A memory loading method and apparatus
By defining the memory requirements of privileged domains within the unified and extensible firmware interface framework of the Xen system during the driver execution environment phase, and identifying and preloading memory regions, the latency and security risks caused by memory initialization and dynamic allocation after Xen system startup are resolved, resulting in faster startup and higher security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CIX TECH (SUZHOU) CO LTD
- Filing Date
- 2026-03-23
- Publication Date
- 2026-07-07
AI Technical Summary
During the startup process of the virtualization platform in the Xen system, the latency and security risks caused by the initialization and dynamic allocation of privileged domain memory affect the stability and security of the system.
Under the unified and extensible firmware interface framework of the Xen system, memory preloading is achieved by clarifying the memory requirements of privileged domains during the driver execution environment stage, determining the preset memory region, zeroing it and filling it with initialization information, constructing a descriptor, and handing it over to the Xen system hypervisor to directly map it to the memory page of the privileged domain.
It reduces the runtime latency of privileged domains, decreases startup time, and improves system security and stability.
Smart Images

Figure CN121900883B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of computer technology, and in particular to a memory loading method and apparatus. Background Technology
[0002] In the traditional Xen (an open-source virtualization technology) system's virtualization platform startup process, the privileged domain (Domain 0, abbreviated as dom0) is responsible for managing other virtual machines (Domain U) and physical resources. The memory initialization of the privileged domain is typically performed by the Xen Hypervisor (Xen kernel) after the Xen system starts and is dynamically allocated. Because the allocation of privileged domain memory requires waiting for the Xen system to complete its own code decompression and page table establishment, a certain time delay occurs. Furthermore, the dynamic allocation process after Xen system startup means that the privileged domain's memory is writable during this phase. Before the Xen system officially takes over the privileged domain, its memory is at risk of being maliciously tampered with, affecting the operational stability of the Xen system. Summary of the Invention
[0003] In view of this, the purpose of this application is to provide at least one memory loading method and apparatus. By clarifying the memory requirements of privileged domains in the driver execution environment stage under the Unified Extensible Firmware Interface (UEMI) framework of the Xen system, determining a preset memory region in the memory mapping of the UEMI framework according to the memory requirements, clearing the preset memory region and filling it with the initialization information used by the privileged domain at startup, and constructing a descriptor for the preset memory region in combination with the initialization information, the descriptor is then handed over to the Xen system hypervisor. The Xen system hypervisor then parses the descriptor and directly maps it to the memory page of the privileged domain, thereby achieving memory preloading of the privileged domain. This solves the technical problem of privileged domain operation delay caused by the need for memory initialization and dynamic allocation of privileged domains after the Xen system starts in the prior art, and achieves the technical effect of reducing privileged domain operation delay to reduce startup time.
[0004] This application mainly includes the following aspects:
[0005] In a first aspect, embodiments of this application provide a memory loading method, the method comprising: obtaining the memory requirements of a privileged domain when in the driver execution environment stage under the Unified Extensible Firmware Interface Framework (UEFI) of a Xen system; determining a preset memory region that meets the memory requirements through the memory mapping of the UEFI; clearing the preset memory region and filling it with initialization information used by the privileged domain at startup; constructing a descriptor for the preset memory region, the descriptor including the initialization information; and transferring the descriptor to the Xen hypervisor so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading of the privileged domain.
[0006] Optionally, a preset memory region that meets the memory requirements is determined by: finding at least one contiguous free region in the memory mapping of the unified extensible firmware interface framework; determining a target contiguous free region that meets the memory requirements according to the memory size of each of the contiguous free regions; and determining the target contiguous free region as the preset memory region.
[0007] Optionally, the initialization information used by the privileged domain at startup is filled in the following way: obtain encrypted information that encrypts the initialization information, and retrieve the decryption key for the encrypted information; perform decryption processing on the encrypted information using the decryption key to obtain the initialization information, and then fill the preset memory area with the initialization information.
[0008] Optionally, the method further includes: after filling the preset memory region with the initialization information, calculating a first hash value for the preset memory region and writing the first hash value into a first configuration register; when the Xen hypervisor parses the descriptor, obtaining the preset memory region and calculating a second hash value, and writing the second hash value into a second configuration register; the Xen hypervisor performs hash value comparison processing using the hash values stored in the first configuration register and the second configuration register respectively to determine whether the descriptor meets preset security conditions, so that when the descriptor meets the preset security conditions, it can be directly mapped to the memory page of the privileged domain.
[0009] Optionally, the method further includes: determining the security attribute identifier of the preset memory region according to the decryption status of the initialization information and the calculation status of the first hash value; adding the security attribute identifier of the preset memory region to the descriptor so that the Xen system administrator can parse the descriptor.
[0010] Optionally, the descriptor further includes the target access attribute of the preset memory region, and the method further includes: during the operation of the privileged domain, the Xen hypervisor detects whether the privileged domain modifies the access attribute of the preset memory region according to the target access attribute; when it is detected that the privileged domain modifies the access attribute of the preset memory region, a permission exception is triggered to stop the Xen hypervisor from running the privileged domain.
[0011] Optionally, the method further includes: configuring an access device identifier for the preset memory region, wherein the access device identifier refers to a device identifier that has permission to access the preset memory region.
[0012] Secondly, embodiments of this application also provide a memory loading apparatus, comprising: an acquisition module, configured to acquire the memory requirements of a privileged domain when the system is in the driver execution environment stage under the Unified Extensible Firmware Interface Framework (UEFI) for the Xen system; a determination module, configured to determine a preset memory region that meets the memory requirements through the memory mapping of the UEFI, to zero out the preset memory region and fill it with initialization information used by the privileged domain at startup; a construction module, configured to construct a descriptor for the preset memory region, the descriptor including the initialization information; and a preloading module, configured to transfer the descriptor to the Xen hypervisor, so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading of the privileged domain.
[0013] Thirdly, embodiments of this application also provide an electronic device, including: a processor, a memory, and a bus, wherein the memory stores machine-readable instructions executable by the processor, and when the electronic device is running, the processor communicates with the memory through the bus, and the machine-readable instructions are executed by the processor to perform the steps of the memory loading method described in the first aspect or any possible implementation of the first aspect.
[0014] Fourthly, embodiments of this application also provide a computer-readable storage medium storing a computer program, which, when executed by a processor, performs the steps of the memory loading method described in the first aspect or any possible implementation of the first aspect.
[0015] This application provides a memory loading method and apparatus. The method includes: obtaining the memory requirements of a privileged domain when the system is in the driver execution environment stage under the Unified Extensible Firmware Interface (UEMI) framework of the Xen system; determining a preset memory region that meets the memory requirements through the memory mapping of the UEMI framework, clearing the preset memory region and filling it with the initialization information used by the privileged domain at startup; constructing a descriptor for the preset memory region, the descriptor including the initialization information; and transferring the descriptor to the Xen hypervisor so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading of the privileged domain. By defining the memory requirements of privileged domains within the driver execution environment stage of the Xen system's Unified and Extensible Firmware Interface (USPA) framework, and determining a preset memory region in the memory mapping of the USPA framework according to the memory requirements, the preset memory region is zeroed out and filled with the initialization information used by the privileged domain at startup. The descriptor of the preset memory region is constructed in combination with the initialization information, and then the descriptor is handed over to the Xen hypervisor. The Xen hypervisor then parses the descriptor and directly maps it to the memory page of the privileged domain, thereby achieving memory preloading of the privileged domain. This solves the technical problem of privileged domain operation delay caused by the need for memory initialization and dynamic allocation of privileged domains after Xen system startup in the prior art, and achieves the technical effect of reducing privileged domain operation delay and thus reducing startup time.
[0016] To make the above-mentioned objectives, features and advantages of this application more apparent and understandable, preferred embodiments are described below in detail with reference to the accompanying drawings. Attached Figure Description
[0017] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of this application and should not be regarded as a limitation of the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.
[0018] Figure 1 A flowchart of a memory loading method provided in an embodiment of this application is shown.
[0019] Figure 2 A functional block diagram of a memory loading device provided in an embodiment of this application is shown.
[0020] Figure 3 A schematic diagram of the structure of an electronic device provided in an embodiment of this application is shown. Detailed Implementation
[0021] To make the objectives, technical solutions, and advantages of the embodiments of this application clearer, the technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. It should be understood that the drawings in this application are for illustrative and descriptive purposes only and are not intended to limit the scope of protection of this application. Furthermore, it should be understood that the schematic drawings are not drawn to scale. The flowcharts used in this application illustrate operations implemented according to some embodiments of this application. It should be understood that the operations in the flowcharts may not be implemented in sequence, and steps without logical contextual relationships may be reversed or implemented simultaneously. In addition, those skilled in the art, guided by the content of this application, may add one or more other operations to the flowcharts, or remove one or more operations from the flowcharts.
[0022] Furthermore, the described embodiments are merely some, not all, of the embodiments of this application. The components of the embodiments of this application described and illustrated herein can typically be arranged and designed in various different configurations. Therefore, the following detailed description of the embodiments of this application provided in the accompanying drawings is not intended to limit the scope of the claimed application, but merely to illustrate selected embodiments of the application. All other embodiments obtained by those skilled in the art based on the embodiments of this application without inventive effort are within the scope of protection of this application.
[0023] In existing technologies, during the startup process of the Xen system's virtualization platform, privileged domains are responsible for managing other virtual machines (Domain U) and physical resources. The memory initialization of privileged domains is typically dynamically allocated and initialized by the Xen Hypervisor after the Xen system starts. Because the Xen system's startup path is relatively long, it needs to wait for the Xen system to complete its own code decompression and page table establishment before allocating privileged domain memory, which can easily cause an additional delay of approximately 1 to 2 seconds. Furthermore, there is a security blank window during the dynamic allocation phase, as the privileged domain's memory is writable. This poses a risk of malicious tampering with the privileged domain before the Xen system officially takes over, affecting the secure operation of the system.
[0024] Based on this, this application provides a memory loading method and apparatus. By clarifying the memory requirements of privileged domains during the driver execution environment stage under the Unified Extensible Firmware Interface (UEMI) framework of the Xen system, and determining a preset memory region in the memory mapping of the UEMI framework according to the memory requirements, the preset memory region is cleared and filled with initialization information used by the privileged domain at startup. A descriptor for the preset memory region is constructed based on the initialization information, and then the descriptor is transferred to the Xen hypervisor. The Xen hypervisor then parses the descriptor and directly maps it to the memory page of the privileged domain, thus achieving memory preloading of the privileged domain. This solves the technical problem in the prior art where the privileged domain requires memory initialization and dynamic allocation after Xen system startup, resulting in a delay in privileged domain operation. This achieves the technical effect of reducing privileged domain operation delay and thus reducing startup time. Specifically:
[0025] Please see Figure 1 , Figure 1 This is a flowchart illustrating a memory loading method provided in an embodiment of this application. Figure 1 As shown, the memory loading method provided in this application includes the following steps:
[0026] S101: Obtain the memory requirements of privileged domains when in the driver execution environment phase under the unified extensible firmware interface framework for Xen systems.
[0027] In other words, during the Driver Execution Environment (DXE) phase under the Unified Extensible Firmware Interface (UEFI) framework of the Xen system, the memory of the privileged domain is preloaded. This means that the memory of the privileged domain is preloaded before the Xen system starts running, so that it does not need to be executed after the Xen system starts, thus avoiding delay.
[0028] The memory requirement of a privileged domain refers to the amount of memory required by the privileged domain (dom0_mem size). Furthermore, during the driver execution environment phase, the memory requirement of the privileged domain is determined by reading and parsing xen.cfg (Xen hypervisor boot configuration file) and dom0.cfg (privileged domain resource configuration file).
[0029] S102: Determine a preset memory region that meets the memory requirements through the memory mapping of the unified extensible firmware interface framework, so as to clear the preset memory region and fill it with the initialization information used by the privileged domain at startup.
[0030] Specifically, the preset memory region that meets the memory requirements is determined by the following method: finding at least one contiguous free region in the memory mapping of the unified extensible firmware interface framework; determining a target contiguous free region that meets the memory requirements according to the memory size of each contiguous free region; and determining the target contiguous free region as the preset memory region.
[0031] In other words, at least one connection free region is first found in the memory mapping of the unified extensible firmware interface framework, and the memory size of each connection free region is identified. In the connection free region whose memory size is greater than the memory size required by the privileged domain, a continuous free region can be randomly determined as the target continuous free region. Alternatively, in the connection free region whose memory size is greater than the memory size required by the privileged domain, the continuous free region with the largest memory size can be selected as the target continuous free region. In this way, the target continuous free region is determined as the preset memory region.
[0032] In other words, a preset memory region is reserved in UEFI memory mapping according to the memory size required by the privileged domain. The memory size of this preset memory region should meet the memory size required by the privileged domain and should be a contiguous physical memory region.
[0033] For example, after determining the preset memory region, a flag is set for the preset memory region. For example, the flag can be set to Efi Reserved Dom0 Memory Type. This flag indicates that the UEFI reserves the preset memory region for the privileged domain in the memory mapping. In other words, the flag is used to indicate that this preset memory region is reserved for the privileged domain, and the starting address and memory size of the preset memory region are recorded.
[0034] Next, the preset memory region is zeroed and pre-filled, that is, the initialization information used by the privileged domain at startup is filled into the preset memory region. Here, initialization information refers to the information needed by the privileged domain at startup. For example, initialization information includes a specific structure, the kernel image, and the initrd. The specific structure is used to manage the data structure of the privileged domain, and can be obtained by parsing the Data Format (DTB) of the privileged domain hardware configuration; the kernel image serves as the carrier for system startup, used by the bootloader to load the image into memory and execute it; the initrd refers to the temporary memory file system used by the privileged domain at startup, used to load the root file system and complete system initialization.
[0035] S103: Construct the descriptor of the preset memory region.
[0036] The descriptor includes the initialization information. That is, the initialization information is used as a descriptor for a preset memory region, and the descriptor can be represented as EFI_MEMORY_DESCRIPTOR.
[0037] Furthermore, the descriptor also includes the target access attribute of the preset memory region, that is, the access attribute of the preset memory region is the target access attribute, which marks whether the preset memory region is read-only. The target access attribute can generally be set to read-only, writable, executable, etc. For example, to avoid modifying the preset memory region, the target access attribute is set to read-only. Therefore, the descriptor can use RO=1 to indicate that the target access attribute is set to read-only.
[0038] Specifically, the initialization information used by the privileged domain at startup is filled in the following way: obtain encrypted information that encrypts the initialization information, and retrieve the decryption key for the encrypted information; perform decryption processing on the encrypted information using the decryption key to obtain the initialization information, and then fill the preset memory area with the initialization information.
[0039] In other words, during the driver execution environment phase, a Secure Monitor Call (SMC) requests a decryption key for the encrypted information from the trusted entity (Secure World). The encrypted information is then copied to a specified address and decrypted using the decryption key to obtain the decrypted initialization information, which is then written to a preset memory area. This ensures that only the trusted entity (Secure World) can access and obtain the decryption key during the memory preloading phase, preventing decryption key leakage. For example, the decryption key can be directly stored in the trusted entity. Furthermore, the trusted entity can be ARM Trusted Firmware (ATF) or a Trusted Execution Environment (TEE).
[0040] Specifically, the method further includes: after filling the preset memory region with the initialization information, calculating a first hash value for the preset memory region and writing the first hash value into a first configuration register; when the Xen hypervisor parses the descriptor, obtaining the preset memory region and calculating a second hash value, and writing the second hash value into a second configuration register; the Xen hypervisor performs hash value comparison processing using the hash values stored in the first configuration register and the second configuration register respectively to determine whether the descriptor meets preset security conditions, so that when the descriptor meets the preset security conditions, it can be directly mapped to the memory page of the privileged domain.
[0041] In other words, after decrypting the encrypted information to obtain the initialization information and filling it into a preset memory area, a digest value needs to be calculated for the preset memory area after initialization to obtain a first hash value, which is then written into the first configuration register (PCR). Subsequently, when the descriptor is handed over to the Xen hypervisor, and the hypervisor parses the descriptor to obtain the preset memory area filled with initialization information, it needs to calculate a digest value for the parsed preset memory area to obtain a second hash value, which is then written into the second configuration register (PCR). The Xen hypervisor then compares the first hash value stored in the first configuration register with the second hash value stored in the second configuration register. If the first hash value and the second hash value match, it means the descriptor has not been modified, and thus the descriptor meets the preset security conditions. If the first hash value and the second hash value do not match, it means the descriptor may have been modified, and the descriptor does not meet the preset security conditions, requiring the system to stop execution to improve operational security.
[0042] Specifically, the method further includes: determining the security attribute identifier of the preset memory region according to the decryption status of the initialization information and the calculation status of the first hash value; adding the security attribute identifier of the preset memory region to the descriptor so that the Xen system administrator can parse the descriptor.
[0043] In other words, if the initialization information is obtained by decrypting the encrypted information, then the decryption status of the initialization information is "decrypted." If the encrypted information is not decrypted, the encrypted initialization information can only be filled into the preset memory area, and then the decryption status of the initialization information is "undecrypted." The decrypted and undecrypted states can be distinguished by different values of the identifier of the initialization information's decryption status. For example, Enc=0 indicates that the initialization information is decrypted, and Enc=1 indicates that the initialization information is undecrypted.
[0044] Specifically, if the first hash value is calculated for the already filled preset memory region, the calculation status of the first hash value is in the measured state; if the first hash value is not calculated for the already filled preset memory region, the calculation status of the first hash value is in the unmeasured state. The measured state and the unmeasured state can be distinguished by different values of the identifier of the calculation status of the first hash value. For example, Measured=0 indicates that the decryption status of the initialization information is in the decrypted state, and Measured=1 indicates that the decryption status of the initialization information is in the undecrypted state.
[0045] For example, in addition to setting the initialization information, the descriptor also sets new attribute fields such as "RO=1; Enc=0; Measured=1" to indicate that the initialization information is decrypted read-only information and that the first metric value has been calculated for the initialization information.
[0046] Specifically, the method further includes: configuring an access device identifier for the preset memory region, wherein the access device identifier refers to a device identifier that has permission to access the preset memory region.
[0047] For example, before adding new attribute fields to the descriptor, it is also necessary to configure the access device identifier for the preset memory region. The access device identifier indicates that only devices with the specified access device identifier have the weight to access and read the preset memory region. Since the preset memory region is selected for privileged domains, the access device identifier should be set for privileged domains. For example, by requesting the highest security level firmware through security monitoring calls, the accessible device identifier can be set to dom0 NSAID. This indicates that the direct interrupt handling function of the privileged domain has the permission to access the preset memory region, thus preventing other devices without access rights from accessing the preset memory region.
[0048] S104: The descriptor is handed over to the Xen hypervisor so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading on the privileged domain.
[0049] In other words, the descriptor is handed over to the Xen Hypervisor, which then calls the function `efi get memory map` to retrieve the UEFI memory map. This function locates the descriptor `EFI MEMORY DESCRIPTOR` within the memory map and resolves it to obtain at least the initialization information. Furthermore, the default memory region corresponding to the descriptor is located within the memory map, and initialization information has already been added to it. The descriptor can also mark the aforementioned newly added attribute fields. Therefore, the Xen Hypervisor can use these newly added attribute fields to clearly identify the default memory region as read-only, the initialization information as decrypted, and the first hash value as calculated for the default memory region.
[0050] Then, the Xen hypervisor sends `p2m add identity mapping(dom0, phys, size)` to the privileged domain page table, instructing that an identity mapping be established in the privileged domain's P2M (the core data structure in Xen that manages the translation from guest physical address to host physical address) table. `phys` represents the starting position of the physical address, `size` represents the memory size, and the bulk page table entry `GPA == HPA` is configured in the privileged domain page table to indicate that the guest physical address and the host physical address are the same. The guest physical address is the physical address of the virtual machine, and the host physical address is the physical address of the real machine.
[0051] Furthermore, after parsing the descriptor, the Xen hypervisor calculates a digest value for the preset memory region to obtain a second hash value corresponding to the preset memory region. This second hash value is then written to the second configuration register. The hypervisor compares the first hash value stored in the first configuration register with the second hash value stored in the second configuration register. If the first hash value and the second hash value are different, it is considered that the preset memory region has been modified. In this case, memory preloading is stopped, and an alarm is issued to prompt technical personnel to investigate. If the first hash value and the second hash value are the same, it is considered that the preset memory region has not been modified. The preset memory region can be marked according to the target access attributes and decryption status of the initialization information indicated in the descriptor. This facilitates the subsequent use of the preset memory region by privileged domains by clearly defining the target access attributes and decryption status of the initialization information.
[0052] For example, the Xen hypervisor can also add a privileged domain flag to the memory page tables (the page global directory PGC preinit in the pre-initialization phase or the page global directory PGC dom0 in the privileged domain) involved in the preset memory regions in the memory mapping, indicating that the physical memory page tables here are exclusively used by the privileged domain. This reflects that the UEFI framework has pre-implemented the memory initialization of the privileged domain. After the Xen system starts, the privileged domain can directly use the preset memory regions, skipping the dynamic allocation process and shortening the startup time.
[0053] Furthermore, during the privileged domain's runtime phase, the client's physical address is determined through the privileged domain page, and the host's physical address is determined through mapping. The host's physical address indicates a preset memory region pre-configured for the privileged domain during the driver execution environment phase in this application, allowing the privileged domain to directly use the preset memory region. Moreover, when the device identifier corresponding to the privileged domain's direct interrupt handling function matches the access device identifier, the privileged domain's direct interrupt handling function can access the preset memory region.
[0054] The method further includes: during the operation of the privileged domain, the Xen hypervisor detects whether the privileged domain modifies the access attributes of the preset memory region according to the target access attributes; when it detects that the privileged domain modifies the access attributes of the preset memory region, a permission exception is triggered to stop the Xen hypervisor from running the privileged domain.
[0055] Furthermore, during the operation of a privileged domain, the Xen hypervisor needs to monitor in real time whether the privileged domain attempts to rewrite pages marked as read-only. If the privileged domain is detected modifying a page marked as read-only, a permission exception warning is immediately triggered, and the Xen hypervisor will stop the modification or issue an alarm after capturing the error, in order to ensure operational security, provide continuous runtime protection, and prevent unauthorized memory operations.
[0056] Therefore, the privileged domain of this application does not need to perform memory initialization and dynamic allocation during operation, but directly uses the pre-configured preset memory area, which can improve the startup speed and reduce the startup time by 15% to 30%. Furthermore, when preloading the preset memory area, the preset memory area can be marked as read-only, thereby increasing memory security and preventing tampering.
[0057] Based on the same application concept, this application also provides a memory loading device corresponding to the memory loading method provided in the above embodiments. Since the principle of the device in this application is similar to the memory loading method in the above embodiments of this application, the implementation of the device can refer to the implementation of the method, and the repeated parts will not be described again.
[0058] like Figure 2 As shown, Figure 2 This is a functional block diagram of a memory loading device provided in an embodiment of this application. The memory loading device 10 provided in this embodiment includes: an acquisition module 101, used to acquire the memory requirements of a privileged domain when the system is in the driver execution environment stage under the Unified Extensible Firmware Interface Framework (UEFI) of the Xen system; a determination module 102, used to determine a preset memory region that meets the memory requirements through the memory mapping of the UEFI, so as to clear the preset memory region and fill it with the initialization information used by the privileged domain at startup; a construction module 103, used to construct a descriptor of the preset memory region, the descriptor including the initialization information; and a preloading module 104, used to transfer the descriptor to the Xen hypervisor so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading of the privileged domain.
[0059] Based on the same application concept, see [link / reference] Figure 3The diagram shown is a structural schematic of an electronic device provided in an embodiment of this application. The electronic device 20 includes a processor 201, a memory 202, and a bus 203. The memory 202 stores machine-readable instructions that can be executed by the processor 201. When the electronic device 20 is running, the processor 201 and the memory 202 communicate through the bus 203. The machine-readable instructions are executed by the processor 201 to perform the steps of any of the memory loading methods described in the above embodiments.
[0060] Specifically, when the machine-readable instructions are executed by the processor 201, the following processing can be performed: when in the driver execution environment stage under the Unified Extensible Firmware Interface Framework for the Xen system, the memory requirements of the privileged domain are obtained; a preset memory region that meets the memory requirements is determined through the memory mapping of the Unified Extensible Firmware Interface Framework, and the preset memory region is zeroed and filled with the initialization information used by the privileged domain at startup; a descriptor for the preset memory region is constructed, the descriptor including the initialization information; the descriptor is handed over to the Xen hypervisor, so that the Xen hypervisor parses the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading of the privileged domain.
[0061] Based on the same concept, embodiments of this application also provide a computer-readable storage medium storing a computer program, which, when run by a processor, executes the steps of the memory loading method provided in the above embodiments.
[0062] Specifically, the storage medium can be a general-purpose storage medium, such as a removable disk or hard disk. When the computer program on the storage medium is run, it can execute the above-described memory loading method. By clarifying the memory requirements of the privileged domain in the driver execution environment stage under the unified extensible firmware interface framework of the Xen system, and determining a preset memory region in the memory mapping of the unified extensible firmware interface framework according to the memory requirements, the preset memory region is cleared and filled with the initialization information used by the privileged domain at startup. The descriptor of the preset memory region is constructed in combination with the initialization information, and then the descriptor is handed over to the Xen system hypervisor so that the Xen system hypervisor can parse the descriptor and directly map it to the memory page of the privileged domain, thereby realizing the memory preloading of the privileged domain. This solves the technical problem of privileged domain operation delay caused by the need for memory initialization and dynamic allocation of the privileged domain after the Xen system starts in the prior art, and achieves the technical effect of reducing privileged domain operation delay and reducing startup time.
[0063] Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems and devices described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here. In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods can be implemented in other ways. The device embodiments described above are merely illustrative. For example, the division of units is only a logical functional division; in actual implementation, there may be other division methods. Furthermore, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Another point is that the displayed or discussed mutual coupling or direct coupling or communication connection may be through some communication interfaces; the indirect coupling or communication connection of devices or units may be electrical, mechanical, or other forms.
[0064] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0065] In addition, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.
[0066] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a processor-executable, non-volatile, computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0067] The above are merely specific embodiments of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.
Claims
1. A memory loading method, characterized in that, The method includes: The memory requirements for acquiring privileged domains when in the driver execution environment stage under the unified extensible firmware interface framework for Xen systems; The memory mapping of the unified and extensible firmware interface framework determines the preset memory region that meets the memory requirements, and then the preset memory region is cleared and filled with the initialization information used by the privileged domain at startup. Construct a descriptor for the preset memory region, the descriptor including the initialization information; The descriptor is handed over to the Xen hypervisor, which then resolves the descriptor and directly maps it to the memory page of the privileged domain to perform memory preloading on the privileged domain. The method further includes: After filling the preset memory region with the initialization information, a first hash value is calculated for the preset memory region, and the first hash value is written into the first configuration register; When the Xen system administrator parses the descriptor, it obtains the preset memory region and calculates the second hash value, and writes the second hash value into the second configuration register; The Xen system management program performs hash value comparison processing using the hash values stored in the first configuration register and the second configuration register, respectively, to determine whether the descriptor meets the preset security conditions, so that if the descriptor meets the preset security conditions, it can be directly mapped to the memory page of the privileged domain.
2. The method according to claim 1, characterized in that, The preset memory region that meets the memory requirements is determined by the following method: Find at least one contiguous free region in the memory mapping of the unified and scalable firmware interface framework; Based on the memory size of each of the contiguous free regions, a target contiguous free region that meets the memory requirement is determined; The target continuous free area is determined as the preset memory area.
3. The method according to claim 1, characterized in that, The initialization information used at startup for the privileged domain is populated in the following manner: Obtain the encrypted information that encrypts the initialization information, and retrieve the decryption key for the encrypted information; The encrypted information is decrypted using the decryption key to obtain the initialization information, and then the initialization information is filled into the preset memory area.
4. The method according to claim 1, characterized in that, The method further includes: Based on the decryption status of the initialization information and the calculation status of the first hash value, the security attribute identifier of the preset memory region is determined; The security attribute identifier of the preset memory region is added to the descriptor so that the Xen hypervisor can parse the descriptor.
5. The method according to claim 1, characterized in that, The descriptor further includes the target access attribute of the preset memory region, and the method further includes: During the operation of the privileged domain, the Xen hypervisor checks whether the privileged domain modifies the access attributes of the preset memory region according to the target access attributes; When a privileged domain is detected to be modifying its access attributes for the preset memory region, a permission exception is triggered to cause the Xen hypervisor to stop running the privileged domain.
6. The method according to claim 1, characterized in that, The method further includes: Configure the access device identifier for the preset memory region, wherein the access device identifier refers to a device identifier that has permission to access the preset memory region.
7. A memory loading device, characterized in that, The device includes: The acquisition module is used to acquire the memory requirements of privileged domains when in the driver execution environment stage under the unified extensible firmware interface framework for Xen systems. The determination module is used to determine a preset memory region that meets the memory requirements through the memory mapping of the unified extensible firmware interface framework, so as to clear the preset memory region and fill it with the initialization information used by the privileged domain at startup; A construction module is used to construct a descriptor for the preset memory region, the descriptor including the initialization information; A preloading module is used to hand over the descriptor to the Xen hypervisor, so that the Xen hypervisor can parse the descriptor and directly map it to the memory page of the privileged domain to perform memory preloading on the privileged domain; The device further includes: The hash value comparison module is used to calculate a first hash value for the preset memory region after filling the preset memory region with the initialization information, and write the first hash value into a first configuration register; when the Xen hypervisor parses the descriptor, it obtains the preset memory region and calculates a second hash value, and writes the second hash value into a second configuration register; the Xen hypervisor performs hash value comparison processing using the hash values stored in the first configuration register and the second configuration register respectively to determine whether the descriptor meets the preset security conditions, so that if the descriptor meets the preset security conditions, it can be directly mapped to the memory page of the privileged domain.
8. An electronic device, characterized in that, include: The device includes a processor, a memory, and a bus, wherein the memory stores machine-readable instructions executable by the processor, and when the electronic device is running, the processor communicates with the memory via the bus, and the machine-readable instructions are executed by the processor to perform the steps of the memory loading method as described in any one of claims 1 to 6.
9. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, performs the steps of the memory loading method as described in any one of claims 1 to 6.