CN113849859A - Linux kernel modification method, terminal device and storage medium - Google Patents

Linux kernel modification method, terminal device and storage medium Download PDF

Info

Publication number
CN113849859A
CN113849859A CN202010599448.5A CN202010599448A CN113849859A CN 113849859 A CN113849859 A CN 113849859A CN 202010599448 A CN202010599448 A CN 202010599448A CN 113849859 A CN113849859 A CN 113849859A
Authority
CN
China
Prior art keywords
digital signature
signature
coded data
binary coded
linux kernel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010599448.5A
Other languages
Chinese (zh)
Inventor
董梦龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN202010599448.5A priority Critical patent/CN113849859A/en
Priority to PCT/CN2021/102714 priority patent/WO2022001944A1/en
Publication of CN113849859A publication Critical patent/CN113849859A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The embodiment of the invention relates to the field of communication, and discloses a method for modifying a Linux kernel, terminal equipment and a storage medium. The method for modifying the Linux kernel comprises the following steps: acquiring binary coded data for modifying a Linux kernel; carrying out digital signature on the binary coded data to obtain signed binary coded data; loading the signed binary coded data into the Linux kernel; performing security verification on the digital signature in the signed binary coded data to obtain a security verification result; and if the security verification result is that the verification is passed, executing the binary coded data to modify the Linux kernel. The method is applied to the process of dynamically modifying the Linux kernel.

Description

Linux kernel modification method, terminal device and storage medium
Technical Field
The embodiment of the invention relates to the field of communication, in particular to a method for modifying a Linux kernel, terminal equipment and a storage medium.
Background
Linux is one of the most widely used operating systems, and plays a significant role in various industries. When the Linux system runs, the Linux system is divided into a kernel mode and a user mode: the Linux kernel is operated in the kernel state, the application program is operated in the user state, the Linux kernel and the application program are isolated from each other to a certain extent, and the operation process of the kernel cannot be influenced by the user program.
For the modification of the Linux kernel, the kernel generally needs to be recompiled and the system restarted. However, in some production environments, the business scenario does not allow a reboot of the system, which requires that the Linux kernel can be modified while the system is running. At present, the commonly used method for dynamically modifying the Linux kernel mainly comprises the following steps: compiling extended Berkeley Package Filter (eBPF) byte codes for modifying the Linux kernel, inserting the eBPF byte codes into the Linux kernel in a user mode, and executing the eBPF byte codes to modify the Linux kernel.
However, in implementing the embodiments of the present invention, the inventors found that: a network hacker can easily inject malicious eBPF byte codes into the Linux kernel in a mode of tampering the eBPF byte codes, so that the problem of low safety and reliability of modifying the Linux kernel is caused.
Disclosure of Invention
The embodiment of the invention aims to provide a method for modifying a Linux kernel, terminal equipment and a storage medium, which can improve the safety and reliability of modifying the Linux kernel.
In order to solve the above technical problem, an embodiment of the present invention provides a method for modifying a Linux kernel, including: acquiring binary coded data for modifying a Linux kernel; carrying out digital signature on the binary coded data to obtain signed binary coded data; loading the signed binary coded data into the Linux kernel; performing security verification on the digital signature in the signed binary coded data to obtain a security verification result; and if the security verification result is that the verification is passed, executing the binary coded data to modify the Linux kernel.
An embodiment of the present invention further provides a terminal device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the above-described Linux kernel modification method.
The embodiment of the present invention also provides a computer readable storage medium, which stores a computer program, wherein the computer program is used for implementing the above-mentioned method for modifying the Linux kernel when being executed by a processor.
Compared with the prior art, the embodiment of the invention can sign the binary coded data for modifying the Linux kernel, so that after the binary coded data is loaded into the Linux kernel, the security can be verified according to the digital signature information, and after the binary coded data passes the verification, the Linux kernel is modified by adopting the binary coded data. The problem that in the prior art, binary coded data can be randomly tampered in the process of modifying the Linux kernel by adopting the binary coded data, so that the security and the reliability of modifying the Linux kernel are low is solved. As the security verification can be carried out according to the digital signature, the technical scheme provided by the embodiment of the invention can be adopted to modify the Linux kernel more safely and reliably.
Drawings
One or more embodiments are illustrated by the corresponding figures in the drawings, which are not meant to be limiting.
FIG. 1 is a flow chart of a modification method of a Linux kernel provided by a first embodiment of the invention;
FIG. 2 is a flow chart of a modification method of the Linux kernel provided by the second embodiment of the invention;
FIG. 3 is a comparison diagram of eBPF bytecode before and after being digitally signed in the method for modifying the Linux kernel provided by the second embodiment shown in FIG. 2;
FIG. 4 is a flow chart of a modification method of the Linux kernel provided by the third embodiment of the invention;
FIG. 5 is a comparison graph of eBPF bytecode before and after being digitally signed in the method for modifying the Linux kernel provided by the third embodiment shown in FIG. 4;
fig. 6 is a schematic structural diagram of a terminal device according to a fourth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. However, it will be appreciated by those of ordinary skill in the art that numerous technical details are set forth in order to provide a better understanding of the present application in various embodiments of the present invention. However, the technical solution claimed in the present application can be implemented without these technical details and various changes and modifications based on the following embodiments. The following embodiments are divided for convenience of description, and should not constitute any limitation to the specific implementation manner of the present invention, and the embodiments may be mutually incorporated and referred to without contradiction.
The first embodiment of the present invention relates to a method for modifying a Linux kernel, the flow of which is shown in fig. 1, and the method comprises:
step 101, obtaining binary coded data for modifying a Linux kernel.
And 102, carrying out digital signature on the binary coded data to obtain the signed binary coded data.
And 103, loading the signed binary coded data into the Linux kernel.
And 104, performing security verification on the digital signature in the signed binary coded data to obtain a security verification result.
And 105, if the security verification result is that the verification is passed, executing binary coded data to modify the Linux kernel.
Compared with the prior art, the embodiment of the invention can sign the binary coded data for modifying the Linux kernel, so that after the binary coded data is loaded into the Linux kernel, the security can be verified according to the digital signature information, and after the binary coded data passes the verification, the Linux kernel is modified by adopting the binary coded data. The problem that in the prior art, binary coded data can be randomly tampered in the process of modifying the Linux kernel by adopting the binary coded data, so that the security and the reliability of modifying the Linux kernel are low is solved. As the security verification can be carried out according to the digital signature, the technical scheme provided by the embodiment of the invention can be adopted to modify the Linux kernel more safely and reliably.
The second embodiment of the present invention relates to a method for modifying a Linux kernel, the flow of which is shown in fig. 2, and the method comprises:
step 201, obtaining binary coded data for modifying the Linux kernel.
In this embodiment, the binary encoded data may be specifically eBPF bytecode, and in the actual use process, the binary encoded data may also be encoded data in other forms, which is not described herein.
Step 202, calculating the binary coded data by using a preset signature algorithm to obtain the digital signature content.
In this embodiment, the signature algorithm may specifically be a HASH algorithm, such as an SHA algorithm, and at this time, the digital signature content acquired in step 202 is specifically a HASH value of the eBPF bytecode.
And step 203, acquiring an encryption private key by adopting a preset key algorithm.
In this embodiment, the key algorithm may specifically be an asymmetric encryption algorithm, but this embodiment does not specifically exemplify the asymmetric encryption algorithm, and in an actual use process, step 203 may calculate the encryption private key using any one of the asymmetric encryption algorithms.
And step 204, encrypting the digital signature content by adopting an encryption private key to obtain a digital signature.
And step 205, adding the digital signature to a signature position preset in the binary coded data, and acquiring the signed binary coded data.
In order to enable the digital signature to be quickly and accurately found when the security verification is performed in the subsequent step, in this embodiment, the signature position may specifically be a header or a tail of the eBPF bytecode, and further, the length of the signature position is preset. For example: as shown in fig. 3, the signature position is an eBPF bytecode header, which has a length of L1, and after adding the digital signature to the signature position, the digital signature and the eBPF bytecode generate a signed eBPF bytecode.
And step 206, loading the signed binary coded data into a Linux kernel.
Step 207, obtain the digital signature from the signature location.
For example: as shown in fig. 3, step 207 may obtain the eBPF bytecode of length L1 from the header of the signed eBPF bytecode as a digital signature.
And step 208, acquiring an encrypted public key according to the key algorithm.
In the present embodiment, the key algorithm used in step 208 is the same as the key algorithm used in step 203.
And step 209, decrypting the digital signature by using the encrypted public key to obtain the digital signature content.
According to the technical features of step 202, the digital signature content acquired in step 209 is specifically a HASH value, and for convenience of understanding, the digital signature content acquired in step 209 is HASH1 for example.
And step 210, calculating the binary coded data by adopting a signature algorithm to obtain digital signature detection content.
In the present embodiment, the signature algorithm used in step 210 is the same as the signature algorithm used in step 202, and is a HASH algorithm, and for convenience of understanding, the digital signature detection content is HASH2 as an example.
And step 211, obtaining a security verification result according to the relationship between the digital signature content and the digital signature detection content.
Specifically, if the digital signature content and the digital signature detection content are the same, that is, HASH1 is HASH2, the security verification result is verification pass, otherwise, the security verification result is verification fail.
And step 212, if the security verification result is that the verification is passed, executing the binary coded data to modify the Linux kernel.
It should be noted that, in this embodiment, if the security check fails, the eBPF bytecode may be directly discarded, and further, an alarm message may be sent to prompt that a network attack is suffered and the Linux kernel fails to be modified.
The third embodiment of the present invention relates to a method for modifying a Linux kernel, a flow of which is shown in fig. 4, and the method includes:
step 401, obtaining binary coded data for modifying a Linux kernel.
In this embodiment, the binary encoded data may be specifically eBPF bytecode, and in the actual use process, the binary encoded data may also be encoded data in other forms, which is not described herein.
And 402, calculating the binary coded data by adopting a preset signature algorithm to obtain the digital signature content.
In this embodiment, the signature algorithm may specifically be a HASH algorithm, such as an SHA algorithm, and at this time, the digital signature content acquired in step 202 is specifically a HASH value of the eBPF bytecode.
And 403, acquiring an encryption private key by using a preset key algorithm.
In this embodiment, the key algorithm may specifically be an asymmetric encryption algorithm, but this embodiment does not specifically exemplify the asymmetric encryption algorithm, and in an actual use process, step 403 may use any one of the asymmetric encryption algorithms to calculate the encrypted private key.
And step 404, encrypting the digital signature content by using the encryption private key to obtain a digital signature.
Step 405, signature identification information is obtained.
In this embodiment, the signature identification information is mainly used to identify the digital signature, and the signature identification information may be preset, or may be dynamically generated according to a preset rule, or may be obtained in other manners, which is not described in detail herein. In the present embodiment, the signature identification information is "0 xff00ff00 ff00ff 00" of 64 bits set in advance as an example.
Step 406, adding the signature identification information before the digital signature, and generating the target digital signature.
In order to facilitate the search that the length of the signature identification information is preset, the specific form of adding the signature identification information to the digital signature in step 306 may be as shown in fig. 5, where the length of the signature identification information is L2.
Step 407, adding the target digital signature to a signature position preset in the binary coded data, and acquiring the signed binary coded data.
In order to enable the digital signature to be quickly and accurately found when the security verification is performed in the subsequent step, in this embodiment, the signature position may specifically be a header or a tail of the eBPF bytecode, and further, the length of the signature position is preset. For example: as shown in fig. 5, the signature position is an eBPF bytecode header, which has a length of L1, and after the target digital signature is added to the signature position, the target digital signature and the eBPF bytecode generate a signed eBPF bytecode.
And step 408, loading the signed binary coded data into a Linux kernel.
Step 409, the target obtains the digital signature from the signature location.
For example: as shown in fig. 5, step 409 may obtain the eBPF bytecode of length L1+ L2 from the header of the signed eBPF bytecode as the target digital signature.
And step 410, detecting whether the target digital signature contains signature identification information or not, and acquiring a detection result.
Specifically, for example: as shown in fig. 5, the eBPF bytecode with a header length of L2 is obtained from the target digital signature, and it is determined whether the eBPF bytecode is "0 xff00ff00 ff00ff 00", if so, the detection result is that the target digital signature includes the signature identification information, otherwise, the signature identification information is not included.
And 411, if the detection result is that the signature identification information is contained, acquiring an encrypted public key according to a key algorithm.
In this embodiment, the key algorithm used in step 411 is the same as the key algorithm used in step 403.
And step 412, decrypting the digital signature by using the encrypted public key to obtain the digital signature content.
According to the technical features of step 402, the digital signature content obtained in step 412 is specifically a HASH value, and for convenience of understanding, the digital signature content obtained in step 412 is HASH1 for example.
And 413, calculating the binary coded data by adopting a signature algorithm to obtain the digital signature detection content.
In the present embodiment, the signature algorithm used in step 412 is the same as the signature algorithm used in step 402, and is a HASH algorithm, and for convenience of understanding, the digital signature detection content is HASH2 as an example.
And step 414, obtaining a security verification result according to the relation between the digital signature content and the digital signature detection content.
Specifically, if the digital signature content and the digital signature detection content are the same, that is, HASH1 is HASH2, the security verification result is verification pass, otherwise, the security verification result is verification fail.
And 415, if the security verification result is that the verification is passed, executing the binary coded data to modify the Linux kernel.
It should be noted that, in this embodiment, if the security check fails, the eBPF bytecode may be directly discarded, and further, an alarm message may be sent to prompt that a network attack is suffered and the Linux kernel fails to be modified.
Compared with the prior art, the second and third embodiments have the advantages that the digital signature is obtained according to the binary coded data on the basis of achieving the beneficial effects brought by the first embodiment, so that a close association relationship is established between the digital signature and the binary coded data, if the binary coded data is maliciously tampered, the digital signature detection content obtained in the Linux kernel is different from the digital signature, the fact that the binary coded data is maliciously tampered is judged more accurately and effectively, and the safety and reliability of modification of the Linux kernel are further improved.
A fourth embodiment of the present invention relates to a terminal device, as shown in fig. 6, including:
at least one processor 601; and the number of the first and second groups,
a memory 602 communicatively coupled to the at least one processor 601; wherein the content of the first and second substances,
the memory 602 stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor 601 to enable the at least one processor 601 to execute the information processing method according to the first to fifth embodiments of the present invention.
Where the memory and processor are connected by a bus, the bus may comprise any number of interconnected buses and bridges, the buses connecting together one or more of the various circuits of the processor and the memory. The bus may also connect various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor is transmitted over a wireless medium via an antenna, which further receives the data and transmits the data to the processor.
The processor is responsible for managing the bus and general processing and may also provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And the memory may be used to store data used by the processor in performing operations.
A fifth embodiment of the present invention relates to a computer-readable storage medium storing a computer program. The computer program realizes the above-described method embodiments when executed by a processor.
That is, as can be understood by those skilled in the art, all or part of the steps in the method for implementing the embodiments described above may be implemented by a program instructing related hardware, where the program is stored in a storage medium and includes several instructions to enable a device (which may be a single chip, a chip, or the like) or a processor (processor) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It will be understood by those of ordinary skill in the art that the foregoing embodiments are specific examples for carrying out the invention, and that various changes in form and details may be made therein without departing from the spirit and scope of the invention in practice.

Claims (10)

1. A method for modifying a Linux kernel is characterized by comprising the following steps:
acquiring binary coded data for modifying a Linux kernel;
carrying out digital signature on the binary coded data to obtain signed binary coded data;
loading the signed binary coded data into the Linux kernel;
performing security verification on the digital signature in the signed binary coded data to obtain a security verification result;
and if the security verification result is that the verification is passed, executing the binary coded data to modify the Linux kernel.
2. The method of claim 1, wherein digitally signing the binary coded data, and obtaining signed binary coded data comprises:
calculating the binary coded data by adopting a preset signature algorithm to obtain digital signature content;
acquiring an encryption private key by adopting a preset key algorithm;
encrypting the digital signature content by adopting the encryption private key to obtain the digital signature;
and adding the digital signature into a signature position preset in the binary coded data to obtain the signed binary coded data.
3. The method according to claim 2, wherein the security checking the digital signature in the signed binary coded data, and obtaining the security checking result comprises:
obtaining the digital signature from the signature location;
acquiring an encrypted public key according to the key algorithm;
decrypting the digital signature by adopting the encrypted public key to obtain the digital signature content;
calculating the binary coded data by adopting the signature algorithm to obtain digital signature detection content;
and acquiring a security verification result according to the relation between the digital signature content and the digital signature detection content.
4. The method according to claim 2, wherein the encrypting the digitally signed content with the private encryption key, after obtaining the digital signature, the adding the digital signature to a preset signature position in the binary data, and before obtaining the signed binary data, further comprises:
acquiring signature identification information;
adding the signature identification information before the digital signature to generate a target digital signature;
the adding the digital signature to a signature position preset in the binary code data, and acquiring the signed binary code data includes:
and adding the target digital signature into a signature position preset in the binary code data to obtain signed binary code data.
5. The method according to claim 4, wherein the security checking the digital signature in the signed binary coded data, and obtaining the security checking result comprises:
acquiring the target digital signature from the signature position;
detecting whether the target digital signature contains the signature identification information or not, and acquiring a detection result;
if the detection result is that the signature identification information is contained, an encrypted public key is obtained according to the key algorithm;
decrypting the digital signature by adopting the encrypted public key to obtain the digital signature content;
calculating the binary coded data by adopting the signature algorithm to obtain digital signature detection content;
and acquiring a security verification result according to the relation between the digital signature content and the digital signature detection content.
6. The method according to any of claims 2-5, wherein the key algorithm is an asymmetric encryption algorithm.
7. The method according to any one of claims 2-5, wherein the signature algorithm is a hash algorithm.
8. The method according to any one of claims 2-5, wherein the signature location is a header or a trailer of the binary encoded data.
9. A terminal device, comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of modifying a Linux kernel of any one of claims 1-8.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, implements the method for modifying a Linux kernel as defined in any one of claims 1-8.
CN202010599448.5A 2020-06-28 2020-06-28 Linux kernel modification method, terminal device and storage medium Pending CN113849859A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010599448.5A CN113849859A (en) 2020-06-28 2020-06-28 Linux kernel modification method, terminal device and storage medium
PCT/CN2021/102714 WO2022001944A1 (en) 2020-06-28 2021-06-28 Method for modifying linux kernel, and terminal device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010599448.5A CN113849859A (en) 2020-06-28 2020-06-28 Linux kernel modification method, terminal device and storage medium

Publications (1)

Publication Number Publication Date
CN113849859A true CN113849859A (en) 2021-12-28

Family

ID=78972535

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010599448.5A Pending CN113849859A (en) 2020-06-28 2020-06-28 Linux kernel modification method, terminal device and storage medium

Country Status (2)

Country Link
CN (1) CN113849859A (en)
WO (1) WO2022001944A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726633A (en) * 2022-04-14 2022-07-08 中国电信股份有限公司 Flow data processing method and device, storage medium and electronic equipment
CN115495746A (en) * 2022-11-16 2022-12-20 安超云软件有限公司 eBPF-based safety protection method and system and electronic equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102024123B (en) * 2010-12-20 2013-02-13 北京世纪互联宽带数据中心有限公司 Method and device for importing mirror image of virtual machine in cloud calculation
CN105787352A (en) * 2014-12-18 2016-07-20 中兴通讯股份有限公司 Method and terminal for provision and loading of executable module
CN106503589A (en) * 2016-10-26 2017-03-15 北京瑞卓喜投科技发展有限公司 The method of calibration of block chain Transaction Information correctness, apparatus and system
US10705855B2 (en) * 2017-11-29 2020-07-07 Forcepoint Llc Method for securely configuring an information system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726633A (en) * 2022-04-14 2022-07-08 中国电信股份有限公司 Flow data processing method and device, storage medium and electronic equipment
CN114726633B (en) * 2022-04-14 2023-10-03 中国电信股份有限公司 Traffic data processing method and device, storage medium and electronic equipment
CN115495746A (en) * 2022-11-16 2022-12-20 安超云软件有限公司 eBPF-based safety protection method and system and electronic equipment

Also Published As

Publication number Publication date
WO2022001944A1 (en) 2022-01-06

Similar Documents

Publication Publication Date Title
CN110113167B (en) Information protection method and system of intelligent terminal and readable storage medium
US6928548B1 (en) System and method for verifying the integrity of stored information within an electronic device
EP3270318B1 (en) Dynamic security module terminal device and method for operating same
CN111008034B (en) Patch generation method and device
CN107273150B (en) Preloading firmware downloading and writing method and device
CN112001376B (en) Fingerprint identification method, device, equipment and storage medium based on open source component
CN113849859A (en) Linux kernel modification method, terminal device and storage medium
CN110635898A (en) Encryption method and encryption system
US20170215074A1 (en) Firmware integrity verification method performed in virtualization system
CN112035144A (en) Block chain system upgrading method and device, computer equipment and storage medium
CN112231702A (en) Application protection method, device, equipment and medium
CN110868405B (en) Malicious code detection method and device, computer equipment and storage medium
CN114676419A (en) Method, system, equipment and medium for real-time early warning of tampering of application program file
WO2021012732A1 (en) Blockchain-based information verification apparatus and method, and storage medium
CN111400771A (en) Target partition checking method and device, storage medium and computer equipment
CN111046377A (en) Method and device for loading dynamic link library, electronic equipment and storage medium
CN113449269A (en) Core module activation method and device and storage medium
CN111459899A (en) Log sharing method and device and terminal equipment
CN107656728B (en) Application program instance creating method and cloud server
CN114424193A (en) Flash package encryption method and device, electronic equipment and computer storage medium
CN112825093A (en) Security baseline checking method, host, server, electronic device and storage medium
CN111241005A (en) Key value pair-based safe partition storage method and system
CN114650175B (en) Verification method and device
US11899776B2 (en) Electronic device and method for authenticating software based on blockchain
US11874752B1 (en) Methods and systems for facilitating cyber inspection of connected and autonomous electrical vehicles using smart charging stations

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination