CN112130932B - Single-instance operation method and device and electronic equipment - Google Patents

Single-instance operation method and device and electronic equipment Download PDF

Info

Publication number
CN112130932B
CN112130932B CN202011054751.3A CN202011054751A CN112130932B CN 112130932 B CN112130932 B CN 112130932B CN 202011054751 A CN202011054751 A CN 202011054751A CN 112130932 B CN112130932 B CN 112130932B
Authority
CN
China
Prior art keywords
instance
domain
address
system file
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011054751.3A
Other languages
Chinese (zh)
Other versions
CN112130932A (en
Inventor
李雪峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hainiao Technology Co ltd
Original Assignee
Zhuhai Hainiao Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hainiao Technology Co ltd filed Critical Zhuhai Hainiao Technology Co ltd
Priority to CN202011054751.3A priority Critical patent/CN112130932B/en
Publication of CN112130932A publication Critical patent/CN112130932A/en
Application granted granted Critical
Publication of CN112130932B publication Critical patent/CN112130932B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44552Conflict resolution, i.e. enabling coexistence of conflicting executables

Abstract

The embodiment of the application discloses a method, a device and electronic equipment for single-instance operation, relates to the technical field of computer security, and aims to reduce the possibility that single-instance operation of an application program affects single-instance operation of other application programs. The method comprises the following steps: starting a first instance of an application program; creating a domain socket corresponding to the first instance, wherein the domain socket comprises a domain socket address; binding the domain splice word with a system file address; the system file address is generated by an operating system according to the domain nested word address; monitoring whether the domain splice word is successfully bound with the system file address; and if the domain socket is successfully bound with the system file address, the first instance is operated. The application is applicable to single instance operation.

Description

Single-instance operation method and device and electronic equipment
Technical Field
The present application relates to the field of computer security technologies, and in particular, to a method and apparatus for single instance operation, an electronic device, and a readable storage medium.
Background
With the development of computer communication and internet technology, more and more people have electronic devices capable of networking with the internet, in order to meet the needs of users, various application programs are installed and run on the electronic devices, and in order to save system resources, in general, an application program single-instance is run, in the prior art, single-instance running of the application program is realized by detecting a process list, performing signal quantity and sharing memory, performing port preemption, performing file lock, performing system signal type and the like, and in the above-mentioned modes, in the running process of the application program single-instance, the possibility of collision with other application programs exists, for example, in the mode of port preemption, the port number of the electronic device is limited, the number of the application programs required to run on the electronic device is more than the number of ports, and when one application program runs, a certain port is occupied, and other application programs also have the possibility of starting running by using the port, so that the single-instance running of one application program has a high possibility of affecting the single-instance running of other application programs.
Disclosure of Invention
In view of this, embodiments of the present application provide a method, an apparatus, an electronic device, and a readable storage medium for single-instance operation, which can reduce the possibility that single-instance operation of an application affects single-instance operation of other applications.
In a first aspect, an embodiment of the present application provides a method for executing a single instance, including: starting a first instance of an application program; creating a domain socket corresponding to the first instance, wherein the domain socket comprises a domain socket address; binding the domain splice word with a system file address; the system file address is generated by an operating system according to the domain nested word address; monitoring whether the domain splice word is successfully bound with the system file address; and if the domain socket is successfully bound with the system file address, the first instance is operated.
According to a specific implementation manner of the embodiment of the present application, if the domain socket is not successfully bound to the system file address, the system file address is connected; sending a verification message to an instance corresponding to the system file address; receiving reply information corresponding to the verification message; if the reply message is correct, exiting the first instance; and running an instance corresponding to the system file address.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: if the reply message is incorrect, killing an instance corresponding to the system file address to release the occupation of the instance to the system file address; binding the domain splice word to the system file address and running the first instance.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: if the reply information is incorrect, a domain socket address replacement request is sent to a cloud server, so that the cloud server sends a replaced domain socket address; receiving a replaced domain sleeve word address sent by the cloud server; and creating the replaced domain name corresponding to the first example according to the replaced domain name.
According to a specific implementation manner of the embodiment of the present application, after the running of the first instance if the domain socket is successfully bound to the system file address, the method further includes: receiving a connection request sent by a second instance; receiving an encryption verification message sent by the second instance; decrypting the encrypted verification message to obtain a decrypted verification message corresponding to the encrypted verification message; verifying the decryption verification message according to a private protocol; if the decryption verification message is successfully verified, receiving an encryption instruction and encryption data sent by the second instance; and executing tasks corresponding to the encrypted instructions and the encrypted data by the first instance according to the encrypted instructions and the encrypted data.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: disconnecting the connection with the second instance if the verification of the decryption verification message is unsuccessful; and reporting the application program information corresponding to the second instance to a cloud server.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: if the decryption verification message is not successfully verified, a false verification successful message is sent to the second instance.
In a second aspect, the present application provides an apparatus for single instance operation, comprising: the starting module is used for starting the first instance of the application program; a creation module, configured to create a domain socket corresponding to the first instance, where the domain socket includes a domain socket address; the binding module is used for binding the domain splice word with a system file address; the system file address is generated by an operating system according to the domain nested word address; the monitoring module is used for monitoring whether the domain splice word is successfully bound with the system file address; and the operation module is used for operating the first instance if the domain socket is successfully bound with the system file address.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: the verification message sending module is used for connecting the system file address if the domain socket is not successfully bound with the system file address; the first sending module is used for sending a verification message to an instance corresponding to the system file address; the first receiving module is used for receiving reply information corresponding to the verification message; the exit module is used for exiting the first instance if the reply information is correct; the operation module is also used for operating the instance corresponding to the system file address.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: the killing module is used for killing the instance corresponding to the system file address if the reply information is incorrect so as to remove the occupation of the instance to the system file address; the operation module is further configured to bind the domain splice word to the system file address, and operate the first instance.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: the request module is used for sending a domain socket address replacement request to the cloud server if the reply information is incorrect, so that the cloud server sends a replaced domain socket address; the second receiving module is used for receiving the replaced domain name-sleeving address sent by the cloud server; and the second creation module is used for creating the replaced domain nested character corresponding to the first example according to the replaced domain nested character address.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: the receiving module is used for receiving the connection request sent by the second instance; a third receiving module, configured to receive an encryption verification message sent by the second instance; the obtaining module is used for decrypting the encryption verification message to obtain a decryption verification message corresponding to the encryption verification message; the verification module is used for verifying the decryption verification message according to a private protocol; the second receiving module receives the encryption instruction and the encryption data sent by the second instance if the decryption verification message is verified to be successful; and the execution module is used for executing tasks corresponding to the encrypted instructions and the encrypted data according to the encrypted instructions and the encrypted data by the first instance.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: a disconnection module for disconnecting the connection with the second instance if the decryption verification message is not verified successfully; and the reporting module is used for reporting the application program information corresponding to the second instance to the cloud server so as to verify whether the application program corresponding to the second instance is a malicious program or not.
According to a specific implementation manner of the embodiment of the application, the method further comprises the following steps: and the success message sending module is used for sending a false verification success message to the second instance if the decryption verification message is not successfully verified.
In a third aspect, an embodiment of the present application provides an electronic device, including: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space surrounded by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method of any of the foregoing implementations.
In a fourth aspect, embodiments of the present application further provide a readable storage medium storing one or more programs executable by one or more processors to implement the method of any of the foregoing embodiments.
The method, device, electronic equipment and readable storage medium for single instance operation provided by the embodiment of the application, by starting the first instance of the application program and creating a domain Socket corresponding to the first instance, wherein the domain Socket comprises a domain Socket address, then binding the domain Socket with a system file address, monitoring whether the domain Socket is successfully bound with the system file address, if the domain Socket is successfully bound with the system file address, the first instance is operated, because when the instance of the application program is started, the created domain Socket is bound with the system file address (a Socket file is in a designated position of a file path) corresponding to the application program, and monitoring whether the binding is successfully performed or not, whether the related instance is started or not can be judged according to the monitoring result of the domain Socket on the path, after the binding is successful, the fact that the path is not already started is indicated, at this moment, the first instance is operated, thus realizing single instance operation of the application program, and because the binding of the domain Socket with the system file address in the embodiment with the system file address is successfully bound with the system file address, the application program is only can be operated, but the number of one instance can be operated on the corresponding to the single file system, and the other application program can only can be operated, and the other application program can be operated on the single file system, and the number of the system can be started by the corresponding to the single instance address is only by the application program, and the application program can be started on the single instance address can be the system can be operated, by implementing the scheme of the embodiment, the possibility that the single-instance operation of the application program in the embodiment affects the single-instance operation of other application programs can be reduced, namely the possibility of collision with the single-instance operation of other application programs is reduced.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for single instance operation according to an embodiment of the present application;
FIG. 2 is an address data structure of a domain socket according to an embodiment of the present application;
FIG. 3 is a flow chart of a method for single instance operation according to yet another embodiment of the present application;
FIG. 4 is a schematic diagram of a single instance operation device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Embodiments of the present application will be described in detail below with reference to the accompanying drawings.
It should be understood that the described embodiments are merely some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Currently, in the kylin operating system and the UOS operating system, and some other mainstream operating systems, application program single-instance running common schemes and disadvantages: (1) Process List detection scheme, disadvantages: the judgment is inaccurate, and complex instructions and data cannot be transmitted; (2) solution of semaphore plus shared memory, disadvantages: the Key of the shared memory needs to be configured, and in a Unix operating system, the Key is int integer type data, and has a certain probability of collision with other application programs and can be attacked by other malicious programs; program abnormal crash memory can not be released; the shared memory allocation function in the Linux environment can notice that Key is a key_t data type, and the type of data is a 32-bit integer greater than 0; (3) port preemption, shortcoming: the conflict probability is high, a specific port is required to be occupied for a long time, system resources such as the port are wasted, and the operation of other normal programs can be influenced; (4) File Lock, shortcoming: the data instruction is slow in transmission and low in efficiency, reliability cannot be guaranteed, and the defect is obvious in system blocking and high concurrency environments; (5) signal, shortcoming: in Unix-type operating systems, a limited number of system signal types may cause conflicts and failure to pass complex data instructions.
Based on the part of the defects, the application provides a method for operating application program single instances, which solves the problems of single instance starting, conflict with other application program single instance operations when one application program single instance operates, malicious damage program operation identification, program fault recovery identification, complex environment instruction exchange and the like in a unified message UOS operating system and a winning kylin operating system in the prior art.
Fig. 1 is a flow chart of a method for single-instance operation according to an embodiment of the present application, as shown in fig. 1, the method of this embodiment may include:
step 101, a first instance of an application is started.
The application program can be any application program, and in one example, the application program of the embodiment of the application can be a suitable version of a Zhenzheima operating system of Jinshan virus, or can be a suitable version of a UOS operating system of Jinshan virus.
In object-oriented programming, a "class" is called an "instance" after instantiation. In databases, a collection of programs is represented, such as in Oracle, examples are database programs that support the operation of the database.
The application may be any application, such as may be a Jinshan virus, QQ, weChat, 360 security guard, and the like.
Step 102, creating a domain socket corresponding to the first instance, wherein the domain socket includes a domain socket address.
The domain socket may specifically be a Unix socket (UDS, unix Domain SocketUnix domain socket) that enables two or more processes on the same operating system to communicate data, and Unix domain sockets may use both byte streams and data queues as compared to pipes, which may only use byte streams. Unix domain sockets interfaces and intelt sockets are much like, but it does not use the network underlying protocol to communicate, unix domain socket functions as a component in the POSIX operating system.
Unix domain sockets uses the address of the system file as its own unique identity, which can be referred to by the system process, so that two processes can open one Unix domain sockets at a time to communicate, which occurs in the system kernel and does not propagate in the network, only the data needs to be copied between the processes, and no protocol processing, checksum calculation, maintenance sequence number addition and deletion of network headers, and acknowledgement message sending are required, so that it is more efficient and faster.
UNIX domain socket is denoted by the structure sockaddr_un, and the address of UNIX domain socket is the path of a socket type file in the file system.
Fig. 2 is an address data structure of a domain socket according to an embodiment of the present application, referring to fig. 2, in an example, the address data structure of the domain socket uses an address recorded in a char array of 108 bits as a unique domain socket address (the first byte and the last byte must be '\0', and the actual available length is 106 bits). Creating a file at a corresponding position in the system while binding the domain Socket, wherein the file is marked as Socket type, the common files of the Socket are identified in a distinguishing way, and if a Socket file exists at the system file address, the binding can fail; if not, the binding can succeed, one socket can only bind to one path, and one path can only be bound by one socket.
Step 103, binding the domain splice word with a system file address; the system file address is generated by the operating system according to the domain nested word address.
Calling a domain socket binding function, namely binding a domain socket with a system file address corresponding to the domain socket address, wherein the domain socket binding function can be bind (); pre-binding a domain Socket with a system file address corresponding to the domain Socket address through a domain Socket binding function, wherein if a Socket file exists in the system file address, the binding can fail; if not, the binding may be successful.
Step 104, monitoring whether the domain socket is successfully bound with the system file address.
In step 103, whether the system file address corresponding to the domain splice word address is successfully bound or not is determined, and a corresponding return result is obtained through monitoring, so that whether the domain splice word is bound to the preset system file address or not is determined according to the return result.
Step 105, if the domain socket is successfully bound to the system file address, the first instance is operated.
And when the domain socket is successfully bound with the system file address, the first instance is operated so that the first instance communicates with other instances through the system file address corresponding to the domain socket.
In this embodiment, by starting a first instance of an application program, creating a domain Socket corresponding to the first instance, and whether the domain Socket address is successfully monitored, and then binding the domain Socket with a system file address, whether the domain Socket is successfully bound with the system file address is successfully monitored, if the domain Socket is successfully bound with the system file address, the first instance is operated, because when the instance of the application program is started, the created system file address (Socket file is in a designated position of a file path) corresponding to the domain Socket address, and whether the binding is successfully monitored, whether the relevant instance is already started or not can be judged according to the monitoring result of the domain Socket on the path, after the binding is successful, the fact that the path does not have the started instance is indicated, at this time, the first instance is operated, namely, the running of a single instance of the application program is realized, and because in this embodiment, the Socket is bound with the system file address, the first instance is also bound with the system file address, the application program is more than one instance, the number of the application program can be executed in the single instance, but the number of the application program can only be operated in the single instance is not only, the application program can be operated in the running of the single instance, the application program is not only running the application program, and the number of the application program can be executed in the single instance, and the running of other application program can be executed by running the single instance, and the application program can be only can be executed by running the application program, and the number of other application program can not only can be running the application program can running the application program, and the application program can running the other embodiment can running the single instance can running the application program, and the application program can running the application program, the method and the device can reduce the possibility that the single-instance operation of the application program in the embodiment affects the single-instance operation of other application programs, namely reduce the possibility of collision with the single-instance operation of other application programs, and further, by utilizing the characteristics of Unix domain socket, high-efficiency transmission and reliability, the response speed of the instruction and the complexity of the instruction can be improved, so that the application program can realize more and more complex functions and prevent a third party program from maliciously falsifying the forged instruction.
The application program of the embodiment can freely expand the instruction according to the requirement of the task scheme, can transmit any type and any size data, and provides the possibility of executing the complex instruction in a complex scene to complete complex logic.
Fig. 3 is a flowchart of a method for single instance operation according to another embodiment of the present application, referring to fig. 3, and the method for single instance operation of an application program according to another embodiment of the present application is substantially the same as the above embodiment, except that the method further includes:
and 106, if the domain socket is not successfully bound with the system file address, connecting the system file address.
If a Socket file already exists in the system file address corresponding to the domain splice word address, the binding of the domain splice word corresponding to the first embodiment started in this embodiment fails. The binding failure indicates that the other instance has occupied the system file address, and the instance that occupied the system file address may be an instance corresponding to the same application as the first instance.
The connection is made to the instance occupying the system file address by the domain splice word created in step 102.
And 107, sending a verification message to the instance corresponding to the system file address.
When the connection is successful, an authentication message is sent, which may be a message following a particular protocol.
And step 108, receiving reply information corresponding to the verification message.
Step 109, if the reply message is correct, exiting the first instance.
Step 110, running an instance corresponding to the system file address.
If the received reply instruction corresponding to the sent verification message is correct, the fact that the instance occupying the system file address corresponds to the same application program as the first instance is indicated, then the first instance is exited, and the instance occupying the system file address is continuously operated, namely the single instance operation of the application program of the embodiment is realized.
In this embodiment, if the domain socket is not successfully bound to the system file address, the address of the system file is connected, a verification message is sent to an instance corresponding to the system file address corresponding to the domain socket address, a reply message corresponding to the verification message is received, if the reply message is correct, the first instance is withdrawn, and the instance corresponding to the system file address is continuously operated, so that single-instance operation of the application program is realized.
In yet another embodiment of the present application, which is substantially the same as the above embodiment, the method for executing the application program single instance of the present embodiment further includes:
step 111, if the reply information is incorrect, killing an instance corresponding to the system file address to release the occupation of the instance and the system file address.
If the reply instruction is not received or is incorrect, the current system file address (path) can be judged to be illegally occupied or the started instance is blocked so that the message can not be timely replied, namely the verification is unsuccessful. And when verification is unsuccessful, killing an instance corresponding to the system file address corresponding to the domain splice word address to release the occupation of the instance to the system file address corresponding to the domain splice word address, namely after the step is executed, the system file address corresponding to the domain splice word address is not occupied by the instance.
Step 112, binding the domain socket on the system file address, and running the first instance.
In this embodiment, if the reply message is incorrect, an instance corresponding to the system file address corresponding to the domain socket address is killed, so as to remove the occupation of the instance on the system file address corresponding to the domain socket address, bind the domain socket to the system file address corresponding to the domain socket address, and run the first instance, so that single instance running of the application program is implemented, and by responding to the related instruction, a self-protection task can be executed or the occupation of the unique address can be removed, so as to re-correctly run the service corresponding to the application program.
In yet another embodiment of the present application, which is substantially the same as the above embodiment, the method for executing the application program single instance of the present embodiment further includes:
step 113, if the reply message is incorrect, sending a request for replacing the domain socket address to the cloud server, so that the cloud server sends the updated domain socket address.
If the reply instruction is not received or is incorrect, the current system file address (path) can be judged to be illegally occupied or the started instance is blocked so that the message can not be timely replied, namely the verification is unsuccessful. The cloud server is a server corresponding to the application program of the present embodiment. The cloud server can be responsible for maintaining the domain socket corresponding to the application program, and in order to enhance the difficulty of damaging the application program in the embodiment by the attack of malicious software, the cloud server can be utilized to dynamically update the domain socket address, so that completely different monitoring addresses can be used on different terminal devices.
If the verification is unsuccessful, reporting related errors can be included before the request for replacing the domain socket address is sent to the cloud server.
The request for replacing the domain socket address is sent to the cloud server, and can be a query request for the cloud server, whether a new domain socket address is replaced or not is queried, if the domain socket address is replaced, the replaced domain socket address is used, and if the domain socket address is not replaced, the unique domain socket address is applied to be replaced.
Step 114, receiving the replaced domain name-to-name address sent by the cloud server.
Step 115, creating a replaced domain name corresponding to the first instance according to the replaced domain name.
The implementation principle in this step is similar to that of step 103, and will not be described here again.
In this embodiment, if the reply message is incorrect, a request for replacing a domain socket address is sent to the cloud server, so that the cloud server sends a replaced domain socket address, and according to the replaced domain socket address, a replaced domain socket corresponding to the first instance is created.
A further embodiment of the present application is substantially the same as the above embodiment, except that the method for executing the application program single instance of the present embodiment further includes, after executing the first instance if the domain socket is successfully bound to the system file address (step 105):
step 116, accepting the connection request sent by the second instance.
The second instance is an instance of any application program, the second instance can correspond to the same application program as the first instance, and the application program corresponding to the second instance is different from the application program corresponding to the first instance. The second instance sends a connection request to the first instance through the domain socket, when the first instance agrees to receive the connection request, an agreeing message is sent to the second instance, and then the second instance sends a verification message to the first instance. It will be appreciated that the second instance follows the same handshake authentication communication protocol as the first instance to establish a connection.
Step 117, receiving the encrypted verification message sent by the second instance.
And 118, decrypting the encrypted verification message to obtain a decrypted verification message corresponding to the encrypted verification message.
Decrypting the encrypted verification message, if the decryption is successful, obtaining a decrypted verification message corresponding to the encrypted verification message, and continuing to step 119. If the decryption fails, the flow is ended.
Step 119, verifying the decryption verification message according to a private protocol.
The first instance verifies the decryption verification message according to a private protocol.
And 120, if the decryption verification message is successfully verified, receiving the encryption instruction and the encryption data sent by the second instance.
If the decryption verification message is successfully verified according to the verification protocol, the second instance is a legal connection instance with the first instance; and if the verification is successful, receiving the encryption instruction and the encryption data sent by the second instance.
Step 121, executing tasks corresponding to the encrypted instruction and the encrypted data according to the encrypted instruction and the encrypted data by the first instance.
Decrypting the encrypted instruction and the encrypted data, and executing tasks corresponding to the instruction and the data by the first instance according to the decrypted instruction and the decrypted data, such as replying to an instruction for notifying the second instance to exit the operation at this time, or executing a command for scanning a specified directory or a specified file by a right-click menu.
According to the embodiment, by receiving a connection request which can be sent by a second instance of any application program, receiving an encryption verification message sent by the second instance, decrypting the encryption verification message to obtain a decryption verification message corresponding to the encryption verification message, verifying the decryption verification message according to a private protocol, if the decryption verification message is verified successfully, receiving an encryption instruction and encryption data sent by the second instance, executing tasks corresponding to the encryption instruction and the encryption data according to the encryption instruction and the encryption data by the first instance, encrypting and decrypting the transmitted communication data, improving transmission efficiency and transmission reliability in the IPC communication process of the instruction and the data, preventing a third party program from falsifying and forging the instruction, and rejecting illegal program connection to current service.
In yet another embodiment of the present application, which is substantially the same as the above embodiment, the method for executing the application program single instance of the present embodiment further includes:
step 122, if the decryption verification message is not successfully verified, disconnecting the connection with the second instance.
If the verification message is not verified successfully according to the verification protocol, the second instance is a legally connectable instance with the first instance; if the verification is unsuccessful, the connection with the second instance is disconnected.
Step 123, reporting the application program information corresponding to the second instance to the cloud server, so as to verify whether the application program corresponding to the second instance is a malicious program.
The application information may include application identification, application usage, and the like.
In this embodiment, if the verification is unsuccessful, the connection with the second instance is disconnected, and the application information corresponding to the second instance is reported to the cloud server to verify whether the application is a malicious program, so that malicious interference of the malicious program on the application in this embodiment is avoided, further, a verification result of the cloud server on the application corresponding to the second instance can be received, malicious interference of the malicious program on the application in this embodiment is avoided again, and the verification result can be issued to other devices installed with the application in this embodiment to avoid malicious interference of the malicious program on the application in this embodiment.
As an alternative embodiment, further comprising: if the decryption verification message is not successfully verified, a false verification successful message is sent to the second instance.
The message of successful false verification can be a reply instruction of successful false verification, so that the malicious program is induced to perform error judgment and enter an error execution flow, thereby reducing the probability of the application program of the embodiment being cracked by violence and encrypting information, and improving the violence cracking cost.
The malware information sample may also be reported if verification is unsuccessful.
Fig. 4 is a schematic structural diagram of a device of a single-instance operation device according to an embodiment of the present application, as shown in fig. 4, the device of this embodiment may include: a starting module 11 for starting a first instance of an application; a first creation module 12, configured to create a domain socket corresponding to the first instance, where the domain socket includes a domain socket address; a binding module 13, configured to bind the domain name and the system file address; the system file address is generated by an operating system according to the domain nested word address; a monitoring module 14, configured to monitor whether the binding between the domain splice word and the system file address is successful; and the operation module 15 is configured to operate the first instance if the domain socket is successfully bound to the system file address.
The device of this embodiment may be used to implement the technical solution of the method embodiment shown in fig. 1, and its implementation principle and technical effects are similar, and are not described here again.
In the device of the embodiment, by starting the first instance of the application program and creating a domain Socket corresponding to the first instance, wherein the domain Socket comprises a domain Socket address, binding the domain Socket with a system file address, monitoring whether the domain Socket is successfully bound with the system file address, if the domain Socket is successfully bound with the system file address, running the first instance, because when starting the instance of the application program, the created domain Socket corresponding to the application program is bound with the system file address (a designated position of a file path of a Socket file), and monitoring whether the binding is successful or not, whether the related instance is started or not can be judged according to the monitoring result of the domain Socket on the path, after the binding is successful, the path does not have the started instance, at this time, the first instance is run, and the single instance of the application program is run, and because in the embodiment, the Socket is bound with one instance of the system file address, the system address, the application program is more than one instance of the application program is bound with the system file address, the application program is only can be run in the single instance, but the application program is not started on the single instance of the application program, the single instance is only, the application program is only can be run on the application program, and the single instance is not run by the application program, and the other application program is not started, and the single instance is run on the other application program is only can be run on the other application program, and the single instance is not can be run by running the application program, by implementing the scheme of the embodiment, the possibility that the single-instance operation of the application program in the embodiment affects the single-instance operation of other application programs can be reduced, namely the possibility of collision with the single-instance operation of other application programs is reduced, in addition, by utilizing the characteristics of Unix domain socket, efficient transmission and reliability, the response speed of the instruction and the complexity of the instruction can be improved, so that the application program can realize more complex functions and prevent a third party program from maliciously falsifying the counterfeit instruction. .
As an alternative embodiment, further comprising: the verification message sending module is used for connecting the system file address if the domain socket is not successfully bound with the system file address; the first sending module is used for sending a verification message to an instance corresponding to the system file address; the first receiving module is used for receiving reply information corresponding to the verification message; the exit module is used for exiting the first instance if the reply information is correct; the operation module is also used for operating the instance corresponding to the system file address.
As an alternative embodiment, further comprising: the killing module is used for killing the instance corresponding to the system file address if the reply information is incorrect so as to remove the occupation of the instance to the system file address; the operation module is further configured to bind the domain splice word to the system file address, and operate the first instance.
As an alternative embodiment, further comprising: the request module is used for sending a domain socket address replacement request to the cloud server if the reply information is incorrect, so that the cloud server sends a replaced domain socket address; the second receiving module is used for receiving the replaced domain name-sleeving address sent by the cloud server; and the second creation module is used for creating the replaced domain nested character corresponding to the first example according to the replaced domain nested character address.
As an alternative embodiment, further comprising: the receiving module is used for receiving the connection request sent by the second instance; a third receiving module, configured to receive an encryption verification message sent by the second instance; the obtaining module is used for decrypting the encryption verification message to obtain a decryption verification message corresponding to the encryption verification message; the verification module is used for verifying the decryption verification message according to a private protocol; the third receiving module receives the encryption instruction and the encryption data sent by the second instance if the decryption verification message is verified to be successful; and the execution module is used for executing tasks corresponding to the encrypted instructions and the encrypted data according to the encrypted instructions and the encrypted data by the first instance.
As an alternative embodiment, further comprising: a disconnection module for disconnecting the connection with the second instance if the decryption verification message is not verified successfully; and the reporting module is used for reporting the application program information corresponding to the second instance to the cloud server so as to verify whether the application program corresponding to the second instance is a malicious program or not.
As an alternative embodiment, further comprising: and the success message sending module is used for sending a false verification success message to the second instance if the decryption verification message is not successfully verified.
The embodiment of the application also provides electronic equipment, which comprises the device of any embodiment.
Fig. 5 is a schematic structural diagram of an embodiment of an electronic device according to the present application, where the flow of the embodiment shown in fig. 1 of the present application may be implemented, and as shown in fig. 5, the electronic device may include: the device comprises a shell 41, a processor 42, a memory 43, a circuit board 44 and a power circuit 45, wherein the circuit board 44 is arranged in a space surrounded by the shell 41, and the processor 42 and the memory 43 are arranged on the circuit board 44; a power supply circuit 45 for supplying power to the respective circuits or devices of the above-described electronic apparatus; the memory 43 is for storing executable program code; the processor 42 runs a program corresponding to the executable program code by reading the executable program code stored in the memory 43 for executing the method of application program single instance running described in any of the foregoing embodiments.
The specific implementation of the above steps by the processor 42 and the further implementation of the steps by the processor 42 through the execution of the executable program code may be referred to in the description of the embodiment of fig. 1 of the present application, which is not repeated herein.
The electronic device exists in a variety of forms including, but not limited to:
(1) A mobile communication device: such devices are characterized by mobile communication capabilities and are primarily aimed at providing voice, data communications. Such terminals include: smart phones (e.g., iPhone), multimedia phones, functional phones, and low-end phones, etc.
(2) Ultra mobile personal computer device: such devices are in the category of personal computers, having computing and processing functions, and generally also having mobile internet access characteristics. Such terminals include: PDA, MID, and UMPC devices, etc., such as iPad.
(3) Portable entertainment device: such devices may display and play multimedia content. The device comprises: audio, video players (e.g., iPod), palm game consoles, electronic books, and smart toys and portable car navigation devices.
(4) And (3) a server: the configuration of the server includes a processor, a hard disk, a memory, a system bus, and the like, and the server is similar to a general computer architecture, but is required to provide highly reliable services, and thus has high requirements in terms of processing capacity, stability, reliability, security, scalability, manageability, and the like.
(5) Other electronic devices with data interaction functions.
Embodiments of the present application also provide a readable storage medium storing one or more programs executable by one or more processors to implement the methods provided by any of the embodiments of the present application.
Embodiments of the present application also provide an application program that is executed to implement the method provided by any of the embodiments of the present application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
For convenience of description, the above apparatus is described as being functionally divided into various units/modules, respectively. Of course, the functions of the various elements/modules may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the scope of the present application should be included in the present application. Therefore, the protection scope of the application is subject to the protection scope of the claims.

Claims (12)

1. A method of single instance operation, comprising:
starting a first instance of an application program;
creating a domain splice word corresponding to the first instance; wherein the domain socket comprises a domain socket address;
binding the domain splice word with a system file address; the system file address is generated by an operating system according to the domain nested word address;
monitoring whether the domain splice word is successfully bound with the system file address;
if the domain socket is successfully bound with the system file address, the first instance is operated;
if the domain socket is not successfully bound with the system file address, connecting the system file address; sending a verification message to an instance corresponding to the system file address; receiving reply information corresponding to the verification message; if the reply message is correct, exiting the first instance; if the reply information is incorrect, a domain socket address replacement request is sent to a cloud server, so that the cloud server sends a replaced domain socket address; receiving a replaced domain sleeve word address sent by the cloud server; and creating the replaced domain name corresponding to the first example according to the replaced domain name.
2. The method as recited in claim 1, further comprising:
if the reply message is incorrect, killing an instance corresponding to the system file address to free the instance from occupying the system file address;
binding the domain splice word to the system file address and running the first instance.
3. The method of claim 1, further comprising, after running the first instance if the domain socket binds with the system file address successfully:
receiving a connection request sent by a second instance;
receiving an encryption verification message sent by the second instance;
decrypting the encrypted verification message to obtain a decrypted verification message corresponding to the encrypted verification message;
verifying the decryption verification message according to a private protocol;
if the decryption verification message is successfully verified, receiving an encryption instruction and encryption data sent by the second instance;
and executing tasks corresponding to the encrypted instructions and the encrypted data by the first instance according to the encrypted instructions and the encrypted data.
4. A method according to claim 3, further comprising:
Disconnecting the connection with the second instance if the verification of the decryption verification message is unsuccessful;
and reporting the application program information corresponding to the second instance to a cloud server to verify whether the application program corresponding to the second instance is a malicious program.
5. A method according to claim 3, further comprising:
if the decryption verification message is not successfully verified, a false verification successful message is sent to the second instance.
6. A single instance operational apparatus, comprising:
the starting module is used for starting the first instance of the application program;
a first creation module, configured to create a domain socket corresponding to the first instance, where the domain socket includes a domain socket address;
the binding module is used for binding the domain splice word with a system file address; the system file address is generated by an operating system according to the domain nested word address;
the monitoring module is used for monitoring whether the domain splice word is successfully bound with the system file address;
the operation module is used for operating the first instance if the domain socket is successfully bound with the system file address;
The verification message sending module is used for connecting the system file address if the domain socket is not successfully bound with the system file address;
the first sending module is used for sending a verification message to an instance corresponding to the system file address;
the first receiving module is used for receiving reply information corresponding to the verification message;
the exit module is used for exiting the first instance if the reply information is correct;
the operation module is also used for operating an instance corresponding to the system file address;
the request module is used for sending a domain socket address replacement request to the cloud server if the reply information is incorrect, so that the cloud server sends a replaced domain socket address;
the second receiving module is used for receiving the replaced domain name-sleeving address sent by the cloud server;
and the second creation module is used for creating the replaced domain nested character corresponding to the first example according to the replaced domain nested character address.
7. The apparatus as recited in claim 6, further comprising:
the killing module is used for killing the instance corresponding to the system file address if the reply information is incorrect so as to remove the occupation of the instance to the system file address;
The operation module is further configured to bind the domain splice word to the system file address, and operate the first instance.
8. The apparatus as recited in claim 6, further comprising:
the receiving module is used for receiving the connection request sent by the second instance;
a third receiving module, configured to receive an encryption verification message sent by the second instance;
the obtaining module is used for decrypting the encryption verification message to obtain a decryption verification message corresponding to the encryption verification message;
the verification module is used for verifying the decryption verification message according to a private protocol;
the third receiving module receives the encryption instruction and the encryption data sent by the second instance if the decryption verification message is verified to be successful;
and the execution module is used for executing tasks corresponding to the encrypted instructions and the encrypted data according to the encrypted instructions and the encrypted data by the first instance.
9. The apparatus as recited in claim 8, further comprising:
a disconnection module for disconnecting the connection with the second instance if the decryption verification message is not verified successfully;
and the reporting module is used for reporting the application program information corresponding to the second instance to the cloud server so as to verify whether the application program corresponding to the second instance is a malicious program or not.
10. The apparatus as recited in claim 8, further comprising:
and the success message sending module is used for sending a false verification success message to the second instance if the decryption verification message is not successfully verified.
11. An electronic device, the electronic device comprising: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space surrounded by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; a processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method of any one of claims 1-5.
12. A readable storage medium storing one or more programs executable by one or more processors to implement the method of any of claims 1-5.
CN202011054751.3A 2020-09-29 2020-09-29 Single-instance operation method and device and electronic equipment Active CN112130932B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011054751.3A CN112130932B (en) 2020-09-29 2020-09-29 Single-instance operation method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011054751.3A CN112130932B (en) 2020-09-29 2020-09-29 Single-instance operation method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN112130932A CN112130932A (en) 2020-12-25
CN112130932B true CN112130932B (en) 2023-10-27

Family

ID=73843292

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011054751.3A Active CN112130932B (en) 2020-09-29 2020-09-29 Single-instance operation method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN112130932B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114979233A (en) * 2022-07-19 2022-08-30 深圳市亿联无限科技有限公司 Method and system for realizing synchronous and asynchronous call between modules based on domain socket

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7069270B1 (en) * 2003-02-05 2006-06-27 Oracle International Corporation Automated method and mechanism for converting a single instance application to a multiple instance application
CN101206590A (en) * 2006-12-21 2008-06-25 国际商业机器公司 Af Unix socket across systems in the same computer on computer systems that support multiple operating system images
CN101986662A (en) * 2010-11-09 2011-03-16 中兴通讯股份有限公司 Widget instance operation method and system
CN109725950A (en) * 2018-12-29 2019-05-07 武汉斗鱼网络科技有限公司 A kind of method, apparatus and storage medium for realizing the operation of client list example

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8402511B2 (en) * 2009-07-30 2013-03-19 Hewlett-Packard Development Company, L.P. LDAPI communication across OS instances

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7069270B1 (en) * 2003-02-05 2006-06-27 Oracle International Corporation Automated method and mechanism for converting a single instance application to a multiple instance application
CN101206590A (en) * 2006-12-21 2008-06-25 国际商业机器公司 Af Unix socket across systems in the same computer on computer systems that support multiple operating system images
CN101986662A (en) * 2010-11-09 2011-03-16 中兴通讯股份有限公司 Widget instance operation method and system
CN109725950A (en) * 2018-12-29 2019-05-07 武汉斗鱼网络科技有限公司 A kind of method, apparatus and storage medium for realizing the operation of client list example

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于Unix域的Socket进程间通信机制的研究;任继平 等;农业网络信息(05);第70-72页 *

Also Published As

Publication number Publication date
CN112130932A (en) 2020-12-25

Similar Documents

Publication Publication Date Title
US10984134B2 (en) Blockchain system for leveraging member nodes to achieve consensus
CN100474851C (en) Safety foundation structure of coordinate network name analytical agreement (PNRP) and method thereof
CN100361452C (en) Method and device for server denial of service shield
CN103077345B (en) Based on software authorization method and the system of virtual machine
CN110048879B (en) Microservice registration method, microservice registration device, electronic equipment and computer-readable storage medium
CN113570466B (en) Transaction data processing method and device and readable storage medium
CN111885050B (en) Data storage method and device based on block chain network, related equipment and medium
CN114255031A (en) System for executing cross block chain of transaction, cross chain transaction method and equipment
CN104199654A (en) Open platform calling method and device
CN112714158B (en) Transaction processing method, relay network, cross-link gateway, system, medium and equipment
CN108073823A (en) Data processing method, apparatus and system
US7437563B2 (en) Software integrity test
CN110943840A (en) Signature verification method and system
CN112130932B (en) Single-instance operation method and device and electronic equipment
CN115174279A (en) Real-time detection method, terminal and storage medium for intelligent Ether house contract vulnerability
CN103034811A (en) File processing method and system and device
JP2003258795A (en) Computer aggregate operating method, implementation system therefor, and processing program therefor
JP2024506093A (en) Cross-chain transaction processing methods and devices, electronic equipment and computer programs
CN115567218A (en) Data processing method and device of security certificate based on block chain and server
CN112104607B (en) Method, device, network node and storage medium for cross-link communication
CN112104701B (en) Method, device, network node and storage medium for cross-link communication
CN109167785B (en) Calling method of virtual trusted root and service server
CN111600838A (en) Authority management system based on network database
CN110597557A (en) System information acquisition method, terminal and medium
CN112114739A (en) Method, apparatus and computer program product for managing data objects

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant