Loading control method for kernel module in operating system

A kernel module and operating system technology, applied in the protection of internal/peripheral computer components, instruments, electrical digital data processing, etc., can solve problems such as unloading of security modules and threats to computer security, so as to eliminate potential safety hazards, improve security, Ensure the effect of random loading or malicious unloading

Active Publication Date: 2014-10-22
NAT UNIV OF DEFENSE TECH
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As mentioned above, since users in the kernel state of the Linux operating system can dynamically load and unload kernel modules at will, the operating system kernel faces the risk of malicious module loading and security modules being unloaded, thereby threatening the security of the entire computer

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Loading control method for kernel module in operating system
  • Loading control method for kernel module in operating system
  • Loading control method for kernel module in operating system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be further described below in conjunction with the accompanying drawings and specific preferred embodiments, but the protection scope of the present invention is not limited thereby.

[0036] Such as figure 1 As shown, the implementation steps of the kernel module loading control method in the operating system of this embodiment are as follows:

[0037] 1) During the boot process of the operating system, the kernel module processing capability CAP_MODULE of all users is disabled through the kernel sealing module loaded in the kernel state, and the user authentication function of the kernel sealing module is enabled, so that the kernel module of the operating system enters the sealing state;

[0038] 2) During the operation of the operating system, the kernel module operation request received by the operating system kernel for loading or unloading the kernel module is intercepted through the kernel sealing module, and the user or application th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a loading control method for kernel module in an operating method. The loading control method includes the steps of 1) during guiding of an operating system, closing a kernel module processing capability of all users through a kernel sealing module in a kernel state and starting a user verification function of the kernel sealing module, and allowing the an operating system kernel to entering a sealing state; 2) when the operating system runs, acquiring a kernel module operating request through the kernel sealing module, and verifying the user or application sending the kernel module operating request, if the verification passes, the kernel module processing capability of the user or application is started, and the target kernel module requested by the user or application is loaded or unloaded through the operating system kernel. The loading control method has the advantages of safe control of the kernel module loading, sealing protection of the kernel module, high safety performance, and high flexibility of loading the kernel module, simplicity in completing method and high universality.

Description

technical field [0001] The invention relates to the technical field of kernel security in a Linux operating system, in particular to a method for controlling loading of kernel modules in an operating system. Background technique [0002] Software module loading is a basic function of the Linux operating system, which allows the Linux operating system kernel to control driver support and software functions through module loading and unloading. The Linux operating system supports dynamic loading and unloading of kernel modules, which brings great convenience to the expansion of system functions and driver development, but also provides opportunities for malicious users to damage the system. If the kernel module is uninstalled maliciously, the system will lose the corresponding functions and it will be difficult to operate normally; Control is an important way to ensure the security of the system platform. The loading of the Linux operating system kernel module mainly include...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52G06F21/56
CPCG06F21/554G06F21/74
Inventor 廖湘科黄辰林董攀陈松政魏立峰丁滟罗军
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap