Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for accessing to physical resources

A technology of physical resources and physical addresses, applied in resource allocation, multiprogramming devices, program control devices, etc., can solve the problems of memory resource insecurity, memory resource leakage, etc.

Active Publication Date: 2015-05-27
HUAWEI TECH CO LTD +1
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the global physical memory is visible to every Light OS. Therefore, when the Light OS kernel itself is untrustworthy or a logical error occurs in the page table mapping, it is possible to access the physical memory that does not belong to it, thereby causing other system kernels to fail. Memory resource leaks, causing insecurity of memory resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for accessing to physical resources
  • Method and device for accessing to physical resources
  • Method and device for accessing to physical resources

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0258] Next, a specific implementation solution for the method for accessing physical resources will be provided according to the above system. like Figure 4 As shown, it specifically includes the following steps:

[0259] Step 401, when the Heavy OS starts, initialize the security firmware.

[0260] Wherein, performing initialization settings on the security firmware; the initialization settings include: setting a capacity for storing second resource allocation mapping information in the security firmware; and binding the security firmware to the Heavy OS , so that the security firmware only stores or updates the second resource allocation mapping information under the control of the Heavy OS, and the security firmware only feeds back an abnormal access signal to the Heavy OS.

[0261]The second resource allocation mapping information may be a correspondence between the CPU included in the Light OS and the physical addresses of all or part of the physical resources allocat...

Embodiment 2

[0285] For the above-mentioned system, the embodiment of the present invention provides a method for accessing physical resources, the execution subject of which is the first Light OS, by monitoring the capability operation of the task process and the propagation path of key data in the first Light OS, to Guarantees access to kernel object resources. like Figure 5 As shown, the specific steps include:

[0286] Step 501, the first lightweight system kernel Light OS allocates kernel object resources for each task in the user space.

[0287] Wherein, the kernel object resource is that Light OS encapsulates kernel resources (such as memory, device, etc.) and exists in the form of an object (Object).

[0288] Specifically, the allocation of kernel object resources for each task in the user space by the first Light OS is completed by the Capability authorization module in the first Light OS, and the Capability authorization module is a part of the Capability mechanism. Among the...

Embodiment 3

[0301]For the above system, the embodiment of the present invention provides a method for accessing physical resources, the execution body of which is the Heavy OS, and the functional integrity of the Light OS is guaranteed by performing security detection on the Light OS. like Image 6 As shown, the specific steps include:

[0302] Step 601, the heavyweight system kernel Heavy OS sends a security inspection request to the first Light OS; correspondingly, the first Light OS receives the security inspection request sent by the Heavy OS.

[0303] Wherein, the security detection request is used to detect whether the first Light OS is abnormal; the Heavy OS may perform security detection on the first Light OS periodically or in real time, but it is certainly not limited thereto.

[0304] Further, before the Heavy OS performs security detection on the first Light OS, the method further includes: the Heavy OS periodically records the Capability table information of the first Light ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Disclosed are a method and apparatus for accessing physical resources, which relate to the technical field of operating systems, in order to limit that the Light Operating System (Light OS) kernel among a multiple-kernel operating system cannot access the physical resources of other Light OSs, and ensure the security for accessing the physical resources among the Light OSs. The method comprises: a secure firmware receives the physical address corresponding to the physical resource to be accessed by a first Light OS; the secure firmware determines whether the physical address corresponding to the physical source to be accessed by the first Light OS crosses the border; if the access of the first Light OS does not cross the border, a continuously accessing signal is sent to the first Light OS; or, if the access of the first Light OS crosses the border, an accessing error signal is sent to the first Light OS.

Description

technical field [0001] The present invention relates to the technical field of operating systems, in particular to a method and device for accessing physical resources. Background technique [0002] With the further increase in data volume and data processing requirements, the load has higher and higher requirements on the performance of the operating system. Microkernel and multi-kernel have become a trend in the future development of the operating system. Multi-core cooperative work can well isolate applications, improve system throughput and greatly improve system performance. Therefore, in the face of big data processing today, virtualization technology and multi-core technology are more and more researched and applied due to their high scalability. Among them, the parallel virtualization system combines multi-core technology and virtualization technology to ensure resource reuse and isolation, and each core of the multi-core operating system can independently manage me...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F9/50
CPCG06F9/4411G06F2009/45583G06F21/78G06F2221/2141G06F12/1458G06F2212/1052G06F21/53G06F21/62G06F21/00G06F9/4555G06F21/572
Inventor 郑晨付龙詹剑锋张立新
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products