Unlock instant, AI-driven research and patent intelligence for your innovation.

A kind of multi-core environment process kernel stack protection method based on hardware virtualization

A hardware virtualization and process technology, applied in the direction of platform integrity maintenance, etc., can solve the problem of complex integrity protection of the kernel stack and other problems

Active Publication Date: 2021-03-19
NANJING UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In a multi-core environment, multiple processes can run at the same time, and attackers can launch attacks on the running processes in the system, making the problem of kernel stack integrity protection more complicated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of multi-core environment process kernel stack protection method based on hardware virtualization
  • A kind of multi-core environment process kernel stack protection method based on hardware virtualization
  • A kind of multi-core environment process kernel stack protection method based on hardware virtualization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0086] The present invention is described in further detail now in conjunction with accompanying drawing.

[0087] attached figure 1 It is a schematic diagram of the overall structure of the protection system. Such as figure 1 As shown, the kernel stack information library stack_list stores the global data content of the protection system, and stores information about the kernel stack of each process in the client, including the client physical address of the kernel stack base address and the corresponding process number pid. KVM (kernel-based virtual machine) is a component that provides virtualization functions in the Linux kernel. It creates and schedules multiple vCPUs (virtual CPUs) to provide client multi-core environment capabilities. The extended page table EPT is a hardware structure supported by Intel for memory virtualization, which completes the conversion from the physical address of the client to the actual physical address. KVM creates and maintains EPT page ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a multi-core environment process kernel stack protection method based on hardware virtualization, and the method comprises the steps: embedding a protection system into a hypervisor of a virtual machine manager, and providing integrity protection for a process kernel stack in a client. According to the method, in the multi-core environment, real-time integrity protection isprovided for the whole kernel stack area of any process. A protection object of the method is not limited to part of safe and sensitive data any more, and all data contents on a process kernel stackare protected, including control data and non-control data on the kernel stack; the protection method is suitable for a multi-core environment, and is effective in a single-core environment. The method not only can defend malicious attacks from a process local processor, but also can defend malicious attacks from other processors, and the defense capability is more comprehensive. In addition, theprotection mechanism of the method is continuous and real-time, no protection gap exists, and the safety of the system can be effectively enhanced.

Description

technical field [0001] The invention belongs to the technical field of process kernel stack integrity protection, in particular to a method for protecting process kernel stacks in a multi-core environment based on hardware virtualization. Background technique [0002] The process kernel stack is one of the important data contents for the operating system to manage the process and ensure its normal operation. When switching between processes and switching privileges from user mode to kernel mode, the process kernel stack plays an important role in saving and restoring the process context state. In theory, the kernel stacks between processes should be isolated from each other. However, in the implementation of operating systems such as Linux, the kernel stack areas of each process are not isolated from each other. Therefore, conditions are provided for attacks such as Return-to-user (return to user code) and Return-to-schedule (return to scheduling function), and these attac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 曾庆凯杜震
Owner NANJING UNIV