[go: up one dir, main page]

CN112541182B - Kernel VFS layer system repairing method, device, equipment and storage medium - Google Patents

Kernel VFS layer system repairing method, device, equipment and storage medium Download PDF

Info

Publication number
CN112541182B
CN112541182B CN202011542234.0A CN202011542234A CN112541182B CN 112541182 B CN112541182 B CN 112541182B CN 202011542234 A CN202011542234 A CN 202011542234A CN 112541182 B CN112541182 B CN 112541182B
Authority
CN
China
Prior art keywords
file
accessed
layer system
target
modified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011542234.0A
Other languages
Chinese (zh)
Other versions
CN112541182A (en
Inventor
张成亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou 360 Intelligent Security Technology Co Ltd
Original Assignee
Suzhou 360 Intelligent Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou 360 Intelligent Security Technology Co Ltd filed Critical Suzhou 360 Intelligent Security Technology Co Ltd
Priority to CN202011542234.0A priority Critical patent/CN112541182B/en
Publication of CN112541182A publication Critical patent/CN112541182A/en
Application granted granted Critical
Publication of CN112541182B publication Critical patent/CN112541182B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to the technical field of computers, and discloses a kernel VFS layer system repairing method, a kernel VFS layer system repairing device, kernel VFS layer system repairing equipment and a storage medium, wherein the kernel VFS layer system repairing device comprises the following steps: when a patch package is received, extracting a file list and diff files from the patch package, and carrying out diff on the files with the holes and the files without the holes by a server to obtain the patch package; loading the file list into a memory, determining a modified file according to the file list, and identifying the modified file; when an access request is received, determining a file to be accessed according to the access request; when the file to be accessed has the identifier, determining a target difference file corresponding to the file to be accessed according to the file list and the diff file; and generating a target file according to the target difference file and the file to be accessed, so that the target file can be generated according to the target difference file and the file to be accessed without depending on a bottom file system, and vulnerability repair can be completed without occupying excessive memory space.

Description

内核VFS层系统修复方法、装置、设备及存储介质Kernel VFS layer system repair method, device, equipment and storage medium

技术领域technical field

本发明涉及计算机技术领域,尤其涉及一种内核VFS层系统修复方法、装置、设备及存储介质。The invention relates to the field of computer technology, in particular to a kernel VFS layer system repair method, device, equipment and storage medium.

背景技术Background technique

目前,针对Linux VFS层进行漏洞修复时,修复的主要目标是文件,但是,现有的漏洞修复方法都较为复杂,依赖底层文件系统,在进行漏洞修复时需要占用较多的内存空间。At present, when performing vulnerability repair on the Linux VFS layer, the main target of the repair is files. However, the existing vulnerability repair methods are relatively complicated, rely on the underlying file system, and need to occupy more memory space when performing vulnerability repair.

上述内容仅用于辅助理解本发明的技术方案,并不代表承认上述内容是现有技术。The above content is only used to assist in understanding the technical solution of the present invention, and does not mean that the above content is admitted as prior art.

发明内容Contents of the invention

本发明的主要目的在于提出一种内核VFS层系统修复方法、装置、设备及存储介质,旨在解决现有技术中漏洞修复依赖底层文件系统,需要占用较多内存空间的技术问题。The main purpose of the present invention is to propose a kernel VFS layer system repair method, device, equipment and storage medium, aiming at solving the technical problem in the prior art that the bug repair depends on the underlying file system and needs to occupy more memory space.

为实现上述目的,本发明提供一种内核VFS层系统修复方法,所述内核VFS层系统修复方法包括以下步骤:In order to achieve the above object, the invention provides a kind of kernel VFS layer system repair method, described kernel VFS layer system repair method comprises the following steps:

在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;When the patch package is received, the file list and the diff file are extracted from the patch package, and the patch package is obtained by diffing the file with the vulnerability and the file without the vulnerability;

将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;Loading the file list into memory, determining a modified file according to the file list, and identifying the modified file;

在接收到访问请求时,根据所述访问请求确定待访问文件;When receiving an access request, determine the file to be accessed according to the access request;

在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;When the file to be accessed has an identifier, determine a target difference file corresponding to the file to be accessed according to the file list and the diff file;

根据所述目标差异文件和所述待访问文件生成目标文件。A target file is generated according to the target difference file and the to-be-accessed file.

可选地,所述将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识,包括:Optionally, the loading the file list into the memory, determining the modified file according to the file list, and identifying the modified file includes:

将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息;Loading the file list into the memory, and determining the modification file information according to the file list;

从所述修改文件信息中提取修改文件名称,并根据所述修改名称确定修改文件;extracting the modified file name from the modified file information, and determining the modified file according to the modified name;

根据所述修改文件添加标识信息,以对所述修改文件进行标识。Add identification information according to the modified file to identify the modified file.

可选地,所述根据所述修改文件添加标识信息,以对所述修改文件进行标识,包括:Optionally, the adding identification information according to the modified file to identify the modified file includes:

获取所述修改文件对应的索引节点;Obtain the index node corresponding to the modified file;

在所述索引节点中添加标识信息,以对所述修改文件进行标识。Add identification information to the index node to identify the modified file.

可选地,所述在接收到访问请求时,根据所述访问请求确定待访问文件,包括:Optionally, when the access request is received, determining the file to be accessed according to the access request includes:

在通过hook层检测到访问请求时,接收所述访问请求;When an access request is detected through the hook layer, receive the access request;

从所述访问请求中提取待访问文件信息,并从所述待访问文件信息中提取待访问文件名称;extracting the information of the file to be accessed from the access request, and extracting the name of the file to be accessed from the information of the file to be accessed;

根据所述待访问文件名称确定待访问文件。The file to be accessed is determined according to the name of the file to be accessed.

可选地,所述根据所述待访问文件名称确定待访问文件之后,还包括:Optionally, after determining the file to be accessed according to the name of the file to be accessed, the method further includes:

通过hook层和所述待访问文件名称进行hook,以获取所述待访问文件。Hooking is performed through the hook layer and the name of the file to be accessed to obtain the file to be accessed.

可选地,所述在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件之前,还包括:Optionally, before determining the target difference file corresponding to the file to be accessed according to the file list and the diff file when the file to be accessed has an identifier, the method further includes:

对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识。An identifier detection is performed on the file to be accessed to determine whether there is an identifier in the file to be accessed.

可选地,所述对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识,包括:Optionally, the performing identification detection on the file to be accessed to determine whether there is an identification in the file to be accessed includes:

获取所述待访问文件对应的待检测索引节点;Acquiring the index node to be detected corresponding to the file to be accessed;

检测所述待检测索引节点中是否存在标识信息,获得检测结果;Detecting whether identification information exists in the index node to be detected, and obtaining a detection result;

根据所述检测结果判断所述待访问文件中是否存在标识。Judging whether there is an identifier in the file to be accessed according to the detection result.

可选地,所述根据所述检测结果判断所述待访问文件中是否存在标识之后,还包括:Optionally, after determining whether there is an identifier in the file to be accessed according to the detection result, the method further includes:

在所述检测结果为所述待检测索引节点中存在标识信息时,判定所述待访问文件中存在标识;When the detection result is that identification information exists in the index node to be detected, it is determined that an identification exists in the file to be accessed;

在所述检测结果为所述待检测索引节点中不存在标识信息时,判定所述待访问文件中不存在标识。When the detection result is that there is no identification information in the index node to be detected, it is determined that there is no identification information in the file to be accessed.

可选地,所述对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识之后,还包括:Optionally, after performing identification detection on the file to be accessed to determine whether there is an identification in the file to be accessed, the method further includes:

在所述待访问文件不存在标识时,将所述待访问文件作为目标文件。When the file to be accessed does not have an identifier, the file to be accessed is used as the target file.

可选地,所述在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件,包括:Optionally, when the file to be accessed has an identifier, determining the target difference file corresponding to the file to be accessed according to the file list and the diff file includes:

在所述待访问文件存在标识时,在所述文件列表中匹配与所述待访问文件对应的目标修改文件信息;When the file to be accessed has an identifier, match the target modification file information corresponding to the file to be accessed in the file list;

根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件。Determine a target difference file corresponding to the file to be accessed according to the target modification file information and the diff file.

可选地,所述根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件之后,还包括:Optionally, after determining the target difference file corresponding to the file to be accessed according to the target modification file information and the diff file, the method further includes:

从所述目标修改文件信息中提取目标文件路径;extracting the target file path from the target modification file information;

根据所述目标文件路径从所述diff文件中获取所述目标差异文件。The target difference file is obtained from the diff file according to the target file path.

可选地,所述根据所述目标差异文件和所述待访问文件生成目标文件,包括:Optionally, the generating the target file according to the target difference file and the file to be accessed includes:

从所述目标差异文件中提取目标差异数据;extracting target difference data from the target difference file;

根据所述目标差异数据对所述待访问文件进行数据还原,以生成目标文件。Data restoration is performed on the file to be accessed according to the target difference data to generate a target file.

此外,为实现上述目的,本发明还提出一种内核VFS层系统修复装置,所述内核VFS层系统修复装置包括:In addition, in order to achieve the above object, the present invention also proposes a kernel VFS layer system repairing device, said kernel VFS layer system repairing device comprising:

补丁包模块,用于在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;The patch package module is used to extract the file list and the diff file from the patch package when receiving the patch package, and the patch package is obtained by diffing the files with vulnerabilities and the files without vulnerabilities by the server;

文件标识模块,用于将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;A file identification module, configured to load the file list into the memory, determine the modified file according to the file list, and identify the modified file;

文件访问模块,用于在接收到访问请求时,根据所述访问请求确定待访问文件;A file access module, configured to determine the file to be accessed according to the access request when receiving the access request;

差异文件模块,用于在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;A difference file module, configured to determine a target difference file corresponding to the file to be accessed according to the file list and the diff file when the file to be accessed has an identifier;

目标文件模块,用于根据所述目标差异文件和所述待访问文件生成目标文件。A target file module, configured to generate a target file according to the target difference file and the file to be accessed.

可选地,所述文件标识模块,还用于将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息;从所述修改文件信息中提取修改文件名称,并根据所述修改名称确定修改文件;根据所述修改文件添加标识信息,以对所述修改文件进行标识。Optionally, the file identification module is further configured to load the file list into memory, and determine the modified file information according to the file list; extract the modified file name from the modified file information, and The modification name determines the modification file; adding identification information according to the modification file to identify the modification file.

可选地,所述文件标识模块,还用于获取所述修改文件对应的索引节点;在所述索引节点中添加标识信息,以对所述修改文件进行标识。Optionally, the file identification module is further configured to obtain an index node corresponding to the modified file; and add identification information to the index node to identify the modified file.

可选地,所述文件访问模块,还用于在通过hook层检测到访问请求时,接收所述访问请求;从所述访问请求中提取待访问文件信息,并从所述待访问文件信息中提取待访问文件名称;根据所述待访问文件名称确定待访问文件。Optionally, the file access module is further configured to receive the access request when the access request is detected through the hook layer; extract the file information to be accessed from the access request, and extract the file information from the file information to be accessed Extracting the name of the file to be accessed; determining the file to be accessed according to the name of the file to be accessed.

可选地,所述文件访问模块,还用于通过hook层和所述待访问文件名称进行hook,以获取所述待访问文件。Optionally, the file access module is further configured to perform a hook through the hook layer and the name of the file to be accessed, so as to obtain the file to be accessed.

可选地,所述差异文件模块,还用于对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识。Optionally, the difference file module is further configured to perform identification detection on the file to be accessed, so as to determine whether there is an identification in the file to be accessed.

此外,为实现上述目的,本发明还提出一种内核VFS层系统修复设备,所述内核VFS层系统修复设备包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的内核VFS层系统修复程序,所述内核VFS层系统修复程序被处理器执行时实现如上所述的内核VFS层系统修复方法的步骤。In addition, in order to achieve the above object, the present invention also proposes a kernel VFS layer system repair device, the kernel VFS layer system repair device includes: a memory, a processor, and a device stored on the memory and capable of running on the processor. A kernel VFS layer system repair program, when the kernel VFS layer system repair program is executed by a processor, the steps of the above-mentioned kernel VFS layer system repair method are realized.

此外,为实现上述目的,本发明还提出一种存储介质,所述存储介质上存储有内核VFS层系统修复程序,所述内核VFS层系统修复程序被处理器执行时实现如上所述的内核VFS层系统修复方法的步骤。In addition, in order to achieve the above object, the present invention also proposes a storage medium, on which a kernel VFS layer system repair program is stored, and when the kernel VFS layer system repair program is executed by a processor, the above-mentioned kernel VFS Steps of layer system repair method.

本发明提出的内核VFS层系统修复方法,通过在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;在接收到访问请求时,根据所述访问请求确定待访问文件;在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;根据所述目标差异文件和所述待访问文件生成目标文件,从而不依赖底层文件系统便可根据目标差异文件和待访问文件生成目标文件,不需要占用过多的内存空间便可完成漏洞修复。The method for repairing the kernel VFS layer system proposed by the present invention extracts a file list and a diff file from the patch package when the patch package is received, and the patch package is obtained by diffing the file with the loophole and the file without the loophole by the server; Loading the file list into memory, determining the modified file according to the file list, and identifying the modified file; when receiving an access request, determining the file to be accessed according to the access request; When the file has an identifier, determine the target difference file corresponding to the file to be accessed according to the file list and the diff file; generate a target file according to the target difference file and the file to be accessed, so as not to rely on the underlying file system The target file can be generated according to the target difference file and the file to be accessed, and the vulnerability repair can be completed without occupying too much memory space.

附图说明Description of drawings

图1是本发明实施例方案涉及的硬件运行环境的内核VFS层系统修复设备结构示意图;Fig. 1 is the schematic diagram of the structure of the kernel VFS layer system repairing equipment of the hardware operation environment involved in the scheme of the embodiment of the present invention;

图2为本发明内核VFS层系统修复方法第一实施例的流程示意图;Fig. 2 is the schematic flow chart of the first embodiment of the kernel VFS layer system repair method of the present invention;

图3为本发明内核VFS层系统修复方法一实施例的有漏洞文件和无漏洞文件diff示意图;Fig. 3 is a schematic diagram of a leaky file and a non-leaky file diff of an embodiment of the kernel VFS layer system repair method of the present invention;

图4为本发明内核VFS层系统修复方法第二实施例的流程示意图;Fig. 4 is the schematic flow chart of the second embodiment of the kernel VFS layer system repair method of the present invention;

图5为本发明内核VFS层系统修复方法一实施例的文件标识示意图;Fig. 5 is the file identification schematic diagram of an embodiment of the kernel VFS layer system repair method of the present invention;

图6为本发明内核VFS层系统修复方法第三实施例的流程示意图;Fig. 6 is a schematic flow chart of the third embodiment of the kernel VFS layer system repair method of the present invention;

图7为本发明内核VFS层系统修复方法一实施例的存在标识的标识检测示意图;Fig. 7 is a schematic diagram of the identification detection of the existence identification of an embodiment of the kernel VFS layer system repair method of the present invention;

图8为本发明内核VFS层系统修复方法一实施例的不存在标识的标识检测示意图;Fig. 8 is a schematic diagram of the identification detection of the non-existent identification of an embodiment of the kernel VFS layer system repair method of the present invention;

图9为本发明内核VFS层系统修复方法第四实施例的流程示意图;9 is a schematic flow chart of the fourth embodiment of the method for repairing the kernel VFS layer system of the present invention;

图10为本发明内核VFS层系统修复装置第一实施例的功能模块示意图。FIG. 10 is a schematic diagram of the functional modules of the first embodiment of the device for repairing the kernel VFS layer system of the present invention.

本发明目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The realization of the purpose of the present invention, functional characteristics and advantages will be further described in conjunction with the embodiments and with reference to the accompanying drawings.

具体实施方式Detailed ways

应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

参照图1,图1为本发明实施例方案涉及的硬件运行环境的内核VFS层系统修复设备结构示意图。Referring to FIG. 1 , FIG. 1 is a schematic structural diagram of a system repair device at the kernel VFS layer of the hardware operating environment involved in the solution of the embodiment of the present invention.

如图1所示,该内核VFS层系统修复设备可以包括:处理器1001,例如中央处理器(Central Processing Unit,CPU),通信总线1002、用户接口1003,网络接口1004,存储器1005。其中,通信总线1002用于实现这些组件之间的连接通信。用户接口1003可以包括显示屏(Display)、输入单元比如按键,可选用户接口1003还可以包括标准的有线接口、无线接口。网络接口1004可选的可以包括标准的有线接口、无线接口(如WI-FI接口)。存储器1005可以是高速随机存取存储器(Random Access Memory,RAM)存储器,也可以是稳定的存储器(non-volatile memory),例如磁盘存储器。存储器1005可选的还可以是独立于前述处理器1001的存储装置。As shown in FIG. 1 , the kernel VFS layer system repair device may include: a processor 1001 , such as a central processing unit (Central Processing Unit, CPU), a communication bus 1002 , a user interface 1003 , a network interface 1004 , and a memory 1005 . Wherein, the communication bus 1002 is used to realize connection and communication between these components. The user interface 1003 may include a display screen (Display) and an input unit such as a button, and the optional user interface 1003 may also include a standard wired interface and a wireless interface. Optionally, the network interface 1004 may include a standard wired interface and a wireless interface (such as a WI-FI interface). The memory 1005 may be a high-speed random access memory (Random Access Memory, RAM) memory, or a stable memory (non-volatile memory), such as a disk memory. Optionally, the memory 1005 may also be a storage device independent of the aforementioned processor 1001 .

本领域技术人员可以理解,图1中示出的设备结构并不构成对内核VFS层系统修复设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。Those skilled in the art can understand that the device structure shown in Figure 1 does not constitute a limitation on the kernel VFS layer system repair device, and may include more or less components than those shown in the figure, or combine certain components, or have different Part placement.

如图1所示,作为一种存储介质的存储器1005中可以包括操作系统、网络通信模块、用户接口模块以及内核VFS层系统修复程序。As shown in FIG. 1 , the memory 1005 as a storage medium may include an operating system, a network communication module, a user interface module, and a kernel VFS layer system repair program.

在图1所示的内核VFS层系统修复设备中,网络接口1004主要用于连接外网,与其他网络设备进行数据通信;用户接口1003主要用于连接用户设备,与所述用户设备进行数据通信;本发明设备通过处理器1001调用存储器1005中存储的内核VFS层系统修复程序,并执行本发明实施例提供的内核VFS层系统修复方法。In the kernel VFS layer system repair device shown in Figure 1, the network interface 1004 is mainly used to connect to the external network and perform data communication with other network devices; the user interface 1003 is mainly used to connect to user equipment and perform data communication with the user equipment The device of the present invention calls the kernel VFS layer system repair program stored in the memory 1005 through the processor 1001, and executes the kernel VFS layer system repair method provided by the embodiment of the present invention.

基于上述硬件结构,提出本发明内核VFS层系统修复方法实施例。Based on the above hardware structure, an embodiment of the method for repairing the kernel VFS layer system of the present invention is proposed.

参照图2,图2为本发明内核VFS层系统修复方法第一实施例的流程示意图。Referring to FIG. 2 , FIG. 2 is a schematic flowchart of a first embodiment of a method for repairing a kernel VFS layer system according to the present invention.

在第一实施例中,所述内核VFS层系统修复方法包括以下步骤:In the first embodiment, the method for repairing the kernel VFS layer system includes the following steps:

步骤S10,在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到。Step S10, when receiving the patch package, extract the file list and the diff file from the patch package, and the patch package is obtained by diffing the vulnerable file and the non-vulnerable file by the server.

需要说明的是,本实施例的执行主体可为内核VFS层系统修复设备,例如终端设备,还可为其他可实现相同或相似功能的设备,本实施例对此不作限制,在本实施例中,以终端设备为例进行说明。It should be noted that the execution subject of this embodiment can be a kernel VFS layer system repair device, such as a terminal device, or other devices that can achieve the same or similar functions, which is not limited in this embodiment. In this embodiment , using a terminal device as an example for illustration.

需要说明的是,本实施例的技术方案可应用于Linux系统,VFS(virtual FileSystem)的作用就是采用标准的Linux系统调用读写位于不同物理介质上的不同文件系统,即为各类文件系统提供了一个统一的操作界面和应用编程接口。VFS是一个可以让open()、read()、write()等系统调用不用关心底层的存储介质和文件系统类型就可以工作的粘合层。It should be noted that the technical solution of this embodiment can be applied to Linux systems, and the function of VFS (virtual FileSystem) is to use standard Linux system calls to read and write different file systems located on different physical media, that is, to provide various file systems A unified user interface and application programming interface. VFS is a glue layer that allows system calls such as open(), read(), and write() to work regardless of the underlying storage medium and file system type.

应当理解的是,服务器在检测到有漏洞文件时,可获取所述有漏洞文件对应的无漏洞文件,将由漏洞文件与无漏洞文件进行diff,得到补丁包。其中,diff命令是在最简单的情况下,比较两个文件的不同,如果使用“-”代替文件参数,则要比较的内容来自标准输入。diff命令是以逐行的方式比较文本文件的异同之处,如果指定比较的是目录的时候,diff命令会比较两个目录下名字相同的文本文件,但不会比较其中子目录。It should be understood that, when the server detects a file with a vulnerability, it may acquire the file without the vulnerability corresponding to the file with the vulnerability, and perform a diff between the file with the vulnerability and the file without the vulnerability to obtain a patch package. Among them, the diff command is to compare the difference between two files in the simplest case. If "-" is used instead of the file parameter, the content to be compared comes from the standard input. The diff command compares the similarities and differences of text files line by line. If you specify a directory to compare, the diff command will compare the text files with the same name in the two directories, but will not compare the subdirectories.

在具体实现中,如图3所示,图3为有漏洞文件和无漏洞文件diff示意图,set1为有漏洞文件,包括:1、2、3、4、5,set2为无漏洞文件,包括:1、2、3'、4、5',将set1与set2进行diff后可发现,set1中的3、5与set2中的3'、5'存在差异,因此,可将3'、5'作为diff文件,进而根据3'、5'生成补丁包。In the specific implementation, as shown in Figure 3, Figure 3 is a schematic diagram of a diff between a file with vulnerabilities and a file without vulnerabilities, set1 is a file with vulnerabilities, including: 1, 2, 3, 4, 5, and set2 is a file without vulnerabilities, including: 1, 2, 3', 4, 5', after diffing set1 and set2, it can be found that there are differences between 3, 5 in set1 and 3', 5' in set2, so 3', 5' can be used as diff file, and then generate a patch package according to 3' and 5'.

应当理解的是,本实施例中的补丁包由diff文件和文件列表这两部分组成,差异文件为diff的内容,而文件列表是对diff文件进行描述的列表,例如,文件列表中可以记录diff文件的文件名称、文件大小以及文件路径等文件信息,还可记录其他文件信息,本实施例对此不作限制。It should be understood that the patch package in this embodiment is composed of a diff file and a file list. The difference file is the content of diff, and the file list is a list describing the diff file. For example, the file list can record diff File information such as the file name, file size, and file path of the file may also record other file information, which is not limited in this embodiment.

因此,服务器在将有漏洞文件和无漏洞文件进行diff得到diff文件后,可获取diff文件对应的diff文件信息,并根据所述diff文件信息生成文件列表,根据所述diff文件和所述文件列表生成补丁包。如图3所示,图3中的补丁包由diff文件:3'、5'和文件列表list这两部分组成。Therefore, after the server diffs the vulnerable file and the non-vulnerable file to obtain the diff file, it can obtain the diff file information corresponding to the diff file, and generate a file list according to the diff file information, and according to the diff file and the file list Generate a patch package. As shown in FIG. 3, the patch package in FIG. 3 consists of two parts: diff files: 3', 5' and a file list list.

应当理解的是,服务器在生成补丁包后,将补丁包发送给终端设备,终端设备在接收到补丁包后,便可对补丁包进行解压,从而获得diff文件和文件列表。It should be understood that after the server generates the patch package, it sends the patch package to the terminal device. After receiving the patch package, the terminal device can decompress the patch package to obtain a diff file and a file list.

步骤S20,将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识。Step S20, loading the file list into memory, determining the modified file according to the file list, and marking the modified file.

可以理解的是,终端设备在获得文件列表后,可将文件列表加载到内存中,并且根据文件列表确定修改文件,并对修改文件进行标识。It can be understood that, after obtaining the file list, the terminal device may load the file list into the memory, determine the modified file according to the file list, and identify the modified file.

在具体实现中,根据文件列表可确定修改文件为文件3、5,此时,可对文件3、5进行标识。In a specific implementation, according to the file list, it can be determined that the modified files are files 3 and 5, and at this time, the files 3 and 5 can be identified.

步骤S30,在接收到访问请求时,根据所述访问请求确定待访问文件。Step S30, when an access request is received, determine the file to be accessed according to the access request.

应当理解的是,在VFS层进行open()、read()、write()等系统调用时,会对VFS层进行访问,因此,在接收到访问请求时,可根据访问请求确定待访问文件。It should be understood that when the VFS layer performs system calls such as open(), read(), and write(), the VFS layer will be accessed. Therefore, when an access request is received, the file to be accessed can be determined according to the access request.

进一步地,为了更加准确地检测访问请求以及确定待访问文件,所述步骤S30,包括:Further, in order to more accurately detect the access request and determine the file to be accessed, the step S30 includes:

在通过hook层检测到访问请求时,接收所述访问请求;从所述访问请求中提取待访问文件信息,并从所述待访问文件信息中提取待访问文件名称;根据所述待访问文件名称确定待访问文件。When the access request is detected by the hook layer, the access request is received; the file information to be accessed is extracted from the access request, and the file name to be accessed is extracted from the file information to be accessed; according to the file name to be accessed Determine the file to be accessed.

可以理解的是,在通过hook层检测到访问进程的访问请求时,可接收该访问请求,并根据该访问请求确定要访问的文件。可从访问请求中提取待访问文件信息,进而从待访问文件信息中提取待访问文件名称,由于每个文件都有其对应的文件名称,例如文件3对应的名称为“文件3”,文件4对应的名称为“文件4”等,因此,在确定待访问文件名称后,可根据待访问文件名称确定待访问文件。It can be understood that when an access request of an access process is detected through the hook layer, the access request can be received, and the file to be accessed can be determined according to the access request. The file information to be accessed can be extracted from the access request, and then the name of the file to be accessed can be extracted from the file information to be accessed. Since each file has its corresponding file name, for example, the name corresponding to file 3 is "file 3", file 4 The corresponding name is "file 4", etc. Therefore, after the name of the file to be accessed is determined, the file to be accessed can be determined according to the name of the file to be accessed.

进一步地,在确定待访问文件后,为了更加准确地获取待访问文件,所述根据所述待访问文件名称确定待访问文件之后,还包括:Further, after determining the file to be accessed, in order to obtain the file to be accessed more accurately, after determining the file to be accessed according to the name of the file to be accessed, it also includes:

通过hook层和所述待访问文件名称进行hook,以获取所述待访问文件。Hooking is performed through the hook layer and the name of the file to be accessed to obtain the file to be accessed.

可以理解的是,在确定待访问文件名称后,为了准确地获取待访问文件名称对应的待访问文件,可通过hook层和待访问文件名称进行hook操作,以获取待访问文件。It can be understood that after the name of the file to be accessed is determined, in order to accurately obtain the file to be accessed corresponding to the name of the file to be accessed, a hook operation can be performed through the hook layer and the name of the file to be accessed to obtain the file to be accessed.

步骤S40,在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件。Step S40, when the file to be accessed has an identifier, determine the target difference file corresponding to the file to be accessed according to the file list and the diff file.

应当理解的是,由于在上述步骤中已经将需要修改的文件进行了标识,因此,可通过检测待访问文件是否存在标识的方式来判断是否需要对其进行修改。如果待访问文件存在标识,则说明需要对其进行修改,如果待访问文件不存在标识,则说明不需要对其进行修改。It should be understood that, since the file to be modified has been marked in the above steps, whether it needs to be modified can be determined by detecting whether the file to be accessed has a mark. If there is an identifier in the file to be accessed, it means that it needs to be modified, and if there is no identifier in the file to be accessed, it means that it does not need to be modified.

可以理解的是,在需要对待访问文件进行修改时,可根据文件列表和diff文件确定待访问文件对应的目标差异文件,进而根据目标差异文件对待检测文件进行修复。It can be understood that when the file to be accessed needs to be modified, the target difference file corresponding to the file to be accessed can be determined according to the file list and the diff file, and then the file to be detected can be repaired according to the target difference file.

步骤S50,根据所述目标差异文件和所述待访问文件生成目标文件。Step S50, generating a target file according to the target difference file and the file to be accessed.

应当理解的是,在确定目标差异文件和待访问文件后,可基于目标差异文件对待访问文件进行处理,以生成目标文件,从而可达到对待访问文件进行漏洞修复的效果。It should be understood that after the target difference file and the file to be accessed are determined, the file to be accessed may be processed based on the target difference file to generate a target file, thereby achieving the effect of repairing the vulnerability of the file to be accessed.

可以理解的是,该步骤具体可为:可从目标差异文件中提取目标差异数据,进而根据所述目标差异数据对所述待访问文件进行数据还原,以生成目标文件,将目标文件反馈给访问进程。It can be understood that this step can specifically be: the target difference data can be extracted from the target difference file, and then the data of the file to be accessed can be restored according to the target difference data to generate a target file, and the target file can be fed back to the accessing process.

可以理解的是,本实施例针对Linux系统一切皆文件的特征,通过上述方案具备修复任何真实文件的能力,而且由于补丁包为压缩格式,可以减小文件下发的传输负载。并且本方案不依赖底层文件系统,支持字节随机访问,支持即用即合成,不需要占用过多的内存空间,在需要使用到文件时,才对其进行漏洞修复,避免了资源的浪费。It can be understood that this embodiment aims at the feature that everything in the Linux system is a file, through the above solution, it has the ability to repair any real file, and since the patch package is in a compressed format, the transmission load of file delivery can be reduced. Moreover, this solution does not rely on the underlying file system, supports byte random access, and supports out-of-the-box composition. It does not need to occupy too much memory space. When the file needs to be used, the vulnerability is repaired to avoid the waste of resources.

本实施例中通过在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;在接收到访问请求时,根据所述访问请求确定待访问文件;在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;根据所述目标差异文件和所述待访问文件生成目标文件,从而不依赖底层文件系统便可根据目标差异文件和待访问文件生成目标文件,不需要占用过多的内存空间便可完成漏洞修复。In this embodiment, when the patch package is received, the file list and the diff file are extracted from the patch package, and the patch package is obtained by diffing the files with vulnerabilities and the files without vulnerabilities by the server; the file list is loaded into In the memory, determine the modified file according to the file list, and identify the modified file; when receiving the access request, determine the file to be accessed according to the access request; The file list and the diff file determine the target difference file corresponding to the file to be accessed; the target file is generated according to the target difference file and the file to be accessed, so that the target difference file and the target difference file can be obtained without relying on the underlying file system The target file is generated by accessing the file, and the vulnerability repair can be completed without occupying too much memory space.

在一实施例中,如图4所示,基于第一实施例提出本发明内核VFS层系统修复方法第二实施例,所述步骤S20,包括:In one embodiment, as shown in FIG. 4 , based on the first embodiment, a second embodiment of the method for repairing the kernel VFS layer system of the present invention is proposed, and the step S20 includes:

步骤S201,将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息。Step S201, loading the file list into memory, and determining the modified file information according to the file list.

应当理解的是,终端设备可将文件列表加载到内核的内存中,这样操作既不会增加过多的内存占用,也可在需要使用到文件列表时,能够及时地从内存中调用文件列表,提高漏洞修复的效率。It should be understood that the terminal device can load the file list into the memory of the kernel, so that the operation will not increase too much memory usage, and the file list can be called from the memory in time when the file list needs to be used. Improve the efficiency of bug fixes.

可以理解的是,由于文件列表中记录有diff文件对应的文件信息,因此,可根据文件列表确定这些需要修改的文件的修改文件信息。It can be understood that, since the file information corresponding to the diff file is recorded in the file list, the modified file information of the files to be modified can be determined according to the file list.

步骤S202,从所述修改文件信息中提取修改文件名称,并根据所述修改名称确定修改文件。Step S202, extracting the modified file name from the modified file information, and determining the modified file according to the modified name.

可以理解的是,由于文件列表中记录的diff文件对应的文件信息包括文件名称、文件大小以及文件路径等信息,因此,在获得修改文件信息后,可从修改文件信息中提取修改文件名称,进而根据修改文件名称确定修改文件。It can be understood that since the file information corresponding to the diff file recorded in the file list includes information such as file name, file size, and file path, after obtaining the modified file information, the modified file name can be extracted from the modified file information, and then Determine the modified file based on the modified file name.

在具体实现中,例如,从修改文件信息中提取的修改文件名称为“文件3”和“文件5”时,可确定修改文件为文件3和文件5。In a specific implementation, for example, when the modified file names extracted from the modified file information are "file 3" and "file 5", it may be determined that the modified files are file 3 and file 5.

步骤S203,根据所述修改文件添加标识信息,以对所述修改文件进行标识。Step S203, adding identification information according to the modified file to identify the modified file.

应当理解的是,在确定修改文件后,可根据修改文件添加标识信息,以达到对修改文件进行标识的效果。例如,在修改文件为文件3和文件5时,可对文件3和文件5添加标识信息,以对文件3和文件5进行标识。It should be understood that, after the modified file is determined, identification information may be added according to the modified file, so as to achieve the effect of identifying the modified file. For example, when the files are modified as file 3 and file 5, identification information may be added to file 3 and file 5 to identify file 3 and file 5.

进一步地,由于本方案应用在Linux系统,为了达到更好的标识效果,所述步骤S203,包括:Further, since this solution is applied to the Linux system, in order to achieve a better identification effect, the step S203 includes:

获取所述修改文件对应的索引节点;在所述索引节点中添加标识信息,以对所述修改文件进行标识。Obtaining the index node corresponding to the modified file; adding identification information to the index node to identify the modified file.

应当理解的是,每个文件都有对应的索引节点inode,inode是Linux系统中的一种数据结构,其本质是结构体,它包含了与文件系统中各个文件相关的一些重要信息,在Linux系统中创建文件系统时,同时将会创建大量的inode,通常文件系统磁盘空间中大约百分之一空间分配给了inode表,在Linux系统中使用inode可以节约大量的时间,并且提高工作效率。It should be understood that each file has a corresponding index node inode, inode is a data structure in the Linux system, its essence is a structure, it contains some important information related to each file in the file system, in Linux When a file system is created in the system, a large number of inodes will be created at the same time. Usually, about one percent of the disk space of the file system is allocated to the inode table. Using inodes in the Linux system can save a lot of time and improve work efficiency.

因此,在确定修改文件后,可获取修改文件对应的索引节点,并且在修改文件对应的索引节点中添加标识信息,以达到对修改文件进行标识的效果。Therefore, after the modified file is determined, the index node corresponding to the modified file can be obtained, and identification information can be added to the index node corresponding to the modified file, so as to achieve the effect of identifying the modified file.

在具体实现中,如图5所示,图5为文件标识示意图,修改文件为文件3和文件5,可分别获取文件3对应的索引节点inode3以及文件5对应的索引节点inode5,然后在inode3和inode5中添加标识信息,以对文件3和文件4进行标识。In the specific implementation, as shown in Figure 5, Figure 5 is a schematic diagram of file identification, modify the files to file 3 and file 5, respectively obtain the index node inode3 corresponding to file 3 and the index node inode5 corresponding to file 5, and then inode3 and file 5 Add identification information to inode5 to identify file 3 and file 4.

本实施例中通过将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息;从所述修改文件信息中提取修改文件名称,并根据所述修改名称确定修改文件;根据所述修改文件添加标识信息,以对所述修改文件进行标识,从而根据文件列表确定修改文件名称,进而确定修改文件,通过添加标识信息的方式对修改文件进行标识,在后续的步骤中通过标识检测的方式来判断该文件是否需要修复,提高了检测的效率和准确性。In this embodiment, the file list is loaded into the memory, and the modified file information is determined according to the file list; the modified file name is extracted from the modified file information, and the modified file is determined according to the modified name; Add identification information to the modified file to identify the modified file, thereby determine the modified file name according to the file list, and then determine the modified file, identify the modified file by adding identification information, and pass the identification detection in the subsequent steps The way to judge whether the file needs to be repaired improves the efficiency and accuracy of the detection.

在一实施例中,如图6所示,基于第一实施例或第二实施例提出本发明内核VFS层系统修复方法第三实施例,在本实施例中,基于第一实施例进行说明,所述步骤S40之前,还包括:In one embodiment, as shown in FIG. 6, a third embodiment of the method for repairing the kernel VFS layer system of the present invention is proposed based on the first embodiment or the second embodiment. In this embodiment, the description is based on the first embodiment, Before the step S40, it also includes:

步骤S01,对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识。Step S01, performing identification detection on the file to be accessed to determine whether there is an identification in the file to be accessed.

应当理解的是,在确定待访问文件后,可对待访问文件进行标识检测,以判断待访问文件中是否存在标识,在待访问文件存在标识时,说明需要对待访问文件进行修复,在待访问文件不存在标识时,说明不需要对待访问文件进行修复,两种情况下执行不同的代码,进行不同的操作。It should be understood that after the file to be accessed is determined, the file to be accessed can be detected for identification to determine whether there is an identification in the file to be accessed. When there is an identification in the file to be accessed, it indicates that the file to be accessed needs to be repaired. When there is no flag, it means that the file to be accessed does not need to be repaired. In the two cases, different codes are executed and different operations are performed.

进一步地,为了更加准确地检测待访问文件是否存在标识,提高检测的准确性,所述S01,包括:Further, in order to more accurately detect whether there is an identifier in the file to be accessed and improve the accuracy of detection, the S01 includes:

获取所述待访问文件对应的待检测索引节点;检测所述待检测索引节点中是否存在标识信息,获得检测结果;根据所述检测结果判断所述待访问文件中是否存在标识。Acquiring the index node to be detected corresponding to the file to be accessed; detecting whether there is identification information in the index node to be detected, and obtaining a detection result; judging whether there is an identification in the file to be accessed according to the detection result.

可以理解的是,标识检测的方式可为获取待访问文件对应的待检测索引节点,通过检测索引节点中是否存在标识信息的方式来判断待访问文件是否存在标识。It can be understood that the identification detection method may be to obtain the index node to be detected corresponding to the file to be accessed, and determine whether the file to be accessed has an identification by detecting whether identification information exists in the index node.

在具体实现中,如图7所示,图7为存在标识的标识检测示意图,假设待访问文件为文件5,那么可获取文件5对应的待检测索引节点inode5,检测inode5中是否存在标识信息,以判断文件5中是否存在标识,在inode5中存在标识信息时,则说明文件5存在标识,进而根据文件5和文件5对应的目标差异文件生成目标文件。In the specific implementation, as shown in FIG. 7, FIG. 7 is a schematic diagram of the identification detection of the presence of the identification. Assuming that the file to be accessed is file 5, the corresponding index node inode5 to be detected of the file 5 can be obtained, and whether there is identification information in the inode5 is detected. To determine whether there is an identifier in the file 5, if there is identifier information in the inode5, it means that the identifier exists in the file 5, and then the target file is generated according to the target difference file corresponding to the file 5 and the file 5.

进一步地,由于索引节点中记录是其对应的文件的文件信息,因此,待检测索引节点中记录有待访问节点的各项文件信息,通过这些文件信息便可确定待访问节点的标识情况,所述根据所述检测结果判断所述待访问文件中是否存在标识之后,还包括:Further, since the index node records the file information of its corresponding file, therefore, the index node to be detected records various file information of the node to be visited, and the identification of the node to be visited can be determined through these file information, the said After judging whether there is an identifier in the file to be accessed according to the detection result, it also includes:

在所述检测结果为所述待检测索引节点中存在标识信息时,判定所述待访问文件中存在标识;在所述检测结果为所述待检测索引节点中不存在标识信息时,判定所述待访问文件中不存在标识。When the detection result is that there is identification information in the index node to be detected, it is determined that there is an identification in the file to be accessed; when the detection result is that there is no identification information in the index node to be detected, it is determined that the Identifier does not exist in the file to be accessed.

应当理解的是,在检测结果为待检测索引节点中存在标识信息时,则说明待访问文件中存在标识,而在检测结果为待检测索引节点中不存在标识信息时,则说明待访问节点中不存在标识,通过对待检测索引节点进行标识信息检测的方式,可快速地确定待识别文件是否存在标识,提高了检测效率。It should be understood that, when the detection result is that there is identification information in the index node to be detected, it means that there is an identification in the file to be accessed, and when the detection result is that there is no identification information in the index node to be detected, it means that there is There is no mark, and by detecting the mark information of the index node to be detected, it can be quickly determined whether the mark is present in the file to be recognized, and the detection efficiency is improved.

进一步地,由于还存在待访问文件不存在标识的情况,在这种情况下仍需要对访问请求作出相应,所述对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识之后,还包括:Further, since there is still a situation where the file to be accessed does not have an identifier, in this case it is still necessary to respond to the access request, and the identifier detection is performed on the file to be accessed to determine whether there is an identifier in the file to be accessed After identification, also include:

在所述待访问文件不存在标识时,将所述待访问文件作为目标文件。When the file to be accessed does not have an identifier, the file to be accessed is used as the target file.

应当理解的是,在待访问文件不存在标识时,说明不需要对待访问文件进行修改,直接将待访问文件作为目标文件反馈给访问进程即可。It should be understood that when there is no identifier for the file to be accessed, it means that the file to be accessed does not need to be modified, and the file to be accessed can be directly fed back to the access process as the target file.

在具体实现中,如图8所示,图8为不存在标识的标识检测示意图,假设待访问文件为文件1,那么可获取文件1对应的待检测索引节点inode1,检测inode1中是否存在标识信息,以判断文件1中是否存在标识,在inode5中不存在标识信息时,则说明文件1存在标识,进而将文件1作为目标文件。In the specific implementation, as shown in Figure 8, Figure 8 is a schematic diagram of identification detection without identification, assuming that the file to be accessed is file 1, then the index node inode1 to be detected corresponding to file 1 can be obtained, and whether identification information exists in inode1 can be detected , to determine whether there is an identifier in the file 1, and if there is no identifier information in the inode5, it means that the identifier exists in the file 1, and then the file 1 is taken as the target file.

本实施例中通过对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识,进而根据判断结果采取不同的操作策略,提高了文件访问的灵活性。In this embodiment, the identifier detection is performed on the file to be accessed to determine whether there is an identifier in the file to be accessed, and then different operation strategies are adopted according to the judgment result, thereby improving the flexibility of file access.

在一实施例中,如图9所示,基于第一实施例或第二实施例提出本发明内核VFS层系统修复方法第四实施例,在本实施例中,基于第一实施例进行说明,所述步骤S40,包括:In one embodiment, as shown in FIG. 9, the fourth embodiment of the method for repairing the kernel VFS layer system of the present invention is proposed based on the first embodiment or the second embodiment. In this embodiment, the description is based on the first embodiment. The step S40 includes:

步骤S401,在所述待访问文件存在标识时,在所述文件列表中匹配与所述待访问文件对应的目标修改文件信息。Step S401, when the file to be accessed has an identifier, match the target modification file information corresponding to the file to be accessed in the file list.

应当理解的是,在待访问文件存在标识时,说明待访问文件需要进行修复,可在文件列表中匹配与待访问文件对应的目标修改文件信息。It should be understood that when the file to be accessed has an identifier, it means that the file to be accessed needs to be repaired, and the target modified file information corresponding to the file to be accessed can be matched in the file list.

步骤S402,根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件。Step S402: Determine the target difference file corresponding to the file to be accessed according to the target modification file information and the diff file.

可以理解的是,可从目标修改文件信息中提取目标修改文件名称,进而根据目标修改文件名称和diff文件确定待访问文件对应的目标差异文件。It can be understood that the target modification file name can be extracted from the target modification file information, and then the target difference file corresponding to the file to be accessed is determined according to the target modification file name and the diff file.

在具体实现中,例如,待访问文件为文件5时,可在文件列表中匹配与文件5对应的目标修改文件信息,然后可确定目标修改文件名称为文件5',进而根据目标文件名称和diff文件可确定待访问文件对应的目标差异文件。In a specific implementation, for example, when the file to be accessed is file 5, the target modification file information corresponding to file 5 can be matched in the file list, and then the name of the target modification file can be determined to be file 5', and then according to the target file name and diff The file can determine the target difference file corresponding to the file to be accessed.

进一步地,由于文件列表中记录有文件路径,因此,可从文件列表中获取文件路径来获取差异文件,所述根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件之后,还包括:Further, since the file path is recorded in the file list, the file path can be obtained from the file list to obtain the difference file, and the target corresponding to the file to be accessed is determined according to the target modification file information and the diff file After the diff file, also include:

从所述目标修改文件信息中提取目标文件路径;根据所述目标文件路径从所述diff文件中获取所述目标差异文件。Extracting the target file path from the target modification file information; obtaining the target difference file from the diff file according to the target file path.

应当理解的是,由于diff文件中可能包括多个差异文件,查找起来较为复杂,为了提高差异文件获取的效率,在根据目标修改文件名称确定目标差异文件后,还可从目标修改文件信息中提取目标文件路径,然后根据目标文件路径从diff文件中获取目标差异文件。It should be understood that since the diff file may include multiple difference files, it is more complicated to find. In order to improve the efficiency of obtaining the difference files, after determining the target difference file according to the name of the target modification file, it can also be extracted from the information of the target modification file. The target file path, and then obtain the target difference file from the diff file according to the target file path.

本实施例中通过在所述待访问文件存在标识时,在所述文件列表中匹配与所述待访问文件对应的目标修改文件信息,根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件,从所述目标修改文件信息中提取目标文件路径;根据所述目标文件路径从所述diff文件中获取所述目标差异文件,从而可根据文件列表确定目标差异文件,并且根据文件列表中记录的文件路径信息从diff文件中获取目标差异文件,从而可准确地确定并获取目标差异文件,提高了目标差异文件的获取效率。In this embodiment, when the file to be accessed has an identifier, match the target modification file information corresponding to the file to be accessed in the file list, and determine the target modification file information according to the target modification file information and the diff file. The target difference file corresponding to the file to be accessed, extracting the target file path from the target modification file information; obtaining the target difference file from the diff file according to the target file path, so that the target difference file can be determined according to the file list , and obtain the target difference file from the diff file according to the file path information recorded in the file list, so that the target difference file can be accurately determined and obtained, and the efficiency of obtaining the target difference file is improved.

此外,本发明实施例还提出一种存储介质,所述存储介质上存储有内核VFS层系统修复程序,所述内核VFS层系统修复程序被处理器执行时实现如上文所述的内核VFS层系统修复方法的步骤。In addition, the embodiment of the present invention also proposes a storage medium, on which a kernel VFS layer system repair program is stored, and when the kernel VFS layer system repair program is executed by a processor, the kernel VFS layer system as described above is realized. Steps in the repair method.

由于本存储介质采用了上述所有实施例的全部技术方案,因此至少具有上述实施例的技术方案所带来的所有有益效果,在此不再一一赘述。Since the storage medium adopts all the technical solutions of all the above-mentioned embodiments, it at least has all the beneficial effects brought by the technical solutions of the above-mentioned embodiments, which will not be repeated here.

此外,参照图10,本发明实施例还提出一种内核VFS层系统修复装置,所述内核VFS层系统修复装置包括:In addition, referring to FIG. 10 , an embodiment of the present invention also proposes a kernel VFS layer system repairing device, the kernel VFS layer system repairing device includes:

补丁包模块10,用于在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到。The patch package module 10 is configured to, when receiving the patch package, extract a file list and a diff file from the patch package, and the patch package is obtained by performing a diff between the vulnerable file and the non-vulnerable file by the server.

文件标识模块20,用于将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识。The file identification module 20 is configured to load the file list into memory, determine the modified file according to the file list, and identify the modified file.

文件访问模块30,用于在接收到访问请求时,根据所述访问请求确定待访问文件。The file access module 30 is configured to determine the file to be accessed according to the access request when receiving the access request.

差异文件模块40,用于在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件。The difference file module 40 is configured to determine a target difference file corresponding to the file to be accessed according to the file list and the diff file when the file to be accessed has an identifier.

目标文件模块50,用于根据所述目标差异文件和所述待访问文件生成目标文件。The target file module 50 is configured to generate a target file according to the target difference file and the file to be accessed.

本实施例中通过在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;在接收到访问请求时,根据所述访问请求确定待访问文件;在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;根据所述目标差异文件和所述待访问文件生成目标文件,从而不依赖底层文件系统便可根据目标差异文件和待访问文件生成目标文件,不需要占用过多的内存空间便可完成漏洞修复。In this embodiment, when the patch package is received, the file list and the diff file are extracted from the patch package, and the patch package is obtained by diffing the files with vulnerabilities and the files without vulnerabilities by the server; the file list is loaded into In the memory, determine the modified file according to the file list, and identify the modified file; when receiving the access request, determine the file to be accessed according to the access request; The file list and the diff file determine the target difference file corresponding to the file to be accessed; the target file is generated according to the target difference file and the file to be accessed, so that the target difference file and the target difference file can be obtained without relying on the underlying file system The target file is generated by accessing the file, and the vulnerability repair can be completed without occupying too much memory space.

在一实施例中,所述差异文件模块40,还用于获取所述待访问文件对应的待检测索引节点;检测所述待检测索引节点中是否存在标识信息,获得检测结果;根据所述检测结果判断所述待访问文件中是否存在标识。In one embodiment, the difference file module 40 is further configured to obtain the index node to be detected corresponding to the file to be accessed; detect whether there is identification information in the index node to be detected, and obtain the detection result; according to the detection As a result, it is judged whether there is an identifier in the file to be accessed.

在一实施例中,所述差异文件模块40,还用于在所述检测结果为所述待检测索引节点中存在标识信息时,判定所述待访问文件中存在标识;在所述检测结果为所述待检测索引节点中不存在标识信息时,判定所述待访问文件中不存在标识。In an embodiment, the difference file module 40 is further configured to determine that an identifier exists in the file to be accessed when the detection result is that there is identification information in the index node to be detected; when the detection result is When there is no identification information in the index node to be detected, it is determined that there is no identification in the file to be accessed.

在一实施例中,所述差异文件模块40,还用于在所述待访问文件不存在标识时,将所述待访问文件作为目标文件。In an embodiment, the difference file module 40 is further configured to use the file to be accessed as the target file when the file to be accessed does not have an identifier.

在一实施例中,所述差异文件模块40,还用于在所述待访问文件存在标识时,在所述文件列表中匹配与所述待访问文件对应的目标修改文件信息;根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件。In an embodiment, the difference file module 40 is further configured to match the target modification file information corresponding to the file to be accessed in the file list when the file to be accessed has an identifier; Modify the file information and the diff file to determine the target difference file corresponding to the file to be accessed.

在一实施例中,所述差异文件模块40,还用于从所述目标修改文件信息中提取目标文件路径;根据所述目标文件路径从所述diff文件中获取所述目标差异文件。In an embodiment, the difference file module 40 is further configured to extract a target file path from the target modification file information; and obtain the target difference file from the diff file according to the target file path.

在一实施例中,所述目标文件模块50,还用于从所述目标差异文件中提取目标差异数据;根据所述目标差异数据对所述待访问文件进行数据还原,以生成目标文件。In an embodiment, the target file module 50 is further configured to extract target difference data from the target difference file; perform data restoration on the file to be accessed according to the target difference data to generate a target file.

在本发明所述内核VFS层系统修复装置的其他实施例或具体实现方法可参照上述各方法实施例,此处不再赘述。For other embodiments or specific implementation methods of the device for repairing the system at the kernel VFS layer in the present invention, reference may be made to the above-mentioned method embodiments, which will not be repeated here.

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, in this document, the term "comprising", "comprising" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a ..." does not preclude the presence of additional identical elements in the process, method, article, or apparatus comprising that element.

上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the above embodiments of the present invention are for description only, and do not represent the advantages and disadvantages of the embodiments.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该估算机软件产品存储在如上所述的一个估算机可读存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台智能设备(可以是手机,估算机,内核VFS层系统修复设备,或者网络内核VFS层系统修复设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware, but in many cases the former is better implementation. Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of a software product, which is stored in a computer-readable storage medium as described above (such as ROM/RAM, magnetic disk, optical disk), including several instructions to make a smart device (which can be a mobile phone, a computer, a kernel VFS layer system repair device, or a network kernel VFS layer system repair device, etc.) execute this The methods described in the various embodiments of the invention.

Claims (20)

1.一种内核VFS层系统修复方法,其特征在于,所述内核VFS层系统修复方法包括以下步骤:1. a kind of kernel VFS layer system repairing method, it is characterized in that, described kernel VFS layer system repairing method comprises the following steps: 在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;When the patch package is received, the file list and the diff file are extracted from the patch package, and the patch package is obtained by diffing the file with the vulnerability and the file without the vulnerability; 将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;Loading the file list into memory, determining a modified file according to the file list, and identifying the modified file; 在接收到访问请求时,根据所述访问请求确定待访问文件;When receiving an access request, determine the file to be accessed according to the access request; 在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;When the file to be accessed has an identifier, determine a target difference file corresponding to the file to be accessed according to the file list and the diff file; 根据所述目标差异文件和所述待访问文件生成目标文件。A target file is generated according to the target difference file and the to-be-accessed file. 2.如权利要求1所述的内核VFS层系统修复方法,其特征在于,所述将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识,包括:2. the kernel VFS layer system repairing method as claimed in claim 1, is characterized in that, described list of files is loaded in internal memory, determines modification file according to list of files, and identifies modification file, include: 将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息;Loading the file list into the memory, and determining the modification file information according to the file list; 从所述修改文件信息中提取修改文件名称,并根据所述修改文件名称确定修改文件;extracting the modified file name from the modified file information, and determining the modified file according to the modified file name; 根据所述修改文件添加标识信息,以对所述修改文件进行标识。Add identification information according to the modified file to identify the modified file. 3.如权利要求2所述的内核VFS层系统修复方法,其特征在于,所述根据所述修改文件添加标识信息,以对所述修改文件进行标识,包括:3. kernel VFS layer system repairing method as claimed in claim 2, is characterized in that, described according to described modified file adding identification information, to mark described modified file, comprising: 获取所述修改文件对应的索引节点;Obtain the index node corresponding to the modified file; 在所述索引节点中添加标识信息,以对所述修改文件进行标识。Add identification information to the index node to identify the modified file. 4.如权利要求1~3中任一项所述的内核VFS层系统修复方法,其特征在于,所述在接收到访问请求时,根据所述访问请求确定待访问文件,包括:4. The kernel VFS layer system repair method according to any one of claims 1 to 3, wherein, when the access request is received, determining the file to be accessed according to the access request includes: 在通过hook层检测到访问请求时,接收所述访问请求;When an access request is detected through the hook layer, receive the access request; 从所述访问请求中提取待访问文件信息,并从所述待访问文件信息中提取待访问文件名称;extracting the information of the file to be accessed from the access request, and extracting the name of the file to be accessed from the information of the file to be accessed; 根据所述待访问文件名称确定待访问文件。The file to be accessed is determined according to the name of the file to be accessed. 5.如权利要求4所述的内核VFS层系统修复方法,其特征在于,所述根据所述待访问文件名称确定待访问文件之后,还包括:5. kernel VFS layer system repairing method as claimed in claim 4, is characterized in that, after described according to described to-be-visited file title, after determining to-be-accessed file, also comprising: 通过hook层和所述待访问文件名称进行hook,以获取所述待访问文件。Hooking is performed through the hook layer and the name of the file to be accessed to obtain the file to be accessed. 6.如权利要求1~3中任一项所述的内核VFS层系统修复方法,其特征在于,所述在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件之前,还包括:6. the kernel VFS layer system repairing method as described in any one in claim 1~3, it is characterized in that, when described to-be-accessed file exists mark, determine the place according to described file list and described diff file Before describing the target difference file corresponding to the file to be accessed, it also includes: 对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识。An identifier detection is performed on the file to be accessed to determine whether there is an identifier in the file to be accessed. 7.如权利要求6所述的内核VFS层系统修复方法,其特征在于,所述对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识,包括:7. the kernel VFS layer system repairing method as claimed in claim 6, is characterized in that, described file to be accessed is carried out identification detection, to judge whether there is identification in described file to be accessed, comprising: 获取所述待访问文件对应的待检测索引节点;Acquiring the index node to be detected corresponding to the file to be accessed; 检测所述待检测索引节点中是否存在标识信息,获得检测结果;Detecting whether identification information exists in the index node to be detected, and obtaining a detection result; 根据所述检测结果判断所述待访问文件中是否存在标识。Judging whether there is an identifier in the file to be accessed according to the detection result. 8.如权利要求7所述的内核VFS层系统修复方法,其特征在于,所述根据所述检测结果判断所述待访问文件中是否存在标识之后,还包括:8. the kernel VFS layer system repair method as claimed in claim 7, is characterized in that, after described according to described detection result judges whether there is mark in described to-be-accessed file, also comprises: 在所述检测结果为所述待检测索引节点中存在标识信息时,判定所述待访问文件中存在标识;When the detection result is that identification information exists in the index node to be detected, it is determined that an identification exists in the file to be accessed; 在所述检测结果为所述待检测索引节点中不存在标识信息时,判定所述待访问文件中不存在标识。When the detection result is that there is no identification information in the index node to be detected, it is determined that there is no identification information in the file to be accessed. 9.如权利要求6所述的内核VFS层系统修复方法,其特征在于,所述对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识之后,还包括:9. The kernel VFS layer system repairing method as claimed in claim 6, is characterized in that, described file to be accessed is carried out identification detection, after judging whether there is identification in described file to be accessed, also comprises: 在所述待访问文件不存在标识时,将所述待访问文件作为目标文件。When the file to be accessed does not have an identifier, the file to be accessed is used as the target file. 10.如权利要求1~3中任一项所述的内核VFS层系统修复方法,其特征在于,所述在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件,包括:10. the kernel VFS layer system repairing method as described in any one in claim 1~3, it is characterized in that, when described to-be-visited file exists sign, determine the place according to described file list and described diff file Describe the target difference file corresponding to the file to be accessed, including: 在所述待访问文件存在标识时,在所述文件列表中匹配与所述待访问文件对应的目标修改文件信息;When the file to be accessed has an identifier, match the target modification file information corresponding to the file to be accessed in the file list; 根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件。Determine a target difference file corresponding to the file to be accessed according to the target modification file information and the diff file. 11.如权利要求10所述的内核VFS层系统修复方法,其特征在于,所述根据所述目标修改文件信息和所述diff文件确定所述待访问文件对应的目标差异文件之后,还包括:11. the kernel VFS layer system repairing method as claimed in claim 10, is characterized in that, after described according to described target modification file information and described diff file determination described to-be-visited target difference file corresponding, also comprise: 从所述目标修改文件信息中提取目标文件路径;extracting the target file path from the target modification file information; 根据所述目标文件路径从所述diff文件中获取所述目标差异文件。The target difference file is obtained from the diff file according to the target file path. 12.如权利要求1~3中任一项所述的内核VFS层系统修复方法,其特征在于,所述根据所述目标差异文件和所述待访问文件生成目标文件,包括:12. The method for repairing the kernel VFS layer system according to any one of claims 1 to 3, wherein said generating target file according to said target difference file and said file to be accessed comprises: 从所述目标差异文件中提取目标差异数据;extracting target difference data from the target difference file; 根据所述目标差异数据对所述待访问文件进行数据还原,以生成目标文件。Data restoration is performed on the file to be accessed according to the target difference data to generate a target file. 13.一种内核VFS层系统修复装置,其特征在于,所述内核VFS层系统修复装置包括:13. A kind of kernel VFS layer system repairing device, it is characterized in that, described kernel VFS layer system repairing device comprises: 补丁包模块,用于在接收到补丁包时,从所述补丁包中提取文件列表和diff文件,所述补丁包由服务器将有漏洞文件与无漏洞文件进行diff得到;The patch package module is used to extract the file list and the diff file from the patch package when receiving the patch package, and the patch package is obtained by diffing the files with vulnerabilities and the files without vulnerabilities by the server; 文件标识模块,用于将所述文件列表加载到内存中,根据所述文件列表确定修改文件,并对所述修改文件进行标识;A file identification module, configured to load the file list into the memory, determine the modified file according to the file list, and identify the modified file; 文件访问模块,用于在接收到访问请求时,根据所述访问请求确定待访问文件;A file access module, configured to determine the file to be accessed according to the access request when receiving the access request; 差异文件模块,用于在所述待访问文件存在标识时,根据所述文件列表和所述diff文件确定所述待访问文件对应的目标差异文件;A difference file module, configured to determine a target difference file corresponding to the file to be accessed according to the file list and the diff file when the file to be accessed has an identifier; 目标文件模块,用于根据所述目标差异文件和所述待访问文件生成目标文件。A target file module, configured to generate a target file according to the target difference file and the file to be accessed. 14.如权利要求13所述的内核VFS层系统修复装置,其特征在于,所述文件标识模块,具体包括:将所述文件列表加载到内存中,并根据所述文件列表确定修改文件信息;从所述修改文件信息中提取修改文件名称,并根据所述修改文件名称确定修改文件;根据所述修改文件添加标识信息,以对所述修改文件进行标识。14. The kernel VFS layer system repairing device as claimed in claim 13, wherein the file identification module specifically includes: loading the file list into memory, and determining the modification file information according to the file list; Extracting the modified file name from the modified file information, and determining the modified file according to the modified file name; adding identification information according to the modified file to identify the modified file. 15.如权利要求14所述的内核VFS层系统修复装置,其特征在于,所述文件标识模块,具体包括:获取所述修改文件对应的索引节点;在所述索引节点中添加标识信息,以对所述修改文件进行标识。15. The kernel VFS layer system repairing device as claimed in claim 14, wherein the file identification module specifically includes: obtaining the index node corresponding to the modified file; adding identification information in the index node to Identify the modified file. 16.如权利要求13~15中任一项所述的内核VFS层系统修复装置,其特征在于,所述文件访问模块,具体包括:在通过hook层检测到访问请求时,接收所述访问请求;从所述访问请求中提取待访问文件信息,并从所述待访问文件信息中提取待访问文件名称;根据所述待访问文件名称确定待访问文件。16. The kernel VFS layer system repairing device according to any one of claims 13 to 15, wherein the file access module specifically includes: when an access request is detected by the hook layer, receiving the access request ; Extracting the information of the file to be accessed from the access request, and extracting the name of the file to be accessed from the information of the file to be accessed; determining the file to be accessed according to the name of the file to be accessed. 17.如权利要求16所述的内核VFS层系统修复装置,其特征在于,所述文件访问模块,还用于通过hook层和所述待访问文件名称进行hook,以获取所述待访问文件。17. The device for repairing the kernel VFS layer system according to claim 16, wherein the file access module is further configured to hook through the hook layer and the name of the file to be accessed to obtain the file to be accessed. 18.如权利要求13~15中任一项所述的内核VFS层系统修复装置,其特征在于,所述差异文件模块,还用于对所述待访问文件进行标识检测,以判断所述待访问文件中是否存在标识。18. The device for repairing the kernel VFS layer system according to any one of claims 13 to 15, wherein the difference file module is also used to carry out identification detection to the file to be accessed, so as to judge the file to be accessed. Accesses whether the id exists in the file. 19.一种内核VFS层系统修复设备,其特征在于,所述内核VFS层系统修复设备包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的内核VFS层系统修复程序,所述内核VFS层系统修复程序配置有实现如权利要求1至12中任一项所述的内核VFS层系统修复方法的步骤。19. A kind of kernel VFS layer system repair equipment, it is characterized in that, described kernel VFS layer system repair equipment comprises: memory, processor and are stored on described memory and can run on the kernel VFS layer system of described processor A repair program, the kernel VFS layer system repair program is configured with the steps of realizing the kernel VFS layer system repair method according to any one of claims 1 to 12. 20.一种存储介质,其特征在于,所述存储介质上存储有内核VFS层系统修复程序,所述内核VFS层系统修复程序被处理器执行时实现如权利要求1至12中任一项所述的内核VFS层系统修复方法的步骤。20. A storage medium, characterized in that a kernel VFS layer system repair program is stored on the storage medium, and when the kernel VFS layer system repair program is executed by a processor, it is realized as described in any one of claims 1 to 12 The steps of the above-mentioned kernel VFS layer system repair method.
CN202011542234.0A 2020-12-23 2020-12-23 Kernel VFS layer system repairing method, device, equipment and storage medium Active CN112541182B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011542234.0A CN112541182B (en) 2020-12-23 2020-12-23 Kernel VFS layer system repairing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011542234.0A CN112541182B (en) 2020-12-23 2020-12-23 Kernel VFS layer system repairing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112541182A CN112541182A (en) 2021-03-23
CN112541182B true CN112541182B (en) 2022-11-04

Family

ID=75017176

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011542234.0A Active CN112541182B (en) 2020-12-23 2020-12-23 Kernel VFS layer system repairing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112541182B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745158A (en) * 2014-01-26 2014-04-23 北京奇虎科技有限公司 Method and device for repairing system bugs
CN105160253A (en) * 2015-09-29 2015-12-16 网易(杭州)网络有限公司 Client program restoration method, apparatus and system and server
CN106921731A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak restorative procedure and device
CN106919843A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak repair system, method and apparatus

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745158A (en) * 2014-01-26 2014-04-23 北京奇虎科技有限公司 Method and device for repairing system bugs
CN105160253A (en) * 2015-09-29 2015-12-16 网易(杭州)网络有限公司 Client program restoration method, apparatus and system and server
CN106921731A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak restorative procedure and device
CN106919843A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak repair system, method and apparatus

Also Published As

Publication number Publication date
CN112541182A (en) 2021-03-23

Similar Documents

Publication Publication Date Title
CN110287696B (en) Detection method, device and equipment for rebound shell process
CN110727597B (en) A method for troubleshooting invalid code completion use cases based on logs
CN110147320A (en) Interface test method, device and electronic equipment
CN114417335B (en) Malicious file detection method, device, electronic device and storage medium
CN114564158B (en) Method, device, device and medium for controlling document printing under Linux system
US20170199889A1 (en) Method and device for identifying junk picture files
CN106776105B (en) System startup file checking and compiling method
CN108846129B (en) Storage data access method, device and storage medium
WO2024078348A1 (en) Method and apparatus for processing registry operation in application porting environment, and medium
CN110244945A (en) Interface document generation method and terminal equipment
CN105550573A (en) Bundled software interception method and apparatus
CN115454827B (en) Compatibility detection method, system, equipment and medium
CN106484779B (en) File operation method and device
CN112541182B (en) Kernel VFS layer system repairing method, device, equipment and storage medium
CN105786650A (en) Data management method and device
CN109002710B (en) Detection method, detection device and computer readable storage medium
CN111143293B (en) Metadata acquisition method, device, equipment and computer readable storage medium
CN104572943B (en) Exempt from installation procedure method for cleaning and device
CN114489787B (en) Software component analysis method, device, electronic equipment and storage medium
CN106201601A (en) A kind of file clean-up method, electronic equipment and server
CN115080114B (en) Application program transplanting processing method, device and medium
CN111124545A (en) Application program starting method and device, electronic equipment and storage medium
CN112579357B (en) Snapshot difference obtaining method, device, equipment and storage medium
WO2016000553A1 (en) Junk directory authentication method and apparatus
CN115687714A (en) Storage data access method, device, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant