WO2013082749A1 - Hardware resource protection method and system, and virtual machine manager - Google Patents

Hardware resource protection method and system, and virtual machine manager Download PDF

Info

Publication number
WO2013082749A1
WO2013082749A1 PCT/CN2011/083499 CN2011083499W WO2013082749A1 WO 2013082749 A1 WO2013082749 A1 WO 2013082749A1 CN 2011083499 W CN2011083499 W CN 2011083499W WO 2013082749 A1 WO2013082749 A1 WO 2013082749A1
Authority
WO
WIPO (PCT)
Prior art keywords
virtual machine
application
hardware resource
machine manager
exit
Prior art date
Application number
PCT/CN2011/083499
Other languages
French (fr)
Chinese (zh)
Inventor
俞柏峰
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201180058592.7A priority Critical patent/CN103270491B/en
Priority to PCT/CN2011/083499 priority patent/WO2013082749A1/en
Publication of WO2013082749A1 publication Critical patent/WO2013082749A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation

Definitions

  • the present invention relates to the field of computers, and in particular, to a hardware resource protection method and system, and a virtual machine manager. Background technique
  • Hardware resources are usually protected by dedicated hardware, such as hard disk protection cards to protect hard disks.
  • the main body of the hard disk protection card is a hardware chip that is inserted into the motherboard and works in conjunction with the main boot sector of the hard disk.
  • the working principle is as follows:
  • the hard disk protection card takes over an INT13 interrupt for reading and writing operations on the hard disk when the system starts, and will be FAT (Fi le Al location Table), Shield 1 guide, CMOS (Complementary Metal Oxide Semiconductor, Information such as the complementary metal oxide semiconductor), the original interrupt vector table, etc. are saved to the temporary storage unit in the card or stored in the hidden sector of the hard disk, and the original interrupt vector table is replaced with the own interrupt vector table.
  • FAT Fi le Al location Table
  • Shield 1 guide Shield 1 guide
  • CMOS Complementary Metal Oxide Semiconductor
  • Information such as the complementary metal oxide semiconductor
  • the original interrupt vector table etc.
  • the hard disk protection card can restore the previous content to the hard disk, thereby achieving the right The purpose of hard disk protection.
  • the embodiment of the invention provides a hardware resource protection method and system and a virtual machine manager.
  • the technical solution is as follows:
  • a method for protecting a hardware resource comprising:
  • the virtual machine manager monitors hardware resources and touches when detecting that the application accesses the hardware resources Sending a virtual machine to exit, and the virtual machine manager takes over control of the system;
  • the virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
  • a virtual machine manager, the virtual machine manager includes:
  • a monitoring module configured to monitor a hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system;
  • the determining module is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
  • a hardware resource protection system comprising: a virtual machine manager, a hardware resource, and a virtual machine;
  • the virtual machine manager is configured to monitor the hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system; and determining the application Whether the operation is legal, if legal, allows the application to access the hardware resource, and if it is illegal, the application is prohibited from accessing the hardware resource.
  • the virtual machine manager monitors the hardware resources. When detecting that the application accesses the hardware resources, the virtual machine is triggered to exit, and the virtual machine manager takes over the control of the system, and then determines whether the operation of the application is legal. If it is legal, the application is allowed to access. Hardware resources, if illegal, prohibit applications from accessing hardware resources, achieve the purpose of using virtualization technology to achieve hardware resource protection, get rid of the dependence of hardware resource protection on specialized hardware devices, improve flexibility of use, and reduce costs.
  • FIG. 1 is a flowchart of a hardware resource protection method according to Embodiment 1 of the present invention.
  • FIG. 2 is a flow chart of a method for protecting a hardware resource for an input/output address according to Embodiment 1 of the present invention
  • FIG. 3 is a flowchart of hardware resource protection for a memory space according to Embodiment 1 of the present invention
  • FIG. 4 is a schematic structural diagram of a virtual machine manager according to Embodiment 2 of the present invention
  • FIG. 5 is a schematic diagram of another structure of a virtual machine manager according to Embodiment 2 of the present invention
  • FIG. 6 is a schematic structural diagram of a hardware resource protection system according to Embodiment 3 of the present invention.
  • this embodiment provides a hardware resource protection method, where the method includes:
  • the virtual machine manager monitors the hardware resource, and when detecting that the application accesses the hardware resource, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
  • the virtual machine manager runs in the root mode
  • the virtual machine runs in the non-root mode
  • the virtual machine exit refers to the switch from the non-root mode to the root mode
  • the system control right transfer is controlled by the virtual machine manager takeover system. right.
  • the virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
  • the hardware resources involved in this embodiment may be an input/output address, a memory space, or the like.
  • the following describes the protection process for the input and output addresses and memory space of the above methods.
  • the hardware resource protection method includes the following steps:
  • the virtual machine manager monitors an input and output address of a device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output addresses, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
  • the virtual machine manager runs in the root mode
  • the virtual machine runs in the non-root mode
  • the virtual machine exit refers to the switch from the non-root mode to the root mode
  • the system control right transfer is controlled by the virtual machine manager takeover system. right.
  • the input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
  • the virtual machine manager determines whether the operation of the application is legal
  • the virtual machine manager compares the public key of the application with the private key provided by the application, and if yes, determines that the operation of the application is legal, and if not, determines that the operation of the application is illegal. . 203: If it is legal, the application is allowed to access the input and output address, and if it is illegal, the application is prohibited from accessing the input and output address.
  • the virtual machine manager triggers the virtual machine to enter, and the virtual machine takes over control of the system.
  • the entry of the virtual machine refers to the switch from the root mode to the non-root mode, and the control of the system is transferred, and the virtual machine takes over the control of the system.
  • the hardware resource protection method includes the following steps:
  • the virtual machine manager monitors a control register, prevents an application from using the control register to map a memory space, and detects that a page fault exception occurs when the application accesses the memory space;
  • the control register (Control Regi ster, CR) may specifically be CR3.
  • the virtual machine manager sets the preset exit condition to be set, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
  • the virtual machine manager sets PFEC—MASK and PFEC—MATCH.
  • PFEC & PFEC—MASK PFEC—MATCH
  • PFEC—MATCH PFEC—MATCH
  • PFEC indicates (Page Fault Error Code)
  • PFEC_MASK indicates the page fault mask
  • PFEC_MATCH indicates the page fault match code. For example, if both PFEC_MASK and PFEC_MATCH can be set to 0, the above relationship is established when a page fault exception occurs, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system.
  • the virtual machine manager runs in the root mode
  • the virtual machine runs in the non-root mode
  • the virtual machine exit refers to the switch from the non-root mode to the root mode
  • the system control right transfer is controlled by the virtual machine manager takeover system. right.
  • the virtual machine manager determines whether the operation of the application is legal
  • the virtual machine manager compares the public key of the application with the private key provided by the application, and if yes, determines that the operation of the application is legal, and if not, determines that the operation of the application is illegal. .
  • step 304 the virtual machine manager triggers the virtual machine to enter, and the virtual machine takes over control of the system.
  • the entry of the virtual machine refers to the switch from the root mode to the non-root mode, and the control of the system is transferred, and the virtual machine takes over the control of the system.
  • the hardware resource is monitored by the virtual machine manager, and when the application accesses the hardware resource is detected
  • the virtual machine is triggered to exit, and the virtual machine manager takes over control of the system, and then determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource, and the utilization is achieved.
  • the virtualization technology realizes the purpose of hardware resource protection, frees the dependence of hardware resource protection on specialized hardware devices, improves the flexibility of use, and reduces the cost.
  • the embodiment provides a virtual machine manager.
  • the virtual machine manager includes: a monitoring module 401, configured to monitor hardware resources, and when detecting that the application accesses the hardware resources, trigger the virtual machine to exit, by the virtual machine.
  • the manager takes over control of the system;
  • the determining module 402 is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
  • the monitoring module 401 is specifically configured to monitor an input and output address of the device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output addresses, triggering the virtual machine to exit, by virtual The machine manager takes over control of the system.
  • the input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
  • the monitoring module 401 is specifically configured to monitor the control register, prevent the application from using the control register to map the memory space, and detect that the page fault is generated when the application accesses the memory space, and the preset is made by setting The exit condition is established, triggering the virtual machine to exit.
  • the monitoring module 401 is specifically used when the preset exit condition is established by setting
  • the control register may specifically be CR3.
  • the determining module 402 is specifically configured to compare the public key of the application and the private key provided by the application, and if yes, determine that the operation of the application is legal, and if not, determine that the operation of the application is illegal.
  • the virtual machine manager further includes: a triggering module 403, configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
  • a triggering module 403 configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
  • the virtual machine manager runs in the root mode, and the virtual machine runs in the non-root mode.
  • the quasi-machine exit means that the non-root mode is switched to the root mode, and at the same time, the system control rights are transferred, and the virtual machine manager takes over the control of the system.
  • Virtual machine entry refers to switching from root mode to non-root mode, while system control is transferred, and the virtual machine takes over control of the system.
  • the virtual machine manager provided in this embodiment is the same as the virtual machine manager in the method embodiment. For details, refer to the method embodiment, and details are not described herein.
  • the virtual machine manager provided by the embodiment monitors the hardware resources, and when detecting that the application accesses the hardware resources, triggers the virtual machine to exit, and the virtual machine manager takes over the control of the system, and then determines whether the operation of the application is legal, if legal. Allows the application to access hardware resources. If it is illegal, it prohibits the application from accessing hardware resources, achieves the purpose of using virtualization technology to achieve hardware resource protection, and gets rid of the dependence of hardware resource protection on specialized hardware devices, improving the flexibility of use and reducing The cost.
  • this embodiment provides a hardware resource protection system, where the system includes: a virtual machine manager 40, a hardware resource 30, and a virtual machine 20;
  • the virtual machine manager 40 is configured to monitor the hardware resource 30, when detecting that the application accesses the hardware resource 30, triggers the virtual machine 20 to exit, and the virtual machine manager 40 takes over the system control right; and determines whether the operation of the application is legal, if Legitimate, allowing the application to access hardware resources 30, if illegal, prohibits the application from accessing hardware resources 30.
  • the virtual machine manager 40 includes: a monitoring module 401 and a determining module 402;
  • the monitoring module 401 is configured to monitor the hardware resource 30. When detecting that the application accesses the hardware resource 30, the virtual machine 20 is triggered to exit, and the virtual machine manager 40 takes over the system control right;
  • the determining module 402 is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource 30. If it is illegal, the application is prohibited from accessing the hardware resource 30.
  • the monitoring module 401 is specifically configured to monitor the input and output addresses of the device where the virtual machine manager is located.
  • the virtual machine 20 is triggered to exit. The system control is taken over by the virtual machine manager.
  • the input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
  • the monitoring module 401 is specifically configured to monitor the control register, and prevent the application from using the control register to map the memory space, so that the application accesses the memory space.
  • the virtual machine 20 is triggered to exit.
  • the monitoring module 401 is specifically used when the preset exit condition is established by setting
  • the control register may specifically be CR3.
  • the determining module 402 is specifically configured to compare the public key of the application and the private key provided by the application, and if yes, determine that the operation of the application is legal, and if not, determine that the operation of the application is illegal.
  • the virtual machine manager further includes: a triggering module 403, configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
  • a triggering module 403 configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
  • the virtual machine manager runs in the root mode
  • the virtual machine runs in the non-root mode
  • the virtual machine exit refers to the switch from the non-root mode to the root mode
  • the system control right transfer is controlled by the virtual machine manager takeover system.
  • Virtual machine entry refers to switching from root mode to non-root mode, and system control transfer, and the virtual machine takes over control of the system.
  • the virtual machine manager, the hardware resource, and the virtual machine provided in this embodiment are respectively in the same concept as the virtual machine manager, the hardware resource, and the virtual machine in the method embodiment, and the specific implementation process is described in the method embodiment, and details are not described herein again. .
  • the system provided in this embodiment monitors hardware resources through the virtual machine manager.
  • the virtual machine When detecting that the application accesses the hardware resources, the virtual machine is triggered to exit, and the virtual machine manager takes over control of the system, and then determines whether the operation of the application is legal. If it is legal, it allows the application to access the hardware resources. If it is illegal, it prohibits the application from accessing the hardware resources, and achieves the purpose of using the virtualization technology to realize the hardware resource protection. It is free from the dependence of the hardware resource protection on the specialized hardware devices, and improves the flexibility of use. , reducing costs.

Abstract

Embodiments of the present invention provide a hardware resource protection method and system, and a virtual machine manager, relating to the field of computers. The method comprises: a virtual machine manager monitoring hardware resources, and upon detecting that an application program accesses the hardware resources, the virtual machine manager triggering a virtual machine to exit, and taking over the system control right; the virtual machine manager determining whether an operation of the application program is authorized; if yes, allowing the application program to access the hardware resources, and if no, forbidding the application program from accessing the hardware resources. The virtual machine manager comprises a monitoring module and a determination module. The system comprises a virtual machine manager, hardware resources, and a virtual machine. By means of the aforementioned solution, the present invention protects the hardware resources by using the virtualization technology; the hardware resource protection no longer relies on the dedicated hardware device, thus improving the use flexibility and reducing the cost.

Description

一种硬件资源保护方法和系统以及虚拟机管理器 技术领域  Hardware resource protection method and system and virtual machine manager
本发明涉及计算机领域,特别涉及一种硬件资源保护方法和系统以及虚拟 机管理器。 背景技术  The present invention relates to the field of computers, and in particular, to a hardware resource protection method and system, and a virtual machine manager. Background technique
计算机中有很多硬件资源, 如 10 ( Input Output , 输入输出) 地址、 内存 空间等。 为了使计算机系统稳定、 安全的运行, 需要采取措施对其硬件资源进 行有效的保护。  There are many hardware resources in the computer, such as 10 (Input Output) address, memory space, and so on. In order to make the computer system run stably and safely, measures need to be taken to effectively protect its hardware resources.
目前通常采用专门的硬件对硬件资源进行保护,例如采用硬盘保护卡对硬 盘进行保护。硬盘保护卡的主体是一种硬件芯片, 插在主板上与硬盘的主引导 扇区协同工作。 其工作原理如下: 硬盘保护卡在系统启动时接管对硬盘进行读 写操作的一个 INT13中断, 将 FAT (Fi le Al location Table, 文件配置表)、 弓 1导区、 CMOS ( Complementary Metal Oxide Semiconductor , 互补金属氧化 物半导体)信息、 原始的中断向量表等信息都保存到卡内的临时储存单元中或 保存在硬盘的隐藏扇区中, 用自带的中断向量表来替换原始的中断向量表, 然 后在硬盘中找到一部分连续的空磁盘空间, 将用户修改的数据保存到其中。 这 样当用户向硬盘写入数据时, 没有真正修改硬盘中的 FAT, 而是写到了备份的 FAT表中, 系统每次重新启动时, 硬盘保护卡都能让硬盘恢复先前的内容, 从 而达到对硬盘保护的目的。  Hardware resources are usually protected by dedicated hardware, such as hard disk protection cards to protect hard disks. The main body of the hard disk protection card is a hardware chip that is inserted into the motherboard and works in conjunction with the main boot sector of the hard disk. The working principle is as follows: The hard disk protection card takes over an INT13 interrupt for reading and writing operations on the hard disk when the system starts, and will be FAT (Fi le Al location Table), Shield 1 guide, CMOS (Complementary Metal Oxide Semiconductor, Information such as the complementary metal oxide semiconductor), the original interrupt vector table, etc. are saved to the temporary storage unit in the card or stored in the hidden sector of the hard disk, and the original interrupt vector table is replaced with the own interrupt vector table. Then find a part of the continuous empty disk space on the hard disk, and save the user modified data to it. In this way, when the user writes data to the hard disk, the FAT in the hard disk is not actually modified, but the FAT table is written in the backup. When the system is restarted, the hard disk protection card can restore the previous content to the hard disk, thereby achieving the right The purpose of hard disk protection.
可见, 上述技术需要借助硬盘保护卡等专门硬件设备对硬件资源进行保 护, 因此, 使用不够灵活, 成本也比较高。 发明内容  It can be seen that the above technology needs to protect hardware resources by using special hardware devices such as a hard disk protection card. Therefore, the use is not flexible enough and the cost is relatively high. Summary of the invention
为了摆脱硬件资源保护对专门硬件设备的依赖, 本发明实施例提供了一种 硬件资源保护方法和系统以及虚拟机管理器。 所述技术方案如下:  In order to get rid of the dependence of the hardware resource protection on the dedicated hardware device, the embodiment of the invention provides a hardware resource protection method and system and a virtual machine manager. The technical solution is as follows:
一种硬件资源保护方法, 所述方法包括:  A method for protecting a hardware resource, the method comprising:
虚拟机管理器监控硬件资源, 当检测到应用程序访问所述硬件资源时, 触 发虚拟机退出, 由所述虚拟机管理器接管系统控制权; The virtual machine manager monitors hardware resources and touches when detecting that the application accesses the hardware resources Sending a virtual machine to exit, and the virtual machine manager takes over control of the system;
虚拟机管理器判断所述应用程序的操作是否合法, 如果合法, 允许所述应 用程序访问所述硬件资源, 如果非法, 禁止所述应用程序访问所述硬件资源。  The virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
一种虚拟机管理器, 所述虚拟机管理器包括:  A virtual machine manager, the virtual machine manager includes:
监控模块, 用于监控硬件资源, 当检测到应用程序访问所述硬件资源时, 触发虚拟机退出, 由所述虚拟机管理器接管系统控制权;  a monitoring module, configured to monitor a hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system;
判断模块, 用于判断所述应用程序的操作是否合法, 如果合法, 允许所述 应用程序访问所述硬件资源,如果非法,禁止所述应用程序访问所述硬件资源。  The determining module is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
一种硬件资源保护系统, 所述系统包括: 虚拟机管理器、 硬件资源、 和虚 拟机;  A hardware resource protection system, the system comprising: a virtual machine manager, a hardware resource, and a virtual machine;
所述虚拟机管理器用于监控所述硬件资源, 当检测到应用程序访问所述硬 件资源时, 触发所述虚拟机退出, 由所述虚拟机管理器接管系统控制权; 并判 断所述应用程序的操作是否合法, 如果合法, 允许所述应用程序访问所述硬件 资源, 如果非法, 禁止所述应用程序访问所述硬件资源。  The virtual machine manager is configured to monitor the hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system; and determining the application Whether the operation is legal, if legal, allows the application to access the hardware resource, and if it is illegal, the application is prohibited from accessing the hardware resource.
本发明实施例提供的技术方案的有益效果是:  The beneficial effects of the technical solutions provided by the embodiments of the present invention are:
通过虚拟机管理器监控硬件资源, 当检测到应用程序访问硬件资源时, 触 发虚拟机退出, 由虚拟机管理器接管系统控制权, 然后判断应用程序的操作是 否合法, 如果合法, 允许应用程序访问硬件资源, 如果非法, 禁止应用程序访 问硬件资源, 达到了利用虚拟化技术实现硬件资源保护的目的, 摆脱了硬件资 源保护对专门硬件设备的依赖, 提高了使用灵活度, 降低了成本。 附图说明  The virtual machine manager monitors the hardware resources. When detecting that the application accesses the hardware resources, the virtual machine is triggered to exit, and the virtual machine manager takes over the control of the system, and then determines whether the operation of the application is legal. If it is legal, the application is allowed to access. Hardware resources, if illegal, prohibit applications from accessing hardware resources, achieve the purpose of using virtualization technology to achieve hardware resource protection, get rid of the dependence of hardware resource protection on specialized hardware devices, improve flexibility of use, and reduce costs. DRAWINGS
为了更清楚地说明本发明实施例中的技术方案, 下面将对实施例描述中所 需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明 的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings may also be obtained from those of ordinary skill in the art in view of the drawings.
图 1是本发明实施例 1提供的硬件资源保护方法流程图;  1 is a flowchart of a hardware resource protection method according to Embodiment 1 of the present invention;
图 2是本发明实施例 1提供的对于输入输出地址的硬件资源保护方法流程 图;  2 is a flow chart of a method for protecting a hardware resource for an input/output address according to Embodiment 1 of the present invention;
图 3是本发明实施例 1提供的对于内存空间的硬件资源保护流程图; 图 4是本发明实施例 2提供的虚拟机管理器结构示意图; 图 5是本发明实施例 2提供的虚拟机管理器另一结构示意图; 图 6是本发明实施例 3提供的硬件资源保护系统结构示意图。 具体实施方式 3 is a flowchart of hardware resource protection for a memory space according to Embodiment 1 of the present invention; FIG. 4 is a schematic structural diagram of a virtual machine manager according to Embodiment 2 of the present invention; FIG. 5 is a schematic diagram of another structure of a virtual machine manager according to Embodiment 2 of the present invention; FIG. 6 is a schematic structural diagram of a hardware resource protection system according to Embodiment 3 of the present invention. detailed description
为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对本发明 实施方式作进一歩地详细描述。  The embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
实施例 1  Example 1
参见图 1, 本实施例提供了一种硬件资源保护方法, 该方法包括:  Referring to FIG. 1, this embodiment provides a hardware resource protection method, where the method includes:
101: 虚拟机管理器监控硬件资源, 当检测到应用程序访问该硬件资源时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权;  101: The virtual machine manager monitors the hardware resource, and when detecting that the application accesses the hardware resource, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
需要说明的是, 虚拟机管理器运行于根模式, 虚拟机运行于非根模式, 虚 拟机退出是指由非根模式切换到根模式, 同时系统控制权转移, 由虚拟机管理 器接管系统控制权。  It should be noted that the virtual machine manager runs in the root mode, the virtual machine runs in the non-root mode, and the virtual machine exit refers to the switch from the non-root mode to the root mode, and the system control right transfer is controlled by the virtual machine manager takeover system. right.
102: 虚拟机管理器判断该应用程序的操作是否合法, 如果合法, 允许应 用程序访问硬件资源, 如果非法, 禁止应用程序访问硬件资源。  102: The virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
其中, 本实施例涉及的硬件资源可以是输入输出地址、 或内存空间等。 下 面分别说明上述方法对于输入输出地址和内存空间的保护过程。  The hardware resources involved in this embodiment may be an input/output address, a memory space, or the like. The following describes the protection process for the input and output addresses and memory space of the above methods.
参见图 2, 当硬件资源是输入输出地址时, 硬件资源保护方法包括以下歩 骤:  Referring to FIG. 2, when the hardware resource is an input/output address, the hardware resource protection method includes the following steps:
201: 虚拟机管理器监控虚拟机管理器所在设备的输入输出地址, 当检测 到应用程序对输入输出地址进行读写时, 触发虚拟机退出, 由虚拟机管理器接 管系统控制权;  201: The virtual machine manager monitors an input and output address of a device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output addresses, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
需要说明的是, 虚拟机管理器运行于根模式, 虚拟机运行于非根模式, 虚 拟机退出是指由非根模式切换到根模式, 同时系统控制权转移, 由虚拟机管理 器接管系统控制权。  It should be noted that the virtual machine manager runs in the root mode, the virtual machine runs in the non-root mode, and the virtual machine exit refers to the switch from the non-root mode to the root mode, and the system control right transfer is controlled by the virtual machine manager takeover system. right.
其中, 输入输出地址可以是系统中特定的输入输出地址, 或者也可以是系 统中所有的输入输出地址。  The input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
202: 虚拟机管理器判断该应用程序的操作是否合法;  202: The virtual machine manager determines whether the operation of the application is legal;
具体的,虚拟机管理器将该应用程序的公钥以及该应用程序提供的私钥进 行比对, 如果符合, 则确定该应用程序的操作合法, 如果不符合, 则确定该应 用程序的操作非法。 203: 如果合法, 允许应用程序访问该输入输出地址, 如果非法, 禁止应 用程序访问该输入输出地址。 Specifically, the virtual machine manager compares the public key of the application with the private key provided by the application, and if yes, determines that the operation of the application is legal, and if not, determines that the operation of the application is illegal. . 203: If it is legal, the application is allowed to access the input and output address, and if it is illegal, the application is prohibited from accessing the input and output address.
进一歩, 歩骤 203之后, 虚拟机管理器触发虚拟机进入, 由虚拟机接管系 统控制权。 需要说明的是, 虚拟机进入是指由根模式切换到非根模式, 同时系 统控制权转移, 由虚拟机接管系统控制权。  Further, after step 203, the virtual machine manager triggers the virtual machine to enter, and the virtual machine takes over control of the system. It should be noted that the entry of the virtual machine refers to the switch from the root mode to the non-root mode, and the control of the system is transferred, and the virtual machine takes over the control of the system.
参见图 3, 当硬件资源为内存空间时, 硬件资源保护方法包括以下歩骤: Referring to FIG. 3, when the hardware resource is a memory space, the hardware resource protection method includes the following steps:
301: 虚拟机管理器监控控制寄存器, 阻止应用程序使用该控制寄存器对 内存空间进行映射, 检测到该应用程序访问该内存空间时产生缺页异常; 301: The virtual machine manager monitors a control register, prevents an application from using the control register to map a memory space, and detects that a page fault exception occurs when the application accesses the memory space;
其中, 控制寄存器 (Control Regi ster, CR) 具体可以是 CR3。  The control register (Control Regi ster, CR) may specifically be CR3.
302: 虚拟机管理器通过设置使预设的退出条件成立, 触发虚拟机退出, 由虚拟机管理器接管系统控制权;  302: The virtual machine manager sets the preset exit condition to be set, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
具体的, 虚拟机管理器设置 PFEC— MASK和 PFEC— MATCH, 当产生缺页异常 时, 关系式 PFEC & PFEC— MASK = PFEC— MATCH成立, 触发虚拟机退出, 由虚拟 机管理器接管系统控制权。  Specifically, the virtual machine manager sets PFEC—MASK and PFEC—MATCH. When a page fault exception occurs, the relation PFEC & PFEC—MASK = PFEC—MATCH is established, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system. .
其中, &表示与运算, PFEC表示 (Page Fault Error Code , 缺页错误码), PFEC— MASK 表示缺页掩码, PFEC— MATCH 表示缺页匹配码。 例如, 可以将 PFEC— MASK 和 PFEC— MATCH都设置为 0, 则产生缺页异常时上述关系式成立, 从而触发虚拟机退出, 由虚拟机管理器接管系统控制权。  Where & indicates the AND operation, PFEC indicates (Page Fault Error Code), PFEC_MASK indicates the page fault mask, and PFEC_MATCH indicates the page fault match code. For example, if both PFEC_MASK and PFEC_MATCH can be set to 0, the above relationship is established when a page fault exception occurs, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system.
需要说明的是, 虚拟机管理器运行于根模式, 虚拟机运行于非根模式, 虚 拟机退出是指由非根模式切换到根模式, 同时系统控制权转移, 由虚拟机管理 器接管系统控制权。  It should be noted that the virtual machine manager runs in the root mode, the virtual machine runs in the non-root mode, and the virtual machine exit refers to the switch from the non-root mode to the root mode, and the system control right transfer is controlled by the virtual machine manager takeover system. right.
303: 虚拟机管理器判断该应用程序的操作是否合法;  303: The virtual machine manager determines whether the operation of the application is legal;
具体的,虚拟机管理器将该应用程序的公钥以及该应用程序提供的私钥进 行比对, 如果符合, 则确定该应用程序的操作合法, 如果不符合, 则确定该应 用程序的操作非法。  Specifically, the virtual machine manager compares the public key of the application with the private key provided by the application, and if yes, determines that the operation of the application is legal, and if not, determines that the operation of the application is illegal. .
304: 如果合法, 允许应用程序访问内存空间, 如果非法, 禁止应用程序 访问内存空间。  304: If legal, allows the application to access the memory space, if it is illegal, it prohibits the application from accessing the memory space.
进一歩, 歩骤 304之后, 虚拟机管理器触发虚拟机进入, 由虚拟机接管系 统控制权。 需要说明的是, 虚拟机进入是指由根模式切换到非根模式, 同时系 统控制权转移, 由虚拟机接管系统控制权。  Further, after step 304, the virtual machine manager triggers the virtual machine to enter, and the virtual machine takes over control of the system. It should be noted that the entry of the virtual machine refers to the switch from the root mode to the non-root mode, and the control of the system is transferred, and the virtual machine takes over the control of the system.
本实施例通过虚拟机管理器监控硬件资源, 当检测到应用程序访问硬件资 源时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权, 然后判断应用程序 的操作是否合法, 如果合法, 允许应用程序访问硬件资源, 如果非法, 禁止应 用程序访问硬件资源, 达到了利用虚拟化技术实现硬件资源保护的目的, 摆脱 了硬件资源保护对专门硬件设备的依赖, 提高了使用灵活度, 降低了成本。 实施例 2 In this embodiment, the hardware resource is monitored by the virtual machine manager, and when the application accesses the hardware resource is detected When the source is triggered, the virtual machine is triggered to exit, and the virtual machine manager takes over control of the system, and then determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource, and the utilization is achieved. The virtualization technology realizes the purpose of hardware resource protection, frees the dependence of hardware resource protection on specialized hardware devices, improves the flexibility of use, and reduces the cost. Example 2
参见图 4, 本实施例提供了一种虚拟机管理器, 虚拟机管理器包括: 监控模块 401, 用于监控硬件资源, 当检测到应用程序访问硬件资源时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权;  Referring to FIG. 4, the embodiment provides a virtual machine manager. The virtual machine manager includes: a monitoring module 401, configured to monitor hardware resources, and when detecting that the application accesses the hardware resources, trigger the virtual machine to exit, by the virtual machine. The manager takes over control of the system;
判断模块 402, 用于判断应用程序的操作是否合法, 如果合法, 允许应用 程序访问硬件资源, 如果非法, 禁止应用程序访问硬件资源。  The determining module 402 is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
当硬件资源为输入输出地址时, 监控模块 401, 具体用于监控虚拟机管理 器所在设备的输入输出地址, 当检测到应用程序对输入输出地址进行读写操作 时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权。  When the hardware resource is an input/output address, the monitoring module 401 is specifically configured to monitor an input and output address of the device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output addresses, triggering the virtual machine to exit, by virtual The machine manager takes over control of the system.
其中, 输入输出地址可以是系统中特定的输入输出地址, 或者也可以是系 统中所有的输入输出地址。  The input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
当硬件资源为内存空间时, 监控模块 401, 具体用于监控控制寄存器, 阻 止应用程序使用控制寄存器对内存空间进行映射, 检测到应用程序访问内存空 间时产生缺页异常, 并通过设置使预设的退出条件成立, 触发虚拟机退出。  When the hardware resource is a memory space, the monitoring module 401 is specifically configured to monitor the control register, prevent the application from using the control register to map the memory space, and detect that the page fault is generated when the application accesses the memory space, and the preset is made by setting The exit condition is established, triggering the virtual machine to exit.
监控模块 401在通过设置使预设的退出条件成立时, 具体用于  The monitoring module 401 is specifically used when the preset exit condition is established by setting
设置缺页掩码 PFEC— MASK和缺页匹配码 PFEC— MATCH, 当产生缺页异常时, 关系式缺页错误码 PFEC & PFEC— MASK = PFEC— MATCH成立, &表示与运算。  Set page fault mask PFEC—MASK and page fault match code PFEC— MATCH, when page fault exception occurs, relational page fault error code PFEC & PFEC— MASK = PFEC—MATCH is established, and & indicates the AND operation.
例如, 可以将 PFEC— MASK和 PFEC— MATCH都设置为 0, 则产生缺页异常时 上述关系式成立, 从而触发虚拟机退出。 其中, 控制寄存器具体可以是 CR3。  For example, if both PFEC_MASK and PFEC_MATCH can be set to 0, the above relationship is established when a page fault exception occurs, triggering the virtual machine to exit. The control register may specifically be CR3.
具体的, 判断模块 402, 具体用于将应用程序的公钥以及应用程序提供的 私钥进行比对, 如果符合, 确定应用程序的操作合法, 如果不符合, 确定应用 程序的操作非法。  Specifically, the determining module 402 is specifically configured to compare the public key of the application and the private key provided by the application, and if yes, determine that the operation of the application is legal, and if not, determine that the operation of the application is illegal.
进一歩, 参见图 5, 虚拟机管理器还包括: 触发模块 403, 用于在判断模 块 402允许或禁止应用程序访问硬件资源之后, 触发虚拟机进入, 由虚拟机接 管系统控制权。  Further, referring to FIG. 5, the virtual machine manager further includes: a triggering module 403, configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
需要说明的是, 虚拟机管理器运行于根模式, 虚拟机运行于非根模式, 虚 拟机退出是指由非根模式切换到根模式, 同时系统控制权转移, 由虚拟机管理 器接管系统控制权。 虚拟机进入是指由根模式切换到非根模式, 同时系统控制 权转移, 由虚拟机接管系统控制权。 It should be noted that the virtual machine manager runs in the root mode, and the virtual machine runs in the non-root mode. The quasi-machine exit means that the non-root mode is switched to the root mode, and at the same time, the system control rights are transferred, and the virtual machine manager takes over the control of the system. Virtual machine entry refers to switching from root mode to non-root mode, while system control is transferred, and the virtual machine takes over control of the system.
本实施例提供的虚拟机管理器与方法实施例中的虚拟机管理器属于同一 构思, 其具体实现过程详见方法实施例, 这里不再赘述。  The virtual machine manager provided in this embodiment is the same as the virtual machine manager in the method embodiment. For details, refer to the method embodiment, and details are not described herein.
本实施例提供的虚拟机管理器通过监控硬件资源, 当检测到应用程序访问 硬件资源时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权, 然后判断应 用程序的操作是否合法, 如果合法, 允许应用程序访问硬件资源, 如果非法, 禁止应用程序访问硬件资源, 达到了利用虚拟化技术实现硬件资源保护的目 的, 摆脱了硬件资源保护对专门硬件设备的依赖, 提高了使用灵活度, 降低了 成本。 实施例 3  The virtual machine manager provided by the embodiment monitors the hardware resources, and when detecting that the application accesses the hardware resources, triggers the virtual machine to exit, and the virtual machine manager takes over the control of the system, and then determines whether the operation of the application is legal, if legal. Allows the application to access hardware resources. If it is illegal, it prohibits the application from accessing hardware resources, achieves the purpose of using virtualization technology to achieve hardware resource protection, and gets rid of the dependence of hardware resource protection on specialized hardware devices, improving the flexibility of use and reducing The cost. Example 3
参见图 6, 本实施例提供了一种硬件资源保护系统, 该系统包括: 虚拟机 管理器 40、 硬件资源 30、 和虚拟机 20 ;  Referring to FIG. 6, this embodiment provides a hardware resource protection system, where the system includes: a virtual machine manager 40, a hardware resource 30, and a virtual machine 20;
虚拟机管理器 40用于监控硬件资源 30, 当检测到应用程序访问硬件资源 30时, 触发虚拟机 20退出, 由虚拟机管理器 40接管系统控制权; 并判断应用 程序的操作是否合法, 如果合法, 允许应用程序访问硬件资源 30, 如果非法, 禁止应用程序访问硬件资源 30。  The virtual machine manager 40 is configured to monitor the hardware resource 30, when detecting that the application accesses the hardware resource 30, triggers the virtual machine 20 to exit, and the virtual machine manager 40 takes over the system control right; and determines whether the operation of the application is legal, if Legitimate, allowing the application to access hardware resources 30, if illegal, prohibits the application from accessing hardware resources 30.
虚拟机管理器 40包括: 监控模块 401和判断模块 402 ;  The virtual machine manager 40 includes: a monitoring module 401 and a determining module 402;
监控模块 401,用于监控硬件资源 30, 当检测到应用程序访问硬件资源 30 时, 触发虚拟机 20退出, 由虚拟机管理器 40接管系统控制权;  The monitoring module 401 is configured to monitor the hardware resource 30. When detecting that the application accesses the hardware resource 30, the virtual machine 20 is triggered to exit, and the virtual machine manager 40 takes over the system control right;
判断模块 402, 用于判断应用程序的操作是否合法, 如果合法, 允许应用 程序访问硬件资源 30, 如果非法, 禁止应用程序访问硬件资源 30。  The determining module 402 is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource 30. If it is illegal, the application is prohibited from accessing the hardware resource 30.
当硬件资源 30为输入输出地址时,监控模块 401,具体用于监控虚拟机管 理器所在设备的输入输出地址, 当检测到应用程序对输入输出地址进行读写操 作时, 触发虚拟机 20退出, 由虚拟机管理器接管系统控制权。  When the hardware resource 30 is an input/output address, the monitoring module 401 is specifically configured to monitor the input and output addresses of the device where the virtual machine manager is located. When detecting that the application reads and writes the input and output addresses, the virtual machine 20 is triggered to exit. The system control is taken over by the virtual machine manager.
其中, 输入输出地址可以是系统中特定的输入输出地址, 或者也可以是系 统中所有的输入输出地址。  The input and output addresses can be specific input and output addresses in the system, or they can be all input and output addresses in the system.
当硬件资源 30为内存空间时, 监控模块 401, 具体用于监控控制寄存器, 阻止应用程序使用控制寄存器对内存空间进行映射, 使应用程序访问内存空间 时产生缺页异常, 并通过设置使预设的退出条件成立, 触发虚拟机 20退出。 监控模块 401在通过设置使预设的退出条件成立时, 具体用于 When the hardware resource 30 is a memory space, the monitoring module 401 is specifically configured to monitor the control register, and prevent the application from using the control register to map the memory space, so that the application accesses the memory space. When a page fault exception occurs, and the preset exit condition is established by setting, the virtual machine 20 is triggered to exit. The monitoring module 401 is specifically used when the preset exit condition is established by setting
设置缺页掩码 PFEC— MASK和缺页匹配码 PFEC— MATCH, 当产生缺页异常时, 关系式缺页错误码 PFEC & PFEC— MASK = PFEC— MATCH成立, &表示与运算。  Set page fault mask PFEC—MASK and page fault match code PFEC— MATCH, when page fault exception occurs, relational page fault error code PFEC & PFEC— MASK = PFEC—MATCH is established, and & indicates the AND operation.
例如, 可以将 PFEC— MASK和 PFEC— MATCH都设置为 0, 则产生缺页异常时 上述关系式成立, 从而触发虚拟机退出。 其中, 控制寄存器具体可以是 CR3。  For example, if both PFEC_MASK and PFEC_MATCH can be set to 0, the above relationship is established when a page fault exception occurs, triggering the virtual machine to exit. The control register may specifically be CR3.
具体的, 判断模块 402, 具体用于将应用程序的公钥以及应用程序提供的 私钥进行比对, 如果符合, 确定应用程序的操作合法, 如果不符合, 确定应用 程序的操作非法。  Specifically, the determining module 402 is specifically configured to compare the public key of the application and the private key provided by the application, and if yes, determine that the operation of the application is legal, and if not, determine that the operation of the application is illegal.
进一歩, 虚拟机管理器还包括: 触发模块 403, 用于在判断模块 402允许 或禁止应用程序访问硬件资源之后, 触发虚拟机进入, 由虚拟机接管系统控制 权。  Further, the virtual machine manager further includes: a triggering module 403, configured to trigger the virtual machine to enter after the determining module 402 allows or prohibits the application from accessing the hardware resource, and the virtual machine takes over control of the system.
需要说明的是, 虚拟机管理器运行于根模式, 虚拟机运行于非根模式, 虚 拟机退出是指由非根模式切换到根模式, 同时系统控制权转移, 由虚拟机管理 器接管系统控制权。 虚拟机进入是指由根模式切换到非根模式, 同时系统控制 权转移, 由虚拟机接管系统控制权。  It should be noted that the virtual machine manager runs in the root mode, the virtual machine runs in the non-root mode, and the virtual machine exit refers to the switch from the non-root mode to the root mode, and the system control right transfer is controlled by the virtual machine manager takeover system. right. Virtual machine entry refers to switching from root mode to non-root mode, and system control transfer, and the virtual machine takes over control of the system.
本实施例提供的虚拟机管理器、 硬件资源、 虚拟机分别与方法实施例中的 虚拟机管理器、 硬件资源、 虚拟机属于同一构思, 其具体实现过程详见方法实 施例, 这里不再赘述。  The virtual machine manager, the hardware resource, and the virtual machine provided in this embodiment are respectively in the same concept as the virtual machine manager, the hardware resource, and the virtual machine in the method embodiment, and the specific implementation process is described in the method embodiment, and details are not described herein again. .
本实施例提供的系统, 通过虚拟机管理器监控硬件资源, 当检测到应用程 序访问硬件资源时, 触发虚拟机退出, 由虚拟机管理器接管系统控制权, 然后 判断应用程序的操作是否合法, 如果合法, 允许应用程序访问硬件资源, 如果 非法, 禁止应用程序访问硬件资源, 达到了利用虚拟化技术实现硬件资源保护 的目的, 摆脱了硬件资源保护对专门硬件设备的依赖, 提高了使用灵活度, 降 低了成本。 本领域普通技术人员可以理解实现上述实施例的全部或部分歩骤可以通 过硬件来完成, 也可以通过程序来指令相关的硬件完成, 所述的程序可以存储 于一种计算机可读存储介质中, 上述提到的存储介质可以是只读存储器, 磁盘 或光盘等。 以上所述仅为本发明的较佳实施例, 并不用以限制本发明, 凡在本发明的 精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的 保护范围之内。 The system provided in this embodiment monitors hardware resources through the virtual machine manager. When detecting that the application accesses the hardware resources, the virtual machine is triggered to exit, and the virtual machine manager takes over control of the system, and then determines whether the operation of the application is legal. If it is legal, it allows the application to access the hardware resources. If it is illegal, it prohibits the application from accessing the hardware resources, and achieves the purpose of using the virtualization technology to realize the hardware resource protection. It is free from the dependence of the hardware resource protection on the specialized hardware devices, and improves the flexibility of use. , reducing costs. A person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium. The above-mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like. The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.

Claims

权 利 要 求 书 Claim
1、 一种硬件资源保护方法, 其特征在于, 所述方法包括: A method for protecting a hardware resource, the method comprising:
虚拟机管理器监控硬件资源, 当检测到应用程序访问所述硬件资源时, 触 发虚拟机退出, 由所述虚拟机管理器接管系统控制权;  The virtual machine manager monitors the hardware resource, and when detecting that the application accesses the hardware resource, triggers the virtual machine to exit, and the virtual machine manager takes over control of the system;
虚拟机管理器判断所述应用程序的操作是否合法, 如果合法, 允许所述应 用程序访问所述硬件资源, 如果非法, 禁止所述应用程序访问所述硬件资源。  The virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
2、 根据权利要求 1所述的方法, 其特征在于, 所述虚拟机管理器监控硬件 资源, 当检测到应用程序访问所述硬件资源时, 触发虚拟机退出, 由所述虚拟 机管理器接管系统控制权, 具体包括: 2. The method according to claim 1, wherein the virtual machine manager monitors hardware resources, and when detecting that the application accesses the hardware resource, triggers the virtual machine to exit, and the virtual machine manager takes over System control rights, including:
当所述硬件资源为输入输出地址时, 虚拟机管理器监控所述虚拟机管理器 所在设备的输入输出地址, 当检测到应用程序对所述输入输出地址进行读写操 作时, 触发虚拟机退出, 由所述虚拟机管理器接管系统控制权。  When the hardware resource is an input/output address, the virtual machine manager monitors an input and output address of the device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output address, triggers the virtual machine to exit. , the virtual machine manager takes over control of the system.
3、 根据权利要求 1所述的方法, 其特征在于, 所述虚拟机管理器监控硬件 资源, 当检测到应用程序访问所述硬件资源时, 触发虚拟机退出, 由所述虚拟 机管理器接管系统控制权, 具体包括: The method according to claim 1, wherein the virtual machine manager monitors hardware resources, and when detecting that the application accesses the hardware resource, triggers the virtual machine to exit, and the virtual machine manager takes over System control rights, including:
当所述硬件资源为内存空间时, 虚拟机管理器监控控制寄存器, 阻止应用 程序使用所述控制寄存器对内存空间进行映射, 检测到所述应用程序访问所述 内存空间时产生缺页异常, 并通过设置使预设的退出条件成立, 触发虚拟机退 出, 由所述虚拟机管理器接管系统控制权。  When the hardware resource is a memory space, the virtual machine manager monitors the control register, prevents the application from using the control register to map the memory space, and detects that the application accesses the memory space to generate a page fault exception, and By setting the preset exit condition to be established, the virtual machine is triggered to exit, and the virtual machine manager takes over the system control right.
4、 根据权利要求 3所述的方法, 其特征在于, 所述通过设置使预设的退出 条件成立, 具体包括: The method according to claim 3, wherein the setting, by setting the preset exit condition, comprises:
设置缺页掩码 PFEC— MASK和缺页匹配码 PFEC— MATCH, 当产生缺页异常时, 关系式缺页错误码 PFEC & PFEC— MASK = PFEC— MATCH成立, &表示与运算。  Set page fault mask PFEC—MASK and page fault match code PFEC— MATCH, when page fault exception occurs, relational page fault error code PFEC & PFEC— MASK = PFEC—MATCH is established, and & indicates the AND operation.
5、 根据权利要求 1-4任一项所述的方法, 其特征在于, 所述虚拟机管理器 判断所述应用程序的操作是否合法, 具体包括: 虚拟机管理器将所述应用程序的公钥以及所述应用程序提供的私钥进行比 对, 如果符合, 确定所述应用程序的操作合法, 如果不符合, 确定所述应用程 序的操作非法。 The method according to any one of claims 1-4, wherein the virtual machine manager determines whether the operation of the application is legal, and specifically includes: The virtual machine manager compares the public key of the application with the private key provided by the application, and if so, determines that the operation of the application is legal, and if not, determines that the operation of the application is illegal.
6、 根据权利要求 1所述的方法, 其特征在于, 所述虚拟机管理器判断所述 应用程序的操作是否合法, 如果合法, 允许所述应用程序访问所述硬件资源, 如果非法, 禁止所述应用程序访问所述硬件资源之后, 所述方法还包括: The method according to claim 1, wherein the virtual machine manager determines whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. After the application accesses the hardware resource, the method further includes:
虚拟机管理器触发虚拟机进入, 由虚拟机接管系统控制权。  The virtual machine manager triggers the virtual machine to enter, and the virtual machine takes over control of the system.
7、 一种虚拟机管理器, 其特征在于, 所述虚拟机管理器包括: 7. A virtual machine manager, wherein the virtual machine manager comprises:
监控模块, 用于监控硬件资源, 当检测到应用程序访问所述硬件资源时, 触发虚拟机退出, 由所述虚拟机管理器接管系统控制权;  a monitoring module, configured to monitor a hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system;
判断模块, 用于判断所述应用程序的操作是否合法, 如果合法, 允许所述 应用程序访问所述硬件资源, 如果非法, 禁止所述应用程序访问所述硬件资源。  The determining module is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
8、 根据权利要求 7所述的虚拟机管理器, 其特征在于, 所述监控模块, 具 体用于 8. The virtual machine manager according to claim 7, wherein the monitoring module is specifically used for
当所述硬件资源为输入输出地址时, 监控所述虚拟机管理器所在设备的输 入输出地址, 当检测到应用程序对所述输入输出地址进行读写操作时, 触发虚 拟机退出, 由所述虚拟机管理器接管系统控制权。  When the hardware resource is an input/output address, monitoring an input/output address of the device where the virtual machine manager is located, and when detecting that the application reads and writes the input and output address, triggering the virtual machine to exit, The virtual machine manager takes over control of the system.
9、 根据权利要求 7所述的虚拟机管理器, 其特征在于, 所述监控模块, 具 体用于 9. The virtual machine manager according to claim 7, wherein the monitoring module is specifically for
当所述硬件资源为内存空间时, 监控控制寄存器, 阻止应用程序使用所述 控制寄存器对内存空间进行映射, 检测到所述应用程序访问所述内存空间时产 生缺页异常, 并通过设置使预设的退出条件成立, 触发虚拟机退出。  When the hardware resource is a memory space, monitoring a control register, preventing an application from using the control register to map a memory space, detecting that a page fault exception occurs when the application accesses the memory space, and setting a pre-emptive The set exit condition is established, triggering the virtual machine to exit.
10、 根据权利要求 9所述的虚拟机管理器, 其特征在于, 所述监控模块在 通过设置使预设的退出条件成立时, 具体用于 The virtual machine manager according to claim 9, wherein the monitoring module is specifically used when setting a preset exit condition by setting
设置缺页掩码 PFEC— MASK和缺页匹配码 PFEC— MATCH, 当产生缺页异常时, 关系式缺页错误码 PFEC & PFEC— MASK = PFEC— MATCH成立, &表示与运算。 Set the page fault mask PFEC_MASK and the page fault match code PFEC_MATCH, when a page fault exception occurs, Relational page fault error code PFEC & PFEC—MASK = PFEC—MATCH is established, and & represents the AND operation.
11、 根据权利要求 7-10任一项所述的虚拟机管理器, 其特征在于, 所述判 断模块, 具体用于 The virtual machine manager according to any one of claims 7 to 10, wherein the judgment module is specifically used for
将所述应用程序的公钥以及所述应用程序提供的私钥进行比对, 如果符合, 确定所述应用程序的操作合法, 如果不符合, 确定所述应用程序的操作非法。  Comparing the public key of the application and the private key provided by the application, if yes, determining that the operation of the application is legal, and if not, determining that the operation of the application is illegal.
12、 根据权利要求 7所述的虚拟机管理器, 其特征在于, 所述虚拟机管理 器还包括: 触发模块, 用于在所述判断模块允许或禁止所述应用程序访问所述 硬件资源之后, 触发虚拟机进入, 由虚拟机接管系统控制权。 The virtual machine manager according to claim 7, wherein the virtual machine manager further comprises: a triggering module, configured to: after the determining module allows or prohibits the application from accessing the hardware resource , triggers the virtual machine to enter, and the virtual machine takes over control of the system.
13、 一种硬件资源保护系统, 其特征在于, 所述系统包括: 虚拟机管理器、 硬件资源、 和虚拟机; 13. A hardware resource protection system, the system comprising: a virtual machine manager, a hardware resource, and a virtual machine;
所述虚拟机管理器用于监控所述硬件资源, 当检测到应用程序访问所述硬 件资源时, 触发所述虚拟机退出, 由所述虚拟机管理器接管系统控制权; 并判 断所述应用程序的操作是否合法, 如果合法, 允许所述应用程序访问所述硬件 资源, 如果非法, 禁止所述应用程序访问所述硬件资源。  The virtual machine manager is configured to monitor the hardware resource, when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system; and determining the application Whether the operation is legal, if legal, allows the application to access the hardware resource, and if it is illegal, the application is prohibited from accessing the hardware resource.
14、 根据权利要求 13所述的系统, 其特征在于, 所述虚拟机管理器包括: 监控模块和判断模块; The system of claim 13, wherein the virtual machine manager comprises: a monitoring module and a determining module;
所述监控模块, 用于监控所述硬件资源, 当检测到应用程序访问所述硬件 资源时, 触发所述虚拟机退出, 由所述虚拟机管理器接管系统控制权;  The monitoring module is configured to monitor the hardware resource, and when detecting that the application accesses the hardware resource, triggering the virtual machine to exit, and the virtual machine manager takes over control of the system;
所述判断模块, 用于判断所述应用程序的操作是否合法, 如果合法, 允许 所述应用程序访问所述硬件资源, 如果非法, 禁止所述应用程序访问所述硬件 资源。  The determining module is configured to determine whether the operation of the application is legal. If it is legal, the application is allowed to access the hardware resource. If it is illegal, the application is prohibited from accessing the hardware resource.
15、 根据权利要求 14所述的系统, 其特征在于, 所述监控模块, 具体用于 当所述硬件资源为输入输出地址时, 监控所述虚拟机管理器所在设备的输 入输出地址, 当检测到应用程序对所述输入输出地址进行读写操作时, 触发虚 拟机退出, 由所述虚拟机管理器接管系统控制权。 The system according to claim 14, wherein the monitoring module is configured to: when the hardware resource is an input/output address, monitor an input and output address of a device where the virtual machine manager is located, when detecting When the application reads and writes the input and output addresses, the virtual machine is triggered to exit, and the virtual machine manager takes over control of the system.
16、 根据权利要求 14所述的系统, 其特征在于, 所述监控模块, 具体用于 当所述硬件资源为内存空间时, 监控控制寄存器, 阻止应用程序使用所述 控制寄存器对内存空间进行映射, 使所述应用程序访问所述内存空间时产生缺 页异常, 并通过设置使预设的退出条件成立, 触发虚拟机退出。 The system according to claim 14, wherein the monitoring module is configured to: when the hardware resource is a memory space, monitor a control register, and prevent an application from using the control register to map a memory space. , causing the application to access the memory space to generate a page fault exception, and setting the preset exit condition to be established, triggering the virtual machine to exit.
17、 根据权利要求 16所述的系统, 其特征在于, 所述监控模块在通过设置 使预设的退出条件成立时, 具体用于 The system according to claim 16, wherein the monitoring module is specifically used when setting a preset exit condition by setting
设置缺页掩码 PFEC— MASK和缺页匹配码 PFEC— MATCH, 当产生缺页异常时, 关系式缺页错误码 PFEC & PFEC— MASK = PFEC— MATCH成立, &表示与运算。  Set page fault mask PFEC—MASK and page fault match code PFEC— MATCH, when page fault exception occurs, relational page fault error code PFEC & PFEC— MASK = PFEC—MATCH is established, and & indicates the AND operation.
18、 根据权利要求 14-17任一项所述的系统, 其特征在于, 所述判断模块, 具体用于 The system according to any one of claims 14-17, wherein the determining module is specifically configured to:
将所述应用程序的公钥以及所述应用程序提供的私钥进行比对, 如果符合, 确定所述应用程序的操作合法, 如果不符合, 确定所述应用程序的操作非法。  Comparing the public key of the application and the private key provided by the application, if yes, determining that the operation of the application is legal, and if not, determining that the operation of the application is illegal.
19、根据权利要求 14所述的系统, 其特征在于,所述虚拟机管理器还包括: 触发模块, 用于在所述判断模块允许或禁止所述应用程序访问所述硬件资源之 后, 触发虚拟机进入, 由虚拟机接管系统控制权。 The system according to claim 14, wherein the virtual machine manager further comprises: a triggering module, configured to trigger a virtuality after the determining module allows or prohibits the application from accessing the hardware resource The machine enters, and the virtual machine takes over control of the system.
PCT/CN2011/083499 2011-12-06 2011-12-06 Hardware resource protection method and system, and virtual machine manager WO2013082749A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201180058592.7A CN103270491B (en) 2011-12-06 2011-12-06 A kind of hardware resource protection method and system and virtual machine manager
PCT/CN2011/083499 WO2013082749A1 (en) 2011-12-06 2011-12-06 Hardware resource protection method and system, and virtual machine manager

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/083499 WO2013082749A1 (en) 2011-12-06 2011-12-06 Hardware resource protection method and system, and virtual machine manager

Publications (1)

Publication Number Publication Date
WO2013082749A1 true WO2013082749A1 (en) 2013-06-13

Family

ID=48573481

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/083499 WO2013082749A1 (en) 2011-12-06 2011-12-06 Hardware resource protection method and system, and virtual machine manager

Country Status (2)

Country Link
CN (1) CN103270491B (en)
WO (1) WO2013082749A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111737656B (en) * 2019-05-30 2023-10-27 中国科学院计算技术研究所 Application program-oriented privileged hardware resource access method and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162443A (en) * 2006-10-10 2008-04-16 株式会社瑞萨科技 Data processor
US20080244571A1 (en) * 2007-03-30 2008-10-02 Bennett Steven M Virtual interrupt processing in a layered virtualization architecture
CN101398769A (en) * 2008-10-28 2009-04-01 北京航空航天大学 Processor resource integrating and utilizing method transparent to operating system
CN101419558A (en) * 2008-11-13 2009-04-29 湖南大学 CUDA graphic subsystem virtualization method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4795812B2 (en) * 2006-02-22 2011-10-19 富士通セミコンダクター株式会社 Secure processor
CN101751284B (en) * 2009-12-25 2013-04-24 华为技术有限公司 I/O resource scheduling method for distributed virtual machine monitor
US8555059B2 (en) * 2010-04-16 2013-10-08 Microsoft Corporation Secure local update of content management software

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162443A (en) * 2006-10-10 2008-04-16 株式会社瑞萨科技 Data processor
US20080244571A1 (en) * 2007-03-30 2008-10-02 Bennett Steven M Virtual interrupt processing in a layered virtualization architecture
CN101398769A (en) * 2008-10-28 2009-04-01 北京航空航天大学 Processor resource integrating and utilizing method transparent to operating system
CN101419558A (en) * 2008-11-13 2009-04-29 湖南大学 CUDA graphic subsystem virtualization method

Also Published As

Publication number Publication date
CN103270491A (en) 2013-08-28
CN103270491B (en) 2016-12-21

Similar Documents

Publication Publication Date Title
TWI697805B (en) Loading and virtualizing cryptographic keys
JP6137499B2 (en) Method and apparatus
Zuo et al. Supermem: Enabling application-transparent secure persistent memory with low overheads
TWI514187B (en) Systems and methods for providing anti-malware protection on storage devices
US20080201540A1 (en) Preservation of integrity of data across a storage hierarchy
US10061718B2 (en) Protecting secret state from memory attacks
EP2867822B1 (en) Methods and apparatus for a secure sleep state
JP2010517164A5 (en)
WO2006058472A1 (en) Method for establishing a trusted running environment in the computer
US20080059711A1 (en) Method and apparatus for preventing software side channel attacks
EP3113406B1 (en) Key protecting method and apparatus
US9529805B2 (en) Systems and methods for providing dynamic file system awareness on storage devices
Strackx et al. ICE: A passive, high-speed, state-continuity scheme
EP3627368B1 (en) Auxiliary memory having independent recovery area, and device applied with same
TW201137660A (en) Method and system for protecting an operating system against unauthorized modification
US10552345B2 (en) Virtual machine memory lock-down
Cheng et al. CATTmew: Defeating software-only physical kernel isolation
US20100332744A1 (en) Data recovery and overwrite independent of operating system
Wang et al. Hypervisor-based protection of sensitive files in a compromised system
KR20170060815A (en) A Electronic Device And Method For Protecting The Kernel Space of the Memory
WO2013082749A1 (en) Hardware resource protection method and system, and virtual machine manager
Liao et al. TrustZone enhanced plausibly deniable encryption system for mobile devices
TWI312253B (en) Data processing apparatus and method for controlling access to a memory in the same
JP2018526720A (en) Protecting virtual machine state information
US10019574B2 (en) Systems and methods for providing dynamic file system awareness on storage devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11877079

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11877079

Country of ref document: EP

Kind code of ref document: A1