Unlock instant, AI-driven research and patent intelligence for your innovation.

Hypercall method and device for kernel mode program of enhanced packet filter

A technology of hypercall and packet filter, applied in the computer field, which can solve the problem of unable to switch to Hypervisor, unable to call Hypercall, etc.

Pending Publication Date: 2022-07-01
ALIBABA (CHINA) CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, if the enhanced packet filter running in a virtualized environment wants to obtain higher operating authority, it needs to switch from the kernel state program to the underlying virtual machine monitor (Hypervisor, or virtual machine monitor, VMM) in the virtual machine. ); while the kernel state program of the existing enhanced packet filter cannot call the Hypercall, so it cannot switch to the Hypervisor to obtain a higher operating authority

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Hypercall method and device for kernel mode program of enhanced packet filter
  • Hypercall method and device for kernel mode program of enhanced packet filter
  • Hypercall method and device for kernel mode program of enhanced packet filter

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. When the following description refers to the drawings, the same numerals in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the illustrative examples below are not intended to represent all implementations consistent with this specification. Rather, they are merely examples of apparatus and methods consistent with some aspects of this specification as recited in the appended claims.

[0055] The terms used in this specification are for the purpose of describing particular embodiments only and are not intended to limit the specification. As used in this specification and the appended claims, the singular forms "a," "the," and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It will also be understood that the term "and / or" as ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a hypercall method and device for a kernel mode program of an enhanced packet filter. The method is applied to a virtual machine monitor, and comprises the following steps: in response to a virtualization missing page triggered by a kernel mode program, obtaining a memory address for triggering the virtualization missing page; judging whether the memory address of the virtualization missing page is consistent with the memory address corresponding to the missing page key in the mapping table or not; wherein the mapping table records the mapping relation between the key value pairs, the missing page keys are keys jointly determined by the kernel mode program and the virtual machine monitor in the mapping table, and each key in the mapping table uniquely corresponds to one memory address; if the memory address of the virtualization missing page is consistent with the memory address corresponding to the missing page key, reading a missing page value mapped by the missing page key from the mapping table; wherein the missing page value comprises the function type of the hyper-call written by the kernel mode program before triggering the virtualized missing page; and executing the hyper call of the function type based on the function type indicated by the missing page value.

Description

technical field [0001] The embodiments of the present specification relate to the field of computer technology, and in particular, to a method and apparatus for hypercalling a kernel-mode program of an enhanced packet filter. Background technique [0002] Extended Berkeley Packet Filter (eBPF) is a general-purpose execution engine. Enhanced packet filters are commonly used by developers because they can run special programs (such as sandboxed programs) in the operating system kernel (such as the Linux kernel) without changing the kernel source code or loading kernel modules. [0003] The architecture of the enhanced packet filter may include at least two parts: user mode program (or user space program) and kernel mode program (or kernel program). Among them, the user-mode program is used to load the instruction code (such as BPF bytecode) into the kernel, and can also read the information or events returned by the kernel; and the kernel-mode program is used to convert the i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/54G06F9/455G06F12/02
CPCG06F9/545G06F9/45558G06F12/0292G06F2009/45583
Inventor 胡小康
Owner ALIBABA (CHINA) CO LTD