CN112084112B - Thermal patch testing method, device and server - Google Patents

Abstract

The invention provides a method, a device and a server for testing a hot patch, which are used for determining a first expected instruction sequence and a first actual instruction sequence of a first calling instruction based on an instruction starting address of the first calling instruction, a first instruction length and a function address of a repair function, and determining that hot patch is effective if the first expected instruction sequence and the first actual instruction sequence are matched. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

Description

Thermal patch testing method, device and server

Technical Field

The present invention relates to the field of software development technologies, and in particular, to a method, an apparatus, and a server for testing a hot patch.

Background

The hot patch can repair the defects of the current software version of the equipment under the condition that the equipment and the service are not restarted; for example, hot patch Ding Jishu may be used to hot fix vulnerabilities that exist in the Linux kernel. The thermal patch is typically completed by the thermal patch fabrication tool, so the correctness of the thermal patch is also relevant to the fabrication tool; if the thermal patch exceeds the processable technical range of the manufacturing tool, the manufactured thermal patch is easy to cause incomplete functions, and when the bug is repaired by using the thermal patch with incomplete functions, a new bug can be introduced into the repaired software, which threatens the safety and stability of the software. In the related art, the method for testing the correctness of the hot patch mainly adopts a method for attempting to reproduce the original loopholes to verify the validity of the hot patch, but the application scene of part of software is complex, the triggering condition is harsh, the loophole reproduction cost is high, and meanwhile, whether the new loopholes are introduced into the hot patch is difficult to check.

Disclosure of Invention

The invention aims to provide a method, a device and a server for testing a thermal patch, so as to reduce the cost of verification of a thermal patch function and check whether a new vulnerability is introduced into the thermal patch.

The invention provides a method for testing hot-patch, which comprises the following steps: acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the hot patch is used for repairing the objective function; and if the first expected instruction sequence is matched with the first actual instruction sequence, determining that the hot-fill is effective.

Further, the step of obtaining the first expected instruction sequence and the first actual instruction sequence of the first call instruction after the target function is repaired based on the first instruction start address and the first instruction length of the first call instruction and the function address of the repair function in the preset hot patch comprises the following steps: determining a first expected instruction sequence of the first calling instruction after the target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of the repairing function; and after the target function is repaired, inquiring a first actual instruction sequence of the first calling instruction.

Further, the step of determining the first expected instruction sequence of the first call instruction after the target function is repaired based on the first instruction start address and the first instruction length of the first call instruction and the function address of the repair function includes: calculating the sum of the first instruction starting address and the first instruction length to obtain a first calculation address; subtracting the first calculation address from the function address of the repair function to obtain an instruction offset corresponding to the repair function; a first expected instruction sequence of the first call instruction is determined based on the instruction offset.

Further, the step of querying the first actual instruction sequence of the first call instruction after the objective function is repaired includes: writing the first instruction starting address into a first operation object, triggering a write-back function corresponding to the first operation object, converting the first instruction starting address into a first instruction starting address with a preset format, and storing the first instruction starting address into a memory; writing the first instruction length into a second operation object, triggering a write-back function corresponding to the second operation object, converting the first instruction length into a first instruction length in a preset format, and storing the first instruction length into a memory; triggering a write-back function corresponding to a third operation object to start from a first instruction starting address in the preset format, reading an instruction sequence in the preset format according to a first instruction length in the preset format, and converting the instruction sequence in the preset format into the first actual instruction sequence; querying the first actual instruction sequence.

Further, the step of determining that the hot-fill is effective includes: if the repair function comprises a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function; the repair function is used for calling the first function through the second calling instruction; and if the second expected instruction sequence is matched with the second actual instruction sequence, determining that the hot-fill is effective.

Further, the first calling instruction is contained in an instruction corresponding to the second function; the second function is used for calling the target function or the repair function through the first calling instruction; after the step of determining that the hot-fill is effective, the method further comprises: calling the second function to obtain an output result of the second function; and determining whether the function of the thermal patch is correct based on the output result.

Further, the step of calling the second function to obtain an output result of the second function includes: inquiring the function address of the second function and calling the number of parameters to be transferred of the second function; based on the number of the parameters, acquiring parameters to be transferred when the second function is called;

Writing the function address into a fourth operation object, triggering a write-back function corresponding to the fourth operation object, converting the function address into a function address with a preset format, and storing the function address into a memory; writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory; and calling the second function based on the function address in the preset format and the parameters in the preset format to obtain an output result of the second function.

Further, the number of parameters includes a plurality of parameters; the fifth operation object includes a plurality of;

The step of writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory comprises the following steps: and writing the parameters into a fifth operation object corresponding to the parameters aiming at each parameter, triggering a write-back function corresponding to the fifth operation object corresponding to the parameters, converting the parameters into parameters in a preset format, and storing the parameters into a memory.

Further, the step of calling the second function based on the function address in the preset format and the parameter in the preset format to obtain an output result of the second function includes: triggering a write-back function corresponding to a sixth operation object to call the second function based on the function address in the preset format; and obtaining an output result of the second function based on the parameters in the preset format.

Further, the step of obtaining the output result of the second function based on the parameter in the preset format includes: inputting the parameters in the preset format into the second function to obtain an output result in the preset format of the second function; assigning the output result in the preset format to a seventh operation object; and triggering a read callback function corresponding to the seventh operation object to convert the output result in the preset format into the output result of the second function.

Further, before the step of determining whether the function of the thermal patch is correct based on the output result, the method further includes: inquiring the function address of the second function and calling the number of parameters to be transferred of the second function; based on the number of the parameters, acquiring parameters to be transferred when the second function is called; the step of determining whether the function of the thermal patch is correct based on the output result includes: determining an expected calculation of the second function based on the parameter; and if the output result is matched with the expected calculation result, determining that the function of the thermal patch is correct.

The invention provides a testing device for hot-patch, which comprises: the system comprises an acquisition module, a first execution module and a second execution module, wherein the acquisition module is used for acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the hot patch is used for repairing the objective function; and the determining module is used for determining that the hot-fill is effective if the first expected instruction sequence is matched with the first actual instruction sequence.

The invention provides a server, comprising a processor and a memory, wherein the memory stores machine executable instructions capable of being executed by the processor, and the processor executes the machine executable instructions to realize the testing method of the thermal patch.

The present invention provides a machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement a method of testing a thermal patch as described in any one of the preceding claims.

According to the method, the device and the server for testing the hot patch, the first expected instruction sequence and the first actual instruction sequence of the first calling instruction are obtained after the target function is repaired based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot patch; and if the first expected instruction sequence and the first actual instruction sequence are matched, determining that the hot-fill is effective. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of a basic principle of a hot-patch according to an embodiment of the present invention;

FIG. 2 is a flowchart of a method for testing a thermal patch according to an embodiment of the present invention;

FIG. 3 is a flowchart of another method for testing a thermal patch according to an embodiment of the present invention;

FIG. 4 is a flowchart of another method for testing a thermal patch according to an embodiment of the present invention;

FIG. 5 is a flowchart of another method for testing a thermal patch according to an embodiment of the present invention;

FIG. 6 is a flowchart of another method for testing a thermal patch according to an embodiment of the present invention;

FIG. 7 is a schematic structural diagram of a testing device for hot-patch according to an embodiment of the present invention;

Fig. 8 is a schematic structural diagram of a server according to an embodiment of the present invention.

Detailed Description

The technical solutions of the present invention will be clearly and completely described in connection with the embodiments, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

Patches are understood to be packages used to repair a defect, and are some codes capable of repairing software or hardware vulnerabilities, and are a way to repair defects of software versions of products quickly and at low cost. The main advantage of the thermal patch (hotfix) over upgrading the software version is that it does not interrupt the service that the device is currently running, i.e. the defect of the current software version of the device can be repaired without restarting the device or servicing.

In the prior art, a hot patch technology is generally adopted to perform hot repair on holes (bug) existing in a Linux (an open source computer operating system kernel) kernel. The current tools for making thermal patches mainly include ksplice (a tool that can apply patches to kernels at runtime) and kpatch, where kpatch is open source software released by an open source community that can obtain tool source code freely. The hot patch is usually manufactured by a manufacturing tool of the hot patch, so that the correctness of the hot patch is also related to the manufacturing tool, and is limited by the technology of the manufacturing tool, if the hot patch exceeds the technical range which can be processed by the manufacturing tool, the hot patch is easy to cause incomplete functions, new loopholes can be introduced into repaired software, and the safety and the stability of a Linux kernel are more threatened.

For example: the bug exists in the original kernel function A; correspondingly, the function in the hot patch after bug repair is B. Assuming that there are three addresses (x, y, z) in function A to be relocated, where x, y are present in the bug core code and z is present in the non-core code, there is no direct corollary to the cause of the bug, but a correct relocation is still required. If the current kpatch hot patch cannot handle the technology involved in z because of the kernel mechanism and its own functional limitations, in hot patch Ding Guocheng, it is not possible to complete repositioning z in function B, but only x and y in function B. In this case, the function B in the hot-patch is a function deficiency.

The current method for testing the correctness of the hot patch mainly adopts a method for attempting to reproduce the original bug, so that the validity of the hot patch is verified, namely, the problem can be reproduced by executing the reproduction operation before the hot patch is not printed; after the hot patch is beaten, the reproduction operation is executed again, and if the problem is reproduced, the hot patch is invalid; if the original problem is no longer reproduced, the hot patch is indicated to be effective. However, part of kernel bug application scenes are complex, the triggering condition is harsh, the reproduction cost is high, the hot patch test cost becomes difficult to estimate, and meanwhile, whether a new problem is introduced into the hot patch is difficult to check in a targeted manner.

As described in the above example, if the hot patch test is insufficient, only the function of correctly repositioning x and y in the function B repairing the kernel bug is verified, but the problem that z in the function B cannot be correctly repositioned is not tested from the application scenario, it is possible to install the hot patch with incomplete function into the kernel, and at the same time, it is possible to introduce new hidden trouble to the repaired software while repairing the kernel bug. Based on the above, the embodiment of the invention provides a hot patch testing method, a hot patch testing device and a server, and the technology can be applied to the application of verifying the hot patch, and particularly can be applied to the verification of the hot patch in a Linux kernel.

For ease of understanding the present embodiment, the basic principles of the thermal patch will be briefly described below, and the hot-patch present principles described herein are merely for illustrating the testing functions and testing methods of the testing tool, and do not represent the actual working principles of the current kpatch hot-patch, but rather the actual kpatch working principles are more complex than the hot-patch principles described herein. As shown in FIG. 1, before the hot patch, the function containing the bug is FuncA (bug), and a function call instruction call calls the function, namely call FuncA (bug); after the hot patch is performed, the function repairing the bug is FuncA (repair), and the main purpose of the hot patch is to modify call FuncA (bug) instructions at the original calling function so that the function in the hot patch is actually called by the repair.

Assuming that the address of the original FuncA (bug) is 0xFFFFFFFF22334488 and the FuncA (repair) in the hot patch is 0xFFFFFFFF55667788, before the hot patch is made, the function call instruction is call0 xFFFFFFFFFF 22334488, and the call instruction is modified to call0 xFFFFFFFFFFFF 55667788 after the hot patch is made, that is, the function FuncA (repair) in the hot patch is used to replace the original function FuncA (bug) to repair the bug in the original function FuncA (bug).

The following describes a method for testing a thermal patch disclosed in the embodiment of the present invention in detail; as shown in fig. 2, the method comprises the steps of:

Step S202, acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the thermal patch is used to repair the objective function.

The objective function can be understood as a function with bug in software, such as a function with bug in Linux kernel; the first call instruction may be understood as an instruction that may execute a call instruction or the like that calls other subroutines; the first instruction start address may be understood as an address of a first byte in the first call instruction, and the first instruction start address is generally expressed in hexadecimal format; the first instruction length may be understood as a byte length of the first call instruction; the repair function can be understood as a function obtained after repairing the bug in the objective function by the hot patch; the function address of the repair function can be understood as an address corresponding to the repair function in the hot patch, and the address is also generally expressed in hexadecimal format; the above instruction sequence may be understood as a machine instruction code, which may be used to represent instructions in an instruction set.

When the method is actually implemented, before the target function is repaired by the hot-patch, the target function can be called by the first calling instruction, and after the target function is repaired by the hot-patch, the repairing function can be called by the first calling instruction; after the target function is repaired by using the hot patch, a first expected instruction sequence and a first actual instruction sequence of the first calling instruction can be determined based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of the repair function, wherein the first expected instruction sequence can ensure that the first calling instruction calls the repair function in the hot patch, and the first expected instruction sequence can be calculated by selecting a proper mode according to actual requirements; the first actual instruction sequence may be understood as an actual instruction sequence actually calculated by running in the kernel memory.

In step S204, if the first expected instruction sequence and the first actual instruction sequence match, it is determined that the hot-fill is effective.

In actual implementation, after the obtained objective function is repaired, the first actual instruction sequence obtained by calculation is actually run in the kernel memory, and may be matched with the first expected instruction sequence or may not be matched with the first expected instruction sequence, if the first actual instruction sequence is not matched with the first expected instruction sequence, it is generally indicated that a hot patch is not normally applied, hot patch is invalid, and the function of the corresponding hot patch is incorrect; if the first actual instruction sequence matches the first expected instruction sequence, indicating that a hot-patch is normally applied, the hot-patch may be determined to be in effect.

According to the test method of the hot patch, provided by the embodiment of the invention, based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot patch, a first expected instruction sequence and a first actual instruction sequence of the first calling instruction are obtained after the target function is repaired; and if the first expected instruction sequence and the first actual instruction sequence are matched, determining that the hot-fill is effective. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

The embodiment of the invention also provides another hot patch testing method, which is realized on the basis of the method of the embodiment; the method mainly describes specific processes of a first expected instruction sequence and a first actual instruction sequence of a first call instruction after an objective function is repaired based on a first instruction starting address and a first instruction length of the first call instruction and a function address of a repair function in a preset hot patch, and specifically corresponds to the following steps S302 to S304, as shown in fig. 3, and the method comprises the following steps:

Step S302, determining a first expected instruction sequence of the first call instruction after the target function is repaired based on the first instruction start address and the first instruction length of the first call instruction and the function address of the repair function.

The first instruction start address may be understood as an address of a first instruction in the first call instruction, generally expressed in hexadecimal format, and the instruction length may be understood as a byte length of the first call instruction. For example, taking a first call instruction as a call instruction, wherein the instruction start address of the call instruction is 0xFFFFFFFF11111188, and for an X86 series, one call instruction has an instruction code of 0xE8 and an instruction length of 5 Bytes, namely 5 bytes; the call instruction code occupies the first byte of the 5 bytes, and the other 4 bytes represent an offset; instruction start address=0xffffffff11111111188+5 of the next instruction after the call instruction; the format and instruction length of the instruction sequence to which the call instruction corresponds are typically different for different series.

In practical implementation, the first instruction start address may be obtained in two ways, including but not limited to: one way is to obtain from a core symbol table in the currently running core, where the core symbol table can be understood as a symbol table of functions and variables that can be referenced externally in the internal functions or variables of the core; alternatively, after compiling the first instruction starting address, the first instruction starting address may be obtained before the kernel runs; the function address of the objective function or the function address of the repair function in the application can refer to the two acquisition modes, and some addresses need to be acquired during the running of the kernel; some addresses may be available in a static state after compilation, before the kernel runs. It should be noted that, the function address of the repair function in the hot patch can only be determined when the kernel runs, and cannot be determined before the kernel runs, and a corresponding address space is generally reserved, for example, if the function address is 8 bytes, the kernel runs and then reserves 8 bytes of address space, and a specific function address is filled when the kernel checks to run.

Specifically, the step S302 may be implemented by the following steps one to three:

step one, calculating the sum of a first instruction starting address and a first instruction length to obtain a first calculation address.

For ease of understanding, the following description uses the first call instruction as a call instruction, where the first instruction start address of the call instruction is 0xFFFFFFFF11111188 bytes, the function address of the repair function is 0xFFFFFFFF55667788, and the sum of the first instruction start address and the first instruction length, that is, (0xffffffffff11111111188+5), is first calculated to obtain a first calculation address, where the first calculation address may also be understood as the instruction start address of the next instruction after the call instruction, and the first calculation address is also usually in hexadecimal format.

And step two, subtracting the first calculation address from the function address of the repair function to obtain the instruction offset corresponding to the repair function.

The instruction offset can be understood as the offset corresponding to the jump to the repair function by calling the instruction; in actual implementation, the function address of the repair function and the first calculation address can be subtracted to obtain the instruction offset corresponding to the repair function; i.e., instruction offset 0x445565FB = 0 xffffffffff 55667788- (0 xffffffff11111188+5).

Step three, a first expected instruction sequence of the first call instruction is determined based on the instruction offset.

In actual implementation, the data storage mode in the Linux kernel memory is usually a small-end mode storage, the small-end mode can be understood that the high byte of the data is stored in the high address of the memory, the low byte of the data is stored in the low address of the memory, and according to the instruction offset obtained through calculation, the expected instruction sequence of the call instruction after the hot patch can be determined to be 0x E8 FB 65 55 44, wherein 0x represents hexadecimal, E8 corresponds to a call instruction, the called functions are different, the four bytes at the back are usually different, the instruction offset is also different, and the purpose of the hot patch is to expect to call the actual repair function in the hot patch to be called through dynamic adjustment of the four bytes at the back.

Usually, before repairing the target function, the original first expected instruction sequence of the first calling instruction can be determined before the current function is repaired; when the original first expected instruction sequence is calculated, the first instruction starting address and the first instruction length which are the same as those in the first step are adopted, and the calculation mode can be as follows: subtracting the first calculation address calculated in the step one from the function address of the objective function to obtain the instruction offset corresponding to the objective function; determining an original first expected instruction sequence before heating the patch based on the instruction offset corresponding to the objective function; assuming that the function address of the objective function before repair is 0 xffffffffff 22334488, the instruction offset corresponding to the objective function is 0x112232 fb=0 xffffffffff 22334488- (0 xffffffffff11111188+5); according to the instruction offset corresponding to the objective function, the original first expected instruction sequence of the first calling instruction before the hot patch is determined to be 0x E8 FB 32 22 11.

In step S304, after the target function is repaired, the first actual instruction sequence of the first call instruction is queried.

Specifically, the step S304 may be implemented by the following steps four to seven:

And step four, writing the first instruction starting address into the first operation object, triggering a write-back function corresponding to the first operation object, converting the first instruction starting address into a first instruction starting address with a preset format, and storing the first instruction starting address into a memory.

The first operation object may be a begin operation object, or may be another operation object that can implement the same function as the begin operation object; the preset format is usually a binary format; for convenience of explanation, taking the first operation object as an example, the begin operation object generally corresponds to a memory start address where information needs to be read, such as the first instruction start address of the first call instruction; when the begin operation object is created, writable and readable rights are usually designated, if the readable rights are set only for the begin operation object and the writable rights are not set, only the content in the begin operation object can be read, but the content in the begin operation object cannot be set, and if the writable rights are set at the same time, the start address in the begin operation object can be set and the start address can be read.

The begin operation object is generally provided with a corresponding write-back function and a corresponding read-back function, wherein the write-back function can convert an address in hexadecimal format into an address in binary format and store the address in memory in a kernel space; the read callback function may implement address return that translates the binary format address stored in kernel space memory to hexadecimal format.

In actual implementation, after the target function is repaired and the first instruction start address in hexadecimal format is written into the begin operation object, for example, "echo 0xffffffff11111188> begin# sets the instruction start address to be queried", a write-back function corresponding to the begin operation object is usually triggered, and the write-back function converts the first instruction start address in hexadecimal format into the first instruction start address in binary format and stores the first instruction start address in a memory of a kernel space, where echo commands can be used for some batch commands to be annotated to positions seen by a user, and can play a role in displaying or annotating.

And fifthly, writing the first instruction length into a second operation object, triggering a write-back function corresponding to the second operation object, converting the first instruction length into a first instruction length in a preset format, and storing the first instruction length into a memory.

The second operation object may be a len operation object or another operation object capable of realizing the same function as the len operation object; the above-mentioned preset format is also usually a binary format; for convenience of explanation, taking the second operation object as the len operation object, the len operation object generally corresponds to the information length to be read, such as the first instruction length of the first call instruction; creating the len operation object will generally specify writable and readable rights; the len operation object is generally provided with a corresponding write-back function and a corresponding read-back function, wherein the write-back function can realize that the information length in hexadecimal format is converted into the information length in binary format, and the information length in hexadecimal format is stored in a memory in kernel space; the read callback function can convert the information length of the binary format stored in the kernel space memory into the information length of the hexadecimal format and return the information length; in actual implementation, after writing the instruction length in hexadecimal format into the len operation object, for example, "echo 0×5> len# sets the information length to be queried", a write-back function corresponding to the len operation object is usually triggered, and the write-back function converts the first instruction length in hexadecimal format into the first instruction length in binary format and stores the first instruction length in a memory of a kernel space.

Step six, triggering a write callback function corresponding to the third operation object, starting from a first instruction starting address in a preset format, reading an instruction sequence in the preset format according to the first instruction length in the preset format, and converting the instruction sequence in the preset format into a first actual instruction sequence.

The third operation object may be a read operation object or another operation object capable of realizing the same function as the read operation object; the above-mentioned preset format is also usually a binary format; for convenience of explanation, taking the third operation object as a read operation object, the read operation object is generally used to trigger an information reading action. Creating the read operation object typically specifies writable permissions; the read operation object is generally provided with a corresponding write-back function, and the write-back function can convert the binary format data of the len length from the begin corresponding address in the kernel address space into the hexadecimal format data, and the hexadecimal format data is printed and output to the log file through the existing function printk of the kernel, wherein the printk can be understood as a function which is operated in the kernel and outputs and displays to a console or the log file; when in actual implementation, preset information can be written into the read operation object, namely a write callback function of the read operation object can be triggered; for example, 1 in hexadecimal format can be written, namely, "echo 0x1> read# triggers a callback function, reads specified information"; the write callback function of the read operation object can read the corresponding binary format instruction sequence in the memory according to the binary format first instruction length from the binary format first instruction start address in the kernel memory according to the set first instruction start address and the first instruction length in the steps, and convert the read binary format instruction sequence into the hexadecimal format first actual instruction sequence and display the hexadecimal format first actual instruction sequence by taking bytes as a unit.

And step seven, inquiring the first actual instruction sequence.

And inquiring the first actual instruction sequence of the hexadecimal format of the first calling instruction.

Usually, before repairing the target function, the original first actual instruction sequence of the first calling instruction can be queried and recorded first, which is mainly used as backup, and the target function to be called is confirmed and can be compared after the hot patch is made; according to the above steps four to seven, the original first actual instruction sequence corresponding to the target function before repair is queried, the queried original first actual instruction sequence should be the same as the original first expected instruction sequence, and still the function address of the target function before repair is 0xFFFFFFFF22334488, the first instruction start address of the call instruction is 0xFFFFFFFF11111188, the first instruction length is 5Byte, and the queried original first actual instruction sequence should be 0x E8 FB 32 22 11.

In step S306, if the first expected instruction sequence and the first actual instruction sequence match, it is determined that the hot-fill is effective.

For example, taking the first call instruction as a call instruction, the first instruction starting address of the call instruction is 0xFFFFFFFF11111188, the first instruction length is 5Byte, the function address of the repair function is 0xFFFFFFFF55667788, the first expected instruction sequence is 0x E8 FB 65 55 44, if the first actual instruction sequence is different from the first expected instruction sequence, it indicates that the hot patch is not successfully applied, the hot patch is invalid, and the hot patch function is incorrect; if the queried first actual instruction sequence is 0x E8 FB 65 55 44, namely the first actual instruction sequence is the same as the first expected instruction sequence, the result indicates that the hot-patch is successfully applied, and the hot-patch is effective.

According to the method for testing the hot patch, which is provided by the embodiment of the invention, according to the first instruction starting address, the first instruction length and the function address of the repair function, the instruction offset corresponding to the repair function is obtained, and then a first expected instruction sequence of the first calling instruction is determined; writing the first instruction starting address and the first instruction length into a corresponding first operation object and a corresponding second operation object respectively, converting the first instruction starting address and the first instruction length into preset formats respectively through corresponding write-back functions, storing the preset formats into a memory, reading a first actual instruction sequence through triggering the write-back functions corresponding to a third operation object, and determining that the hot-fill is effective if a first expected instruction sequence and the first actual instruction sequence are matched. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

The embodiment of the invention also provides another hot patch testing method, which is realized on the basis of the method of the embodiment; the method focuses on the specific process of determining that the thermal patch is effective, and specifically corresponds to the following steps S406 to S408, as shown in fig. 4, and the method includes the following steps:

Step S402, acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the thermal patch is used to repair the objective function.

In step S404, if the first expected instruction sequence matches the first actual instruction sequence, it is determined whether the repair function includes the second call instruction.

Step S406, if the repair function includes a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction start address and a second instruction length of the second call instruction and a function address of the first function; the repair function is used for calling the first function through the second calling instruction.

The second call instruction may be understood as an instruction that may execute a call instruction or the like that calls other subroutines; the second instruction start address may be understood as an address of the first instruction in the second call instruction, and the second instruction start address is generally expressed in hexadecimal format; the second instruction length may be understood as a byte length of the second call instruction; the first function can be understood as a function which needs to be called in the execution process of the repair function, and the number of the first function can be one or a plurality of the first functions, and can be specifically set according to actual requirements; the function address of the first function is also typically represented in hexadecimal format.

In actual implementation, before the target function is repaired, other functions may need to be called in the execution process of the target function, such as the first function, and after the target function is repaired, the obtained repair function still needs to call the first function; if the first function needs to be called, the instruction corresponding to the repair function generally comprises a second calling instruction corresponding to the first function, so that the first function is called through the second calling instruction; determining a second expected instruction sequence and a second actual instruction sequence of the second call instruction based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function, wherein the second expected instruction sequence can ensure that the second call instruction in the repair function can be correctly called to the first function; the second actual instruction sequence can be understood as a real instruction sequence of a second call instruction in the repair function obtained by actual operation and calculation in the kernel memory.

In step S408, if the second expected instruction sequence and the second actual instruction sequence match, it is determined that the hot-fill is effective.

In actual implementation, after the objective function is repaired, actually running the calculated second actual instruction sequence in the kernel memory, wherein the second actual instruction sequence may be matched with the second expected instruction sequence or may not be matched with the second expected instruction sequence, if the second actual instruction sequence is not matched with the second expected instruction sequence, it is generally indicated that the thermal patch is not normally applied, the thermal patch is invalid, and the function of the corresponding thermal patch is incorrect; if the second actual instruction sequence is matched with the second expected instruction sequence, the repair function can be correctly called to the first function through the second calling instruction, the fact that the hot-patch is normally made is indicated, and the fact that the hot-patch is effective can be determined.

According to the method for testing the hot patch, provided by the embodiment of the invention, based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot patch, a first expected instruction sequence and a first actual instruction sequence of the first calling instruction are obtained after the target function is repaired; if the first expected instruction sequence is matched with the first actual instruction sequence, and if the repair function comprises a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function; and if the second expected instruction sequence and the second actual instruction sequence are matched, determining that the hot-fill is effective. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

The embodiment of the invention also provides another hot patch testing method, which is realized on the basis of the method of the embodiment; the method mainly describes a specific process of determining whether the function of the thermal patch is correct or not, and specifically corresponds to the following steps S506 to S508, wherein in the method, a first calling instruction is contained in an instruction corresponding to a second function; the second function is used for calling an objective function or a repair function through the first calling instruction; as shown in fig. 5, the method comprises the steps of:

step S502, based on a first instruction starting address and a first instruction length of a first calling instruction and a function address of a repair function in a preset hot patch, acquiring a first expected instruction sequence and a first actual instruction sequence of the first calling instruction after the target function is repaired; the first calling instruction is used for indicating to call the target function or the repair function; the thermal patch is used to repair the objective function.

In step S504, if the first expected instruction sequence and the first actual instruction sequence match, it is determined that the hot-fill is effective.

Step S506, calling a second function to obtain an output result of the second function.

The second function may be understood as a function requiring that the target function or the repair function is called by the first call instruction, specifically, the second function may call the target function by the first call instruction before the target function is repaired, and the second function may call the repair function by the first call instruction after the target function is repaired; in actual implementation, if the target function is repaired, the first actual instruction sequence obtained by actual operation calculation in the kernel memory is matched with the first expected instruction sequence, which indicates that the hot patch is normally applied, a second function can be called to obtain an output result of the second function.

Specifically, this step S506 may be implemented by the following steps eight to twelve:

And step eight, inquiring the function address of the second function and the number of parameters to be transferred when the second function is called.

In actual implementation, the number of parameters to be transferred for calling the second function can be obtained from the source code obtained in advance, for example, if the function of the second function is the sum of two parameters, the number of parameters to be called is 2; in actual implementation, the number of parameters is usually expressed in hexadecimal format, and the number of parameters required to be transferred by function call can be written in the para_cnt operation object, for example, "echo 0x2> para_cnt# sets the number of parameters to 2"; creating the para_cnt operation object usually specifies writable and readable rights; the para_cnt operation object is generally provided with a corresponding write-back function and a corresponding read-back function, wherein the write-back function can convert the number of parameters in hexadecimal format into the number of parameters in binary format, and the parameters are stored in a memory of a kernel space; the read callback function can convert the number of parameters in the binary format stored in the kernel space memory into the number of parameters in the hexadecimal format and return the number of parameters; after the hexadecimal parameter number is written into the para_cnt operation object, a write-back function corresponding to the para_cnt operation object is usually triggered, and the write-back function converts the hexadecimal format parameter number into the binary format parameter number and stores the binary format parameter number in a memory of a kernel space.

And step nine, acquiring parameters required to be transferred when the second function is called based on the number of the parameters.

In actual implementation, the parameters are generally expressed in hexadecimal format, based on the number of the parameters, the parameters required to be called by the second function can be obtained, if a plurality of parameters are preset, the parameters which meet the number of the parameters are generally selected from the first parameter in the plurality of parameters, and are determined to be the parameters required to be called; for example, if three parameters, 1, 2 and 3, are preset, and the number of parameters to be called by the second function is 2, the first two parameters, i.e. 1 and 2, of the three parameters may be determined as parameters to be called by the second function.

And step ten, writing the function address into a fourth operation object, triggering a write-back function corresponding to the fourth operation object, converting the function address into a function address with a preset format, and storing the function address into a memory.

The fourth operation object may be a func_addr operation object, or may be another operation object capable of realizing the same function as the func_addr operation object; the above-mentioned preset format is also usually a binary format; for convenience of explanation, taking a fourth operation object as a func_addr operation object, where the func_addr operation object generally corresponds to a called function address, such as the function address of the second function; creating the func addr operation object will generally specify writable and readable rights; the func addr operand is typically provided with a corresponding write callback function and read callback function, wherein the write callback function may implement converting the hexadecimal format function address into a binary format function address, and store in the memory of the kernel space. The read callback function can convert the binary format function address stored in the kernel space memory into hexadecimal format function address return. After writing the function address of the hexadecimal objective function into the func_addr operation object, the writing callback function corresponding to the func_addr operation object is triggered, and the writing callback function converts the function address of the hexadecimal objective function into the function address of the binary format of the objective function and stores the function address in the memory of the kernel space.

And step eleven, writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory.

The fifth operation object may be a para operation object, or may be another operation object capable of realizing the same function as the para operation object; the above-mentioned preset format is also usually a binary format; the number of the parameters can be one or a plurality of parameters, if the number of the parameters is a plurality of, each parameter usually corresponds to a fifth operation object, i.e. the fifth operation object correspondingly comprises a plurality of the fifth operation objects; for example, if there are three parameters, the respective corresponding fifth operation objects may be para_1, para_2, and para_3.

If the number of parameters includes a plurality of parameters; the fifth operation object includes a plurality of, and the step eleventh further includes: and writing the parameter into a fifth operation object corresponding to the parameter aiming at each parameter, triggering a write-back function corresponding to the fifth operation object corresponding to the parameter, converting the parameter into a parameter in a preset format, and storing the parameter into a memory.

For convenience of explanation, taking the fifth operation object as a para operation object as an example, parameters to be transferred for function call can be written in the para operation object, for example, "echo 0x1> param1# sets the function call parameter 1; echo 0x2> Para2# sets the function call parameter 2". When creating the para operation object, write-able and readable rights are usually specified; the para operation object is generally provided with a corresponding write-back function and a corresponding read-back function, wherein the write-back function can convert hexadecimal format parameters into binary format parameters and store the binary format parameters in a memory of a kernel space; the read callback function may implement parameter return that converts the binary format parameters stored in the kernel space memory to hexadecimal format. After writing the hexadecimal parameters into the para operation object, a write-back function corresponding to the para operation object is usually triggered, and the write-back function converts the hexadecimal parameters into binary parameters and stores the binary parameters in the memory of the kernel space.

And step twelve, calling a second function based on the function address in the preset format and the parameters in the preset format to obtain an output result of the second function.

Specifically, the step twelve can be realized by the following steps a to B:

And step A, triggering a write-back function corresponding to the sixth operation object to call a second function based on the function address in the preset format.

The sixth operation object may be a call operation object or another operation object capable of realizing the same function as the call operation object; for convenience of explanation, taking the sixth operation object as a call operation object, the call operation object may be used to trigger a simulated function call. The writable right is usually specified when the call operation object is created; the call operation object is generally provided with a corresponding write-back function, and the write-back function realizes indirect call to the designated function address; in actual implementation, the second function may be called by triggering a write callback function corresponding to the call operation object, where the address when the second function is called is the same address as the address of the second function before the target function is repaired; for example, if the address of the function func_ Adder of the second function is 0xFFFFFFFF11111180, after repairing the target function, the second function is still called through the address, so as to confirm whether the bug in the target function has been repaired.

And step B, obtaining an output result of the second function based on the parameters of the preset format.

This step B may be achieved by the following steps 50 to 52:

and 50, inputting the parameters in the preset format into the second function to obtain the output result in the preset format of the second function.

The preset format is usually a binary format; in actual implementation, the parameters meeting the preset format of the number of parameters can be transferred to the second function through a sixth operation object, such as a call operation object, so as to obtain an output result of the second function in the preset format; for example, if the function of the second function is to calculate the sum of two parameters, and the obtained parameters are 1 and 2, 1 and 2 in binary format are input to the second function, and an output result in binary format is obtained.

And step 51, assigning the output result in the preset format to the seventh operation object.

Step 52, triggering a read callback function corresponding to the seventh operation object to convert the output result in the preset format into the output result of the second function.

The seventh operation object may be a ret_value operation object, or may be another operation object capable of realizing the same function as the ret_value operation object; for convenience of explanation, taking the seventh operation object as a ret_value operation object as an example, the ret_value operation object generally corresponds to a function return value; creating the ret_value operation object usually specifies non-writable and readable rights; the ret_value operand is typically provided with a corresponding read callback function that may implement the conversion of the binary format return value into hexadecimal format return value return. In actual implementation, the output result in the binary format is usually assigned to a memory corresponding to the ret_value operation object, and a read callback function corresponding to the ret_value operation object is triggered to convert the output result in the binary format into an output result of a second function, where the output result of the second function is usually in hexadecimal format, and the output result in hexadecimal format is obtained by reading the ret_value operation object.

For example, if para_cnt is set to 3, the corresponding call format is: ret_value=func_addr (para_1, para_2, para_3); if para_cnt is set to 5, the corresponding call format is: ret_value=func_addr (para_1, para_2, para_3, para_4, para_5).

Step S508, determining whether the function of the thermal patch is correct based on the output result.

In actual implementation, whether the hot-fill function is correct may be determined based on the obtained output result of the second function, for example, if the output result of the second function matches the expected calculation result, the hot-fill Ding Gongneng is correct; if the output result of the second function does not match the expected calculation result, the hot-fill function is incorrect.

Usually, before repairing the objective function, the original output result of the second function before the objective function is repaired may be determined, the function address of the called second function may be written in the func_addr operation object, before the objective function is repaired, the number of parameters and parameters required for calling the second function are the same as those required for calling the second function after the objective function is repaired, the sum of the two parameters is calculated by referring to the function of the second function as an example, the number of parameters required by the second function is also two, and assuming that the two parameters are 1 and 2 respectively, the erroneous calculation result of the original output result of the second function is obtained by referring to the steps as the calculation result is 5.

Specifically, this step S508 may be implemented by the following steps thirteenth to fourteen:

and step thirteenth, based on the parameters, determining the expected calculation result of the second function.

The expected calculation result may be understood as the correct calculation result that should be obtained after the parameter is transferred to the second function; for example, if the function of the second function is to calculate the sum of two parameters, when the parameters called are 1 and 2, the expected calculation result should be 3.

Step fourteen, if the output result matches the expected calculation result, it is determined that the function of the thermal patch is correct.

In actual implementation, after the parameters are transferred to the second function, the output result obtained by actual operation calculation in the kernel memory may be matched with the expected calculation result or may not be matched with the expected calculation result, and if the output result of the second function is matched with the expected calculation result, the hot patching Ding Gongneng is correct; if the output result of the second function does not match the expected calculation result, the hot-fill function is incorrect.

According to the method for testing the hot patch, provided by the embodiment of the invention, based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot patch, a first expected instruction sequence and a first actual instruction sequence of the first calling instruction are obtained after the target function is repaired; if the first expected instruction sequence and the first actual instruction sequence are matched, determining that the hot patch is effective, calling a second function, and determining whether the function of the hot patch is correct or not based on the obtained output result. The method can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the method can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, so that the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

In order to further understand the above embodiments, another method for testing a thermal patch is provided below, where in the actual implementation, the method for testing a thermal patch may be implemented based on a testing auxiliary tool of the thermal patch, specifically, a targeted testing auxiliary tool may be developed according to the actual flow and technical implementation details of the manufacturing process of the thermal patch by using a kpatch tool, corresponding to different testing function modules, where each testing function module may be based on a kobject (a core part of a Linux device driving model may be embedded in a device and a driving related structure) frame, so as to test the processing result of each key technical processing link in the manufacturing process of the thermal patch by using the targeted test kpatch, thereby checking the correctness of the processing result; the kobject framework can provide an operation interface for a user state, an operation object generally has corresponding read-write attributes, whether the operation object can be read and/or written or not can be set when the operation object is created, a corresponding read callback function and/or a corresponding write callback function are set, the operation object is read and written through a root authority, the root authority is the highest authority of the user state, the user state cannot read contents in a kernel at will, the callback function works in the kernel state, the operation that the user state cannot finish can be completed without authority, and considering that data sources can be different, therefore, the read callback function and the write callback function between different operation objects are also different, and interaction of the operation object and the data in the kernel memory is realized based on the corresponding callback function.

Different test function modules can be compiled into kernel objects (ko) so as to be used or transplanted in different kernel versions, wherein kernel module files can move some functions of the kernel outside the kernel, the kernel can be inserted when the kernel needs to be used, and the kernel can be uninstalled when the kernel does not need to be used.

The test auxiliary tool mainly comprises two large test function modules, namely an information query module and a kernel function simulation call module, wherein the information query module can query random binary information in a kernel, such as a kernel instruction sequence or data and the like, and can query information with a fixed format, such as a memory address with an address format of 8 bytes and the like, and can judge a stored structure body in advance before reading according to the fixed format.

When the information query module is installed on the kernel, three operable objects, namely a begin operation object (corresponding to the first operation object), a len operation object (corresponding to the second operation object) and a read operation object (corresponding to the third operation object), can be created by using kobject frames; when the kernel function simulation call module is installed on the kernel, five classes of operable objects, namely a func_addr operation object (corresponding to the fourth operation object), a para_cnt operation object (corresponding to the fifth operation object), a call operation object (corresponding to the sixth operation object) and a ret_value operation object (corresponding to the seventh operation object), can be created by using a kobject framework, wherein the number of the para operation objects can be multiple.

The following provides a testing procedure using the information query module in the hot-patch test auxiliary tool, for convenience of explanation, it is assumed that the address of the original function call instruction is 0xFFFFFFFF11111188 (corresponding to the first instruction start address), the instruction code of call is 0xE8, the instruction length is 5Byte (corresponding to the first instruction length), the function address of the objective function before repair is 0 xffffffffff 22334488, and the function address of the repair function is 0xFFFFFFFF55667788; the instruction sequence before the hot patch is: 0x E8 FB 32 22 11; wherein the instruction offset 0x112232 fb=0 xffffffffff 22334488- (0 xffffffffff11111188+5). The instruction sequence after hot patching is as follows: 0x E8 FB 65 55 44; wherein the instruction offset 0x445565 fb=0 xffffffffff 55667788- (0 xffffffffff11111188+5).

Therefore, whether the expected hot patch is met or not can be judged by comparing the instruction sequence changes before and after the hot patch is met, if the expected hot patch is met, the hot patch is successfully applied, the hot patch is effective, and whether the function of the hot patch is correct can be continuously verified; if not, indicating that the hot patch is not successfully applied, the hot patch is not effective.

Test pseudocode written using test aids can be expressed as follows:

s1, inquiring and recording an original instruction sequence before patching by heating;

The instruction sequence before heating the patch is calculated in # and is expected to be 0x E8 FB 32 22 11;

Echo 0 xFFFFFFFF11188 > begin# sets the instruction start address to be queried;

echo 0x5> len# sets the instruction length to be queried;

the echo 0x1> read# triggers a callback function and reads specified information;

# the instruction sequence queried here should be "0x E8 FB 32 22 11";

s2, heating patches;

S3, after the hot patch is finished, the instruction sequence is queried again by using the instruction starting address and the instruction starting length which are set in the S1;

the instruction sequence after the # computation heat patch is expected to be '0x E8 FB 65 55 44';

echo 0x1> read# re-reads the instruction sequence;

The instruction sequence obtained by the # query should be '0x E8 FB 65 55 44';

S4, judging whether an expected hot-patched instruction sequence (corresponding to the first expected instruction sequence) is consistent with an actually queried hot-patched instruction sequence (corresponding to the first actual instruction sequence), if so, proving that the part of hot-patch is successfully patched, and confirming that the hot-patch is effective; if the hot patches are inconsistent, the hot patch is proved to be unsuccessful, the hot patch is not effective, and the corresponding hot patch is wrong in function.

According to the methods of S1 to S4, whether other function calls meet expectations before and after the hot patch can be accurately tested and verified.

The following provides a function verification process using a simulation function call module, by which whether the function of the hot patch is correct can be further determined; for convenience of description, assume that the address of func_ Adder of the original calling function FuncA (corresponding to the second function described above) is 0xFFFFFFFF11111180, the expected function of the original calling function func_ Adder is to calculate the sum of two parameters, assume that the two parameters are 1 and 2, and because of the bug in the function FuncA, the calculation result is wrong, and the error result is assumed to be 5. It is expected that the error in function FuncA should be corrected by heating the patch, and the correct result 3 is invoked again.

Pseudo code for function verification using a simulated function call module can be expressed as:

s5, before the hot patch is performed, setting the address, the parameter number and the parameter of the function to be tested;

echo 0xFFFFFFFF11111180> func_addr# sets the original function func_ Adder address

The number of parameters is set to 2 by echo 0x2> para_cnt#;

echo 0x1> Para1# sets function call parameter 1;

echo 0x2> Para2# sets function call parameter 2;

And S6, triggering a preset callback function (a write callback function corresponding to the sixth operation object), wherein the callback function can call a Func-Adder function, and further call a bug-containing FuncA to obtain an error calculation result.

Echo 0x1> call# triggers a function call;

catret _value# expects to get an erroneous calculation result 5;

s7, heating patches. The hot patch will modify the call to bug-containing FuncA in the original call function Func Adder to call FuncA after bug repair in the hot patch.

And S8, triggering a preset callback function again after the hot patch is applied (the callback function still is according to the function address, the parameter number and the parameter set in the step S5), and calling FuncA functions after bug repair in the hot patch at the time of function call, so that a correct calculation result is expected to be obtained.

Echo 0x1> call# triggers a function call;

catret _value# is expected to get the correct calculation result 3;

S9, comparing whether the expected calculation result (corresponding to the expected calculation result) is consistent with the actual calculation result (corresponding to the output result of the second function). If the two values are consistent, the hot patch Ding Gongneng is correct, otherwise, the hot patch is wrong.

Through the two test function modules, related static information in the hot patch can be queried, such as information of names, sizes, addresses and the like; verifying whether an instruction sequence corresponding to the code accords with the expectation; and a dynamic calling mode can be used for simulating and calling codes containing the bug, so that whether the code functions meet expectations or not is verified. For the problems of difficult reproduction of bug and low coverage rate of test cases, the tool can be used for more direct and accurate test. The method has complementary advantages with the current testing method, and makes up the defects of the current testing method.

Through the accurate test function that test appurtenance provided, not only can test the normal function that the thermal patch had, also can find the thermal patch instrument processing according to expected result test and fail the problem that expects, prevent that the thermal patch instrument function from missing and introduce new problem, also can carry out further perfection to the thermal patch instrument in proper order, can effectively avoid the thermal patch to introduce new threat.

In the test process, the test steps and the interaction commands are similar to the shell command line mode, so that the interaction commands for the test can be organized into test scripts, and the test efficiency is improved.

As an alternative, the manner of interacting with the kernel may be more than one, and may employ other ways in addition to the framework provided by kobject, but in other ways, which may increase the workload of tool development.

In the implementation of the kernel hot patch, the existing kobject framework in the Linux kernel is used, and the function module is used for providing an operation interface in a user mode, so that the installation, the uninstallation, the enabling and the disabling of the hot patch are realized, the related information of the hot patch can be queried, and the management is convenient; in the mode, the memory information query technology and the function indirect calling technology are flexibly applied to the hot patch function test, so that new loopholes introduced in hot patch caused by the reasons of missing functions of a hot patch tool and the like can be detected, and the effectiveness and the reliability of the hot patch are improved; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

It should be noted that, the two main test function modules in the auxiliary test tool generally have corresponding test application scenes, and can be used in cooperation with each other or other test function modules. It should be noted that the auxiliary test tool is generally applied as a test tool in a test scenario, and is generally not applied in an online scenario.

Through verification, the test mode of the thermal patch can effectively improve the accuracy of thermal patch test, can help to solve the problem that kpatch thermal patch is missing in jump table (used for accelerating search, insertion and deletion operations of linked list), can also improve the test efficiency of thermal patch, reduce the manufacturing time of thermal patch and reduce the risk of thermal patch manufacturing failure.

To further understand the above embodiment, another method for testing a hot patch is provided below, as shown in fig. 6, including a function a (corresponding to the above second function), a function B (corresponding to the above target function), a function B '(corresponding to the above repair function), and a function C (corresponding to the above first function), where the function B is a function including a bug, the function B' is a function after hot-patch is performed on the function B, before hot-patch is performed on the function B, the function B may be called by a call instruction (corresponding to the above first call instruction) in the function a, the function C may be called by a call instruction (corresponding to the above second call instruction) in the function B, after the function C is performed, the call instruction in the function B may be continuously executed, and after the call instruction in the function a is continuously executed after the function B is performed; before hot-fill function B, the instruction sequence of the call instruction in function a represents the offset of the corresponding function B.

After the function B is subjected to hot-fill, a function B ' is obtained, and as shown by a solid line in FIG. 6, the function B ' can be called by a call instruction in the function A, the function C can be called by a call instruction in the function B ', after the function C is executed, the instruction after the call instruction in the function B ' is continuously executed, and after the function B ' is executed, the instruction after the call instruction in the function A is continuously executed; after hot-fill function B, the instruction sequence of the call instruction in function a represents the offset of the corresponding function B'. In actual implementation, according to the instruction starting address and the instruction length of the call instruction in the function A and the function address of the function B', determining the expected instruction sequence of the call instruction in the function A after the function B is repaired; when the function B is repaired, inquiring an actual instruction sequence of a call instruction in the function A, if an expected instruction sequence of the call instruction in the function A is matched with the actual instruction sequence, the function A can call the function B 'correctly, and verifying whether the expected instruction sequence of the call instruction in the function B' is matched with the actual instruction sequence or not in the same way, namely, determining the expected instruction sequence of the call instruction in the function B 'after the function B is repaired according to an instruction starting address and an instruction length of the call instruction in the function B' and a function address of the function C; and after the function B is repaired, inquiring the actual instruction sequence of the call instruction in the function B ', and if the expected instruction sequence of the call instruction in the function B ' is matched with the actual instruction sequence, indicating that the function B ' can correctly call the function C, and determining that the hot patch is effective. It should be noted that, after the function B is obtained by hot-patch, the function B itself is not modified but is not used.

The embodiment of the invention provides a structural schematic diagram of a testing device of a hot patch, as shown in fig. 7, the device comprises: the obtaining module 70 is configured to obtain a first expected instruction sequence and a first actual instruction sequence of the first call instruction after the target function is repaired based on a first instruction start address and a first instruction length of the first call instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the hot patch is used for repairing the objective function; a determining module 71 is configured to determine that the thermal compensation is in effect if the first expected instruction sequence matches the first actual instruction sequence.

According to the testing device for the hot-patch provided by the embodiment of the invention, after the target function is repaired, a first expected instruction sequence and a first actual instruction sequence of the first calling instruction are obtained based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot-patch; and if the first expected instruction sequence and the first actual instruction sequence are matched, determining that the hot-fill is effective. The device can query static information such as an instruction starting address, an instruction length, a function address and the like related to the hot patch, and verify whether an instruction sequence of a calling instruction is correct, so that whether the hot patch is effective is determined; the device can detect new loopholes introduced in the hot patch due to the reasons such as the function deficiency of the hot patch tool, and the like, thereby improving the effectiveness and the reliability of the hot patch; meanwhile, compared with the test mode for recovering the original loopholes in the prior art, the method can also effectively reduce the cost for verifying the hot patch function.

Further, the obtaining module 70 is further configured to: determining a first expected instruction sequence of the first calling instruction after the target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of the repairing function; and after the target function is repaired, inquiring a first actual instruction sequence of the first calling instruction.

Further, the obtaining module 70 is further configured to: calculating the sum of the first instruction starting address and the first instruction length to obtain a first calculation address; subtracting the first calculation address from the function address of the repair function to obtain an instruction offset corresponding to the repair function; based on the instruction offset, a first expected instruction sequence of the first call instruction is determined.

Further, the obtaining module 70 is further configured to: writing the first instruction starting address into a first operation object, triggering a write-back function corresponding to the first operation object, converting the first instruction starting address into a first instruction starting address in a preset format, and storing the first instruction starting address into a memory; writing the first instruction length into a second operation object, triggering a write-back function corresponding to the second operation object, converting the first instruction length into a first instruction length in a preset format, and storing the first instruction length into a memory; triggering a write-back function corresponding to a third operation object to read an instruction sequence in a preset format from a first instruction starting address in the preset format according to a first instruction length in the preset format, and converting the instruction sequence in the preset format into a first actual instruction sequence; the first actual instruction sequence is queried.

Further, the determining module 71 is further configured to: if the repair function comprises a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function; the repair function is used for calling the first function through the second calling instruction; and if the second expected instruction sequence and the second actual instruction sequence are matched, determining that the hot-fill is effective.

Further, the first calling instruction is contained in an instruction corresponding to the second function; the second function is used for calling an objective function or a repair function through the first calling instruction; the device is also used for: calling a second function to obtain an output result of the second function; it is determined whether the function of the thermal patch is correct based on the output result.

Further, the device is also used for: inquiring the function address of the second function and calling the number of parameters to be transferred of the second function; based on the number of parameters, acquiring parameters to be transferred when the second function is called; writing the function address into a fourth operation object, triggering a write-back function corresponding to the fourth operation object, converting the function address into a function address with a preset format, and storing the function address into a memory; writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory; and calling a second function based on the function address in the preset format and the parameters in the preset format to obtain an output result of the second function.

Further, the number of parameters includes a plurality of parameters; the fifth operation object includes a plurality of; the device is also used for: and writing the parameter into a fifth operation object corresponding to the parameter aiming at each parameter, triggering a write-back function corresponding to the fifth operation object corresponding to the parameter, converting the parameter into a parameter in a preset format, and storing the parameter into a memory.

Further, the device is also used for: triggering a write-back function corresponding to the sixth operation object to call a second function based on a function address in a preset format; and obtaining an output result of the second function based on the parameters in the preset format.

Further, the device is also used for: inputting parameters in a preset format into a second function to obtain an output result in the preset format of the second function; assigning the output result in the preset format to a seventh operation object; triggering a read callback function corresponding to the seventh operation object to convert the output result in the preset format into the output result of the second function.

Further, the device is also used for: inquiring the function address of the second function and calling the number of parameters to be transferred of the second function; based on the number of parameters, acquiring parameters to be transferred when the second function is called; determining an expected calculation of the second function based on the parameters; if the output result matches the expected calculation result, it is determined that the function of the thermal patch is correct.

The implementation principle and the generated technical effects of the device for testing the thermal patch provided by the embodiment of the invention are the same as those of the device for testing the thermal patch, and for the sake of brief description, reference may be made to corresponding contents in the device for testing the thermal patch in the embodiment of the method for testing the thermal patch.

The embodiment of the present invention further provides a server, referring to fig. 8, where the server includes a processor 130 and a memory 131, where the memory 131 stores machine executable instructions that can be executed by the processor 130, and the processor 130 executes the machine executable instructions to implement the method for testing a thermal patch described above.

Further, the server shown in fig. 8 further includes a bus 132 and a communication interface 133, and the processor 130, the communication interface 133, and the memory 131 are connected through the bus 132.

The memory 131 may include a high-speed random access memory (RAM, random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 133 (which may be wired or wireless), and may use the internet, a wide area network, a local network, a metropolitan area network, etc. Bus 132 may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one bi-directional arrow is shown in FIG. 8, but not only one bus or type of bus.

The processor 130 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware or instructions in software in processor 130. The processor 130 may be a general-purpose processor, including a central processing unit (Central Processing Unit, abbreviated as CPU), a network processor (Network Processor, abbreviated as NP), etc.; but may also be a digital signal Processor (DIGITAL SIGNAL Processor, DSP), application Specific Integrated Circuit (ASIC), field-Programmable gate array (FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 131, and the processor 130 reads the information in the memory 131, and in combination with its hardware, performs the steps of the method of the foregoing embodiment.

The embodiment of the invention also provides a machine-readable storage medium, which stores machine-executable instructions that, when being called and executed by a processor, cause the processor to implement the method for testing thermal patches described above.

The method, the device and the computer program product of the server for testing the thermal patch provided by the embodiment of the invention comprise a computer readable storage medium storing program codes, and the instructions included in the program codes can be used for executing the method described in the foregoing method embodiment, and specific implementation can be referred to the method embodiment and will not be repeated here.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (10)

1. A method of testing a thermal patch, the method comprising:

Acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the hot patch is used for repairing the objective function;

If the first expected instruction sequence is matched with the first actual instruction sequence, determining that the hot-fill is effective;

The step of obtaining the first expected instruction sequence and the first actual instruction sequence of the first calling instruction after the target function is repaired based on the first instruction starting address and the first instruction length of the first calling instruction and the function address of the repair function in the preset hot patch comprises the following steps:

Determining a first expected instruction sequence of the first calling instruction after the target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of the repairing function;

inquiring a first actual instruction sequence of the first calling instruction after the target function is repaired;

the step of determining the first expected instruction sequence of the first call instruction after the target function is repaired based on the first instruction start address and the first instruction length of the first call instruction and the function address of the repair function includes:

Calculating the sum of the first instruction starting address and the first instruction length to obtain a first calculation address;

subtracting the first calculation address from the function address of the repair function to obtain an instruction offset corresponding to the repair function;

Determining a first expected instruction sequence of the first call instruction based on the instruction offset;

The step of querying the first actual instruction sequence of the first call instruction after the target function is repaired includes:

Writing the first instruction starting address into a first operation object, triggering a write-back function corresponding to the first operation object, converting the first instruction starting address into a first instruction starting address with a preset format, and storing the first instruction starting address into a memory;

Writing the first instruction length into a second operation object, triggering a write-back function corresponding to the second operation object, converting the first instruction length into a first instruction length in a preset format, and storing the first instruction length into a memory;

triggering a write-back function corresponding to a third operation object to start from a first instruction starting address in the preset format, reading an instruction sequence in the preset format according to a first instruction length in the preset format, and converting the instruction sequence in the preset format into the first actual instruction sequence;

Querying the first actual instruction sequence;

The step of determining that the hot-patch is effective comprises the following steps:

If the repair function comprises a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function; the repair function is used for calling the first function through the second calling instruction;

And if the second expected instruction sequence is matched with the second actual instruction sequence, determining that the hot-fill is effective.

2. The method of claim 1, wherein the first call instruction is included in an instruction corresponding to the second function; the second function is used for calling the target function or the repair function through the first calling instruction;

After the step of determining that the hot-fill is effective, the method further comprises:

Calling the second function to obtain an output result of the second function;

And determining whether the function of the thermal patch is correct based on the output result.

3. The method of claim 2, wherein the step of calling the second function to obtain an output result of the second function comprises:

Inquiring the function address of the second function and calling the number of parameters to be transferred of the second function;

based on the number of the parameters, acquiring parameters to be transferred when the second function is called;

Writing the function address into a fourth operation object, triggering a write-back function corresponding to the fourth operation object, converting the function address into a function address with a preset format, and storing the function address into a memory;

Writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory;

And calling the second function based on the function address in the preset format and the parameters in the preset format to obtain an output result of the second function.

4. A method according to claim 3, wherein the number of parameters comprises a plurality; the fifth operation object includes a plurality of;

The step of writing the parameters into a fifth operation object, triggering a write-back function corresponding to the fifth operation object to convert the parameters into parameters in a preset format, and storing the parameters into a memory comprises the following steps:

And writing the parameters into a fifth operation object corresponding to the parameters aiming at each parameter, triggering a write-back function corresponding to the fifth operation object corresponding to the parameters, converting the parameters into parameters in a preset format, and storing the parameters into a memory.

5. A method according to claim 3, wherein the step of calling the second function based on the function address in the preset format and the parameter in the preset format to obtain the output result of the second function includes:

triggering a write-back function corresponding to a sixth operation object to call the second function based on the function address in the preset format;

and obtaining an output result of the second function based on the parameters in the preset format.

6. The method of claim 5, wherein the step of obtaining the output result of the second function based on the parameters in the preset format comprises:

Inputting the parameters in the preset format into the second function to obtain an output result in the preset format of the second function;

Assigning the output result in the preset format to a seventh operation object;

And triggering a read callback function corresponding to the seventh operation object to convert the output result in the preset format into the output result of the second function.

7. The method of claim 2, wherein prior to the step of determining whether the function of the thermal patch is correct based on the output result, the method further comprises:

Inquiring the function address of the second function and calling the number of parameters to be transferred of the second function; based on the number of the parameters, acquiring parameters to be transferred when the second function is called;

The step of determining whether the function of the thermal patch is correct based on the output result includes:

Determining an expected calculation of the second function based on the parameter;

And if the output result is matched with the expected calculation result, determining that the function of the thermal patch is correct.

8. A device for testing a thermal patch, the device comprising:

The system comprises an acquisition module, a first execution module and a second execution module, wherein the acquisition module is used for acquiring a first expected instruction sequence and a first actual instruction sequence of a first calling instruction after a target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of a repair function in a preset hot patch; the first calling instruction is used for indicating to call the target function or the repair function; the hot patch is used for repairing the objective function;

the determining module is used for determining that the hot-fill is effective if the first expected instruction sequence is matched with the first actual instruction sequence;

The acquisition module is further configured to:

Determining a first expected instruction sequence of the first calling instruction after the target function is repaired based on a first instruction starting address and a first instruction length of the first calling instruction and a function address of the repairing function;

inquiring a first actual instruction sequence of the first calling instruction after the target function is repaired;

The acquisition module is further configured to:

Calculating the sum of the first instruction starting address and the first instruction length to obtain a first calculation address;

subtracting the first calculation address from the function address of the repair function to obtain an instruction offset corresponding to the repair function;

Determining a first expected instruction sequence of the first call instruction based on the instruction offset;

The acquisition module is further configured to:

Writing the first instruction starting address into a first operation object, triggering a write-back function corresponding to the first operation object, converting the first instruction starting address into a first instruction starting address with a preset format, and storing the first instruction starting address into a memory;

Writing the first instruction length into a second operation object, triggering a write-back function corresponding to the second operation object, converting the first instruction length into a first instruction length in a preset format, and storing the first instruction length into a memory;

triggering a write-back function corresponding to a third operation object to start from a first instruction starting address in the preset format, reading an instruction sequence in the preset format according to a first instruction length in the preset format, and converting the instruction sequence in the preset format into the first actual instruction sequence;

Querying the first actual instruction sequence;

The determination module is also for:

If the repair function comprises a second call instruction, acquiring a second expected instruction sequence and a second actual instruction sequence of the second call instruction after the target function is repaired based on a second instruction starting address and a second instruction length of the second call instruction and a function address of the first function; the repair function is used for calling the first function through the second calling instruction;

And if the second expected instruction sequence is matched with the second actual instruction sequence, determining that the hot-fill is effective.

9. A server comprising a processor and a memory, the memory storing machine executable instructions executable by the processor, the processor executing the machine executable instructions to implement the method of testing a thermal patch of any one of claims 1-7.

10. A machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement a method of testing a thermal patch as claimed in any one of claims 1 to 7.