CN110892388A - 增强用户空间与内核空间的隔离性的方法和装置 - Google Patents

增强用户空间与内核空间的隔离性的方法和装置 Download PDF

Info

Publication number
CN110892388A
CN110892388A CN201880004375.1A CN201880004375A CN110892388A CN 110892388 A CN110892388 A CN 110892388A CN 201880004375 A CN201880004375 A CN 201880004375A CN 110892388 A CN110892388 A CN 110892388A
Authority
CN
China
Prior art keywords
page table
virtual machine
page
kernel
guest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201880004375.1A
Other languages
English (en)
Other versions
CN110892388B (zh
Inventor
夏虞斌
华志超
翟征德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN110892388A publication Critical patent/CN110892388A/zh
Application granted granted Critical
Publication of CN110892388B publication Critical patent/CN110892388B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0806Multiuser, multiprocessor or multiprocessing cache systems
    • G06F12/0808Multiuser, multiprocessor or multiprocessing cache systems with cache invalidating means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0806Multiuser, multiprocessor or multiprocessing cache systems
    • G06F12/0811Multiuser, multiprocessor or multiprocessing cache systems with multilevel cache hierarchies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0866Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches for peripheral storage systems, e.g. disk cache
    • G06F12/0873Mapping of cache memory to specific storage devices or parts thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/109Address translation for multiple virtual address spaces, e.g. segmentation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/145Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45545Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/485Task life-cycle, e.g. stopping, restarting, resuming execution
    • G06F9/4856Task life-cycle, e.g. stopping, restarting, resuming execution resumption being on a different machine, e.g. task migration, virtual machine migration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/4557Distribution of virtual machine instances; Migration and load balancing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1016Performance improvement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/651Multi-level translation tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/657Virtual address space management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Memory System Of A Hierarchy Structure (AREA)

Abstract

本申请提供一种增强用户空间与内核空间的隔离性的方法和装置,将扩展页表拆分为内核态扩展页表和用户态扩展页表,使得用户态代码不能访问内核空间中的部分或全部内容,和/或,使得内核态代码不能访问用户空间中的部分内容,从而增强了用户空间和内核空间的隔离性,避免内核空间中的内容发生泄漏。

Description

PCT国内申请,说明书已公开。

Claims (21)

  1. PCT国内申请,权利要求书已公开。
CN201880004375.1A 2018-07-11 2018-07-11 增强用户空间与内核空间的隔离性的方法和装置 Active CN110892388B (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/095334 WO2020010556A1 (zh) 2018-07-11 2018-07-11 增强用户空间与内核空间的隔离性的方法和装置

Publications (2)

Publication Number Publication Date
CN110892388A true CN110892388A (zh) 2020-03-17
CN110892388B CN110892388B (zh) 2022-07-22

Family

ID=69142133

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880004375.1A Active CN110892388B (zh) 2018-07-11 2018-07-11 增强用户空间与内核空间的隔离性的方法和装置

Country Status (4)

Country Link
US (1) US11436155B2 (zh)
EP (1) EP3764239B1 (zh)
CN (1) CN110892388B (zh)
WO (1) WO2020010556A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556323A (zh) * 2021-06-24 2021-10-26 深圳市邦盛实时智能技术有限公司 一种应用于企业内控的旁路无侵入流量采集系统
CN115599505A (zh) * 2021-06-28 2023-01-13 华为技术有限公司(Cn) 用户态中断请求的处理方法及装置

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11792307B2 (en) 2018-03-28 2023-10-17 Apple Inc. Methods and apparatus for single entity buffer pool management
US10776020B2 (en) * 2018-08-13 2020-09-15 Red Hat, Inc. Memory protection in virtualized computer systems using shadow page tables
CN111752604A (zh) * 2019-03-27 2020-10-09 阿里巴巴集团控股有限公司 一种具有多个运行模式的处理器
US11829303B2 (en) 2019-09-26 2023-11-28 Apple Inc. Methods and apparatus for device driver operation in non-kernel space
US11558348B2 (en) 2019-09-26 2023-01-17 Apple Inc. Methods and apparatus for emerging use case support in user space networking
US11606302B2 (en) 2020-06-12 2023-03-14 Apple Inc. Methods and apparatus for flow-based batching and processing
US11775359B2 (en) 2020-09-11 2023-10-03 Apple Inc. Methods and apparatuses for cross-layer processing
US11954540B2 (en) 2020-09-14 2024-04-09 Apple Inc. Methods and apparatus for thread-level execution in non-kernel space
US11799986B2 (en) 2020-09-22 2023-10-24 Apple Inc. Methods and apparatus for thread level execution in non-kernel space
US11882051B2 (en) 2021-07-26 2024-01-23 Apple Inc. Systems and methods for managing transmission control protocol (TCP) acknowledgements
US11876719B2 (en) 2021-07-26 2024-01-16 Apple Inc. Systems and methods for managing transmission control protocol (TCP) acknowledgements
CN113704007B (zh) * 2021-09-14 2023-11-07 上海交通大学 利用硬件特性的无服务器计算平台加速系统

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090013149A1 (en) * 2007-07-05 2009-01-08 Volkmar Uhlig Method and apparatus for caching of page translations for virtual machines
US20090300612A1 (en) * 2008-05-30 2009-12-03 Vmware, Inc. Distributing Virtualization Software Address Space in Guest OS Address Space
CN101882113A (zh) * 2009-05-05 2010-11-10 北京大学 一种基于客户操作系统内核代码替换的内存虚拟化方法
CN103164348A (zh) * 2013-02-28 2013-06-19 浙江大学 一种多系统下对实时操作系统所占用内存的保护方法
CN103257936A (zh) * 2012-02-17 2013-08-21 联想(北京)有限公司 内存映射方法和内存映射模块
US8612711B1 (en) * 2009-09-21 2013-12-17 Tilera Corporation Memory-mapped data transfers
US20140006734A1 (en) * 2012-06-28 2014-01-02 Industrial Technology Research Institute Method of cloning data in a memory for a virtual machine, product of computer programs and computer system therewith
CN103955438A (zh) * 2014-05-21 2014-07-30 南京大学 基于硬件辅助虚拟化技术的进程内存保护方法
CN104036185A (zh) * 2014-06-23 2014-09-10 常熟理工学院 基于虚拟化的宏内核操作系统载入模块权能隔离方法
US9274974B1 (en) * 2005-10-21 2016-03-01 Vmware, Inc. Isolating data within a computer system using private shadow mappings
US20160299851A1 (en) * 2015-04-09 2016-10-13 Vmware, Inc. Isolating guest code and data using multiple nested page tables
CN106201646A (zh) * 2014-08-15 2016-12-07 英特尔公司 用于安全虚拟机间共享存储器通信的技术
CN107391225A (zh) * 2017-07-13 2017-11-24 北京航空航天大学 一种基于多ept列表的监控方法和系统
US20180081829A1 (en) * 2016-09-20 2018-03-22 Advanced Micro Devices, Inc. Virtualized process isolation

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016164424A1 (en) * 2015-04-09 2016-10-13 Vmware, Inc. Isolating guest code and data using multiple nested page tables
CN104809401B (zh) 2015-05-08 2017-12-19 南京大学 一种操作系统内核完整性保护方法
US9842065B2 (en) * 2015-06-15 2017-12-12 Intel Corporation Virtualization-based platform protection technology
CN105446834B (zh) 2015-11-30 2018-10-19 华为技术有限公司 虚拟机快照的生成方法和装置
US10768962B2 (en) * 2016-12-19 2020-09-08 Vmware, Inc. Emulating mode-based execute control for memory pages in virtualized computing systems
CN107797895A (zh) 2017-05-08 2018-03-13 中国人民解放军国防科学技术大学 一种虚拟机安全监控方法及系统
CN107479946B (zh) 2017-08-16 2020-06-16 南京大学 一种内核模块的交互行为监控方案
US11030112B2 (en) * 2018-05-25 2021-06-08 Red Hat, Inc. Enhanced address space layout randomization

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9274974B1 (en) * 2005-10-21 2016-03-01 Vmware, Inc. Isolating data within a computer system using private shadow mappings
US20090013149A1 (en) * 2007-07-05 2009-01-08 Volkmar Uhlig Method and apparatus for caching of page translations for virtual machines
US20090300612A1 (en) * 2008-05-30 2009-12-03 Vmware, Inc. Distributing Virtualization Software Address Space in Guest OS Address Space
US20090300263A1 (en) * 2008-05-30 2009-12-03 Vmware, Inc. Virtualization with Merged Guest Page Table and Shadow Page Directory
US20130283004A1 (en) * 2008-05-30 2013-10-24 Vmware, Inc. Virtualization with Multiple Shadow Page Tables
CN101882113A (zh) * 2009-05-05 2010-11-10 北京大学 一种基于客户操作系统内核代码替换的内存虚拟化方法
US8612711B1 (en) * 2009-09-21 2013-12-17 Tilera Corporation Memory-mapped data transfers
CN103257936A (zh) * 2012-02-17 2013-08-21 联想(北京)有限公司 内存映射方法和内存映射模块
US20140006734A1 (en) * 2012-06-28 2014-01-02 Industrial Technology Research Institute Method of cloning data in a memory for a virtual machine, product of computer programs and computer system therewith
CN103164348A (zh) * 2013-02-28 2013-06-19 浙江大学 一种多系统下对实时操作系统所占用内存的保护方法
CN103955438A (zh) * 2014-05-21 2014-07-30 南京大学 基于硬件辅助虚拟化技术的进程内存保护方法
CN104036185A (zh) * 2014-06-23 2014-09-10 常熟理工学院 基于虚拟化的宏内核操作系统载入模块权能隔离方法
CN106201646A (zh) * 2014-08-15 2016-12-07 英特尔公司 用于安全虚拟机间共享存储器通信的技术
US20160299851A1 (en) * 2015-04-09 2016-10-13 Vmware, Inc. Isolating guest code and data using multiple nested page tables
US20180081829A1 (en) * 2016-09-20 2018-03-22 Advanced Micro Devices, Inc. Virtualized process isolation
CN107391225A (zh) * 2017-07-13 2017-11-24 北京航空航天大学 一种基于多ept列表的监控方法和系统

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
JUNGSEUNG LEE等: ""POSTER:Page Table Manipulation Attack"", 《CCS "15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY》 *
任建宝等: ""基于虚拟机监控器的隐私透明保护"", 《软件学报》 *
王烨等: ""基于代码防泄漏的代码复用攻击防御技术"", 《计算机研究与发展》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556323A (zh) * 2021-06-24 2021-10-26 深圳市邦盛实时智能技术有限公司 一种应用于企业内控的旁路无侵入流量采集系统
CN115599505A (zh) * 2021-06-28 2023-01-13 华为技术有限公司(Cn) 用户态中断请求的处理方法及装置

Also Published As

Publication number Publication date
WO2020010556A1 (zh) 2020-01-16
EP3764239A1 (en) 2021-01-13
EP3764239B1 (en) 2024-09-11
US11436155B2 (en) 2022-09-06
CN110892388B (zh) 2022-07-22
US20210011856A1 (en) 2021-01-14
EP3764239A4 (en) 2021-05-05

Similar Documents

Publication Publication Date Title
CN110892388B (zh) 增强用户空间与内核空间的隔离性的方法和装置
Sev-Snp Strengthening VM isolation with integrity protection and more
US11681793B2 (en) Technologies for object-oriented memory management with extended segmentation
US8954959B2 (en) Memory overcommit by using an emulated IOMMU in a computer system without a host IOMMU
KR101955189B1 (ko) 스왑 아웃된 메모리 페이지의 가상 머신 가상화된 메모리로의 맵핑을 위한 가상 머신에서의 페이지 오류 삽입
US10296470B2 (en) Systems and methods for dynamically protecting a stack from below the operating system
US10324863B2 (en) Protected memory view for nested page table access by virtual machine guests
US8099574B2 (en) Providing protected access to critical memory regions
US8631170B2 (en) Memory overcommit by using an emulated IOMMU in a computer system with a host IOMMU
BRPI0720921A2 (pt) Agentes de proteção e modos de privilégio.
KR20220045211A (ko) 캐패빌리티 기입 어드레스 추적
US9292324B2 (en) Virtual machine supervision by machine code rewriting to inject policy rule
US11741021B2 (en) Trust domains for peripheral devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant