CN111143246A - Partition protection method, device, equipment and storage medium - Google Patents
Partition protection method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111143246A CN111143246A CN201811313046.3A CN201811313046A CN111143246A CN 111143246 A CN111143246 A CN 111143246A CN 201811313046 A CN201811313046 A CN 201811313046A CN 111143246 A CN111143246 A CN 111143246A
- Authority
- CN
- China
- Prior art keywords
- protection
- partition
- target partition
- identifier
- initialization process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
Abstract
The invention provides a partition protection method, a partition protection device, partition protection equipment and a storage medium. The method comprises the following steps: generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition; determining a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition and is set before initialization of an operating system is completed; and if the protection identifier of the target partition indicates that the protection of the target partition is started, the write operation is prevented. The invention improves the safety of the terminal system.
Description
Technical Field
The present invention relates to the field of terminal technologies, and in particular, to a partition protection method, apparatus, device, and storage medium.
Background
At present, in order to ensure system security of a terminal, in a terminal system which is released formally, a partition which is not expected to be tampered with maliciously in the terminal is set as a read-only attribute, such as a system partition.
In the prior art, a tamperer may obtain administrator user account rights, such as root (root) rights, of an operating system of a terminal. When an attacker obtains the administrator user account right of the operating system of the terminal, the read-only attribute of the partition can be set as the read-write attribute, so that the content in the partition can be tampered.
Therefore, the prior art has the problem of low security of the terminal system.
Disclosure of Invention
The invention provides a partition protection method, a partition protection device, partition protection equipment and a storage medium, which are used for solving the problem of low security of a terminal system in the prior art.
In a first aspect, the present invention provides a partition protection method, including:
generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
determining a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition and is set before initialization of an operating system is completed;
and if the protection identifier of the target partition indicates that the protection of the target partition is started, the write operation is prevented.
In one possible implementation, the method further comprises: and setting respective protection identifiers of a plurality of partitions in an initialization process, wherein the initialization process is used for initializing the operating system.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, the respective protection identifiers of the plurality of partitions are set through a target node provided by a virtual file system of the operating system, and the target node is an entry provided by the virtual file system and used for setting the protection identifiers of the partitions.
In one possible implementation, the initialization process is the only process that is allowed to access the target node.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
In one possible implementation, the method further comprises:
and if the protection identifier of the target partition indicates that the protection of the target partition is not started, allowing the write operation.
In a second aspect, the present invention provides a partition protection device, including:
the generating module is used for generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
a determining module, configured to determine, according to the write command, a protection identifier of the target partition, where the protection identifier is used to indicate whether to start protection of the target partition, and the protection identifier is set before initialization of an operating system is completed;
and the blocking module is used for blocking the write operation if the protection identifier of the target partition indicates that the protection of the target partition is started.
In one possible implementation, the apparatus further comprises:
the device comprises a setting module, a protection identification setting module and a protection identification setting module, wherein the setting module is used for setting the protection identification of each of a plurality of partitions in an initialization process, and the initialization process is used for initializing the operating system.
In a possible implementation, the setting module is specifically configured to set, in the initialization process, the protection identifier of each of the plurality of partitions by using a target node provided by a virtual file system of the operating system, where the target node is an entry provided by the virtual file system and used for setting the protection identifier of the partition.
In one possible implementation, the initialization process is the only process that is allowed to access the target node.
In a possible implementation, the setting module is specifically configured to:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
In one possible implementation, the apparatus further comprises: and the permission module is used for permitting the write operation if the protection identifier of the target partition indicates that the protection of the target partition is not started.
In a third aspect, the present invention provides a terminal, including:
a processor and a memory for storing computer instructions; the processor executes the computer instructions to perform the method of any of the first aspects described above.
In a fourth aspect, the present invention provides a non-transitory computer readable storage medium having instructions which, when executed by a processor of a terminal, enable the terminal to perform the method of any of the first aspects above.
The partition protection method, device, equipment and storage medium provided by the invention generate a write command for indicating to write data to a target partition according to write operation triggered by a user, determine a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition, and the protection identifier is set before initialization of an operating system is completed, if the protection identifier of the target partition indicates to start protection of the target partition, the write operation is stopped, so that when the protection identifier of the partition indicates to start protection of the partition, the write operation of the partition is stopped, and because the protection identifier is set before initialization of the operating system is completed, and a user can operate a terminal system only after initialization of the operating system is completed, modification of the protection identifier of the partition by the user can be avoided, so that when the protection identifier indicates to start protection of one partition, even the user of the super administrator cannot write data to the partition, so that the safety of the terminal system is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a partition protection method according to a first embodiment of the present invention;
fig. 2 is a schematic flowchart of a partition protection method according to a second embodiment of the present invention;
fig. 3 is a schematic diagram of a partition protection method according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a third embodiment of a partition protection method according to the present invention;
fig. 5 is a schematic structural diagram of a partition protection device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic flowchart of a partition protection method according to a first embodiment of the present invention, where an execution main body of the method according to the present embodiment may be a terminal, such as a mobile phone, a tablet computer, and the like. As shown in fig. 1, the method of this embodiment may include:
In this step, the user may be specifically a super administrator user or a non-super administrator user (which may also be referred to as a common user). The hypervisor user may be, for example, a root user in a UNIX (UNIX) operating System or a UNIX-like operating System, or a System (System) user in a Windows (Windows) operating System.
Wherein, the super administrator user has the terminal system with high and useless power. After obtaining the super administrator user authority means that the highest authority of the terminal system has been obtained, the super administrator user can perform all operations of adding, deleting, modifying and checking on any file (including system file) in the terminal system.
Optionally, step 101 may specifically include: and the application layer of the terminal system generates a write command according to the write operation triggered by the user. Further, the write command may be sent by the application layer to the operating system of the terminal. Optionally, the write command may include a partition identifier of the target partition and data to be written. It should be noted that the terminal system includes, in addition to the operating system, applications implemented based on the operating system, such as a telephone, a short message, and the like.
The write operation specifically refers to an operation of writing data into the storage device. It should be noted that, the present invention is not limited to the specific manner in which the user triggers the write operation.
It should be noted that the partition in the present invention may specifically refer to a partition of a storage device, and the present invention is not limited to the specific manner of determining the partition of the storage device. The storage device may be, for example, a memory, a hard disk, a magnetic disk, or the like.
In this step, the protection identifier of the target partition may indicate that protection of the target partition is started or protection of the target partition is not started. For example, when the protection flag of the target partition is 1, it may indicate that the protection of the target partition is started; when the protection flag of the target partition is 0, it may indicate that the protection of the target partition is not started.
Optionally, the corresponding relationship between different partitions and the protection identifier may be stored, for example, the corresponding relationship between the partition identifiers and the protection identifier of different partitions. Further, the protection identifier of the target partition may be determined according to the target partition and the corresponding relationship.
Here, the protection flag is set before the initialization of the operating system is completed, that is, the protection flag cannot be set after the initialization of the operating system is completed. Moreover, any user can operate the terminal system only after the operating system is initialized, so that any user cannot modify the protection identifier, that is, the super-management user cannot modify the protection identifier of the partition, and cannot modify the data in the partition whose protection identifier indicates to start protection.
Optionally, step 102 may specifically include: and the operating system of the terminal receives the write command sent by the application layer and determines the protection identifier of the target partition according to the write command.
In this step, since the write operation specifically refers to an operation of writing data into the storage device, the block of the write operation may specifically be a block of writing data into the storage device. It should be noted that the present invention is not limited to the specific manner of preventing the write operation. Alternatively, the write command may be discarded.
Optionally, step 103 may specifically include: and if the protection identifier of the target partition indicates that the protection of the target partition is started, the operating system stops the write operation.
The partition protection method provided in this embodiment generates a write command for instructing to write data to a target partition according to a write operation triggered by a user, determines a protection identifier of the target partition according to the write command, where the protection identifier is used to instruct whether to start protection of the target partition, and the protection identifier is set before initialization of an operating system is completed, and if the protection identifier of the target partition indicates to start protection of the target partition, blocks the write operation, so that when the protection identifier of the partition indicates to start protection of the partition, the write operation of the partition is blocked, and because the protection identifier is set before initialization of the operating system is completed, and a user can operate a terminal system only after initialization of the operating system is completed, modification of the protection identifier of the partition by the user can be avoided, so that when the protection identifier indicates to start protection of one partition, even the user of the super administrator cannot write data to the partition, so that the safety of the terminal system is improved.
Fig. 2 is a flowchart illustrating a second embodiment of a partition protection method according to an embodiment of the present invention, and this embodiment mainly describes an optional implementation manner for implementing setting of a protection identifier before initialization of an operating system is completed on the basis of the embodiment illustrated in fig. 1. As shown in fig. 2, the method of this embodiment may include:
In this step, the plurality of partitions are partitions that allow protection to be provided, and the plurality of partitions may be all partitions or partial partitions of the storage device of the terminal. Optionally, the plurality of partitions includes a system partition of the terminal. Optionally, when the operating system of the terminal is an android operating system, the initialization process may specifically be an init process, and specifically, a related code for setting a protection identifier may be added to the init process.
Optionally, the setting of the respective protection identifiers of the multiple partitions in the initialization process includes: in the initialization process, the respective protection identifiers of the plurality of partitions are set through a target node provided by a virtual file system of the operating system, and the target node is an entry provided by the virtual file system and used for setting the protection identifiers of the partitions. When the operating system of the terminal is a Linux operating system, the virtual file system may be, for example, a Proc file system, where the Proc file system is a pseudo file system and serves as a special interface to access a kernel (kernel) of the operating system. Specifically, a target node may be created in the virtual file system, and is used to set the protection identifier of each of the plurality of partitions.
As shown in fig. 3, a system partition protection module may be newly added in a kernel of an operating system, where the system partition protection module may specifically be a segment of program code, and a partition list may be defined in the system partition protection module, where the partition list may include, for example, a correspondence between a partition identifier and a protection identifier of each partition. At the application layer, a setting command may be sent to the system partition protection module through a target node provided by the virtual file system of the operating system to set the protection identifier of the partition in the partition list. Optionally, the protection identifier of each partition in the system partition protection module may indicate that protection is not started by default, and further, the protection identifier may be set to indicate that protection is started by a target node provided by a virtual file system of the operating system.
Optionally, in order to implement that the protection identifier is set outside the initialization completion of the operating system, and is not set at other occasions than before the initialization completion of the operating system, the initialization process is a process that only allows access to the target node. Taking the android system as an example, by setting a mandatory access (selinux) policy for a target node, an initialization process is realized as a process which is only allowed to access the target node.
In this step, as shown in fig. 3, for example, a write command may be generated by an application program (App) of the application layer, and sent to a specific core of the kernel of the operating system, where the specific core is a general entry for all block devices in the kernel to operate.
In this step, optionally, it may be determined whether a system partition protection module exists first, and if the system partition protection module does not exist, it may be determined that the protection identifier of the target partition indicates that protection of the target partition is not started. If the system partition protection module exists, further, the protection identifier of the target partition can be obtained from a partition list in the system partition protection module.
It should be noted that step 204 is similar to step 103, and is not described herein again.
It should be noted that step 204 is completed and then ended.
In this step, since the write operation specifically refers to an operation of writing data into the storage device, the write operation allowed herein may specifically be an operation of allowing data to be written into the storage device. It should be noted that the present invention is not limited to the specific manner of allowing the write operation. Optionally, the write command may be sent to a driver of the corresponding storage device.
Optionally, step 103 may specifically include: and if the protection identifier of the target partition indicates that the protection of the target partition is not started, allowing the write operation by the operating system. As shown in fig. 3, assuming that the write command is for writing data to a partition of a MultiMedia Memory Card (MMC), the write command issued by the App may be passed to a driver of the MMC, i.e., an MMC driver, via a specific core.
In the partition protection method provided in this embodiment, the protection identifiers of the plurality of partitions are set in an initialization process, where the initialization process is used to initialize the operating system, so that the protection identifiers of the partitions are set before the initialization of the operating system is completed.
Fig. 4 is a flowchart of a third embodiment of a partition protection method according to the embodiment of the present invention, and this embodiment mainly describes an optional trigger condition for triggering setting of respective protection identifiers of multiple partitions in the initialization process on the basis of the embodiment shown in fig. 2. As shown in fig. 4, the method of this embodiment may include:
In this step, the version of the terminal system may be divided into a formal release version and an informal release version. The official release version refers to an official release version which can be used by a wide range of users. And the informal release version refers to a version which is not released by an official and cannot be used by a wide range of users. The informal release version may be, for example, a debug version, a factory production version, a recovery (recovery) version, or the like.
Here, considering that the probability of the defect of the terminal system of the informal release version is high, a developer needs to modify the terminal system to overcome the defect, while the terminal system of the formal release version is usually not allowed to be tampered, so that in order to facilitate modification of the terminal system of the informal release version, before setting the protection identifier of the partition, it may be determined whether the version of the terminal system is the formal release version.
In this step, when the version of the terminal system is the official release version, the protection identifier of the partition is set in the initialization process, so that the protection of the partition for starting protection in the terminal system for the official release version is realized, that is, the data in the partition for starting protection is not allowed to be modified. When the version of the terminal system is not the informal release version, the protection identifier of the partition is not set in the initialization process, so that the data in all the partitions in the terminal system of the informal release version are allowed to be modified, and the terminal system is convenient for developers of the terminal system to optimize the terminal system.
In the partition protection method provided in this embodiment, whether the version of the terminal system is the official release version is determined in the initialization process, and if the version of the terminal system is the official release version, the respective protection identifiers of the plurality of partitions are set in the initialization process, so that on the basis of improving the security of the terminal system in the official release version, data in the partitions of the terminal system in the informal release version is allowed to be modified, thereby facilitating the terminal system to be optimized by a developer of the terminal system.
Fig. 5 is a schematic structural diagram of a partition protection device according to an embodiment of the present invention, where the device provided in this embodiment may be applied to the foregoing method embodiment to implement a terminal function thereof. As shown in fig. 5, the apparatus of the present embodiment may include: a generation module 501, a determination module 502 and a blocking module 503. Wherein the content of the first and second substances,
a generating module 501, configured to generate a write command according to a write operation triggered by a user, where the write command is used to instruct to write data to a target partition;
a determining module 502, configured to determine, according to the write command, a protection identifier of the target partition, where the protection identifier is used to indicate whether to start protection of the target partition, and the protection identifier is set before initialization of an operating system is completed;
a blocking module 503, configured to block the write operation if the protection identifier of the target partition indicates that protection of the target partition is started.
In one possible implementation, the apparatus further comprises:
a setting module 504, configured to set respective protection identifiers of the multiple partitions in an initialization process, where the initialization process is used to initialize the operating system.
In a possible implementation, the setting module 504 is specifically configured to set, in the initialization process, the protection identifier of each of the plurality of partitions through a target node provided by a virtual file system of the operating system, where the target node is an entry provided by the virtual file system and used for setting the protection identifier of the partition.
In one possible implementation, the initialization process is the only process that is allowed to access the target node.
In one possible implementation, the setting module 504 is specifically configured to:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
In one possible implementation, the apparatus further comprises: an allowing module 505, configured to allow the write operation if the protection identifier of the target partition indicates that protection of the target partition is not started.
The apparatus of this embodiment may be used to implement the technical solutions of the above method embodiments, and its implementation principles and technical effects are similar, and are not described herein again.
Fig. 6 is a schematic structural diagram of an embodiment of a terminal provided in the embodiment of the present invention, and as shown in fig. 6, the terminal of this embodiment may include: a processor 601 and a memory 602 for storing computer instructions.
Wherein, the processor 601 executes the computer instructions to execute the following method:
generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
determining a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition and is set before initialization of an operating system is completed;
and if the protection identifier of the target partition indicates that the protection of the target partition is started, the write operation is prevented.
In one possible implementation, the method further comprises: and setting respective protection identifiers of a plurality of partitions in an initialization process, wherein the initialization process is used for initializing the operating system.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, the respective protection identifiers of the plurality of partitions are set through a target node provided by a virtual file system of the operating system, and the target node is an entry provided by the virtual file system and used for setting the protection identifiers of the partitions.
In one possible implementation, the initialization process is the only process that is allowed to access the target node.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
In one possible implementation, the method further comprises:
and if the protection identifier of the target partition indicates that the protection of the target partition is not started, allowing the write operation.
An embodiment of the present invention further provides a storage medium, where when an instruction in the storage medium is executed by a processor of a terminal, the terminal is enabled to execute a partition protection method, where the method includes:
generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
determining a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition and is set before initialization of an operating system is completed;
and if the protection identifier of the target partition indicates that the protection of the target partition is started, the write operation is prevented.
In one possible implementation, the method further comprises: and setting respective protection identifiers of a plurality of partitions in an initialization process, wherein the initialization process is used for initializing the operating system.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, the respective protection identifiers of the plurality of partitions are set through a target node provided by a virtual file system of the operating system, and the target node is an entry provided by the virtual file system and used for setting the protection identifiers of the partitions.
In one possible implementation, the initialization process is the only process that is allowed to access the target node.
In a possible implementation, the setting, in the initialization process, the protection identifier of each of the plurality of partitions includes:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
In one possible implementation, the method further comprises:
and if the protection identifier of the target partition indicates that the protection of the target partition is not started, allowing the write operation.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. A partition protection method, comprising:
generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
determining a protection identifier of the target partition according to the write command, wherein the protection identifier is used for indicating whether to start protection of the target partition and is set before initialization of an operating system is completed;
and if the protection identifier of the target partition indicates that the protection of the target partition is started, the write operation is prevented.
2. The method of claim 1, further comprising: and setting respective protection identifiers of a plurality of partitions in an initialization process, wherein the initialization process is used for initializing the operating system.
3. The method according to claim 2, wherein the setting of the protection identifier of each of the plurality of partitions in the initialization process includes:
in the initialization process, the respective protection identifiers of the plurality of partitions are set through a target node provided by a virtual file system of the operating system, and the target node is an entry provided by the virtual file system and used for setting the protection identifiers of the partitions.
4. The method of claim 3, wherein the initialization process is the only process that is allowed to access the target node.
5. The method according to any one of claims 2-4, wherein setting the protection identifier of each of the plurality of partitions in the initialization process comprises:
in the initialization process, judging whether the version of the terminal system is a formal release version;
and if the version of the terminal system is a formal release version, setting respective protection identifiers of a plurality of partitions in the initialization process.
6. The method of claim 1, further comprising:
and if the protection identifier of the target partition indicates that the protection of the target partition is not started, allowing the write operation.
7. A zonal protection device, comprising:
the generating module is used for generating a write command according to write operation triggered by a user, wherein the write command is used for indicating to write data to a target partition;
a determining module, configured to determine, according to the write command, a protection identifier of the target partition, where the protection identifier is used to indicate whether to start protection of the target partition, and the protection identifier is set before initialization of an operating system is completed;
and the blocking module is used for blocking the write operation if the protection identifier of the target partition indicates that the protection of the target partition is started.
8. The apparatus of claim 7, further comprising:
the device comprises a setting module, a protection identification setting module and a protection identification setting module, wherein the setting module is used for setting the protection identification of each of a plurality of partitions in an initialization process, and the initialization process is used for initializing the operating system.
9. A terminal, comprising:
a processor and a memory for storing computer instructions; the processor executes the computer instructions to perform the method of any of claims 1-6.
10. A non-transitory computer readable storage medium, wherein instructions in the storage medium, when executed by a processor of a terminal, enable the terminal to perform the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811313046.3A CN111143246A (en) | 2018-11-06 | 2018-11-06 | Partition protection method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811313046.3A CN111143246A (en) | 2018-11-06 | 2018-11-06 | Partition protection method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111143246A true CN111143246A (en) | 2020-05-12 |
Family
ID=70515875
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811313046.3A Pending CN111143246A (en) | 2018-11-06 | 2018-11-06 | Partition protection method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111143246A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1952869A (en) * | 2005-10-21 | 2007-04-25 | 国际商业机器公司 | Apparatus, system, and method for writing data to protected partitions of storage media |
| CN104268462A (en) * | 2014-09-25 | 2015-01-07 | 福建联迪商用设备有限公司 | Sub-zone protecting method and device of Android system |
-
2018
- 2018-11-06 CN CN201811313046.3A patent/CN111143246A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1952869A (en) * | 2005-10-21 | 2007-04-25 | 国际商业机器公司 | Apparatus, system, and method for writing data to protected partitions of storage media |
| CN104268462A (en) * | 2014-09-25 | 2015-01-07 | 福建联迪商用设备有限公司 | Sub-zone protecting method and device of Android system |
Non-Patent Citations (1)
| Title |
|---|
| 李志忠: "硬盘任意分区写保护标签的设计与实现", 《微计算机应用》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109542518B (en) | Chip and method for starting chip | |
| KR102546601B1 (en) | Method and apparatus for protecting kernel control-flow integrity using static binary instrumentaiton | |
| CN108763099B (en) | System starting method and device, electronic equipment and storage medium | |
| US20190102566A1 (en) | Linux based android container platform, device equipped with the same and method for apply security system in linux based android container environment | |
| US10599419B2 (en) | Secure firmware updates using virtual machines to validate firmware packages | |
| US11281768B1 (en) | Firmware security vulnerability verification service | |
| US8499202B2 (en) | Method and system for recovery of a computing environment during pre-boot and runtime phases | |
| KR20160110504A (en) | Initialization trace of a computing device | |
| EP3543886A1 (en) | Data integrity verification in a non-volatile memory during secure boot | |
| US20180075259A1 (en) | Systems and methods for secure machine for hardware security module (hsm) adapter | |
| CN114721493B (en) | Chip starting method, computer equipment and readable storage medium | |
| CN112596950A (en) | Virtual machine data backup method, device, equipment and storage medium | |
| US10719456B2 (en) | Method and apparatus for accessing private data in physical memory of electronic device | |
| CN106951771B (en) | Mobile terminal using method of android operating system | |
| US10649787B2 (en) | Exception handling involving emulation of exception triggering data transfer operation using syndrome data store that includes data value to be transferred | |
| CN113467981A (en) | Exception handling method and device | |
| WO2020006911A1 (en) | Hybrid app interface calling method and device, and computer-readable storage medium | |
| CN111143246A (en) | Partition protection method, device, equipment and storage medium | |
| CN111835513B (en) | Method, device and equipment for updating certificate data | |
| CN106203087B (en) | Injection protection method, system, terminal and storage medium | |
| CN110941843B (en) | Encryption implementation method, device, equipment and storage medium | |
| CN110968852B (en) | Virtual machine password management method, system, equipment and computer storage medium | |
| CN110515751B (en) | Method and system for loading and running VxWorks real-time protection process | |
| CN111124935B (en) | Physical memory data leakage detection method and device based on virtualization platform | |
| CN111159716B (en) | Safety protection method and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200512 |