Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Kernel dynamic data isolation and protection technology based on multi-kernel page table

A dynamic data, multi-core technology, applied in the direction of digital data protection, electronic digital data processing, multi-programming devices, etc.

Inactive Publication Date: 2017-09-15
NANJING UNIV
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This facilitates the realization of the need to isolate dynamic data from different sources, and solves the common problem of dynamic data mixed pages in kernel isolation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Kernel dynamic data isolation and protection technology based on multi-kernel page table
  • Kernel dynamic data isolation and protection technology based on multi-kernel page table
  • Kernel dynamic data isolation and protection technology based on multi-kernel page table

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] A non-limiting embodiment is given below in conjunction with the accompanying drawings to further illustrate the present invention.

[0025] The present invention provides a method for kernel isolation and protection based on multi-kernel state page tables, and the realization effect of the whole method is as follows: figure 1 As shown, it includes the following steps:

[0026] Step 1: Establish multiple sets of Linux kernel page tables during kernel initialization. For the direct mapping area in the kernel address space, set the same page table entry in different kernel page table pages to establish a consistent mapping relationship. For non-direct The mapped area establishes a shared mapping relationship by sharing page table pages. The kernel establishment process of the direct mapping area is mainly implemented in the init_mem_mapping function, which implements the main mapping logic through the init_memory_mapping function. By adding page table construction logic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a kernel dynamic data isolation and protection technology based on multi-kernel page table in the Linux system. The implementation of this technology mainly involves the page table management, memory allocator and page fault handling in the Linux system. The realization method is as follows: first, creating multiple sets of kernel page tables when the kernel is initialized, so as to construct multiple relatively independent memory views in the Linux kernel. Under normal circumstances, the correct operation of the kernel is guaranteed through the switching among various kernel page tables. Secondly, modifying the memory allocator in the Linux system; by allocating flags, distinguishing that which memory view does the current allocated memory correspond to, and modifying the kernel view table corresponding to the memory view so that the allocated memory is visible in the memory view but invisible to other memory views. Finally modifying the missing page program, adding a new kernel state page fault handling logic so as to deal with kernel page fault exception caused by access of the kernel to the invisible memory area under the current page table.

Description

technical field [0001] The invention relates to the field of Linux kernel isolation and protection, in particular to a kernel dynamic data isolation and protection technology based on multi-kernel page tables. Background technique [0002] Linux is one of the faster and more powerful kernels currently running on computer operating systems. A large number of distributions have also emerged based on the Linux kernel, and they play a pivotal role in both servers and clients. At the same time, Linux is also a huge open source project, which itself contains tens of millions of codes, and even the number is still expanding. More code means more bugs. Not only that, the Linux system itself has high scalability and flexibility, allowing code to be added to the kernel by inserting modules, which further increases the amount of Linux code, and untrusted module insertion is also critical for system operation. Create a great risk, causing the system to become more insecure. Although...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/50G06F21/62G06F12/1027
CPCG06F9/5016G06F12/1027G06F21/6281G06F2221/2141
Inventor 吕腾飞黄皓
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com