Starting method, and method and device for generating kernel image

A kernel image and kernel technology, applied in the booting method and device, and the field of booting the kernel, can solve problems such as the inability to effectively guarantee the security of the kernel and the vulnerability of the kernel to attacks.

Active Publication Date: 2018-02-13
BANMA ZHIXING NETWORK HONGKONG CO LTD
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The embodiment of the present application provides a startup method and device to solve the problem that the existing kernel startup technology causes the kernel to be vulnerable to attacks and cannot effectively guarantee the security of the kernel

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Starting method, and method and device for generating kernel image
  • Starting method, and method and device for generating kernel image
  • Starting method, and method and device for generating kernel image

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach 1

[0188] In this embodiment, the size of each sub-area in the kernel loading space is dynamically adjusted during the process of copying kernel image fragments. Specifically include steps 301-1 to 301-7 as shown below, combined below Figure 5 for further clarification.

[0189] Step 301-1. Determine the number of kernel image segments and the start and end identifiers of each kernel image segment.

[0190] For the embodiment that obtains the kernel image fragmentation according to the static fragmentation only, this step can determine the kernel image fragmentation according to the static fragmentation, that is: the number of static fragmentation and the start and end fragmentation of each static fragmentation .

[0191] As mentioned earlier, there are different ways to add static fragments to the link script used to control the generation of kernel images. For example, you can add a pair for each static fragment to identify the start and end The static fragment of the addre...

Embodiment approach 2

[0212] In this embodiment, each kernel image segment corresponding to the kernel image segment is copied to different sub-areas that have been evenly divided in advance. The specific implementation can be as follows: determine the number of kernel image fragments and the start and end fragment symbols of each kernel image fragment; divide the kernel image loading space into a corresponding number of sub-regions according to the number of kernel image fragments ; Randomly copy the code and / or data contained in different kernel image fragments to different sub-regions of the division according to the corresponding start and end fragments. Wherein, when dividing a corresponding number of sub-regions, different strategies may be adopted, for example, uniform division may be used.

[0213] During specific implementation, the kernel image fragments can be selected sequentially according to the order in the kernel image, and the code and / or data contained in it can be copied to diffe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a starting method and device, and meanwhile discloses a method and device for starting a kernel and a method and device for generating a kernel image. The starting method includes the following steps that kernel image fragments corresponding to the kernel image are copied to different sub regions of a kernel image loading space respectively; the kernel image fragments are re-positioned so as to start the kernel. By means of the method, codes and data in the kernel are randomly distributed in the kernel image loading space by using the fragments as units, fragmentizationof the kernel address is thus achieved, even if an attacker obtains the relative deviation of one kernel image fragment through a kernel address leakage loophole, the positions of other fragments cannot be calculated, the difficulty of reading and modifying the kernel is greatly increased for the attacker, and the safety of the kernel thus can be more effectively guaranteed.

Description

technical field [0001] The present application relates to start-up technology, in particular to a start-up method and device. The present application also relates to a method and a device for starting a kernel, and a method and a device for generating a kernel image. Background technique [0002] Usually, the startup process of the kernel includes: 1) hardware startup and initialization; 2) copying the kernel image to a designated memory area (this process is also called loading the kernel image); 3) these three steps of kernel startup. The address where the kernel loads the kernel image into the memory during the startup process is usually fixed. It is easy for an attacker to obtain the absolute address of the specified code or data in the kernel by analyzing the kernel image, and then damage the system through kernel vulnerabilities. Safety. [0003] With the emergence of address space layout randomization (Address space layout randomization, referred to as ASLR) technol...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/445
CPCG06F9/44505G06F9/44521
Inventor 裘绍翔李丹张智宇许来光
Owner BANMA ZHIXING NETWORK HONGKONG CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap