An application execution method and a processor

Abstract

An application execution method and a processor. The application includes a first instruction, and the method is executed by the processor which includes a first register corresponding to the first instruction. The method includes: obtaining first data corresponding to the first instruction in the application; reading second data from the first register; and determining whether to execute the first instruction according to the first data and the second data.

Description

Technical Field

[0001] The embodiments in this specification belong to the field of computer technology, and in particular relate to an application execution method and processor. Background Technology

[0002] Processors in computing devices typically offer multiple privilege levels for the operating system to selectively use. For example, the Linux operating system usually uses the lowest privilege level provided by the processor to run in user mode and the highest privilege level to run in kernel mode. Among machine instructions that can be directly executed by the processor, those that pose significant security risks are generally only allowed to execute in kernel mode and not in user mode. However, some machine instructions that are allowed to execute in user mode have been given permission control meanings by the user, and the user may not expect such instructions to be abused. Summary of the Invention

[0003] The purpose of this invention is to provide a method for executing an application and a processor.

[0004] In a first aspect, a method for executing an application is provided, the application including a first instruction, the method being executed by a processor, the processor including a first register corresponding to the first instruction. The method includes: acquiring first data corresponding to the first instruction in the application; reading second data from the first register; and determining whether to execute the first instruction based on the first data and the second data.

[0005] In a second aspect, a processor is provided, including an arithmetic logic unit (ALU) and a first register, the first register corresponding to a first instruction included in an application, the ALU being configured to: acquire first data corresponding to the first instruction in the application; read second data from the first register; and determine whether to execute the first instruction based on the first data and the second data.

[0006] Thirdly, a computing device is provided, including the processor described in the second aspect.

[0007] In the above embodiments, the processor can decide whether to execute the first instruction in the application based on the first data corresponding to the first instruction in the application and the second data stored in the first register corresponding to the first instruction in the processor, thereby realizing the controlled use of the first instruction and avoiding the first instruction from being maliciously executed in the application and causing security risks. Attached Figure Description

[0008] To more clearly illustrate the technical solutions of the embodiments in this specification, the drawings used in the description of the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments recorded in this specification. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0009] Figure 1 This is a schematic diagram illustrating an exemplary business scenario provided in the embodiments of this specification;

[0010] Figure 2 This is a flowchart of a method for initializing an application provided in the embodiments of this specification;

[0011] Figure 3 This is a schematic diagram of an exemplary application provided in the embodiments of this specification;

[0012] Figure 4 This is a schematic diagram illustrating an application execution method provided in the embodiments of this specification;

[0013] Figure 5 This is a schematic diagram of a processor provided in an embodiment of this specification. Detailed Implementation

[0014] To enable those skilled in the art to better understand the technical solutions in this specification, the technical solutions in the embodiments of this specification will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this specification, and not all embodiments. Based on the embodiments in this specification, all other embodiments obtained by those skilled in the art without creative effort should fall within the scope of protection of this specification.

[0015] For machine instructions that can be directly executed by the processor, those that pose significant security risks are typically only allowed to execute in kernel mode and not in user mode. However, this does not mean that machine instructions allowed to execute in user mode are without security risks. For example, machine instructions allowed to execute in user mode may include those with privilege management characteristics, such as machine instructions used to read and write non-general-purpose registers in the processor. These privilege management machine instructions can also introduce security risks when executed in user mode. The following text will refer to machine instructions that are allowed to execute in user mode and have privilege management characteristics as privileged instructions. First, an exemplary business scenario will be used to describe privileged instructions and the potential security risks associated with executing them in user mode.

[0016] Smart contracts written using processor machine instructions in a blockchain system / platform are referred to as native contracts below. They can be executed directly by the processor without interpretation, resulting in high execution speed. When running as part of a blockchain platform, they avoid the time overhead of inter-process communication (IPC), further improving platform performance. However, native contracts are untrusted entities running in user space. Blockchain platforms typically need to isolate untrusted entities, such as using mechanisms like Intel MPK (Memory Protection Keys), to prevent untrusted entities, including native contracts, from illegally accessing data and causing security risks. The Intel MPK mechanism is a hardware feature of Intel processors. It defines which key protects each memory page in user space according to the page table and defines the processor's current access permissions to each key-protected memory page through protection key registers. When the processor accesses data in a memory page in user space, it needs to query the protection key registers to determine whether it has the necessary access permissions. Furthermore, it is understandable that applications running in user space can be not only blockchain platforms including native contracts, but also other computer programs directly installed on computing devices.

[0017] For processors that include the aforementioned protection key register, the processor's machine instructions include the wrpkru instruction for reading and writing the protection key register, which modifies the processor's access permissions to the relevant memory pages. Please refer to [reference needed]. Figure 1When a native contract runs as part of a blockchain platform, the platform, concerned that the native contract might illegally modify its memory, might use the `wrpkru` instruction to disable the native contract's access to relevant data on the blockchain platform before transferring control from other functional modules to the native contract. After the native contract transfers control, these other functional modules can then proactively use the `wrpkru` instruction to re-enable access to the relevant data. However, in the current Intel MPK implementation, if the native contract contains the `wrpkru` instruction, it can execute this instruction itself to modify its access permissions to relevant data on the blockchain platform, thus rendering the "disabling access permissions" action performed by other functional modules before transferring control to the native contract ineffective.

[0018] The preceding text exemplifies that privileged instructions may include the wrpkru instruction that might be used in native contracts, and also exemplifies the potential security risks of executing wrpkru instructions in user space. However, it is understood that privileged instructions may also include other machine instructions, and application scenarios may include those other than blockchain platforms employing the Intel MPK mechanism. Security risks may include those other than malicious access to memory pages by untrusted entities.

[0019] In one possible implementation, when the processor executes an untrusted entity including a native contract, a binary scan of the untrusted entity can be performed to discover its privileged instructions. These privileged instructions and their associated machine instructions can then be transformed according to a corresponding strategy to obtain a modified untrusted entity. This modified untrusted entity no longer contains privileged instructions, preventing the processor from executing privileged instructions in user space during the execution of the untrusted entity, thus avoiding security risks. However, this implementation involves a binary scan of all untrusted entities, which is technically very complex, impacts application execution efficiency, and may prevent the modified untrusted entity from completing certain pre-defined tasks.

[0020] In view of the above problems, this specification provides at least one method for executing an application and a processor. The processor includes a first register corresponding to a first instruction, wherein the first instruction is a privileged instruction. The processor can decide whether to execute the first instruction in the application based on first data corresponding to the first instruction in the application and second data stored in the first register, thereby achieving controlled use of the first instruction in the application and preventing malicious execution of the first instruction in the application, which could cause security risks. Furthermore, it eliminates the need to spend excessive time modifying the application during execution to ensure that the application can complete the predetermined tasks expected by the developer, does not affect the execution efficiency of the application, and has relatively low technical complexity.

[0021] Figure 2 This is a flowchart illustrating a method for initializing an application provided in an embodiment of this specification. The application includes a first instruction that is permitted for use by the developer and belongs to privileged instructions. Specifically, this method can be executed by a processor, which includes a first register corresponding to the first instruction. The processor can specifically execute a specific functional module (i.e., a first program segment) included in the application to complete the execution of... Figure 2 The method is illustrated. In other words, when an application developer allows the normal use of the first instruction in a certain functional module (i.e., the second program segment) of the application, the developer can provide a specific functional module in the application and ensure that when the processor executes the application, the processor will first execute that specific functional module to complete tasks such as... Figure 2 The method shown. Correspondingly, Figure 2 The method for initializing the application shown can also be described as the process of the application itself initializing. For example... Figure 2 As shown, the method includes some or all of the following steps 201-205:

[0022] Step 201: Obtain business data. This business data can be random numbers generated during the processor's application initialization process, such as random numbers generated by the processor executing specific functional modules provided by the application.

[0023] Step 203: Write the business data as the first data corresponding to the first instruction into the application program, and write the business data into the first register in the processor corresponding to the privileged instruction. The business data in the first register can also be represented as the second data.

[0024] In a more concrete example, when the application developer allows the normal use of a first instruction, which is a privileged instruction, within a second program segment included in the application, the developer can reserve a target instruction within the second program segment to store the first data corresponding to that first instruction. Correspondingly, the processor can execute the first program segment to write the acquired business data as the first data corresponding to the first instruction into the target instruction within the second program segment. This target instruction can be located before and adjacent to its corresponding first instruction, and is used to acquire the first data as an immediate value into a specific memory location. This specific memory location can be a general-purpose register or a defined specific register; for example, the target instruction could be "Mov R, Eh", where R represents a general-purpose register in the processor other than the first register, and E represents the first data written to the target instruction by the processor executing the first program segment.

[0025] In a more specific example, the processor can execute a second instruction in user mode to write the business data as the second data into the first register. For instance, the processor can execute a second instruction in the first program segment of the application to write the acquired business data as the second data into the first register.

[0026] Since the first register is a non-general-purpose register corresponding to the first instruction, the aforementioned second instruction for accessing the first register also has the nature of privilege management. If the same method is used to implement controlled use of the first and second instructions, it may be necessary to configure a non-general-purpose register corresponding to the second instruction in the processor, thus entering an endless loop. Therefore, to avoid this situation, the second instruction can be set to be allowed to execute under any of the following conditions: the privilege level of the processor at the current moment is higher than the privilege level of user mode; the first register stores a preset value; the data stored in the second register corresponding to the second instruction is the same as the data stored in the first register, and the data stored in the second register is set by the instruction stream preceding the second instruction. For example, the instruction stream preceding the second instruction includes the instruction "Mov P, Fh". When the processor executes the instruction "Mov P, Fh", it can write the data F into the second register P. When the processor executes the second instruction, it can determine whether the data F in the second register P is the same as the current data stored in the first register. Only if they are the same will the second instruction be executed. When the first register stores a preset value, it indicates that the first register is not being used by the application at the current moment, that is, it indicates that the processor is not executing a task that uses the first register at the current moment.

[0027] More specifically, access to the first register can be divided into read access and write access. Machine instructions used to implement read access to the first register must be unconditionally executed at a privilege level higher than user mode (i.e., in privileged mode). Machine instructions used to implement write access to the first register have various control modes, similar to the various cases where the second instruction is allowed to execute. Furthermore, the first register may also not support read access and only support write access.

[0028] In summary, the design of the first register, besides avoiding the aforementioned loops, also needs to support task switching. This ensures that the system kernel can utilize the design of the first register to save and restore the data stored in it during task switching. For example, when the processor switches from task A (running application A) to task B (running application B) based on a peripheral interrupt or other specific conditions, the operating system kernel is typically used for task switching. The kernel runs in kernel mode, meaning that during the switch from task A to task B, the processor is at the highest privilege level provided by the processor, which is higher than the lowest privilege level provided by the processor corresponding to application A running in user mode. Specifically, the kernel can read and record the second data corresponding to task A from the first register using appropriate instructions. When the processor switches back from task B to task A, the kernel can rewrite the second data corresponding to task B stored in the first register with the second data corresponding to task A, as recorded by the kernel.

[0029] Continuing with the example of a blockchain platform that includes native contracts in its applications, please refer to [link / reference]. Figure 3For blockchain platforms that include native contracts, developers are allowed to use the wrpkru instruction normally within functional module B1 of the blockchain platform, but are not allowed to use the wrpkru instruction maliciously within native contracts. Developers of this blockchain platform can reserve target instructions in the instruction sequence of functional module B1. A target instruction could be, for example, "Mov R, Eh" located before and adjacent to the wrpkru instruction. Furthermore, the developers of this blockchain platform can provide a functional module B0 within the platform. During the platform's initialization process, the processor can execute functional module B0 to write a random number as the first data to the target instruction "Mov R, Eh". Specifically, the processor can use the second instruction "WRPKCR" within functional module B0 to write the random number as the second data to the first register. The instruction stream preceding "WRPKCR" can write the current data F stored in the first register to the second register corresponding to the second instruction. For example, if the instruction stream preceding the second instruction includes the instruction "Mov P, Fh", when the processor executes the instruction "Mov P, Fh", it will write the data F to the second register P. When the processor executes the second instruction, it can determine whether the data F in the second register P is the same as the current data stored in the first register. Only if they are the same will the second instruction be executed. More specifically, when the blockchain platform itself begins initialization, that is, when the processor begins executing functional module B0, it needs to exit or pause the execution of other applications that may contain the first instruction. The system kernel can reset the first register to a preset value or provide the functional module B0 with the current data stored in the first register. Then, during the initialization process of the blockchain platform itself, that is, during the execution of functional module B0, when the processor specifically executes the second instruction "WRPKCR" included in functional module B0, it can find that the current data stored in the first register is the preset value, or that F in the second register P in the aforementioned example is the same as the current data stored in the first register. Therefore, the processor can directly execute the second instruction "WRPKCR" in functional module B0 to write the second data into the first register.

[0030] Optionally, the method further includes step 205, setting the target instruction in the application used to store the first data to have only execute permissions and not read / write permissions. For example, please refer to [link / reference needed]. Figure 3Functional module B0 can use the Intel MPK mechanism to disable read and write permissions for the logical address corresponding to the target instruction "Mov R, Eh", ensuring that the target instruction "Mov R, Eh" is only allowed to be executed directly by the processor. This prevents the Native contract in the blockchain platform from accessing the logical address corresponding to "Mov R, Eh" by reading the memory image and obtaining the first data written by functional module B0 into the target instruction "Mov R, Eh".

[0031] Through the aforementioned Figure 2 After initializing the application using the method shown, the application can continue to execute. For example, after initializing a blockchain platform including native contracts through functional module B0, functional module B0 in the blockchain platform can then call functional module B1 to enter the normal execution process of the blockchain platform.

[0032] Figure 4 This is a flowchart illustrating an application execution method provided in an embodiment of this specification. The method primarily describes how to execute a first instruction belonging to privileged instructions within the application. This method is executed by a processor, which includes a first register corresponding to the privileged instruction. The method may include at least the following steps 401-405.

[0033] First, in step 401, the first data corresponding to the first instruction in the application is obtained.

[0034] The processor can obtain the first data from the second program segment to which the first instruction belongs. For example, the processor can execute the target instruction in the second program segment, obtain the first data corresponding to the first instruction in the target instruction into a specific memory unit, and then read the first data corresponding to the first instruction from the specific memory unit, specifically, reading the first data corresponding to the first instruction from register R in the aforementioned example.

[0035] Next, in step 403, the second data is read from the first register.

[0036] Finally, in step 405, it is determined whether to execute the first instruction based on the first data and the second data.

[0037] If the first data and the second data are the same, it indicates that the first instruction is an instruction that the application developer allows to be executed. If the first data and the second data are different, it indicates that the first instruction is not an instruction that the application developer allows to be executed.

[0038] Please continue to refer to this. Figure 3Based on the previous descriptions of functional modules B0, B1, and the native contract, when the first instruction waiting to be executed by the processor belongs to functional module B1, the "Mov R, Eh" in functional module B1 and the first register can provide the same data. That is, the data E provided in register R is the same as the second data stored in the first register, and the first instruction in functional module B1 will be directly executed by the processor. When the first instruction waiting to be executed by the processor is the first instruction in the native contract, since the native contract cannot know the second data located in "Mov R, Eh" and the first register, it will inevitably be unable to provide the same first data as the second data in the first register. At this time, there are two situations for the first instruction in the native contract: The first situation is that there is no reserved target instruction in the native contract that is located before the first instruction, that is, there is no value in register R in the aforementioned example that is the same as the second data in the first register, and the first instruction will not be executed by the processor; The second situation is that there is a reserved target instruction in the native contract that is located before the first instruction, but the first data provided by the target instruction is different from the second data obtained from the first register, that is, the first data in register R in the aforementioned example is not the same as the second data in the first register, and the processor will also not continue to execute the first instruction.

[0039] It should be noted that when the processor stops executing the first instruction, it can either skip the first instruction and continue executing other instructions in the application, or execute other tasks according to the predetermined exception handling strategy and stop executing the application.

[0040] It should be noted that, although the foregoing embodiments mainly combine Figure 3 The example blockchain platform exemplifies the process of writing first data and second data to a target instruction and a first register, respectively, during the initialization of the blockchain platform by a functional module B0 provided by the blockchain platform itself. However, this does not mean that the application itself must provide a specific functional module for setting the first and second data. For example, a corresponding computer program can be pre-deployed in the computing device and configured according to the developer's expectations, so that the computer program can set the first data corresponding to the first instruction in the application and set the second data in the first register corresponding to the first instruction during the processor's initialization of the application.

[0041] Based on the same concept as the foregoing method embodiments, this specification also provides a processor in its embodiments. For example... Figure 5As shown, the processor includes an arithmetic logic unit (ALU) 501 and a first register 503. The first register 503 corresponds to a first instruction included in the application. The ALU 501 is configured to: obtain first data corresponding to the first instruction in the application; read second data from the first register 503; and determine whether to execute the first instruction based on the first data and the second data.

[0042] In one possible implementation, the application includes a first program segment and a second program segment, wherein the first instruction belongs to the second program segment; the arithmetic unit 501 is further configured to write the second data to the first register according to the first program segment.

[0043] In one possible implementation, the arithmetic unit 501 is further configured to write the second data as the first data into a target instruction in the second program segment according to the first program segment; specifically, the arithmetic unit 501 is configured to execute the target instruction to obtain the first data.

[0044] In one possible implementation, the arithmetic unit 501 is further configured to obtain a random number that will be used as the second data according to the first program segment.

[0045] In one possible implementation, the arithmetic unit 501 is further configured to set the target instruction to have only execute permissions and not read / write permissions according to the first program segment.

[0046] In one possible implementation, the arithmetic unit 501 is specifically configured to write the second data to the first register according to the second instruction in the first program segment, wherein the second instruction is configured to be allowed to execute under any of the following conditions: the privilege level of the processor at the current moment is greater than the privilege level of the user mode; the first register stores a preset value; the data stored in the second register corresponding to the second instruction is the same as the current data stored in the first register, and the data stored in the second register is set by the instruction stream preceding the second instruction.

[0047] In one possible implementation, the application is a smart contract deployed on a blockchain.

[0048] In one possible implementation, the first instruction is a privileged instruction with access control characteristics.

[0049] Based on the same concept as the foregoing method embodiments, this specification also provides a computing device that includes the processor provided in any of the embodiments described herein.

[0050] While one or more embodiments of this specification provide the operational steps of the methods described in the embodiments or flowcharts, more or fewer operational steps may be included based on conventional or non-inventive means. The order of steps listed in the embodiments is merely one possible order of execution among many steps and does not represent the only possible order. In actual device or end product execution, the methods shown in the embodiments or drawings may be executed sequentially or in parallel (e.g., in a parallel processor or multi-threaded processing environment, or even a distributed data processing environment). The terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, product, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, product, or apparatus. Without further limitations, the presence of other identical or equivalent elements in the process, method, product, or apparatus that includes the elements is not excluded. For example, the use of terms such as "first," "second," etc., is to denote names and does not indicate any particular order.

[0051] This invention is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart... Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0052] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0053] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1The steps of the function specified in one or more boxes.

[0054] In a typical configuration, a computing device includes one or more processors (CPU), input / output interfaces, network interfaces, and memory.

[0055] Memory may include non-persistent storage in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM. Memory is an example of computer-readable media.

[0056] Computer-readable media, including both permanent and non-permanent, removable and non-removable media, can store information using any method or technology. Information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, magnetic magnetic disk storage, graphene storage or other magnetic storage devices, or any other non-transferable medium that can be used to store information accessible by a computing device. As defined herein, computer-readable media does not include transient computer-readable media, such as modulated data signals and carrier waves.

[0057] Those skilled in the art will understand that one or more embodiments of this specification can be provided as a method, system, or computer program product. Therefore, one or more embodiments of this specification may take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of this specification may take the form of a computer program product implemented on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0058] One or more embodiments of this specification can be described in the general context of computer-executable instructions, such as program modules, that are executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform a particular task or implement a particular abstract data type. One or more embodiments of this specification can also be practiced in distributed computing environments where tasks are performed by remote processing devices connected via a communication network. In a distributed computing environment, program modules can reside in local and remote computer storage media, including storage devices.

[0059] The various embodiments in this specification are described in a progressive manner. Similar or identical parts between embodiments can be referred to mutually. Each embodiment focuses on describing the differences from other embodiments. In particular, system embodiments are basically similar to method embodiments, so the description is relatively simple; relevant parts can be referred to the descriptions in the method embodiments. In the description of this specification, the terms "one embodiment," "some embodiments," "example," "specific example," or "some examples," etc., refer to specific features, structures, materials, or characteristics described in connection with that embodiment or example, which are included in at least one embodiment or example of this specification. In this specification, the illustrative expressions of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials, or characteristics described can be combined in any suitable manner in one or more embodiments or examples. Moreover, without contradiction, those skilled in the art can combine and integrate the different embodiments or examples described in this specification and the features of different embodiments or examples.

[0060] The above description is merely an embodiment of one or more embodiments of this specification and is not intended to limit the scope of this specification. Various modifications and variations can be made to the one or more embodiments of this specification by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this specification should be included within the scope of the claims.

Claims

1. A method for executing an application, the application comprising a first program segment and a second program segment, the method being executed by a processor, the processor including a first register corresponding to a first instruction, the method comprising: Write the second data into the first register according to the first program segment; When the execution of the first instruction with permission management properties in the second program segment is permitted, the second data is written as the first data into the target instruction in the second program segment according to the first program segment; Execute the target instruction to obtain the first data corresponding to the first instruction; Read the second data from the first register; Determine whether to execute the first instruction based on the first data and the second data.

2. The method according to claim 1, further comprising: The random number to be used as the second data is obtained according to the first program segment.

3. The method according to claim 1, further comprising: According to the first program segment, the target instruction is set to have only execute permissions and no read / write permissions.

4. The method according to claim 1, wherein, The step of writing the second data to the first register according to the first program segment specifically includes writing the second data to the first register according to a second instruction in the first program segment, wherein the second instruction is configured to allow execution under any of the following conditions: The privilege level of the processor at the current moment is higher than the privilege level of the user mode; The first register stores a preset value; The data stored in the second register corresponding to the second instruction is the same as the current data stored in the first register. The data stored in the second register is set by the instruction stream preceding the second instruction.

5. A processor, comprising an arithmetic logic unit (ALU) and a first register, the first register corresponding to a first instruction included in an application program, the application program including a first program segment and a second program segment, the ALU being configured to: Write the second data into the first register according to the first program segment; When the execution of the first instruction with permission management properties in the second program segment is permitted, the second data is written as the first data into the target instruction in the second program segment according to the first program segment; Execute the target instruction to obtain the first data corresponding to the first instruction; Read the second data from the first register; Determine whether to execute the first instruction based on the first data and the second data.

6. The processor according to claim 5, wherein, The arithmetic unit is also configured to obtain a random number that will be used as the second data according to the first program segment.

7. The processor according to claim 5, wherein, The arithmetic unit is also configured to set the target instruction to have only execute permissions and not read / write permissions according to the first program segment.

8. The processor according to claim 5, wherein, The arithmetic unit is specifically configured to write the second data to the first register according to the second instruction in the first program segment, wherein the second instruction is configured to allow execution under any of the following conditions: The privilege level of the processor at the current moment is higher than the privilege level of the user mode; The first register stores a preset value; The data stored in the second register corresponding to the second instruction is the same as the current data stored in the first register. The data stored in the second register is set by the instruction stream preceding the second instruction.

9. A computing device comprising the processor of any one of claims 5-8.

Images