WO2020238245A1 - 实现函数跳转的方法、装置及计算机存储介质 - Google Patents
实现函数跳转的方法、装置及计算机存储介质 Download PDFInfo
- Publication number
- WO2020238245A1 WO2020238245A1 PCT/CN2020/071347 CN2020071347W WO2020238245A1 WO 2020238245 A1 WO2020238245 A1 WO 2020238245A1 CN 2020071347 W CN2020071347 W CN 2020071347W WO 2020238245 A1 WO2020238245 A1 WO 2020238245A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- function
- address
- patch
- hash table
- old
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/656—Updates while running
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/658—Incremental updates; Differential updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/30003—Arrangements for executing specific machine instructions
- G06F9/3004—Arrangements for executing specific machine instructions to perform operations on memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/32—Address formation of the next instruction, e.g. by incrementing the instruction counter
- G06F9/322—Address formation of the next instruction, e.g. by incrementing the instruction counter for non-sequential address
- G06F9/328—Address formation of the next instruction, e.g. by incrementing the instruction counter for non-sequential address for runtime instruction patching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
- G06F9/4484—Executing subprograms
- G06F9/4486—Formation of subprogram jump address
Definitions
- This application relates to the computer field, and more specifically to the implementation method of the hot patch.
- Hotfix refers to some code that can repair software vulnerabilities. It is a fast and low-cost way to repair product software version defects. The main advantage of the hot patch is to repair the defects of the current software version of the device without restarting the device.
- the current hot patch scheme is mainly based on function jump, that is, jump from the "replaced function (hereinafter referred to as the hot patch old function)" to the new function execution.
- the hot patch old function a hot patch mechanism through a function tracer (ftrace) and livepatch components.
- livepatch will register a structure fops for each old function of the hot patch, which is used to save the address of the old function of the hot patch, the function stack of the new function, and the callback function of livepatch. All the hot patch old functions are managed by a singly linked list.
- ftrace searches the structure corresponding to the address of the old function by traversing the singly linked list, and obtains the pointer of the livepatch callback function stored in the structure and the address of the structure. Livepatch is based on the The address of the structure looks up the address of the new function corresponding to the old function, executes the function of the new function, completes the jump from the old function to the new function, and realizes the repair of the old function.
- livepatch registers a structure for each hot patch old function, and uses a singly linked list to manage the structure of all hot patch old functions, which causes the singly linked list to follow the hot patch function While ftrace must traverse the singly linked list to find the callback function corresponding to the function, the longer the linked list means the longer the traversal time and the longer the function jump time, which brings greater performance overhead.
- the present application provides a method for implementing function jump, which shortens the length of the singly linked list and reduces the time consumed by the function jump.
- this application provides a method for implementing function jump, which includes:
- the call instruction may include the address of the first function; confirm that the address of the first function has been stored in the first data structure, where the first data structure stores the addresses of multiple functions, and multiple Any one of the functions is configured with a patch function to replace the function.
- the meaning of replacement is that the patch function replaces the old function in response to the call to the old function; confirming the address of the first function stored in the first data structure is confirmation
- the addresses of multiple functions include the address of the first function.
- the address of the first function stored in the first data structure indicates that the first function is an old function that needs to be replaced by a patch function. You need to find the address of the patch function to execute the function. Jump.
- the address of the first function find the address of the patch function of the first function from the second data structure, where the patch function of the first function is registered to replace the first function, and the second data structure stores multiple functions The corresponding relationship between the address and the patch function of the multiple functions, and the patch function of any one of the multiple functions is registered to replace the function.
- the address of the patch function of the first function jump from the first function to the execution of the patch function of the first function, and execute the patch function of the first function in response to the call instruction.
- data structure is a way of storing and organizing data in a computer.
- the first data structure is a first hash table, and the first hash table stores addresses of multiple functions.
- Hash table is a data structure that directly accesses the storage location in memory according to the key. In other words, it accesses records by calculating a function about the key value and mapping the data to be queried to a position in the table.
- the first hash table may indicate the correspondence between the hash value of the address of each function in the multiple functions and the address of the function.
- the method further includes: determining the first hash table by a structure storing the address of the first hash table; a pointer to the structure storing the address of the first hash table is included in the first hash table; In the structure.
- the first structure includes a pointer to the structure storing the address of the first hash table.
- a structure (struct) is a data structure that is a type of aggregate data type. Structures can be declared as variables, pointers or arrays, etc., to implement more complex data structures. A structure is also a collection of elements, and these elements are called members of the structure.
- this application uses the first data structure to store the addresses of multiple old functions, which shortens the length of the singly linked list and therefore shortens the search
- the time consumed by the address of a function saves the time required for the function jump and improves the performance of the system.
- each of the multiple functions corresponds to a second structure
- the second structure of each function stores the address of the patch function of the function
- the second hash table is used to store multiple functions The corresponding relationship between the address of the first function and the second structure of the multiple functions, according to the address of the first function, from the second data structure to find the address of the patch function of the first function, including: according to the address of the first function, from Search for the second structure corresponding to the address of the first function in the second hash table; obtain the address of the patch function of the first function from the second structure corresponding to the address of the first function found.
- the second hash table is used to manage the correspondence between the address of the old function and the second structure of the old function, so that in the stage of searching for the address of the new function according to the address of the old function, the time consumed for searching can be saved.
- the second structure of the first function can be quickly found from the second hash table according to the hash value of the address of the first function, and then the address of the patch function of the first function can be obtained.
- the address of the first function is added to the first data structure.
- it can be added to the first hash table.
- the system parses the patch package, it will register the patch function for the old function according to the address of the patch function in the patch package and the address of the old function, and establish a jump from the old function to the patch function.
- a structure is registered for each old function, and the address of the old function is stored in the structure.
- this application adds the address of the old function to a data structure.
- the address of the old function is added In the first hash table, the length of the singly linked list is shortened.
- the method further includes: in response to the rollback instruction for the first function, according to the address of the first function and the second hash table, searching and deleting the first in the second structure of the first function
- the address of the patch function of the function where the rollback instruction is used to instruct to withdraw the replacement of the first function by the patch function of the first function, that is, roll back to the state before replacing the first function with the patch function.
- functions 2, 3, and 4 are the patch functions used in sequence in the repair function 1
- function 4 is the patch function used in the last repair to function 1.
- the second hash table is used to manage the addresses of multiple functions and the second structure of the multiple functions, which can shorten the time consumed to find the patch function of the first function.
- the method further includes: if the rollback instruction of the first function is received when the second hash table is read, the following steps are executed after the second hash table is read. : Find and delete the address of the patch function of the first function from the second hash table according to the address of the first function, and the rollback instruction is used to instruct to cancel the replacement of the first function by the patch function of the first function.
- a lock mechanism can be set for the hash table. When a thread or process reads the hash table, other threads are prohibited from modifying the hash table by the process.
- the data structure used to store the correspondence between the address of the first function and the address of the patch function of the first function can be customized.
- Different data structures have their own advantages and disadvantages.
- This application can store multiple sets of data structures, and then quickly implement switching through relevant kernel compilation parameters without modifying the code each time. In this way, which data structure to use can be determined according to the scenario, and the cost required for development is also saved.
- the present application provides a device for implementing function jump.
- the device includes: a receiving unit and a processing unit, wherein:
- the receiving unit is configured to receive a call instruction to the first function, where the call instruction includes the address of the first function;
- the processing unit is used to: confirm that the address of the first function has been stored in the first data structure, wherein the first data structure stores the addresses of multiple functions; according to the address of the first function, search for the first function in the second data structure
- the address of the patch function where the patch function of the first function is registered to replace the first function, and the second data structure stores the correspondence between the addresses of multiple functions and the patch functions of multiple functions;
- the address of the patch function jumps from the first function to the patch function execution of the first function in response to the call instruction.
- the first data structure is a first hash table.
- the processing unit is further configured to: determine the first hash table by the structure storing the address of the first hash table; the pointer to the structure storing the address of the first hash table is included in the first hash table; In the structure.
- the processing unit is specifically configured to: each of the multiple functions corresponds to a second structure, the second structure of each function stores the address of the patch function of the function, and the second hash table It is used to store the correspondence between the addresses of the multiple functions and the second structure of the multiple functions. According to the address of the first function, the second hash table is used to find the first function corresponding to the address of the first function.
- the second structure wherein the second hash table is used to store the correspondence between the addresses of multiple functions and the second structure of the multiple functions, the second data structure includes multiple second structures, and multiple first structures Each second structure in the second structure stores the correspondence between the address of one of the multiple functions and the patch function of the function; it is obtained from the second structure corresponding to the address of the first function found The address of the patch function of the first function.
- the processing unit is further configured to: add the address of the first function to the first data structure.
- the processing unit is further configured to: in response to the rollback instruction to the first function, according to the address of the first function and the second hash table, look up and delete the second structure of the first function.
- the processing unit is further configured to: if a rollback instruction for the first function is received when performing a read operation on the second hash table, execute it after performing the read operation on the second hash table. The following steps: according to the address of the first function and the second hash table, find and delete the address of the patch function of the first function, wherein the rollback instruction is used to instruct to cancel the replacement of the first function by the patch function of the first function .
- the present application provides a computer system that includes a processor and a memory, the memory is used to store a computer program, and the processor is used to execute the computer program to achieve the implementation as described in the first aspect and any one of the above-mentioned implementations Methods.
- the present application provides a computer-readable storage medium in which a computer program is stored, and when the computer program is called by a processor, the method described in the first aspect and any one of the above-mentioned implementation modes is implemented.
- the present application provides a computer program product, the computer program product includes a computer program, and when the computer program is invoked by a processor, it implements the method described in the first aspect and any one of the foregoing implementation manners.
- this application provides a data structure that includes a pointer to a callback function and a pointer, the pointer points to a structure that stores the address of a first hash table, and the first hash table stores multiple The address of the function.
- the pointer of the callback function points to the callback function, and the callback function is used for execution: find the address of the patch function of the function according to the address of the function, and jump from the function to the patch function execution of the function according to the address of the function's patch function.
- FIG. 1 is a schematic diagram of the structure of a node provided by an embodiment of the application
- FIG. 2 is a schematic diagram of the structure of a node provided by an embodiment of the application.
- FIG. 3 is a schematic structural diagram of a node provided by an embodiment of the application.
- FIG. 4 is a schematic diagram of function calls provided by an embodiment of the application.
- Fig. 5 is a schematic diagram for implementing function jump provided by an embodiment of the application.
- FIG. 6 is a schematic diagram for implementing function jump provided by an embodiment of the application.
- FIG. 7 is a line chart of the function jump time and the number of repaired functions in the prior art provided by an embodiment of the application;
- FIG. 8 is a schematic diagram of implementing function jump in the kernel provided by an embodiment of the application.
- FIG. 9 is a flowchart for implementing function jump provided by an embodiment of the application.
- FIG. 10 is a schematic diagram of the data structure of the first structure provided by an embodiment of the application.
- FIG. 11A is a schematic diagram of the data structure of a second structure provided by an embodiment of the application.
- FIG. 11B is a schematic diagram of a second hash table provided by an embodiment of the application.
- FIG. 12 is a flowchart for implementing function jump provided by an embodiment of the application.
- FIG. 13 is a flowchart for implementing function jump provided by an embodiment of the application.
- 14A is a comparison diagram of the method for implementing function jump provided by an embodiment of the application and the line graph of the function jump time and the number of functions in the prior art;
- FIG. 14B is a schematic diagram of the reduction ratio of the function jump time for implementing the function jump method provided by an embodiment of the application;
- FIG. 15 is a flowchart for implementing function jump provided by an embodiment of the application.
- Fig. 16 is a structural diagram of an apparatus for implementing function jump provided by an embodiment of the application.
- FIG. 1 is a schematic diagram of the structure of a node 100.
- the node 100 may include an application layer, an operating system 102, and a hardware layer 103.
- the application layer includes one or more application programs 101.
- the operating system 102 includes a kernel 104.
- the hardware layer 103 includes a processor 106, a memory 105, and a communication interface 107.
- 102 is the system software used to manage hardware and software resources.
- the processor 106 is the control center of the node 100, and uses various interfaces and buses to connect various components of the node 100.
- the processor 106 may include one or more processing units, or called physical cores.
- the processor 106 in FIG. 1 includes a core 0 and a core 1.
- the processor 106 may also include registers, and the registers may be used to store addresses of functions of the core 104.
- the processor 106 may be a central processing unit (Central Processing Unit, CPU), and the processor 106 may also be other general-purpose processors, digital signal processors (Digital Signal Processors, DSPs), application specific integrated circuits (ASICs).
- CPU Central Processing Unit
- DSPs Digital Signal Processors
- ASICs application specific integrated circuits
- the general-purpose processor may be a microprocessor or the processor 106 may also be any conventional processor or the like.
- a computer program is stored in the memory 105.
- the processor 106 is configured to execute the computer program in the memory 105, so as to realize the functions defined by the computer program.
- the memory 105 is a non-volatile storage medium, and generally includes a memory and an external memory.
- Memory includes, but is not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), or cache (cache).
- External storage includes but is not limited to flash memory, hard disk, optical disk, universal serial bus (USB) disk, etc.
- Computer programs are usually stored in external memory, and the processor loads the program from external memory to memory before executing the computer program.
- the memory 105 may be independent and connected to the processor 106 through a bus; the memory 105 and the processor 106 may also be integrated into a chip subsystem.
- the communication interface 107 uses a transceiving device such as a transceiver to implement communication between the execution node 100 and other devices or a communication network.
- a transceiving device such as a transceiver to implement communication between the execution node 100 and other devices or a communication network.
- the method provided by the embodiment of the present application can be used to repair the kernel 104 in the operating system of the node 100.
- the node 100 may be a physical device, such as a server or a terminal device.
- the terminal device may be a handheld device with a wireless connection function, or other processing device connected to a wireless modem.
- it can be a mobile phone, a computer, a tablet computer, a personal digital assistant (PDA), a mobile Internet device (mobile Internet device, MID), a wearable device, and an e-book reader (e-book reader), etc.; It can also be a portable, pocket-sized, handheld, built-in computer or vehicle-mounted mobile device.
- the schematic diagram of the structure of the node 100 is shown in FIG. 2.
- the node 100 includes a memory 201, a processor 202, and a communication interface 203.
- the memory 201, the processor 202, and the communication interface 203 may be the memory 105 in FIG. 1, respectively. , Part or all of the processor 106 and the communication interface 107.
- the storage 201 stores an operating system 205 and application programs 204, and can also store data generated by the operating system 205 and application programs 204 during the running process.
- the node 100 may be a virtual computer, which is a general term for the operating environment virtualized by software in all types of virtualization devices, and the concept includes virtual machines and containers.
- Virtualization as the core technology of cloud scenarios, virtualizes hardware resources and shares them with multiple users, enabling users to conveniently and flexibly use physical resources under the premise of safe isolation, and greatly improving the utilization of physical resources.
- FIG. 3 the schematic diagram of the structure of the node 100 is shown in FIG. 3.
- the node 100 includes a hardware layer 312, a host machine layer 309 and a virtualization layer.
- the virtualization layer includes virtual machines 301 and 302.
- the hardware layer 312 includes a processor 314, a memory 313, and a communication interface 315. In other embodiments, the number of virtual machines may be more or less.
- Virtual machine One or more virtual computers simulated by software on a physical computer. These virtual machines run in a completely isolated environment and work like real computers.
- a guest operating system (guest operating system, guest OS) (305 and 306 in Figure 3) can be installed on the virtual machine (301 and 302 in Figure 3), and one or more applications are running on the guest operating system (303 in Figure 3). And 304).
- the virtual machine can also access network resources. For applications running in a virtual machine, it is like working in a real computer.
- Virtual computer A collective term for the operating environment virtualized by software in all types of virtualization devices.
- the concept includes virtual machines and containers.
- Host layer 309 As a management layer, it is used to complete the management and allocation of hardware resources; present a virtual hardware platform for virtual machines; implement scheduling and isolation of virtual machines.
- the host layer 309 includes a host operating system 311 and a virtual monitoring device, such as a virtual machine monitor 310 (VMM) or hypervisor, where the virtual monitoring device 310 can be deployed on the host operating system 311 It can also be deployed outside the host operating system 311.
- the "host layer” may also include a privileged virtual machine (for example, the virtualization architecture Xen).
- the virtual hardware platform provides various hardware resources for each virtual computer running on it, such as virtual processors, virtual memory, virtual disks, virtual network cards, and so on. The virtual computer runs on the virtual hardware platform prepared for it by the host layer.
- the host layer is sometimes referred to as the host for short.
- Hardware layer 312 the hardware platform on which the virtualized environment runs.
- the hardware layer may include a variety of hardware.
- the hardware layer of a physical computer may include a processor 314 and a memory 313, and may also include a communication interface 315, such as a network interface card (NIC), and may also include an interrupt controller, , Input/output (I/O) equipment, etc.
- the processor 314 may include multiple physical cores, such as core 1 and core 0.
- the processor 314, the memory 313, and the communication interface 315 shown in FIG. 3 may correspond to part or all of the processor 106, the memory 105, and the communication interface 107 described in FIG. 1, respectively.
- Virtual processor (307 and 308 in FIG. 3): Under virtualization technology, a representation of a physical processing unit used by a virtual computer in a shared or fragmented manner, such as a virtual CPU (virtual central processing unit, vCPU). A virtual computer can be served by one or more virtual processors. When there are multiple virtual processors, there is usually one virtual processor as the master virtual processor and the others as slave virtual processors.
- vCPU virtual central processing unit
- the virtual computer is equivalent to an independent computer, so the actions performed by the virtual computer can also be regarded as the virtual processor performing the action, and the virtual processor is implemented by software, so the virtual processor executing the action is actually the virtual processor The physical processor or physical core that is running performs this action.
- the above expression methods are selectively used.
- a host operating system 311 and a VMM 310 are deployed in the host.
- the VMM 310 is equivalent to a hypervisor or other types of virtual monitoring devices in other virtualization architectures.
- the VMM 310 can be deployed inside the host operating system 311 or separately from the host operating system 311.
- VMM 310 is responsible for managing one or more virtual machines running on it.
- the host operating system 311 may specifically be Linux, iOS, Microsoft or other operating systems
- the virtual machine includes a virtual hardware layer, a guest operating system, and various applications.
- the virtual hardware layer includes virtual hardware such as virtual memory (not shown in the figure) and virtual processor.
- virtual hardware layer includes virtual hardware such as virtual memory (not shown in the figure) and virtual processor.
- this embodiment includes virtual machines 301 and 302, and each virtual machine includes a virtual processor.
- the virtual processor is realized by the combination of software and hardware. Its operation is actually realized by the physical core reading and running the software program. For example, a physical core reads the software program and uses the hardware-assisted virtualization of the physical core in a specific mode (such as x86). In non-Root mode), run the software program to implement a virtual processor.
- the operating system usually needs to be updated regularly to fix the defects or vulnerabilities in the old version.
- developers find system problems or the detection module in the operating system finds security vulnerabilities that need to be fixed, they can make the repair function into a patch module and load it into Operating system, this process can be called "patching".
- the repair of the operating system usually needs to be unaware of the user, that is, the device does not need to be restarted during the repair process.
- the repair of the kernel is an important link.
- the kernel is the most basic part of the operating system and can provide secure access to computer hardware for many applications. In order to meet the above requirements, a hot patch mechanism is usually used for kernel repair.
- Hot patches can repair operating system vulnerabilities without restarting the operating system, reduce system downtime, and increase system availability. Hot patches are also suitable for debugging and testing during the development process. For example, during the development of software modules or kernels, if you need to add information to a function, or assign a specific value to a variable in the function, you can use the hot It is implemented in the form of patches without the need to recompile the kernel, install and restart the series of operations.
- a hot patch module can be made according to the source code package and symbol table, where the hot patch module can contain the address of the old function and the address of the new function.
- the kernel can extract information from the hot patch module, and replace the original null instruction (nop) in the function header of the old function with a jump instruction.
- the old function is called, the old function is not executed.
- the function of the function is to jump to the new function and execute the function of the new function.
- the hot patch mechanism can be divided into two stages: one is the initialization phase, which is used to parse the hot patch module and register the new function corresponding to the old function; the other is the function Jump stage.
- a function can include a function header and a function body.
- the function header which gives the function prototype information such as the return type of the function, the order and type of each parameter, and the function body It is the whole of all codes that define a function in a programming language.
- the kernel 104 of the node 100 in FIG. 1 may include an ftrace module and a livepatch module. As shown in FIG. 5, the ftrace module and the livepatch module are used to implement function jumps. Before introducing the method of implementing function jump, first introduce some related concepts:
- mcount There is a mechanism in the operating system. When the kernel is compiled, several bytes are reserved in the function header of each function for tracking the function or testing the performance of the function. This mechanism is used in the Linux operating system It is called mcount.
- Ftrace is one of Linux's most effective tools for code-level practice analysis. Ftrace is a mechanism in the Linux kernel that can be used to trace function calls, which can trigger specific codes before each function call starts (prologue). ftrace can be used to record information about different function calls executed when the kernel is running, and it can help developers and system designers obtain current kernel running information to analyze kernel events, context, function progression, kernel function call relationships, or Function stack. ftrace can also analyze kernel-specific events, such as function scheduling or interrupt events. It can also track kernel functions and the call stacks of these functions. The call stacks are used to store information about the active subroutines of computer programs. ftrace can also track delays, such as the time that interrupts are masked, the time that preemption is prohibited, and the time between waking up a process and starting execution.
- Kpatch is a technology that can dynamically patch the Linux kernel without restarting the system.
- Kpatch is composed of a user mode tool Kpatch Tool and a kernel mode mechanism livepatch.
- Livepatch is the core component of the function jump phase in the hot patch implementation process.
- livepatch implements the replacement of kernel functions based on ftrace, and uses the mcount mechanism to reserve several bytes at the entry of each function when the kernel is compiled, and then replace the bytes reserved by the old function entry with jumps when patching After the instruction is transferred, the address of the new function is found, and the execution flow of the new function is finally entered to realize the online replacement of the function level.
- Livepatch is currently the only hot patch mechanism in the industry that is perfectly compatible with ftrace, which has also created the dominant position of livepatch in Linux.
- Livepatch is a service component provided by the Linux operating system that supports hotfix loading, activation, and rollback deletion. It can repair the defects of the current software version of the device according to the hotfix module without restarting the device. The service also responsible for checking whether the function is called by the thread, consistency guarantee, etc.
- the structure refers to a data structure, which is a composite data type (aggregate data type). Structures can be declared as variables, pointers or arrays, etc., to implement more complex data structures. A structure is also a collection of elements. These elements are called members of the structure, and these members can be of different types, and members are generally accessed by names.
- the old function and the new function are relative.
- the new function is a function that is registered or configured to repair the old function or replace the old function.
- the new function can also be called a patch function of the old function.
- the address of the old function indicates the starting address of the old function in the storage space
- the address of the new function indicates the starting address of the new function in the storage space.
- the ftrace module is used to find the structure corresponding to the address of the old function from the singly linked list storing multiple structures, extract the pointer of the callback function stored in the structure, and jump to the livepatch module; the livepatch module is based on The address of the found structure obtains the new function stack corresponding to the old function, and then obtains the address of the new function corresponding to the old function. The livepatch module realizes the jump from the old function to the new function according to the address of the new function.
- Step S1 When function 1 is called, execute the jump instruction in the function header of function 1 and jump to the ftrace module;
- the jump instruction in the function header of function 1 is the pointer of the callback function of the ftrace module, and the pointer of the callback function of the ftrace module is used to point to the execution logic of the ftrace module.
- callback is a function called through a pointer. If the pointer (address) of function A is passed as a parameter to function B, when this pointer is used to call the function A pointed to by it, it is said that function A is a callback function.
- Step S2 The ftrace module traverses the singly-linked list according to the address of function 1, looks up the structure in the singly-linked list that records the address of the function 1, and obtains the pointer of the callback function of the livepatch module recorded in the structure, and jumps to the livepatch module;
- Linked list is a kind of data structure, it is a kind of linear list. In each node, a pointer to the next node is stored. This structure makes it possible to find a node in the linked list or visit a node with a specific number.
- the time complexity is O(n).
- Multiple structures are recorded in the singly-linked list, and each node in the singly-linked list stores a structure and stores a pointer to the next structure.
- Each of the multiple structures in the singly linked list corresponds to an old function.
- Each structure contains the address of the old function and the pointer of the callback function.
- the pointer of the callback function can be the pointer of the callback function of the livepatch module or the pointer of other callback functions.
- an old function can correspond to multiple structures, and the callback function pointers recorded in the multiple structures belong to different callback functions.
- the ftrace module traverses multiple structures in the singly-linked list according to the address of the old function until it finds the structure that records the address of the old function and the pointer of the callback function of the livepatch module, and then jumps to the livepatch module.
- four structures fops1-4 are stored in the singly linked list, and each structure stores the address of an old function and the address of the callback function. Assume that the address of the old function stored in the structure fops4 is the address of function 1, and the pointer of the stored callback function is the pointer of the callback function of the livepatch module.
- the ftrace module traverses the singly linked list according to the address of function 1 and finds that the address of the old function A is stored in the structure fops4, and then obtains the pointer of the callback function of the livepatch module from the structure fops4, and jumps to the livepatch module.
- the livepatch module Because when the livepatch module registers the structure of the old function for the old function in the initialization phase, the livepatch module sends the address of the old function and the address of the storage space allocated for the structure to the ftrace module, so the ftrace module finds the old function corresponding After the structure, you can send the address of the found structure to the livepatch module. In the above example, the ftrace module also sends the address of the structure fops4 to the livepatch module.
- Step S3 The livepatch module uses the address of the received structure fops to directly obtain the structure ops storing the function stack corresponding to the old function, where multiple hot patch functions for the same old function are stored in the function stack, due to one old function Can be repaired multiple times, so the address of an old function can correspond to the addresses of multiple new functions;
- Step S4 The livepatch module extracts the address of the new function from the function stack, calls the new function, and realizes the function replacement;
- the solution uses the structure fops to establish a pair of correspondences between the old function and the new function to realize the jump from the old function to the new function.
- the ftrace module finds the pointer of the livepatch callback function to need the structure fops, and the livepatch module finds the new function.
- the address also needs the structure fops, which leads to a one-to-one correspondence between "old function->fops->new function", and a new structure fops must be added every time a new function is registered, which leads to the growth of the singly linked list and the traversal time.
- the structure fops stored in the singly linked list also increases, and the traversal time of the singly linked list also increases, that is, the function jump time increases, resulting in huge performance overhead.
- the time required for the function jump basically increases linearly with the increase of the hot patch function. If there is a corresponding hot patch function in a hot-spot function (that is, a frequently called function) in the kernel, when the hot-spot function is called, the function jump time will far exceed the execution time of the hot patch function. In this case, the execution efficiency of the hot function will be severely slowed down.
- each function jumps it must traverse the entire singly linked list, which means that all hot patch functions affect each other, and finally cause the performance of the whole machine to decrease.
- This application proposes a method for realizing function jump, which decouples the livepatch module and the ftrace module to a certain extent.
- This method can be applied to the current mainstream Linux platforms, such as CentOS, Redhat or Ubuntu.
- the technical solution provided by this application stores the addresses of multiple old functions through a structure, and finds whether the address of the called function is stored in this structure. If it is determined that the address of the called function is stored in the structure, the The address of the function searches the function stack corresponding to the called function to obtain the address of the new function stored in the function stack.
- the kernel 104 in FIG. 1 may include an ftrace module 401, a livepatch module 402, and a function 404 in the kernel.
- One or more application programs 406 can call the function 404 in the kernel through the interface 205.
- the application 203 can also configure the ftrace module 401 through the interface 205.
- the ftrace module 401 is used to track the calling status of the function 404 in the kernel.
- the first data structure 408 stores the addresses of multiple old functions with hot patch functions. Compared with the prior art, the number of structures is the same as the number of old functions. The number is fixed at 1, and a single item is used to replace the singly linked list including multiple structures in the prior art.
- the ftrace module 401 is used to find the address of the function in the first data structure 408 according to the address of the function. If the address of the function is found in the first data structure 408, then extract the first data structure. A pointer to the callback function of the livepatch module 402 stored in a data structure 408 and jump to the livepatch module 402.
- the livepatch module 402 is used to find the address of the new function corresponding to the old function.
- the livepatch module 402 is also used to register the old function and the function stack corresponding to the old function, and register the address of the old function into the first data structure 408 in the ftrace module.
- a management unit 403 is newly added to the livepatch module 402, and the management unit 403 is used to manage the address of each old function and the function stack corresponding to the old function.
- the management unit 403 can perform operations such as adding, deleting, or querying addresses; further, the management unit 403 can use a data structure (such as a hash table or a hash tree) that can realize efficient query to map the address of the old function to the function stack. Relationship management. In this way, the livepatch module and the ftrace module are decoupled to a certain extent, and the dependence of the livepatch module on the structure in the singly linked list when querying the address of the new function is solved.
- a data structure such as a hash table or a hash tree
- the embodiment of the application provides a method for implementing function jump. As shown in FIG. 9, the method includes the following steps:
- Step S501 Receive a call instruction to the first function
- the call instruction may include the address of the first function, where the address of the first function is the starting address of the first function in the address space.
- step S502 is executed.
- null instruction stored in the function header of the first function, continue to execute the function defined in the function body of the first function.
- the method further includes: replacing several bytes in the function header of the first function with the pointer of the first callback function.
- Step S502 Determine whether the address of the first function has been stored in the first data structure
- the addresses of multiple functions are stored in the first data structure. According to the addresses of the first function, the addresses of multiple functions stored in the first data structure are traversed to determine whether the addresses of the multiple functions include the address of the first function.
- the address of the function indicates the starting address of the function in the storage space.
- the pointer of the second callback function and the addresses of multiple functions can be stored in the first data structure. These functions are functions in the kernel that need to be repaired or replaced, and the patch functions of these functions have been registered to replace these functions.
- the second callback function is used to instruct to find the address of the patch function of the first function according to the address of the first function. Since the pointer of the second callback function required by the function jump is unchanged, the embodiment of the present application may use one data structure to store the addresses of multiple functions.
- the address of the first function is known to the system.
- the purpose of determining whether the address of the first function has been stored in the first data structure is to determine whether a patch function for replacing the first function is registered, in other words, to determine whether the first function has a corresponding hot patch function.
- the replacement of the function can be understood as the repair of the function.
- the replacement process can be understood as the jump from the function to the patch function of the function.
- the method further includes: when registering the patch function of the first function, adding the address of the first function to the first data structure.
- adding the address of the first function to the first data structure.
- the first data structure is a first hash table.
- the method further includes determining the first hash table through a structure storing the address of the first hash table; a pointer to the structure storing the address of the first hash table is included in the first structure.
- the data structure of the first structure is shown in Figure 10, and the main data parameters are as follows:
- the pointer of the second callback function if the pointer of the second callback function is stored in the first structure, the second callback function is used to instruct to find the patch function corresponding to the called function according to the address of the called function.
- *func_hash A pointer to at least one structure, and one pointer points to one structure.
- the main parameters of the structure pointed to by the pointer include:
- the address of the hash table (*buckets): used to record the address of the hash table in the storage space; the hash table is used to store the addresses of multiple functions, and the multiple functions described here are registered with corresponding patches The old functions of the function, when these functions are called, need to jump to the corresponding patch function for execution.
- the addresses of N functions are stored: ip(1) to ip(N), and ip(1) to ip(N) respectively represent the address of function 1 to the address of function N.
- rcu flag is a set of Linux kernel APIs, which implements a synchronization mechanism that allows multiple readers and writers to operate concurrently without any locks. This synchronization mechanism can be used to protect access Pointer to access data.
- the rcu mark is used to mark whether the first hash table has a read operation.
- the first hash table is determined by the structure storing the address of the first hash table; the pointer to the structure storing the address of the first hash table is included in the first structure; The address of the function, to confirm whether the address of the first function has been stored in the first hash table, where the address of the first hash table is stored in the first structure, and the first hash table stores the addresses of multiple functions.
- a hash table is a structure that stores data in key-values (key-indexed). Enter the value to be searched, namely the key, to find its corresponding value. According to the hash value of the address of the first function, it can be quickly confirmed whether the address of the first function has been stored in the first hash table.
- the addresses of the multiple functions are the same as the addresses of the first function, it is determined that the addresses of the multiple functions stored in the first data structure include the address of the first function.
- the first function is an old function that has been registered with a corresponding new function.
- the second callback function is called according to the pointer of the second callback function stored in the first structure, that is, step S503 is executed.
- the second callback function is used to instruct to find a new function corresponding to the called function.
- the addresses of the multiple functions stored in the first data structure do not include the address of the first function, there is no patch function to replace the first function, and the function defined by the function body of the first function can continue to be executed.
- the *func_hash in the first structure includes two pointers, and each pointer points to the structure storing the address of the hash table.
- the hash table filter_hash is used to record the addresses of functions tracked by ftrace
- the hash table notrace_hash is used to record the addresses of functions that are not tracked by ftrace. If the address of the first function is stored in the hash table notrace_hash, it means that the first function is not tracked by ftrace, and the function defined by the function body of the first function continues to be executed.
- the method further includes: when registering the patch function of the first function, adding the address of the first function to the first data structure. Specifically, the address of the first function can be increased to In the first hash table in the first structure, the first hash table is used to store addresses of multiple functions that need to be repaired by patch functions.
- Step S503 Find the address of the patch function corresponding to the first function according to the address of the first function
- the address of the first function find the address of the patch function of the first function from the second data structure, where the patch function of the first function is registered to replace the first function, and the second data structure stores the addresses of multiple functions Correspondence with patch functions of multiple functions, the address of each function in the multiple functions corresponds to the patch function of the function.
- each of the multiple functions corresponds to a second structure, and the second structure of each function stores the address of the patch function of the function. Since an old function can be repaired multiple times, the addresses of new functions that repair the same old function can all be stored in the function stack. As shown in Figure 11A, the address of each old function and the function stack of the function are stored in the second structure, where the function stack of the old function stores the address of one or more patch functions, the fourth, fifth and The address of the sixth function is a patch function used to repair the old function, and the address of the fourth function is at the top of the function stack.
- the function stack of the first function is found, and the top address in the function stack corresponding to the first function is extracted, and the address is the address of the patch function corresponding to the first function.
- the second hash table is used to store the correspondence between the addresses of the multiple functions and the second structures of the multiple functions. As shown in FIG. 11B, the second hash table may store the correspondence between the hash value of the address of each function from the first function to the Nth function and the second structure of the function. According to the address of the first function, the second structure corresponding to the address of the first function is searched from the second hash table, and the address of the patch function of the first function is obtained from the found second structure.
- the method further includes: when the instruction to modify the second hash table is received, after the reading operation on the second hash table is completed, modifying the third hash table.
- Step S504 Jump from the first function to the patch function execution of the first function according to the address of the patch function of the first function, in response to the call instruction;
- the method when the rollback instruction is received, the method further includes:
- Step S505 In response to the rollback instruction for the first function, look up and delete the address of the patch function of the first function according to the address of the first function and the second hash table.
- the rollback instruction is used to instruct to cancel the replacement of the first function by the patch function of the first function.
- the second structure of the first function is searched from the second hash table, and the address at the top of the function stack stored in the second structure is deleted.
- Rollback means to restore the function after repair to the function before repair.
- Rolling back the first function means restoring the first function to the function before repair. Find the function stack of the first function according to the address of the first function, and delete the address at the top of the function stack from the function stack. By managing multiple second structures through the hash table, the time consumed by the hot patch function can be saved.
- the function stack is empty and there is no remaining function address, the function stack is deleted, and the second structure corresponding to the first function is deleted.
- the address currently at the top of the function stack is replaced with the address stored in the register of the first function.
- the embodiment of the present application provides a method for implementing function jump.
- the method is executed at the stage of registering a hot patch module (407 shown in FIG. 8). As shown in FIG. 12, the method includes the following steps:
- Step S601 receiving and analyzing the hot patch module
- the hot patch module When the function of the kernel needs to be repaired, the hot patch module is sent to the computer system, and the computer system receives and analyzes the information of the hot patch module.
- the hot patch module can include the address of one or more old functions and the new function corresponding to each old function. Address, the old function is the function that needs to be repaired, and the new function is the function used to repair the old function. Among them, the address of the function indicates the position of the function in the address space.
- Step S602 Determine whether the second structure of the old function has been registered
- the second structure is used to store the address of the old function and the patch function of the old function.
- the data structure is shown in Figure 11A.
- a function may be repaired multiple times, and the function stack storing the function in the second structure stores the address of one or more functions used to repair the function.
- step S607 is subsequently executed.
- step S603 is executed;
- Step S603 Register the second structure of the old function
- a second structure is registered for the old function in the system.
- the data structure of the second structure is shown in FIG. 11A, including the address of the old function and a function stack for storing the addresses of one or more patch functions of the old function.
- multiple second structures can be managed in the second hash table, that is, correspondences between addresses of multiple old functions and second structures of multiple old functions are stored.
- Step S604 Determine whether the first structure has been registered
- the first structure can be used to store the pointer of the second callback function and the addresses of multiple old functions.
- the second callback function is used to instruct to find the address of the new function used to repair the function according to the address of the called function.
- the data structure of the first structure is shown in FIG. 10, and the data structure of the first structure can refer to the corresponding description in step S502, which will not be repeated here.
- step S605 if the first structure is not registered, perform step S605;
- step S606 if the first structure is already registered, perform step S606;
- Step S605 Register the first structure
- Part of the address space is divided to store data in the first structure, and the first structure stores the pointer of the second callback function and the addresses of multiple old functions. Find the function header of the old function according to the address of the old function, replace the few bytes of the function header entry with the pointer of the first callback function, the first callback function is used to instruct to find the called function address in the first structure and Obtain the pointer of the second callback function.
- the first hash table in the first structure is used to store addresses of multiple old functions.
- Step S606 Add the address of the old function to the first hash table
- Step S607 Push the address of the new function onto the top of the function stack
- the prior art will register a structure for each old function to store the address of the old function and a pointer to the callback function for finding the address of the new function, and the structures of multiple old functions are stored in In a singly linked list.
- the embodiment of the application adds the address of the old function to the first hash table, which greatly shortens the length of the singly linked list compared with the prior art, so that the time complexity of the step of querying the address of the old function is reduced by O(N) Reduce to O(1), shorten the query time.
- the use of a hash table to store the correspondence between the address of the old function and the function stack can reduce the time taken to query the address of the new function.
- the embodiment of the present application provides a method for implementing function jump. As shown in FIG. 13, the method may include the following steps:
- Step S701 Receive a call instruction to the first function; the call instruction may include the address of the first function;
- Step S702 Jump to the ftrace module according to the pointer of the callback function of the ftrace module in the function header of the first function, and send the address of the first function to the ftrace module in the form of parameters.
- Step S703 The ftrace module judges whether the first hash table has stored the address of the first function
- the ftrace module finds the structure storing the address of the first hash table according to the pointer in the first structure. According to the address of the first function, the ftrace module traverses the addresses of multiple functions stored in the first hash table;
- step S704 is executed.
- the first hash table stores the addresses of multiple functions that need to be repaired, such as the addresses of function 1-function N, where N is a positive integer greater than 1.
- N is a positive integer greater than 1.
- the ftrace module may calculate the hash value of the address of the first function, and traverse the first hash table to confirm whether the first hash table has stored the hash value of the address of the first function.
- the ftrace module calls the address of the first function recorded in the register of the first function to execute the first function.
- Step S704 The ftrace module jumps to the livepatch module according to the pointer of the callback function of the livepatch module stored in the first structure, and sends the address of the first function to the livepatch module; the pointer of the callback function of the livepatch module points to the livepatch module Execution logic.
- Step S705 the management unit in the livepatch module searches for the address of the patch function of the first function according to the address of the first function;
- the management unit searches the second hash table for the address of the patch function of the first function according to the address of the first function.
- the management unit searches for the second structure of the first function from the multiple second structures according to the address of the first function, and obtains the patch function of the first function from the top of the function stack stored in the second structure of the first function. address.
- the third hash table stores the correspondence between the address of each function in the multiple functions and the second structure of the function.
- the second hash table stores the correspondence between the address of function 1-N and the second structure of function 1-N
- the management unit finds the first function from the second hash table according to the address of the first function
- the second structure of is the second structure of function n
- the management unit obtains the address of the top of the function stack n in the second structure of function n, that is, the address of the patch function of the first function.
- Step S706 the livepatch module replaces the address of the first function stored in the register of the first function with the address of the patch function of the first function;
- the register originally stored the address of the first function, or stored the address of the function used to repair the first function during the last repair.
- the livepatch module replaces the address of the function stored in the register of the first function with the address of the patch function .
- Step S707 in response to the call instruction, execute the patch function
- the functions of the ftrace module and the livepatch module are clarified: the function of the ftrace module is to find the pointer of the callback function of the livepatch module corresponding to the old function.
- the ftrace module stores the address of multiple old functions in a structure Query the address of the currently called old function and make sure that the structure stores the address of the currently called old function, and obtain the pointer of the callback function of the livepatch module.
- the query complexity is O(1); the role of the livepatch module is to find The address of the new function and replace the value in the register to realize the jump of the function.
- the livepatch module uses a more efficient query data structure (such as a hash table or red-black tree, etc.) to achieve fast query; taking a hash table as an example, the query time complexity is O(1).
- the main influencing factor that affects the performance of the hot patch function is the function jump time required from the entry of the old function to the new function.
- the method further includes: when the livepatch module receives the rollback instruction for the first function, the livepatch module searches for the first function from the multiple second structures according to the address of the first function. The second structure, delete the address at the top of the function stack. If after deleting the top address, there is the address of the remaining function in the function stack, the livepatch module replaces the address stored in the register of the first function with the address at the top of the function stack in the remaining address.
- step S701 the following steps may be further included:
- Step S708 the livepatch module receives and parses the hot patch module
- the livepatch module receives and parses the information of the hot patch module.
- the hot patch module can include the address of one or more old functions and the address of the new function corresponding to each old function.
- the old function is the function that needs to be repaired.
- the new function is the function used to repair the old function.
- the address of the function indicates the position of the function in the address space.
- Step S709 The livepatch module judges whether the second structure of the old function has been registered
- the livepatch module determines whether any one of the one or more old functions in the hot patch module has been registered with a second structure.
- the second structure is used to store the address of the old function and the function stack of the old function.
- the second structure The data structure is shown in Figure 11B.
- a function may be repaired multiple times, and the function stack of the function stores the address of one or more functions used to repair the function.
- step S714 is executed subsequently.
- step S710 if the old function is not registered with the corresponding function stack, perform step S710;
- Step S710 the livepatch module registers the second structure of the old function
- the newly added management unit in the livepatch module is the old function registration second structure.
- the data structure of the second structure is shown in Figure 11A, including the address of the old function and the function for storing the address of the new function corresponding to the old function.
- Stack The new management unit in the livepatch module applies for the address space for storing the second structure, and stores the address of the old function and the address of the new function corresponding to the old function into the second structure.
- the management unit adds the second structure and the address of the function to which the second structure belongs to the second hash table.
- the management unit adds the address of the old function and the second structure of the old function. Added to the second hash table.
- the livepatch module calls the rcu interface, and when the rcu module in the kernel determines that the second hash table is being read, it locks the second hash table so that the second hash table is not modified when it is read .
- the livepatch module adds or deletes a function in the second hash table
- it calls the rcu interface in the kernel and uses the rcu module to manage the linked list.
- the rcu module determines whether the second hash table has a read operation. For the read operation of the second hash table, wait for the completion of the read operation before performing the modification operation on the second hash table.
- Step S711 Determine whether the livepatch module has registered the first structure in the ftrace module
- the first structure is used to store the pointer of the second callback function and the addresses of multiple old functions
- the second callback function is used to instruct to find the address of the new function for repairing the function according to the address of the called function.
- the data structure of the first structure is shown in FIG. 10.
- step S712 if the first structure is not registered, perform step S712;
- step S713 if the first structure is already registered, perform step S713;
- Step S712 the livepatch module registers the first structure in the ftrace module
- the livepatch module applies for a part of the address space for storing the data in the first structure, and sends the address of the first structure to ftrace; and calls the interface of the ftrace module to register the first structure in the ftrace module so that the ftrace module can
- the received address of the first structure reads the data stored in the first structure.
- the first structure is used to store the pointer of the callback function and the address of the function.
- the livepatch module records the pointer of the callback function of the livepatch module and the address of the old function in the first structure.
- the callback function of the livepatch module is used to instruct the livepatch module to follow the old function Find the address of the new function.
- the livepatch module sends the address of the old function to the ftrace module.
- the ftrace module finds the function header of the old function according to the address of the old function, and replaces the few bytes of the function header entry with the ftrace module
- the callback function pointer of the ftrace module is used to instruct to find the called function address in the first structure and obtain the pointer of the second callback function.
- the first hash table in the first structure is used to store addresses of multiple old functions.
- Step S713 The ftrace module adds the address of the old function to the first hash table
- the livepatch module sends the old function address to the ftrace module.
- the ftrace module obtains the address of the first hash table from the structure pointed to by the pointer in the first structure, and adds the address of the old function to the first hash table.
- Step S714 the livepatch module pushes the address of the new function onto the top of the function stack
- the livepatch module stores the address of the new function at the beginning of the address space of the function stack.
- the livepatch module and the ftrace module in the foregoing embodiment may be the livepatch module and the ftrace module described in FIG. 8.
- the embodiment of the present application provides an apparatus 800 for implementing function jump.
- the apparatus includes a receiving unit 801 and a processing unit 802.
- the receiving unit 801 is used to perform step S501 or S701; the processing unit is used to perform one or more of steps S502-S504 or steps S601-S607 or steps S702-S707 or steps S708-S714.
- An embodiment of the present application provides a computer system, the computer system includes a memory and a processor, wherein the memory is used to store a computer program, and the processor is used to execute the computer program to implement the method for implementing function jump provided by any of the embodiments of the present application .
- the embodiment of the present application provides a computer-readable storage medium in which a computer program is stored, and when the computer program is called by a processor, the method for implementing function jump provided by any of the embodiments of the present application is executed.
- the embodiments of the present application provide a computer program product, the computer program product includes a computer program, and when the computer program is called by a processor, the method for implementing function jump provided by any one of the embodiments of the present application is executed.
- the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
- a computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
- These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
- the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
- These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
- the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (14)
- 一种实现函数跳转的方法,其特征在于,所述方法包括:接收对第一函数的调用指令;确认第一数据结构中已存储所述第一函数的地址,所述第一数据结构存储有多个函数的地址;根据所述第一函数的地址,从第二数据结构中查找所述第一函数的补丁函数的地址,所述第一函数的补丁函数被注册用于替换所述第一函数,所述第二数据结构存储有所述多个函数的地址与所述多个函数的补丁函数之间的对应关系;根据所述第一函数的补丁函数的地址,从所述第一函数跳转到所述第一函数的补丁函数执行,以响应所述调用指令。
- 根据权利要求1所述的方法,其特征在于,所述第一数据结构为一个第一哈希表。
- 根据权利要求2所述的方法,其特征在于,所述方法还包括:通过存储所述第一哈希表的地址的结构体确定所述第一哈希表;指向存储第一哈希表的地址的结构体的指针被包含在第一结构体中。
- 根据权利要求1-3任一项所述的方法,其特征在于,所述多个函数中每个函数对应一个第二结构体,每个函数的第二结构体存储有所述函数的补丁函数的地址,第二哈希表用于存储所述多个函数的地址与所述多个函数的第二结构体之间的对应关系;所述根据所述第一函数的地址,从第二数据结构中查找所述第一函数的补丁函数的地址,包括:根据所述第一函数的地址,从所述第二哈希表中查找所述第一函数的地址对应的第二结构体;从查找到的所述第一函数的地址对应的第二结构体中获得所述第一函数的补丁函数的地址。
- 根据权利要求1-4任一项所述的方法,其特征在于,所述方法还包括:将所述第一函数的地址添加至所述第一数据结构中。
- 根据权利要求4所述的方法,其特征在于,所述方法还包括:响应于对所述第一函数的回退指令,根据所述第一函数的地址和所述第二哈希表,查找并删除所述第一函数的第二结构体中所述第一函数的补丁函数的地址,所述回退指令用于指示撤销所述第一函数的补丁函数对所述第一函数的替换。
- 一种实现函数跳转的装置,其特征在于,所述装置包括:接收单元和处理单元,其中:所述接收单元用于接收对第一函数的调用指令;所述处理单元用于:确认第一数据结构中已存储所述第一函数的地址,所述第一数据结构存储有多个函 数的地址;根据所述第一函数的地址,从第二数据结构中查找所述第一函数的补丁函数的地址,所述第一函数的补丁函数被注册用于替换所述第一函数,所述第二数据结构存储有所述多个函数的地址与所述多个函数的补丁函数之间的对应关系;根据所述第一函数的补丁函数的地址,从所述第一函数跳转到所述第一函数的补丁函数执行,以响应所述调用指令。
- 根据权利要求7所述的装置,其特征在于,所述第一数据结构为一个第一哈希表。
- 根据权利要求8所述的装置,其特征在于,所述处理单元还用于:通过存储所述第一哈希表的地址的结构体确定所述第一哈希表;指向存储第一哈希表的地址的结构体的指针被包含在第一结构体中。
- 根据权利要求7-9任一项所述的装置,其特征在于,所述多个函数中每个函数对应一个第二结构体,每个函数的第二结构体存储有所述函数的补丁函数的地址,第二哈希表用于存储所述多个函数的地址与所述多个函数的第二结构体之间的对应关系,所述处理单元具体用于:根据所述第一函数的地址,从第二哈希表中查找所述第一函数的地址对应的第二结构体;从查找到的所述第一函数的地址对应的第二结构体中获得所述第一函数的补丁函数的地址。
- 根据权利要求7-10任一项所述的装置,其特征在于,所述处理单元还用于:将所述第一函数的地址添加至所述第一数据结构中。
- 根据权利要求11所述的装置,其特征在于,所述处理单元还用于:响应于对所述第一函数的回退指令时,根据所述第一函数的地址和所述第二哈希表,查找并删除所述第一函数的第二结构体中所述第一函数的补丁函数的地址,所述回退指令用于指示撤销所述第一函数的补丁函数对所述第一函数的替换。
- 一种计算机系统,其特征在于,所述计算机系统包括处理器和存储器,所述存储器用于存储计算机程序,所述处理器用于执行所述计算机程序实现如上述权利要求1-6任一项所述的方法。
- 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储计算机程序,所述计算机程序被处理器调用时实现如上述权利要求1-6任一项所述的方法。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20815671.1A EP3842938B1 (en) | 2019-05-30 | 2020-01-10 | Function jump implementation method, device, and computer storage medium |
JP2021547637A JP7212793B2 (ja) | 2019-05-30 | 2020-01-10 | 関数ジャンプを実現するための方法、装置及びコンピュータ記憶媒体 |
KR1020217011497A KR20210057176A (ko) | 2019-05-30 | 2020-01-10 | 함수 점프 구현 방법, 디바이스, 및 컴퓨터 저장 매체 |
US17/235,061 US11645068B2 (en) | 2019-05-30 | 2021-04-20 | Method for implementing function jump, apparatus, and computer storage medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910465987.7A CN112015491B (zh) | 2019-05-30 | 2019-05-30 | 实现函数跳转的方法、装置及计算机存储介质 |
CN201910465987.7 | 2019-05-30 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/235,061 Continuation US11645068B2 (en) | 2019-05-30 | 2021-04-20 | Method for implementing function jump, apparatus, and computer storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020238245A1 true WO2020238245A1 (zh) | 2020-12-03 |
Family
ID=73501882
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/071347 WO2020238245A1 (zh) | 2019-05-30 | 2020-01-10 | 实现函数跳转的方法、装置及计算机存储介质 |
Country Status (6)
Country | Link |
---|---|
US (1) | US11645068B2 (zh) |
EP (1) | EP3842938B1 (zh) |
JP (1) | JP7212793B2 (zh) |
KR (1) | KR20210057176A (zh) |
CN (1) | CN112015491B (zh) |
WO (1) | WO2020238245A1 (zh) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114840204A (zh) * | 2021-02-02 | 2022-08-02 | 华为技术有限公司 | 非同名符号的函数跳转方法、装置及计算机可读存储介质 |
CN115167862A (zh) * | 2021-03-19 | 2022-10-11 | 华为技术有限公司 | 补丁方法及相关设备 |
CN113239380A (zh) * | 2021-05-21 | 2021-08-10 | 杭州弗兰科信息安全科技有限公司 | 一种保护文件读写方法、装置、电子设备和存储介质 |
CN113342389B (zh) * | 2021-05-31 | 2022-09-30 | 深圳市腾讯网络信息技术有限公司 | 一种服务的更新方法、装置及计算机可读存储介质 |
US12086622B2 (en) * | 2021-07-23 | 2024-09-10 | VMware LLC | Optimizing virtual machine scheduling on non-uniform cache access (NUCA) systems |
CN114691181A (zh) * | 2022-03-28 | 2022-07-01 | 阿里巴巴(中国)有限公司 | 热升级方法、装置、设备、分布式系统及存储介质 |
CN115145727A (zh) * | 2022-06-30 | 2022-10-04 | 北京达佳互联信息技术有限公司 | 优化内存管理方法、装置、电子设备以及存储介质 |
CN118409780B (zh) * | 2024-06-26 | 2024-08-30 | 统信软件技术有限公司 | 内核热补丁文件的生成方法、装置、电子设备、存储介质和计算机程序产品 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6658657B1 (en) * | 2000-03-31 | 2003-12-02 | Intel Corporation | Method and apparatus for reducing the overhead of virtual method invocations |
CN101561764A (zh) * | 2009-05-18 | 2009-10-21 | 华为技术有限公司 | 一种多核环境下的补丁方法与补丁装置 |
CN101882094A (zh) * | 2010-06-10 | 2010-11-10 | 中兴通讯股份有限公司 | 嵌入式系统制作补丁的方法和系统 |
CN102467394A (zh) * | 2010-11-12 | 2012-05-23 | 中兴通讯股份有限公司 | 多核热补丁的实现方法及系统 |
CN104239082A (zh) * | 2013-06-20 | 2014-12-24 | 上海博达数据通信有限公司 | 嵌入式系统的热补丁实现方法 |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3019915B2 (ja) * | 1995-11-20 | 2000-03-15 | 日本電気株式会社 | 手続き呼出し方法 |
GB9825102D0 (en) * | 1998-11-16 | 1999-01-13 | Insignia Solutions Plc | Computer system |
US8312435B2 (en) | 2000-12-26 | 2012-11-13 | Identify Software Ltd. (IL) | System and method for conditional tracing of computer programs |
US7472384B1 (en) * | 2003-12-02 | 2008-12-30 | Swsoft Holdings, Ltd. | System, method and computer program product for on-the-fly patching of executable code |
WO2009156790A1 (en) | 2008-06-23 | 2009-12-30 | Freescale Semiconductor, Inc. | Patching of a read-only memory |
US8468516B1 (en) * | 2008-12-19 | 2013-06-18 | Juniper Networks, Inc. | Creating hot patches for embedded systems |
US8510723B2 (en) | 2009-05-29 | 2013-08-13 | University Of Maryland | Binary rewriting without relocation information |
US9134977B2 (en) * | 2010-02-26 | 2015-09-15 | Red Hat, Inc. | Compiler operation for handling conditional statements |
US9395975B2 (en) | 2014-07-21 | 2016-07-19 | Sandisk Technologies Llc | Method and system for generating a ROM patch |
CN105630557B (zh) | 2015-12-24 | 2018-12-28 | 迈普通信技术股份有限公司 | 热补丁方法和装置 |
CN105607937B (zh) * | 2015-12-25 | 2019-01-18 | 京信通信系统(中国)有限公司 | 一种热补丁方法及设备 |
CN106610857B (zh) * | 2016-12-23 | 2019-01-22 | 优刻得科技股份有限公司 | 一种热补丁信息查询方法以及装置 |
US10795659B1 (en) * | 2017-11-02 | 2020-10-06 | Virtuozzo International Gmbh | System and method for live patching processes in user space |
CN107797820B (zh) * | 2017-11-13 | 2021-03-23 | 北京百度网讯科技有限公司 | 用于生成补丁的方法和装置 |
-
2019
- 2019-05-30 CN CN201910465987.7A patent/CN112015491B/zh active Active
-
2020
- 2020-01-10 JP JP2021547637A patent/JP7212793B2/ja active Active
- 2020-01-10 EP EP20815671.1A patent/EP3842938B1/en active Active
- 2020-01-10 KR KR1020217011497A patent/KR20210057176A/ko not_active Application Discontinuation
- 2020-01-10 WO PCT/CN2020/071347 patent/WO2020238245A1/zh unknown
-
2021
- 2021-04-20 US US17/235,061 patent/US11645068B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6658657B1 (en) * | 2000-03-31 | 2003-12-02 | Intel Corporation | Method and apparatus for reducing the overhead of virtual method invocations |
CN101561764A (zh) * | 2009-05-18 | 2009-10-21 | 华为技术有限公司 | 一种多核环境下的补丁方法与补丁装置 |
CN101882094A (zh) * | 2010-06-10 | 2010-11-10 | 中兴通讯股份有限公司 | 嵌入式系统制作补丁的方法和系统 |
CN102467394A (zh) * | 2010-11-12 | 2012-05-23 | 中兴通讯股份有限公司 | 多核热补丁的实现方法及系统 |
CN104239082A (zh) * | 2013-06-20 | 2014-12-24 | 上海博达数据通信有限公司 | 嵌入式系统的热补丁实现方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3842938A4 |
Also Published As
Publication number | Publication date |
---|---|
EP3842938B1 (en) | 2024-09-25 |
CN112015491A (zh) | 2020-12-01 |
JP7212793B2 (ja) | 2023-01-25 |
EP3842938A4 (en) | 2021-12-15 |
EP3842938A1 (en) | 2021-06-30 |
KR20210057176A (ko) | 2021-05-20 |
CN112015491B (zh) | 2022-08-09 |
US20210240467A1 (en) | 2021-08-05 |
JP2022513382A (ja) | 2022-02-07 |
US11645068B2 (en) | 2023-05-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020238245A1 (zh) | 实现函数跳转的方法、装置及计算机存储介质 | |
JP5852677B2 (ja) | レジスタ・マッピング方法 | |
US9904527B1 (en) | Optimizing API implementer programs using fine-grained code analysis | |
US10474369B2 (en) | Mapping guest pages to disk blocks to improve virtual machine management processes | |
EP2726977B1 (en) | Virtual machine image analysis | |
US20100023941A1 (en) | Virtual machine monitor | |
US9146847B2 (en) | Optimizing for page sharing in virtualized java virtual machines | |
US9558023B2 (en) | Live application mobility from one operating system level to an updated operating system level and applying overlay files to the updated operating system | |
US11693722B2 (en) | Fast memory mapped IO support by register switch | |
US20200272482A1 (en) | Unikernel provisioning | |
US20220358049A1 (en) | Memory access handling for peripheral component interconnect devices | |
US11436141B2 (en) | Free memory page hinting by virtual machines | |
US11983555B2 (en) | Storage snapshots for nested virtual machines | |
US10877771B2 (en) | Virtual machine booting using disk metadata | |
US11886351B2 (en) | Memory efficient virtual address management for system calls | |
US12013799B2 (en) | Non-interrupting portable page request interface | |
US12111771B2 (en) | Aggregating block mapping metadata to improve linked clone read performance | |
US20230350710A1 (en) | Fast memory mapped io support by register switch | |
US20230132905A1 (en) | Binary execuction by a virtual device | |
WO2023185799A1 (zh) | 一种指令翻译方法及其相关设备 | |
WO2024041351A1 (en) | Disabling processor facility on new processor generation without breaking binary compatibility | |
Curless | Tools for Memory Optimization in Duplicate Containers |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20815671 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2020815671 Country of ref document: EP Effective date: 20210324 |
|
ENP | Entry into the national phase |
Ref document number: 20217011497 Country of ref document: KR Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2021547637 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |