Method for designing domestic BMC (Baseboard Management Controller) chip trusted firmware

A technology of BMC chips and design methods, applied in computing, computer security devices, instruments, etc., can solve problems such as inability to guarantee safety and credibility, damage, and integrity of firmware program tampering, so as to improve core competitiveness and ensure credibility Effect

Inactive Publication Date: 2016-11-16
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF5 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the domestic BMC chip has been localized and independently controllable, it cannot guarantee safety and

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for designing domestic BMC (Baseboard Management Controller) chip trusted firmware

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] Such as figure 1 Shown, a kind of design method of domestic BMC chip trustworthy firmware, described method adds trustworthy function module in the guiding layer of BMC firmware, kernel layer, middleware and software layer, kernel program, kernel program, Integrity measurement is performed on application programs and key BIOS codes to ensure program integrity, thereby establishing a trusted execution environment for the system platform.

Embodiment 2

[0038] On the basis of Embodiment 1, the boot layer described in this embodiment is the U-boot startup code of the BMC firmware. U-boot is the first code that runs when the BMC is powered on. Function modules include measurement program, SM3 soft algorithm and measurement value storage interface, among which:

[0039] a. Measuring program: when the BMC starts, the measuring program calls the SM3 soft algorithm to measure the Linux kernel (Kernel) of the BMC;

[0040] b. SM3 soft algorithm: a national secret SM3 cryptographic hash algorithm implemented with a C program, which performs a hash operation on the input data to generate a 256-bit hash value;

[0041] c. Measurement value storage interface: save the measurement value to the safe storage space of BMC, such as Flash.

[0042] When the BMC starts, the U-boot measurement program calls the SM3 soft algorithm to measure the BMC Linux Kernel, and compares the obtained measurement value with the reference value 1 to judge th...

Embodiment 3

[0045] On the basis of embodiment 2, the kernel layer Kernel layer described in this embodiment is the ARM Linux kernel through tailoring, in order to realize trusted computing function, need to add IO driver, described IO driver comprises the interface that realizes LPC, SPI, IIC Function to complete the hardware interface timing and configuration related registers, so that the BMC and external modules can communicate normally, among which:

[0046] a. LPC interface driver: realize the communication interface between the BMC chip and the external TCM trusted password module, so that the BMC can access the TCM module through the LPC interface;

[0047] b. SPI interface driver: realize the communication interface between the BMC chip and the external BIOS chip, so that the BMC can read the Boot Block code of the BIOS through the SPI interface;

[0048] c. IIC interface driver: realize the communication interface between the BMC chip and the external CPLD chip, so that the BMC s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for designing trusted firmware of a domestic BMC chip. The method adds a trusted function module to the guide layer, kernel layer, middleware and software layer of the BMC firmware, and updates the kernel program during the BMC power-on and start-up process. , application program and BIOS key code to measure the integrity to ensure the integrity of the program, thus establishing a trusted execution environment for the system platform. The method of the present invention measures the integrity of each functional component during the start-up operation of the BMC, ensures the integrity of the program and does not have malicious codes implanted, establishes a complete chain of trust in the BMC start-up process, and ensures the reliability of the system platform execution environment. This will help improve the core competitiveness of domestic BMC chips.

Description

technical field [0001] The invention relates to the technical field of a trusted server trusted platform control module, in particular to a design method of a domestic BMC chip trusted firmware. Background technique [0002] BMC is a baseboard management controller, which has been widely used in the server field. Use the virtual keyboard, interface, mouse, power supply, etc. to provide remote management functions for the server. Users use the BMC to monitor the physical characteristics of the server, such as the temperature, voltage, fan working status, power supply, and chassis intrusion of each component. As a relatively independent management and control unit in the server, BMC itself has security risks, such as being implanted with malicious code. In addition, when users use BMC to remotely manage the server, it may be due to improper security configuration, such as not using a dedicated network, using a weak identity Unsafe operations such as authentication and passwo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F21/51
CPCG06F21/575G06F21/51
Inventor 苏振宇
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap