CN109002726A - The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS - Google Patents
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS Download PDFInfo
- Publication number
- CN109002726A CN109002726A CN201810574682.5A CN201810574682A CN109002726A CN 109002726 A CN109002726 A CN 109002726A CN 201810574682 A CN201810574682 A CN 201810574682A CN 109002726 A CN109002726 A CN 109002726A
- Authority
- CN
- China
- Prior art keywords
- file
- encryption
- decryption
- write
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses a kind of methods of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS, include the following steps: step 1, find the address of sys_close function;Step 2 reads the data in memory, is matched since memory initial address, if content is the address that system calls sys_close, successful match is carried out in next step;If it is not, then it fails to match, continue to read the data in next piece of memory, and matched;Step 3, after successful match, system calls open, read, write, mmap, msync function on hook, to carry out encryption and decryption to data;Step 4 reaches the function of file encryption protection.This method steps flow chart is simple, and platform compatibility is wide, is applicable not only to Mips processor, while applying also for Arm processor;Lookup mode is simple;Code is easily understood.
Description
Technical field
The present invention relates to (SuSE) Linux OS field, especially a kind of file read-write of (SuSE) Linux OS is transparent plus solves
Close method.
Background technique
(SuSE) Linux OS on X86 platform can call function by access particular register come hook system
(open, read, write, mmap, msync), to reach the effect of transparent encryption and decryption.
The prior art is mostly with the following method: the system of the (SuSE) Linux OS of X86 platform calls hook technology, is
Unique construction based on X86 platform (chip) --- interrupt-descriptor table (IDT) --- finds come searching system call list and is
Unite call list, can hook system call function, to intercept open, read, write, mmap, during msync system is called
Data flow carries out encryption and decryption.
But such method can not be compatible with Arm platform (chip), and code complexity is higher;Market needs one kind can
Suitable for Arm platform and the transparent encryption and decryption of the simple file read-write of code method;The present invention solves such problems.
Summary of the invention
To solve the deficiencies in the prior art, the purpose of the present invention is to provide a kind of file read-writes of (SuSE) Linux OS
The method of transparent encryption and decryption, this method steps flow chart is simple, and platform compatibility is wide, is applicable not only to Mips processor, simultaneously also
Suitable for Arm processor;Lookup mode is simple;Code is easily understood.
In order to achieve the above objectives, the present invention adopts the following technical scheme that:
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS, includes the following steps:
Step 1 finds the address of sys_close function;
Step 2 reads the data in memory, is matched since memory initial address, if content is system tune
With the address of sys_close, then successful match, carries out in next step;If it is not, then it fails to match, continue to read next piece of memory
In data, and matched;
Step 3, after successful match, system calls open, read, write on hook, mmap, msync function, thus
Encryption and decryption is carried out to data;
Step 4 reaches the function of file encryption protection.
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS above-mentioned, step 3, after successful match,
The upper system of hook calls open, read, write, mmap, msync function, to carry out encryption and decryption to data;
The detailed process of encryption and decryption includes the following steps:
Step a checks process white list and file suffixes name white list by the data flow in the open of interception, obtains
The file information, and the file information is added in privately owned list;
Step b, in conjunction with the list being arranged in open, judges whether file is close by the read/mmap data flow of interception
Data flow is decrypted text;
Step c judges whether file needs in conjunction with the list being arranged in open by the write/msync data flow of interception
It encrypts, and is encrypted when needed;
Step d is called by interception exit system, privately owned list is cleaned up when process exits;
Step e is called by interception stat serial system, obtains the length of file after encryption, file after the encryption
Length includes file encryption head;
Step f is called by interception lseek system, file pointer is made to be displaced to correct position.
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS above-mentioned, the address packet of sys_close function
It includes: being 0xffffffff811eb720 in ubuntu14.04 system, be in ubuntu16.04 system
0xffffffffb5840370 is 0xffffffff803338c8 in acceptance of the bid kylin system.
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS above-mentioned, this method based on CPU include: Arm
Processor or Mips processor.
The invention has the beneficial effects that:
This method eliminates the reliance on the distinctive construction of X86 platform, but uses the universal feature of (SuSE) Linux OS instead, that is, only
One guiding system calls --- sys_close;Steps flow chart is simple, and platform compatibility is wide, is applicable not only to Mips processor, together
When apply also for Arm processor.
Since memory initial address, subsystem call table is directly searched;It is straight that lookup mode is changed to simple internal storage data
Connect matching;
Code is easily understood.
Detailed description of the invention
Fig. 1 is a kind of flow chart of embodiment of the invention.
Specific embodiment
Specific introduce is made to the present invention below in conjunction with the drawings and specific embodiments.
The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS, includes the following steps:
Step 1 finds the address of sys_close function;As one embodiment, the address packet of sys_close function
It includes: being 0xffffffff811eb720 in ubuntu14.04 system, be in ubuntu16.04 system
0xffffffffb5840370 is 0xffffffff803338c8 in acceptance of the bid kylin system.
Step 2 reads the data in memory, is matched since memory initial address, if content is system tune
With the address of sys_close, then successful match, carries out in next step;If it is not, then it fails to match, continue to read next piece of memory
In data, and matched.
Step 3, after successful match, system calls open, read, write on hook, mmap, msync function, thus
Encryption and decryption is carried out to data;
The detailed process of encryption and decryption includes the following steps:
Step a checks process white list and file suffixes name white list by the data flow in the open of interception, obtains
The file information, and the file information is added in privately owned list;
Step b, in conjunction with the list being arranged in open, judges whether file is close by the read/mmap data flow of interception
Data flow is decrypted text;
Step c judges whether file needs in conjunction with the list being arranged in open by the write/msync data flow of interception
It encrypts, and is encrypted when needed;
Step d is called by interception exit system, privately owned list is cleaned up when process exits;
Step e is called by interception stat serial system, obtains the length of file after encryption, file after the encryption
Length includes file encryption head;
Step f is called by interception lseek system, file pointer is made to be displaced to correct position.
Step 4 reaches the function of file encryption protection.
The applicable hardware of this method, as one embodiment, it is Arm64 that CPU, which can be used, and DDR is the computer of 8G;Make
For another embodiment, it is Mips64 that CPU, which can be used, and DDR is the computer of 8G.
This method eliminates the reliance on the distinctive construction of X86 platform, but uses the universal feature of (SuSE) Linux OS instead, that is, only
One guiding system calls --- sys_close;Steps flow chart is simple, and platform compatibility is wide, is applicable not only to Mips processor, together
When apply also for Arm processor;Since memory initial address, subsystem call table is directly searched;Lookup mode is changed to simply
Internal storage data directly match;Code is easily understood.
The basic principles, main features and advantages of the invention have been shown and described above.The technical staff of the industry should
Understand, the above embodiments do not limit the invention in any form, all obtained by the way of equivalent substitution or equivalent transformation
Technical solution is fallen within the scope of protection of the present invention.
Claims (4)
- The method of the transparent encryption and decryption of the file read-write of 1.Linux operating system, which comprises the steps of:Step 1 finds the address of sys_close function;Step 2 reads the data in memory, is matched since memory initial address, if content is system calling The address of sys_close, then successful match, carries out in next step;If it is not, then it fails to match, continue to read in next piece of memory Data, and matched;Step 3, after successful match, system calls open, read, write, mmap, msync function, thus logarithm on hook According to progress encryption and decryption;Step 4 reaches the function of file encryption protection.
- 2. the method for the transparent encryption and decryption of the file read-write of (SuSE) Linux OS according to claim 1, which is characterized in that Step 3, after successful match, system calls open, read, write on hook, mmap, msync function, thus to data into Row encryption and decryption;The detailed process of encryption and decryption includes the following steps:Step a checks process white list and file suffixes name white list by the data flow in the open of interception, obtains file Information, and the file information is added in privately owned list;Step b, in conjunction with the list being arranged in open, judges whether file is ciphertext by the read/mmap data flow of interception, Data flow is decrypted;Step c judges whether file needs to add in conjunction with the list being arranged in open by the write/msync data flow of interception It is close, and encrypted when needed;Step d is called by interception exit system, privately owned list is cleaned up when process exits;Step e is called by interception stat serial system, obtains the length of file after encryption, the length of file after the encryption Include file encryption head;Step f is called by interception lseek system, file pointer is made to be displaced to correct position.
- 3. the method for the transparent encryption and decryption of the file read-write of (SuSE) Linux OS according to claim 1, which is characterized in that The address of the sys_close function includes: in ubuntu14.04 system for 0xffffffff811eb720, It is 0xffffffffb5840370 in ubuntu16.04 system, is 0xffffffff803338c8 in acceptance of the bid kylin system.
- 4. the method for the transparent encryption and decryption of the file read-write of (SuSE) Linux OS according to claim 1, which is characterized in that This method based on CPU include: Arm processor or Mips processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810574682.5A CN109002726A (en) | 2018-06-06 | 2018-06-06 | The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810574682.5A CN109002726A (en) | 2018-06-06 | 2018-06-06 | The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109002726A true CN109002726A (en) | 2018-12-14 |
Family
ID=64599934
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810574682.5A Pending CN109002726A (en) | 2018-06-06 | 2018-06-06 | The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109002726A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109697366A (en) * | 2018-12-29 | 2019-04-30 | 上海上讯信息技术股份有限公司 | A kind of Android file transparent encipher-decipher method based on hook |
CN109886034A (en) * | 2019-02-27 | 2019-06-14 | 北京智游网安科技有限公司 | A kind of APK data encryption processing method, intelligent terminal and storage medium |
CN112560068A (en) * | 2020-12-28 | 2021-03-26 | 山东云缦智能科技有限公司 | Android program storage encryption method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102254124A (en) * | 2011-07-21 | 2011-11-23 | 周亮 | Information security protecting system and method of mobile terminal |
CN104331644A (en) * | 2014-11-24 | 2015-02-04 | 北京邮电大学 | Transparent encryption and decryption method for intelligent terminal file |
CN106203130A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | A kind of transparent encipher-decipher method driving layer based on Intelligent Dynamic |
CN107450964A (en) * | 2017-08-10 | 2017-12-08 | 西安电子科技大学 | It is a kind of to be used to finding that virtual machine is examined oneself whether there is the method for leak in system |
CN107480538A (en) * | 2017-06-30 | 2017-12-15 | 武汉斗鱼网络科技有限公司 | File encrypting method, device, computer-readable recording medium and equipment |
-
2018
- 2018-06-06 CN CN201810574682.5A patent/CN109002726A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102254124A (en) * | 2011-07-21 | 2011-11-23 | 周亮 | Information security protecting system and method of mobile terminal |
CN104331644A (en) * | 2014-11-24 | 2015-02-04 | 北京邮电大学 | Transparent encryption and decryption method for intelligent terminal file |
CN106203130A (en) * | 2016-06-26 | 2016-12-07 | 厦门天锐科技股份有限公司 | A kind of transparent encipher-decipher method driving layer based on Intelligent Dynamic |
CN107480538A (en) * | 2017-06-30 | 2017-12-15 | 武汉斗鱼网络科技有限公司 | File encrypting method, device, computer-readable recording medium and equipment |
CN107450964A (en) * | 2017-08-10 | 2017-12-08 | 西安电子科技大学 | It is a kind of to be used to finding that virtual machine is examined oneself whether there is the method for leak in system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109697366A (en) * | 2018-12-29 | 2019-04-30 | 上海上讯信息技术股份有限公司 | A kind of Android file transparent encipher-decipher method based on hook |
CN109886034A (en) * | 2019-02-27 | 2019-06-14 | 北京智游网安科技有限公司 | A kind of APK data encryption processing method, intelligent terminal and storage medium |
CN112560068A (en) * | 2020-12-28 | 2021-03-26 | 山东云缦智能科技有限公司 | Android program storage encryption method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2763045B1 (en) | Method and apparatus for allocating memory space with write-combine attribute | |
US10282192B1 (en) | Updating device code through a bus | |
US6073206A (en) | Method for flashing ESCD and variables into a ROM | |
US10521361B2 (en) | Memory write protection for memory corruption detection architectures | |
US9858192B2 (en) | Cross-page prefetching method, apparatus, and system | |
CN109002726A (en) | The method of the transparent encryption and decryption of the file read-write of (SuSE) Linux OS | |
US20130311434A1 (en) | Method, apparatus and system for data deduplication | |
US10496388B2 (en) | Technologies for securing a firmware update | |
US7975260B1 (en) | Method of direct access and manipulation of debuggee memory from debugger | |
US8607231B1 (en) | Method and system for processing isochronous data packets using virtual USB controller and placing the isochronous data packets into a look-ahead queue having a plurality of blank packets | |
US20120131235A1 (en) | Using a table to determine if user buffer is marked copy-on-write | |
US20160371098A1 (en) | Communication of device presence between boot routine and operating system | |
US7484210B2 (en) | Apparatus and method for a generic, extensible and efficient data manager for virtual peripheral component interconnect devices (VPCIDs) | |
US11204874B2 (en) | Secure memory repartitioning technologies | |
US20150149751A1 (en) | Cpu-based measured boot | |
US10540291B2 (en) | Tracking and managing translation lookaside buffers | |
US20030005272A1 (en) | System and method for external bus device support | |
JP5011584B2 (en) | Chipset support for binding and migrating hardware devices between heterogeneous processing units | |
US20190163606A1 (en) | Checking system, checking method and compiling method of system start-up file | |
CN111444119A (en) | Feiteng platform nonvolatile memory registration method based on kernel parameters | |
CN114491607A (en) | Cloud platform data processing method and device, computer equipment and storage medium | |
US20230281113A1 (en) | Adaptive memory metadata allocation | |
WO2020177567A1 (en) | Method, apparatus, and system for migrating data | |
US20060277326A1 (en) | Data transfer system and method | |
US6915393B2 (en) | Method and apparatus for physical memory partitioning |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181214 |