[go: up one dir, main page]

CN107037988B - A method and system for securely deleting flash memory based on file-level granularity - Google Patents

A method and system for securely deleting flash memory based on file-level granularity Download PDF

Info

Publication number
CN107037988B
CN107037988B CN201710219959.8A CN201710219959A CN107037988B CN 107037988 B CN107037988 B CN 107037988B CN 201710219959 A CN201710219959 A CN 201710219959A CN 107037988 B CN107037988 B CN 107037988B
Authority
CN
China
Prior art keywords
page
physical
guid
file
deletion
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710219959.8A
Other languages
Chinese (zh)
Other versions
CN107037988A (en
Inventor
童薇
刘景宁
冯丹
雷霞
方才华
高阳
蒋瑜
魏学亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Original Assignee
Huazhong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology filed Critical Huazhong University of Science and Technology
Priority to CN201710219959.8A priority Critical patent/CN107037988B/en
Publication of CN107037988A publication Critical patent/CN107037988A/en
Application granted granted Critical
Publication of CN107037988B publication Critical patent/CN107037988B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0623Securing storage systems in relation to content
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0646Horizontal data movement in storage systems, i.e. moving data in between storage devices or systems
    • G06F3/0652Erasing, e.g. deleting, data cleaning, moving of data to a wastebasket
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明公开了一种基于文件级粒度的闪存安全删除方法,属于计算机存储领域。本发明方法为每个文件分配一个全局唯一标识符GUID,并将GUID封装给文件的每个写请求和删除请求,同时构建GUID‑page邻接表,用于实时记录每个文件对应的无效物理页,当用户删除某个文件时,设备可以通过删除命令找到文件对应的所有无效物理页和所有有效物理页,然后使用物理页覆写技术对文件所有的物理页进行覆写来达到安全删除文件的目的。本发明还实现了一种基于文件级粒度的闪存安全删除系统。本发明技术方案解决了现有基于闪存介质的固态盘无法高效地安全删除单个文件的问题,在实现固态盘安全删除单个文件的基础上,减少了安全删除对读写性能的影响。

The invention discloses a method for safely deleting flash memory based on file-level granularity, which belongs to the field of computer storage. The method of the present invention assigns a globally unique identifier GUID to each file, encapsulates the GUID into each write request and delete request of the file, and constructs a GUID-page adjacency table at the same time for recording invalid physical pages corresponding to each file in real time , when the user deletes a file, the device can find all invalid physical pages and all valid physical pages corresponding to the file through the delete command, and then use the physical page overwriting technology to overwrite all the physical pages of the file to achieve safe file deletion Purpose. The invention also realizes a flash memory safe deletion system based on file level granularity. The technical scheme of the invention solves the problem that the existing flash media-based solid-state disk cannot safely delete a single file efficiently, and on the basis of realizing the safe deletion of a single file in the solid-state disk, it reduces the impact of safe deletion on read and write performance.

Description

一种基于文件级粒度的闪存安全删除方法及系统A method and system for securely deleting flash memory based on file-level granularity

技术领域technical field

本发明属于计算机存储领域,更具体地,涉及一种基于文件级粒度的闪存安全删除方法及系统。The invention belongs to the field of computer storage, and more specifically relates to a method and system for securely deleting flash memory based on file-level granularity.

背景技术Background technique

随着数据恢复技术的发展,当前计算机系统已经很难彻底删除文件,通过恢复处理存储介质上残留的数据,攻击者可以窃取已删除的机密信息,这已经成为威胁存储系统信息安全的重要隐患。2016年的一次调查报告中发现,从200多块二手硬盘中(93%是机械硬盘,剩余是SSD),发现超过78%的二手硬盘里存在剩余数据,其中67%的硬盘能恢复出个人机密信息,11%的硬盘包含公司敏感数据。另外调查显示,36%的硬盘包含残留数据,即用户进行了删除操作后仍有数据残留;40%的硬盘进行过格式化,但仍然有数据残留在硬盘中;仅仅只有10%的硬盘采取过安全擦除手段来清除数据。这充分说明普通的删除和格式化操作并不能真正的删除数据,用户需要采取安全删除手段来防止数据泄露。With the development of data recovery technology, it is difficult for the current computer system to completely delete files. By recovering and processing the remaining data on the storage medium, attackers can steal the deleted confidential information, which has become an important hidden danger to the information security of the storage system. A survey report in 2016 found that from more than 200 second-hand hard drives (93% were mechanical hard drives, and the rest were SSDs), it was found that more than 78% of second-hand hard drives had residual data, and 67% of them could recover personal secrets information, 11% of hard drives contain sensitive corporate data. In addition, the survey shows that 36% of the hard disks contain residual data, that is, there are still data remaining after the user has deleted the operation; 40% of the hard disks have been formatted, but there are still data remaining in the hard disk; Secure Erase means to erase data. This fully shows that common delete and format operations cannot really delete data, and users need to take safe delete measures to prevent data leakage.

安全删除是指通过各种技术手段,使存储载体中的数据被删除后不可恢复,且设备可二次利用。目前已经针对磁介质提出多种基于覆写的安全删除方法,其主要思想是,删除文件时,重写该文件对应的LBA(逻辑区块地址)空间,覆盖写存有文件原始数据的物理介质,以此来安全删除文件。但由于闪存异地更新的特点,当重写该文件对应的LBA空间时,存有文件原始数据的物理页将变为无效,覆盖写的数据被写入到新的物理页,无法达到覆盖写文件原始数据的效果。同时,在经过大量读写后,文件的每个数据页都有可能存在若干个副本,这些数据页副本在存储介质里保存的时间是不可预测的,只能在垃圾回收时回收一部分,占用了固态盘空间的同时,泄露了已删除文件中的信息。因此,针对基于闪存的固态盘,需要引进一种新的安全删除技术以改变这种困境。Safe deletion refers to the use of various technical means to make the data in the storage carrier unrecoverable after being deleted, and the device can be used again. At present, a variety of secure deletion methods based on overwriting have been proposed for magnetic media. The main idea is that when deleting a file, the LBA (Logical Block Address) space corresponding to the file is rewritten, and the physical medium that stores the original data of the file is overwritten. , to securely delete the file. However, due to the characteristics of flash memory updating in different places, when the LBA space corresponding to the file is rewritten, the physical page containing the original data of the file will become invalid, and the overwritten data will be written to a new physical page, and the overwritten file cannot be achieved. Effects on raw data. At the same time, after a lot of reading and writing, there may be several copies of each data page of the file. The storage time of these data page copies in the storage medium is unpredictable, and only part of them can be recovered during garbage collection, occupying While using up space on the SSD, it leaks information from deleted files. Therefore, for flash-based solid-state disks, it is necessary to introduce a new secure deletion technology to change this dilemma.

现有安全删除方法的粒度大致包括四类:页级安全删除、块级安全删除、文件级安全删除以及全盘安全删除。页级的安全删除方法以单个物理页为单位,实时地安全删除因写更新产生的无效页,在文件的编辑和修改过程中,写更新操作非常频繁,页级的安全删除方法会严重影响固态盘对正常的读写请求的响应;块级安全删除方法以物理块为单位,采用块擦除手段来安全删除物理块,当块中存在有效页时,需要迁移有效页会带来开销,且块粒度实用性差;而文件级的安全删除以文件为单位,通常文件的删除操作不频繁,只有在用户删除某个文件时,才会触发安全删除操作,对固态盘的读写性能影响小;全盘安全删除适用范围窄,对于多用户共享存储资源的常见应用场景,对整个物理盘进行安全删除是无法实现的,即使是对整个虚拟盘进行安全删除也意味着某个文件的安全删除。The granularity of existing secure deletion methods roughly includes four categories: page-level secure deletion, block-level secure deletion, file-level secure deletion, and full-disk secure deletion. The page-level secure deletion method uses a single physical page as a unit to securely delete invalid pages caused by write updates in real time. In the process of file editing and modification, write update operations are very frequent, and the page-level secure delete method will seriously affect the solid state. The response of the disk to normal read and write requests; the block-level secure deletion method takes the physical block as the unit, and uses the block erasure method to securely delete the physical block. When there are valid pages in the block, the need to migrate valid pages will bring overhead, and The block granularity is poor in practicability; while the file-level secure deletion takes the file as the unit, usually the file deletion operation is infrequent, and only when the user deletes a file, the secure deletion operation will be triggered, which has little impact on the read and write performance of the SSD; The scope of secure deletion of the entire disk is narrow. For common application scenarios where multiple users share storage resources, it is impossible to securely delete the entire physical disk. Even the secure deletion of the entire virtual disk means the safe deletion of a file.

对于基于闪存的固态盘,尽管不能采用覆写文件的LBA空间的方式来安全删除文件,但可以直接对物理介质进行覆写。对于SLC闪存,有人通过实验证实对SLC闪存的物理页进行二次写入是可行的,即可以通过普通的物理页写入命令,对存储敏感数据的物理页进行覆盖写入,从而实现对SLC闪存的安全删除。但额外的物理页覆写操作会影响闪存对正常读写请求的响应,实时地安全删除无效页将严重影响固态盘的性能;且它提出的文件粒度的安全删除方法需要遍历整个固态盘的所有物理页来确定文件对应的无效页副本,延时非常大。For flash-based solid-state disks, although files cannot be safely deleted by overwriting the LBA space of the files, the physical media can be directly overwritten. For SLC flash memory, some people have proved through experiments that it is feasible to write the physical page of the SLC flash memory twice, that is, the physical page storing sensitive data can be overwritten by the ordinary physical page write command, so as to realize the SLC Secure deletion of flash memory. However, the extra physical page overwriting operation will affect the response of the flash memory to normal read and write requests, and the real-time safe deletion of invalid pages will seriously affect the performance of the solid state disk; and the secure deletion method of the file granularity proposed by it needs to traverse all the The physical page is used to determine the invalid page copy corresponding to the file, and the delay is very large.

如图1所示:对于MLC闪存,支持4种电压级别,每个单元可存储2bits,状态变化严格遵循阈值电压升高的规则,在擦除之前不能反向改变状态,即MLC闪存内部的写入操作必须按照一定的顺序进行;As shown in Figure 1: For MLC flash memory, it supports 4 voltage levels, and each cell can store 2 bits. The state change strictly follows the rule of threshold voltage rise, and the state cannot be reversed before erasing. Input operations must be performed in a certain order;

当对基于MLC闪存的固态盘进行安全删除时,有两个限制:When securely removing an MLC flash-based SSD, there are two limitations:

(1)受编程串扰影响,当MLC闪存的低页和高页都有效时,不能单独覆写低页或者高页,否则会破坏高页或者低页中的数据;(1) Affected by programming crosstalk, when both the low page and the high page of the MLC flash memory are valid, the low page or the high page cannot be overwritten separately, otherwise the data in the high page or the low page will be destroyed;

(2)MLC闪存的每个物理块的错误率随被覆写的物理页数量增加而上升,即每个物理块只能承受部分物理页被覆写。(2) The error rate of each physical block of MLC flash memory increases as the number of overwritten physical pages increases, that is, each physical block can only withstand part of the physical pages being overwritten.

由于这些限制,传统的解决方法有两种:一种是将MLC闪存当做SLC闪存使用,先只使用成对页(Paired Page)中的低页,只有当低页无效并进行了覆写后,才能使用该低页对应的高页,严重的浪费了MLC闪存的容量;另一种是,当需要覆写MLC闪存成对页中的某个页时,要先将成对页中的另一个页中的数据进行迁移,再覆写此成对页,浪费了MLC闪存容量的同时,安全删除效率低下;因此,简单的物理页覆写方法并不适合MLC闪存。Due to these limitations, there are two traditional solutions: one is to use MLC flash memory as SLC flash memory, first use only the low page in the paired page (Paired Page), only when the low page is invalid and overwritten, The high page corresponding to the low page can be used, which seriously wastes the capacity of the MLC flash memory; the other is that when a page in the paired pages of the MLC flash memory needs to be overwritten, the other page in the paired page must first be overwritten. Migrating the data in the memory, and then overwriting the paired pages, while wasting the capacity of the MLC flash memory, the security deletion efficiency is low; therefore, the simple physical page overwriting method is not suitable for the MLC flash memory.

发明内容Contents of the invention

针对现有技术的以上缺陷或改进需求,本发明提供了一种基于文件级粒度的闪存安全删除方法及系统,其目的在于通过在文件系统层为每个文件分配一个GUID号码,向底层传递文件信息,使设备可以掌握文件数据块的存储位置、实时记录每个文件产生的无效物理页;当用户删除某个文件时,设备可以通过删除命令找到文件对应的所有无效物理页和所有有效物理页,然后使用物理页覆写方法对文件所有的物理页进行覆写来达到安全删除文件的目的,由此解决现有闪存安全删除技术效率低、延时大的技术问题。Aiming at the above defects or improvement needs of the prior art, the present invention provides a method and system for securely deleting flash memory based on file-level granularity, the purpose of which is to transfer files to the bottom layer by assigning a GUID number to each file information, so that the device can grasp the storage location of the file data block and record the invalid physical pages generated by each file in real time; when the user deletes a file, the device can find all invalid physical pages and all valid physical pages corresponding to the file through the delete command , and then use the physical page overwriting method to overwrite all the physical pages of the file to achieve the purpose of securely deleting the file, thereby solving the technical problems of low efficiency and large delay in the existing flash memory secure deletion technology.

为实现上述目的,按照本发明的一个方面,提供了一种基于文件级粒度的闪存安全删除方法,该方法包括:In order to achieve the above object, according to one aspect of the present invention, a method for securely deleting flash memory based on file-level granularity is provided, the method comprising:

(1)GUID分配和封装:为每个文件分配一个全局唯一标识符GUID,并将文件的GUID封装到文件的写和删除请求中;若是写请求,则进入步骤(2);若是删除请求则进入步骤(5);(1) GUID allocation and encapsulation: assign a globally unique identifier GUID for each file, and encapsulate the GUID of the file into the write and delete request of the file; if it is a write request, then enter step (2); if it is a delete request, then Go to step (5);

(2)写入介质判断:若存储介质为MLC闪存,则进入步骤(3);否则进入步骤(4);(2) Write medium judgment: if the storage medium is MLC flash memory, then enter step (3); otherwise enter step (4);

(3)分配MLC闪存成对页:根据写请求的GUID号找到该文件上一次写入的物理页位置,若是低页,则分配该低页对应的高页给写请求,使文件的数据块分布在MLC成对的物理页中;若是高页,则分配空闲低页给写请求;若没有空闲低页,则启动垃圾回收后分配空闲低页给写请求;(3) Allocate paired pages of MLC flash memory: find the last physical page location of the file according to the GUID number of the write request, if it is a low page, allocate the high page corresponding to the low page to the write request, so that the data block of the file Distributed in MLC pairs of physical pages; if it is a high page, allocate a free low page to the write request; if there is no free low page, start garbage collection and allocate a free low page to the write request;

(4)记录文件的无效页:使用GUID-page表实时地记录每个文件产生的无效物理页;(4) Invalid page of record file: use GUID-page table to record the invalid physical page produced by each file in real time;

(5)删除介质判断:若存储介质为MLC闪存,则进入步骤(6);若存储介质为SLC闪存,则进入步骤(7);(5) Deletion medium judgment: if the storage medium is MLC flash memory, then enter step (6); if the storage medium is SLC flash memory, then enter step (7);

(6)基于MLC闪存的安全删除:根据GUID-page表和删除请求找到要删除文件对应的所有物理页,物理页所在物理块的覆写次数没超上限的采用覆写技术进行安全删除,覆写次数超上限的迁移物理块中的有效页后将物理块擦除来达到安全删除;(6) Safe deletion based on MLC flash memory: Find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request. If the number of overwrites of the physical block where the physical page is located does not exceed the upper limit, the overwrite technology is used for safe deletion. After the valid pages in the migrating physical block whose write times exceed the upper limit, the physical block is erased to achieve safe deletion;

(7)基于SLC闪存的安全删除:根据GUID-page表和删除请求找到要删除的文件对应的所有物理页,再使用物理页覆写技术对这些物理页中数据进行安全删除;(7) Safe deletion based on SLC flash memory: find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request, and then use the physical page overwriting technology to safely delete the data in these physical pages;

(8)元数据的安全删除:根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页,对元数据所在物理页进行安全删除。(8) Secure deletion of metadata: According to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship, the physical page where the metadata is located is found, and the physical page where the metadata is located is safely deleted.

进一步地,所述步骤(3)具体包括:Further, the step (3) specifically includes:

(31)物理页查询:根据写请求的GUID查找GUID-page表,找到对应GUID-page表中头结点指针指向的页结点的物理页号;(31) Physical page query: search the GUID-page table according to the GUID of the write request, and find the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table;

(32)对页判断:判断所述物理页号是低页、高页还是物理页号初始值,若是低页,分配所述低页对应的高页给写请求,进入步骤(35);若是高页或者物理页号初始值,则判断固态盘中是否有空闲低页,若有,则分配空闲低页给写请求,进入步骤(34);否则进入步骤(33);(32) Judging the page: judging whether the physical page number is a low page, a high page or the initial value of the physical page number, if it is a low page, allocate the high page corresponding to the low page to the write request, and enter step (35); if High page or initial value of physical page number, then judge whether there is free low page in the solid-state disk, if yes, then allocate free low page to write request, enter step (34); Otherwise enter step (33);

(33)垃圾回收:先迁移要回收的目标块中的有效页,同时根据有效页对应的GUID查找对应GUID-page表中头结点指针指向的页结点的物理页号,若页结点的物理页号和有效页的物理页号相同,则将页结点的物理页号改为有效页迁移后的物理页号;否则不做处理;之后根据目标块中无效页对应的GUID查找对应GUID-page表,删除GUID-page表中页结点的物理页号等于无效页物理页号的页结点;擦除目标块,之后分配空闲低页给写请求;(33) Garbage collection: first migrate the valid pages in the target block to be recycled, and at the same time look up the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID corresponding to the valid page, if the page node If the physical page number of the valid page is the same as the physical page number of the valid page, change the physical page number of the page node to the physical page number after the valid page migration; otherwise, do not process; then find the corresponding page according to the GUID corresponding to the invalid page in the target block GUID-page table, delete the page node whose physical page number is equal to the physical page number of the invalid page in the GUID-page table; erase the target block, and then allocate the free low page to the write request;

(34)更新物理页号:将写请求的GUID-page表中头结点指针指向的页结点的物理页号更新为新分配物理页的物理页号。(34) Update the physical page number: update the physical page number of the page node pointed to by the head node pointer in the GUID-page table of the write request to the physical page number of the newly allocated physical page.

进一步地,所述步骤(4)具体包括:Further, the step (4) specifically includes:

(41)写命中判断:根据写请求的逻辑地址查找地址映射表,若命中,则进入步骤(42);否则进入步骤(43);(41) Write hit judgment: look up the address mapping table according to the logical address of the write request, if hit, then enter step (42); otherwise enter step (43);

(42)记录无效物理页:将旧物理页的状态置为无效,分配新的GUID-page表的页结点,页结点的物理页号为该旧物理页号,新的页结点链接在写请求的GUID对应的GUID-page表尾部;(42) Record invalid physical page: invalidate the state of the old physical page, allocate a new page node of the GUID-page table, the physical page number of the page node is the old physical page number, and the new page node link At the end of the GUID-page table corresponding to the GUID of the write request;

(43)更新地址映射表:更新地址映射表。(43) Updating the address mapping table: updating the address mapping table.

进一步地,所述步骤(6)具体包括:Further, the step (6) specifically includes:

(61)查找无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点;(61) Find invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes ;

(62)重置GUID-page表:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(62) Reset the GUID-page table: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node;

(63)查找有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效物理页号,将找到的有效物理页的状态置为无效;(63) Search for valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and set the status of the found valid physical pages is invalid;

(64)覆写次数判断:对于所有找到的物理页,判断物理页所在物理块的覆写计数是否超过该物理块的覆写次数上限;若没有超过,则进入步骤(65);否则进入步骤(66);(64) Overwrite times judgment: for all found physical pages, judge whether the overwrite count of the physical block where the physical page is located exceeds the upper limit of the overwrite times of the physical block; if not, then enter step (65); otherwise enter step (66);

(65)覆写删除:采用物理页覆写技术安全删除物理页中数据;该物理页所在物理块的覆写计数加1;(65) Overwrite deletion: use the physical page overwrite technology to safely delete the data in the physical page; the overwrite count of the physical block where the physical page is located is increased by 1;

(66)物理块擦除:迁移该物理页所在的物理块中的所有有效物理页,同时更新相应地址映射表和GUID-page表,之后擦除该物理块实现安全删除。(66) Physical block erasure: Migrate all valid physical pages in the physical block where the physical page is located, update the corresponding address mapping table and GUID-page table at the same time, and then erase the physical block to realize safe deletion.

进一步地,所述步骤(7)具体包括:Further, the step (7) specifically includes:

(71)安全删除无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点,采用物理页覆写技术安全删除无效物理页中数据;(71) Safely delete invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes point, use the physical page overwrite technology to safely delete the data in the invalid physical page;

(72)删除页结点:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(72) Delete page node: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node;

(73)安全删除有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效的物理页号,采用物理页覆写技术安全删除有效物理页中数据;(73) Safely delete valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and use physical page overwriting technology for security Delete data in valid physical pages;

(74)更新地址映射表:将找到的有效的物理页置为无效物理页,更新地址映射表。(74) Updating the address mapping table: setting the found valid physical page as an invalid physical page, and updating the address mapping table.

按照本发明的另一方面,提供了一种基于文件级粒度的闪存安全删除系统,该系统包括:According to another aspect of the present invention, a kind of file-level granularity-based flash memory safe deletion system is provided, and the system includes:

GUID分配和封装模块,用于为每个文件分配一个全局唯一标识符GUID,并将文件的GUID封装到文件的写和删除请求中;若是写请求,则进入写入介质判断模块;若是删除请求则进入删除介质判断模块;The GUID allocation and encapsulation module is used to assign a globally unique identifier GUID for each file, and encapsulate the GUID of the file into the write and delete request of the file; if it is a write request, it will enter the write medium judgment module; if it is a delete request Then enter the delete media judging module;

写入介质判断模块,用于判断若存储介质为MLC闪存,则进入MLC闪存成对页分配模块;否则进入文件无效页记录模块;Write medium judging module, be used for judging if storage medium is MLC flash memory, then enter MLC flash memory paired page allocation module; Otherwise enter file invalid page recording module;

MLC闪存成对页分配模块,用于根据写请求的GUID号找到该文件上一次写入的物理页位置,若是低页,则分配该低页对应的高页给写请求,使文件的数据块分布在MLC成对的物理页中;若是高页,则分配空闲低页给写请求;若没有空闲空间,则启动垃圾回收后分配空闲低页给写请求;The MLC flash memory paired page allocation module is used to find the last written physical page position of the file according to the GUID number of the write request. If it is a low page, allocate the high page corresponding to the low page to the write request, so that the data block Distributed in MLC pairs of physical pages; if it is a high page, allocate a free low page to the write request; if there is no free space, start garbage collection and allocate a free low page to the write request;

文件无效页记录模块,用于使用GUID-page表实时地记录每个文件产生的无效物理页;The file invalid page recording module is used to use the GUID-page table to record the invalid physical pages generated by each file in real time;

删除介质判断模块,用于判断若存储介质为MLC闪存,则进入基于MLC闪存的安全删除模块;若存储介质为SLC闪存,则进入基于SLC闪存的安全删除模块;Delete medium judging module, be used for judging if storage medium is MLC flash memory, then enter the safe deletion module based on MLC flash memory; If storage medium is SLC flash memory, then enter the safe deletion module based on SLC flash memory;

基于MLC闪存的安全删除模块,用于根据GUID-page表和删除请求找到要删除文件对应的所有物理页,物理页所在物理块的覆写次数没超上限的采用覆写技术进行安全删除,覆写次数超上限的迁移物理块中的有效页后将物理块擦除来达到安全删除;The secure deletion module based on MLC flash memory is used to find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request. If the number of overwrites of the physical block where the physical page is located does not exceed the upper limit, the overwrite technology is used for secure deletion. After the valid pages in the migrating physical block whose write times exceed the upper limit, the physical block is erased to achieve safe deletion;

基于SLC闪存的安全删除模块,用于根据GUID-page表和删除请求找到要删除的文件对应的所有物理页,再使用物理页覆写技术对这些物理页中数据进行安全删除;The secure deletion module based on SLC flash memory is used to find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request, and then use the physical page overwriting technology to securely delete the data in these physical pages;

元数据的安全删除模块,用于根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页,对元数据所在物理页进行安全删除。The metadata safe deletion module is used to find the physical page where the metadata is located according to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship, and safely delete the physical page where the metadata is located.

进一步地,所述MLC闪存成对页分配模块具体包括:Further, the paired page allocation module of the MLC flash memory specifically includes:

物理页查询单元,用于根据写请求的GUID查找GUID-page表,找到对应GUID-page表中头结点指针指向的页结点的物理页号;The physical page query unit is used to search the GUID-page table according to the GUID of the write request, and find the physical page number corresponding to the page node pointed to by the head node pointer in the GUID-page table;

对页判断单元,用于判断所述物理页号是低页、高页还是物理页号初始值,若是低页,分配所述低页对应的高页给写请求,进入更新物理页号单元;若是高页或者物理页号初始值,则判断固态盘中是否有空闲低页,若有,则分配空闲低页给写请求,进入更新物理页号单元;否则进入垃圾回收单元;The page judging unit is used to judge whether the physical page number is a low page, a high page or the initial value of the physical page number, if it is a low page, allocate the high page corresponding to the low page to the write request, and enter the update physical page number unit; If it is the high page or the initial value of the physical page number, it is judged whether there is a free low page in the solid-state disk, and if so, the free low page is allocated to the write request, and enters the updating physical page number unit; otherwise, enters the garbage collection unit;

垃圾回收单元:用于先迁移要回收的目标块中的有效页,同时根据中有效页对应的GUID查找对应GUID-page表中头结点指针指向的页结点的物理页号,若页结点的物理页号和有效页的物理页号相同,则将页结点的物理页号改为有效页迁移后的物理页号;否则不做处理;之后根据目标块中无效页对应的GUID查找对应GUID-page表,删除GUID-page表中页结点的物理页号等于无效页物理页号的页结点;擦除目标块,之后分配空闲低页给写请求;Garbage collection unit: used to first migrate the valid pages in the target block to be recycled, and at the same time look up the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID corresponding to the valid page in the target block. If the physical page number of the node is the same as the physical page number of the valid page, change the physical page number of the page node to the physical page number after the valid page migration; otherwise, do not process; then search according to the GUID corresponding to the invalid page in the target block Corresponding to the GUID-page table, delete the page node whose physical page number is equal to the physical page number of the invalid page in the GUID-page table; erase the target block, and then allocate the free low page to the write request;

更新物理页号单元,用于将写请求的GUID-page表中头结点指针指向的页结点的物理页号更新为新分配物理页的物理页号。The update physical page number unit is used to update the physical page number of the page node pointed to by the head node pointer in the GUID-page table of the write request to the physical page number of the newly allocated physical page.

进一步地,所述文件无效页记录模块具体包括:Further, the file invalid page recording module specifically includes:

写命中判断单元,用于根据写请求的逻辑地址查找地址映射表,若命中,则进入记录无效物理页单元;否则进入更新地址映射表单元;The write hit judging unit is used to search the address mapping table according to the logical address of the write request. If it hits, it enters the record invalid physical page unit; otherwise, it enters the update address mapping table unit;

记录无效物理页单元,用于将旧物理页的状态置为无效,分配新的GUID-page表的页结点,页结点的物理页号为该旧物理页号,新的页结点链接在写请求的GUID对应的GUID-page表尾部;Record the invalid physical page unit, which is used to invalidate the state of the old physical page, allocate a new page node of the GUID-page table, the physical page number of the page node is the old physical page number, and the new page node link At the end of the GUID-page table corresponding to the GUID of the write request;

更新地址映射表单元,用于更新地址映射表。The update address mapping table unit is used for updating the address mapping table.

进一步地,所述基于MLC闪存的安全删除模块具体包括:Further, the secure deletion module based on MLC flash memory specifically includes:

查找无效物理页单元,用于根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点;Find the invalid physical page unit, which is used to find the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID of the deletion request. All page nodes linked after the page node are invalid physical page nodes ;

重置GUID-page表单元,用于根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;Reset the GUID-page table unit, which is used to delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and re-initialize the head node;

查找有效物理页单元,用于将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效物理页号,将找到的有效物理页的状态置为无效;Find the valid physical page unit, which is used to resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page number, find the corresponding valid physical page number, and set the status of the found valid physical page to is invalid;

覆写次数判断单元,用于对于所有找到的物理页,判断物理页所在物理块的覆写计数是否超过该物理块的覆写次数上限;若没有超过,则进入覆写删除单元;否则进入物理块擦除单元;The overwrite count judging unit is used for all found physical pages to judge whether the overwrite count of the physical block where the physical page is located exceeds the upper limit of the overwrite count of the physical block; if not, enter the overwrite delete unit; otherwise enter the physical block erase unit;

覆写删除单元,用于采用物理页覆写技术安全删除物理页中数据;该物理页所在物理块的覆写计数加1;The overwrite delete unit is used to safely delete data in the physical page by using the physical page overwrite technology; the overwrite count of the physical block where the physical page is located is increased by 1;

物理块擦除单元,用于迁移该物理页所在的物理块中的所有有效物理页,同时更新相应地址映射表和GUID-page表,之后擦除该物理块实现安全删除。The physical block erasing unit is used to migrate all valid physical pages in the physical block where the physical page is located, update the corresponding address mapping table and GUID-page table at the same time, and then erase the physical block to realize safe deletion.

进一步地,所述基于SLC闪存的安全删除模块具体包括:Further, the secure deletion module based on SLC flash memory specifically includes:

安全删除无效物理页单元,用于根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点,采用物理页覆写技术安全删除无效物理页中数据;Securely delete the invalid physical page unit, which is used to find the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID of the deletion request. All page nodes linked after the page node are invalid physical page nodes point, use the physical page overwrite technology to safely delete the data in the invalid physical page;

删除页结点单元,用于根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;The delete page node unit is used to delete all page nodes in the corresponding GUID-page table according to the GUID of the delete request, and reinitialize the head node;

安全删除有效物理页单元,用于将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效的物理页号,采用物理页覆写技术安全删除有效物理页中数据;Safely delete valid physical page units, which are used to resolve the logical address and size of the delete request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and use physical page overwriting technology for security Delete data in valid physical pages;

更新地址映射表单元,用于将找到的有效的物理页置为无效物理页,更新地址映射表。The update address mapping table unit is used to set the found valid physical page as an invalid physical page, and update the address mapping table.

总体而言,通过本发明所构思的以上技术方案与现有技术相比,具有以下技术特征及有益效果:Generally speaking, compared with the prior art, the above technical solution conceived by the present invention has the following technical characteristics and beneficial effects:

(1)相比较块级粒度的安全删除,本发明能减少安全删除对固态盘读写性能的影响,不需要实时安全删除每个文件因修改产生的无效页,只有在用户删除文件时才需要执行安全删除;(1) Compared with the secure deletion of block-level granularity, the present invention can reduce the impact of secure deletion on the read and write performance of solid-state disks, and does not need to securely delete the invalid pages generated by modification of each file in real time, only when the user deletes the file. perform secure deletion;

(2)相比较现有基于MLC的安全删除方法,本发明对MLC闪存的安全删除更高效,解决了安全删除MLC时编程串扰的问题,在安全删除MLC的基础上,减少了对MLC物理容量的浪费;(2) Compared with the existing secure deletion method based on MLC, the present invention is more efficient for secure deletion of MLC flash memory, solves the problem of programming crosstalk during secure deletion of MLC, and reduces the physical capacity of MLC on the basis of secure deletion of MLC waste of

附图说明Description of drawings

图1是MLC闪存单元写入顺序示意图;Fig. 1 is a schematic diagram of the writing sequence of the MLC flash memory unit;

图2是本发明方法的实施流程图;Fig. 2 is the implementation flowchart of the inventive method;

图3是GUID_page表的结构示意图;Fig. 3 is a schematic structural diagram of the GUID_page table;

图4是GUID分配与封装的流程图;Fig. 4 is a flowchart of GUID allocation and encapsulation;

图5是分配MLC闪存成对页的流程图;Fig. 5 is the flowchart of allocating paired pages of MLC flash memory;

图6是记录文件的无效页的流程图;Fig. 6 is the flowchart of the invalid page of recording file;

图7是SLC闪存的安全删除的流程图;Fig. 7 is the flowchart of the secure deletion of SLC flash memory;

图8是MLC闪存的安全删除的流程图;Fig. 8 is the flowchart of the secure deletion of MLC flash memory;

图9是元数据安全删除的流程图。Fig. 9 is a flow chart of secure deletion of metadata.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。此外,下面所描述的本发明各个实施方式中所涉及到的技术特征只要彼此之间未构成冲突就可以相互组合。In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

如图2所示,本发明方法包括以下步骤:As shown in Figure 2, the inventive method comprises the following steps:

(1)GUID分配和封装:为每个文件分配一个全局唯一标识符GUID,并将文件的GUID封装到文件的写和删除请求中;若是写请求,则进入步骤(2);若是删除请求则进入步骤(5);(1) GUID allocation and encapsulation: assign a globally unique identifier GUID for each file, and encapsulate the GUID of the file into the write and delete request of the file; if it is a write request, then enter step (2); if it is a delete request, then Go to step (5);

(2)写入介质判断:若存储介质为MLC闪存,则进入步骤(3);否则进入步骤(4);(2) Write medium judgment: if the storage medium is MLC flash memory, then enter step (3); otherwise enter step (4);

(3)分配MLC闪存成对页:根据写请求的GUID号找到该文件上一次写入的物理页位置,若是低页,则分配该低页对应的高页给写请求,使文件的数据块分布在MLC成对的物理页中;若是高页,则分配空闲低页给写请求;若没有空闲空间,则启动垃圾回收后分配空闲低页给写请求;(3) Allocate paired pages of MLC flash memory: find the last physical page location of the file according to the GUID number of the write request, if it is a low page, allocate the high page corresponding to the low page to the write request, so that the data block of the file Distributed in MLC pairs of physical pages; if it is a high page, allocate a free low page to the write request; if there is no free space, start garbage collection and allocate a free low page to the write request;

(4)记录文件的无效页:使用GUID-page表实时地记录每个文件产生的无效物理页;(4) Invalid page of record file: use GUID-page table to record the invalid physical page produced by each file in real time;

(5)删除介质判断:若存储介质为MLC闪存,则进入步骤(6);若存储介质为SLC闪存,则进入步骤(7);(5) Deletion medium judgment: if the storage medium is MLC flash memory, then enter step (6); if the storage medium is SLC flash memory, then enter step (7);

(6)基于MLC闪存的安全删除:根据GUID-page表和删除请求找到要删除文件对应的所有物理页,物理页所在物理块的覆写次数没超上限的采用覆写技术进行安全删除,覆写次数超上限的迁移物理块中的有效页后将物理块擦除来达到安全删除;(6) Safe deletion based on MLC flash memory: Find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request. If the number of overwrites of the physical block where the physical page is located does not exceed the upper limit, the overwrite technology is used for safe deletion. After the valid pages in the migrating physical block whose write times exceed the upper limit, the physical block is erased to achieve safe deletion;

(7)基于SLC闪存的安全删除:根据GUID-page表和删除请求找到要删除的文件对应的所有物理页,再使用物理页覆写技术对这些物理页中数据进行安全删除;(7) Safe deletion based on SLC flash memory: find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request, and then use the physical page overwriting technology to safely delete the data in these physical pages;

(8)元数据的安全删除:根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页,对元数据所在物理页进行安全删除。(8) Secure deletion of metadata: According to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship, the physical page where the metadata is located is found, and the physical page where the metadata is located is safely deleted.

如图3所示,本技术方案所述GUID-page表结构为:As shown in Figure 3, the GUID-page table structure described in this technical solution is:

每个GUID-page表的头结点包括GUID号和一个指向页结点的指针,每个页结点包括物理页号和指向下一个页结点的指针;MLC闪存的GUID-page表除了头结点指向的第一个页结点为有效页结点,除此之外其他页结点均为无效页结点;SLC闪存的GUID-page表中的页结点均为无效页结点。The header node of each GUID-page table includes a GUID number and a pointer to the page node, and each page node includes a physical page number and a pointer to the next page node; the GUID-page table of MLC flash memory is in addition to the header The first page node pointed to by the node is a valid page node, and other page nodes are all invalid page nodes; the page nodes in the GUID-page table of the SLC flash memory are all invalid page nodes.

如图4所示为GUID的分配和封装流程,由于固态盘的异地更新特性,每个文件的数据块可能在固态盘里存在很多无效页副本,现有的文件系统不知道文件的无效页副本在硬件中的存储位置,因此本技术方案在文件系统层增添GUID的分配与封装过程,给每个文件分配一个GUID来唯一标识每个文件,并将该文件的GUID封装到该文件的写请求或删除请求中,将包含GUID的写请求或删除请求传递给通用块层,再传递到驱动层,再传递到设备层,使设备可以通过GUID掌握文件数据块的存储位置。Figure 4 shows the GUID allocation and encapsulation process. Due to the off-site update feature of the solid-state disk, there may be many invalid page copies of the data block of each file in the solid-state disk. The existing file system does not know the invalid page copies of the file. The storage location in the hardware, so this technical solution adds a GUID allocation and encapsulation process at the file system layer, assigns a GUID to each file to uniquely identify each file, and encapsulates the GUID of the file into the write request of the file Or in the delete request, the write request or delete request containing the GUID is passed to the general block layer, then to the driver layer, and then to the device layer, so that the device can grasp the storage location of the file data block through the GUID.

在现有的系统中,文件系统在删除文件的时候,只删除了文件的元数据,并没有删除文件的数据块。为实现单个文件的安全删除,需要开启Trim功能。即所述删除请求为Trim命令,当用户删除文件时,操作系统将发送Trim指令,文件系统接收到Trim指令后,将要删除的文件的GUID包装入Trim请求中,传送到通用块层,再传送到驱动层,再传送到设备层,通知控制器哪些物理页可以置为无效了。In the existing system, when the file system deletes a file, only the metadata of the file is deleted, and the data blocks of the file are not deleted. To implement secure deletion of a single file, the Trim function needs to be enabled. That is, the deletion request is a Trim command. When the user deletes a file, the operating system will send the Trim command. After the file system receives the Trim command, it will pack the GUID of the file to be deleted into the Trim request, transmit it to the general block layer, and then transmit to the driver layer, and then sent to the device layer to inform the controller which physical pages can be invalidated.

本技术方案实施例中操作系统、文件系统、驱动层均支持Trim指令的发送和传输,设备层也支持Trim命令的处理。In the embodiment of the technical solution, the operating system, the file system, and the driver layer all support the sending and transmission of the Trim command, and the device layer also supports the processing of the Trim command.

当删除某文件时,可以通过删除请求的GUID查找该文件对应的无效页副本,并通过删除请求的数据段查找该文件对应的有效页;具体实施例流程如下:When deleting a certain file, the invalid page copy corresponding to the file can be searched by the GUID of the deletion request, and the valid page corresponding to the file can be found by the data segment of the deletion request; the specific embodiment process is as follows:

(11)将要执行写或者删除的文件的索引节点inode号记录为文件的GUID;(11) record the index node inode number of the file to be written or deleted as the GUID of the file;

(12)将文件的GUID封装到文件的写和删除请求中。(12) Encapsulate the GUID of the file into the write and delete requests of the file.

如图5所示为分配MLC闪存成对页流程,由于MLC闪存芯片对写入顺序有严格要求,必须先写成对页中的低页,再写成对页中的高页,否则会造成数据错误;且成对页之间存在编程串扰,覆写成对页中的某个页时,将导致成对页中的另一个页的数据发生错误,因此基于MLC闪存的安全删除很难实现,本技术方案采用一种全新的物理页分配方式即成对分配方式,具体流程如下:As shown in Figure 5, it is the process of allocating paired pages of MLC flash memory. Since the MLC flash memory chip has strict requirements on the writing order, it must be written to the lower page of the paired pages first, and then written to the upper page of the paired pages, otherwise data errors will occur. ; and there is programming crosstalk between the paired pages. When overwriting a certain page in the paired pages, it will cause an error in the data of another page in the paired pages. Therefore, it is difficult to implement secure deletion based on MLC flash memory. This technology The scheme adopts a new physical page allocation method, that is, the paired allocation method. The specific process is as follows:

(31)物理页查询:根据写请求的GUID查找GUID-page表,找到对应GUID-page表中头结点指针指向的页结点的物理页号;(31) Physical page query: search the GUID-page table according to the GUID of the write request, and find the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table;

(32)对页判断:判断所述物理页号是低页、高页还是物理页号初始值,若是低页,分配所述低页对应的高页给写请求,进入步骤(35);若是高页或者物理页号初始值,则判断固态盘中是否有空闲低页,若有,则分配空闲低页给写请求,进入步骤(34);否则进入步骤(33);(32) Judging the page: judging whether the physical page number is a low page, a high page or the initial value of the physical page number, if it is a low page, allocate the high page corresponding to the low page to the write request, and enter step (35); if High page or initial value of physical page number, then judge whether there is free low page in the solid-state disk, if yes, then allocate free low page to write request, enter step (34); Otherwise enter step (33);

(33)垃圾回收:先迁移要回收的目标块中的有效页,同时根据有效页对应的GUID查找对应GUID-page表中头结点指针指向的页结点的物理页号,若页结点的物理页号和有效页的物理页号相同,则将页结点的物理页号改为有效页迁移后的物理页号;否则不做处理;之后根据目标块中无效页对应的GUID查找对应GUID-page表,删除GUID-page表中页结点的物理页号等于无效页物理页号的页结点;擦除目标块,之后分配空闲低页给写请求;(33) Garbage collection: first migrate the valid pages in the target block to be recycled, and at the same time look up the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID corresponding to the valid page, if the page node If the physical page number of the valid page is the same as the physical page number of the valid page, change the physical page number of the page node to the physical page number after the valid page migration; otherwise, do not process; then find the corresponding page according to the GUID corresponding to the invalid page in the target block GUID-page table, delete the page node whose physical page number is equal to the physical page number of the invalid page in the GUID-page table; erase the target block, and then allocate the free low page to the write request;

(34)更新物理页号:将写请求的GUID-page表中头结点指针指向的页结点的物理页号更新为新分配物理页的物理页号。(34) Update the physical page number: update the physical page number of the page node pointed to by the head node pointer in the GUID-page table of the write request to the physical page number of the newly allocated physical page.

这样做的好处是,对文件进行安全删除时,可以将文件对应的高、低页一起覆写,避免了覆写MLC时成对页之间的编程串扰带来的数据错误问题。The advantage of this is that when the file is safely deleted, the corresponding high and low pages of the file can be overwritten together, avoiding the data error problem caused by the programming crosstalk between the paired pages when overwriting the MLC.

如图6所示为记录文件的无效页流程,为了实现闪存文件级的安全删除,不仅需要安全删除文件在固态盘中的对应的有效页,还需要安全删除文件因修改产生的无效页副本;因此,需要实时地记录每个文件产生的无效物理页和有效物理页;其中文件对应的有效物理页可以通过删除命令找到,即在用户删除文件时,设备层将接收到的删除命令的数据段解析成多个逻辑页号,通过查找地址映射表得到文件对应的有效物理页号;但由于映射表的一一对应关系,不能通过逻辑页号找到文件对应的无效物理页;因此需要一种方案来记录文件对应的无效物理页;具体流程如下:As shown in Figure 6, the invalid page process of the record file is shown. In order to realize the safe deletion of the flash file level, not only the corresponding valid page of the file in the solid-state disk needs to be safely deleted, but also the copy of the invalid page generated by the modification of the file needs to be safely deleted; Therefore, it is necessary to record the invalid physical page and valid physical page generated by each file in real time; the valid physical page corresponding to the file can be found through the delete command, that is, when the user deletes the file, the data segment of the delete command received by the device layer Parse it into multiple logical page numbers, and obtain the valid physical page number corresponding to the file by looking up the address mapping table; but due to the one-to-one correspondence of the mapping table, the invalid physical page corresponding to the file cannot be found through the logical page number; therefore, a solution is needed To record the invalid physical page corresponding to the file; the specific process is as follows:

(41)写命中判断:根据写请求的逻辑地址查找地址映射表,若命中,则进入步骤(42);否则进入步骤(43);(41) Write hit judgment: look up the address mapping table according to the logical address of the write request, if hit, then enter step (42); otherwise enter step (43);

(42)记录无效物理页:将旧物理页的状态置为无效,分配新的GUID-page表的页结点,页结点的物理页号为该旧物理页号,新的页结点链接在写请求的GUID对应的GUID-page表尾部;(42) Record invalid physical page: invalidate the state of the old physical page, allocate a new page node of the GUID-page table, the physical page number of the page node is the old physical page number, and the new page node link At the end of the GUID-page table corresponding to the GUID of the write request;

(43)更新地址映射表:更新地址映射表。(43) Updating the address mapping table: updating the address mapping table.

如图7所示为SLC闪存的安全删除的流程,目前市面上的SLC闪存都基本支持覆盖写入(只能将“1”改为“0”),即可在擦除前对物理页进行覆写(即第二次写操作),而对闪存的错误率并不产生明显的影响;因此,对于SLC闪存,本技术方案实时记录每个文件在编辑和修改过程中产生的无效物理页,删除文件时,通过删除命令的GUID和数据段找到该文件对应的所有有效物理页和无效物理页,再使用物理页覆写方法对这些物理页进行覆写,从而实现SLC闪存的文件级安全删除;具体流程如下:Figure 7 shows the safe deletion process of SLC flash memory. At present, all SLC flash memories on the market basically support overwriting (only "1" can be changed to "0"), and the physical page can be deleted before erasing. Overwriting (i.e. the second write operation) does not have a significant impact on the error rate of flash memory; therefore, for SLC flash memory, this technical solution records in real time the invalid physical pages that each file generates during editing and modification, When deleting a file, find all valid physical pages and invalid physical pages corresponding to the file through the GUID and data segment of the delete command, and then use the physical page overwriting method to overwrite these physical pages, thereby realizing file-level secure deletion of SLC flash memory ; The specific process is as follows:

(71)安全删除无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点,采用物理页覆写技术安全删除无效物理页中数据;(71) Safely delete invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes point, use the physical page overwrite technology to safely delete the data in the invalid physical page;

(72)删除页结点:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(72) Delete page node: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node;

(73)安全删除有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效的物理页号,采用物理页覆写技术安全删除有效物理页中数据;(73) Safely delete valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and use physical page overwriting technology for security Delete data in valid physical pages;

(74)更新地址映射表:将找到的有效的物理页置为无效物理页,更新地址映射表。(74) Updating the address mapping table: setting the found valid physical page as an invalid physical page, and updating the address mapping table.

如图8是MLC闪存的安全删除的流程,本技术方案进行基于MLC删除的安全删除时,通过、删除命令的GUID和数据段找到该文件对应的所有有效物理页和无效物理页,同时安全删除文件在MLC闪存中对应的高页和低页,避免编程串扰的影响;通过测试MLC闪存的每个块能承受的覆写页数,设置覆写阈值,当MLC闪存中某个块被覆写的页数超过了覆写阈值时,不再使用物理页覆写方法进行安全删除,而是迁移该块中的有效页,将该块擦除来达到安全删除的目的;具体流程如下:Figure 8 is the process of secure deletion of MLC flash memory. When this technical solution performs secure deletion based on MLC deletion, find all valid physical pages and invalid physical pages corresponding to the file through the GUID and data segment of the delete command, and delete them securely at the same time. The corresponding high page and low page of the file in the MLC flash memory avoid the influence of programming crosstalk; by testing the number of overwritten pages that each block of the MLC flash memory can withstand, set the overwrite threshold, when a block in the MLC flash memory is overwritten When the number of pages exceeds the overwriting threshold, the physical page overwriting method is no longer used for safe deletion, but the valid pages in the block are migrated, and the block is erased to achieve the purpose of safe deletion; the specific process is as follows:

(61)查找无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点;(61) Find invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes ;

(62)重置GUID-page表:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(62) Reset the GUID-page table: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node;

(63)查找有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效物理页号,将找到的有效物理页的状态置为无效;(63) Search for valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and set the status of the found valid physical pages is invalid;

(64)覆写次数判断:对于所有找到的物理页,判断物理页所在物理块的覆写计数是否超过该物理块的覆写次数上限;若没有超过,则进入步骤(65);否则进入步骤(66);(64) Overwrite times judgment: for all found physical pages, judge whether the overwrite count of the physical block where the physical page is located exceeds the upper limit of the overwrite times of the physical block; if not, then enter step (65); otherwise enter step (66);

(65)覆写删除:采用物理页覆写技术安全删除物理页中数据;该物理页所在物理块的覆写计数加1;(65) Overwrite deletion: use the physical page overwrite technology to safely delete the data in the physical page; the overwrite count of the physical block where the physical page is located is increased by 1;

(66)物理块擦除:迁移该物理页所在的物理块中的所有有效物理页,同时更新相应地址映射表和GUID-page表,之后擦除该物理块实现安全删除。(66) Physical block erasure: Migrate all valid physical pages in the physical block where the physical page is located, update the corresponding address mapping table and GUID-page table at the same time, and then erase the physical block to realize safe deletion.

如图9是元数据安全删除的流程,当文件的数据块安全删除后,文件的元数据信息如文件的名称、inode结点、映射信息等元数据仍该残留在闪存中,会泄露文件信息。因此,需要进一步对该文件相关的元数据进行安全删除,来彻底消除痕迹;具体流程如下:Figure 9 shows the process of secure deletion of metadata. After the data blocks of the file are safely deleted, the metadata information of the file, such as the name of the file, the inode node, and the mapping information, should still remain in the flash memory, which will leak the file information. . Therefore, it is necessary to further securely delete the metadata related to the file to completely eliminate traces; the specific process is as follows:

(81)根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页;(81) Find the physical page where the metadata is located according to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship;

(82)判断该物理页是否已经被安全删除过,若是,则结束删除;否则对元数据所在物理页进行安全删除,即采用物理页覆写技术覆写这些物理页中的数据,并标志该页已经被安全删除。(82) Determine whether the physical page has been safely deleted, and if so, end the deletion; otherwise, perform safe deletion on the physical page where the metadata is located, that is, use the physical page overwriting technology to overwrite the data in these physical pages, and mark the Page has been safely deleted.

本领域的技术人员容易理解,以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。Those skilled in the art can easily understand that the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention, All should be included within the protection scope of the present invention.

Claims (8)

1.一种基于文件级粒度的闪存安全删除方法,其特征在于,所述方法具体包括:1. A flash memory security deletion method based on file level granularity, is characterized in that, described method specifically comprises: (1)GUID分配和封装:为每个文件分配一个全局唯一标识符GUID,并将文件的GUID封装到文件的写和删除请求中;若是写请求,则进入步骤(2);若是删除请求则进入步骤(5);(1) GUID allocation and encapsulation: assign a globally unique identifier GUID for each file, and encapsulate the GUID of the file into the write and delete request of the file; if it is a write request, then enter step (2); if it is a delete request, then Go to step (5); (2)写入介质判断:若存储介质为MLC闪存,则进入步骤(3);否则进入步骤(4);(2) Write medium judgment: if the storage medium is MLC flash memory, then enter step (3); otherwise enter step (4); (3)分配MLC闪存成对页:根据写请求的GUID号找到该文件上一次写入的物理页位置,若是低页,则分配该低页对应的高页给写请求,使文件的数据块分布在MLC成对的物理页中;若是高页,则分配空闲低页给写请求;若没有空闲低页,则启动垃圾回收后分配空闲低页给写请求;(3) Allocate paired pages of MLC flash memory: find the last physical page location of the file according to the GUID number of the write request, if it is a low page, allocate the high page corresponding to the low page to the write request, so that the data block of the file Distributed in MLC pairs of physical pages; if it is a high page, allocate a free low page to the write request; if there is no free low page, start garbage collection and allocate a free low page to the write request; (4)记录文件的无效页:使用GUID-page表实时地记录每个文件产生的无效物理页;(4) Invalid page of record file: use GUID-page table to record the invalid physical page produced by each file in real time; (5)删除介质判断:若存储介质为MLC闪存,则进入步骤(6);若存储介质为SLC闪存,则进入步骤(7);(5) Deletion medium judgment: if the storage medium is MLC flash memory, then enter step (6); if the storage medium is SLC flash memory, then enter step (7); (6)基于MLC闪存的安全删除:根据GUID-page表和删除请求找到要删除文件对应的所有物理页,物理页所在物理块的覆写次数没超上限的采用覆写技术进行安全删除,覆写次数超上限的迁移物理块中的有效页后将物理块擦除来达到安全删除;(6) Safe deletion based on MLC flash memory: Find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request. If the number of overwrites of the physical block where the physical page is located does not exceed the upper limit, the overwrite technology is used for safe deletion. After the valid pages in the migrating physical block whose write times exceed the upper limit, the physical block is erased to achieve safe deletion; 所述步骤(6)具体包括:Described step (6) specifically comprises: (61)查找无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点;(61) Find invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes ; (62)重置GUID-page表:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(62) Reset the GUID-page table: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node; (63)查找有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效物理页号,将找到的有效物理页的状态置为无效;(63) Search for valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and set the status of the found valid physical pages is invalid; (64)覆写次数判断:对于所有找到的物理页,判断物理页所在物理块的覆写计数是否超过该物理块的覆写次数上限;若没有超过,则进入步骤(65);否则进入步骤(66);(64) Overwrite times judgment: for all found physical pages, judge whether the overwrite count of the physical block where the physical page is located exceeds the upper limit of the overwrite times of the physical block; if not, then enter step (65); otherwise enter step (66); (65)覆写删除:采用物理页覆写技术安全删除物理页中数据;该物理页所在物理块的覆写计数加1;(65) Overwrite deletion: use the physical page overwrite technology to safely delete the data in the physical page; the overwrite count of the physical block where the physical page is located is increased by 1; (66)物理块擦除:迁移该物理页所在的物理块中的所有有效物理页,同时更新相应地址映射表和GUID-page表,之后擦除该物理块实现安全删除;(7)基于SLC闪存的安全删除:根据GUID-page表和删除请求找到要删除的文件对应的所有物理页,再使用物理页覆写技术对这些物理页中数据进行安全删除;(66) Physical block erasure: Migrate all valid physical pages in the physical block where the physical page is located, update the corresponding address mapping table and GUID-page table at the same time, and then erase the physical block to realize safe deletion; (7) based on SLC Safe deletion of flash memory: Find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request, and then use the physical page overwriting technology to safely delete the data in these physical pages; (8)元数据的安全删除:根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页,对元数据所在物理页进行安全删除。(8) Secure deletion of metadata: According to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship, the physical page where the metadata is located is found, and the physical page where the metadata is located is safely deleted. 2.根据权利要求1所述的一种基于文件级粒度的闪存安全删除方法,其特征在于,所述步骤(3)具体包括:2. A kind of flash memory safe deletion method based on file-level granularity according to claim 1, is characterized in that, described step (3) specifically comprises: (31)物理页查询:根据写请求的GUID查找GUID-page表,找到对应GUID-page表中头结点指针指向的页结点的物理页号;(31) Physical page query: search the GUID-page table according to the GUID of the write request, and find the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table; (32)对页判断:判断所述物理页号是低页、高页还是物理页号初始值,若是低页,分配所述低页对应的高页给写请求,进入步骤(35);若是高页或者物理页号初始值,则判断固态盘中是否有空闲低页,若有,则分配空闲低页给写请求,进入步骤(34);否则进入步骤(33);(32) Judging the page: judging whether the physical page number is a low page, a high page or the initial value of the physical page number, if it is a low page, allocate the high page corresponding to the low page to the write request, and enter step (35); if High page or initial value of physical page number, then judge whether there is free low page in the solid-state disk, if yes, then allocate free low page to write request, enter step (34); Otherwise enter step (33); (33)垃圾回收:先迁移要回收的目标块中的有效页,同时根据有效页对应的GUID查找对应GUID-page表中头结点指针指向的页结点的物理页号,若页结点的物理页号和有效页的物理页号相同,则将页结点的物理页号改为有效页迁移后的物理页号;否则不做处理;之后根据目标块中无效页对应的GUID查找对应GUID-page表,删除GUID-page表中页结点的物理页号等于无效页物理页号的页结点;擦除目标块,之后分配空闲低页给写请求;(33) Garbage collection: first migrate the valid pages in the target block to be recycled, and at the same time look up the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID corresponding to the valid page, if the page node If the physical page number of the valid page is the same as the physical page number of the valid page, change the physical page number of the page node to the physical page number after the valid page migration; otherwise, do not process; then find the corresponding page according to the GUID corresponding to the invalid page in the target block GUID-page table, delete the page node whose physical page number is equal to the physical page number of the invalid page in the GUID-page table; erase the target block, and then allocate the free low page to the write request; (34)更新物理页号:将写请求的GUID-page表中头结点指针指向的页结点的物理页号更新为新分配物理页的物理页号。(34) Update the physical page number: update the physical page number of the page node pointed to by the head node pointer in the GUID-page table of the write request to the physical page number of the newly allocated physical page. 3.根据权利要求1所述的一种基于文件级粒度的闪存安全删除方法,其特征在于,所述步骤(4)具体包括:3. A kind of flash memory safe deletion method based on file level granularity according to claim 1, is characterized in that, described step (4) specifically comprises: (41)写命中判断:根据写请求的逻辑地址查找地址映射表,若命中,则进入步骤(42);否则进入步骤(43);(41) Write hit judgment: look up the address mapping table according to the logical address of the write request, if hit, then enter step (42); otherwise enter step (43); (42)记录无效物理页:将旧物理页的状态置为无效,分配新的GUID-page表的页结点,页结点的物理页号为该旧物理页的页号,新的页结点链接在写请求的GUID对应的GUID-page表尾部;(42) Record invalid physical page: the state of the old physical page is invalidated, and the page node of the new GUID-page table is allocated, and the physical page number of the page node is the page number of the old physical page, and the new page node Click the link at the end of the GUID-page table corresponding to the GUID of the write request; (43)更新地址映射表:更新地址映射表。(43) Updating the address mapping table: updating the address mapping table. 4.根据权利要求1所述的一种基于文件级粒度的闪存安全删除方法,其特征在于,所述步骤(7)具体包括:4. A kind of flash memory safe deletion method based on file level granularity according to claim 1, is characterized in that, described step (7) specifically comprises: (71)安全删除无效物理页:根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点,采用物理页覆写技术安全删除无效物理页中数据;(71) Safely delete invalid physical pages: According to the GUID of the deletion request, search for the page node pointed to by the head node pointer in the corresponding GUID-page table, and all page nodes linked after the page node are invalid physical page nodes point, use the physical page overwrite technology to safely delete the data in the invalid physical page; (72)删除页结点:根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;(72) Delete page node: delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and reinitialize the head node; (73)安全删除有效物理页:将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效的物理页号,采用物理页覆写技术安全删除有效物理页中数据;(73) Safely delete valid physical pages: resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and use physical page overwriting technology for security Delete data in valid physical pages; (74)更新地址映射表:将找到的有效的物理页置为无效物理页,更新地址映射表。(74) Updating the address mapping table: setting the found valid physical page as an invalid physical page, and updating the address mapping table. 5.一种基于文件级粒度的闪存安全删除系统,其特征在于,所述系统具体包括:5. A flash memory security deletion system based on file level granularity, is characterized in that, described system specifically comprises: GUID分配和封装模块,用于为每个文件分配一个全局唯一标识符GUID,并将文件的GUID封装到文件的写和删除请求中;若是写请求,则进入写入介质判断模块;若是删除请求则进入删除介质判断模块;The GUID allocation and encapsulation module is used to assign a globally unique identifier GUID for each file, and encapsulate the GUID of the file into the write and delete request of the file; if it is a write request, it will enter the write medium judgment module; if it is a delete request Then enter the delete media judging module; 写入介质判断模块,用于判断若存储介质为MLC闪存,则进入MLC闪存成对页分配模块;否则进入文件无效页记录模块;Write medium judging module, be used for judging if storage medium is MLC flash memory, then enter MLC flash memory paired page allocation module; Otherwise enter file invalid page recording module; MLC闪存成对页分配模块,用于根据写请求的GUID号找到该文件上一次写入的物理页位置,若是低页,则分配该低页对应的高页给写请求,使文件的数据块分布在MLC成对的物理页中;若是高页,则分配空闲低页给写请求;若没有空闲空间,则启动垃圾回收后分配空闲低页给写请求;The MLC flash memory paired page allocation module is used to find the last written physical page position of the file according to the GUID number of the write request. If it is a low page, allocate the high page corresponding to the low page to the write request, so that the data block Distributed in MLC pairs of physical pages; if it is a high page, allocate a free low page to the write request; if there is no free space, start garbage collection and allocate a free low page to the write request; 文件无效页记录模块,用于使用GUID-page表实时地记录每个文件产生的无效物理页;The file invalid page recording module is used to use the GUID-page table to record the invalid physical pages generated by each file in real time; 删除介质判断模块,用于判断若存储介质为MLC闪存,则进入基于MLC闪存的安全删除模块;若存储介质为SLC闪存,则进入基于SLC闪存的安全删除模块;Delete medium judging module, be used for judging if storage medium is MLC flash memory, then enter the safe deletion module based on MLC flash memory; If storage medium is SLC flash memory, then enter the safe deletion module based on SLC flash memory; 基于MLC闪存的安全删除模块,用于根据GUID-page表和删除请求找到要删除文件对应的所有物理页,物理页所在物理块的覆写次数没超上限的采用覆写技术进行安全删除,覆写次数超上限的迁移物理块中的有效页后将物理块擦除来达到安全删除;The secure deletion module based on MLC flash memory is used to find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request. If the number of overwrites of the physical block where the physical page is located does not exceed the upper limit, the overwrite technology is used for secure deletion. After the valid pages in the migrating physical block whose write times exceed the upper limit, the physical block is erased to achieve safe deletion; 所述基于MLC闪存的安全删除模块具体包括:The secure deletion module based on MLC flash memory specifically includes: 查找无效物理页单元,用于根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点;Find the invalid physical page unit, which is used to find the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID of the deletion request. All page nodes linked after the page node are invalid physical page nodes ; 重置GUID-page表单元,用于根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;Reset the GUID-page table unit, which is used to delete all page nodes in the corresponding GUID-page table according to the GUID of the deletion request, and re-initialize the head node; 查找有效物理页单元,用于将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效物理页号,将找到的有效物理页的状态置为无效;Find the valid physical page unit, which is used to resolve the logical address and size of the deletion request into multiple logical page numbers, search the address mapping table according to the logical page number, find the corresponding valid physical page number, and set the status of the found valid physical page to is invalid; 覆写次数判断单元,用于对于所有找到的物理页,判断物理页所在物理块的覆写计数是否超过该物理块的覆写次数上限;若没有超过,则进入覆写删除单元;否则进入物理块擦除单元;The overwrite count judging unit is used for all found physical pages to judge whether the overwrite count of the physical block where the physical page is located exceeds the upper limit of the overwrite count of the physical block; if not, enter the overwrite delete unit; otherwise enter the physical block erase unit; 覆写删除单元,用于采用物理页覆写技术安全删除物理页中数据;该物理页所在物理块的覆写计数加1;The overwrite delete unit is used to safely delete data in the physical page by using the physical page overwrite technology; the overwrite count of the physical block where the physical page is located is increased by 1; 物理块擦除单元,用于迁移该物理页所在的物理块中的所有有效物理页,同时更新相应地址映射表和GUID-page表,之后擦除该物理块实现安全删除;The physical block erase unit is used to migrate all valid physical pages in the physical block where the physical page is located, and update the corresponding address mapping table and GUID-page table at the same time, and then erase the physical block to realize safe deletion; 基于SLC闪存的安全删除模块,用于根据GUID-page表和删除请求找到要删除的文件对应的所有物理页,再使用物理页覆写技术对这些物理页中数据进行安全删除;The secure deletion module based on SLC flash memory is used to find all the physical pages corresponding to the file to be deleted according to the GUID-page table and the deletion request, and then use the physical page overwriting technology to securely delete the data in these physical pages; 元数据的安全删除模块,用于根据文件删除操作产生的元数据修改请求和映射关系的修改,找到元数据所在的物理页,对元数据所在物理页进行安全删除。The metadata safe deletion module is used to find the physical page where the metadata is located according to the metadata modification request generated by the file deletion operation and the modification of the mapping relationship, and safely delete the physical page where the metadata is located. 6.根据权利要求5所述的一种基于文件级粒度的闪存安全删除系统,其特征在于,所述MLC闪存成对页分配模块具体包括:6. a kind of flash memory safe deletion system based on file level granularity according to claim 5, is characterized in that, described MLC flash memory paired page allocation module specifically comprises: 物理页查询单元,用于根据写请求的GUID查找GUID-page表,找到对应GUID-page表中头结点指针指向的页结点的物理页号;The physical page query unit is used to search the GUID-page table according to the GUID of the write request, and find the physical page number corresponding to the page node pointed to by the head node pointer in the GUID-page table; 对页判断单元,用于判断所述物理页号是低页、高页还是物理页号初始值,若是低页,分配所述低页对应的高页给写请求,进入更新物理页号单元;若是高页或者物理页号初始值,则判断固态盘中是否有空闲低页,若有,则分配空闲低页给写请求,进入更新物理页号单元;否则进入垃圾回收单元;The page judging unit is used to judge whether the physical page number is a low page, a high page or the initial value of the physical page number, if it is a low page, allocate the high page corresponding to the low page to the write request, and enter the update physical page number unit; If it is the high page or the initial value of the physical page number, it is judged whether there is a free low page in the solid-state disk, and if so, the free low page is allocated to the write request, and enters the updating physical page number unit; otherwise, enters the garbage collection unit; 垃圾回收单元:用于先迁移要回收的目标块中的有效页,同时根据有效页对应的GUID查找对应GUID-page表中头结点指针指向的页结点的物理页号,若页结点的物理页号和有效页的物理页号相同,则将页结点的物理页号改为有效页迁移后的物理页号;否则不做处理;之后根据目标块中无效页对应的GUID查找对应GUID-page表,删除GUID-page表中页结点的物理页号等于无效页物理页号的页结点;擦除目标块,之后分配空闲低页给写请求;Garbage collection unit: used to first migrate the valid pages in the target block to be recycled, and at the same time look up the physical page number of the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID corresponding to the valid page, if the page node If the physical page number of the valid page is the same as the physical page number of the valid page, change the physical page number of the page node to the physical page number after the valid page migration; otherwise, do not process; then find the corresponding page according to the GUID corresponding to the invalid page in the target block GUID-page table, delete the page node whose physical page number is equal to the physical page number of the invalid page in the GUID-page table; erase the target block, and then allocate the free low page to the write request; 更新物理页号单元,用于将写请求的GUID-page表中头结点指针指向的页结点的物理页号更新为新分配物理页的物理页号。The update physical page number unit is used to update the physical page number of the page node pointed to by the head node pointer in the GUID-page table of the write request to the physical page number of the newly allocated physical page. 7.根据权利要求5所述的一种基于文件级粒度的闪存安全删除系统,其特征在于,所述文件无效页记录模块具体包括:7. A kind of flash memory safe deletion system based on file level granularity according to claim 5, is characterized in that, described file invalid page recording module specifically comprises: 写命中判断单元,用于根据写请求的逻辑地址查找地址映射表,若命中,则进入记录无效物理页单元;否则进入更新地址映射表单元;The write hit judging unit is used to search the address mapping table according to the logical address of the write request. If it hits, it enters the record invalid physical page unit; otherwise, it enters the update address mapping table unit; 记录无效物理页单元,用于将旧物理页的状态置为无效,分配新的GUID-page表的页结点,页结点的物理页号为该旧物理页的页号,新的页结点链接在写请求的GUID对应的GUID-page表尾部;Record the invalid physical page unit, which is used to invalidate the state of the old physical page, and allocate the page node of the new GUID-page table. The physical page number of the page node is the page number of the old physical page, and the new page node Click the link at the end of the GUID-page table corresponding to the GUID of the write request; 更新地址映射表单元,用于更新地址映射表。The update address mapping table unit is used for updating the address mapping table. 8.根据权利要求5所述的一种基于文件级粒度的闪存安全删除系统,其特征在于,所述基于SLC闪存的安全删除模块具体包括:8. A kind of flash memory safe deletion system based on file level granularity according to claim 5, is characterized in that, described safe deletion module based on SLC flash memory specifically comprises: 安全删除无效物理页单元,用于根据删除请求的GUID,查找对应GUID-page表中的头结点指针指向的页结点,该页结点后链接的所有页结点均为无效物理页结点,采用物理页覆写技术安全删除无效物理页中数据;Securely delete the invalid physical page unit, which is used to find the page node pointed to by the head node pointer in the corresponding GUID-page table according to the GUID of the deletion request. All page nodes linked after the page node are invalid physical page nodes point, use the physical page overwrite technology to safely delete the data in the invalid physical page; 删除页结点单元,用于根据删除请求的GUID,删除对应GUID-page表中所有页结点,并将头结点重新初始化;The delete page node unit is used to delete all page nodes in the corresponding GUID-page table according to the GUID of the delete request, and reinitialize the head node; 安全删除有效物理页单元,用于将删除请求的逻辑地址和大小解析为多个逻辑页号,根据逻辑页号查找地址映射表,找到对应的有效的物理页号,采用物理页覆写技术安全删除有效物理页中数据;Safely delete valid physical page units, which are used to resolve the logical address and size of the delete request into multiple logical page numbers, search the address mapping table according to the logical page numbers, find the corresponding valid physical page numbers, and use physical page overwriting technology for security Delete data in valid physical pages; 更新地址映射表单元,用于将找到的有效的物理页置为无效物理页,更新地址映射表。The update address mapping table unit is used to set the found valid physical page as an invalid physical page, and update the address mapping table.
CN201710219959.8A 2017-04-06 2017-04-06 A method and system for securely deleting flash memory based on file-level granularity Active CN107037988B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710219959.8A CN107037988B (en) 2017-04-06 2017-04-06 A method and system for securely deleting flash memory based on file-level granularity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710219959.8A CN107037988B (en) 2017-04-06 2017-04-06 A method and system for securely deleting flash memory based on file-level granularity

Publications (2)

Publication Number Publication Date
CN107037988A CN107037988A (en) 2017-08-11
CN107037988B true CN107037988B (en) 2019-08-30

Family

ID=59533420

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710219959.8A Active CN107037988B (en) 2017-04-06 2017-04-06 A method and system for securely deleting flash memory based on file-level granularity

Country Status (1)

Country Link
CN (1) CN107037988B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109710173B (en) * 2017-10-26 2021-12-03 旺宏电子股份有限公司 Memory device and data management method applied thereto
CN108572924B (en) * 2018-04-20 2021-10-08 华中科技大学 A request processing method for 3D MLC flash memory device
CN112860686B (en) * 2019-11-28 2023-03-10 金篆信科有限责任公司 Data processing method, data processing device, computer equipment and computer readable medium
CN113126927B (en) * 2021-04-22 2023-11-03 山东英信计算机技术有限公司 Data deleting method and related device
CN118964227A (en) * 2023-05-15 2024-11-15 华为技术有限公司 A memory management method and computer device
CN117828687A (en) * 2024-01-04 2024-04-05 维沃移动通信有限公司 Data processing method, device, electronic device and readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1700341A (en) * 2004-05-18 2005-11-23 三星电子株式会社 Method, medium, and apparatus for deleting data and method, medium, and apparatus for restoring deletion data
CN101908077A (en) * 2010-08-27 2010-12-08 华中科技大学 A data deduplication method suitable for cloud backup
US8260818B1 (en) * 2005-08-26 2012-09-04 American Megatrends, Inc. Method, apparatus, and computer-readable medium for space-efficient storage of variables in a non-volatile computer memory
CN103150394A (en) * 2013-03-25 2013-06-12 中国人民解放军国防科学技术大学 Distributed file system metadata management method facing to high-performance calculation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1700341A (en) * 2004-05-18 2005-11-23 三星电子株式会社 Method, medium, and apparatus for deleting data and method, medium, and apparatus for restoring deletion data
US8260818B1 (en) * 2005-08-26 2012-09-04 American Megatrends, Inc. Method, apparatus, and computer-readable medium for space-efficient storage of variables in a non-volatile computer memory
CN101908077A (en) * 2010-08-27 2010-12-08 华中科技大学 A data deduplication method suitable for cloud backup
CN103150394A (en) * 2013-03-25 2013-06-12 中国人民解放军国防科学技术大学 Distributed file system metadata management method facing to high-performance calculation

Also Published As

Publication number Publication date
CN107037988A (en) 2017-08-11

Similar Documents

Publication Publication Date Title
CN107037988B (en) A method and system for securely deleting flash memory based on file-level granularity
US11782632B2 (en) Selective erasure of data in a SSD
US8521949B2 (en) Data deleting method and apparatus
US11928053B2 (en) System garbage collection method and method for garbage collection in solid state disk
US10007468B2 (en) Method and apparatus for erasing data in data section in flash memory
US9904490B2 (en) Solid-state mass storage device and method for persisting volatile data to non-volatile media
US9342256B2 (en) Epoch based storage management for a storage device
KR101257691B1 (en) Memory controller and data management method
US11030092B2 (en) Access request processing method and apparatus, and computer system
CN113849420B (en) Memory system and control method
CN105718530B (en) File storage system and file storage control method thereof
CN106886370B (en) data safe deletion method and system based on SSD (solid State disk) deduplication technology
CN103049224B (en) By the methods, devices and systems of data importing physical tape
EP4372540A1 (en) Techniques for zoned namespace (zns) storage using multiple zones
US8650436B2 (en) Systems and methods for recovering information from NAND gates array memory systems
TWI671631B (en) Memory management method and storage controller
Xiao et al. Per-file secure deletion for flash-based solid state drives
CN110597454B (en) Data storage device and non-volatile memory control method
CN115101109A (en) Enterprise-level SSD (solid State disk) non-secure erase formatting method supporting abnormal power failure

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant