Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for acquiring data structure offset in Linux kernel

A data structure and kernel technology, applied in the direction of program control device, memory address/allocation/relocation, program code conversion, etc., can solve problems such as different offsets, inapplicability, data structure rearrangement, or different memory alignment offsets

Pending Publication Date: 2022-04-05
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) The offset caused by data structure adjustment in different Linux versions is different;
[0005] (2) Different data members brought by different config files in the same Linux version, resulting in different offsets;
[0006] (3) Different compilation features of different versions of the compilation toolchain lead to different offsets caused by data structure rearrangement or memory alignment
However, this method requires the driver compilation environment in the target operating system and is executed with root privileges. For target operating systems that lack such conditions, such as some virtual network devices that limit shell functions and lack source code support, this method cannot be applied , the method of reverse analysis, which is highly dependent on manual work, is often applied, and the limitations are obvious

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for acquiring data structure offset in Linux kernel
  • Method and device for acquiring data structure offset in Linux kernel
  • Method and device for acquiring data structure offset in Linux kernel

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0038]At present, the acquisition of the data structure offset of the Linux operating system kernel mainly depends on compiling and building the kernel driver in the operating system and executing it with root privileges. For target operating systems that do not have this condition, there is a lack of an automated way to extract the data from the Linux kernel binary file. Method to get the offset. Therefore the present invention provides a kind of method and device that obtains the offset of data structure in the Linux kernel, extracts the general function that contains the reference of the designated field of designated structure by analyzing the source code of multi-version Linux, then extracts the function related to the designated domain in this function The characteristic of the specified field of the structure, thereby obtaining a feature of obtai...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for acquiring data structure offset in a Linux kernel. The method comprises the following steps: for N given Linux source code versions containing a target Linux kernel file, carrying out static source code analysis on all functions of each version, and obtaining all functions which contain references of a specified domain f of a specified structure S and are not explicitly declared as inline functions; calculating the characteristics of each function about the specified structural body S and the specified domain f, and generating a function list; then solving an intersection of the N function lists according to the function declaration, and generating a cross-version general function list; then taking partial features of the stability function with the lowest complexity as reference vectors; analyzing a target kernel file by using the reference vector to obtain all domain references for the initial structure S in an assembly code of a function corresponding to the reference vector; and obtaining a corresponding domain reference determination offset according to features in the reference vector.

Description

technical field [0001] The present invention relates to data structure offset acquisition technology, specifically by counting the general reference function of the specified field of the specified structure in the multi-version Linux source code, and then extracting the characteristics of the specified field of the specified structure in the function, thereby obtaining a A feature for obtaining the offset value of the field in the binary file of the Linux kernel, thereby realizing the acquisition of the offset of the specified field of the specified structure of the binary file of the Linux operating system kernel. Background technique [0002] Both memory forensics and virtual machine introspection technologies often require the use of memory analysis methods to obtain the addresses and values ​​of some data structures in the memory, which involves the relationship of some data structures in the kernel. These relationships are based on "structure-domain" embodied in form. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/41G06F9/455G06F12/06
Inventor 张禹邹燕燕孙俭钟楠宇刘宝旭霍玮
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com