Check patentability & draft patents in minutes with Patsnap Eureka AI!

A vulnerability hot-fix method for virtualized hypercall function

A super-calling and hot-fixing technology, applied in the field of cloud computing security, can solve the problems affecting the availability of the virtualization platform, and achieve the effect of ensuring controllability and security, ensuring normal operation, and repairing security.

Active Publication Date: 2019-07-19
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Hypercall is an important communication mechanism under the Xen virtualization platform, and its vulnerability seriously affects the availability of the virtualization platform

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A vulnerability hot-fix method for virtualized hypercall function
  • A vulnerability hot-fix method for virtualized hypercall function

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The technical solutions of the present invention will be clearly and completely described below in conjunction with the embodiments and drawings.

[0023] A specific implementation manner for implementing the present invention is as follows. The method for hot repairing the vulnerability of the virtualized hyper-call function has the following steps:

[0024] 1) Calculate the Xen physical memory starting address according to the e820 table of the Xen system;

[0025] 2) Calculate the physical address mapped to the virtual address of the super call table based on the physical memory starting address and Xen memory distribution calculated above;

[0026] 3) Obtain the patch machine code through the privileged domain Domain0, write the patch into the memory, and record the physical memory address of the patch function;

[0027] 4) According to the physical address of the super call table calculated above and the super call number corresponding to the super call processing function t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a loophole hot-fixing method for a virtualization super calling function. The method includes: 1) calculating a Xen physical-memory starting address according to an e820 table of a Xen system; 2) calculating a physical address, to which a virtual address of a super calling table is mapped, according to the calculated Xen physical-memory starting address and Xen memory distribution; 3) acquiring a patch machine code through a privileged domain Domain0, writing a patch into a memory, and recording a physical address of a patch function; 4) calculating a physical address, which is in the super calling table and corresponds to the to-be-fixed super calling processing function, according to a super calling number corresponding to the to-be-fixed super calling processing function; and 5) updating the super calling table through the privileged domain Domain0, and thus realizing loophole hot-fixing for the super calling processing function. According to the method, a virtualization platform loophole can be accurately fixed, restarting a machine is not needed, and normal operation of virtual machines on a virtualization platform is guaranteed.

Description

Technical field [0001] The invention belongs to the technical field of cloud computing security, and relates to a method for repairing vulnerabilities of a virtualization platform, and particularly relates to a method for hot repairing vulnerabilities of a hypercall under a virtualization platform. Background technique [0002] With the rapid development of Internet technology, cloud computing has risen rapidly as a low-cost computing and communication mode. The latest "Cloud Computing White Paper (2016)" released by the China Academy of Information and Communications Technology at the Trusted Cloud Conference in September 2016 shows that the global cloud computing market has continued to expand steadily since 2010. Cloud computing means that applications are delivered and used in the form of services over the Internet, and the hardware and software of the data center can provide these services. In recent years, large Internet companies such as Microsoft, Amazon, Google, and IBM...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53G06F21/57
CPCG06F21/53G06F21/577
Inventor 贾晓启郑小妹白璐杜海超唐静武希耀黄庆佳
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com