公开(公告)号：US20220350707A1

公开(公告)日：2022-11-03

申请号：US17866196

申请日：2022-07-15

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xiameng HU ,  Ning JIA ,  Yu LI ,  Nan WANG

IPC: G06F11/14 ,  G06F21/57

Abstract: A method for handling a trusted execution environment operating system crash is provided. The method includes: when it is detected, in a running process of a security service, that a TEE OS crashes, an electronic device stores a hardware status parameter of a TEE and a security context of an REE that are obtained when the TEE OS crashes, and suspends the security service; the electronic device restarts the TEE OS; the electronic device sets, based on the stored hardware status parameter of the TEE, a hardware status parameter of the TEE obtained after the TEE OS is restarted; the electronic device sets, based on the stored security context of the REE, a security context of the REE obtained after the TEE OS is restarted and a context of the TEE obtained after the TEE OS is restarted; and the electronic device restores the security service.

公开(公告)号：US20220261489A1

公开(公告)日：2022-08-18

申请号：US17734187

申请日：2022-05-02

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Nan WANG ,  Zipeng ZHANG

IPC: G06F21/62 ,  G06F9/46

Abstract: A capability management method and apparatus, a computer device, and the like relate to permission management of a kernel object in an operating system, for example, permission management of a kernel object in a microkernel architecture. In the method, two types of information are stored in a capability node of a capability owner: information used to indicate that a capability is granting and information used to indicate a granted capability. A capability association relationship between a grantor and a grantee is established by recording the two types of information, so that capability copying is avoided in a capability granting procedure, and capability deletion is avoided in a procedure of rejecting a capability by the grantee, thereby ensuring a deterministic latency while implementing capability revocation and granting. The method may be applied to a smartphone system, an unmanned driving system, or the like.