[go: up one dir, main page]

CN118377734A - Memory data security enhancement method and system based on physical and memory address conversion - Google Patents

Memory data security enhancement method and system based on physical and memory address conversion Download PDF

Info

Publication number
CN118377734A
CN118377734A CN202311721249.7A CN202311721249A CN118377734A CN 118377734 A CN118377734 A CN 118377734A CN 202311721249 A CN202311721249 A CN 202311721249A CN 118377734 A CN118377734 A CN 118377734A
Authority
CN
China
Prior art keywords
memory
address
memory access
physical
access address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311721249.7A
Other languages
Chinese (zh)
Inventor
章隆兵
杨超
黄文思
李桐
王保钧
肖俊华
孙峰
徐长斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Information and Telecommunication Co Ltd
Institute of Computing Technology of CAS
Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd
Original Assignee
State Grid Information and Telecommunication Co Ltd
Institute of Computing Technology of CAS
Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Information and Telecommunication Co Ltd, Institute of Computing Technology of CAS, Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd filed Critical State Grid Information and Telecommunication Co Ltd
Priority to CN202311721249.7A priority Critical patent/CN118377734A/en
Publication of CN118377734A publication Critical patent/CN118377734A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1027Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提出一种基于物理与访存地址转换的内存数据安全加强方法和系统,包括:将计算机系统中处理器发出的物理地址,通过访存地址转换部件,转换为访存地址,以该访存地址访问该计算机系统中的内存。本发明一种基于物理地址和访存地址转换的内存数据安全加强方法,需要增加一个地址转换部件实现物理地址和访存地址的转换,该部件主要包含物理地址映射区间与访存地址映射区间的映射表,以及表项匹配与访存地址转换逻辑,具有硬件开销小、地址转换速度快的优点。

The present invention proposes a memory data security enhancement method and system based on physical and memory access address conversion, including: converting the physical address issued by the processor in the computer system into a memory access address through a memory access address conversion component, and accessing the memory in the computer system with the memory access address. The present invention provides a memory data security enhancement method based on physical address and memory access address conversion, which requires adding an address conversion component to realize the conversion of physical address and memory access address. The component mainly includes a mapping table of physical address mapping interval and memory access address mapping interval, as well as table item matching and memory access address conversion logic, and has the advantages of low hardware overhead and fast address conversion speed.

Description

基于物理与访存地址转换的内存数据安全加强方法及系统Memory data security enhancement method and system based on physical and memory address conversion

技术领域Technical Field

本发明涉及计算机安全技术领域,并特别涉及一种基于物理与访存地址转换的内存数据安全加强方法及系统。The present invention relates to the field of computer security technology, and in particular to a method and system for strengthening memory data security based on physical and memory access address conversion.

背景技术Background technique

计算机系统的安全性日益受到重视。计算机系统存在内存中数据的安全性受到挑战。当受保护的系统暴露在恶意环境中,使得实施物理攻击成为可能,需要采用安全技术来提高系统安全性。The security of computer systems is receiving increasing attention. The security of data stored in the memory of computer systems is challenged. When a protected system is exposed to a malicious environment, physical attacks become possible, and security technologies need to be used to improve system security.

物理攻击(硬件攻击)是对内存数据进行攻击的重要形式,危害到数据的机密性、完整性。物理攻击者可以直接读取或者破坏内存中的数据,或者是当采用内存总线传输数据时进行截获或者修改。常见的物理攻击方法是直接攻击CPU外的内存总线,实施主动或被动的攻击。例如,在CPU与内存芯片之间的总线上搭接一个设备,可以直接监听或者修改总线上传输的数据;或者采用设备直接读写内存。主动攻击主要指修改内存数据内容,包括欺骗攻击(Spoofing attack)、重定位攻击(Relocation attack)、重放攻击(Replayattack)。欺骗攻击是指恶意攻击者使用伪造的信息替换内存块信息;重定位攻击是指用内存块B的内容来替换内存块A的内容(假设A≠B);重放攻击是指将一个给定地址的内存块内容被记录下来,后续再插入到对该地址的内存块访问中,也就是用该内存块老的数据来替换内存块当前的数据。被动攻击主要是监听内存数据内容,造成信息泄漏,破坏数据的完整性。Physical attacks (hardware attacks) are an important form of attack on memory data, which endangers the confidentiality and integrity of data. Physical attackers can directly read or destroy data in memory, or intercept or modify data when the memory bus is used to transmit data. Common physical attack methods are to directly attack the memory bus outside the CPU, and implement active or passive attacks. For example, by connecting a device to the bus between the CPU and the memory chip, you can directly monitor or modify the data transmitted on the bus; or use the device to directly read and write memory. Active attacks mainly refer to modifying the content of memory data, including spoofing attacks, relocation attacks, and replay attacks. Spoofing attacks refer to malicious attackers using forged information to replace memory block information; relocation attacks refer to replacing the content of memory block A with the content of memory block B (assuming A≠B); replay attacks refer to recording the content of a memory block at a given address and then inserting it into the memory block access to the address later, that is, replacing the current data of the memory block with the old data of the memory block. Passive attacks mainly monitor the content of memory data, causing information leakage and destroying data integrity.

为了应对上述攻击手段,现有技术提出以下内存数据安全加强方法:In order to deal with the above-mentioned attack methods, the prior art proposes the following memory data security enhancement method:

(1)内存验证技术(1) Memory Verification Technology

内存验证(Memory Authentication)是指验证处理器从一个给定地址读来的值,就是最后向该地址写入的值,是应对破坏内存数据完整性的主动攻击的重要方法。基于完整性树(Integrity Tree)的内存验证技术,主要基于密码技术。需要构建完整性树,保存在存储器中(处理器的片上存储器或者内存)。主要存在三种方法:Merkle Tree使用哈希函数;PAT树(Parallelizable Authentication Tree)使用MAC函数;TEC-Tree(Tamper-Evident Counter Tree)使用块级别的AREA。TEC-Tree方法对完整性树的验证过程和更新过程都可以并行化,具有速度快的特点,并且不仅可以应对针对数据完整性的攻击,而且可以应对针对数据机密性的攻击。Memory authentication refers to verifying that the value read by the processor from a given address is the last value written to the address. It is an important method to deal with active attacks that damage the integrity of memory data. Memory authentication technology based on integrity tree is mainly based on cryptographic technology. It is necessary to build an integrity tree and save it in the memory (on-chip memory or memory of the processor). There are three main methods: Merkle Tree uses hash functions; PAT tree (Parallelizable Authentication Tree) uses MAC function; TEC-Tree (Tamper-Evident Counter Tree) uses block-level AREA. The TEC-Tree method can parallelize the verification and update processes of the integrity tree, has the characteristics of fast speed, and can not only deal with attacks on data integrity, but also attacks on data confidentiality.

主要介绍TEC-Tree方法,该方法使用Block-Level AREA。先介绍AREA(AddedRedundancy Explicit Authentication)技术(如图1所示),该技术针对块加密算法增加完整性校验的能力。具体过程:This paper mainly introduces the TEC-Tree method, which uses Block-Level AREA. First, we introduce the AREA (Added Redundancy Explicit Authentication) technology (as shown in Figure 1), which adds integrity verification capabilities to block encryption algorithms. The specific process is as follows:

(a)将冗余数(n位的只使用一次的随机数N(nonce))与数据D链接起来,形成明文数据P,记作P=D||N;采用块加密算法的ECB(Electronic CodeBook)模式(如AES ECB)对P进行加密产生密文C;(a) Linking a redundant number (an n-bit random number N (nonce) used only once) with data D to form plaintext data P, denoted as P = D||N; encrypting P using the ECB (Electronic Code Book) mode of a block encryption algorithm (such as AES ECB) to generate ciphertext C;

(b)当接收方接收到密文C’,进行解密产生明文P’,检查P’(P’=D’||N’)中的n位冗余数N’,验证N=N’是否成立。如果相等,则表示保持完整性。(b) When the receiver receives the ciphertext C’, it decrypts it to generate the plaintext P’, checks the n-bit redundant number N’ in P’ (P’=D’||N’), and verifies whether N=N’ holds. If they are equal, it means that the integrity is maintained.

Tamper-Evident Counter Tree(TEC-Tree):Tamper-Evident Counter Tree (TEC-Tree):

如图2所示,TEC-Tree的验证函数f采用Block-Level AREA。验证原语采用只使用一次的随机数N(nonce)对输入数据Dy进行标记,然后采用块加密算法的ECB模式进行加密。秘钥K保存在处理器芯片上。Block-level AREA函数首先被用到保存在处理器芯片外的内存块上,然后递归应用于上一次迭代产生的A组结果上。产生的密文块被存储在内存中,最后一块加密用到的nonce被保存在处理器芯片上(使得攻击者无法修改)。攻击者没有key,是不能创建树节点的,没有片上的根nonce,是不能重放树根节点的。在数据块D的验证过程中,D所在的分枝中的节点被取到处理器上,进行解密。D通过完整性校验,如果:每个解密的节点的标记都与在节点解密后数据中的nonce一致;解密最高层节点获得的Nonce与处理器片上存的nonce一致。As shown in Figure 2, the verification function f of TEC-Tree uses Block-Level AREA. The verification primitive uses a random number N (nonce) that is used only once to mark the input data Dy, and then encrypts it using the ECB mode of the block encryption algorithm. The secret key K is stored on the processor chip. The Block-level AREA function is first used on a memory block stored outside the processor chip, and then recursively applied to the group A results generated by the previous iteration. The generated ciphertext blocks are stored in memory, and the nonce used for the last encryption is stored on the processor chip (so that the attacker cannot modify it). The attacker cannot create tree nodes without the key, and cannot replay the root node of the tree without the root nonce on the chip. During the verification process of data block D, the nodes in the branch where D is located are taken to the processor and decrypted. D passes the integrity check if: the mark of each decrypted node is consistent with the nonce in the data after the node is decrypted; the nonce obtained by decrypting the highest level node is consistent with the nonce stored on the processor chip.

(2)内存加密技术(2) Memory encryption technology

内存加密技术对内存数据进行加密,保证内存数据的机密性(Confidentiality),是抵御被动攻击的很好办法。AMD公司提出的一种安全内存加密SME(Secure MemoryEncryption)技术,就是一种典型的内存加密技术,应用在其Zen处理器系列中。该技术主要处理器上集成的内存控制器上设置专门的加密硬件。每个内存控制器包含一个高性能的AES(Advanced Encryption Standard)硬件引擎,当往内存写数据时进行加密;当从内存读数据时进行相应的解密。过程如图3所示。数据加密采用128位的密钥进行。每次系统启动时随机生成密钥,密钥对CPU上运行的软件是不可见的。密钥是由集成的硬件随机数发生器产生的,并保存在专门的寄存器中,对外面是不可见的。控制哪些内存页被加密是通过操作系统对页表进行设置来实现的。在页表项(PTE)中将物理地址的第47位(简称为C-bit)设置为1,则表示对该页要进行加解密;如果置为0,表示正常访问。Memory encryption technology encrypts memory data to ensure the confidentiality of memory data, which is a good way to resist passive attacks. AMD's Secure Memory Encryption SME (Secure Memory Encryption) technology is a typical memory encryption technology, which is used in its Zen processor series. This technology mainly sets up special encryption hardware on the memory controller integrated on the processor. Each memory controller contains a high-performance AES (Advanced Encryption Standard) hardware engine, which encrypts when writing data to the memory and decrypts when reading data from the memory. The process is shown in Figure 3. Data encryption uses a 128-bit key. The key is randomly generated each time the system starts, and the key is invisible to the software running on the CPU. The key is generated by the integrated hardware random number generator and stored in a special register, which is invisible to the outside. Controlling which memory pages are encrypted is achieved by setting the page table through the operating system. Setting the 47th bit (referred to as C-bit) of the physical address to 1 in the page table entry (PTE) indicates that the page is to be encrypted and decrypted; if it is set to 0, it indicates normal access.

但上述内存验证技术TEC-Tree存在缺点,硬件开销大,需要硬件实现块加密算法模块(如AES);存储开销大,对于2叉的TEC-Tree,存储开销是2倍。另外,由于读内存时需要进行完整性验证,写内存时需要跟更新完整性树相应节点,使得计算机系统运行程序的性能受到影响。However, the above memory verification technology TEC-Tree has disadvantages: large hardware overhead, requiring hardware to implement block encryption algorithm modules (such as AES); large storage overhead, for a 2-fork TEC-Tree, the storage overhead is twice as much. In addition, since integrity verification is required when reading memory, the corresponding nodes of the integrity tree need to be updated when writing memory, which affects the performance of the computer system running programs.

内存加密技术的缺点,如AMD的SME技术,需要在处理器芯片上的内存控制器上集成硬件的安全加解密AES引擎,硬件代价大,并且对于对内存进行采用AES进行加解密,使得访问内存的延迟变长了,影响程序执行的性能。另外,内存加密技术只能抵御破坏内存数据机密性的被动攻击,不能抵御破坏内存数据完整性的主动攻击。The disadvantages of memory encryption technology, such as AMD's SME technology, require the integration of a hardware security encryption and decryption AES engine on the memory controller on the processor chip, which has a high hardware cost and uses AES to encrypt and decrypt the memory, which increases the latency of accessing the memory and affects the performance of program execution. In addition, memory encryption technology can only defend against passive attacks that destroy the confidentiality of memory data, but cannot defend against active attacks that destroy the integrity of memory data.

发明内容Summary of the invention

现有基于密码技术的抵御内存数据物理攻击方法,具有硬件代价高、影响计算机系统程序执行性能的缺点,提出了一种基于物理地址和访存地址转换的内存数据安全加强方法及装置。The existing method of resisting physical attacks on memory data based on cryptographic technology has the disadvantages of high hardware cost and affecting the performance of computer system program execution. A method and device for strengthening memory data security based on physical address and memory access address conversion are proposed.

具体来说本发明提出了一种基于物理与访存地址转换的内存数据安全加强方法,其中包括:Specifically, the present invention proposes a method for strengthening memory data security based on physical and memory access address conversion, which includes:

将计算机系统中处理器发出的物理地址,通过访存地址转换部件,转换为访存地址,以该访存地址访问该计算机系统中的内存。The physical address issued by the processor in the computer system is converted into a memory access address through a memory access address conversion component, and the memory in the computer system is accessed with the memory access address.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中该访存地址转换部件包括物理地址区间到访存地址区间的映射表,以实现将该物理地址转成实际用于访问内存的该访存地址。The memory data security enhancement method based on physical and memory access address conversion, wherein the memory access address conversion component includes a mapping table from a physical address interval to a memory access address interval, so as to realize the conversion of the physical address into the memory access address actually used to access the memory.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中该访存地址转换部件判断该物理地址是否属于映射区域,若是,则将该物理地址转换为该访存地址访问该内存,否则直接以该物理地址访问该内存。The memory data security enhancement method based on physical and memory access address conversion, wherein the memory access address conversion component determines whether the physical address belongs to the mapping area, and if so, converts the physical address into the memory access address to access the memory, otherwise directly accesses the memory with the physical address.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中在该计算机系统启动时随机设置该访存地址转换部件的物理地址区间与访存地址区间映射关系。The method for strengthening memory data security based on physical and memory access address conversion randomly sets the mapping relationship between the physical address interval and the memory access address interval of the memory access address conversion component when the computer system is started.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中该随机设置包括生成随机数r1和r2,将物理地址区间r1 mod i,映射到访存地址区间r2 mod i。The memory data security enhancement method based on physical and memory access address conversion, wherein the random setting includes generating random numbers r1 and r2, and mapping the physical address interval r1 mod i to the memory access address interval r2 mod i.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中在该计算机系统启动的BIOS中运行该随机设置。The method for strengthening memory data security based on physical and memory access address conversion, wherein the random setting is run in the BIOS started by the computer system.

所述的基于物理与访存地址转换的内存数据安全加强方法,其中采用该计算机系统中的存储器组织该映射表,该处理器可以将该映射表的各项内容线性映射到指定内存地址空间上,该处理器将落在该指定内存地址空间上的读写操作转换为对于访存地址转换部件中映射表的读写操作。The method for strengthening memory data security based on physical and memory address conversion, wherein the mapping table is organized using the memory in the computer system, the processor can linearly map the contents of the mapping table to a specified memory address space, and the processor converts the read and write operations falling on the specified memory address space into read and write operations for the mapping table in the memory address conversion component.

本发明还提出了一种基于物理与访存地址转换的内存数据安全加强系统,其中包括:The present invention also proposes a memory data security enhancement system based on physical and memory access address conversion, which includes:

访存地址转换部件,用于将计算机系统中处理器发出的物理地址,转换为访存地址,以该访存地址访问该计算机系统中的内存。The memory access address conversion component is used to convert the physical address issued by the processor in the computer system into a memory access address, and use the memory access address to access the memory in the computer system.

本发明还提出了一种存储介质,用于存储执行所述任意一种基于物理与访存地址转换的内存数据安全加强方法的程序。The present invention also proposes a storage medium for storing a program for executing any one of the memory data security enhancement methods based on physical and memory access address conversion.

本发明还提出了一种客户端,用于所述的基于物理与访存地址转换的内存数据安全加强系统。The present invention also proposes a client, which is used for the memory data security enhancement system based on physical and memory access address conversion.

由以上方案可知,本发明的优点在于:It can be seen from the above scheme that the advantages of the present invention are:

本发明一种基于物理地址和访存地址转换的内存数据安全加强方法,需要增加一个地址转换部件实现物理地址和访存地址的转换,该部件主要包含物理地址映射区间与访存地址映射区间的映射表,以及表项匹配与访存地址转换逻辑,具有硬件开销小、地址转换速度快的优点。The present invention discloses a method for strengthening memory data security based on conversion of physical address and memory access address. It is necessary to add an address conversion component to realize conversion of physical address and memory access address. The component mainly includes a mapping table of physical address mapping interval and memory access address mapping interval, as well as table item matching and memory access address conversion logic. It has the advantages of low hardware overhead and fast address conversion speed.

基于密码技术保护数据完整性和安全性的技术,需要集成硬件实现的安全加解密AES引擎,以及需要大的存储开销,硬件代价大,并且对于对内存数据进行加解密,在访存的关键路径上,较严重影响程序执行的性能。The technology of protecting data integrity and security based on cryptographic technology requires the integration of a hardware-implemented secure encryption and decryption AES engine, as well as large storage overhead and high hardware cost. In addition, the encryption and decryption of memory data seriously affects the performance of program execution on the critical path of memory access.

本发明与基于密码技术保护数据完整性和安全性的技术相比,具有硬件开销小,对计算机系统运行程序的性能影响小的优点。Compared with the technology of protecting data integrity and security based on cryptographic technology, the present invention has the advantages of low hardware cost and little impact on the performance of computer system running programs.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1为现有技术AREA技术介绍图;FIG1 is an introduction diagram of the prior art AREA technology;

图2为TEC-Tree介绍图;Figure 2 is an introduction diagram of TEC-Tree;

图3为内存加密技术介绍图;Figure 3 is an introduction diagram of memory encryption technology;

图4为本发明执行框图;FIG4 is an execution block diagram of the present invention;

图5为本发明随机建立映射关系示意图。FIG5 is a schematic diagram of randomly establishing a mapping relationship according to the present invention.

具体实施方式Detailed ways

内存数据安全是计算机安全的重要研究内容。我们在研究针对内存数据物理攻击的防御技术时,发现目前主要采用密码技术来保护内存数据的机密性和完整性。采用密码技术的优点是效果好,但存在的缺点是硬件代价高(需要实现硬件加解密引擎、可能需要大的存储器开销),而且加解密操作是发生在数据读写的路径上,因此对计算机系统的程序运行性能造成影响。Memory data security is an important research topic in computer security. When we studied the defense technology against physical attacks on memory data, we found that cryptographic technology is currently mainly used to protect the confidentiality and integrity of memory data. The advantage of using cryptographic technology is good effect, but the disadvantage is that the hardware cost is high (it is necessary to implement a hardware encryption and decryption engine, which may require a large memory overhead), and the encryption and decryption operations occur on the path of data reading and writing, which affects the program running performance of the computer system.

本发明发现,针对内存数据的物理攻击都需要针对某个给定的物理地址进行。对给定物理地址,一般是通过先验知识知道物理地址对应到的虚拟地址,知道对应到是敏感信息,才进行有效攻击。传统的内存管理方法,建立虚拟地址和物理地址之间的映射关系,将程序给出的虚拟地址翻译成物理地址,然后根据物理地址直接访问内存中内容。但是对于某些地址空间中(如操作系统内核空间),虚拟地址跟物理地址之间的映射关系是固定的。所以根据物理地址可以知道对应的虚拟地址的内容,如果虚拟地址的内容是属于敏感信息(如密钥),就可以实现攻击。The present invention finds that physical attacks against memory data need to be carried out against a given physical address. For a given physical address, it is generally known through a priori knowledge that the virtual address corresponding to the physical address is sensitive information, and then an effective attack is carried out. The traditional memory management method establishes a mapping relationship between virtual addresses and physical addresses, translates the virtual address given by the program into a physical address, and then directly accesses the content in the memory according to the physical address. However, for some address spaces (such as the operating system kernel space), the mapping relationship between the virtual address and the physical address is fixed. Therefore, the content of the corresponding virtual address can be known based on the physical address. If the content of the virtual address is sensitive information (such as a key), an attack can be implemented.

基于上述发现,本发明在传统内存管理机制上再增加一层映射关系,先将物理地址转换成访存地址,然后再用访存地址去进行访问内存。物理地址与访存地址之间的映射关系,是计算机在启动时由BIOS或者其他底层软件设置的,并且具有一定的随机性。物理攻击者可以监测到访存地址,但是无法将访存地址与虚拟地址对应起来,也就无法判断当前访存地址对应的内存内容是何种信息,因此难于实施有效的内存数据攻击。Based on the above findings, the present invention adds another layer of mapping relationship to the traditional memory management mechanism, first converting the physical address into a memory access address, and then using the memory access address to access the memory. The mapping relationship between the physical address and the memory access address is set by the BIOS or other underlying software when the computer is started, and has a certain degree of randomness. A physical attacker can monitor the memory access address, but cannot match the memory access address with the virtual address, and cannot determine what kind of information the memory content corresponding to the current memory access address is, so it is difficult to implement an effective memory data attack.

将物理地址与访存地址进行转换是由硬件进行,因此速度快,对程序性能影响小,并且转换机制的硬件开销小。为了实现上述技术效果,本发明包括如下十点关键技术:The conversion between the physical address and the memory address is performed by hardware, so the speed is fast, the impact on program performance is small, and the hardware overhead of the conversion mechanism is small. In order to achieve the above technical effects, the present invention includes the following ten key technologies:

关键点1,设计访存地址转换部件,将处理器发出的用于访存的物理地址经过访存地址转换部件,转成访存地址后,才进行访问内存。在物理攻击情况下,攻击者只能检测到CPU与内存互连的总线,因此只能检测到最终的访存地址,因此采用本发明技术,使得根据物理攻击监测到的访存地址难于推导出对应的程序虚拟地址,从而难于有效进行内存物理攻击,并且具有开销小、性能高的优点,提高了计算机系统的安全性。Key point 1, design a memory access address conversion component, convert the physical address for memory access issued by the processor into a memory access address through the memory access address conversion component, and then access the memory. In the case of a physical attack, the attacker can only detect the bus interconnecting the CPU and the memory, and therefore can only detect the final memory access address. Therefore, the technology of the present invention makes it difficult to derive the corresponding program virtual address based on the memory access address monitored by the physical attack, thereby making it difficult to effectively carry out a physical memory attack, and has the advantages of low overhead and high performance, thereby improving the security of the computer system.

关键点2,一种基于地址映射表的访存地址转换部件的设计,设置一个物理地址区间到访存地址区间的映射表,用来实现将物理地址转成实际用于访问内存的访存地址。Key point 2, a design of a memory access address conversion component based on an address mapping table, setting a mapping table from a physical address range to a memory access address range, to realize the conversion of a physical address into a memory access address actually used to access the memory.

关键点3,访存地址转换部件中映射表的设计,包括对映射表表项内容的设计、表项的访问、物理地址与访存地址的转换方法,可以更加高效实现物理地址与访存地址的转换。Key point 3, the design of the mapping table in the memory address conversion component, including the design of the mapping table entry content, the access to the table entry, and the conversion method between the physical address and the memory address, can realize the conversion between the physical address and the memory address more efficiently.

关键点4,一种基于映射表项的物理地址与访存地址的转换方法,包括:地址区间的命中判定逻辑、如果命中则访存地址的生成逻辑等。可以更加高效的将物理地址转换为访存地址,并且具有硬件开销小、速度快的特点。Key point 4, a method for converting physical addresses and memory access addresses based on mapping table entries, including: hit determination logic of address intervals, logic for generating memory access addresses if hit, etc. The physical address can be converted to the memory access address more efficiently, and has the characteristics of low hardware overhead and high speed.

关键点5,一种建立物理地址区间与访存地址区间映射关系的方法。如果全部地址均进行统一转换,不灵活。设置区间,并通过对映射表配置,使得地址转换转换灵活,具有更高安全性。因此将物理地址空间分为映射区域和不映射区域,其中映射区域由映射区间组成,可以存在多个不连续的映射区间(映射区间的大小为2SIZE个字节),也可以存在多个不连续的不映射区间。对于不映射区域,访存地址与物理地址相同。对于物理地址空间的映射区域中的映射区间,则每个映射区间就需要映射到一个相同大小的访存地址区间,这个映射关系由映射表的一项来记录。且上述技术还可起到重点保护特定的地址信息的效果。操作系统内核区域的虚拟地址与物理地址关系,往往是确定的,因此需要设置为映射区域。而用户程序的空间,可以设置为不映射区域。Key point 5, a method for establishing a mapping relationship between a physical address interval and a memory access address interval. If all addresses are converted uniformly, it is not flexible. Set the interval, and configure the mapping table to make the address conversion flexible and more secure. Therefore, the physical address space is divided into a mapping area and an unmapped area, where the mapping area is composed of a mapping interval, and there may be multiple discontinuous mapping intervals (the size of the mapping interval is 2SIZE bytes), or there may be multiple discontinuous unmapped intervals. For the unmapped area, the memory access address is the same as the physical address. For the mapping interval in the mapping area of the physical address space, each mapping interval needs to be mapped to a memory access address interval of the same size, and this mapping relationship is recorded by an item in the mapping table. And the above technology can also play a role in protecting specific address information. The relationship between the virtual address and the physical address of the operating system kernel area is often determined, so it needs to be set as a mapping area. The space of the user program can be set as an unmapped area.

关键点6,一种基于随机化的建立物理地址区间与访存地址区间映射关系的方法,使得对于i个相同大小的物理地址映射区间和i个相同大小的访存地址映射区间之间的映射关系,可以在系统启动时进行随机化设置来提升安全性,可以使得同一台计算机系统的不同启动,其物理地址区间与访存地址区间映射关系不一样,进一步增加安全性。Key point 6, a method for establishing a mapping relationship between a physical address interval and a memory access address interval based on randomization, so that the mapping relationship between i physical address mapping intervals of the same size and i memory access address mapping intervals of the same size can be randomized when the system is started to improve security. This can make the mapping relationship between the physical address interval and the memory access address interval different when the same computer system is started at different times, further increasing security.

关键点7,提出了一种基于随机数发生器的物理地址区间与访存地址区间的随机化设置算法,主要采用随机数发生器获得2个随机数r1、r2。将物理地址区间r1 mod i,映射到访存地址区间r2 mod i;将物理地址区间(r1+1)mod i,映射到访存地址区间(r2+1)modi;.....;将物理地址区间(r1+i-1)mod i,映射到访存地址区间(r2+i-1)mod i。采用该算法,可以实现物理地址区间与访存地址区间的随机化设置。其中mod i的含义是除以i,取余数。Key point 7, a random setting algorithm for the physical address interval and the memory access address interval based on a random number generator is proposed, which mainly uses a random number generator to obtain two random numbers r1 and r2. Map the physical address interval r1 mod i to the memory access address interval r2 mod i; map the physical address interval (r1+1) mod i to the memory access address interval (r2+1) mod i; ...; map the physical address interval (r1+i-1) mod i to the memory access address interval (r2+i-1) mod i. Using this algorithm, the random setting of the physical address interval and the memory access address interval can be realized. The meaning of mod i is to divide by i and take the remainder.

关键点8,一种基于存储器的映射表组织方式,采用存储器来组织映射表,包括各个表项的内容,以及访问方式。处理器可以将映射表的各项内容线性映射到一段特殊的内存地址空间上,处理器将落在这段地址空间上的读写操作转换为对于访存地址转换部件中映射表的读写操作,而不是将其发往内存。如此配置映射表,可直接采用普通的访存指令(load、store),访问这段特殊的内存地址空间即可。否则,需要进行专门的设计来配置映射表。Key point 8, a memory-based mapping table organization method, using memory to organize the mapping table, including the contents of each table item and the access method. The processor can linearly map the contents of the mapping table to a special memory address space, and the processor converts the read and write operations falling on this address space into read and write operations for the mapping table in the memory address conversion component, instead of sending them to the memory. With the mapping table configured in this way, ordinary memory access instructions (load, store) can be directly used to access this special memory address space. Otherwise, a special design is required to configure the mapping table.

关键点9,一种基于寄存器的映射表组织方式,采用寄存器来组织映射表,包括各个表项的内容,以及访问方式。采用寄存器组织映射的方式,使得能快速访问映射表,但规模受限。Key point 9, a register-based mapping table organization method, using registers to organize the mapping table, including the content of each table entry and the access method. The use of registers to organize the mapping method enables fast access to the mapping table, but the scale is limited.

关键点10,对映射表的配置,可以在系统启动的BIOS中运行,或者其他的高安全的底层启动代码中,可以通过基于硬件可信根的可信启动技术手段来保护BIOS或者其他的高安全的底层启动代码的安全性。这样即使操作系统被攻破,也能保护安全性。Key point 10: The configuration of the mapping table can be run in the BIOS when the system is started, or in other high-security underlying startup codes. The security of the BIOS or other high-security underlying startup codes can be protected by trusted startup technology based on hardware trusted roots. In this way, security can be protected even if the operating system is compromised.

为让本发明的上述特征和效果能阐述的更明确易懂,下文特举实施例,并配合说明书附图作详细说明如下。In order to make the above features and effects of the present invention more clearly understood, embodiments are given below and described in detail with reference to the accompanying drawings.

1、数据访问控制总体处理流程:1. Overall processing flow of data access control:

访存的总体处理流程是:将处理器核发出的物理地址,通过访存地址转换部件,转换成访存地址后,再根据该访存地址得到行地址、列地址访问内存。访问内存可以是读写内存和从内存取指。The overall processing flow of memory access is: the physical address issued by the processor core is converted into a memory access address through the memory access address conversion component, and then the row address and column address are obtained according to the memory access address to access the memory. Accessing the memory can be reading and writing the memory and fetching instructions from the memory.

2、访存地址转换部件:2. Memory address conversion component:

设置一个物理地址区间到访存地址区间的映射表,用来实现将物理地址转成实际用于访问内存的访存地址。Set up a mapping table from physical address range to memory access address range to convert physical addresses into memory access addresses actually used to access memory.

映射表的每个表项能够确定一段2SIZE(SIZE的具体范围视实现时的需求而定)大小且起始地址2SIZE大小边界对齐的连续地址区域。每个表项包含如下配置信息:有效位、物理地址区间起始地址、区间大小掩码、访存地址区间的起始地址。Each entry in the mapping table can determine a continuous address area of 2 SIZE (the specific range of SIZE depends on the requirements of the implementation) with a starting address aligned to a 2 SIZE size boundary. Each entry contains the following configuration information: valid bits, starting address of the physical address interval, interval size mask, and starting address of the memory access address interval.

假设物理地址和访存地址的宽度都为N位。物理地址区间起始地址、区间大小掩码、访存地址区间的起始地址都为N位,有效位为1位。Assume that the width of the physical address and the memory access address are both N bits. The starting address of the physical address interval, the interval size mask, and the starting address of the memory access address interval are all N bits, and the valid bit is 1 bit.

其中:in:

有效位(VALID):1位,为1时表示该表项内容有效;为0时表示该表项内容无效;Valid bit (VALID): 1 bit, when it is 1, it means the content of the table entry is valid; when it is 0, it means the content of the table entry is invalid;

物理地址区间起始地址(PHY_STARTADDR):每个表项所针对的连续地址区域的起始地址。该地址必须是大小边界对齐的,例如当地址区域大小是256字节时,地址的最低8位必须为全0;Physical address interval start address (PHY_STARTADDR): The start address of the continuous address area targeted by each table entry. The address must be aligned to the size boundary. For example, when the address area size is 256 bytes, the lowest 8 bits of the address must be all 0;

掩码(MASK):掩码与区间大小相关。由于区间大小的幂指数特点,每个表项所针对的连续地址区间的大小为2SIZE个字节。则掩码为:高位全为1,低位为SIZE个0位。例如区域大小是256字节时此处值为:高位全为1,低8位为0;Mask (MASK): The mask is related to the interval size. Due to the exponential characteristics of the interval size, the size of the continuous address interval targeted by each table entry is 2SIZE bytes. Then the mask is: all high bits are 1, and the low bits are SIZE 0 bits. For example, when the area size is 256 bytes, the value here is: all high bits are 1, and the low 8 bits are 0;

访存地址区域的起始地址(MEM_STARTADDR):每个表项所针对的连续地址区域的转换后的区域起始地址。该地址也必须是大小边界对齐的,例如当地址区域大小是256字节时,地址的最低8位必须为全0。The starting address of the memory access address area (MEM_STARTADDR): The converted starting address of the continuous address area targeted by each table entry. This address must also be aligned to the size boundary. For example, when the address area size is 256 bytes, the lowest 8 bits of the address must be all 0.

将物理地址(PHY_ADDR)与映射表中的所有表项都进行命中判定:The physical address (PHY_ADDR) is hit determined with all entries in the mapping table:

地址区间的命中判定逻辑如下:The hit determination logic of the address range is as follows:

VALID&&(PHY_ADDR&MASK==PHY_STARTADDR)VALID&&(PHY_ADDR&MASK==PHY_STARTADDR)

如果某个表项判定结果为1,表示该物理地址在该表项的对应地址区间内,则访存地址置为:If the result of a table entry is 1, it means that the physical address is within the corresponding address range of the table entry, and the memory access address is set to:

MEM_ADDR=(PHY_ADDR&~MASK)|MEM_STARTADDRMEM_ADDR=(PHY_ADDR&~MASK)|MEM_STARTADDR

如果所有表项的判定结果都不为1,则表示该物理地址不在所有表项对应的地址区间内,则:If the determination results of all entries are not 1, it means that the physical address is not within the address range corresponding to all entries, then:

MEM_ADDR=PHY_ADDRMEM_ADDR=PHY_ADDR

上述地址转换过程为硬件自动完成,没有软件参与。The above address conversion process is completed automatically by hardware without the involvement of software.

3、建立物理地址区间与访存地址区间的映射关系:3. Establish the mapping relationship between the physical address range and the memory access address range:

通过设置物理地址区间到访存地址区间之间的映射表内容,可以建立物理地址区间和访存地址区间之间的映射关系。物理地址空间和访存地址空间的大小是相同的。如何确定物理地址区间与访存地址区间的映射关系是关键。如下图所示。物理地址空间分为映射区域和不映射区域,其中映射区域由映射区间组成,可以存在多个不连续的映射区间,也可以存在多个不连续的不映射区间。对于不映射区域,访存地址与物理地址相同。对于物理地址空间的映射区域中的映射区间,则每个映射区间就需要映射到一个相同大小的访存地址区间,这个映射关系由映射表的一项来记录。By setting the content of the mapping table between the physical address interval and the memory access address interval, the mapping relationship between the physical address interval and the memory access address interval can be established. The size of the physical address space and the memory access address space is the same. How to determine the mapping relationship between the physical address interval and the memory access address interval is the key. As shown in the figure below. The physical address space is divided into a mapping area and an unmapped area, where the mapping area is composed of mapping intervals. There can be multiple discontinuous mapping intervals, or there can be multiple discontinuous unmapped intervals. For the unmapped area, the memory access address is the same as the physical address. For the mapping intervals in the mapping area of the physical address space, each mapping interval needs to be mapped to a memory access address interval of the same size, and this mapping relationship is recorded by an item in the mapping table.

对于一个物理地址空间的映射区间具体映射到哪个访存地址空间的映射区间,是由系统设计者来确定,并且通过在BIOS等中设置映射表的内容来进行记录。需要根据一些规则来进行。The specific mapping interval of a physical address space to which the mapping interval of the memory address space is mapped is determined by the system designer and recorded by setting the content of the mapping table in the BIOS, etc. This needs to be done according to some rules.

对于一个物理地址空间的映射区间,设计者需要在访存地址的映射区域中,找一个相同大小的空间来进行映射。对于i个相同大小的物理地址映射区间,需要找i个相同大小的访存地址映射区间进行映射。对于其中的任一个物理地址映射区间,可以映射到i个访存地址映射区间重的任一个。For a mapping interval of a physical address space, the designer needs to find a space of the same size in the mapping area of the memory access address for mapping. For i physical address mapping intervals of the same size, it is necessary to find i memory access address mapping intervals of the same size for mapping. For any of the physical address mapping intervals, it can be mapped to any of the i memory access address mapping intervals.

这样就可以通过随机化,来提升系统安全性。即每次计算机系统启动的BIOS中,对于i个相同大小的物理地址映射区间和i个相同大小的访存地址映射区间之间的映射关系,进行通过随机化设置来提升安全性。如下图所示,其中的一种方案是物理地址映射区间1映射到访存地址映射区间4、物理地址映射区间2映射到访存地址映射区间1、物理地址映射区间4映射到访存地址映射区间2。实际对于图中i=4的情况,方案共有4*3*2=24种。对于i个相同大小的物理地址映射区间而言,方案共有i!种。通过随机化设计,使得每次系统启动时在BIOS,随机设置其中一种。In this way, system security can be improved through randomization. That is, in the BIOS every time the computer system starts, the mapping relationship between i physical address mapping intervals of the same size and i memory access address mapping intervals of the same size is randomly set to improve security. As shown in the figure below, one of the schemes is that physical address mapping interval 1 is mapped to memory access address mapping interval 4, physical address mapping interval 2 is mapped to memory access address mapping interval 1, and physical address mapping interval 4 is mapped to memory access address mapping interval 2. In fact, for the case of i=4 in the figure, there are 4*3*2=24 schemes. For i physical address mapping intervals of the same size, there are i! schemes. Through randomization design, one of them is randomly set in the BIOS every time the system starts.

以下是一种可行的建立映射关系的随机化方法,通过运行软件来确定映射关系。如图5所示The following is a feasible randomization method for establishing a mapping relationship, which is determined by running the software. As shown in Figure 5

第一步:对于i大小相同的物理地址映射区间,先确定i个物理地址映射区间的起始地址,再确定i个访存地址空间的起始地址。Step 1: For i physical address mapping intervals of the same size, first determine the starting addresses of i physical address mapping intervals, and then determine the starting addresses of i memory access address spaces.

第二步:采用随机数发生器获得2个随机数r1、r2。将物理地址区间r1 mod i,映射到访存地址区间r2 mod i;将物理地址区间(r1+1)mod i,映射到访存地址区间(r2+1)modi;.....;将物理地址区间(r1+i-1)mod i,映射到访存地址区间(r2+i-1)mod i。Step 2: Use a random number generator to obtain two random numbers r1 and r2. Map the physical address interval r1 mod i to the memory access address interval r2 mod i; map the physical address interval (r1+1) mod i to the memory access address interval (r2+1) mod i; ...; map the physical address interval (r1+i-1) mod i to the memory access address interval (r2+i-1) mod i.

4、映射表配置:4. Mapping table configuration:

映射表可以采用多种方式进行组织。一种可行的映射表组织方式是采用寄存器方式组织,另一种是采用存储器方式组织。The mapping table can be organized in a variety of ways. One feasible mapping table organization method is to organize it in a register manner, and another is to organize it in a memory manner.

处理器复位之后,访存地址转换部件中所有表项均为无效项,由BIOS等底层软件根据需要填入相应的表项。After the processor is reset, all table entries in the memory address translation unit are invalid, and the corresponding table entries are filled in by the underlying software such as BIOS as needed.

假设映射表有M项,物理地址和访存地址的宽度都为N位。对于寄存器方式:Assume that the mapping table has M entries, and the width of the physical address and the memory address are both N bits. For the register method:

假设寄存器的组数有M组,其中一组寄存器对应到映射表的一项。一组寄存器包含:有效位寄存器Valid_r(1位)、物理地址区间起始地址寄存器PHY_STARTADDR_r(N位)、掩码寄存器Mask_r(N位)、访存地址区间起始地址寄存器MEM_STARTADDR_r(N位)。Assume that there are M groups of registers, and one group of registers corresponds to an item in the mapping table. One group of registers includes: valid bit register Valid_r (1 bit), physical address interval start address register PHY_STARTADDR_r (N bits), mask register Mask_r (N bits), and memory access address interval start address register MEM_STARTADDR_r (N bits).

采用寄存器组号register_index去访问寄存器。在BIOS或其他底层启动软件中,在确定物理地址映射区间和访存地址映射区间的映射关系后,根据寄存器组号register_index(赋值从0到M-1),逐项去写寄存器中的内容。Registers are accessed using register group number register_index. In BIOS or other low-level boot software, after determining the mapping relationship between the physical address mapping interval and the memory access address mapping interval, the contents of the registers are written item by item according to the register group number register_index (assigned from 0 to M-1).

对于存储器组织方式,在访存地址转换部件中设置专门存储器,用于存放映射表。处理器可以将映射表的各项内容线性映射到一段特殊的内存地址空间上,处理器将落在这段地址空间上的读写操作转换为对于访存地址转换部件中映射表的读写操作,而不是将其发往内存。As for the memory organization, a special memory is set in the memory access address conversion unit to store the mapping table. The processor can linearly map the contents of the mapping table to a special memory address space, and the processor converts the read and write operations falling on this address space into read and write operations for the mapping table in the memory access address conversion unit instead of sending them to the memory.

下面以具体示例说明所采用的线性映射的方法。为了描述简洁,对表项中各个域给予明确定义:The following is a specific example to illustrate the linear mapping method used. For the sake of simplicity, each field in the table entry is clearly defined:

假设映射表有M项,物理地址和访存地址的宽度都为N位(假设N=64位)。Assume that the mapping table has M entries, and the width of the physical address and the memory access address are both N bits (assuming N=64 bits).

为了描述简洁,对表项中各个域给予明确定义:Valid位为1位(占1个字节)、PHY_STARTADDR(64位)、MASK(64位)、MEM_STARTADDR(64位)。假设映射表一共有M项,则映射关系如下:For the sake of simplicity, each field in the table entry is clearly defined: Valid bit is 1 bit (occupies 1 byte), PHY_STARTADDR (64 bits), MASK (64 bits), MEM_STARTADDR (64 bits). Assuming that the mapping table has a total of M items, the mapping relationship is as follows:

映射表第n项Valid信息(n=0..M-1)Valid information of item n in the mapping table (n=0..M-1)

映射后地址:查找表基址+0x19×nMapped address: lookup table base address + 0x19×n

名称name Bit 功能描述Functional Description ValidValid 00 该表项的有效位,1表示有效The valid bit of this entry, 1 means valid

映射表第n项PHY_STARTADDR信息(n=0..M-1)Mapping table item n PHY_STARTADDR information (n=0..M-1)

映射后地址:查找表基址+0x19×n+0x1Mapped address: lookup table base address + 0x19×n + 0x1

名称name Bit 功能描述Functional Description PHY_STARTADDRPHY_STARTADDR 63:063:0 物理地址映射区间的起始地址The starting address of the physical address mapping range

映射表第n项MASK信息(n=0..M-1)Mapping table item n MASK information (n=0..M-1)

映射后地址:查找表基址+0x19×n+0x9Mapped address: lookup table base address + 0x19×n + 0x9

名称name Bit 功能描述Functional Description MASKMASK 63:063:0 区间大小的掩码Interval size mask

映射表第n项MEM_STARTADDR信息(n=0..M-1)Mapping table item n MEM_STARTADDR information (n=0..M-1)

映射后地址:查找表基址+0x19×n+0x11Mapped address: lookup table base address + 0x19×n + 0x11

名称name Bit 功能描述Functional Description MEM_STARTADDRMEM_STARTADDR 63:063:0 访存地址映射区间的起始地址The starting address of the memory address mapping range

处理器在BIOS或其他底层启动软件中,在确定物理地址映射区间和访存地址映射区间的映射关系后,按照读写内存的方式去写映射表内容。In the BIOS or other low-level startup software, after determining the mapping relationship between the physical address mapping interval and the memory access address mapping interval, the processor writes the mapping table content in the manner of reading and writing memory.

以下为与上述方法实施例对应的系统实施例,本实施方式可与上述实施方式互相配合实施。上述实施方式中提到的相关技术细节在本实施方式中依然有效,为了减少重复,这里不再赘述。相应地,本实施方式中提到的相关技术细节也可应用在上述实施方式中。The following is a system embodiment corresponding to the above method embodiment. This embodiment can be implemented in conjunction with the above embodiment. The relevant technical details mentioned in the above embodiment are still valid in this embodiment. In order to reduce repetition, they are not repeated here. Accordingly, the relevant technical details mentioned in this embodiment can also be applied in the above embodiment.

本发明还提出了一种基于物理与访存地址转换的内存数据安全加强系统,包括访存地址转换部件,用于计算机系统中处理器发出的物理地址,转换为访存地址,以该访存地址访问该计算机系统中的内存。The present invention also proposes a memory data security enhancement system based on physical and memory access address conversion, including a memory access address conversion component for converting a physical address issued by a processor in a computer system into a memory access address, and using the memory access address to access the memory in the computer system.

所述的基于物理与访存地址转换的内存数据安全加强系统,其中该访存地址转换部件包括物理地址区间到访存地址区间的映射表,以实现将该物理地址转成实际用于访问内存的该访存地址。The memory data security enhancement system based on physical and memory access address conversion, wherein the memory access address conversion component includes a mapping table from a physical address range to a memory access address range, so as to realize the conversion of the physical address into the memory access address actually used to access the memory.

所述的基于物理与访存地址转换的内存数据安全加强系统,其中该访存地址转换部件判断该物理地址是否属于映射区域,若是,则将该物理地址转换为该访存地址访问该内存,否则直接以该物理地址访问该内存。The memory data security enhancement system based on physical and memory access address conversion, wherein the memory access address conversion component determines whether the physical address belongs to the mapping area, and if so, converts the physical address into the memory access address to access the memory, otherwise directly accesses the memory with the physical address.

1所述的基于物理与访存地址转换的内存数据安全加强系统,其中在该计算机系统启动时随机设置该访存地址转换部件的物理地址区间与访存地址区间映射关系。1. The memory data security enhancement system based on physical and memory access address conversion, wherein the mapping relationship between the physical address interval and the memory access address interval of the memory access address conversion component is randomly set when the computer system is started.

所述的基于物理与访存地址转换的内存数据安全加强系统,其中该随机设置包括生成随机数r1和r2,将物理地址区间r1 mod i,映射到访存地址区间r2 mod i。The memory data security enhancement system based on physical and memory access address conversion, wherein the random setting includes generating random numbers r1 and r2, and mapping the physical address interval r1 mod i to the memory access address interval r2 mod i.

所述的基于物理与访存地址转换的内存数据安全加强系统,其中在该计算机系统启动的BIOS中运行该随机设置。The memory data security enhancement system based on physical and memory access address conversion runs the random setting in the BIOS started by the computer system.

所述的基于物理与访存地址转换的内存数据安全加强系统,其中采用该计算机系统中的存储器组织该映射表,该处理器可以将该映射表的各项内容线性映射到指定内存地址空间上,该处理器将落在该指定内存地址空间上的读写操作转换为对于访存地址转换部件中映射表的读写操作。The memory data security enhancement system based on physical and memory address conversion, wherein the mapping table is organized using the memory in the computer system, the processor can linearly map the contents of the mapping table to a specified memory address space, and the processor converts the read and write operations falling on the specified memory address space into read and write operations for the mapping table in the memory address conversion component.

Claims (10)

1.一种基于物理与访存地址转换的内存数据安全加强方法,其特征在于,包括:1. A method for strengthening memory data security based on physical and memory access address conversion, characterized by comprising: 将计算机系统中处理器发出的物理地址,通过访存地址转换部件,转换为访存地址,以该访存地址访问该计算机系统中的内存。The physical address issued by the processor in the computer system is converted into a memory access address through a memory access address conversion component, and the memory in the computer system is accessed with the memory access address. 2.如权利要求1所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,该访存地址转换部件包括物理地址区间到访存地址区间的映射表,以实现将该物理地址转成实际用于访问内存的该访存地址。2. The memory data security enhancement method based on physical and memory access address conversion as described in claim 1 is characterized in that the memory access address conversion component includes a mapping table from a physical address range to a memory access address range to realize the conversion of the physical address into the memory access address actually used to access the memory. 3.如权利要求1所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,该访存地址转换部件判断该物理地址是否属于映射区域,若是,则将该物理地址转换为该访存地址访问该内存,否则直接以该物理地址访问该内存。3. The memory data security enhancement method based on physical and memory access address conversion as described in claim 1 is characterized in that the memory access address conversion component determines whether the physical address belongs to the mapping area. If so, the physical address is converted into the memory access address to access the memory, otherwise the memory is directly accessed with the physical address. 4.如权利要求1所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,在该计算机系统启动时随机设置该访存地址转换部件的物理地址区间与访存地址区间映射关系。4. The memory data security enhancement method based on physical and memory access address conversion as described in claim 1 is characterized in that the mapping relationship between the physical address range and the memory access address range of the memory access address conversion component is randomly set when the computer system is started. 5.如权利要求4所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,该随机设置包括生成随机数r1和r2,将物理地址区间r1 mod i,映射到访存地址区间r2mod i。5. The memory data security enhancement method based on physical and memory access address conversion as claimed in claim 4, characterized in that the random setting includes generating random numbers r1 and r2, and mapping the physical address interval r1 mod i to the memory access address interval r2 mod i. 6.如权利要求5所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,在该计算机系统启动的BIOS中运行该随机设置。6. The memory data security enhancement method based on physical and memory access address translation as claimed in claim 5, characterized in that the random setting is run in the BIOS started by the computer system. 7.如权利要求2所述的基于物理与访存地址转换的内存数据安全加强方法,其特征在于,采用该计算机系统中的存储器组织该映射表,该处理器可以将该映射表的各项内容线性映射到指定内存地址空间上,该处理器将落在该指定内存地址空间上的读写操作转换为对于访存地址转换部件中映射表的读写操作。7. The memory data security enhancement method based on physical and memory address conversion as described in claim 2 is characterized in that the mapping table is organized using the memory in the computer system, the processor can linearly map the contents of the mapping table to a specified memory address space, and the processor converts the read and write operations falling on the specified memory address space into read and write operations for the mapping table in the memory address conversion component. 8.一种基于物理与访存地址转换的内存数据安全加强系统,其特征在于,包括:8. A memory data security enhancement system based on physical and memory access address conversion, characterized by comprising: 访存地址转换部件,用于将计算机系统中处理器发出的物理地址,转换为访存地址,以该访存地址访问该计算机系统中的内存。The memory access address conversion component is used to convert the physical address issued by the processor in the computer system into a memory access address, and use the memory access address to access the memory in the computer system. 9.一种存储介质,用于存储执行如权利要求1到7所述任意一种基于物理与访存地址转换的内存数据安全加强方法的程序。9. A storage medium for storing a program for executing any one of the memory data security enhancement methods based on physical and memory access address conversion as claimed in claims 1 to 7. 10.一种客户端,用于权利要求8所述的基于物理与访存地址转换的内存数据安全加强系统。10. A client, used in the memory data security enhancement system based on physical and memory access address conversion as claimed in claim 8.
CN202311721249.7A 2023-12-14 2023-12-14 Memory data security enhancement method and system based on physical and memory address conversion Pending CN118377734A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311721249.7A CN118377734A (en) 2023-12-14 2023-12-14 Memory data security enhancement method and system based on physical and memory address conversion

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311721249.7A CN118377734A (en) 2023-12-14 2023-12-14 Memory data security enhancement method and system based on physical and memory address conversion

Publications (1)

Publication Number Publication Date
CN118377734A true CN118377734A (en) 2024-07-23

Family

ID=91907229

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311721249.7A Pending CN118377734A (en) 2023-12-14 2023-12-14 Memory data security enhancement method and system based on physical and memory address conversion

Country Status (1)

Country Link
CN (1) CN118377734A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118568035A (en) * 2024-07-31 2024-08-30 苏州旗芯微半导体有限公司 Embedded system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118568035A (en) * 2024-07-31 2024-08-30 苏州旗芯微半导体有限公司 Embedded system

Similar Documents

Publication Publication Date Title
Awad et al. Obfusmem: A low-overhead access obfuscation for trusted memories
Gueron A memory encryption engine suitable for general purpose processors
TWI556106B (en) Method and apparatus for memory encryption with integrity check and protection against replay attacks
TWI567557B (en) A tweakable encrypion mode for memory encryption with protection against replay attacks
JP5306465B2 (en) Pre-calculation of message authentication code applied to secure memory
Elbaz et al. Hardware mechanisms for memory authentication: A survey of existing techniques and engines
US11658808B2 (en) Re-encryption following an OTP update event
WO2009057094A1 (en) Memory randomization for protection against side channel attacks
US20160065368A1 (en) Address-dependent key generator by xor tree
JP2022512051A (en) Integrity tree for memory integrity check
Unterluggauer et al. MEAS: memory encryption and authentication secure against side-channel attacks
US20240078323A1 (en) Counter tree
CN118377734A (en) Memory data security enhancement method and system based on physical and memory address conversion
US20230259660A1 (en) Integrity tree for memory security
US20240080193A1 (en) Counter integrity tree
JP2017526220A (en) Inferential cryptographic processing for out-of-order data
Vaslin et al. A security approach for off-chip memory in embedded microprocessor systems
JP2023130311A (en) Method for protecting electronic computer against side-channel attacks, and electronic computer
Liu et al. Off-chip memory encryption and integrity protection based on aes-gcm in embedded systems
Wang et al. Hardware-based protection for data security at run-time on embedded systems
Elbaz et al. Block-level added redundancy explicit authentication for parallelized encryption and integrity checking of processor-memory transactions
Vaslin et al. Low latency solution for confidentiality and integrity checking in embedded systems with off-chip memory
US20250047469A1 (en) Reduced latency metadata encryption and decryption
Belle-Isle et al. Memory Protection with Cached Authentication Trees
Szefer Memory protections

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination