WO2015117434A1 - Method and device for manufacturing patch, and method and device for activating patch - Google Patents

Method and device for manufacturing patch, and method and device for activating patch Download PDF

Info

Publication number
WO2015117434A1
WO2015117434A1 PCT/CN2014/090497 CN2014090497W WO2015117434A1 WO 2015117434 A1 WO2015117434 A1 WO 2015117434A1 CN 2014090497 W CN2014090497 W CN 2014090497W WO 2015117434 A1 WO2015117434 A1 WO 2015117434A1
Authority
WO
WIPO (PCT)
Prior art keywords
patch
code
module
instruction
replaced
Prior art date
Application number
PCT/CN2014/090497
Other languages
French (fr)
Chinese (zh)
Inventor
蒋勇
隆春
王亮
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015117434A1 publication Critical patent/WO2015117434A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/658Incremental updates; Differential updates

Definitions

  • the invention relates to the technical field of making and activating a patch, in particular to a method and a device for manufacturing a patch, a method and a device for activating a patch.
  • Program online upgrade refers to the method of replacing the running code segment of the program without restarting the program during the running process, and is widely used in various high-reliability server operating systems.
  • the current program online upgrade patch is basically based on functions, you can fix the application by fixing the function that has a vulnerability or need to be updated.
  • the related technology adopts a function-level program repair method.
  • the working principle is to replace the command of the patched function with the first instruction of the patched function to jump to the instruction in the replacement function, so that the program jumps to the position where the new function is located, when the replacement function is executed. After the execution is completed, jump back to the code that calls the old function, thus completing the entire calling process.
  • This function replacement has the following drawbacks:
  • the main technical problem to be solved by the embodiments of the present invention is to provide a method and a device for manufacturing a patch, a method and a device for activating the patch, and to solve the problem of patching existing in the program upgrade of the related art.
  • the repair granularity is relatively thick and can not solve the problem of multiple referenced functions being mutually referenced.
  • a method for manufacturing a patch includes the following steps:
  • a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes a patch code corresponding to the replacement code and a position of the replaced code in the source code;
  • the step of generating a patch module that replaces the replaced code according to the patch script includes:
  • the kernel module is compiled into a patch module in the form of a binary program.
  • the predetermined type of language comprises a C language.
  • a method for activating a patch includes the following steps:
  • the patch module includes a patch code corresponding to at least one line of the replaced code in the source code of the patched function, and a start position and an end position of the instruction corresponding to the replaced code in the binary program;
  • the setting is used to jump to execute the patch code according to the start location.
  • the steps to transfer instructions include:
  • the instruction to the start position is modified to jump to the jump instruction that executes the patch code.
  • the method further includes: installing a detection point and a return point of the patch module, where the detection point is the start position, and the return point is the end position; Associating the patch function to the probe point when the probe point is installed;
  • the step of modifying an instruction to execute the start position to a jump instruction for jumping to execute the patch code includes:
  • the step of modifying the detected instruction of the probe point into a breakpoint instruction for executing the patch code by using a breakpoint exception handling function includes:
  • the probed instruction is backed up, and then the first one or more bytes in the probed instruction are replaced with a breakpoint instruction for executing the patch code by a breakpoint exception handling function.
  • a patch making device includes: a script editing module, a positioning module, and a patch generating module, wherein
  • the script editing module is configured to: write, by using a scripting language, a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes the patch code corresponding to the replaced code and the replaced code is The location in the source code;
  • the patch generation module is configured to: generate a patch module that replaces the replaced code according to the patch script;
  • the positioning module is configured to: locate a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and place the replaced code in the binary program corresponding to the instruction The start location and the end location are added to the patch module.
  • the patch generation module includes: a script language translator and a patch module compiler, where
  • the scripting language translator is configured to: convert the patch script into code of a predetermined type language and compile into a loadable kernel module;
  • the patch module compiler is configured to: compile the kernel module into a patch module in the form of a binary program.
  • a patch activation device includes an acquisition module, an instruction setting module, and a return setting module, wherein
  • the obtaining module is configured to: acquire a patch module, where the patch module includes a patch code corresponding to at least one row of the replaced code in the source code of the patched function, and a start position and an end of the command corresponding to the replaced code in the binary program. position;
  • the instruction setting module is configured to: set a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execution Patch code in the patch module;
  • the returning device module is configured to: return to the patched function to continue running the code after executing the patch code according to the ending location setting.
  • the instruction setting module is configured to set a jump instruction for jumping to execute the patch code according to the start position according to the following manner:
  • the instruction to the start position is modified to jump to the jump instruction that executes the patch code.
  • the apparatus further includes a mounting module, wherein:
  • the installation module is configured to: install a detection point and a return point of the patch module, the detection point is the start position, the return point is the end position, and when the probe point is installed, A patch function is associated with the probe point;
  • the instruction setting module is configured to: modify the detected instruction of the probe point to jump to a breakpoint instruction for executing the patch code by a breakpoint exception handling function, such that when the probe point is executed, The breakpoint instruction is run and jumps to execute the patch code in the patch module by a breakpoint exception handler.
  • the instruction setting module is configured to: back up the detected instruction, and then The first one or more bytes in the probe instruction are replaced with a breakpoint instruction for executing the patch code by the breakpoint exception handling function.
  • a computer program comprising program instructions that, when executed by a computer, cause the computer to perform any of the above-described patching methods.
  • a computer program comprising program instructions that, when executed by a computer, cause the computer to perform any of the patch activation methods described above.
  • the technical solution of the present invention provides a method and a device for manufacturing a patch, a method and a device for activating a patch, which can replace one or more lines of code in a source code of a patched function, thereby implementing an upgrade or repair of the software program;
  • the patching method of the embodiment of the present invention includes: using a scripting language to write a patch script corresponding to at least one row of the replaced code in the source code of the patched function, the patch script including the patch code corresponding to the replacement code and the replaced a location of the code in the source code; generating, according to the patch script, a patch module that replaces the replaced code; and positioning a position of the replaced code in the source code to a start position of a corresponding instruction in the binary program according to the location of the replaced code And ending the location, and adding to the patch module; the method of the embodiment of the present invention may generate a patch for one or more lines of code in the source code, and use the patch to replace one or more lines of code in the
  • the embodiment of the present invention further provides a method for deactivating a patch, which can activate a patch module created by using the foregoing manufacturing method to implement replacement of one or more lines of code in the source code;
  • the method for deactivating a patch of an embodiment includes: acquiring a patch module, where the patch module includes a patch code corresponding to at least one line of the replaced code in the source code of the patched function, and a start of the instruction corresponding to the replaced code in the binary program.
  • FIG. 1 is a schematic flowchart of a method for manufacturing a patch according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic diagram of a specific processing procedure of a patch script according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic flowchart of a method for activating a patch according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic flowchart of a program upgrade according to an activation method of the embodiment provided by Embodiment 2 of the present invention.
  • FIG. 5 is a schematic structural diagram of an online software upgrade method according to Embodiment 3 of the present invention.
  • FIG. 6 is a schematic structural diagram of a device for fabricating a patch according to Embodiment 4 of the present invention.
  • FIG. 7 is a schematic structural diagram of another apparatus for fabricating a patch according to Embodiment 4 of the present invention.
  • FIG. 8 is a schematic structural diagram of a patch activation apparatus according to Embodiment 5 of the present invention.
  • FIG. 9 is a schematic structural diagram of another apparatus for activating a patch according to Embodiment 5 of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the embodiment of the present invention proposes to upgrade one or more lines of code in the software.
  • the code line level replacement mode is upgraded.
  • the embodiment provides a method for manufacturing a patch, as shown in FIG. 1 , including the following steps:
  • Step 101 Write, by using a scripting language, a patch script corresponding to at least one line of the replaced code line in the source code of the patched function, where the patch script includes the patch code corresponding to the replacement code and the replaced code in the source code. s position.
  • the method in this embodiment uses a scripting language to write a patch.
  • the prepared patch script there are various data types and control structures.
  • all local variables and global variables that can be accessed in the patched function can be accessed, and the patch is patched. All structures that are accessible in the function.
  • the script can access all the global functions and static functions in the original program.
  • the patch scripting language uses a scripting language similar to the interpretation, which uses three data types—integers, strings, and associative arrays—that have complete control structures, including code blocks, conditions, loops, and functions. . Variables do not need to declare a type and can be automatically guessed and checked against the context.
  • the patch script consists of a probe and a patch code and a probe that need to be executed when the probe is triggered; and the probe specifies the range of the code segment to be replaced, that is, the start position of the replacement code in the source code and End position.
  • the probe specifies the range of code segments to be replaced, from page 3 of the page_alloc.c file to the code of 3341;
  • Kernel.statement ("*@mm/page_alloc.c:3336").end("*@mm/page_alloc.c:3341")
  • the scripting language also provides all the necessary operators similar to those commonly used in the C language, and the usage is the same, with arithmetic operators, binary operators, assignment operators, and pointer obsolescence, including string concatenation, associative array elements, and merges. Operator.
  • Step 102 Generate a patch module that replaces the replaced code according to the patch script.
  • Step 103 Position a position of the replaced code in the source code to a start position and an end position of a corresponding instruction in the binary program, and add a start position and an end position of the corresponding instruction to the patch module.
  • the method of the embodiment can use the position of the replaced code in the source code to locate the start position and the end position of the corresponding instruction of the binary program, and then add the start position and the end position of the corresponding instruction to the patch module.
  • the start position and the end position in this embodiment refer to the start address and the end address of the instruction.
  • the start address and the end address in the source code are specified, and after the patch location module is converted, the start address and the end address specified in the script are converted into a start address and an end address in the binary program, and then saved.
  • the code of the patch module In the code of the patch module.
  • the process of locating the start position and the end position of the instruction includes: parsing the patch script, and then obtaining a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code line in the patch script, and finally synthesizing to the patch module.
  • the patch module generated by the method of the embodiment includes at least: a position of the replaced code in the source code to locate a start position and an end position of the corresponding instruction in the binary program, and a patch code.
  • the method provided in this embodiment can generate a patch for one or more lines of code in the source code.
  • This patch can be used to replace one or more lines of code in the function source code to implement software upgrade; since the patch is made for the code line, the production process is simple and fast, and the software created by the invention is upgraded. Avoid replacing the entire function for a small problem, reducing the granularity of the repair of the program; in addition, applying the patch made by the method of the present invention can perform online upgrade of multiple functions in the original program, without considering the relationship between multiple functions. Mutual call relationship; compared with related technologies, it can improve the efficiency of software upgrade, reduce the complexity of patch production, and improve the security and reliability of patch upgrade.
  • the foregoing step 102 may include:
  • the kernel module is compiled into a patch module in the form of a binary program.
  • the patch script is translated into the C language code, and then the C language code is compiled and linked to generate a loadable kernel module; finally, the kernel module is compiled into a patch module in the form of a binary program.
  • the patch module thus generated can be upgraded by the kernel.
  • the patch script corresponding to the above page_alloc.c file 3336 line 3341 is taken as an example. After the script is converted into a C language code, the specific contents are as follows:
  • the specific processing procedure of the patch script in the method of this embodiment may include:
  • Step 201 Parse the patch script.
  • the scripting language uses a scripting language similar to awk.
  • the script parsing phase mainly checks whether the input script has syntax errors, such as whether the braces match, whether the variable definition is normal, etc.; also checks the security of the script.
  • Step 202 Expand the function defined in the patch script according to the script library.
  • This stage is mainly to expand the probe points defined in the patch script or the functions used. It is not only necessary to expand the predefined script library, but also to analyze the debugging information of the kernel or kernel module. At this stage, it is necessary to determine the instruction address of the probe point and the return point.
  • Step 203 Translate the expanded script into a C file and compile the C file into a loadable kernel module.
  • the expanded script is converted to a C file.
  • the function call in the script needs to be converted into a function call of the kernel, and the C code is compiled and linked to generate a loadable kernel module.
  • Step 204 Compile the translated C file into an executable binary program.
  • the translated C code can be compiled into an executable binary program through a binary tool chain included in the system; in addition, it is linked with the script library runtime library function during compilation.
  • the binary generated by this step is the patch module.
  • the start and end addresses in the binary that are located on the replacement code can then be added to the patch module.
  • a binary patch module can be created that can be used by all cores for software upgrades.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • this embodiment provides a method for activating a patch, and the patch module generated in the first embodiment is activated to replace the code line in the original patched function.
  • the activation method includes the following steps. :
  • Step 301 Obtain a patch module, where the patch module includes the source code of the patched function. At least one line of the patch code corresponding to the replaced code and the start position and the end position of the corresponding instruction of the replaced code in the binary program.
  • Step 302 Set a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execute the patch module. Patch code.
  • Step 303 Return to the patched function to continue running the code after executing the patch code according to the end position setting.
  • the activation method of this embodiment may set a proxy in the kernel to complete the above steps.
  • the working mechanism of the stub proxy is: when the kernel executes to the start address of the replaced code in the binary program, the jump instruction jumps. To the patch code that executes the replaced code; when the kernel executes the patch code, it returns to the original function and continues to run the code according to the end address of the replaced code in the binary program.
  • one or more lines of code in the patched function can be replaced, thereby implementing the program upgrade or repair.
  • the process of jumping to the execution of the jump instruction of the patch code according to the start position in step 303 may include: modifying an instruction executed to the start position to be used to jump to Execute the jump instruction of the patch code.
  • the kernel can be jumped to execute the patch code by modifying the instruction, thereby implementing the program upgrade.
  • the deactivation method of this embodiment may jump to the execution of the patch code to implement replacement of the code line by means of a breakpoint exception.
  • the embodiment may be implemented by: installing a detection point and a return point of the patch module, where the detection point is the start position, and the return point is the end position; Pointing a patch function to the probe point; at this time, the step of modifying the instruction to execute the start position to the jump instruction for executing the patch code as described above includes: The detected instruction of the probe point is modified to jump to a breakpoint instruction executing the patch code by the breakpoint exception handling function, such that when the probe point is executed, the breakpoint instruction is executed and a breakpoint exception is passed The handler jumps to execute the patch code in the patch module.
  • the breakpoint exception handler when the probe point is installed, the breakpoint exception handler is not associated with Probe the point, but associate the patch function to the probe point.
  • the breakpoint exception handler is a public function that finds the patch function in the handler through the probe point location after entering the breakpoint exception handler through the breakpoint instruction.
  • the probe point substantially refers to the start address of the program instruction (the corresponding instruction of the replaced code line in the binary program), and the return point substantially refers to the end address of the program instruction to be replaced.
  • Probe points and return points are determined during the patch module creation process.
  • the work of the above-mentioned pile agent may be to complete the setting of the detection point and the return point.
  • the CPU After the CPU is set to the detection point, the CPU automatically enters the breakpoint exception function, and the patch code is called in the breakpoint exception function.
  • the process of installing the return point includes: saving the return address after the execution of the patch code in the stack of the breakpoint exception, so that when the breakpoint exception is executed, the jump is automatically performed to the return address.
  • the installation of the return point in the method of this embodiment is to correctly fill in the return address after the execution of the patch code in the stack of the breakpoint exception.
  • the detected instruction of the probe point can be modified into a breakpoint instruction, so that the kernel runs a breakpoint instruction when executing to the probe point, thereby triggering the breakpoint exception processing, and jumps to execute the patch code through the breakpoint exception processing.
  • the patch function can be associated with the probe point.
  • the trap operation will be executed by running the breakpoint instruction, which will cause the CPU to save the register and enter the breakpoint exception handler.
  • the point exception handling function searches for the corresponding patch module according to the code segment address of the current CPU, and then calls the patch code in the corresponding patch module.
  • the deactivation setting in this embodiment may trigger the following process: the CPU will execute a breakpoint instruction to trigger a trap exception of the CPU when executing the probe point, and save the context of the current function and the CPU register as a patch module interruption point in the trap exception handling function. Process the entry parameters of the function; finally jump to execute the patch code in the patch module.
  • the first one or more bytes of the detected instruction are replaced with a breakpoint instruction for performing the patch code by using a breakpoint exception processing manner.
  • Step 401 When installing a probe point and a return point, the stub agent first backs up the detected instruction, and then uses the CPU breakpoint instruction (such as i386 and x86_64 int3 instructions) to replace the detected instruction.
  • the first one or a few bytes.
  • Step 402 When the CPU executes the detection point, the breakpoint abnormal operation will be executed due to the running breakpoint instruction, which will result in saving the CPU register and calling the corresponding breakpoint exception handling function.
  • Step 403 In the breakpoint exception processing function, the patch code registered by the probe point is called, and an entry parameter is constructed for the call of the function.
  • Step 404 Perform a patch code for the probe point registration.
  • Step 405 In order to return to the correct return point specified in the patch after the patch code registered at the probe point is processed, it is necessary to recalculate the return address of the breakpoint exception and modify the return address in the exception stack.
  • the return address in the breakpoint exception stack is modified to the return address specified by the patch module, so that after the patch code is executed, it can be returned to the correct position in the patched function to continue running.
  • step 406 since the single-step debugging mode is enabled, an exception of type 1 needs to be triggered after executing the probe point processing function, and returns to the patched function to continue running.
  • the activation method of the embodiment of the present invention can implement the replacement of the instruction in the running program by the breakpoint abnormality of the CPU and the recalculation of the return address after the breakpoint abnormality, and the replaced instruction corresponds to a code of a certain row or several lines in the source code.
  • the embodiment adopts a breakpoint instruction of the CPU when the instruction is replaced, and the instruction is an atomic operation, which can ensure safety and reliability when the program is upgraded online under the condition of multiple CPUs or multiple threads, and does not cause the program running state to be inconsistent. This directive is used extensively in the program debugger.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • this embodiment provides an overall architecture diagram of a software online upgrade method, an ELF binary program file including debugging information, a source code file to be patched, and all required header files, and a script language translator. , ELF format parser, patch module compiler, kernel patch stub agent.
  • the ELF binary program file containing the debugging information may be an image file of the kernel. It can also be a binary program of the kernel module.
  • the binary program can read all the symbol information, relocation information, and code compilation information used by the patch function, and the binary program can locate the instruction start and end addresses corresponding to the code line.
  • the source code file and the header file are used to create a patch script, and the source file and the header file can be used to obtain all the global variables used in the patch, the names of the local variables, and the member variables of the data structure.
  • the scripting language translator is used to translate the patch script into C language code, relocate the variables in the patch referenced in the patch script to an absolute address, and reference the structure member variable in the source code in the patch script. Relocate to absolute address plus member variable offset. At the same time, the scripting language translator adds the necessary locks and security checking code as needed. When the script language translator translates the script into C language, it needs to convert the function call in the script into the kernel function call, and the generated C code compiles the link to generate a loadable kernel module.
  • the ELF format parser is used to help the script language translator to find the symbol address in the positioning binary program and the instruction address in the binary program corresponding to the code line.
  • the patch module compiler refers to a binary program compilation environment included in the system, and is used to compile the patch module into a binary executable program.
  • the kernel patch stub agent is used to complete the management of loading, activating, deactivating, and uninstalling the patch module.
  • the loading of the patch module refers to loading the patch module into the kernel space and allocating corresponding system resources.
  • the activation of the patch module refers to the detection point and return point of the patch module.
  • Probe points and return points are determined during the patch module creation process.
  • the probe point essentially refers to the start address of the program instruction to be replaced, and the return point essentially refers to the end address of the program instruction to be replaced.
  • the start address and end address of the program instruction to be replaced can be calculated by combining the code line position in the source code with the DWARF debug information in the ELF format.
  • the CPU executes the probe point, it will run a breakpoint instruction to trigger the trap exception of the CPU.
  • the context of the current function and the CPU register are used as the entry parameters of the patch module interrupt point processing function.
  • the deactivation of the patch module refers to restoring the original command backed up when the patch is activated to the probe point. Address, so that when the CPU executes to the probe point address, it will not run the breakpoint instruction and enter the breakpoint processing function.
  • the uninstallation of the patch module refers to releasing the system resources requested by the patch module and removing the patch module from the kernel space.
  • Embodiment 4 is a diagrammatic representation of Embodiment 4:
  • the embodiment provides a patch making apparatus, including: a script editing module 601, a positioning module 603, and a patch generating module 602;
  • the script editing module 601 is configured to write, by using a scripting language, a patch script corresponding to at least one row of the replaced code lines in the source code of the patched function, where the patch script includes the patch code corresponding to the replacement code and the replaced code is The location in the source code;
  • the patch generation module 602 is configured to generate, according to the patch script, a patch module that replaces the replaced code
  • the positioning module 603 is configured to locate a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and add to the patch module.
  • the patch generation module 602 includes: a script language translator 6021 and a patch module compiler 6022; the script language translator 6021 is configured to convert the patch script into a schedule.
  • the code of the type language is compiled into a loadable kernel module; the patch module compiler 6022 is configured to compile the kernel module into a patch module in the form of a binary program.
  • the device of the embodiment can use the patch to replace one or more lines of code in the function source code, thereby implementing software upgrade; since the patch is generated for the code line, the production process is simple and fast, and the patch of the invention is applied. Upgrade the software to avoid replacing the whole function for a small problem, and reduce the granularity of the repair of the program.
  • the patch created by the method of the present invention can perform online upgrade of multiple functions in the original program without considering many The mutual calling relationship between functions; compared with related technologies, it can improve the efficiency of software upgrade, reduce the complexity of patch production, and improve the security and reliability of patch upgrade.
  • Embodiment 5 is a diagrammatic representation of Embodiment 5:
  • this embodiment provides a patch activation device, including an acquisition module 801, an instruction setting module 802, and a return setting module 803;
  • the obtaining module 801 is configured to obtain a patch module, where the patch module includes a patch code corresponding to at least one row of the replaced code line in the source code of the patched function, and a start position of the command corresponding to the replaced code in the binary program. End position
  • the instruction setting module 802 is configured to set, according to the start position, a jump instruction for jumping to execute the patch code, so that when the execution to the start position is performed, the jump instruction is executed to jump to the execution location
  • the patch code in the patch module
  • the returning device module 803 is configured to: after the execution of the patch code, return to the patched function to continue running code according to the ending position.
  • the instruction setting module 802 is configured to modify an instruction executed to the start position to jump to a jump instruction to execute the patch code.
  • a mounting module 804 may also include a mounting module 804;
  • the installation module 804 is configured to install a detection point and a return point of the patch module, where the detection point is the start position, the return point is the end position, and a patch function is installed when the probe point is installed. Associated to the probe point;
  • the instruction setting module 802 is configured to modify the detected instruction of the probe point to use a breakpoint exception processing function to jump to a breakpoint instruction that executes the patch code, so that when the probe point is executed, Running the breakpoint instruction and jumping to execute the patch code in the patch module by a breakpoint exception handling function.
  • the instruction setting module 802 is configured to back up the detected instruction, and then replace one or more bytes in the detected instruction with a breakpoint instruction for executing a breakpoint instruction by using a breakpoint exception handling function.
  • the breakpoint exception handling function jumps to the breakpoint instruction that executes the patch code.
  • the activation device of the embodiment can be configured to enable the jump instruction to jump to execute the patch code in the patch module when the kernel runs to the start position, so that one or more lines of code can be performed during the software upgrade process. replace.
  • the embodiment of the invention also discloses a computer program, including program instructions, when the program instruction When executed by a computer, the computer is enabled to perform any of the above-described patch making methods.
  • the embodiment of the invention also discloses a carrier carrying the above computer program.
  • the embodiment of the invention also discloses a computer program, comprising program instructions, which when executed by a computer, enable the computer to execute any of the above patch activation methods.
  • the embodiment of the invention also discloses a carrier carrying the above computer program.
  • the technical solution of the present invention solves the problem that the patching of the related program upgrade is cumbersome, the repair granularity is relatively coarse, and the problem that multiple patched functions are mutually referenced cannot be well solved. Therefore, the present invention has strong industrial applicability.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Debugging And Monitoring (AREA)

Abstract

A method and device for manufacturing a patch, a method and device for activating a patch, a corresponding program instruction and a carrier of the program instruction. The method for manufacturing a patch comprises: writing a patch script corresponding to at least one replaced code line into a source code where a patched function is located by using a script language, the patch script comprising a patch code corresponding to a replacing code and a position in the source code where a replaced code is located; generating a patch module for replacing the replaced code according to the patch script; and positioning at a start position and an end position of a corresponding instruction in a binary program according to the position in the source code where the replaced code is located, and adding same into the patch module. The method can solve the problem that when a relevant program is upgraded, the patch manufacturing is complex, and the repairing granularity is coarser, and the problem that a plurality of patched functions mutually refer to one another cannot be solved well.

Description

补丁的制作方法及装置、补丁的激活方法及装置Patch manufacturing method and device, patch activation method and device 技术领域Technical field
本发明涉及补丁的制作及激活技术领域,尤其涉及一种补丁的制作方法及装置、补丁的激活方法及装置。The invention relates to the technical field of making and activating a patch, in particular to a method and a device for manufacturing a patch, a method and a device for activating a patch.
背景技术Background technique
程序在线升级是指程序在运行过程中不重启程序而对程序的运行代码段进行替换的方法,广泛应用于各类高可靠服务器操作系统。Program online upgrade refers to the method of replacing the running code segment of the program without restarting the program during the running process, and is widely used in various high-reliability server operating systems.
特别是对于软件运行稳定性要求高的行业,例如金融电信业,需要在不影响原有业务正常运行的情况下,完成对系统软件错误的修复或更新。当前程序在线升级补丁的方式基本上都是以函数为单位的,即可通过对出现漏洞或需要更新的函数进行修复,以实现对该应用程序的修复。Especially for industries with high requirements for software operation stability, such as financial telecommunications, it is necessary to complete the repair or update of system software errors without affecting the normal operation of the original business. The current program online upgrade patch is basically based on functions, you can fix the application by fixing the function that has a vulnerability or need to be updated.
相关技术都是采用函数级的程序修复方式,其工作原理是通过替换被补丁函数的第一条指令为跳转到替换函数中的指令,使程序跳转到新函数所在位置执行,当替换函数执行完成后,跳转回到调用老函数的代码中,从而完成整个调用过程。可以参见公开号为CN101937340A、CN103218262A、CN103744709A、CN103197942A的中国申请专利。该函数替换方式存在如下缺陷:The related technology adopts a function-level program repair method. The working principle is to replace the command of the patched function with the first instruction of the patched function to jump to the instruction in the replacement function, so that the program jumps to the position where the new function is located, when the replacement function is executed. After the execution is completed, jump back to the code that calls the old function, thus completing the entire calling process. See Chinese Patent Application Publication Nos. CN101937340A, CN103218262A, CN103744709A, CN103197942A. This function replacement has the following drawbacks:
1)该方式的补丁制作繁琐,制作补丁时需要将被补丁函数所有引用到的宏定义、结构体、枚举类型等都复制一遍;1) The patching of this method is cumbersome. When making a patch, you need to copy all the macro definitions, structures, enumeration types, etc. that are referenced by the patch function;
2)该方式对程序的修复粒度比较粗,为了解决一个小问题需要对整个被补丁函数进行替换;2) The repair granularity of the program is relatively coarse, and the entire patched function needs to be replaced in order to solve a small problem;
3)该方式不能良好解决多个被补丁函数相互引用的问题。3) This method cannot solve the problem that multiple patched functions are mutually referenced.
发明内容Summary of the invention
本发明实施例要解决的主要技术问题是,提供一种补丁的制作方法及装置、补丁的激活方法及装置,以解决相关技术的程序升级存在的补丁制作繁 琐、修复粒度比较粗以及不能良好解决多个被补丁函数相互引用的问题。The main technical problem to be solved by the embodiments of the present invention is to provide a method and a device for manufacturing a patch, a method and a device for activating the patch, and to solve the problem of patching existing in the program upgrade of the related art. Trivial, the repair granularity is relatively thick and can not solve the problem of multiple referenced functions being mutually referenced.
为解决上述技术问题,采用如下技术方案:In order to solve the above technical problems, the following technical solutions are adopted:
一种补丁的制作方法,包括如下步骤:A method for manufacturing a patch includes the following steps:
利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码对应的补丁脚本,所述补丁脚本包括所述替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;Writing, by using a scripting language, a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes a patch code corresponding to the replacement code and a position of the replaced code in the source code;
根据所述补丁脚本生成替换所述被替换代码的补丁模块;Generating a patch module that replaces the replaced code according to the patch script;
根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并将所述被替换代码在二进制程序中对应的指令的开始位置和结束位置添加到所述补丁模块中。Positioning the start position and the end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and adding the start position and the end position of the corresponding instruction in the binary program to the replaced code In the patch module.
可选地,所述根据所述补丁脚本生成替换所述被替换代码的补丁模块的步骤包括:Optionally, the step of generating a patch module that replaces the replaced code according to the patch script includes:
将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;Converting the patch script into code of a predetermined type language and compiling it into a loadable kernel module;
将所述内核模块编译成二进制程序形式的补丁模块。The kernel module is compiled into a patch module in the form of a binary program.
可选地,所述预定类型语言包括C语言。Optionally, the predetermined type of language comprises a C language.
一种补丁的激活方法,包括如下步骤:A method for activating a patch includes the following steps:
获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;Obtaining a patch module, where the patch module includes a patch code corresponding to at least one line of the replaced code in the source code of the patched function, and a start position and an end position of the instruction corresponding to the replaced code in the binary program;
根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令以跳转到执行所述补丁模块中的补丁代码;Setting a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execute the patch code in the patch module ;
根据所述结束位置设置在执行完所述补丁代码后返回到所述被补丁函数中继续运行代码。According to the end position setting, after executing the patch code, returning to the patched function to continue running the code.
可选地,所述根据所述开始位置设置用于跳转到执行所述补丁代码的跳 转指令的步骤包括:Optionally, the setting is used to jump to execute the patch code according to the start location. The steps to transfer instructions include:
将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。The instruction to the start position is modified to jump to the jump instruction that executes the patch code.
可选地,所述获取补丁模块的步骤之前,该方法还包括:安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置;在安装所述探测点时将所述补丁函数关联到该探测点;Optionally, before the step of acquiring the patch module, the method further includes: installing a detection point and a return point of the patch module, where the detection point is the start position, and the return point is the end position; Associating the patch function to the probe point when the probe point is installed;
所述将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令的步骤包括:The step of modifying an instruction to execute the start position to a jump instruction for jumping to execute the patch code includes:
将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁模块中的补丁代码。Modifying the detected instruction of the probe point to jump to a breakpoint instruction executing the patch code by a breakpoint exception handling function, such that when the probe point is executed, the breakpoint instruction is executed and passed The breakpoint exception handler jumps to execute the patch code in the patch module.
可选地,所述将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令的步骤包括:Optionally, the step of modifying the detected instruction of the probe point into a breakpoint instruction for executing the patch code by using a breakpoint exception handling function includes:
备份所述被探测指令,然后将所述被探测指令中的头一个或多个字节替换为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令。The probed instruction is backed up, and then the first one or more bytes in the probed instruction are replaced with a breakpoint instruction for executing the patch code by a breakpoint exception handling function.
一种补丁的制作装置,包括:脚本编辑模块、定位模块和补丁生成模块,其中;A patch making device includes: a script editing module, a positioning module, and a patch generating module, wherein
所述脚本编辑模块设置成:利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码对应的补丁脚本,所述补丁脚本包括所述被替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;The script editing module is configured to: write, by using a scripting language, a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes the patch code corresponding to the replaced code and the replaced code is The location in the source code;
所述补丁生成模块设置成:根据所述补丁脚本生成替换所述被替换代码的补丁模块;The patch generation module is configured to: generate a patch module that replaces the replaced code according to the patch script;
所述定位模块设置成:根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并将所述被替换代码在二进制程序中对应的指令的开始位置和结束位置添加到所述补丁模块中。The positioning module is configured to: locate a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and place the replaced code in the binary program corresponding to the instruction The start location and the end location are added to the patch module.
可选地,所述补丁生成模块包括:脚本语言翻译器和补丁模块编译器,其中; Optionally, the patch generation module includes: a script language translator and a patch module compiler, where
所述脚本语言翻译器设置成:将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;The scripting language translator is configured to: convert the patch script into code of a predetermined type language and compile into a loadable kernel module;
所述补丁模块编译器设置成:将所述内核模块编译成二进制程序形式的补丁模块。The patch module compiler is configured to: compile the kernel module into a patch module in the form of a binary program.
一种补丁的激活装置,包括获取模块、指令设置模块和返回设置模块,其中;A patch activation device includes an acquisition module, an instruction setting module, and a return setting module, wherein
所述获取模块设置成:获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;The obtaining module is configured to: acquire a patch module, where the patch module includes a patch code corresponding to at least one row of the replaced code in the source code of the patched function, and a start position and an end of the command corresponding to the replaced code in the binary program. position;
所述指令设置模块设置成:根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令以跳转到执行所述补丁模块中的补丁代码;The instruction setting module is configured to: set a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execution Patch code in the patch module;
所述返回设备模块设置成:根据所述结束位置设置在执行完所述补丁代码后返回到所述被补丁函数中继续运行代码。The returning device module is configured to: return to the patched function to continue running the code after executing the patch code according to the ending location setting.
可选地,所述指令设置模块设置成按照如下方式根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令:Optionally, the instruction setting module is configured to set a jump instruction for jumping to execute the patch code according to the start position according to the following manner:
将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。The instruction to the start position is modified to jump to the jump instruction that executes the patch code.
可选地,该装置还包括安装模块,其中:Optionally, the apparatus further includes a mounting module, wherein:
所述安装模块设置成:安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置,并在安装所述探测点时将所述补丁函数关联到该探测点;The installation module is configured to: install a detection point and a return point of the patch module, the detection point is the start position, the return point is the end position, and when the probe point is installed, A patch function is associated with the probe point;
所述指令设置模块设置成:将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁模块中的补丁代码。The instruction setting module is configured to: modify the detected instruction of the probe point to jump to a breakpoint instruction for executing the patch code by a breakpoint exception handling function, such that when the probe point is executed, The breakpoint instruction is run and jumps to execute the patch code in the patch module by a breakpoint exception handler.
可选地,所述指令设置模块设置成:备份所述被探测指令,然后将所述 被探测指令中头一个或多个字节替换为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令。Optionally, the instruction setting module is configured to: back up the detected instruction, and then The first one or more bytes in the probe instruction are replaced with a breakpoint instruction for executing the patch code by the breakpoint exception handling function.
一种计算机程序,包括程序指令,当该程序指令被计算机执行时,使得该计算机可执行上述任意的补丁制作方法。A computer program comprising program instructions that, when executed by a computer, cause the computer to perform any of the above-described patching methods.
一种载有上述计算机程序的载体。A carrier carrying the above computer program.
一种计算机程序,包括程序指令,当该程序指令被计算机执行时,使得该计算机可执行上述任意的补丁激活方法。A computer program comprising program instructions that, when executed by a computer, cause the computer to perform any of the patch activation methods described above.
一种载有上述计算机程序的载体。A carrier carrying the above computer program.
本发明技术方案的有益效果是:The beneficial effects of the technical solution of the present invention are:
本发明技术方案提供了一种补丁的制作方法及装置、补丁的激活方法及装置,可以实现对被补丁函数所在源代码中一行或多行代码进行替换,从而实现对软件程序的升级或者修复;本发明实施例的补丁的制作方法包括:利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码对应的补丁脚本,所述补丁脚本包括所述替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;根据所述补丁脚本生成替换所述被替换代码的补丁模块;根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并添加到所述补丁模块中;本发明实施例的方法可以针对源代码中一行或多行代码制作出补丁,利用该补丁可以实现对函数源代码中一行或多行代码进行替换,从而实现对软件的升级;由于是针对代码行制作补丁,所以制作过程简单快捷,并且应用发明实施例制作的补丁对软件进行升级,避免为了一个小问题就对整个函数进行替换,降低了对程序的修复粒度;另外应用本发明实施例制作方法制作出的补丁可以对原程序中多个函数进行在线升级,不用考虑多个函数之间的相互调用关系;与相关技术相 比,可以提高软件升级的效率、降低补丁制作复杂度,提高了补丁升级时的安全性和可靠性。The technical solution of the present invention provides a method and a device for manufacturing a patch, a method and a device for activating a patch, which can replace one or more lines of code in a source code of a patched function, thereby implementing an upgrade or repair of the software program; The patching method of the embodiment of the present invention includes: using a scripting language to write a patch script corresponding to at least one row of the replaced code in the source code of the patched function, the patch script including the patch code corresponding to the replacement code and the replaced a location of the code in the source code; generating, according to the patch script, a patch module that replaces the replaced code; and positioning a position of the replaced code in the source code to a start position of a corresponding instruction in the binary program according to the location of the replaced code And ending the location, and adding to the patch module; the method of the embodiment of the present invention may generate a patch for one or more lines of code in the source code, and use the patch to replace one or more lines of code in the function source code. To achieve an upgrade to the software; since it is a patch for the code line Therefore, the manufacturing process is simple and fast, and the software is upgraded by applying the patch created by the embodiment of the invention, so as to avoid replacing the entire function for a small problem, reducing the granularity of repairing the program, and additionally applying the manufacturing method of the embodiment of the present invention. Patch can upgrade multiple functions in the original program online, without considering the mutual calling relationship between multiple functions; Compared, it can improve the efficiency of software upgrade, reduce the complexity of patch production, and improve the security and reliability of patch upgrade.
对应上述方法制作出的补丁模块,本发明实施例还提供了一种补丁的去激活方法,可以激活利用上述制作方法制作的补丁模块,实现对源代码中一行或多行代码进行替换;本发明实施例的补丁的去激活方法包括:获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令跳转到执行所述补丁模块中补丁代码;设置在执行完所述补丁代码后根据所述结束位置返回到所述被补丁函数中继续运行代码;采用本发明实施例的激活方法可以使得当内核运行到开始位置时,运行所述跳转指令跳转到执行所述补丁模块中补丁代码,实现了在软件升级过程中可以针对一行或多行代码进行替换。Corresponding to the patch module created by the foregoing method, the embodiment of the present invention further provides a method for deactivating a patch, which can activate a patch module created by using the foregoing manufacturing method to implement replacement of one or more lines of code in the source code; The method for deactivating a patch of an embodiment includes: acquiring a patch module, where the patch module includes a patch code corresponding to at least one line of the replaced code in the source code of the patched function, and a start of the instruction corresponding to the replaced code in the binary program. a position and an end position; setting, according to the start position, a jump instruction for jumping to execute the patch code, such that when the execution to the start position is performed, the jump instruction is executed to jump to execute the patch module a patch code; after the execution of the patch code, returning to the patched function to continue running code according to the end position; using the activation method of the embodiment of the present invention, when the kernel runs to a starting position, the operating station The jump instruction jumps to execute the patch code in the patch module, and implements the software in the Stage process can be substituted for one or more lines of code.
附图概述BRIEF abstract
图1为本发明实施例一提供的一种补丁的制作方法的流程示意图;1 is a schematic flowchart of a method for manufacturing a patch according to Embodiment 1 of the present invention;
图2为本发明实施例一提供的一种对补丁脚本具体的处理过程的示意图;2 is a schematic diagram of a specific processing procedure of a patch script according to Embodiment 1 of the present invention;
图3为本发明实施例二提供的一种补丁的激活方法的流程示意图;3 is a schematic flowchart of a method for activating a patch according to Embodiment 2 of the present invention;
图4为本发明实施例二提供的一种应用本实施例的激活方法实现程序升级的流程示意图;FIG. 4 is a schematic flowchart of a program upgrade according to an activation method of the embodiment provided by Embodiment 2 of the present invention;
图5为本发明实施例三提供的一种软件在线升级方法整体架构图;FIG. 5 is a schematic structural diagram of an online software upgrade method according to Embodiment 3 of the present invention; FIG.
图6为本发明实施例四提供的一种补丁的制作装置的结构示意图;FIG. 6 is a schematic structural diagram of a device for fabricating a patch according to Embodiment 4 of the present invention; FIG.
图7为本发明实施例四提供的另一种补丁的制作装置的结构示意图;FIG. 7 is a schematic structural diagram of another apparatus for fabricating a patch according to Embodiment 4 of the present invention; FIG.
图8为本发明实施例五提供的一种补丁的激活装置的结构示意图;FIG. 8 is a schematic structural diagram of a patch activation apparatus according to Embodiment 5 of the present invention; FIG.
图9为本发明实施例五提供的另一种补丁的激活装置的结构示意图。FIG. 9 is a schematic structural diagram of another apparatus for activating a patch according to Embodiment 5 of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
下面通过具体实施方式结合附图对本发明作进一步详细说明。The present invention will be further described in detail below with reference to the accompanying drawings.
实施例一:Embodiment 1:
考虑到相关函数级替换方式的程序升级存在补丁制作繁琐、修复粒度比较粗以及不能良好解决多个被补丁函数相互引用的问题;本发明实施例提出了对软件中一行或多个代码行进行升级,即代码行级替换方式升级;为了能够达到这个目的,本实施例提供了一种补丁的制作方法,如图1所示,包括如下步骤:Considering the program upgrade of the related function level replacement method, the patch preparation is cumbersome, the repair granularity is relatively coarse, and the problem that multiple patched functions are mutually referenced cannot be well solved; the embodiment of the present invention proposes to upgrade one or more lines of code in the software. The code line level replacement mode is upgraded. In order to achieve this, the embodiment provides a method for manufacturing a patch, as shown in FIG. 1 , including the following steps:
步骤101:利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码行对应的补丁脚本,所述补丁脚本包括所述替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置。Step 101: Write, by using a scripting language, a patch script corresponding to at least one line of the replaced code line in the source code of the patched function, where the patch script includes the patch code corresponding to the replacement code and the replaced code in the source code. s position.
本实施例方法采用脚本语言来编写补丁,在编写的补丁脚本中有多种数据类型以及控制结构,在补丁脚本中能够访问被补丁函数中所能访问的所有局部变量和全局变量,以及被补丁函数中所能访问的所有结构体。脚本中能够访问原程序中所有的全局函数和静态函数The method in this embodiment uses a scripting language to write a patch. In the prepared patch script, there are various data types and control structures. In the patch script, all local variables and global variables that can be accessed in the patched function can be accessed, and the patch is patched. All structures that are accessible in the function. The script can access all the global functions and static functions in the original program.
可选地,补丁脚本语言采用一种类似解释执行的脚本语言,它使用了三种数据类型——整数、字符串以及关联数组,它有完整的控制结构,包括代码块、条件、循环和函数。变量不需要声明类型,可根据上下文自动推测和检查。Optionally, the patch scripting language uses a scripting language similar to the interpretation, which uses three data types—integers, strings, and associative arrays—that have complete control structures, including code blocks, conditions, loops, and functions. . Variables do not need to declare a type and can be automatically guessed and checked against the context.
在本实施例中补丁脚本由探针和触发探针时需要执行的补丁代码和探针组成;而探针指定了要被替换代码段的范围,即为替换代码在源代码中的开始位置和结束位置。例如下面介绍一种补丁脚本,该补丁脚本中探针指定了要被替换代码段的范围,从page_alloc.c文件3336行到3341的代码;In this embodiment, the patch script consists of a probe and a patch code and a probe that need to be executed when the probe is triggered; and the probe specifies the range of the code segment to be replaced, that is, the start position of the replacement code in the source code and End position. For example, the following describes a patch script in which the probe specifies the range of code segments to be replaced, from page 3 of the page_alloc.c file to the code of 3341;
kernel.statement("*@mm/page_alloc.c:3336").end("*@mm/page_alloc.c:3341")Kernel.statement("*@mm/page_alloc.c:3336").end("*@mm/page_alloc.c:3341")
在探针后面跟着的是要使用的补丁代码,该补丁代码将替换从page_alloc.c文件3336行到3341的代码。Following the probe is the patch code to be used, which will replace the code from line 3336 of the page_alloc.c file to 3341.
Figure PCTCN2014090497-appb-000001
Figure PCTCN2014090497-appb-000001
Figure PCTCN2014090497-appb-000002
Figure PCTCN2014090497-appb-000002
该脚本语言还提供类似于C语言中常用的所有必要操作符,并且用法也是一样的,具有算术操作符、二进制操作符、赋值操作符和指针废弃,还包括字符串连接、关联数组元素和合并操作符。The scripting language also provides all the necessary operators similar to those commonly used in the C language, and the usage is the same, with arithmetic operators, binary operators, assignment operators, and pointer obsolescence, including string concatenation, associative array elements, and merges. Operator.
步骤102:根据所述补丁脚本生成替换所述被替换代码的补丁模块。Step 102: Generate a patch module that replaces the replaced code according to the patch script.
步骤103:根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并将对应指令的开始位置和结束位置添加到所述补丁模块中。Step 103: Position a position of the replaced code in the source code to a start position and an end position of a corresponding instruction in the binary program, and add a start position and an end position of the corresponding instruction to the patch module.
本实施例方法可以利用被替换代码在源代码中的位置定位到二进制程序对应指令的开始位置和结束位置,然后将对应指令的开始位置和结束位置添加到补丁模块中。本实施例中开始位置和结束位置指的是指令的开始地址和结束地址。The method of the embodiment can use the position of the replaced code in the source code to locate the start position and the end position of the corresponding instruction of the binary program, and then add the start position and the end position of the corresponding instruction to the patch module. The start position and the end position in this embodiment refer to the start address and the end address of the instruction.
本实施例方法补丁脚本中指定了源代码中的开始地址和结束地址,经过补丁定位模块的转换,将脚本中指定的开始地址和结束地址转换为二进制程序中的开始地址和结束地址,然后保存在补丁模块的代码中。In the method patch script of this embodiment, the start address and the end address in the source code are specified, and after the patch location module is converted, the start address and the end address specified in the script are converted into a start address and an end address in the binary program, and then saved. In the code of the patch module.
可选地,定位指令开始位置和结束位置的过程包括:解析补丁脚本,然后根据补丁脚本中被替换代码行的位置来获取在二进制程序中对应指令的开始位置和结束位置,最后合成到补丁模块中。例如page_alloc.c文件3336行3341的代码在二进制程序中对应指令开始地址为stext+0x12adad,结束地址为pc=_stext+0x12add0,所以上述针对page_alloc.c文件3336行3341的代码段编写的补丁可以包括以下内容:Optionally, the process of locating the start position and the end position of the instruction includes: parsing the patch script, and then obtaining a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code line in the patch script, and finally synthesizing to the patch module. in. For example, the code of the page_alloc.c file 3336 line 3341 in the binary program corresponds to the instruction start address stext+0x12adad, and the end address is pc=_stext+0x12add0, so the above-mentioned patch for the code segment of the page_alloc.c file 3336 line 3341 may include The following:
kernel.statement("build_all_zonelists@mm/page_alloc.c:3336")/*pc=_stext+0x12adad*/.end("build_all_zonelists@mm/page_alloc.c:3343")/*pc=_stext+0x12add0*/Kernel.statement("build_all_zonelists@mm/page_alloc.c:3336")/*pc=_stext+0x12adad*/.end("build_all_zonelists@mm/page_alloc.c:3343")/*pc=_stext+0x12add0*/
本实施例方法生成的补丁模块至少包括:被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置、以及补丁代码。The patch module generated by the method of the embodiment includes at least: a position of the replaced code in the source code to locate a start position and an end position of the corresponding instruction in the binary program, and a patch code.
本实施例提供的方法可以针对源代码中一行或多行代码制作出补丁,利 用该补丁可以实现对函数源代码中一行或多行代码进行替换,从而实现对软件的升级;由于是针对代码行制作补丁,所以制作过程简单快捷,并且应用发明制作的补丁对软件进行升级,避免为了一个小问题就对整个函数进行替换,降低了对程序的修复粒度;另外应用本发明制作方法制作出的补丁可以对原程序中多个函数进行在线升级,不用考虑多个函数之间的相互调用关系;与相关技术相比,可以提高软件升级的效率、降低补丁制作复杂度,提高了补丁升级时的安全性和可靠性。The method provided in this embodiment can generate a patch for one or more lines of code in the source code. This patch can be used to replace one or more lines of code in the function source code to implement software upgrade; since the patch is made for the code line, the production process is simple and fast, and the software created by the invention is upgraded. Avoid replacing the entire function for a small problem, reducing the granularity of the repair of the program; in addition, applying the patch made by the method of the present invention can perform online upgrade of multiple functions in the original program, without considering the relationship between multiple functions. Mutual call relationship; compared with related technologies, it can improve the efficiency of software upgrade, reduce the complexity of patch production, and improve the security and reliability of patch upgrade.
可选地,上述步骤102可以包括:Optionally, the foregoing step 102 may include:
将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;Converting the patch script into code of a predetermined type language and compiling it into a loadable kernel module;
将所述内核模块编译成二进制程序形式的补丁模块。The kernel module is compiled into a patch module in the form of a binary program.
例如将补丁脚本翻译成C语言的代码,然后对C语言代码编译链接之后生成一个可加载的内核模块;最后再将内核模块编译成二进制程序形式的补丁模块。这样生成的补丁模块即可被内核使用升级。同样以上述page_alloc.c文件3336行3341对应的补丁脚本为例,将该脚本转换为C语言代码后,具体内容如下:For example, the patch script is translated into the C language code, and then the C language code is compiled and linked to generate a loadable kernel module; finally, the kernel module is compiled into a patch module in the form of a binary program. The patch module thus generated can be upgraded by the kernel. Similarly, the patch script corresponding to the above page_alloc.c file 3336 line 3341 is taken as an example. After the script is converted into a C language code, the specific contents are as follows:
Figure PCTCN2014090497-appb-000003
Figure PCTCN2014090497-appb-000003
最后将上述C语言代码编译为可执行的二进制程序。Finally, the above C language code is compiled into an executable binary program.
如图2所示,本实施例方法中对补丁脚本具体的处理过程可以包括:As shown in FIG. 2, the specific processing procedure of the patch script in the method of this embodiment may include:
步骤201:解析补丁脚本。脚本语言采用类似于awk的脚本语言,脚本解析阶段主要是检查输入脚本是否存在语法错误,例如大括号是否匹配,变量定义是否规范等;还要检查脚本的安全性。Step 201: Parse the patch script. The scripting language uses a scripting language similar to awk. The script parsing phase mainly checks whether the input script has syntax errors, such as whether the braces match, whether the variable definition is normal, etc.; also checks the security of the script.
步骤202:根据脚本库对补丁脚本中定义的函数进行展开。Step 202: Expand the function defined in the patch script according to the script library.
这个阶段主要是对补丁脚本中定义的探测点或者用到的函数展开,不但需要展开预定义脚本库,还需要分析内核或者内核模块的调试信息。在这一阶段就是要确定探测点和返回点的指令地址。This stage is mainly to expand the probe points defined in the patch script or the functions used. It is not only necessary to expand the predefined script library, but also to analyze the debugging information of the kernel or kernel module. At this stage, it is necessary to determine the instruction address of the probe point and the return point.
步骤203:将展开后的脚本翻译成C文件以及将C文件编译为一个可加载的内核模块。Step 203: Translate the expanded script into a C file and compile the C file into a loadable kernel module.
在这个阶段,将展开后的脚本转换成C文件。可选地,将脚本翻译为C语言时,需要将脚本中的函数调用转化为内核的函数调用,将C代码编译链接之后生成一个可加载的内核模块。At this stage, the expanded script is converted to a C file. Optionally, when the script is translated into C language, the function call in the script needs to be converted into a function call of the kernel, and the C code is compiled and linked to generate a loadable kernel module.
步骤204:将翻译出的C文件编译为可执行的二进制程序。Step 204: Compile the translated C file into an executable binary program.
可选地,可以通过系统中包含的二进制工具链将翻译出的C代码编译为可执行的二进制程序;另外,在编译过程中还会与脚本库的运行时库函数进行链接。该步骤生成的二进制程序即为补丁模块。之后可以将定位被替换代码上在二进制程序中的开始地址和结束地址添加至该补丁模块中。Alternatively, the translated C code can be compiled into an executable binary program through a binary tool chain included in the system; in addition, it is linked with the script library runtime library function during compilation. The binary generated by this step is the patch module. The start and end addresses in the binary that are located on the replacement code can then be added to the patch module.
通过图2所示的流程,可以制作出二进制形式的补丁模块,可被所有内核拿来进行软件升级。Through the process shown in Figure 2, a binary patch module can be created that can be used by all cores for software upgrades.
实施例二:Embodiment 2:
如图3所示,本实施例提供了一种补丁的激活方法,将实施例一生成的补丁模块激活,使之能替换原被补丁函数中代码行,可选地,该激活方法包括如下步骤:As shown in FIG. 3, this embodiment provides a method for activating a patch, and the patch module generated in the first embodiment is activated to replace the code line in the original patched function. Optionally, the activation method includes the following steps. :
步骤301:获取补丁模块,所述补丁模块包括被补丁函数所在源代码中 至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置。Step 301: Obtain a patch module, where the patch module includes the source code of the patched function. At least one line of the patch code corresponding to the replaced code and the start position and the end position of the corresponding instruction of the replaced code in the binary program.
步骤302:根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令以跳转到执行所述补丁模块中的补丁代码。Step 302: Set a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execute the patch module. Patch code.
步骤303:根据所述结束位置设置在执行完所述补丁代码后返回到所述被补丁函数中继续运行代码。Step 303: Return to the patched function to continue running the code after executing the patch code according to the end position setting.
本实施例激活方法可以在内核中设置一桩代理来完成上述的步骤,该桩代理的工作机制为:当内核执行到被替换代码在二进制程序中指令的开始地址时,运行跳转指令跳转到执行被替换代码的补丁代码;当内核执行完补丁代码时,根据被替换代码在二进制程序中指令的结束地址返回原函数继续运行代码。The activation method of this embodiment may set a proxy in the kernel to complete the above steps. The working mechanism of the stub proxy is: when the kernel executes to the start address of the replaced code in the binary program, the jump instruction jumps. To the patch code that executes the replaced code; when the kernel executes the patch code, it returns to the original function and continues to run the code according to the end address of the replaced code in the binary program.
采用本实施例的激活方法可以实现替换被补丁函数中一行或多行代码,从而实现地程序升级或修复。With the activation method of this embodiment, one or more lines of code in the patched function can be replaced, thereby implementing the program upgrade or repair.
可选地,上述步骤303中根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令的过程可以包括:将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。Optionally, the process of jumping to the execution of the jump instruction of the patch code according to the start position in step 303 may include: modifying an instruction executed to the start position to be used to jump to Execute the jump instruction of the patch code.
本实施例中可以通过修改指令的方式来使得内核跳转到执行补丁代码,从而实现程序升级。In this embodiment, the kernel can be jumped to execute the patch code by modifying the instruction, thereby implementing the program upgrade.
可选地,本实施例去激活方法可以通过断点异常的方式来跳转到执行补丁代码实现对代码行的替换。可选地,本实施例可以通过如下方法实现:安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置;在安装所述探测点时将补丁函数关联到该探测点;此时,上述所述将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令的步骤包括:将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁模块中的补丁代码。其中,在安装所述探测点时不是将断点异常处理函数关联到 探测点,而是将补丁函数关联到该探测点。断点异常处理函数是一个公共函数,在通过断点指令进入断点异常处理函数以后,在处理函数中通过该探测点位置找到补丁函数。Optionally, the deactivation method of this embodiment may jump to the execution of the patch code to implement replacement of the code line by means of a breakpoint exception. Optionally, the embodiment may be implemented by: installing a detection point and a return point of the patch module, where the detection point is the start position, and the return point is the end position; Pointing a patch function to the probe point; at this time, the step of modifying the instruction to execute the start position to the jump instruction for executing the patch code as described above includes: The detected instruction of the probe point is modified to jump to a breakpoint instruction executing the patch code by the breakpoint exception handling function, such that when the probe point is executed, the breakpoint instruction is executed and a breakpoint exception is passed The handler jumps to execute the patch code in the patch module. Wherein, when the probe point is installed, the breakpoint exception handler is not associated with Probe the point, but associate the patch function to the probe point. The breakpoint exception handler is a public function that finds the patch function in the handler through the probe point location after entering the breakpoint exception handler through the breakpoint instruction.
本实施例中探测点实质指的是要替换程序指令(被替换代码行在二进制程序中对应的指令)的起始地址,返回点实质指的是要替换程序指令的结束地址。探测点和返回点是在补丁模块制作过程中确定的。在此情况下,上述桩代理的工作可以是完成探测点和返回点的设置,设置完以后CPU运行到探测点时会自动进入到断点异常函数中,在断点异常函数中调用补丁代码。In this embodiment, the probe point substantially refers to the start address of the program instruction (the corresponding instruction of the replaced code line in the binary program), and the return point substantially refers to the end address of the program instruction to be replaced. Probe points and return points are determined during the patch module creation process. In this case, the work of the above-mentioned pile agent may be to complete the setting of the detection point and the return point. After the CPU is set to the detection point, the CPU automatically enters the breakpoint exception function, and the patch code is called in the breakpoint exception function.
可选地,安装返回点的过程包括:将所述补丁代码执行完以后的返回地址保存在断点异常的堆栈中,使得当断点异常执行完以后自动跳转到该返回地址执行。本实施例方法中所述返回点的安装就是在断点异常的堆栈中正确填入所述补丁代码执行完以后的返回地址。Optionally, the process of installing the return point includes: saving the return address after the execution of the patch code in the stack of the breakpoint exception, so that when the breakpoint exception is executed, the jump is automatically performed to the return address. The installation of the return point in the method of this embodiment is to correctly fill in the return address after the execution of the patch code in the stack of the breakpoint exception.
本实施例可以将探测点的被探测指令修改为断点指令,使得内核在执行到探测点时运行断点指令,从而触发断点异常处理,通过断点异常处理跳转到执行补丁代码。可选地,可以将补丁函数关联到探测点,当内核执行到该探测点时,将因运行断点指令而执行trap操作,那将导致保存CPU的寄存器,进入断点异常处理函数,在断点异常处理函数中根据当前CPU的代码段地址查找相应的补丁模块,然后调用执行相应补丁模块中的补丁代码。In this embodiment, the detected instruction of the probe point can be modified into a breakpoint instruction, so that the kernel runs a breakpoint instruction when executing to the probe point, thereby triggering the breakpoint exception processing, and jumps to execute the patch code through the breakpoint exception processing. Optionally, the patch function can be associated with the probe point. When the kernel executes the probe point, the trap operation will be executed by running the breakpoint instruction, which will cause the CPU to save the register and enter the breakpoint exception handler. The point exception handling function searches for the corresponding patch module according to the code segment address of the current CPU, and then calls the patch code in the corresponding patch module.
本实施例去激活设置可以触发以下过程:CPU在执行到探测点时会运行断点指令而触发CPU的trap异常,在trap异常处理函数里会保存当前函数的上下文以及CPU寄存器作为补丁模块中断点处理函数的入口参数;最终跳转执行补丁模块中的补丁代码。The deactivation setting in this embodiment may trigger the following process: the CPU will execute a breakpoint instruction to trigger a trap exception of the CPU when executing the probe point, and save the context of the current function and the CPU register as a patch module interruption point in the trap exception handling function. Process the entry parameters of the function; finally jump to execute the patch code in the patch module.
可选地,本实施例方法中将所述被探测指令中头一个或多个字节替换为用于通过断点异常处理方式跳转到执行所述补丁代码的断点指令。Optionally, in the method of this embodiment, the first one or more bytes of the detected instruction are replaced with a breakpoint instruction for performing the patch code by using a breakpoint exception processing manner.
如图4所示,将详细介绍应用本实施例的激活方法实现程序升级的过程,包括如下步骤:As shown in FIG. 4, the process of implementing the program upgrade by applying the activation method of this embodiment will be described in detail, including the following steps:
步骤401:安装一个探测点和返回点时,桩代理首先备份被探测的指令,然后使用CPU断点指令(例如i386和x86_64的int3指令)来取代被探测指令 的头一个或几个字节。Step 401: When installing a probe point and a return point, the stub agent first backs up the detected instruction, and then uses the CPU breakpoint instruction (such as i386 and x86_64 int3 instructions) to replace the detected instruction. The first one or a few bytes.
安装探测点前必须检查探测点的地址是否是在内核地址空间中,或者是在某个内核模块的地址空间中。Before installing a probe point, you must check whether the address of the probe point is in the kernel address space or in the address space of a kernel module.
步骤402:当CPU执行到探测点时,将因运行断点指令而执行断点异常操作,那将导致保存CPU的寄存器,调用相应的断点异常处理函数。Step 402: When the CPU executes the detection point, the breakpoint abnormal operation will be executed due to the running breakpoint instruction, which will result in saving the CPU register and calling the corresponding breakpoint exception handling function.
步骤403:在断点异常处理函数中会调用探测点注册的补丁代码,为该函数的调用构造入口参数。Step 403: In the breakpoint exception processing function, the patch code registered by the probe point is called, and an entry parameter is constructed for the call of the function.
步骤404:执行探测点注册的补丁代码。Step 404: Perform a patch code for the probe point registration.
步骤405:为了使在探测点注册的补丁代码处理完以后能返回到补丁中指定的正确的返回点,需要重新计算断点异常的返回地址,修改异常堆栈中的返回地址。Step 405: In order to return to the correct return point specified in the patch after the patch code registered at the probe point is processed, it is necessary to recalculate the return address of the breakpoint exception and modify the return address in the exception stack.
具体将断点异常堆栈中的返回地址修改为补丁模块指定的返回地址,使得在执行完补丁代码后,可以返回到被补丁函数中正确位置继续运行。Specifically, the return address in the breakpoint exception stack is modified to the return address specified by the patch module, so that after the patch code is executed, it can be returned to the correct position in the patched function to continue running.
步骤406,由于开启了单步调试模式,执行完探测点处理函数后需要触发类型为1的异常,返回到被补丁函数中继续运行。In step 406, since the single-step debugging mode is enabled, an exception of type 1 needs to be triggered after executing the probe point processing function, and returns to the patched function to continue running.
应用本发明实施例激活方法可以通过CPU的断点异常以及断点异常以后返回地址的重新计算而实现了对运行程序中指令的替换,替换的指令对应源代码中的某一行或几行的代码;同时本实施例实现指令替换时采用CPU的断点指令,该指令是原子操作,在多CPU或者多线程条件下进行程序的在线升级时可以保证安全可靠,不会造成程序运行状态不一致的情况,该指令在程序调试器中大量使用。The activation method of the embodiment of the present invention can implement the replacement of the instruction in the running program by the breakpoint abnormality of the CPU and the recalculation of the return address after the breakpoint abnormality, and the replaced instruction corresponds to a code of a certain row or several lines in the source code. At the same time, the embodiment adopts a breakpoint instruction of the CPU when the instruction is replaced, and the instruction is an atomic operation, which can ensure safety and reliability when the program is upgraded online under the condition of multiple CPUs or multiple threads, and does not cause the program running state to be inconsistent. This directive is used extensively in the program debugger.
实施例三:Embodiment 3:
如图5所示,本实施例提供了一种软件在线升级方法整体架构图,包含有调试信息的ELF二进制程序文件,需要打补丁的源代码文件及所需的所有头文件,脚本语言翻译器,ELF格式解析器,补丁模块编译器,内核补丁桩代理。As shown in FIG. 5, this embodiment provides an overall architecture diagram of a software online upgrade method, an ELF binary program file including debugging information, a source code file to be patched, and all required header files, and a script language translator. , ELF format parser, patch module compiler, kernel patch stub agent.
所述的包含有调试信息的ELF二进制程序文件可以是内核的镜像文件, 也可以是内核模块的二进制程序。通过该二进制程序可以读取被补丁函数所用到的所有符号信息、重定位信息、以及代码编译信息,通过该二进制程序可以定位到代码行所对应的指令起始和结束地址。The ELF binary program file containing the debugging information may be an image file of the kernel. It can also be a binary program of the kernel module. The binary program can read all the symbol information, relocation information, and code compilation information used by the patch function, and the binary program can locate the instruction start and end addresses corresponding to the code line.
所述的源代码文件及头文件用来制作补丁脚本,通过该源文件和头文件可以获取到被补丁程序中所用到的所有全局变量、局部变量的名称,以及数据结构的成员变量。The source code file and the header file are used to create a patch script, and the source file and the header file can be used to obtain all the global variables used in the patch, the names of the local variables, and the member variables of the data structure.
所述的脚本语言翻译器用来将补丁脚本翻译成C语言的代码,将补丁脚本中引用的被补丁程序中的变量重定位为绝对地址,将补丁脚本中对源代码中结构体成员变量的引用重定位为绝对地址加上成员变量偏移量。同时,脚本语言翻译器根据需要增加必要的锁和安全检查代码。脚本语言翻译器将脚本翻译为C语言时,需要将脚本中的函数调用转化为内核的函数调用,生成的C代码编译链接之后生成一个可加载的内核模块。The scripting language translator is used to translate the patch script into C language code, relocate the variables in the patch referenced in the patch script to an absolute address, and reference the structure member variable in the source code in the patch script. Relocate to absolute address plus member variable offset. At the same time, the scripting language translator adds the necessary locks and security checking code as needed. When the script language translator translates the script into C language, it needs to convert the function call in the script into the kernel function call, and the generated C code compiles the link to generate a loadable kernel module.
所述的ELF格式解析器用来帮助脚本语言翻译器查找定位二进制程序中的符号地址以及代码行所对应的二进制程序中的指令地址。The ELF format parser is used to help the script language translator to find the symbol address in the positioning binary program and the instruction address in the binary program corresponding to the code line.
所述的补丁模块编译器是指系统中包含的二进制程序编译环境,用来将补丁模块编译成二进制可执行程序。The patch module compiler refers to a binary program compilation environment included in the system, and is used to compile the patch module into a binary executable program.
所述的内核补丁桩代理用来完成补丁模块的加载、激活、去激活、卸载等管理工作。The kernel patch stub agent is used to complete the management of loading, activating, deactivating, and uninstalling the patch module.
其中补丁模块的加载是指将补丁模块加载到内核空间,并分配相应的系统资源。The loading of the patch module refers to loading the patch module into the kernel space and allocating corresponding system resources.
其中补丁模块的激活是指安装补丁模块的探测点和返回点。探测点和返回点是在补丁模块制作过程中确定的。探测点实质指的是要替换程序指令的起始地址,返回点实质指的是要替换程序指令的结束地址。待替换程序指令的起始地址和结束地址通过源代码中的代码行位置结合ELF格式的DWARF调试信息可以计算得出。CPU在执行到探测点时会运行断点指令而触发CPU的trap异常,在trap异常处理函数里会保存当前函数的上下文以及CPU寄存器作为补丁模块中断点处理函数的入口参数。The activation of the patch module refers to the detection point and return point of the patch module. Probe points and return points are determined during the patch module creation process. The probe point essentially refers to the start address of the program instruction to be replaced, and the return point essentially refers to the end address of the program instruction to be replaced. The start address and end address of the program instruction to be replaced can be calculated by combining the code line position in the source code with the DWARF debug information in the ELF format. When the CPU executes the probe point, it will run a breakpoint instruction to trigger the trap exception of the CPU. In the trap exception handler, the context of the current function and the CPU register are used as the entry parameters of the patch module interrupt point processing function.
其中补丁模块的去激活是指将补丁激活时备份的原指令恢复到探测点地 址,这样当CPU执行到探测点地址时不会再运行断点指令而进入断点处理函数。The deactivation of the patch module refers to restoring the original command backed up when the patch is activated to the probe point. Address, so that when the CPU executes to the probe point address, it will not run the breakpoint instruction and enter the breakpoint processing function.
其中补丁模块的卸载是指释放补丁模块所申请的系统资源,将补丁模块从内核空间中移除。The uninstallation of the patch module refers to releasing the system resources requested by the patch module and removing the patch module from the kernel space.
实施例四:Embodiment 4:
如图6所示,本实施例提供了一种补丁的制作装置,包括:脚本编辑模块601、定位模块603和补丁生成模块602;As shown in FIG. 6, the embodiment provides a patch making apparatus, including: a script editing module 601, a positioning module 603, and a patch generating module 602;
所述脚本编辑模块601用于利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码行对应的补丁脚本,所述补丁脚本包括所述替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;The script editing module 601 is configured to write, by using a scripting language, a patch script corresponding to at least one row of the replaced code lines in the source code of the patched function, where the patch script includes the patch code corresponding to the replacement code and the replaced code is The location in the source code;
所述补丁生成模块602用于根据所述补丁脚本生成替换所述被替换代码的补丁模块;The patch generation module 602 is configured to generate, according to the patch script, a patch module that replaces the replaced code;
所述定位模块603用于根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并添加到所述补丁模块中。The positioning module 603 is configured to locate a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and add to the patch module.
如图7所示,在上述装置的基础上,所述补丁生成模块602包括:脚本语言翻译器6021和补丁模块编译器6022;所述脚本语言翻译器6021用于将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;所述补丁模块编译器6022用于将所述内核模块编译成二进制程序形式的补丁模块。As shown in FIG. 7, on the basis of the foregoing apparatus, the patch generation module 602 includes: a script language translator 6021 and a patch module compiler 6022; the script language translator 6021 is configured to convert the patch script into a schedule. The code of the type language is compiled into a loadable kernel module; the patch module compiler 6022 is configured to compile the kernel module into a patch module in the form of a binary program.
本实施例的装置利用该补丁可以实现对函数源代码中一行或多行代码进行替换,从而实现对软件的升级;由于是针对代码行制作补丁,所以制作过程简单快捷,并且应用发明制作的补丁对软件进行升级,避免为了一个小问题就对整个函数进行替换,降低了对程序的修复粒度;另外应用本发明制作方法制作出的补丁可以对原程序中多个函数进行在线升级,不用考虑多个函数之间的相互调用关系;与相关技术相比,可以提高软件升级的效率、降低补丁制作复杂度,提高了补丁升级时的安全性和可靠性。 The device of the embodiment can use the patch to replace one or more lines of code in the function source code, thereby implementing software upgrade; since the patch is generated for the code line, the production process is simple and fast, and the patch of the invention is applied. Upgrade the software to avoid replacing the whole function for a small problem, and reduce the granularity of the repair of the program. In addition, the patch created by the method of the present invention can perform online upgrade of multiple functions in the original program without considering many The mutual calling relationship between functions; compared with related technologies, it can improve the efficiency of software upgrade, reduce the complexity of patch production, and improve the security and reliability of patch upgrade.
实施例五:Embodiment 5:
如图8所示,本实施例提供了一种补丁的激活装置,包括获取模块801、指令设置模块802和返回设置模块803;As shown in Figure 8, this embodiment provides a patch activation device, including an acquisition module 801, an instruction setting module 802, and a return setting module 803;
所述获取模块801用于获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码行对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;The obtaining module 801 is configured to obtain a patch module, where the patch module includes a patch code corresponding to at least one row of the replaced code line in the source code of the patched function, and a start position of the command corresponding to the replaced code in the binary program. End position
所述指令设置模块802用于根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令跳转到执行所述补丁模块中补丁代码;The instruction setting module 802 is configured to set, according to the start position, a jump instruction for jumping to execute the patch code, so that when the execution to the start position is performed, the jump instruction is executed to jump to the execution location The patch code in the patch module;
所述返回设备模块803用于设置在执行完所述补丁代码后根据所述结束位置返回到所述被补丁函数中继续运行代码。The returning device module 803 is configured to: after the execution of the patch code, return to the patched function to continue running code according to the ending position.
在上述激活装置基础上,所述指令设置模块802用于将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。Based on the activation device described above, the instruction setting module 802 is configured to modify an instruction executed to the start position to jump to a jump instruction to execute the patch code.
如图9所示,在上述激活装置基础上,还可以包括安装模块804;As shown in Figure 9, on the basis of the above activation device, may also include a mounting module 804;
所述安装模块804用于安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置,并在安装所述探测点时将补丁函数关联到该探测点;The installation module 804 is configured to install a detection point and a return point of the patch module, where the detection point is the start position, the return point is the end position, and a patch function is installed when the probe point is installed. Associated to the probe point;
所述指令设置模块802用于将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁模块中补丁代码。The instruction setting module 802 is configured to modify the detected instruction of the probe point to use a breakpoint exception processing function to jump to a breakpoint instruction that executes the patch code, so that when the probe point is executed, Running the breakpoint instruction and jumping to execute the patch code in the patch module by a breakpoint exception handling function.
可选地,所述指令设置模块802用于备份所述被探测指令,然后将所述被探测指令中头一个或多个字节替换为用于通过断点异常处理函数执行断点指令用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令。Optionally, the instruction setting module 802 is configured to back up the detected instruction, and then replace one or more bytes in the detected instruction with a breakpoint instruction for executing a breakpoint instruction by using a breakpoint exception handling function. The breakpoint exception handling function jumps to the breakpoint instruction that executes the patch code.
采用本实施例的激活装置可以使得当内核运行到开始位置时,运行所述跳转指令跳转到执行所述补丁模块中补丁代码,实现了在软件升级过程中可以针对一行或多行代码进行替换。The activation device of the embodiment can be configured to enable the jump instruction to jump to execute the patch code in the patch module when the kernel runs to the start position, so that one or more lines of code can be performed during the software upgrade process. replace.
本发明实施例还公开了一种计算机程序,包括程序指令,当该程序指令 被计算机执行时,使得该计算机可执行上述任意的补丁制作方法。The embodiment of the invention also discloses a computer program, including program instructions, when the program instruction When executed by a computer, the computer is enabled to perform any of the above-described patch making methods.
本发明实施例还公开了一种载有上述计算机程序的载体。The embodiment of the invention also discloses a carrier carrying the above computer program.
本发明实施例还公开了一种计算机程序,包括程序指令,当该程序指令被计算机执行时,使得该计算机可执行上述任意的补丁激活方法。The embodiment of the invention also discloses a computer program, comprising program instructions, which when executed by a computer, enable the computer to execute any of the above patch activation methods.
本发明实施例还公开了一种载有上述计算机程序的载体。The embodiment of the invention also discloses a carrier carrying the above computer program.
以上内容是结合具体的实施方式对本发明所作的进一步详细说明,不能认定本发明的具体实施只局限于这些说明。对于本发明所属技术领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本发明的保护范围。The above is a further detailed description of the present invention in connection with the specific embodiments, and the specific embodiments of the present invention are not limited to the description. It will be apparent to those skilled in the art that the present invention may be made without departing from the spirit and scope of the invention.
工业实用性Industrial applicability
本发明技术方案解决了相关程序升级存在的补丁制作繁琐、修复粒度比较粗以及不能良好解决多个被补丁函数相互引用的问题,因此本发明具有很强的工业实用性。 The technical solution of the present invention solves the problem that the patching of the related program upgrade is cumbersome, the repair granularity is relatively coarse, and the problem that multiple patched functions are mutually referenced cannot be well solved. Therefore, the present invention has strong industrial applicability.

Claims (13)

  1. 一种补丁的制作方法,包括如下步骤:A method for manufacturing a patch includes the following steps:
    利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码对应的补丁脚本,所述补丁脚本包括所述替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;Writing, by using a scripting language, a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes a patch code corresponding to the replacement code and a position of the replaced code in the source code;
    根据所述补丁脚本生成替换所述被替换代码的补丁模块;Generating a patch module that replaces the replaced code according to the patch script;
    根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并将所述被替换代码在二进制程序中对应的指令的开始位置和结束位置添加到所述补丁模块中。Positioning the start position and the end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and adding the start position and the end position of the corresponding instruction in the binary program to the replaced code In the patch module.
  2. 如权利要求1所述的补丁的制作方法,其中,所述根据所述补丁脚本生成替换所述被替换代码的补丁模块的步骤包括:The method for manufacturing a patch according to claim 1, wherein the step of generating a patch module for replacing the replaced code according to the patch script comprises:
    将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;Converting the patch script into code of a predetermined type language and compiling it into a loadable kernel module;
    将所述内核模块编译成二进制程序形式的补丁模块。The kernel module is compiled into a patch module in the form of a binary program.
  3. 如权利要求2所述的补丁的制作方法,其中,所述预定类型语言包括C语言。The method of manufacturing a patch according to claim 2, wherein said predetermined type of language comprises a C language.
  4. 一种补丁的激活方法,包括如下步骤:A method for activating a patch includes the following steps:
    获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;Obtaining a patch module, where the patch module includes a patch code corresponding to at least one line of the replaced code in the source code of the patched function, and a start position and an end position of the instruction corresponding to the replaced code in the binary program;
    根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令以跳转到执行所述补丁模块中的补丁代码;Setting a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execute the patch code in the patch module ;
    根据所述结束位置设置在执行完所述补丁代码后返回到所述被补丁函数中继续运行代码。According to the end position setting, after executing the patch code, returning to the patched function to continue running the code.
  5. 如权利要求4所述的补丁的激活方法,其中,The method of activating a patch according to claim 4, wherein
    所述根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令的 步骤包括:Setting the jump instruction for jumping to execute the patch code according to the start position The steps include:
    将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。The instruction to the start position is modified to jump to the jump instruction that executes the patch code.
  6. 如权利要求5所述的补丁的激活方法,其中:The method of activating a patch according to claim 5, wherein:
    所述获取补丁模块的步骤之前,该方法还包括:安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置;在安装所述探测点时将所述补丁函数关联到该探测点;Before the step of acquiring the patch module, the method further includes: installing a detection point and a return point of the patch module, the detection point is the start position, and the return point is the end position; Associate the patch function to the probe point when detecting a point;
    所述将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令的步骤包括:The step of modifying an instruction to execute the start position to a jump instruction for jumping to execute the patch code includes:
    将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁模块中的补丁代码。Modifying the detected instruction of the probe point to jump to a breakpoint instruction executing the patch code by a breakpoint exception handling function, such that when the probe point is executed, the breakpoint instruction is executed and passed The breakpoint exception handler jumps to execute the patch code in the patch module.
  7. 如权利要求6所述的补丁的激活方法,其中,所述将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令的步骤包括:The method of activating a patch according to claim 6, wherein the step of modifying the detected instruction of the probe point to jump to a breakpoint instruction for executing the patch code by a breakpoint exception handling function includes :
    备份所述被探测指令,然后将所述被探测指令中的头一个或多个字节替换为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令。The probed instruction is backed up, and then the first one or more bytes in the probed instruction are replaced with a breakpoint instruction for executing the patch code by a breakpoint exception handling function.
  8. 一种补丁的制作装置,包括:脚本编辑模块、定位模块和补丁生成模块,其中;A patch making device includes: a script editing module, a positioning module, and a patch generating module, wherein
    所述脚本编辑模块设置成:利用脚本语言编写被补丁函数所在源代码中至少一行被替换代码对应的补丁脚本,所述补丁脚本包括所述被替换代码对应的补丁代码和所述被替换代码在所述源代码中的位置;The script editing module is configured to: write, by using a scripting language, a patch script corresponding to at least one line of the replaced code in the source code of the patched function, where the patch script includes the patch code corresponding to the replaced code and the replaced code is The location in the source code;
    所述补丁生成模块设置成:根据所述补丁脚本生成替换所述被替换代码的补丁模块;The patch generation module is configured to: generate a patch module that replaces the replaced code according to the patch script;
    所述定位模块设置成:根据所述被替换代码在所述源代码中的位置定位到二进制程序中对应指令的开始位置和结束位置,并将所述被替换代码在二进制程序中对应的指令的开始位置和结束位置添加到所述补丁模块中。The positioning module is configured to: locate a start position and an end position of the corresponding instruction in the binary program according to the position of the replaced code in the source code, and place the replaced code in the binary program corresponding to the instruction The start location and the end location are added to the patch module.
  9. 如权利要求8所述的补丁的制作装置,其中,所述补丁生成模块包括: 脚本语言翻译器和补丁模块编译器,其中;The device for creating a patch according to claim 8, wherein the patch generation module comprises: Scripting language translator and patch module compiler, where;
    所述脚本语言翻译器设置成:将所述补丁脚本转换为预定类型语言的代码并编译成可加载的内核模块;The scripting language translator is configured to: convert the patch script into code of a predetermined type language and compile into a loadable kernel module;
    所述补丁模块编译器设置成:将所述内核模块编译成二进制程序形式的补丁模块。The patch module compiler is configured to: compile the kernel module into a patch module in the form of a binary program.
  10. 一种补丁的激活装置,包括获取模块、指令设置模块和返回设置模块,其中;A patch activation device includes an acquisition module, an instruction setting module, and a return setting module, wherein
    所述获取模块设置成:获取补丁模块,所述补丁模块包括被补丁函数所在源代码中至少一行被替换代码对应的补丁代码和所述被替换代码在二进制程序中对应的指令的开始位置和结束位置;The obtaining module is configured to: acquire a patch module, where the patch module includes a patch code corresponding to at least one row of the replaced code in the source code of the patched function, and a start position and an end of the command corresponding to the replaced code in the binary program. position;
    所述指令设置模块设置成:根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令,使得当执行到所述开始位置时,运行所述跳转指令以跳转到执行所述补丁模块中的补丁代码;The instruction setting module is configured to: set a jump instruction for jumping to execute the patch code according to the start position, so that when the start position is executed, the jump instruction is executed to jump to execution Patch code in the patch module;
    所述返回设备模块设置成:根据所述结束位置设置在执行完所述补丁代码后返回到所述被补丁函数中继续运行代码。The returning device module is configured to: return to the patched function to continue running the code after executing the patch code according to the ending location setting.
  11. 如权利要求10所述的补丁的激活装置,其中,所述指令设置模块设置成按照如下方式根据所述开始位置设置用于跳转到执行所述补丁代码的跳转指令:The patch activation apparatus of claim 10, wherein the instruction setting module is configured to set a jump instruction for jumping to execute the patch code according to the start position as follows:
    将执行到所述开始位置处的指令修改为用于跳转到执行所述补丁代码的跳转指令。The instruction to the start position is modified to jump to the jump instruction that executes the patch code.
  12. 如权利要求11所述的补丁的激活装置,该装置还包括安装模块,其中:The patch activation device of claim 11 further comprising a mounting module, wherein:
    所述安装模块设置成:安装所述补丁模块的探测点和返回点,所述探测点为所述开始位置,所述返回点为所述结束位置,并在安装所述探测点时将所述补丁函数关联到该探测点;The installation module is configured to: install a detection point and a return point of the patch module, the detection point is the start position, the return point is the end position, and when the probe point is installed, A patch function is associated with the probe point;
    所述指令设置模块设置成:将所述探测点的被探测指令修改为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令,使得当执行到所述探测点时,运行所述断点指令并通过断点异常处理函数跳转到执行所述补丁 模块中的补丁代码。The instruction setting module is configured to: modify the detected instruction of the probe point to jump to a breakpoint instruction for executing the patch code by a breakpoint exception handling function, such that when the probe point is executed, Running the breakpoint instruction and jumping to execute the patch through a breakpoint exception handler The patch code in the module.
  13. 如权利要求12所述的补丁的激活装置,其中,所述指令设置模块设置成:备份所述被探测指令,然后将所述被探测指令中头一个或多个字节替换为用于通过断点异常处理函数跳转到执行所述补丁代码的断点指令。 The patch activation device of claim 12, wherein the instruction setting module is configured to: back up the probed instruction, and then replace the first one or more bytes in the probed instruction with a broken The point exception handler jumps to the breakpoint instruction that executes the patch code.
PCT/CN2014/090497 2014-08-21 2014-11-06 Method and device for manufacturing patch, and method and device for activating patch WO2015117434A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410416228.9A CN105354045A (en) 2014-08-21 2014-08-21 Patch making method and apparatus and patch activation method and apparatus
CN201410416228.9 2014-08-21

Publications (1)

Publication Number Publication Date
WO2015117434A1 true WO2015117434A1 (en) 2015-08-13

Family

ID=53777246

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/090497 WO2015117434A1 (en) 2014-08-21 2014-11-06 Method and device for manufacturing patch, and method and device for activating patch

Country Status (2)

Country Link
CN (1) CN105354045A (en)
WO (1) WO2015117434A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106843933A (en) * 2016-12-27 2017-06-13 北京五八信息技术有限公司 A kind of leak restorative procedure of application program, mobile terminal and patch server

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107451474B (en) * 2016-05-31 2020-06-26 百度在线网络技术(北京)有限公司 Software bug fixing method and device for terminal
CN107506293B (en) * 2016-06-14 2022-04-22 中兴通讯股份有限公司 Software performance data acquisition method and device
CN106569863B (en) * 2016-11-10 2020-01-17 福州智永信息科技有限公司 Resource and code modularization-based android app resource updating and repairing method
CN107463375A (en) * 2017-07-18 2017-12-12 上海斐讯数据通信技术有限公司 A kind of method and system for detecting source code
CN107908402A (en) * 2017-08-15 2018-04-13 口碑(上海)信息技术有限公司 The hot restorative procedure of Java server-sides and system
CN108009429B (en) * 2017-12-11 2021-09-03 北京奇虎科技有限公司 Patch function generation method and device
CN109725923A (en) * 2018-12-27 2019-05-07 广州华多网络科技有限公司 A kind of software light weight update method, device and equipment
CN111930413B (en) * 2020-05-22 2023-07-21 无锡中感微电子股份有限公司 Automatic patch generation method, device and system
CN111796832B (en) * 2020-06-30 2022-11-04 苏州三六零智能安全科技有限公司 Hot patch file generation method, device, equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1475909A (en) * 2002-08-16 2004-02-18 华为技术有限公司 realization of isertion type system soft ware patch and control method
CN103077062A (en) * 2012-11-30 2013-05-01 华为技术有限公司 Method and device for detecting code change
US8468516B1 (en) * 2008-12-19 2013-06-18 Juniper Networks, Inc. Creating hot patches for embedded systems

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101561764B (en) * 2009-05-18 2012-05-23 华为技术有限公司 Patching method and patching device under multi-core environment
US9052983B2 (en) * 2012-01-16 2015-06-09 International Business Machines Corporation Source code patches

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1475909A (en) * 2002-08-16 2004-02-18 华为技术有限公司 realization of isertion type system soft ware patch and control method
US8468516B1 (en) * 2008-12-19 2013-06-18 Juniper Networks, Inc. Creating hot patches for embedded systems
CN103077062A (en) * 2012-11-30 2013-05-01 华为技术有限公司 Method and device for detecting code change

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106843933A (en) * 2016-12-27 2017-06-13 北京五八信息技术有限公司 A kind of leak restorative procedure of application program, mobile terminal and patch server

Also Published As

Publication number Publication date
CN105354045A (en) 2016-02-24

Similar Documents

Publication Publication Date Title
WO2015117434A1 (en) Method and device for manufacturing patch, and method and device for activating patch
CN102402427B (en) A kind of update method of java application and device
US10114637B1 (en) Automatically updating a shared project build platform
US9378014B2 (en) Method and apparatus for porting source code
CA2292123C (en) Method and system for modifying executable code to add additional functionality
KR100868762B1 (en) Method of error detecting method for embedded sofeware
EP3265916B1 (en) A method for identifying a cause for a failure of a test
Zhang et al. Pensieve: Non-intrusive failure reproduction for distributed systems using the event chaining approach
US10579966B1 (en) Adapting a shared project build platform to a developer plugin
US8806436B2 (en) Systems and methods for debugging applications using dual code generation
US20110126179A1 (en) Method and System for Dynamic Patching Software Using Source Code
US9690564B2 (en) Runtime detection of software configurations and upgrades
CN104391717A (en) Method for dynamically updating code during debugging
US20080127118A1 (en) Method and system for dynamic patching of software
Romano et al. An empirical study of bugs in webassembly compilers
Reiter et al. Automatically mitigating vulnerabilities in x86 binary programs via partially recompilable decompilation
EP3891613B1 (en) Software checkpoint-restoration between distinctly compiled executables
Gao et al. Scalable fuzzing of program binaries with E9AFL
Cazzola et al. Dodging unsafe update points in java dynamic software updating systems
Huang et al. {PYLIVE}:{On-the-Fly} Code Change for Python-based Online Services
CN111984329B (en) Boot software standardized generation and execution method and system
Kim et al. Optimizing unit test execution in large software programs using dependency analysis
Sogaro MicroJIT: a lightweight just-in-time compiler to improve startup times
CN115268983B (en) Hot repair method and device for embedded Internet of things equipment vulnerability
Császár et al. Building fast and reliable reverse engineering tools with Frida and Rust

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14882070

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14882070

Country of ref document: EP

Kind code of ref document: A1