[go: up one dir, main page]

CN113903386B - Power-off data protection method and system based on NOR Flash chip - Google Patents

Power-off data protection method and system based on NOR Flash chip Download PDF

Info

Publication number
CN113903386B
CN113903386B CN202111125981.9A CN202111125981A CN113903386B CN 113903386 B CN113903386 B CN 113903386B CN 202111125981 A CN202111125981 A CN 202111125981A CN 113903386 B CN113903386 B CN 113903386B
Authority
CN
China
Prior art keywords
erase
sub
area
flash
protection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111125981.9A
Other languages
Chinese (zh)
Other versions
CN113903386A (en
Inventor
吴奔雷
梁毅宏
夏锋
李俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Xinzhilian Technology Co ltd
Original Assignee
Guangzhou Xinzhilian Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Xinzhilian Technology Co ltd filed Critical Guangzhou Xinzhilian Technology Co ltd
Priority to CN202111125981.9A priority Critical patent/CN113903386B/en
Publication of CN113903386A publication Critical patent/CN113903386A/en
Application granted granted Critical
Publication of CN113903386B publication Critical patent/CN113903386B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/06Auxiliary circuits, e.g. for writing into memory
    • G11C16/10Programming or data input circuits
    • G11C16/14Circuits for erasing electrically, e.g. erase voltage switching circuits
    • G11C16/16Circuits for erasing electrically, e.g. erase voltage switching circuits for erasing blocks, e.g. arrays, words, groups
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/06Addressing a physical block of locations, e.g. base addressing, module addressing, memory dedication
    • G06F12/0646Configuration or reconfiguration
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0877Cache access modes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0646Horizontal data movement in storage systems, i.e. moving data in between storage devices or systems
    • G06F3/0652Erasing, e.g. deleting, data cleaning, moving of data to a wastebasket
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Read Only Memory (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

本发明公开了基于NOR Flash芯片的擦写掉电数据保护方法及系统,该方法包括以下步骤:获取Flash芯片的设备配置信息及子区域边界信息,存储于Flash芯片的设备链表节点,采用掉电易失方式配置Flash为独立块保护模式,并解除Flash芯片所有区域的保护状态;接收到擦除/写入请求,预先锁定所有区域,启用全保护,根据擦除/写入请求通过区域解析得出待操作的子区域,依次对待操作的子区域的各个区块或扇区进行解锁,根据待操作的子区域的加解锁保护粒度执行擦除/写入操作;擦写操作完成,解除所有区域的保护状态,并反馈擦写操作状态信息。本发明可以在不改变用户擦写预期的情况下,尽可能的减小保护区域的颗粒度,达到保护区域的最大化。

The present invention discloses a power-off data protection method and system for erasing based on a NOR Flash chip, the method comprising the following steps: obtaining device configuration information and sub-region boundary information of a Flash chip, storing them in a device linked list node of the Flash chip, configuring the Flash to an independent block protection mode in a power-off volatile manner, and releasing the protection status of all regions of the Flash chip; receiving an erase/write request, pre-locking all regions, enabling full protection, obtaining a sub-region to be operated through regional analysis according to the erase/write request, sequentially unlocking each block or sector of the sub-region to be operated, and performing an erase/write operation according to the granularity of the unlocking protection of the sub-region to be operated; after the erase/write operation is completed, releasing the protection status of all regions, and feeding back the erase/write operation status information. The present invention can reduce the granularity of the protection region as much as possible without changing the user's erase/write expectations, thereby maximizing the protection region.

Description

Method and system for protecting erasing power-down data based on NOR Flash chip
Technical Field
The invention relates to the technical field of Flash chip erasing power-down data protection, in particular to an erasing power-down data protection method and system based on a NOR Flash chip.
Background
Flash memory, also called Flash memory, is a type of memory that is repeatedly erasable and writable, and is divided into NOR Flash and NAND FLASH. Because NOR Flash support XIP (eXecute In Place), i.e., the code can be executed directly on NOR Flash without copying into memory, has a high cost performance and is widely loaded in IoT embedded devices.
For embedded devices without a battery, random power loss can easily occur. For example, when a system file is modified, operations of erasing and writing Flash are performed, if the device is powered down at this time, besides the erased area data does not meet the expectations, there is a possibility that the data of other areas (especially the areas storing codes) of the Flash are tampered.
Why does a power loss while erasing Flash cause the data in other areas to be tampered with. Taking Flash with normal power supply of 3.3V as an example, the normal working voltage is about 0.7V CC~1*VCC (about 2.31-3.30V), the stop working voltage is generally below 0.3V CC (below about 0.99V), a gray voltage area is between the two ranges, namely 0.3V CC~0.7*VCC (about 0.99-2.31V), under which Flash is in an abnormal working state, and under the abnormal working state, flash may still work, but the working result is not ensured to be correct. The CPU erases/writes the Flash by sending command, address and data, if the Flash receives a command for erasing A address data, the Flash may actually analyze the waveform of the A address into B address, and then erase a small segment of data of the B address.
Therefore, according to the above description, there is a process of powering down during erasing, in which:
1) When the product is powered down, the plug is pulled out only instantaneously for a user, and a power-down process, namely a process that the voltage drops from a normal value to 0, exists for each device on the board, which is not instantaneously completed.
2) If the abnormal voltage threshold of NOR Flash (about 2.31V in the above example) is higher than the abnormal voltage threshold of CPU (1.8V for example), flash is in abnormal state when the whole device is powered down to the Flash gray voltage area. But the master control can still work normally at this time, and data such as an erasing/writing command and address are still sent to the Flash.
3) Under this abnormal operating voltage, flash receives command and address data, and may parse errors internally, thus causing other area data to be modified erroneously.
If the tampered area is a user data area, the user gets the error data from Flash when using the data next time, the most intuitive result is that the device authorization/authentication fails, assuming that the data is just the key value used by the local authentication/authorization, if the tampered area is a starting code area, the embedded device starts abnormality after the next power-on. The system is damaged and cannot be started, equipment repair can be only performed, and the use experience of a user is very influenced.
Disclosure of Invention
The present invention aims to solve at least one of the technical problems existing in the prior art. Therefore, the invention provides a erasing power-down data protection method based on a NOR Flash chip, which can effectively prevent data in the Flash chip from being tampered.
The invention also provides a erasing power-down data protection system based on the NOR Flash chip, which is provided with the erasing power-down data protection method based on the NOR Flash chip.
The invention also provides a computer readable storage medium with the erasing power-down data protection method based on the NOR Flash chip.
The erasing and writing power-down data protection method based on the NOR Flash chip comprises the following steps of obtaining equipment configuration information and sub-region boundary information of the Flash chip, storing the equipment configuration information and the sub-region boundary information of the Flash chip in an equipment linked list node of the Flash chip, configuring Flash into an independent block protection mode in a power-down volatile mode, removing protection states of all regions of the Flash chip, receiving an erasing/writing request, pre-locking all regions, enabling full protection, obtaining sub-regions to be operated through region analysis according to the erasing/writing request, sequentially unlocking all blocks or sectors of the sub-regions to be operated, executing erasing/writing operation according to the granularity of the locking and unlocking protection of the sub-regions to be operated, completing erasing operation, removing protection states of all regions, and feeding back erasing operation state information.
According to the erasing power-down data protection method based on the NOR Flash chip, the erasing/writing area is subdivided according to the subareas, the locking/unlocking protection granularity of the corresponding subareas is obtained, the erasing/writing and the locking/unlocking are carried out as far as possible according to the minimum protection granularity of each subarea, the granularity of the protection area can be reduced as far as possible under the condition that the erasing and writing expectations of a user are not changed, and the maximization of the protection area is achieved.
According to some embodiments of the invention, the obtaining the device configuration information of the Flash chip comprises obtaining an ID of the Flash chip when a system is initialized, matching chip parameter information according to the ID, obtaining a block size, a sector size, a bottom region boundary address and a top region address of the Flash chip, and storing the block size, the sector size, the bottom region boundary address and the top region address in a device linked list node of the Flash chip.
According to some embodiments of the invention, an erase request is received, wherein the erase request comprises an erase mode, an erase address, an erase region size and an erase Flash device number, if the erase mode is a whole-slice erase or the erase region size is equal to the size of the Flash chip corresponding to the erase Flash device number, the whole-slice erase is directly performed, otherwise, all blocks and sectors of the Flash chip are tried to be locked, unlocking is performed on the sub-region to be operated according to the erase request, and an erase operation is performed.
According to some embodiments of the invention, the sub-region to be operated is obtained through region analysis according to the erase request, the sub-region to be operated is sequentially unlocked, the erase operation is performed according to the unlocking protection granularity of the sub-region to be operated, the method comprises the steps of reading corresponding equipment linked list nodes according to the erase Flash equipment number, obtaining a plurality of sub-regions to be operated according to the erase address, obtaining the unlocking protection granularity of the sub-regions, obtaining the erasable length of the sub-regions to be operated according to the erase address and the erase region size, and performing the erase operation on the sub-regions to be operated according to the erase address, the unlocking protection granularity, the erasable length and a first erase mode, wherein the first erase mode is the smaller of the erase mode and the unlocking protection granularity.
According to some embodiments of the invention, performing an erase operation on the sub-region to be operated according to the erase address, the lock-unlock protection granularity, the erasable length, and a first erase mode comprises:
The method comprises the steps of S110, obtaining the total quantity to be erased of the subareas to be operated according to the erasable length based on the first erasing mode, S120, if the total quantity to be erased is 0, erasing the subareas to be operated currently, otherwise, calculating the first erasing unit quantity when the locking and unlocking protection granularity erases according to the first erasing mode, S130, if the first erasing quantity is larger than the total quantity to be erased, configuring the first erasing quantity as the total quantity to be erased, S140, unlocking the locking state of a block or a sector which the current erasing address belongs to, calling a Flash general erasing interface to erase the units of the first erasing mode of the first erasing quantity from the current erasing address backwards, S150, locking the block or the sector which the current erasing address belongs to, subtracting the first erasing quantity from the total quantity to move the current erasing address to the next erasing operation position, and returning to the step S120.
According to some embodiments of the invention, a write request is received, wherein the write request comprises a write address, a data cache address, a write data length and a write Flash device number, and if the write address does not exceed the maximum address of the Flash chip corresponding to the write Flash device number, locking all blocks and sectors of the Flash chip is tried, unlocking is performed on the subarea to be operated according to the write request, and a write operation is performed.
According to some embodiments of the invention, the sub-region to be operated is obtained through region analysis according to the writing request, the sub-region to be operated is sequentially unlocked, and the writing operation is performed according to the locking and unlocking protection granularity of the sub-region to be operated, wherein the writing operation comprises the steps of reading corresponding equipment linked list nodes according to the writing Flash equipment number, obtaining a plurality of sub-regions to be operated according to the writing address, obtaining the locking and unlocking protection granularity of the sub-regions, obtaining the writable length of the sub-regions to be operated according to the writing address and the writing data length, and performing the writing operation on the sub-regions to be operated according to the writing address, the locking and unlocking protection granularity, the writable length and the data cache address.
According to some embodiments of the present invention, performing a write operation on the sub-region to be operated according to the write address, the lock-unlock protection granularity, the writable length and the data cache address includes S210, determining that the current total remaining writable length of the sub-region to be operated is less than 0, and writing the sub-region to be operated is completed currently, otherwise, performing step S220, calculating a first writable length of the current block or sector, if the current total remaining writable length is less than the first length, configuring the first length as the current total remaining writable length, S230, releasing a lock state of a block or sector to which the current writable address belongs, calling a Flash universal page program interface, writing the data to be written of the first length from the current writable address, S240, locking the block or sector to which the current writable address belongs, both the current writable address and the data cache address, and then shifting the first length back, subtracting the first length from the current total remaining writable length, and returning to step S210.
The erasing and power-down data protection system based on the NOR Flash chip comprises a first module, a second module, a third module and a fourth module, wherein the first module is used for acquiring equipment configuration information and sub-region boundary information of the Flash chip, storing the equipment configuration information and the sub-region boundary information of the Flash chip in an equipment linked list node of the Flash chip, configuring Flash into an independent block protection mode in a power-down volatile mode, removing protection states of all regions of the Flash chip, the second module is used for receiving an erasing/writing request, pre-locking all regions, enabling full protection, obtaining sub-regions to be operated through region analysis according to the erasing/writing request, sequentially unlocking all blocks or sectors of the sub-regions to be operated, executing erasing/writing operation according to the granularity of the unlocking protection of the sub-regions to be operated, and removing the protection states of all regions and feeding back erasing operation state information after erasing operation is completed.
The erasing power-down data protection system based on the NOR Flash chip has at least the same beneficial effects as the method of the first aspect of the invention.
A computer readable storage medium according to an embodiment of the third aspect of the present invention has stored thereon a computer program which, when executed by a processor, implements a method according to an embodiment of the first aspect of the present invention.
The computer-readable storage medium according to the embodiment of the present invention has at least the same advantageous effects as the method according to the embodiment of the first aspect of the present invention.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the invention will become apparent and may be better understood from the following description of embodiments taken in conjunction with the accompanying drawings in which:
FIG. 1 is a flow chart of a method according to an embodiment of the invention;
FIG. 2 is a schematic diagram of an erasing area and boundary points of Flash in the method according to the embodiment of the invention;
FIG. 3 is a schematic diagram illustrating the division of Flash areas by the independent block protection function in the method according to the embodiment of the present invention;
FIG. 4 is a schematic diagram of a system initialization configuration Flash device linked list node in the method of the embodiment of the invention;
FIG. 5 is a schematic diagram of main steps of a Flash erasing method in the method according to the embodiment of the present invention;
FIG. 6 is a schematic diagram of a data erasure procedure with adaptive protection granularity in the method according to the embodiment of the present invention;
FIG. 7 is a schematic diagram of a process for safely erasing a sub-region in a method according to an embodiment of the present invention;
FIG. 8 is a schematic diagram of main steps of a Flash writing method in the method according to the embodiment of the present invention;
FIG. 9 is a schematic diagram of a data writing process with adaptive protection granularity in the method according to the embodiment of the present invention;
FIG. 10 is a schematic diagram of a process for safely writing a sub-region in a method according to an embodiment of the present invention;
FIG. 11 is a schematic diagram illustrating the division of Flash test areas in the test method according to the embodiment of the invention;
Fig. 12 is a block schematic diagram of a system according to an embodiment of the invention.
Reference numerals:
A first module 100, a second module 200.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
In the description of the present invention, a plurality means one or more, and a plurality means two or more, and it is understood that greater than, less than, exceeding, etc. does not include the present number, and it is understood that greater than, less than, within, etc. include the present number. The description of the first and second is for the purpose of distinguishing between technical features only and should not be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated. In the description of the present invention, step numbers are merely identifiers for convenience of description or convenience of introduction, and the magnitude of the serial numbers of each step does not mean the sequence of execution, and the execution sequence of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiment of the present invention.
Referring to FIG. 1, the method of the embodiment of the invention comprises the steps of obtaining equipment configuration information and sub-region boundary information of a Flash chip, storing the equipment configuration information and the sub-region boundary information in an equipment linked list node of the Flash chip, configuring Flash into an independent block protection mode in a power-down volatile mode, removing protection states of all regions of the Flash chip, receiving an erasing/writing request, pre-locking all regions, starting full protection, obtaining sub-regions to be operated through region analysis according to the erasing/writing request, sequentially unlocking each block or sector of the sub-regions to be operated, executing erasing/writing operation according to the granularity of the locking/unlocking protection of the sub-regions to be operated, completing erasing/writing operation, removing the protection states of all regions, and feeding back erasing/writing operation state information.
The write protection function of the NOR Flash is to protect certain areas by configuring a register, and if the register is not unlocked, the write-in command and the erase command of the master to the areas are directly ignored by the Flash.
For example, in an unstable Flash operation state, a command to write a is understood to be writing B, and if the B address is in the write protection area, the command is ignored, and the B address area is not substantially damaged.
The basic idea of the process of the invention is therefore as follows.
1. Area protection function using Flash
1) Dividing a Flash area according to Flash characteristics (taking 2MByte Flash as an example), marking a plurality of boundary points, 0,4K,8K and 2M in the Flash area;
2) The boundary points are respectively 1,2,3 and 17, the corresponding/mapping information is stored in the equipment system, any boundary point can be selected, and the left area and the right area of the boundary point are respectively configured into a protection area, a non-protection area or a non-protection area and a protection area;
3) After the equipment system is powered on, initializing Flash, and configuring the Flash to be in a full-area non-protection state;
4) When each erasing/writing operation is carried out, firstly judging the erasing/writing area, selecting the most suitable boundary point, respectively configuring the areas on two sides of the boundary point as a protection area and a non-protection area, and carrying out the erasing/writing operation;
5) After the erasing operation is finished, the configuration of the Flash register is modified, and the Flash is restored to be in a full-area non-protection state.
The judgment of the area in the step 4 can be defined by an operator, if the code area needs to be protected preferentially, the largest serial number smaller than the starting address of the erasing/writing area is selected as the boundary point, the left side of the code area is configured as the protection area, if the area needs to be protected as much as possible, the side with more Flash space is judged according to the starting address and the tail address of the erasing/writing area, and the nearest boundary point is found for configuration. Examples are as follows:
A) As shown in FIG. 2, when it is necessary to erase the "erase region 1", the most suitable boundary point near the current erase region is found, for example, the left (0-128K size) of the boundary point of the serial number 6 (128K) is configured as a protection region, the remaining right (2048K-128K) is a non-protection region, so as to prevent the front 128K data of Flash from being tampered when the erase is powered down, or the serial number 8 (512K) is selected, the 512K-2048K region of Flash is configured as a protection region, the front 0-512K range is a non-protection region, and the Flash region can be protected as much as possible under such selection.
B) In the same way, if the "erasing area 2" is to be erased, the boundary point number 9 (1M) can be found, the left side of the number 9 is configured as the unprotected area, and the right side of the boundary point of the number 9 is configured as the protected area. Or selecting the sequence number 8, configuring the left side of the sequence number 8 as a protection area, and protecting the code segment.
C) If the "erasing area 3" is required to be erased, the boundary point is also selected to be the serial number 11, the areas 0-1792K are configured as the protection areas, and the areas 1792K-2048K are non-protection areas.
The above-mentioned area protection mode can play a certain protection role, but the protection granularity is larger, and due to the Flash characteristic, only a continuous area from the bottom or the top of the Flash storage space can be selected, and the continuous area is configured into a protection state, so that the data cannot be comprehensively protected. Embodiments of the present invention therefore propose to employ an independent block protection based erase/write strategy, which will be mainly described below.
2. Independent block protection function using Flash
1) Based on the independent Block protection function characteristic of Flash, the Flash address space is divided according to blocks and sectors, and Flash with the size of 2MByte is taken as an example, as shown in fig. 3.
Block is 64KB in size, sector is 4KB in size, the bottom region can be regarded as region 1, and protection and deprotection are carried out according to granularity of Sector (4 KB) (the following description of locking and unlocking is used for substitution);
the middle area can be regarded as an area 2, and locking and unlocking are carried out according to granularity of Block (64 KB);
The top region can be seen as region 3, which is locked and unlocked according to the granularity of Sector (4 KB).
Thus, the entire Flash space is split into multiple address regions. The Block/Sector in each area is independently locked and unlocked to achieve the minimum granularity of erasure protection, so that the data of other areas are protected from being tampered when Flash erasure is powered down as far as possible.
2) The main flow of the function of protecting other area data when erasing and writing is powered down is as follows:
2-1) powering up the system to initialize Flash, configuring write protection related functions, and relieving the protection state of all areas;
2-2) the upper layer application calls a Flash power-down safe erasing/writing interface, all areas are pre-locked, and full protection is started;
2-3) calculating the subareas needing to be operated through area analysis, and sequentially performing independent unlocking, erasing/writing and locking operations on each Block/Sector of the subareas to be operated until all the subareas are operated;
2-4) removing the protection state of all blocks/sectors and feeding back the erasing/writing operation state information.
The Flash initialization process may be described with reference to step 3), and the erase and write strategies may be described with reference to steps 4), 5), etc.
3) When the system (Flash) is initialized, as shown in fig. 4, the processing steps are as follows:
3-1) obtaining jedec (ID) of the current Flash through a command provided by the Flash, and exiting if the obtaining fails;
3-2) matching Flash parameter information of the Flash chip through the ID, and if the matching fails, using default parameters;
3-3) creating a Flash equipment linked list node according to the used Flash equipment number;
3-4) storing the obtained configuration information such as Flash Block size, sector size, bottom region (region 1) boundary address, top region boundary address (region 3) and the like in the Flash equipment linked list node;
3-5) configuring Flash as an independent block protection mode by adopting a power-down volatile mode (volatile) (according to Flash characteristics, flash is generally defaulted to be fully locked in all areas at the moment);
3-6) unlocking all blocks/sectors to be in a non-protection state;
3-7) feeding back and outputting the protection state information of each Block of Flash to the system console.
4) In the Flash data erasing method in the embodiment of the invention, as shown in fig. 5, the processing steps are as follows:
4-1) acquiring information such as an erased mode blk_size, an address addr, a region size left, a Flash equipment number and the like by calling a parameter transmission;
4-2) judging whether the operated area exceeds the total size of Flash, if yes, executing the step 4-3), otherwise executing the step 4-4), judging whether the initial address of the operation is aligned according to the erasing mode, if not, executing the step 4-3), otherwise executing the step 4-4);
4-3) exiting the erasing process and returning error information;
4-4) checking whether the whole Flash is erased, if so, directly erasing the whole Flash, and exiting the erasing process, otherwise, executing the step 4-5);
4-5) attempting to lock all blocks and sectors, and placing Flash in a full area protection state before erasing. Executing the step 4-6) if the locking is successful, otherwise executing the step 4-3);
4-6) executing a self-adaptive erasure procedure of the deprotection granularity, circularly checking and processing each subarea (calculating and processing area 1, area 2, area 3..and the like) to be erased, and executing step g after the processing of each subarea is finished;
4-7) attempting to unlock all blocks and sectors, and after erasure, placing Flash in a full area unprotected state. Step 4-8) is executed if unlocking is successful, otherwise step 4-9) is executed;
4-8) exiting the erasing process and returning the successful secure erasing;
4-9) exiting the erasure procedure, and warning of unlocking failure.
Wherein, step 4-6) is a self-adaptive erasure procedure of the deprotection granularity, as shown in fig. 6, comprising the following sub-steps:
4-6-1) judging whether the total remaining length left to be erased is greater than 0, if yes, executing the step 4-6-3, otherwise executing the step 4-6-2;
4-6-2) the residual total length to be erased len is 0, and after the operation is finished, exiting the self-adaptive erasing flow of the deprotection granularity;
4-6-3) acquiring the region boundary information of the Flash from a Flash device linked list node according to the operated Flash device number, wherein the region boundary information is used for distinguishing region 1, region 2, region 3.
4-6-4) Obtaining a next sub-region to be erased from the erasing direction according to the starting address addr of the current region to be erased, and if the sub-region is located in a region i (i=1, 2, 3.), calculating the maximum erasable length len (i) of the region according to the boundary information of the region i (the bottom address of the region i is bottom (i), and the top address is top_addr (i)), wherein len (i) =top_addr (i) -addr;
4-6-5) obtaining the unlocking protection granularity corresponding to the region i, and marking the unlocking protection granularity as wp_size (i);
4-6-6) comparing the maximum erasable length len (i) of the sub-area with the total remaining length left to be erased, if len (i) is greater than left, executing step 4-6-7, if not, executing step 4-6-8;
4-6-7) assigning the maximum erasable length len (i) of the sub-area to the actual erased length len of the sub-area, and executing the steps 4-6-9;
4-6-8) assigning the total remaining length left to be erased to the sub-area actual erasing length len, and executing the steps 4-6-9;
4-6-9) comparing the sizes of the erasure pattern blk_size and the lock and unlock protection granularity wp_size (i), if blk_size is larger than wp_size (i), executing the steps 4-6-10, otherwise executing the steps 4-6-11;
4-6-10) assigning the unlocking protection granularity wp_size (i) of the region to an actual erasure mode erz _mode of the sub-region, ensuring that the protection granularity is minimized during erasure, and executing the steps 4-6-12;
4-6-11) assigning an erasure pattern blk_size to the actual erasure pattern erz _mode for that sub-region, performing steps 4-6-12;
4-6-12) starting from address addr, erasing the sub-area according to the configuration of an erasure pattern erz _mode, a protection granularity wp_size (i) and an erasure length len;
4-6-13) the erasure address addr is shifted backward by the number of bytes of length len, addr=addr+len;
4-6-14) the total remaining length left to be erased is reduced by len bytes, left=left-len, jump to step 4-6-1 and continue.
In the above description of the steps, 4-6-12) is to execute the sub-region erasure procedure, the erasure address is addr, the length is len, the erasure mode is erz _mode, the granularity of the lock and unlock protection is wp_size (i), as shown in fig. 7, the sub-steps are as follows:
4-6-12-1) calculating the number of blocks/sectors to be erased of the sub-region, blk_cnt, blk_cnt=len/erz _mode;
4-6-12-2) judging whether the number blk_cnt of the blocks/sectors to be erased is greater than 0, if so, executing the step 4-6-12-4, otherwise, executing the step 4-6-12-3;
4-6-12-3) after the sub-area is erased, exiting the sub-area erasing process, and returning success;
4-6-12-4) judging that the size relation between the locking and unlocking protection granularity wp_size (i) and the erasure granularity erz _mode, if wp_size (i) is larger than erz _mode, executing the step 4-6-12-5, if wp_size (i) is equal to erz _mode, executing the step 4-6-12-6, otherwise, executing the step 4-6-12-7;
4-6-12-5) calculating the number cnt of blocks/sectors to be erased in the protection granularity of the round, cnt= (wp_size (i) -addr% wp_size (i))/erz _mode, and executing the steps 4-6-12-8;
4-6-12-6) assigning the number cnt of blocks/sectors to be erased in the protection granularity of the round to 1, and executing the steps 4-6-12-8;
4-6-12-7) exits the sub-region erasure procedure, returns an erasure error (to achieve minimum protection granularity, erasure granularity erz _mode is the smaller of the protection granularity wp_size (i) and the expected erasure pattern blk_size, so the case where wp_size (i) is smaller than erz _mode is not allowed under the current policy);
4-6-12-8) judging whether the number cnt of the basic units to be erased in the round exceeds the total number blk_cnt of the basic units to be erased, if so, executing the steps 4-6-12-9, otherwise, executing the steps 4-6-12-10;
4-6-12-9) assigning the total number blk_cnt of the remaining basic units to be erased to the number cnt of the basic units to be erased of the round, and executing the steps 4-6-12-10;
4-6-12-10) releasing the Block/Sector lock corresponding to the current Flash address addr;
4-6-12-11) adopting a Flash general erase mode, and starting from an address addr, erasing cnt basic units backwards according to a erz _mode erase mode;
4-6-12-12) locking the Block/Sector corresponding to the current operation address addr;
4-6-12-13) operation address addr is shifted back by erz _mode cnt bytes, addr=addr+ erz _mode cnt;
4-6-12-14) the number of blocks/sectors to be erased, blk_cnt, blk_cnt=blk_cnt-cnt, is reduced by cnt;
4-6-12-15) to step 4-6-12-2) to determine whether the next Block/Sector unlock erase operation is needed.
5) In the embodiment of the invention, referring to fig. 8, the Flash data writing method provided by the embodiment of the invention comprises the following steps.
5-1) Acquiring information such as a device number written into Flash, an operated physical address addr, a data cache address data, a data length len and the like by calling a parameter transfer;
5-2) judging whether the operated area exceeds the total size of Flash, if so, executing the step 5-3), otherwise, executing the step 5-4);
5-3) exiting the writing process and returning an error;
5-4) attempting to lock all blocks and sectors, and placing Flash in the full area protected state before writing. Step 5-5) is executed if the locking is successful, otherwise step 5-3) is executed;
5-5) executing a self-adaptive write-in flow of deprotection granularity, circularly checking and processing all subareas (computing and processing area 1, area 2, area 3..and the like) to be written in, and executing the step 5-6) after all subareas are processed;
5-6) attempting to unlock all blocks and sectors, and after writing, placing Flash in a full-area deprotection state. Step 5-7) is executed if unlocking is successful, otherwise step 5-8) is executed;
5-7) exiting the writing process and returning the success of the safe writing;
5-8) exiting the writing process, and warning the unlocking failure.
Wherein step 5-5) is a write flow with self-adaptive deprotection granularity, as shown in fig. 9, which includes the following sub-steps.
5-5-1) Acquiring the region boundary information of the Flash (the bottom address of the region i (i=1, 2, 3.) is bottom (i), and the top address is top_addr (i)) from a Flash device linked list node according to the operated Flash device number, wherein the region boundary information is used for distinguishing the region 1, the region 2, the region 3.) and the like;
5-5-2) judging whether the total remaining length size to be written is larger than 0, if yes, executing the step 5-5-4), otherwise executing the step 5-5-3);
5-5-3) the total remaining length to be written size is 0, and after the operation is finished, the self-adaptive writing flow of the deprotection granularity is exited;
5-5-4) obtaining a next subarea to be written from the writing direction according to the initial address addr of the current area to be written, if the subarea is positioned in the area i, calculating the maximum writable length len (i) of the area according to the boundary information of the area i (the bottom address of the area i is bottom (i), the top address is top_addr (i)), wherein len (i) =top_addr (i) -addr;
5-5-5) obtaining the unlocking protection granularity corresponding to the region i, and marking the unlocking protection granularity as wp_size (i);
5-5-6) comparing the maximum writable length len (i) of the sub-area with the size of the total remaining length to be written size, if len (i) is larger than size, executing step 5-5-7), if not, executing step 5-5-8);
5-5-7) assigning the maximum writable length len (i) of the sub-area to the actual writing length len of the sub-area, performing the steps 5-5-9);
5-5-8) assigning the total remaining length to be written size to the sub-area actual writing length len, and executing the steps 5-5-9);
5-5-9) starting from the address addr, performing write operation of the sub-region according to the configuration of the protection granularity wp_size (i), the write length len and the data cache address data;
5-5-10) after the writing of the current sub-area is completed, the writing address addr is moved backward by the byte number with the length of len, addr=addr+len;
5-5-11) the total remaining length to be written size is reduced by len bytes, size=size-len;
5-5-12) the data cache address is shifted back by len bytes, data=data+len, and the jump is made to step 5-5-2) for further execution.
In the above description of the steps, 5-5-9) is a write process of executing a sub-region, where the address to be written is addr, the length is len, the data cache address is data, and the granularity of lock and unlock protection is wp_size (i), as shown in fig. 10, the sub-steps included therein are as follows.
5-5-9-1) Judging whether the total remaining length len to be written in the subarea is greater than 0, if so, indicating that the writing is not completed, executing the step 5-5-9-3, otherwise, executing the step 5-5-9-2;
5-5-9-2) after the sub-region is written, exiting the sub-region writing process, and returning success;
5-5-9-3) calculating the writable length in the current protection granularity wp_size (i) according to the current operation address, and recording as ws, ws=wp_size (i) - (addr% wp_size (i));
5-5-9-4) judging whether the write length ws of the round exceeds the total remaining length len to be written, if yes, executing the step 5-5-9-5, otherwise, directly executing the step 5-5-9-6;
5-5-9-5) assigning the total remaining length to be written len to the write length of the round ws, ws=len, performing the steps 5-5-9-6;
5-5-9-6) releasing the lock state of the Block/Sector corresponding to the current Flash address addr;
5-5-9-7) adopting a general page program mode of Flash, and starting from an address addr, writing data of ws bytes backwards;
5-5-9-8) locking the Block/Sector corresponding to the current operation address addr;
5-5-9-9) the operation address addr is shifted backward by ws bytes, addr=addr+ws;
5-5-9-10) the data cache address data written by the remaining tape is shifted backward by ws bytes, data=data+ws;
5-5-9-11) the total length to be written len of the sub-area is reduced by ws bytes, len=len-ws, and the step is skipped to step 5-5-9-2), and whether the next Block/Sector unlocking writing operation is needed or not is judged;
The method has the beneficial effects that:
1) The protection area is self-adaptive, and the minimum protection granularity can be achieved. Whether Flash is erased according to a mode of 4K, 32K or 64K, or any byte of data is written into Flash, automatic processing can be performed. The basic flow is to subdivide the erasing/writing area according to the subareas and obtain the unlocking protection granularity of the corresponding subareas, and unlock the erasing/writing at the same time as possible according to the minimum protection granularity of each subarea, so the method can ensure that the granularity of the protection area is reduced as far as possible under the condition of not changing the erasing and writing expectations of users, and the maximization of the protection area is achieved.
2) And when the process is not in an erasing/writing process, flash is in a full unlocking state, so that the carried IoT equipment is convenient to maintain. In the above strategy, the system equipment is not protected in the whole area after initialization, but is configured according to the unprotected state, the system is in the Flash whole area unprotected state after power-on, only when erasing is performed, the whole area is locked, then the operated area is independently unlocked to perform erasing, and after the erasing is completed, the whole area is unlocked. When equipment maintenance personnel debug, do not need to carry out extra Flash write protection operation that releases, after the system is powered on, flash is the full unlocking state, can directly get into BROM (firmware upgrade mode) according to original mode and operate Flash, and maintenance personnel use more conveniently, also more easily the batch production of equipment.
3) The Flash memory device can adapt to different Flash working voltages, and has no hardware cost increase. The method mainly uses the write-protection function provided by Flash, adds the locking and unlocking strategy of Flash in the erasing/writing process, and ensures the power-down safety of other areas of Flash. Because the method puts the operation of locking other areas of Flash before the erasing/writing process flow, the operation of locking other areas is carried out before the erasing/writing process under any voltage. Therefore, the method does not need to specially adapt to different working voltages of Flash, does not need to add an additional hardware monitoring circuit, and is an alternative scheme with higher cost performance.
In the embodiment of the invention, a test method for erasing power-down data abnormality is also provided. Taking 2MByte Flash as an example, the basic steps are as follows:
1) The 2M SiP Flash is divided into four areas, including a code area, a storage area, an erasing area and a comparison data area. The code area is used for programming mirror image, as shown in FIG. 11, and the 0-1840K area is the code area;
2) The storage area is used for storing error code information and sysinfo information which fail to check, the storage area size is 8KByte in the example, and the address area is 0x2e 000-0 x30000;
3) The erasing area is 0x 30000-0 x70000, which occupies 256KByte, and after the system initialization is finished, the erasing is performed according to the granularity of the Block size (64K);
4) The comparison data area is used for main data comparison, the address area is 0x 70000-0 x200000, the content can be fully and fixedly filled with 0x5A, whether the bit in the area is wrongly written into 0' can be guaranteed, and whether the area is wrongly erased (the area becomes 0xFF after erasure) can be guaranteed.
According to the above region division, after the system is powered on, operating Flash to perform verification, erasing, writing, reading and verification cycle test on the erasing area, carrying out random 3-15 s power failure on equipment by means of a relay in the middle, reading 2M Flash data after three days of operation, and checking whether the data in the code area (0 x 0-0 x2e 000) and the comparison data area (0 x 70000-0 x 200000) are tampered or not.
In order to more easily achieve the desired test effect, it is noted that during the test, the following is noted:
1) After the system is electrified, firstly initializing a 256K erasing area, respectively writing magic numbers, namely 0xe7,0xaa,0xbe and 0x3c in turn according to granularity of the Block size (64K), after the initialization is finished, checking the written magic numbers, and writing error codes and error address information back to a storage area (0 x2e 000) when errors occur.
2) After initialization, the erasing area is subjected to erasing test, each round of erasing is performed according to the Block size (64K), and the 64K area is written as a fixed magic number (0 x18,0x55,0x41,0xc3 and the like).
3) Before each round of erasure, checking whether the current 64K (Block size) area value is expected, if not, writing back error code and error address information to the storage area (0 x2e 000), after each round of writing, reading the written 64K value, comparing whether the written 64K value is consistent with the expected, if not, writing back error code and error address information to the designated area of the storage area (0 x2e 000).
4) When data is written into the Flash, single bytes are used for writing one by one, and the operation duty ratio of the page program in the Flash in unit time is increased.
5) The data written into Flash does not use random numbers, but uses magic numbers, and binary values of the data are selected to be numbers which are equal to 0 and 1 alternately, and 0 and 1 numbers, so that the bit numbers of each round of writing 0 in the writing operation are balanced as much as possible. (e.g., 0x18,0x55,0x41,0xc3, the binary system is respectively as follows: 1110 0111,1010 1010,1011 1110,0011 1100). After the magic numbers are written in each round, the next round is written in a reverse way, so that the magic numbers written in each round are ensured to be different. The method can facilitate the backtracking of the data dump.
In the system of the embodiment of the invention, referring to FIG. 12, the system comprises a first module 100, a second module 100, a third module and a fourth module, wherein the first module is used for acquiring the equipment configuration information and the sub-region boundary information of a Flash chip, storing the equipment configuration information and the sub-region boundary information in an equipment linked list node of the Flash chip, configuring Flash into an independent block protection mode in a power-down volatile mode, and removing the protection state of all regions of the Flash chip; a second module 200 for receiving an erase/write request, pre-locking all the regions, enabling full protection, obtaining a sub-region to be operated by region analysis according to the erase/write request, sequentially unlocking each block or sector of the sub-region to be operated, executing erase/write operation according to the granularity of the protection of the sub-region to be operated, and completing the erase/write operation, releasing the protection state of all the regions and feeding back the erase/write operation state information
Although specific embodiments are described herein, those of ordinary skill in the art will recognize that many other modifications or alternative embodiments are also within the scope of the present disclosure. For example, any of the functions and/or processing capabilities described in connection with a particular device or component may be performed by any other device or component. In addition, while various exemplary implementations and architectures have been described in terms of embodiments of the present disclosure, those of ordinary skill in the art will recognize that many other modifications to the exemplary implementations and architectures described herein are also within the scope of the present disclosure.
Certain aspects of the present disclosure are described above with reference to block diagrams and flowchart illustrations of systems, methods, systems and/or computer program products according to example embodiments. It will be understood that one or more blocks of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by executing computer-executable program instructions. Also, some of the blocks in the block diagrams and flowcharts may not need to be performed in the order shown, or may not need to be performed in their entirety, according to some embodiments. In addition, additional components and/or operations beyond those shown in blocks of the block diagrams and flowcharts may be present in some embodiments.
Accordingly, blocks of the block diagrams and flowchart illustrations support combinations of means for performing the specified functions, combinations of elements or steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, can be implemented by special purpose hardware-based computer systems that perform the specified functions, elements or steps, or combinations of special purpose hardware and computer instructions.
Program modules, applications, etc. described herein may include one or more software components including, for example, software objects, methods, data structures, etc. Each such software component may include computer-executable instructions that, in response to execution, cause at least a portion of the functions described herein (e.g., one or more operations of the exemplary methods described herein) to be performed.
The software components may be encoded in any of a variety of programming languages. An exemplary programming language may be a low-level programming language, such as an assembly language associated with a particular hardware architecture and/or operating system platform. Software components including assembly language instructions may need to be converted into executable machine code by an assembler prior to execution by a hardware architecture and/or platform. Another exemplary programming language may be a higher level programming language that may be portable across a variety of architectures. Software components, including higher-level programming languages, may need to be converted to an intermediate representation by an interpreter or compiler before execution. Other examples of programming languages include, but are not limited to, a macro language, a shell or command language, a job control language, a scripting language, a database query or search language, or a report writing language. In one or more exemplary embodiments, a software component containing instructions of one of the programming language examples described above may be executed directly by an operating system or other software component without first converting to another form.
The software components may be stored as files or other data storage constructs. Software components having similar types or related functionality may be stored together, such as in a particular directory, folder, or library. The software components may be static (e.g., preset or fixed) or dynamic (e.g., created or modified at execution time).
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of one of ordinary skill in the art without departing from the spirit of the present invention.

Claims (10)

1.一种基于NOR Flash芯片的擦写掉电数据保护方法,其特征在于,包括以下步骤:1. A method for protecting data from power failure based on a NOR Flash chip, comprising the following steps: 获取Flash芯片的设备配置信息及子区域边界信息,存储于所述Flash芯片的设备链表节点,采用掉电易失方式配置Flash为独立块保护模式,并解除Flash芯片所有区域的保护状态;Obtain device configuration information and sub-area boundary information of the Flash chip, store them in the device linked list node of the Flash chip, configure the Flash to an independent block protection mode in a power-off volatile manner, and release the protection status of all areas of the Flash chip; 接收到擦除/写入请求,预先锁定所有区域,启用全保护,根据所述擦除/写入请求通过区域解析得出待操作的子区域,依次对所述待操作的子区域的各个区块或扇区进行解锁,根据所述待操作的子区域的加解锁保护粒度执行擦除/写入操作;Upon receiving an erase/write request, pre-locking all areas, enabling full protection, obtaining a sub-area to be operated through area parsing according to the erase/write request, sequentially unlocking each block or sector of the sub-area to be operated, and performing an erase/write operation according to the granularity of the protection of the sub-area to be operated; 擦写操作完成,解除所有区域的保护状态,并反馈擦写操作状态信息。After the erase operation is completed, the protection status of all areas is released and the erase operation status information is fed back. 2.根据权利要求1所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,所述获取Flash芯片的设备配置信息包括:2. The method for protecting NOR Flash chip from power failure according to claim 1, wherein the step of obtaining the device configuration information of the Flash chip comprises: 系统初始化时,获取所述Flash芯片的ID,根据ID匹配芯片参数信息,并获取所述Flash芯片的块大小、扇区大小、底部区域边界地址及顶部区域地址,存储于所述Flash芯片的设备链表节点中。When the system is initialized, the ID of the Flash chip is obtained, the chip parameter information is matched according to the ID, and the block size, sector size, bottom area boundary address and top area address of the Flash chip are obtained and stored in the device linked list node of the Flash chip. 3.根据权利要求1所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,3. The method for protecting NOR Flash chip from power failure according to claim 1, characterized in that: 接收到擦除请求,所述擦除请求包括:擦除模式、擦除地址、擦除区域大小、擦除Flash设备号;An erase request is received, wherein the erase request includes: an erase mode, an erase address, an erase area size, and an erase Flash device number; 若所述擦除模式为整片擦除或者所述擦除区域大小等于所述擦除Flash设备号对应的所述Flash芯片的大小,则直接整片擦除;If the erasing mode is full chip erasing or the erase area size is equal to the size of the Flash chip corresponding to the erase Flash device number, the full chip is directly erased; 否则尝试锁定所述Flash芯片所有的块和扇区,根据所述擦除请求对所述待操作的子区域进行解锁,执行擦除操作。Otherwise, an attempt is made to lock all blocks and sectors of the Flash chip, and the sub-area to be operated is unlocked according to the erase request, and an erase operation is performed. 4.根据权利要求3所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,根据所述擦除请求通过区域解析得出待操作的子区域,依次对所述待操作的子区域进行解锁,根据所述待操作的子区域的加解锁保护粒度执行擦除操作包括:4. The method for protecting power-off data of a NOR Flash chip according to claim 3 is characterized in that, according to the erase request, a sub-region to be operated is obtained through region analysis, the sub-region to be operated is unlocked in sequence, and the erase operation is performed according to the granularity of the protection of the sub-region to be operated, comprising: 根据所述擦除Flash设备号读取相应的所述设备链表节点,根据所述擦除地址得出若干所述待操作的子区域;Read the corresponding device linked list node according to the erased Flash device number, and obtain a plurality of sub-areas to be operated according to the erased address; 获取所述子区域的加解锁保护粒度,并根据所述擦除地址和所述擦除区域大小,获取所述待操作的子区域的可擦除长度;Acquire the encryption and unlocking protection granularity of the sub-area, and acquire the erasable length of the sub-area to be operated according to the erase address and the erase area size; 根据所述擦除地址、所述加解锁保护粒度、所述可擦除长度以及第一擦除模式对所述待操作的子区域执行擦除操作。An erasing operation is performed on the sub-area to be operated according to the erasing address, the encryption/unlocking protection granularity, the erasable length, and the first erasing mode. 5.根据权利要求4所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,根据所述擦除地址、所述加解锁保护粒度、所述可擦除长度以及第一擦除模式对所述待操作的子区域执行擦除操作包括:5. The method for protecting power-off data of a NOR Flash chip according to claim 4, wherein performing an erasing operation on the sub-area to be operated according to the erasing address, the encryption and unlocking protection granularity, the erasable length and the first erasing mode comprises: S110,基于所述第一擦除模式,根据所述可擦除长度得出所述待操作的子区域的总待擦除数量;S110, based on the first erasing mode, deriving a total number of sub-areas to be erased according to the erasable length; S120,若所述总待擦除数量为0,则当前所述待操作的子区域的擦除完成;否则,计算所述加解锁保护粒度按所述第一擦除模式进行擦除时的第一擦除单元数量;S120, if the total number of items to be erased is 0, then erasure of the sub-area to be operated is completed; otherwise, calculating the number of first erasure units when erasing the encryption and unlocking protection granularity according to the first erasure mode; S130,若第一擦除数量大于所述总待擦除数量,则配置所述第一擦除数量为所述总待擦除数量;S130, if the first erase quantity is greater than the total number of items to be erased, configuring the first erase quantity to be the total number of items to be erased; S140,解锁当前擦除地址所属的块或扇区的锁定状态,调用Flash通用擦除接口从当前擦除地址开始向后擦除所述第一擦除数量的所述第一擦除模式的单元;S140, unlocking the lock state of the block or sector to which the current erase address belongs, calling the Flash universal erase interface to erase the first erase quantity of units of the first erase mode backward from the current erase address; S150,锁定当前擦除地址所属的块或扇区,所述总待擦除数量减去所述第一擦除数量,将当前擦除地址后移至下一擦除操作位置,返回至所述步骤S120。S150, locking the block or sector to which the current erasing address belongs, subtracting the first erasing number from the total number to be erased, moving the current erasing address to the next erasing operation position, and returning to the step S120. 6.根据权利要求1所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,6. The method for protecting NOR Flash chip from power failure according to claim 1, characterized in that: 接收到写入请求,所述写入请求包括:写入地址、数据缓存地址、写入数据长度、写入Flash设备号;A write request is received, wherein the write request includes: a write address, a data cache address, a write data length, and a write Flash device number; 若所述写入地址不超过所述写入Flash设备号对应的所述Flash芯片的最大地址,则尝试锁定所述Flash芯片所有的块和扇区,根据所述写入请求对所述待操作的子区域进行解锁,执行写入操作。If the write address does not exceed the maximum address of the Flash chip corresponding to the write Flash device number, try to lock all blocks and sectors of the Flash chip, unlock the sub-area to be operated according to the write request, and perform the write operation. 7.根据权利要求6所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,根据所述写入请求通过区域解析得出待操作的子区域,依次对所述待操作的子区域进行解锁,根据所述待操作的子区域的加解锁保护粒度执行写入操作包括:7. The method for protecting power-off data of a NOR Flash chip according to claim 6, wherein the sub-regions to be operated are obtained through region analysis according to the write request, the sub-regions to be operated are unlocked in sequence, and the write operation is performed according to the granularity of the protection of the sub-regions to be operated, including: 根据所述写入Flash设备号读取相应的所述设备链表节点,根据所述写入地址得出若干所述待操作的子区域;Read the corresponding device linked list node according to the written Flash device number, and obtain a number of sub-areas to be operated according to the written address; 获取所述子区域的加解锁保护粒度,并根据所述写入地址和所述写入数据长度,获取所述待操作的子区域的可写入长度;Acquire the encryption and unlocking protection granularity of the sub-area, and acquire the writable length of the sub-area to be operated according to the write address and the write data length; 根据所述写入地址、所述加解锁保护粒度、所述可写入长度以及所述数据缓存地址对所述待操作的子区域执行写入操作。A write operation is performed on the sub-area to be operated according to the write address, the encryption and unlocking protection granularity, the writable length, and the data cache address. 8.根据权利要求7所述的NOR Flash芯片的擦写掉电数据保护方法,其特征在于,根据所述写入地址、所述加解锁保护粒度、所述可写入长度以及所述数据缓存地址对所述待操作的子区域执行写入操作包括:8. The method for protecting power-off data of a NOR Flash chip according to claim 7, wherein performing a write operation on the sub-area to be operated according to the write address, the encryption and unlocking protection granularity, the writable length and the data cache address comprises: S210,确定所述待操作的子区域当前总剩余可写入长度小于0,则当前所述待操作的子区域写入完成;否则,执行步骤S220;S210, if it is determined that the total remaining writable length of the sub-area to be operated is less than 0, then the writing of the sub-area to be operated is completed; otherwise, execute step S220; S220,计算当前所述块或扇区可写入的第一长度,若当前总剩余可写入长度小于所述第一长度,则配置所述第一长度为当前总剩余可写入长度;S220, calculating a first length that can be written to the current block or sector, and if the current total remaining writable length is less than the first length, configuring the first length as the current total remaining writable length; S230,解除当前写入地址所属的块或扇区的锁定状态,调用Flash通用page program接口,从当前写入地址写入所述第一长度的待写入数据;S230, releasing the lock state of the block or sector to which the current write address belongs, calling the Flash general page program interface, and writing the first length of the to-be-written data from the current write address; S240,锁定当前写入地址所属的块或扇区,当前写入地址及所述数据缓存地址均后移所述第一长度,当前总剩余可写入长度减去所述第一长度,返回步骤S210。S240, lock the block or sector to which the current write address belongs, shift the current write address and the data cache address backward by the first length, subtract the first length from the current total remaining writable length, and return to step S210. 9.一种基于NOR Flash芯片的擦写掉电数据保护系统,使用权利要求1至8中任一项的方法,其特征在于,包括:9. A power-off data protection system based on NOR Flash chip, using the method of any one of claims 1 to 8, characterized in that it includes: 第一模块,用于获取Flash芯片的设备配置信息及子区域边界信息,存储于所述Flash芯片的设备链表节点,采用掉电易失方式配置Flash为独立块保护模式,并解除Flash芯片所有区域的保护状态;The first module is used to obtain the device configuration information and sub-area boundary information of the Flash chip, store them in the device linked list node of the Flash chip, configure the Flash to an independent block protection mode in a power-off volatile manner, and release the protection status of all areas of the Flash chip; 第二模块,用于接收到擦除/写入请求,预先锁定所有区域,启用全保护,根据所述擦除/写入请求通过区域解析得出待操作的子区域,依次对所述待操作的子区域的各个区块或扇区进行解锁,根据所述待操作的子区域的加解锁保护粒度执行擦除/写入操作;以及,擦写操作完成,解除所有区域的保护状态,并反馈擦写操作状态信息。The second module is used to receive an erase/write request, pre-lock all areas, enable full protection, obtain the sub-area to be operated through area analysis according to the erase/write request, unlock each block or sector of the sub-area to be operated in turn, and perform the erase/write operation according to the protection granularity of the sub-area to be operated; and, after the erase/write operation is completed, release the protection status of all areas and feedback the erase/write operation status information. 10.一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1至8中任一项的方法。10. A computer-readable storage medium having a computer program stored thereon, wherein the computer program implements the method of any one of claims 1 to 8 when executed by a processor.
CN202111125981.9A 2021-09-24 2021-09-24 Power-off data protection method and system based on NOR Flash chip Active CN113903386B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111125981.9A CN113903386B (en) 2021-09-24 2021-09-24 Power-off data protection method and system based on NOR Flash chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111125981.9A CN113903386B (en) 2021-09-24 2021-09-24 Power-off data protection method and system based on NOR Flash chip

Publications (2)

Publication Number Publication Date
CN113903386A CN113903386A (en) 2022-01-07
CN113903386B true CN113903386B (en) 2025-02-18

Family

ID=79029147

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111125981.9A Active CN113903386B (en) 2021-09-24 2021-09-24 Power-off data protection method and system based on NOR Flash chip

Country Status (1)

Country Link
CN (1) CN113903386B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105138869A (en) * 2015-08-17 2015-12-09 四川长虹电器股份有限公司 Method for automatically locking and protecting flash bootstrap program based on flag detection

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6031757A (en) * 1996-11-22 2000-02-29 Macronix International Co., Ltd. Write protected, non-volatile memory device with user programmable sector lock capability
US6026016A (en) * 1998-05-11 2000-02-15 Intel Corporation Methods and apparatus for hardware block locking in a nonvolatile memory
KR100543442B1 (en) * 2002-09-06 2006-01-23 삼성전자주식회사 A device for setting the write protection area of the memory blocks of the nonvolatile semiconductor memory device
CN102301381A (en) * 2011-07-08 2011-12-28 华为技术有限公司 Method and device for information security processing

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105138869A (en) * 2015-08-17 2015-12-09 四川长虹电器股份有限公司 Method for automatically locking and protecting flash bootstrap program based on flag detection

Also Published As

Publication number Publication date
CN113903386A (en) 2022-01-07

Similar Documents

Publication Publication Date Title
JP3884839B2 (en) Semiconductor memory device
US8281411B2 (en) Security memory device and method for making same
JP3710671B2 (en) One-chip microcomputer, IC card using the same, and access control method for one-chip microcomputer
US20110029726A1 (en) Data updating method, memory system and memory device
CN1243580A (en) Method for monitoring execution of software programmes as prescribed
CN110968254B (en) Partition protection method and device for nonvolatile memory
KR20000023497A (en) Microcomputer provided with flash memory and method of storing program into flash memory
US10846421B2 (en) Method for protecting unauthorized data access from a memory
CN108877863B (en) Flash memory storage device and method of operating the same
US10628249B2 (en) Method for protecting an electronic device against fault injection attacks during execution of a program
CN113903386B (en) Power-off data protection method and system based on NOR Flash chip
US20030225962A1 (en) Memory card and memory card system
US20180052635A1 (en) Electronic control apparatus and information storage method for the same
US10705743B2 (en) Memory control device, control method of flash memory, and method for generating security feature of flash memory
JP2006195565A (en) Semiconductor memory device control method, memory card, and host device
US6950345B1 (en) Nonvolatile semiconductor memory device
CN112685802A (en) Flash chip reading control method and device and storage medium
US12061803B2 (en) System with increasing protected storage area and erase protection
JP2010079686A (en) Data processor, memory control circuit, and memory control method
CN105138378A (en) BIOS flash method and electronic device
JP4452158B2 (en) Nonvolatile memory system
JP4892414B2 (en) Control circuit, storage medium, processing device, embedded system, and area management method
US12061888B2 (en) Method for verifying an execution of a software program
CN115906194B (en) A method and system for preventing non-volatile storage data leakage
CN114242125B (en) Power-down protection method, device and medium for NAND FLASH data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant