CN114116305A - BIOS firmware recovery method, system, terminal and storage medium based on PFR - Google Patents
BIOS firmware recovery method, system, terminal and storage medium based on PFR Download PDFInfo
- Publication number
- CN114116305A CN114116305A CN202111249513.2A CN202111249513A CN114116305A CN 114116305 A CN114116305 A CN 114116305A CN 202111249513 A CN202111249513 A CN 202111249513A CN 114116305 A CN114116305 A CN 114116305A
- Authority
- CN
- China
- Prior art keywords
- sub
- backup
- firmware
- area
- bios
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000011084 recovery Methods 0.000 title claims abstract description 49
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000002159 abnormal effect Effects 0.000 claims abstract description 36
- 238000012795 verification Methods 0.000 claims abstract description 31
- 238000013507 mapping Methods 0.000 claims description 22
- 230000006870 function Effects 0.000 claims description 16
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000004590 computer program Methods 0.000 claims description 3
- 238000000638 solvent extraction Methods 0.000 claims 1
- 238000004422 calculation algorithm Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 239000002699 waste material Substances 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000000872 buffer Substances 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1469—Backup restoration techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1415—Saving, restoring, recovering or retrying at system level
- G06F11/1435—Saving, restoring, recovering or retrying at system level using file system or storage system metadata
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Library & Information Science (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a BIOS firmware recovery method, a system, a terminal and a storage medium based on PFR, comprising the following steps: dividing a service area stored by a BIOS into a plurality of sub-areas, wherein the plurality of sub-areas respectively store different firmware files; respectively carrying out firmware file integrity verification on the plurality of sub-areas based on the platform firmware recovery function; and if the abnormal sub-area in which the stored firmware file is damaged exists in the verification result, reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS, and writing the backup firmware file into the abnormal sub-area. The invention can save the existing configuration to the maximum extent, avoid the loss of the previous configuration information and reduce the file recovery time.
Description
Technical Field
The invention relates to the technical field of servers, in particular to a BIOS firmware recovery method, a system, a terminal and a storage medium based on PFR.
Background
The PFR is a new security technology designed by Intel, and is intended to protect platform assets, detect malicious or erroneous behaviors such as damaged firmware, and restore platform firmware to a good state.
In the security architecture of PFR, BIOS FLASH is divided into three parts, active, recovery and starting. The active stores uncompressed, directly executed firmware, the recovery stores compressed backup files, and the starting stores temporary buffers for upgrading. When the equipment is started, the PFR can verify the active, and the equipment is started from the active after the verification is passed. When the check fails, the PFR can restore the mirror in recovery to active and then restart. When the system firmware is upgraded, the PFR can check the upgrade package, after the check is successful, the firmware is firstly put into the starting, then the system is restarted, and after the restart, the new firmware can be written into the active and recovery areas.
In the existing firmware recovery method, when a server is started and the PFR fails to verify the BIOS active, the same strategy is adopted for all the BIOS active to be covered by using a backup file in the BIOS recovery, no matter which part of the BIOS active is damaged and how much the BIOS active is. When the verification of the PFR on the BIOS active fails, only one complete coverage strategy is adopted, the pertinence is lacked, the undamaged part is also cleared and recovered, the recovery time is too long, the resource waste is caused, and the time is also wasted.
Disclosure of Invention
In view of the above-mentioned deficiencies of the prior art, the present invention provides a BIOS firmware recovery method, system, terminal and storage medium based on PFR, so as to solve the above-mentioned technical problems.
In a first aspect, the present invention provides a BIOS firmware recovery method based on PFR, including:
dividing a service area stored by a BIOS into a plurality of sub-areas, wherein the plurality of sub-areas respectively store different firmware files;
respectively carrying out firmware file integrity verification on the plurality of sub-areas based on the platform firmware recovery function;
and if the abnormal sub-area in which the stored firmware file is damaged exists in the verification result, reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS, and writing the backup firmware file into the abnormal sub-area.
Further, dividing a service area stored by the BIOS into a plurality of sub-areas, where the plurality of sub-areas respectively store different firmware files, includes:
dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of a limited data block;
each sub-region is assigned a number.
Further, respectively performing firmware file integrity check on the plurality of sub-areas based on the platform firmware recovery function, including:
when the server is started, respectively acquiring MD5 values of firmware files stored in each sub-area;
and judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if so, judging that the sub-region passes the verification.
Further, if an abnormal sub-area exists in the verification result, where the stored firmware file is damaged, reading the backup firmware file of the abnormal sub-area from the backup area stored in the BIOS, and writing the backup firmware file into the abnormal sub-area, including:
dividing a plurality of backup subregions in a backup region stored by a BIOS (basic input output System) in advance, allocating identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files are in a compressed file format;
and covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
In a second aspect, the present invention provides a BIOS firmware recovery system based on PFR, comprising:
the memory dividing unit is used for dividing a service area stored by the BIOS into a plurality of sub-areas, and the plurality of sub-areas respectively store different firmware files;
the file checking unit is used for respectively checking the integrity of the firmware files of the plurality of sub-areas based on the platform firmware recovery function;
and the file updating unit is used for reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS and writing the backup firmware file into the abnormal sub-area if the abnormal sub-area in which the stored firmware file is damaged exists in the verification result.
Further, the memory dividing unit includes:
the area dividing module is used for dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of the limited data block;
and the number distribution module is used for distributing numbers for each sub-area.
Further, the file verification unit includes:
the file calculation module is used for respectively acquiring MD5 values of the firmware files stored in each sub-area when the server is started;
and the consistency comparison module is used for judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if the MD5 value of the sub-region is consistent with the initial MD5 value, judging that the sub-region passes the verification.
Further, the file updating unit includes:
the backup mapping module is used for dividing a plurality of backup subregions in a backup region stored by the BIOS in advance, distributing identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files adopt a compressed file format;
and the file covering module is used for covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
In a third aspect, a terminal is provided, including:
a processor, a memory, wherein,
the memory is used for storing a computer program which,
the processor is used for calling and running the computer program from the memory so as to make the terminal execute the method of the terminal.
In a fourth aspect, a computer storage medium is provided having stored therein instructions that, when executed on a computer, cause the computer to perform the method of the above aspects.
The method, the system, the terminal and the storage medium for recovering the BIOS firmware based on the PFR have the advantages that different areas in the BIOS are verified respectively, different recovery strategies are adopted according to different verification results of each part in the BIOS, only areas with verification failure are recovered, existing configuration can be stored to the maximum extent, loss of previous configuration information is avoided, recovery pertinence is improved, resource waste is reduced, and recovery time is shortened. The invention can save the existing configuration to the maximum extent, avoid the loss of the previous configuration information and reduce the file recovery time.
In addition, the invention has reliable design principle, simple structure and very wide application prospect.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.
FIG. 2 is a schematic block diagram of a system of one embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The following explains key terms appearing in the present invention.
Flash memory is a Non-Volatile (Non-Volatile) memory, which is one type of memory device. flash memory is a non-volatile memory that can erase and reprogram blocks of memory cells called blocks. The write operation of any flash device can only be performed in empty or erased cells, so in most cases, the erase must be performed before the write operation can be performed. While it is simple for a NAND device to perform an erase operation, NOR requires that all bits in the target block be written to 0 before an erase can be performed.
BIOS is an abbreviation of English "Basic Input Output System", and the name of Chinese after translation is "Basic Input Output System". It is a standard firmware interface in the industry for IBM PC compatible systems. It is a set of programs solidified on a ROM chip on the internal mainboard of computer, it stores the most important basic input and output program of computer, self-checking program after starting up and system self-starting program, it can read and write the specific information set by system from CMOS. Its primary function is to provide the lowest level, most direct hardware setup and control for the computer. In addition, the BIOS provides some system parameters to the operating system. The change of system hardware is hidden by BIOS, and programs use BIOS functions rather than directly control the hardware. Modern operating systems ignore the abstraction layer provided by the BIOS and directly control the hardware components.
A Central Processing Unit (CPU) is a final execution unit for information processing and program operation, and serves as an operation and control core of a computer system.
MD5 Message Digest Algorithm (english: MD5 Message-Digest Algorithm), a widely used cryptographic hash function, can generate a 128-bit (16-byte) hash value (hash value) to ensure the integrity of the Message transmission. MD5 was designed by the american cryptologist ronard-li-vister (Ronald Linn Rivest) and was published in 1992 as a replacement for the MD4 algorithm. The programming of this set of algorithms is specified in the RFC 1321 standard. After 1996 the algorithm proved to have weaknesses that could be broken, and experts generally recommend changing to other algorithms, such as SHA-2, for data that require a high degree of security. In 2004, the MD5 algorithm was proven to be unable to prevent collisions (collision) and is therefore not suitable for security authentication, such as SSL public key authentication or digital signature. The principle of the MD5 algorithm can be briefly described as: the MD5 code processes incoming information in 512-bit packets, each of which is divided into 16 32-bit sub-packets, and after a series of processing, the output of the algorithm consists of four 32-bit packets, which are concatenated to produce a 128-bit hash value.
Firmware is a program written in EPROM (erasable programmable read only memory) or EEPROM (electrically erasable programmable read only memory). The firmware refers to a device "driver" stored in the device, and through the firmware, the operating system can implement the operation of a specific machine according to the standard device driver, for example, the optical disc drive and the recorder have internal firmware. Firmware is software that acts as the most basic and bottom layer of a system. In a hardware device, the firmware is the soul of the hardware device, and because some hardware devices have no other software components except for the firmware, the firmware determines the functions and performances of the hardware device.
The prior art scheme is as follows: the BIOS supporting the PFR function stores the directly executed firmware in an active area and stores the compressed backup file in a recovery area; when the server is started, the PFR can verify the BIOS active, and if the verification is successful, the server is started by using the BIOS active; if the BIOS active is failed to be checked by the PFR during starting, the mirror image in the recovery is recovered to the active, and then the BIOS active is restarted.
The method aims to solve the problems that when the verification of the BIOS active by the PFR fails, only one complete coverage strategy is adopted, the pertinence is lacked, the undamaged part is also cleared and recovered, and the recovery time is too long. The present invention provides the following method.
FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention. The execution subject of fig. 1 may be a BIOS firmware recovery system based on PFR.
As shown in fig. 1, the method includes:
Different areas in the BIOS are verified respectively, different recovery strategies are adopted according to different verification results of each part in the BIOS, only the areas failed in verification are recovered, the existing configuration can be stored to the maximum extent, the loss of the previous configuration information is avoided, the recovery pertinence is improved, the resource waste is reduced, and the recovery time is reduced. The BIOS active has different components, such as DER, Flash Descriptor, Boot, Main, NVMRAM, etc., when the server is started, the FPR checks the BIOS areas respectively, when the checking fails, only the areas where the checking fails are recovered.
In order to facilitate understanding of the present invention, the following further describes the BIOS firmware recovery method based on PFR according to the principle of the BIOS firmware recovery method based on PFR of the present invention, in combination with the process of recovering the BIOS firmware based on PFR in the embodiment.
Specifically, the BIOS firmware recovery method based on PFR includes:
and S1, dividing the service area stored by the BIOS into a plurality of sub-areas, wherein the plurality of sub-areas respectively store different firmware files.
Dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of a limited data block; each sub-region is assigned a number.
Firstly, sub-regions are divided according to types of components of a service region, a BIOS active has different components, such as DER, Flash Descriptor, Boot, Main, NVMRAM and the like, different types of storage are divided into different regions, and on the basis of the region storage type, the internal storage of the same type of storage can be further divided by setting the size of a data block. For example, a Flash storage file is larger than a set data block size, and Flash can be classified into Flash1 and Flash 2.
And S2, respectively carrying out firmware file integrity check on the plurality of sub-areas based on the platform firmware recovery function.
When the server is started, respectively acquiring MD5 values of firmware files stored in each sub-area; and judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if so, judging that the sub-region passes the verification.
This embodiment provides only an example of data consistency, and other methods may be used to verify the integrity of the firmware file in other embodiments of the present invention.
And S3, if the abnormal sub-area with damaged firmware files exists in the verification result, reading the backup firmware files of the abnormal sub-area from the backup area stored by the BIOS, and writing the backup firmware files into the abnormal sub-area.
Dividing a plurality of backup subregions in a backup region stored by a BIOS (basic input output System) in advance, allocating identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files are in a compressed file format; and covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
In the process of checking the BIOS active, checking each area of the BIOS active respectively, recording the areas failed in checking, and only recovering the areas failed in checking in the recovery process. By establishing the one-to-one mapping relation between the sub-areas and the backup sub-areas, the backup file can be called quickly when the firmware file is damaged, and the data recovery process is shortened.
The embodiment of the invention provides a method for recovering and updating an area which fails to be verified, which can maximally save the existing configuration, avoid the loss of the previous configuration information, and reduce the recovery time.
As shown in fig. 2, the system 200 includes:
a storage dividing unit 210, configured to divide a service area stored in the BIOS into a plurality of sub-areas, where the plurality of sub-areas store different firmware files, respectively;
a file checking unit 220, configured to perform firmware file integrity checking on the multiple sub-areas based on the platform firmware recovery function, respectively;
and a file updating unit 230, configured to, if there is an abnormal sub-area where the stored firmware file is damaged in the verification result, read the backup firmware file of the abnormal sub-area from the backup area stored in the BIOS, and write the backup firmware file into the abnormal sub-area.
Optionally, as an embodiment of the present invention, the memory dividing unit includes:
the area dividing module is used for dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of the limited data block;
and the number distribution module is used for distributing numbers for each sub-area.
Optionally, as an embodiment of the present invention, the file verification unit includes:
the file calculation module is used for respectively acquiring MD5 values of the firmware files stored in each sub-area when the server is started;
and the consistency comparison module is used for judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if the MD5 value of the sub-region is consistent with the initial MD5 value, judging that the sub-region passes the verification.
Optionally, as an embodiment of the present invention, the file updating unit includes:
the backup mapping module is used for dividing a plurality of backup subregions in a backup region stored by the BIOS in advance, distributing identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files adopt a compressed file format;
and the file covering module is used for covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
Fig. 3 is a schematic structural diagram of a terminal 300 according to an embodiment of the present invention, where the terminal 300 may be used to execute the BIOS firmware recovery method based on PFR according to the embodiment of the present invention.
Among them, the terminal 300 may include: a processor 310, a memory 320, and a communication unit 330. The components communicate via one or more buses, and those skilled in the art will appreciate that the architecture of the servers shown in the figures is not intended to be limiting, and may be a bus architecture, a star architecture, a combination of more or less components than those shown, or a different arrangement of components.
The memory 320 may be used for storing instructions executed by the processor 310, and the memory 320 may be implemented by any type of volatile or non-volatile storage terminal or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. The executable instructions in memory 320, when executed by processor 310, enable terminal 300 to perform some or all of the steps in the method embodiments described below.
The processor 310 is a control center of the storage terminal, connects various parts of the entire electronic terminal using various interfaces and lines, and performs various functions of the electronic terminal and/or processes data by operating or executing software programs and/or modules stored in the memory 320 and calling data stored in the memory. The processor may be composed of an Integrated Circuit (IC), for example, a single packaged IC, or a plurality of packaged ICs connected with the same or different functions. For example, the processor 310 may include only a Central Processing Unit (CPU). In the embodiment of the present invention, the CPU may be a single operation core, or may include multiple operation cores.
A communication unit 330, configured to establish a communication channel so that the storage terminal can communicate with other terminals. And receiving user data sent by other terminals or sending the user data to other terminals.
The present invention also provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments provided by the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
Therefore, the invention respectively checks different areas in the BIOS, and only recovers the area failed in the check by adopting different recovery strategies according to the difference of the check result of each part in the BIOS, thereby saving the existing configuration to the maximum extent, avoiding the loss of the previous configuration information, improving the recovery pertinence, reducing the resource waste and simultaneously reducing the recovery time. The present invention can save the existing configuration to the maximum extent, avoid the loss of the previous configuration information, and reduce the file recovery time.
Those skilled in the art will readily appreciate that the techniques of the embodiments of the present invention may be implemented as software plus a required general purpose hardware platform. Based on such understanding, the technical solutions in the embodiments of the present invention may be embodied in the form of a software product, where the computer software product is stored in a storage medium, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and the like, and the storage medium can store program codes, and includes instructions for enabling a computer terminal (which may be a personal computer, a server, or a second terminal, a network terminal, and the like) to perform all or part of the steps of the method in the embodiments of the present invention.
The same and similar parts in the various embodiments in this specification may be referred to each other. Especially, for the terminal embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant points can be referred to the description in the method embodiment.
In the embodiments provided in the present invention, it should be understood that the disclosed system and method can be implemented in other ways. For example, the above-described system embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, systems or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A BIOS firmware recovery method based on PFR is characterized by comprising the following steps:
dividing a service area stored by a BIOS into a plurality of sub-areas, wherein the plurality of sub-areas respectively store different firmware files;
respectively carrying out firmware file integrity verification on the plurality of sub-areas based on the platform firmware recovery function;
and if the abnormal sub-area in which the stored firmware file is damaged exists in the verification result, reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS, and writing the backup firmware file into the abnormal sub-area.
2. The method of claim 1, wherein dividing the service area stored by the BIOS into a plurality of sub-areas, the plurality of sub-areas storing different firmware files respectively comprises:
dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of a limited data block;
each sub-region is assigned a number.
3. The method of claim 2, wherein performing firmware file integrity checks on the plurality of sub-regions based on platform firmware recovery functions, respectively, comprises:
when the server is started, respectively acquiring MD5 values of firmware files stored in each sub-area;
and judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if so, judging that the sub-region passes the verification.
4. The method of claim 3, wherein if there is an abnormal sub-area in the verification result where the stored firmware file is corrupted, reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS and writing the backup firmware file into the abnormal sub-area, comprising:
dividing a plurality of backup subregions in a backup region stored by a BIOS (basic input output System) in advance, allocating identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files are in a compressed file format;
and covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
5. A PFR-based BIOS firmware recovery system, comprising:
the memory dividing unit is used for dividing a service area stored by the BIOS into a plurality of sub-areas, and the plurality of sub-areas respectively store different firmware files;
the file checking unit is used for respectively checking the integrity of the firmware files of the plurality of sub-areas based on the platform firmware recovery function;
and the file updating unit is used for reading the backup firmware file of the abnormal sub-area from the backup area stored by the BIOS and writing the backup firmware file into the abnormal sub-area if the abnormal sub-area in which the stored firmware file is damaged exists in the verification result.
6. The system of claim 5, wherein the memory partitioning unit comprises:
the area dividing module is used for dividing the service area into a plurality of sub-areas according to the types of the components of the service area stored by the BIOS or the size of the limited data block;
and the number distribution module is used for distributing numbers for each sub-area.
7. The system of claim 6, wherein the file verification unit comprises:
the file calculation module is used for respectively acquiring MD5 values of the firmware files stored in each sub-area when the server is started;
and the consistency comparison module is used for judging whether the MD5 value of the sub-region is consistent with the corresponding initial MD5 value, and if the MD5 value of the sub-region is consistent with the initial MD5 value, judging that the sub-region passes the verification.
8. The system according to claim 7, wherein the file updating unit comprises:
the backup mapping module is used for dividing a plurality of backup subregions in a backup region stored by the BIOS in advance, distributing identity numbers for the plurality of backup subregions, establishing a one-to-one mapping relation between the subregion numbers and the backup subregion numbers, and storing backup firmware files of the subregion firmware files in the backup subregions with the mapping relation, wherein the backup firmware files adopt a compressed file format;
and the file covering module is used for covering the damaged firmware files in the sub-areas by using the decompressed backup firmware files of the corresponding backup sub-areas according to the mapping relation and the numbers of the abnormal sub-areas.
9. A terminal, comprising:
a processor;
a memory for storing instructions for execution by the processor;
wherein the processor is configured to perform the method of any one of claims 1-4.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111249513.2A CN114116305A (en) | 2021-10-26 | 2021-10-26 | BIOS firmware recovery method, system, terminal and storage medium based on PFR |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111249513.2A CN114116305A (en) | 2021-10-26 | 2021-10-26 | BIOS firmware recovery method, system, terminal and storage medium based on PFR |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114116305A true CN114116305A (en) | 2022-03-01 |
Family
ID=80377061
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111249513.2A Withdrawn CN114116305A (en) | 2021-10-26 | 2021-10-26 | BIOS firmware recovery method, system, terminal and storage medium based on PFR |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114116305A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220229909A1 (en) * | 2021-01-18 | 2022-07-21 | EMC IP Holding Company LLC | Firmware Protection Using Multi-Chip Storage of Firmware Image |
| CN115543694A (en) * | 2022-11-29 | 2022-12-30 | 苏州浪潮智能科技有限公司 | Flash device switching method and device, computer equipment and storage medium |
| CN115756496A (en) * | 2023-01-09 | 2023-03-07 | 苏州浪潮智能科技有限公司 | Mirror image compiling method and device, computer readable storage medium and electronic equipment |
-
2021
- 2021-10-26 CN CN202111249513.2A patent/CN114116305A/en not_active Withdrawn
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220229909A1 (en) * | 2021-01-18 | 2022-07-21 | EMC IP Holding Company LLC | Firmware Protection Using Multi-Chip Storage of Firmware Image |
| CN115543694A (en) * | 2022-11-29 | 2022-12-30 | 苏州浪潮智能科技有限公司 | Flash device switching method and device, computer equipment and storage medium |
| WO2024113683A1 (en) * | 2022-11-29 | 2024-06-06 | 苏州元脑智能科技有限公司 | Flash device switching method and apparatus, computer device, and storage medium |
| CN115756496A (en) * | 2023-01-09 | 2023-03-07 | 苏州浪潮智能科技有限公司 | Mirror image compiling method and device, computer readable storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109542518B (en) | Chip and method for starting chip | |
| CN114116305A (en) | BIOS firmware recovery method, system, terminal and storage medium based on PFR | |
| CN112783537B (en) | Embedded linux operating system upgrading method and system based on MTD storage device | |
| CN109710317B (en) | System starting method and device, electronic equipment and storage medium | |
| CN103164523A (en) | Inspection method, device and system of data consistency inspection | |
| EP3971749A1 (en) | Computer starting method, controller, storage medium and system | |
| CN109587331B (en) | Method and system for automatically repairing cloud mobile phone fault | |
| CN108509215B (en) | System software replacing method and device, terminal equipment and storage medium | |
| KR20000023497A (en) | Microcomputer provided with flash memory and method of storing program into flash memory | |
| CN113626256A (en) | Virtual machine disk data backup method, device, terminal and storage medium | |
| WO2014120205A1 (en) | Replacement of a corrupt driver variable record | |
| CN106406939A (en) | EMMC chip-based mobile terminal rollback prevention method and system | |
| CN115062307B (en) | Open POWER-based program integrity checking method, system, terminal and storage medium | |
| CN105550071B (en) | System file upgrades and detection method, communication equipment | |
| CN107656765A (en) | A kind of method, system and the terminal device of equipment initialization | |
| CN112286565B (en) | Embedded system differential upgrading method based on storage container | |
| CN103455750A (en) | High-security verification method and high-security verification system for embedded devices | |
| CN115827069A (en) | Starting control method, system and device for server mainboard | |
| CN115688120A (en) | Secure chip firmware importing method, secure chip and computer readable storage medium | |
| CN115309435A (en) | Equipment firmware upgrading method and device and electronic equipment | |
| CN112115477B (en) | Kernel repairing method and device, electronic equipment and storage medium | |
| CN116700801A (en) | Configuration information management method, device and server | |
| CN111008389B (en) | Data processing method and device based on file system in satellite | |
| KR20230082388A (en) | Apparatus for verifying bootloader of ecu and method thereof | |
| CN117494232B (en) | Method, device, system, storage medium and electronic equipment for executing firmware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20220301 |