CN113064697B - Method for accelerating communication between microkernel processes by using multiple hardware characteristics - Google Patents
Method for accelerating communication between microkernel processes by using multiple hardware characteristics Download PDFInfo
- Publication number
- CN113064697B CN113064697B CN202110356366.2A CN202110356366A CN113064697B CN 113064697 B CN113064697 B CN 113064697B CN 202110356366 A CN202110356366 A CN 202110356366A CN 113064697 B CN113064697 B CN 113064697B
- Authority
- CN
- China
- Prior art keywords
- system service
- service module
- authority
- user
- microkernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45583—Memory management, e.g. access or allocation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Abstract
The invention provides a method for accelerating communication between microkernel processes by utilizing multi-hardware characteristics, which relates to the technical field of microkernel process communication and comprises the following steps: user and system steps: the VMFUNC command is utilized to realize the inter-process communication between the user program and the system service; a system service step: among system services, a plurality of system service modules with strong relevance are placed in the same process, and the isolation among different system service module groups is ensured by utilizing the MPK technology. The invention can greatly improve the efficiency of inter-process communication under the micro-kernel architecture on the basis of not destroying the isolation characteristic between the service modules of the micro-kernel system, and can combine with the VMFUNC, thereby efficiently expanding the quantity that the Intel MPK can support the isolation memory domain, and further meeting the scene requirements of more intra-process isolation.
Description
Technical Field
The invention relates to the technical field of microkernel process communication, in particular to a method for accelerating microkernel process communication by utilizing multiple hardware characteristics.
Background
The micro-core architecture is an emerging core architecture design model relative to the macro-core architecture. Unlike the mode in which all system services in the macro kernel operate in the kernel mode, most system service modules in the micro kernel architecture operate in different user mode processes, such as memory management, file system, device driver, and the like. And only some key system services, such as process management, interprocess communication and the like, are reserved in the kernel mode. Compared with a design mode of a macro kernel, the micro kernel greatly reduces the number of codes running in a kernel mode, so that the possibility of high-risk events such as system crash caused by kernel code errors, utilization of kernel code bugs by malicious attackers and the like is reduced. Therefore, the microkernel has stronger error isolation, fault tolerance and robustness.
EPT: extended Page Tables, virtualization Extended Page Tables, record the mapping information from the virtual machine physical address to the host machine physical address. VMFUNC: instructions to switch EPT page tables for the virtual machine; MPK: memory Protection Keys, a Memory isolation technique.
VMFUNC is an instruction under the X86 architecture virtualization technology proposed by Intel. Intel may support the virtual machine manager to configure multiple EPT page tables and corresponding index arrays for a virtual machine. MPK technology is a hardware support for memory management proposed by Intel.
Currently, microkernel architectures are widely used in academia and industry. Because all system services of the macro kernel run in the same address space of the kernel mode, the requests and communications between the system service modules can be completed through function calls. In the microkernel, most of the communication between the users and the system service module needs to use an inter-process communication mechanism, and meanwhile, the operation of context switching between the user mode and the kernel mode is involved, so that the efficiency of the system service in the microkernel is lower than that of the macro kernel. In addition, the request of the user program to the system service often needs to be completed cooperatively among a plurality of modules in the kernel, for example, the operation of the user program on the file needs to be completed cooperatively by a file system module and a driver module of a file storage medium, which involves multiple inter-process communication and the operation of switching the context between the kernel mode and the user mode. These are one of the main causes of service performance bottlenecks in microkernel systems.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention provides a method for accelerating communication between microkernel processes by utilizing multiple hardware characteristics.
According to the method for accelerating the communication between the microkernel processes by using the multi-hardware characteristic, the scheme is as follows:
user and system steps: the VMFUNC command is utilized to realize the inter-process communication between the user program and the system service;
a system service step: among system services, a plurality of associated system service modules are used as a system service module group and are placed in the same process, and the isolation among different system service modules is ensured by utilizing the MPK technology.
Preferably, the user and system steps include:
setting an address space fast switching mechanism: and by utilizing the mapping relation of the EPT page tables, on the premise of not modifying the page table mapping of the virtual machine and the root register value of the corresponding page table, the address space is switched to the address space of the system service process through a VMFUNC instruction.
Preferably, configuring multiple EPT page tables for the virtual machine is as follows:
the virtual machine monitor configures a plurality of EPT page tables for the virtual machine, and additionally configures one EPT page table for each system service module group;
in the EPT page table, the physical address of the page table root of the user process in the virtual machine is mapped to the physical address of the page table root of the process in which the system service module group is positioned in the host machine;
when the EPT page table is used for translating the physical address of the virtual machine to the physical address of the host machine, the virtual address of the user process in the virtual machine can automatically use the page table of the process in which the system service module group called by the user process is located to translate, and the switching of the address space is realized.
Preferably, the user and system steps further include:
setting an address space switching safety check mechanism: the method adopts the binary check and the springboard function check to deal with the safety problem that a malicious user program illegally calls the VMFUNC instruction, bypasses the kernel check and randomly switches to the system service module to run.
Preferably, the method specifically comprises the following steps: maintaining a calling authority list for each system service module group process, and recording which processes can be switched to the address space of the program to operate through VMFUNC instructions;
meanwhile, the user process needs to provide a pass of the server when calling the system service, when the VMFUNC is called to execute the switching of the address space, the value of the pass can be used as a parameter to be transmitted to the switched process, and the switched system service module can know whether the program requesting the switching is legal or not through table lookup.
Preferably, the system service step includes:
setting a program authority domain: the method comprises the steps that an address space of a program is divided into a plurality of authority domains by means of hardware support of Intel MPK and setting of a PKRU register, only codes in the authority domains can be executed in the execution process of each system service module, data in the authority domains can be accessed, isolation inside a process is achieved, and isolation between original microkernel system service modules is maintained; and the PRKU register can be quickly modified without trapping in kernel state and exiting the virtual machine.
Preferably, the system service step further comprises:
setting a right domain switching checking mechanism: and the system service module is ensured to be switched to a legal authority domain only when requesting services of other system service modules.
Preferably, the setting authority domain switching checking mechanism specifically includes: when the system service module and the user process module code are loaded into the memory space, the code is checked, and only WRPKRU instructions are allowed to appear at the program authority domain switching positions;
before the WRPKRU instruction modifies the value of the PRKU register to switch the authority domain, checking is carried out to judge whether the switch is illegal and whether the switched authority domain is correct.
Preferably, when the user process requests the system service, the specific process is as follows:
step S1: the user process reserves a register of the process context and corresponding information in a reserved area, sets parameters requested to the system service module and writes pass information of the system service module group into a designated area;
step S2: a user process enters a springboard function area and calls a VMFUNC instruction to be switched to the springboard function area in the address space of the target system service module group process;
step S3: a springboard function of the target system service module group process acquires a process number of a calling process, judges whether the calling process has the authority to call the system service module through a process calling authority table, and simultaneously checks whether an input pass is correct;
step S4: in the authority domain switching function, the legality of the caller is judged according to whether the authority domain of the caller can be accessed, and then the authority domain of the current process is switched through a WRPKRU instruction to enter the authority domain of the next system service module for execution.
Preferably, the step S3 of checking whether the input pass is correct includes: if the input pass is correct, calling a switching function of the authority domain to jump to a target system service module group, and processing a request of a user process;
in the process of processing the request, if the service of the system service module group in other processes is requested, the request process is the same as the step S1-step S3;
if the service provided by the other system service module group under the same process is requested, the parameters requested from the other system service module are set, and then the authority domain switching function is called, as in step S1.
Compared with the prior art, the invention has the following beneficial effects:
1. the invention integrates each system service module with chain calling relation in microkernel structure, and uses Intel MPK and hardware support of Intel VMFUNC to realize safe and high-efficiency module isolation effect;
2. the invention uses the authority domain checking mechanism to ensure that each illegal authority domain switching can cause errors; the authentication mechanism of address space switching comprises a method for maintaining a process calling authority table for each system service module group process and checking a pass, and ensures that a program can only carry out legal address space switching during inter-process communication;
3. for interprocess communication between each system service module group and between a user and the system module group, the mechanism of utilizing VMFUNC instructions to carry out rapid address space switching is realized by adopting the characteristic of address translation in virtualization and configuring a specific page table;
4. expanding the number of isolated memory domains that the Intel MPK can support using Intel VMFUNC.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
FIG. 1 is a schematic diagram of a virtual machine monitor configuring EPT page tables for virtual machines;
FIG. 2 is a schematic diagram of a system service module group process;
FIG. 3 is a schematic diagram of a system service module group process initialization process;
FIG. 4 is a schematic diagram of a process for user process initialization and registration of system services;
FIG. 5 is a schematic diagram of a user process requesting a system service.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that variations and modifications can be made by persons skilled in the art without departing from the concept of the invention. All falling within the scope of the present invention.
The embodiment of the invention provides a method for accelerating inter-microkernel process communication by utilizing multiple hardware characteristics, wherein VMFUNC is an instruction which is proposed by Intel and is under the X86 architecture virtualization technology. Intel may support the virtual machine manager to configure multiple EPT page tables for a virtual machine, along with a corresponding index array. The virtual machine can switch the EPT page table for itself by running the VMFUNC instruction and inputting the corresponding index. This switching process is efficient because the invocation of the VMFUNC instruction does not cause the program execution flow to sag to the virtual machine manager. By configuring a special EPT page table, the efficient switching of the address space between processes by running VMFUNC instructions can be realized. At present, a large number of users use a cloud service platform to perform computing processing on data, and often use a virtualization technology, which provides opportunities for optimizing inter-microkernel process communication by using VMFUNC.
MPK technology is a hardware support for memory management proposed by Intel. With MPK techniques, the memory of a process can be partitioned into multiple different regions at the granularity of a page. In the process of program operation, the value of the PKRU register in the CPU designates the access authority of the current context of the process to each memory area. With MPK techniques, different accessible areas can be partitioned for different system service modules within a process. In the process of switching the system service modules, the program can modify the value of the PKRU register by operating the WRPKRU instruction, and change the access right of the current context to each memory region without performing expensive operation of modifying the page table. In addition, compared with a method for dividing memory permission by using page tables of different processes, the MPK technology can integrate system service modules with strong relevance into the same process on the basis of ensuring the isolation characteristic among the system service modules, and saves a large amount of expenses of synchronization among the processes and context switching of the processes.
Aiming at the problem of the communication efficiency between microkernel processes, two hardware characteristics of VMFUNC and MPK are used for optimization. From behavior analysis in the process of calling system service by a user program in a microkernel environment, the system service module in the microkernel can be found to be often required to provide service for all users in the system; meanwhile, in order to complete a certain system service, chain-like system service module calling needs to be performed among the system service modules, that is, a certain system service module only calls certain other specific system service modules in the running process.
According to the characteristics, the efficient inter-process communication is realized by utilizing the VMFUNC instruction between the user program and the system service; for system services, a plurality of system service modules with strong relevance are placed in the same process, and the MPK technology is used for ensuring the isolation of different system services, which specifically comprises the following steps:
a mechanism for fast switching of address space is provided: the invention utilizes virtualization technology to configure a plurality of EPT page tables for the virtual machine. By using the mapping relation of the EPT page table, the address space can be switched to the address space of the system service process through the VMFUNC instruction on the premise of not modifying the page table mapping of the virtual machine and the root register value of the corresponding page table, so that the high-efficiency interprocess communication is realized.
The address space switching safety check mechanism is proposed: because the VMFUNC command can be called by any program in a user mode, a malicious user program possibly illegally calls the VMFUNC command, bypasses kernel check and is switched to the system service module to run at will. The present invention proposes a way to use binary check and springboard function check to solve the above mentioned security problem.
The concept of program authority domain is proposed: the invention utilizes MPK hardware support, divides the address space of the program into a plurality of authority domains by setting a PKRU register, and only executes codes in the authority domains and accesses data in the authority domains in the execution process of each system service module, thereby realizing the isolation in the process and maintaining the isolation between the original microkernel system service modules. Meanwhile, the PRKU register can be quickly modified under the conditions of not falling into a kernel state and exiting the virtual machine, so that the switching of the program authority domain is efficient.
And (3) proposing an authority domain switching checking mechanism: during the execution process, the user program can modify the value of the PKRU register by calling the WRPKRU instruction under the condition that the virtual machine operating system and the virtual machine monitor are not aware. Therefore, the invention provides a permission domain switching checking mechanism, which can ensure that the system service module can only be switched to a legal permission domain when requesting the service of other system service modules.
Referring to FIG. 1, a virtual machine monitor configures multiple EPT page tables for a virtual machine. One of the EPT page tables is used for the user program and the system service module to execute in the address space of the EPT page table. In the mapping from the virtual machine physical address of the EPT page table to the host machine physical address, the value of the page table index entry is equal to the address translation value, and the physical address space seen by the virtual machine is the same as the host machine physical address space. For each system service module group, an EPT page table is additionally configured. In the EPT page table, the physical address of the page table root of the user process in the virtual machine is mapped to the physical address of the page table root of the process in which the system service module group is positioned in the host machine. When the EPT page table is used for translating the physical address of the virtual machine to the physical address of the host machine, the virtual address of the user process in the virtual machine can be automatically translated by using the page table of the process in which the system service module group called by the user process is located, and the switching of the address space is realized. The switching of the EPT page table is realized by operating a VMFUNC instruction.
In order to prevent the VMFUNC instruction from being illegally called to switch the EPT page table, the invention provides a calling authority table for each system service module group process, and records which processes can be switched to the address space of the program to run through the VMFUNC instruction. Meanwhile, when the user process calls the system service, the pass of the server needs to be provided. When the VMFUNC is called to execute the switching of the address space, the value of the pass is used as a parameter to be transmitted to the switched process. The switched system service module can know whether the program requesting for switching is legal or not by looking up a table. The above process is implemented in the springboard function.
For the system service module group process, the invention adopts the Intel MPK technology to separate the system service module group process and the system service module group process in the same process. Referring to fig. 2, by setting the page table entry of the memory page where the system service module is located and the value of the PKRU register, different authority domains are separated for each system service module. Referring to FIG. 2, the privilege domain is composed of executable code segments and accessible data areas. Wherein the system service module 1 code can only access the data in the data area of the system service module 1 during the execution process. The same applies to the system service module 2. Different authority domains can be switched by a specific function.
The WRPKRU can be arbitrarily invoked in the user mode due to an instruction to modify the PKRU register value, while the parameters of the WRPKRU are specified by the caller. Therefore, in order to ensure that the authority domain can only be correctly switched by the appointed caller at the appointed place, the invention provides an authority domain switching checking mechanism. In the invention, codes are checked when system service module and user process module codes are loaded into memory space, and only WRPKRU instructions are allowed to appear at the switching position of program authority domain. Before the WRPKRU instruction modifies the value of the PRKU register to switch the authority domain, checking is carried out to judge whether the switch is illegal and whether the switched authority domain is correct.
Referring to fig. 3 and 4, the kernel initializes a series of system services when the virtual machine is started. As shown in flow (a), after the codes and the original data of the system service modules are loaded into the corresponding address spaces, the virtual machine kernel sets a correct page table entry and a correct PRKU value according to the configuration, and generates a plurality of authority domains. The springboard function code is then mapped into a specific area of the system service module group process. Meanwhile, the virtual machine generates a group of pass and an empty process call authority table for each system service module group process, and then the initialization process is finished. Flow (b) is the process of user process initialization and registration for system services. Firstly, a user process initiates a request for registering system service to a virtual machine monitor, and transmits information of the system service needing to be registered. The virtual machine monitor first checks whether the user's request is legal, and if so, sets an EPT page table for the user process. And the virtual machine monitor transmits the previously generated pass to the user program and then updates a process calling authority table in the corresponding system service module group process.
Referring to fig. 5, when a user process requests a system service, the following processes are mainly involved:
step S1: the user process reserves the register of the process context and the corresponding information in the reserved area, sets the parameters of the request to the system service and writes the pass information of the system service module group into the designated area.
Step S2: and the user process enters a springboard function area and calls a VMFUNC instruction to switch to the springboard function area in the address space of the target system service module group process.
Step S3: and acquiring the process number of the calling process by the springboard function of the target system service module group process, judging whether the calling process has the authority to call the system service or not by the process calling authority table, and simultaneously checking whether the input pass is correct or not.
If the user process is correct, the switching function of the calling authority domain jumps to the target system service module group to process the request of the user process. In the process of processing the request, the service of the system service module group in other processes may be requested, and the request process is the same as the steps S1-S3. It is also possible to request services provided by other system service module groups under the same process, and similarly to step S1, parameters requested from other system service modules are set, and then the authority domain switching function is called.
Step S4: in the authority domain switching function, the legality of the caller is judged according to whether the authority domain of the caller can be accessed, and then the authority domain of the current process is switched through a WRPKRU instruction to enter the authority domain of the next system service module for execution.
After the system service module completes the corresponding request, the return process is similar to the called process.
According to the behavior characteristics of calling system services by a user program in a microkernel architecture under a cloud application platform, system service modules with chain calling relations among the system service modules are integrated into the same process, and an efficient and flexible isolation mechanism is provided by using the support of Intel MPK hardware. For the user program and the system service module group, the VMFUNC instruction under the virtualization support is utilized to realize the efficient switching of the address spaces of the user process and the system service module group process, and on the basis of not damaging the isolation characteristic between the micro-kernel system service modules, the efficiency of the inter-process communication under the micro-kernel architecture is greatly improved.
The method can be applied to microkernel operating systems and can also be applied to scenes of process internal isolation. The function of Intel MPK hardware is to provide up to 16 isolated memory domains inside a process, but cannot support a larger number of isolated memory domains, and is therefore limited in use. The invention combines and uses VMFUNC, thereby being capable of efficiently expanding the quantity of the Intel MPK capable of supporting the isolation of the memory domain, and further meeting the requirements of more process internal isolation scenes.
Those skilled in the art will appreciate that, in addition to implementing the system and its various devices, modules, units provided by the present invention as pure computer readable program code, the system and its various devices, modules, units provided by the present invention can be fully implemented by logically programming method steps in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system and various devices, modules and units thereof provided by the invention can be regarded as a hardware component, and the devices, modules and units included in the system for realizing various functions can also be regarded as structures in the hardware component; means, modules, units for performing the various functions may also be regarded as structures within both software modules and hardware components for performing the method.
The foregoing description is directed to specific embodiments of this invention. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.
Claims (9)
1. A method for accelerating inter-microkernel process communication using multiple hardware features, comprising:
user and system steps: the VMFUNC instruction is used for realizing the inter-process communication between the user program and the system service;
a system service step: among system services, a plurality of associated system service modules are used as a system service module group and are placed in the same process, and the isolation among different system service module groups is ensured by utilizing an MPK technology;
when the user process requests the system service, the specific process is as follows:
step S1: the user process reserves a register of the process context and corresponding information in a reserved area, sets parameters requested to the system service module and writes pass information of the system service module group into a designated area;
step S2: a user process enters a springboard function area and calls a VMFUNC instruction to be switched to the springboard function area in the address space of the target system service module group process;
step S3: a springboard function of the target system service module group process acquires a process number of a calling process, judges whether the calling process has the authority to call the system service module through a process calling authority table, and simultaneously checks whether an input pass is correct;
step S4: in the authority domain switching function, the legality of a caller can be judged according to whether the authority domain of the caller can be accessed, and then the authority domain of the current process is switched through a WRPKRU instruction to enter the authority domain of the next system service module for execution.
2. The method of accelerating inter-microkernel process communication using multiple hardware features of claim 1 wherein the user and system steps include:
setting an address space fast switching mechanism: and by utilizing the mapping relation of the EPT page tables, on the premise of not modifying the page table mapping of the virtual machine and the root register value of the corresponding page table, the address space is switched to the address space of the system service process through a VMFUNC instruction.
3. The method of claim 2, wherein the step of configuring multiple EPT page tables for the virtual machine comprises:
the virtual machine monitor configures a plurality of EPT page tables for the virtual machine, and additionally configures one EPT page table for each system service module group;
in the EPT page table, the physical address of the page table root of the user process in the virtual machine is mapped to the physical address of the page table root of the process in which the system service module group is positioned in the host machine;
when the EPT page table is used for translating the physical address of the virtual machine to the physical address of the host machine, the virtual address of the user process in the virtual machine can be automatically translated by using the page table of the process in which the called system service module group is positioned, so that the switching of the address space is realized.
4. The method for accelerating inter-microkernel process communication utilizing multi-hardware features of claim 1 wherein said user and system steps further comprise:
setting an address space switching safety check mechanism: the method adopts the binary check and the springboard function check to deal with the safety problem that a malicious user program illegally calls the VMFUNC instruction, bypasses the kernel check and randomly switches to the system service module to run.
5. The method for accelerating inter-microkernel process communication using multiple hardware features as claimed in claim 4, further comprising: maintaining a call authority table for each system service module group process, recording which processes can pass through
The VMFUNC command is switched to the address space of the program to run;
meanwhile, the user process needs to provide a pass of the server when calling the system service, when the VMFUNC is called to execute the switching of the address space, the value of the pass can be used as a parameter to be transmitted to the switched process, and the switched system service module can know whether the program requesting the switching is legal or not through table lookup.
6. The method of accelerating inter-microkernel process communication using multiple hardware features of claim 1 wherein said system servicing step comprises:
setting a program authority domain: the method comprises the steps that an address space of a program is divided into a plurality of authority domains by means of hardware support of Intel MPK and setting of a PKRU register, only codes in the authority domains can be executed in the execution process of each system service module, data in the authority domains can be accessed, isolation inside a process is achieved, and isolation between original microkernel system service modules is maintained; and the PRKU register can be quickly modified without trapping in kernel state and exiting the virtual machine.
7. The method for accelerating inter-microkernel process communication utilizing multiple hardware features of claim 1 wherein said system servicing step further comprises:
setting a right domain switching checking mechanism: and the system service module is ensured to be switched to a legal authority domain only when requesting the service of other system service modules.
8. The method for accelerating inter-microkernel process communication using multiple hardware features of claim 7, wherein the setting of the privilege domain switch checking mechanism specifically comprises: when the codes of the system service module and the user process module are loaded into the memory space, the codes are checked, and only WRPKRU instructions are allowed to appear at the switching position of the program authority domain;
before the WRPKRU instruction modifies the value of the PRKU register to switch the authority domain, checking is carried out to judge whether the switch is illegal and whether the switched authority domain is correct.
9. The method for accelerating inter-microkernel process communication using multi-hardware features of claim 1 wherein said step S3 of checking whether the entered pass is correct includes: if the input pass is correct, calling a switching function of the authority domain to jump to a target system service module group, and processing a request of a user process;
in the process of processing the request, if the service of the system service module group in other processes is requested, the request process is the same as the step S1-step S3;
if the service provided by the other system service module group under the same process is requested, the parameters requested from the other system service module are set, and then the authority domain switching function is called, as in step S1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110356366.2A CN113064697B (en) | 2021-04-01 | 2021-04-01 | Method for accelerating communication between microkernel processes by using multiple hardware characteristics |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110356366.2A CN113064697B (en) | 2021-04-01 | 2021-04-01 | Method for accelerating communication between microkernel processes by using multiple hardware characteristics |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113064697A CN113064697A (en) | 2021-07-02 |
| CN113064697B true CN113064697B (en) | 2022-09-23 |
Family
ID=76565402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110356366.2A Active CN113064697B (en) | 2021-04-01 | 2021-04-01 | Method for accelerating communication between microkernel processes by using multiple hardware characteristics |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113064697B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115774574A (en) * | 2021-09-06 | 2023-03-10 | 华为技术有限公司 | Operating system kernel switching method and device |
| CN113704007B (en) * | 2021-09-14 | 2023-11-07 | 上海交通大学 | Serverless computing platform acceleration system utilizing hardware features |
| CN115878210A (en) * | 2021-09-29 | 2023-03-31 | 华为技术有限公司 | System configuration processing method and related equipment |
| CN113886105B (en) * | 2021-09-30 | 2023-07-21 | 抖音视界有限公司 | Cross-process calling method and device, storage medium and electronic equipment |
| CN114020330B (en) * | 2021-11-04 | 2023-11-03 | 苏州睿芯集成电路科技有限公司 | Method for mode switching in RISC-V processor authentication, electronic device and storage medium |
| CN114168936A (en) * | 2021-11-24 | 2022-03-11 | 浙江大学 | Enclave sandbox system based on Intel MPK and single step mode |
| CN117827417A (en) * | 2022-09-28 | 2024-04-05 | 华为技术有限公司 | Memory management method and related equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106201646A (en) * | 2014-08-15 | 2016-12-07 | 英特尔公司 | The technology of shared RAM communication between secure virtual machine |
| CN106970823A (en) * | 2017-02-24 | 2017-07-21 | 上海交通大学 | Efficient secure virtual machine guard method and system based on nested virtualization |
| CN109933441A (en) * | 2019-02-28 | 2019-06-25 | 上海交通大学 | Micro-kernel Inter-Process Communication method and system |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060019945A1 (en) * | 2002-02-04 | 2006-01-26 | Chapman Kevin T | Granzyme b inhibitors |
| CN106203082A (en) * | 2016-06-29 | 2016-12-07 | 上海交通大学 | The system and method efficiently isolating kernel module based on virtualization hardware characteristic |
| CN107391225A (en) * | 2017-07-13 | 2017-11-24 | 北京航空航天大学 | A kind of monitoring method and system based on more EPT lists |
| CN111949596A (en) * | 2020-08-05 | 2020-11-17 | 上海交通大学 | MPK technology-based communication method, system and medium between microkernel modules |
-
2021
- 2021-04-01 CN CN202110356366.2A patent/CN113064697B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106201646A (en) * | 2014-08-15 | 2016-12-07 | 英特尔公司 | The technology of shared RAM communication between secure virtual machine |
| CN106970823A (en) * | 2017-02-24 | 2017-07-21 | 上海交通大学 | Efficient secure virtual machine guard method and system based on nested virtualization |
| CN109933441A (en) * | 2019-02-28 | 2019-06-25 | 上海交通大学 | Micro-kernel Inter-Process Communication method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113064697A (en) | 2021-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113064697B (en) | Method for accelerating communication between microkernel processes by using multiple hardware characteristics | |
| US20220091911A1 (en) | Method and apparatus for inter-process communication, and computer device | |
| CN109840410A (en) | The method and system of data isolation and protection in a kind of process | |
| US9454676B2 (en) | Technologies for preventing hook-skipping attacks using processor virtualization features | |
| US10255088B2 (en) | Modification of write-protected memory using code patching | |
| CN104866762B (en) | Security management program function | |
| CN100489782C (en) | Virtual machine system and accessing control method of hardware equipment | |
| CN111651778A (en) | Physical memory isolation method based on RISC-V instruction architecture | |
| CN104036185B (en) | Virtualization based power and function isolating method for loading module of monolithic kernel operation system | |
| CN104424034A (en) | Hardware resource access method and hardware resource access device | |
| CN110058921B (en) | Dynamic isolation and monitoring method and system for memory of client virtual machine | |
| US20210089684A1 (en) | Controlled access to data stored in a secure partition | |
| CN112749397A (en) | System and method | |
| WO2023123850A1 (en) | Method and apparatus for implementing firmware root of trust, device, and readable storage medium | |
| CN111949596A (en) | MPK technology-based communication method, system and medium between microkernel modules | |
| CN114154144A (en) | Application safety reinforcing system based on safety sandbox | |
| CN110276214B (en) | Dual-core trusted SOC architecture and method based on slave access protection | |
| CN112182560B (en) | Efficient isolation method, system and medium for Intel SGX interior | |
| CN107203716B (en) | Lightweight structured protection method and device for Linux kernel | |
| CN105550014A (en) | Flexible and efficient cross-permission-level and cross-domain calling method | |
| CN115422554B (en) | Request processing method, compiling method and trusted computing system | |
| CN114741740B (en) | Physical memory protection method, system and related equipment based on RISC-V | |
| Baumann et al. | On the verification of system-level information flow properties for virtualized execution platforms | |
| CN102799480B (en) | Method and device for closing interrupt in virtualization system | |
| US20220309150A1 (en) | Systems and methods for preventing kernel stalling attacks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |