CN109960511B - Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal - Google Patents

Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal Download PDF

Info

Publication number
CN109960511B
CN109960511B CN201910221936.XA CN201910221936A CN109960511B CN 109960511 B CN109960511 B CN 109960511B CN 201910221936 A CN201910221936 A CN 201910221936A CN 109960511 B CN109960511 B CN 109960511B
Authority
CN
China
Prior art keywords
function
virtual machine
bytecode
dynamic library
protected
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910221936.XA
Other languages
Chinese (zh)
Other versions
CN109960511A (en
Inventor
肖巍
廖兴龙
方令
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhiyou Wang'an Technology Co ltd
Original Assignee
Beijing Zhiyou Wang'an Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhiyou Wang'an Technology Co ltd filed Critical Beijing Zhiyou Wang'an Technology Co ltd
Priority to CN201910221936.XA priority Critical patent/CN109960511B/en
Publication of CN109960511A publication Critical patent/CN109960511A/en
Application granted granted Critical
Publication of CN109960511B publication Critical patent/CN109960511B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • G06F9/45508Runtime interpretation or emulation, e g. emulator loops, bytecode interpretation

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)
  • Devices For Executing Special Programs (AREA)

Abstract

The invention discloses a dynamic library issuing method, a storage medium and an intelligent terminal based on a virtualization technology, wherein the method comprises the following steps: appointing a function needing protection in a source file, and modifying a source code of the function; compiling the source code through an LLVM compiler, performing virtualization processing, generating a new virtual machine byte code, and storing the new virtual machine byte code; extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server; re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall; and after downloading and installing the application installation package and starting, acquiring the version information of the byte codes, and replacing the byte codes in the local server to finish the dynamic update of the byte codes of the virtual machine. The invention dynamically updates the virtual machine byte codes and sends the virtual machine byte codes to the corresponding APP through the cloud, thereby improving the problem that the existing virtual machine byte codes are fixed and unchangeable and enhancing the continuous strength and time of virtual machine protection.

Description

Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal
Technical Field
The invention relates to the technical field of internet, in particular to a dynamic library issuing method based on virtualization technology, a storage medium and an intelligent terminal.
Background
The virtual machine protection technology is a new software protection technology in the field of mobile information security, and the realization principle is as follows: defining a set of instruction set, translating the source code to be protected into virtual machine byte codes which are difficult to understand by human beings, and then interpreting and executing the byte codes by a virtual machine interpreter when the program runs.
In the existing virtual machine protection technology in the market, the generated virtual machine byte codes are generally fixed and invariable, although the cracking difficulty is larger than that before, the byte codes are fixed and invariable, and if enough time and patience exist, the byte codes can still be cracked, so that the strength and the time for the protection effect to last are relatively limited.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a dynamic library issuing method, a storage medium, and an intelligent terminal based on a virtualization technology, aiming at solving the problem that in the prior art, the bytecode of a virtual machine is fixed, which results in the protection effect of the virtual machine and the realization limitation.
The technical scheme adopted by the invention for solving the technical problem is as follows:
a dynamic library issuing method based on virtualization technology is disclosed, wherein the method comprises the following steps:
specifying a function needing to be protected in a source file, and modifying a source code of the function needing to be protected;
compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine byte code, and storing the new virtual machine byte code in a byte code index table;
extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server;
re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall;
and after the application installation package is downloaded and installed from the application mall and started, acquiring version information containing the byte codes from the cloud server, and replacing the byte codes in the local server to complete dynamic update of the byte codes of the virtual machine.
The dynamic library issuing method based on the virtualization technology comprises the following steps of specifying a function to be protected in a source file and modifying a source code of the function to be protected:
determining a function needing protection, and adding an identifier behind a prototype of the function needing protection;
and modifying the C/C + + source code of the function needing protection.
The dynamic library issuing method based on the virtualization technology comprises the following steps of compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine byte code, and storing the new virtual machine byte code in a byte code index table, wherein the steps comprise:
starting an LLVM compiler to scan a function needing protection, and storing a global variable in the function needing protection and an address of a global function into a global address table by traversing the function needing protection instruction by instruction;
if the local function needs to be called in the functions needing to be protected, a packaging function is created according to the difference between the return value and the parameter type of the called local function, and the address of the packaging function is stored in a packaging function table;
and traversing the functions needing protection one by one, translating the LLVM IR instruction into an equivalent virtual machine instruction, and storing the newly generated virtual machine byte codes into a byte code table.
The dynamic library issuing method based on the virtualization technology, wherein the steps of compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine bytecode, and storing the new virtual machine bytecode in a bytecode index table further include:
recording the initial position of each function to be protected in the byte code table, and storing the sequence number of the function to be protected and the position in the byte code table into a byte code index table;
and dynamically creating a virtual machine bridge function according to different parameter types and return values of the functions needing to be protected, evacuating the function body of the functions needing to be protected, and replacing the function body with the function needing to be protected by calling the virtual machine bridge function.
The dynamic library issuing method based on the virtualization technology is characterized in that the dynamic library comprises a first shared library and a second shared library; the first shared library is a dynamic library formed by linking original intermediate representation modules; and the second shared library is a dynamic library formed by linking newly-built intermediate representation modules after virtualization processing of functions needing protection.
The dynamic library issuing method based on the virtualization technology is characterized in that the step of extracting updated bytecode information to generate a dynamic library and uploading the generated dynamic library and corresponding bytecode version information to a cloud server includes the steps of:
after all functions needing protection are subjected to virtualization processing, a new intermediate representation module is built and recorded as a second intermediate representation module, and the original intermediate representation is recorded as a first intermediate representation module;
transferring the claims or definitions referred to in the byte code table, the byte code index table, the global address table, the wrapper function table, the bridge function, the wrapper function and the global address table to a second intermediate representation module, wherein the first intermediate representation module retains the claims of the functions needing protection;
linking first intermediate representation modules corresponding to all source files into a first shared library, and linking second intermediate representation modules corresponding to all source files into a second shared library;
and then uploading the generated second shared library and the corresponding bytecode version information to a cloud server.
The dynamic library issuing method based on the virtualization technology, wherein the steps of re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall further comprise:
and re-signing the generated first shared library and the second shared library together with the original dynamic library, packaging to generate an application installation package, and uploading to an application store.
The dynamic library issuing method based on the virtualization technology, wherein after the application installation package is downloaded and installed from an application mall and started, the step of obtaining version information containing the bytecode from a cloud server, replacing the bytecode in a local server and finishing dynamic update of the bytecode of the virtual machine comprises the following steps of:
downloading the application installation package from an application mall, and installing the application installation package in an intelligent terminal;
starting an application installation package in the intelligent terminal, acquiring version information containing byte codes from a cloud server by a first shared library, and comparing the version information with the version information of the byte codes in a local server;
if the byte code version information in the cloud server is newer than the byte code version information in the local server, downloading a byte code file in a second shared library from the cloud server, and calling and loading;
and replacing the old bytecode with the new bytecode to complete the dynamic update of the virtual machine bytecode.
A storage medium having stored thereon a plurality of instructions, wherein the instructions are adapted to be loaded and executed by a processor to perform the steps of implementing any of the virtualization technology based dynamic library delivery methods described above.
An intelligent terminal, comprising: a processor, a storage medium communicatively coupled to the processor, wherein the storage medium is adapted to store a plurality of instructions; the processor is adapted to call instructions in the storage medium to execute the steps of implementing any one of the above-described dynamic library delivery methods based on virtualization technologies.
The invention has the beneficial effects that: according to the invention, the LLVM compiler is adopted, dynamic update of the virtual machine byte codes is realized based on LLVM intermediate representation, and the dynamic update is issued to the corresponding APP through the cloud, so that the problems that the existing virtual machine byte codes are fixed and easy to crack are solved, and the continuous strength and time of virtual machine protection are enhanced.
Drawings
Fig. 1 is a flowchart of a dynamic library issuing method based on virtualization technology according to a preferred embodiment of the present invention.
Fig. 2 is a flowchart of a preferred embodiment of virtualization processing in the dynamic library issuing method based on virtualization technology according to the present invention.
Fig. 3 is a functional schematic diagram of the intelligent terminal provided by the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The dynamic library issuing method based on the virtualization technology can be applied to terminals. The terminal may be, but is not limited to, various personal computers, notebook computers, mobile phones, tablet computers, vehicle-mounted computers, and portable wearable devices. The terminal of the invention adopts a multi-core processor. The processor of the terminal may be at least one of a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), a Video Processing Unit (VPU), and the like.
Because the virtual machine bytecode generated by the existing virtual machine technology is generally fixed and unchangeable, although the virtual machine technology is a technology with a certain protection effect in the field of mobile information security, the fixed and unchangeable virtual machine bytecode can still be cracked under the condition of enough time and patience, so that the strength and time for the protection effect to last are relatively limited. In order to solve the above problems, this embodiment provides a dynamic library cloud issuing technology based on a virtualization technology, and specifically as shown in fig. 1, the method includes the following steps:
s100, specifying a function to be protected in a source file, and modifying a source code of the function to be protected;
step S200, compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine byte code, and storing the new virtual machine byte code in a byte code index table;
step S300, extracting the updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and the corresponding bytecode version information to a cloud server;
step S400, re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall;
step S500, after downloading and installing the application installation package from the application mall and starting, acquiring the version information containing the byte codes from the cloud server, and replacing the byte codes in the local server to complete the dynamic update of the byte codes of the virtual machine.
The dynamic library in this embodiment refers to a dynamic library under different platforms, and because the formats of the dynamic libraries under different platforms are not the same, the android calls so, the macOS calls dylib, and the windows calls dll. In specific implementation, in this embodiment, a function to be protected is first determined, and an identifier, for example, __ attribute ((__ endpoint __ (("ivmp")))), is added behind a prototype of the function to be protected to identify the function as the function to be protected. It should be noted that the present embodiment does not limit the specific form of the identifier, and is only used for illustrating the present embodiment. And when the function needing protection is determined, modifying the C/C + + source code of the function needing protection. Further, in this embodiment, a customized LLVM compiler is used to compile the modified source code, and the LLVM compiler is used to virtualize the source file of the function that needs to be protected. The LLVM (Low Level Virtual machine) compiler is a framework system of a framework compiler and is written in C + +, is used for optimizing the compile time (complex-time), link-time (link-time), run-time (run-time) and idle-time (idle-time) of a program written in any programming language, is open to developers, and is compatible with existing scripts.
Further, referring to fig. 2, the virtualization processing in this embodiment specifically includes:
step 201, starting a LIVM compiler to scan a function needing protection, traversing the function needing protection one by instructions, and storing a global variable in the function needing protection and an address of the global function into a global address table;
step 202, if a local function needs to be called in the functions needing to be protected, creating a packaging function according to the difference between the return value and the parameter type of the called local function, and storing the address of the packaging function into a packaging function table;
step 203, traversing the functions needing protection one by one, translating the LLVM IR instruction into an equivalent virtual machine instruction, and storing the newly generated virtual machine byte code into a byte code table;
step 204, recording the initial position of each function to be protected in the byte code table, and storing the sequence number of the function to be protected and the position of the function in the byte code table into a byte code index table;
step 205, according to the difference between the parameter type and the return value of the function to be protected, dynamically creating a virtual machine bridge function, and evacuating the function body needing the protection function to replace the function body with the calling of the virtual machine bridge function.
In this embodiment, functions to be protected are traversed instruction by instruction, and LLVM IR (interrupt presentation) instructions are translated into equivalent virtual machine instructions, because source codes of the functions to be protected are modified, when the LLVM IR instructions are translated into the virtual machine instructions, new virtual machine bytecodes are generated, and the bytecodes are stored in a bytecode table, and in this embodiment, the start positions of each function to be protected in the bytecode table are recorded at the same time and are stored in a bytecode index table, so that the subsequent calling of the bytecodes can be faster and more convenient. In this embodiment, a virtual machine bridge function is dynamically created, and a function body of a function to be protected is replaced with a call of the virtual bridge function, so as to realize that a newly generated bytecode can require a function call to be virtually protected.
Further, after all functions needing protection are subjected to virtualization processing, the updated bytecode information is extracted to generate a dynamic library. The dynamic library in this embodiment includes a first shared library and a second shared library; the first shared library is a dynamic library formed by linking original intermediate representation modules; and the second shared library is a dynamic library formed by linking newly-built intermediate representation modules after virtualization processing of functions needing protection. Specifically, after all functions requiring protection complete the virtualization process, an intermediate representation Module (IR Module) is newly created and recorded as the second intermediate representation Module, i.e., IR2, and the original intermediate representation is recorded as the first intermediate representation Module, i.e., IR 1. The claims or definitions referenced in the bytecode table, the bytecode index table, the global address table, the wrapper function table, the bridge function, the wrapper function, and the global address table are then transferred to a second intermediate representation module (IR 2), in which the claims of the functions that need protection are retained in the first intermediate representation module (IR 1). Finally, the LLVM compiler links first intermediate representation modules corresponding to all source files into a first shared library, which is recorded as libUpdate. In the two created shared libraries, the second shared library reports and stores information such as a newly generated bytecode table, so that the generated second shared library (libbyte. By uploading the byte code information to the cloud server, the cloud server issues the dynamic library when updating the byte code information, so that the stability of data is ensured.
Further, the generated first shared library and the second shared library are re-signed together with the original dynamic library, packaged to generate an application installation package, and uploaded to an application store. The application installation package comprises APK of Android, IPA of apple, and installation packages of Windows and Linux on a personal computer. When a user downloads the application installation package from an application mall, and the application installation package is installed in the intelligent terminal; then, an application installation package in the intelligent terminal is started, and a first shared library (libupdate. so) acquires version information containing byte codes from a cloud server and compares the version information with the version information of the byte codes in a local server; if the bytecode version information in the cloud server is newer than the bytecode version information in the local server, the newly generated virtual machine bytecode is indicated, a bytecode file in a second shared library (libbyte. so) is downloaded from the cloud server, and libupdate. so calls a dlopen function to dynamically load libbyte. so after the downloading is completed; and after the loading is finished, the new bytecode replaces the old bytecode, and the dynamic updating of the virtual machine bytecode is finished. Therefore, in the embodiment, dynamic update of the virtual machine byte codes is realized based on LLVM intermediate representation, and the virtual machine byte codes are issued to the corresponding APP through the cloud, so that the problems that the existing virtual machine byte codes are fixed and are easy to crack are solved, and the continuous strength and time of virtual machine protection are enhanced. In addition, in this embodiment, the source code of the function to be protected is modified more freely, and as long as the interface of the protected function is not changed, the content of the protected function can be modified at will, including calling a new external function, using a new global variable, and the like; and the binary file in the elf format is updated, so that the data is not easy to leak.
Based on the above embodiment, the present invention further provides an intelligent terminal, and a schematic block diagram thereof may be as shown in fig. 3. The intelligent terminal comprises a processor, a memory, a network interface, a display screen and a temperature sensor which are connected through a system bus. Wherein, the processor of the intelligent terminal is used for providing calculation and control capability. The memory of the intelligent terminal comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the intelligent terminal is used for being connected and communicated with an external terminal through a network. The computer program is executed by a processor to realize a dynamic library issuing method based on virtualization technology. The display screen of the intelligent terminal can be a liquid crystal display screen or an electronic ink display screen, and the temperature sensor of the intelligent terminal is arranged inside the intelligent terminal in advance and used for detecting the current operating temperature of internal equipment.
It will be understood by those skilled in the art that the block diagram shown in fig. 3 is only a block diagram of a part of the structure related to the solution of the present invention, and does not constitute a limitation to the intelligent terminal to which the solution of the present invention is applied, and a specific intelligent terminal may include more or less components than those shown in the figure, or combine some components, or have a different arrangement of components.
In one embodiment, an intelligent terminal is provided, which includes a memory and a processor, the memory stores a computer program, and the processor can realize at least the following steps when executing the computer program: appointing a function needing to be protected in a source file, and modifying a source code of the function needing to be protected;
compiling the source code through a preset LIVM compiler, virtualizing a function to be protected, generating a new virtual machine byte code, and storing the new virtual machine byte code in a byte code index table;
extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server;
re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall;
and after the application installation package is downloaded and installed from the application mall and started, acquiring version information containing the byte codes from the cloud server, and replacing the byte codes in the local server to complete dynamic update of the byte codes of the virtual machine.
In one embodiment, the processor when executing the computer program can further implement the following steps: determining a function needing protection, and adding __ attribute (__ attribute __ (("ivmp"))) behind the prototype of the function needing protection; and modifying the C/C + + source code of the function needing protection.
In one embodiment, the processor when executing the computer program can further implement the following steps: starting a LLVM compiler to scan a function needing protection, traversing the function needing protection one by instructions, and storing a global variable in the function needing protection and an address of the global function into a global address table; if the local function needs to be called in the functions needing to be protected, a packaging function is created according to the difference between the return value and the parameter type of the called local function, and the address of the packaging function is stored in a packaging function table; and traversing the functions needing protection one by one, translating the LLVM IR instruction into an equivalent virtual machine instruction, and storing the newly generated virtual machine byte codes into a byte code table.
In one embodiment, the processor when executing the computer program can further implement the following steps: recording the initial position of each function to be protected in the byte code table, and storing the sequence number of the function to be protected and the position in the byte code table into a byte code index table; and dynamically creating a virtual machine bridge function according to different parameter types and return values of the functions needing to be protected, evacuating the function body of the functions needing to be protected, and replacing the function body with the function needing to be protected by calling the virtual machine bridge function.
In one embodiment, the processor when executing the computer program can further implement the following steps: after all functions needing protection are subjected to virtualization processing, a new intermediate representation module is established and recorded as a second intermediate representation module, and the original intermediate representation is recorded as a first intermediate representation module; transferring the declarations or definitions referred to in the byte code table, the byte code index table, the global address table, the packing function table, the bridging function, the packing function and the global address table to a second intermediate representation module, wherein the declarations of the functions needing to be protected are reserved in the first intermediate representation module; linking first intermediate representation modules corresponding to all source files into a first shared library, and linking second intermediate representation modules corresponding to all source files into a second shared library; and then uploading the generated second shared library and the corresponding bytecode version information to a cloud server.
In one embodiment, the processor when executing the computer program can further implement the following steps: and re-signing the generated first shared library and the second shared library together with the original dynamic library, packaging to generate an application installation package, and uploading to an application store.
In one embodiment, the processor when executing the computer program can further implement the following steps: downloading the application installation package from an application mall, and installing the application installation package in an intelligent terminal; starting an application installation package in the intelligent terminal, acquiring version information containing byte codes from a cloud server by a first shared library, and comparing the version information with the version information of the byte codes in a local server; if the byte code version information in the cloud server is newer than the byte code version information in the local server, downloading a byte code file in a second shared library from the cloud server, and calling and loading; the new byte code is adopted to replace the old byte code to complete the dynamic update of the virtual machine byte code
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, databases, or other media used in embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct bused dynamic RAM (DRDRAM), and bused dynamic RAM (RDRAM).
In summary, the present invention discloses a dynamic library issuing method, a storage medium, and an intelligent terminal based on a virtualization technology, wherein the method includes: appointing a function needing protection in a source file, and modifying a source code of the function; compiling the source code through an LLVM compiler, performing virtualization processing, generating a new virtual machine byte code, and storing the new virtual machine byte code; extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server; re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall; and after downloading and installing the application installation package and starting, acquiring the version information of the byte codes, and replacing the byte codes in the local server to finish the dynamic update of the byte codes of the virtual machine. The method and the device dynamically update the byte codes of the virtual machine and send the byte codes to the corresponding APP through the cloud, so that the problem that the byte codes of the existing virtual machine are fixed is solved, and the continuous strength and time of virtual machine protection are enhanced.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.

Claims (9)

1. A dynamic library issuing method based on virtualization technology is characterized by comprising the following steps:
appointing a function needing to be protected in a source file, and modifying a source code of the function needing to be protected;
compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine byte code, and storing the new virtual machine byte code in a byte code index table;
extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server;
re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall;
after the application installation package is downloaded and installed from an application mall and started, acquiring version information containing byte codes from a cloud server, and replacing the byte codes in a local server to complete dynamic update of the byte codes of the virtual machine;
the steps of compiling the source code through a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine bytecode, and storing the new virtual machine bytecode into a bytecode index table include:
starting a LLVM compiler to scan a function needing protection, traversing the function needing protection one by instructions, and storing a global variable in the function needing protection and an address of the global function into a global address table;
if the local function needs to be called in the functions needing to be protected, a packaging function is created according to the difference between the return value and the parameter type of the called local function, and the address of the packaging function is stored in a packaging function table;
and traversing the functions needing protection instruction by instruction, translating the LLVM IR instruction into an equivalent virtual machine instruction, and storing the newly generated virtual machine byte codes into a byte code table.
2. The virtualization technology-based dynamic library issuing method according to claim 1, wherein the step of specifying a function to be protected in a source file and modifying source code of the function to be protected includes:
determining a function needing protection, and adding an identifier behind a prototype of the function needing protection;
and modifying the C/C + + source code of the function needing protection.
3. The dynamic library issuing method based on virtualization technology as claimed in claim 1, wherein the step of compiling the source code by a preset LLVM compiler, virtualizing a function to be protected, generating a new virtual machine bytecode, and storing the new virtual machine bytecode in a bytecode index table further comprises:
recording the initial position of each function to be protected in the byte code table, and storing the sequence number of the function to be protected and the position in the byte code table into a byte code index table;
and dynamically creating a virtual machine bridge function according to different parameter types and return values of the functions needing to be protected, evacuating the function body of the functions needing to be protected, and replacing the function body with the function needing to be protected by calling the virtual machine bridge function.
4. The virtualization technology-based dynamic library issuing method according to claim 1, wherein the dynamic library includes a first shared library and a second shared library; the first shared library is a dynamic library formed by linking original intermediate representation modules; and the second shared library is a dynamic library formed by linking newly-built intermediate representation modules after virtualization processing of functions needing protection.
5. The virtualization technology-based dynamic library issuing method according to claim 1, wherein the step of extracting updated bytecode information to generate a dynamic library, and uploading the generated dynamic library and corresponding bytecode version information to a cloud server includes:
after all functions needing protection are subjected to virtualization processing, a new intermediate representation module is established and recorded as a second intermediate representation module, and the original intermediate representation is recorded as a first intermediate representation module;
transferring the claims or definitions referred to in the byte code table, the byte code index table, the global address table, the wrapper function table, the bridge function, the wrapper function and the global address table to a second intermediate representation module, wherein the first intermediate representation module retains the claims of the functions needing protection;
linking first intermediate representation modules corresponding to all source files into a first shared library, and linking second intermediate representation modules corresponding to all source files into a second shared library;
and then uploading the generated second shared library and the corresponding bytecode version information to a cloud server.
6. The dynamic library issuing method based on virtualization technology according to claim 1, wherein the step of re-signing and packaging the dynamic library, generating an application installation package, and uploading the application installation package to an application mall further comprises:
and re-signing the generated first shared library and the second shared library together with the original dynamic library, packaging to generate an application installation package, and uploading to an application store.
7. The dynamic library issuing method based on virtualization technology according to claim 1, wherein the step of obtaining version information including bytecode from a cloud server and replacing bytecode in a local server after downloading and installing the application installation package from an application mall and starting the application installation package to complete dynamic update of virtual machine bytecode includes:
downloading the application installation package from an application mall, and installing the application installation package in an intelligent terminal;
starting an application installation package in the intelligent terminal, acquiring version information containing byte codes from a cloud server by a first shared library, and comparing the version information with the version information of the byte codes in a local server;
if the byte code version information in the cloud server is newer than the byte code version information in the local server, downloading a byte code file in a second shared library from the cloud server, and calling and loading;
and replacing the old bytecode with the new bytecode to complete the dynamic update of the virtual machine bytecode.
8. A storage medium having stored thereon a plurality of instructions adapted to be loaded and executed by a processor to perform the steps of implementing the virtualization technology based dynamic library delivery method of any of claims 1-7.
9. An intelligent terminal, comprising: a processor, a storage medium communicatively coupled to the processor, wherein the storage medium is adapted to store a plurality of instructions; the processor is adapted to call instructions in the storage medium to perform the steps of implementing the virtualization technology based dynamic library delivery method of any one of claims 1-7.
CN201910221936.XA 2019-03-22 2019-03-22 Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal Active CN109960511B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910221936.XA CN109960511B (en) 2019-03-22 2019-03-22 Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910221936.XA CN109960511B (en) 2019-03-22 2019-03-22 Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal

Publications (2)

Publication Number Publication Date
CN109960511A CN109960511A (en) 2019-07-02
CN109960511B true CN109960511B (en) 2022-09-09

Family

ID=67024725

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910221936.XA Active CN109960511B (en) 2019-03-22 2019-03-22 Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal

Country Status (1)

Country Link
CN (1) CN109960511B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110673929B (en) * 2019-09-29 2022-11-22 深圳爱加密科技有限公司 Method for protecting abnormal mechanism, intelligent terminal and storage medium
CN112667285B (en) * 2021-01-25 2023-11-03 Vidaa(荷兰)国际控股有限公司 Application upgrading method, display device and server
CN113342436B (en) * 2021-06-10 2023-03-17 网易(杭州)网络有限公司 Game translation method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254117A (en) * 2011-07-07 2011-11-23 李鹏 Virtualized technology-based data anti-disclosure system
CN106599627A (en) * 2016-11-22 2017-04-26 江苏通付盾科技有限公司 Method and apparatus for protecting application security based on virtual machine
CN107592338A (en) * 2017-08-08 2018-01-16 新智云数据服务有限公司 More new system, method and the relevant device of a kind of dynamic base
CN108932406A (en) * 2017-05-18 2018-12-04 北京梆梆安全科技有限公司 Virtualization software guard method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1881404A1 (en) * 2006-07-20 2008-01-23 Gemplus Method for dynamic protection of data during intermediate language software execution in a digital device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102254117A (en) * 2011-07-07 2011-11-23 李鹏 Virtualized technology-based data anti-disclosure system
CN106599627A (en) * 2016-11-22 2017-04-26 江苏通付盾科技有限公司 Method and apparatus for protecting application security based on virtual machine
CN108932406A (en) * 2017-05-18 2018-12-04 北京梆梆安全科技有限公司 Virtualization software guard method and device
CN107592338A (en) * 2017-08-08 2018-01-16 新智云数据服务有限公司 More new system, method and the relevant device of a kind of dynamic base

Also Published As

Publication number Publication date
CN109960511A (en) 2019-07-02

Similar Documents

Publication Publication Date Title
CN106775723B (en) Android platform-based system firmware customization method and Android device
CN107077337B (en) System and method for executing application code compiled from two instruction set architectures
CN109491695B (en) Incremental updating method for integrated android application
CN109960511B (en) Dynamic library issuing method based on virtualization technology, storage medium and intelligent terminal
EP3134809A1 (en) Manual refinement of specialized classes
US11507362B1 (en) System and method for generating a binary patch file for live patching of an application
US10747510B1 (en) Application runtime modification
CN112256296A (en) Express delivery service APP updating method, device, equipment and storage medium based on Weex
CN109857432B (en) Hot updating method and device for game application
CN112189187A (en) Extensibility of unified platform
CN112882694A (en) Program compiling method and device, electronic equipment and readable storage medium
US10310863B1 (en) Patching functions in use on a running computer system
CN112612502A (en) Patch generation method, device, equipment and storage medium
CN111782334B (en) Dynamic link library file virtualization method, storage medium and terminal equipment
US9098355B2 (en) Method and apparatus for substituting compiler built-in helper functions with machine instructions
CN110032425B (en) Dynamic link library file virtualization method, system and storage medium
US10552135B1 (en) Reducing a size of an application package
CN107092472B (en) Dynamic publishing method and device
CN111061501B (en) Hot updating method of android application and computer readable storage medium
CN116401003A (en) Android application running method, system and storage medium based on desktop operating system
WO2022194173A1 (en) Patching method and relevant device
CN113641389B (en) Software upgrading method, device and equipment based on OpenCPU
CN113254065B (en) Application software compatibility method and device
CN111610966A (en) Program running method and device and computing equipment
CN111984329B (en) Boot software standardized generation and execution method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant