generates a reset trigger signal with a preset time sequence based on a power-on state signal and outputs the reset trigger signal to the TPCM, so that the TPCM completes self initialization after receiving the reset trigger signal, SPI communication is established with the flash memory through the first communication state, starting firmware data stored in the flash memory are read according to a preset address range sequence, integrity check is carried out on the starting firmware data based on a preset check strategy, and a first power-on check result for indicating whether the starting firmware passes the check is generated.
  4. 4. The method of claim 1, wherein the controlling the switchable interface circuit to switch to a second connected state that connects the flash memory to the SPI interface of the central processor, causing the central processor to load and execute the boot firmware from the flash memory through the second connected state, comprises: When the first power-on verification result represents that the starting firmware passes verification, the TPCM outputs a control signal for starting power supply to the nuclear power supply circuit based on the first power-on verification result, so that the nuclear power supply circuit supplies power to the central processing unit, and in the process of powering on and resetting and releasing the central processing unit, the switchable interface circuit is controlled to switch from the first communication state to the second communication state, so that the central processing unit establishes SPI communication with the flash memory through the second communication state, and the starting firmware is loaded from the flash memory according to a preset starting sequence and executed.
  5. 5. The method of claim 1, wherein controlling the switchable interface circuit to remain in the second connected state upon a system restart causes the central processor to read boot firmware from the flash memory and enter a suspended state, comprising: When a system restarting instruction is received, the nuclear power supply circuit is kept to supply power to the central processing unit continuously, the switchable interface circuit is controlled to be maintained in the second communication state, at least part of starting codes of starting firmware are read from the flash memory through the second communication state after the central processing unit is reset, preset restarting initialization operation is executed according to the starting codes, the follow-up starting flow is stopped when the starting operation is executed to a preset hanging point, and the suspension state is entered.
  6. 6. The method of claim 1, wherein the causing the TPCM to read boot firmware from flash memory via the first connection state and perform integrity check on the boot firmware to obtain a restart check result comprises: And under the suspension state, a trigger checking circuit generates a reset trigger signal based on a system restarting state and outputs the reset trigger signal to the TPCM, so that the TPCM completes self initialization after receiving the reset trigger signal, establishes SPI communication with the flash memory through the first communication state, reads starting firmware data stored in the flash memory according to a preset address range sequence, checks the starting firmware data based on a preset integrity checking strategy, and generates a restarting checking result for indicating whether the starting firmware passes the check in the system restarting process.
  7. 7. The method of claim 1, wherein controlling the switchable interface circuit to revert to the second connected state causes the central processor to continue loading and executing the boot firmware from the flash memory via the second connected state to complete boot control of the system restart process, comprising: When the restarting verification result represents that the starting firmware passes verification, the TPCM outputs a control signal for recovering the starting based on the restarting verification result, controls the switchable interface circuit to switch from the first communication state to the second communication state, provides a recovery execution instruction for the CPU in the suspension state, enables the CPU to release the suspension state under the condition of keeping power supply, and continues loading the residual starting firmware from the flash memory and executing the starting firmware through the recovered second communication state.
  8. 8. The trusted starting device of TPCM authentication based on X86 platform, characterized by comprising: The power-on module is used for controlling the switchable interface circuit to be in a first communication state for communicating the flash memory with the SPI interface of the TPCM when the power-on module is powered on for the first time, and outputting a reset trigger signal to the TPCM by the trigger checking circuit, so that the TPCM reads starting firmware from the flash memory through the first communication state and performs integrity checking on the starting firmware to obtain a first power-on checking result; The power supply module is used for controlling the nuclear power supply circuit to supply power to the central processing unit when the first power-on verification result indicates that the starting firmware passes the verification, and controlling the switchable interface circuit to be switched into a second communication state for communicating the flash memory with the SPI interface of the central processing unit, so that the central processing unit loads and executes the starting firmware from the flash memory through the second communication state to complete the starting control of the first power-on; The restarting module is used for controlling the switchable interface circuit to be kept in the second communication state when the system is restarted, so that the CPU reads starting firmware from the flash memory and enters a suspension state; The switching module is used for outputting a reset trigger signal to the TPCM again by the trigger checking circuit in the suspension state, controlling the switchable interface circuit to switch to the first communication state, enabling the TPCM to read starting firmware from the flash memory through the first communication state, and carrying out integrity checking on the starting firmware to obtain a restarting checking result; and the starting module is used for controlling the switchable interface circuit to restore to the second communication state when the restarting verification result indicates that the starting firmware passes the verification, so that the central processing unit loads and executes the starting firmware from the flash memory continuously through the second communication state, and the starting control of the restarting process of the system is completed.
  9. 9. An electronic device comprising a memory, a processor and a computer program stored on the memory and running on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 7 when executing the computer program.
  10. 10. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method according to any one of claims 1 to 7.

Description

TPCM authentication trusted starting method and device based on X86 platform and storage medium Technical Field The application relates to the technical field of industrial control credibility, in particular to a TPCM authentication credible starting method, device and storage medium based on an X86 platform. Background With the improvement of industrial control, cloud computing and internet of things equipment on network security and trusted computing requirements, a starting system based on a trusted root gradually becomes a key basic capability. The Trusted Platform Control Module (TPCM) is used as a security chip or equivalent hardware module embedded in the computing device, can measure and verify the starting firmware in the power-on starting process of the device, and is an important component in the domestic trusted computing system. Typical trusted boot flows are typically powered up, self-checked, by the TPCM first, and step-wise integrity metrics are performed on boot firmware, boot strap program, and operating system kernel, thus gradually establishing a chain of trust during system boot-up. The prior trusted starting scheme in the field of industrial control is deployed on a main control platform adopting a domestic central processing unit, for example, a processor based on a certain domestic instruction architecture, and an interface conforming to the TPCM standard is reserved in a chip or a main board, so that the TPCM can suspend the processor to reset in the initial stage of power-up, access a starting flash memory preferentially, measure and check a basic input and output system or starting firmware therein, and trigger a trusted authentication process again in the restarting stage of the system, thereby realizing the consistency control of the starting software environment. However, in a general-purpose international brand X86 architecture processor (such as some existing intel processors), only a security module conforming to the international trusted platform module standard is generally integrated, and a hardware unit conforming to the domestic TPCM standard is not built in, and an existing motherboard design also generally lacks a boot timing control circuit reserved for an external TPCM and a switchable boot flash access path. The conventional trusted starting scheme formed based on the domestic central processing unit is difficult to directly transplant to the X86 platform, so that an active measurement and authentication mechanism taking TPCM as a trusted root is difficult to introduce in the first power-on and system restarting process on the platform, and the authentication trusted starting requirement under a unified domestic trusted computing system is difficult to realize. Disclosure of Invention In view of the above, the embodiments of the present application provide a trusted starting method, apparatus and storage medium for TPCM authentication based on an X86 platform, so as to solve the problem in the prior art that it is difficult for the X86 platform to introduce a starting control mechanism with TPCM as a trusted root, lack a coordinated control mechanism of TPCM active measurement and power supply timing in a first power-up stage, and lack a secondary trusted authentication and starting control mechanism in a system restart stage. The first aspect of the embodiment of the application provides a TPCM authentication trusted starting method based on an X86 platform, which comprises the steps of controlling a switchable interface circuit to be in a first communication state for connecting a flash memory with an SPI interface of the TPCM when the system is electrified for the first time, outputting a reset trigger signal to the TPCM by a trigger checking circuit to enable the TPCM to read starting firmware from the flash memory and carry out integrity checking on the starting firmware through the first communication state to obtain a first electrified checking result, controlling a nuclear power supply circuit to supply power to a central processor when the first electrified checking result represents that the starting firmware passes checking, controlling a switchable interface circuit to be switched to a second communication state for connecting the flash memory with the SPI interface of the central processor, enabling the central processor to load and execute starting firmware from the flash memory through the second communication state to complete starting control of the first electrifying, controlling the switchable interface circuit to be kept in the second communication state when the system is restarted, enabling the central processor to read starting firmware from the flash memory and enter a suspension state, and outputting a reset trigger signal again to the CM by the trigger checking circuit to enable the trigger signal to be controlled to be switched to be in the first communication state when the system is restarted, and the first communication state is enable