(19)
(11)EP 2 434 394 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
21.10.2015 Bulletin 2015/43

(21)Application number: 10845571.8

(22)Date of filing:  30.10.2010
(51)International Patent Classification (IPC): 
G06F 9/445(2006.01)
(86)International application number:
PCT/CN2010/078271
(87)International publication number:
WO 2011/097901 (18.08.2011 Gazette  2011/33)

(54)

METHOD, DEVICE AND SYSTEM FOR ACTIVATING ON-LINE PATCH

VERFAHREN, VORRICHTUNG UND SYSTEM ZUR AKTIVIERUNG EINES ONLINE-PATCH

PROCÉDÉ, DISPOSITIF ET SYSTÈME D'ACTIVATION D'UN CORRECTIF EN LIGNE


(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

(30)Priority: 11.02.2010 CN 201010113646

(43)Date of publication of application:
28.03.2012 Bulletin 2012/13

(73)Proprietor: Huawei Technologies Co., Ltd.
Longgang District Shenzhen, Guangdong 518129 (CN)

(72)Inventors:
  • YU, Jiaqiang
    Shenzhen Guangdong 518129 (CN)
  • ZHENG, Wei
    Shenzhen Guangdong 518129 (CN)

(74)Representative: Thun, Clemens 
Mitscherlich PartmbB Patent- und Rechtsanwälte Sonnenstraße 33
80331 München
80331 München (DE)


(56)References cited: : 
WO-A1-03/009136
CN-A- 101 004 681
CN-A- 101 482 834
US-A1- 2006 015 855
CN-A- 1 737 773
CN-A- 101 004 681
CN-A- 101 482 834
  
  • Sam242: "API hooking for hotpatchable operating systems", Platforms, Frameworks & Libraries > Win32/64 SDK & OS > General, 28 June 2008 (2008-06-28), pages 1-4, XP55022263, Retrieved from the Internet: URL:http://www.codeproject.com/Articles/27 339/API-hooking-for-hotpatchable-operating -systems [retrieved on 2012-03-19]
  
Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


Description

Field of the Invention



[0001] The present invention relates to the technical field of computers, and more particularly, to a method, a device and a system for activating on-line patches.

Background of the Related Art



[0002] Widely used in various types of software, on-line patches are patches that become effective during running of programs without restarting the programs. Referring to Fig. 1, the basic principle for activating an on-line patch is to replace the instruction at the entry of an original function (namely a to-be-patched function) with a jump instruction, and then to jump the program that invokes the original function to a patch function for execution through the replacing jump instruction. With the wide application of the Linux X86 system in the telecommunication field, it is also required for the application software in the Linux system to be patched on-line. However, due to the characteristics of the instructions of the X86 system and the scheduling mode of the Linux, the patch activating mode for simply modifying the instruction at the entry of a replaced function to a jump instruction becomes not entirely reliable, and cannot satisfy the requirements on the reliability of telecommunications software.

[0003] Referring to Fig. 2, in the Linux X86 system, unconditional jump instructions occupies five bytes, three instructions at the entry of the original function will be covered in most cases while an on-line patch is activated, and the segment of the five bytes occupied by the three instructions in the original function is referred to as a critical segment. If instructions at the entry of the original function are directly replaced with jump instructions while an on-line patch is activated, when there are plural threads in a progress, the circumstance may occur in which threads are switched precisely when a certain thread is executed to the critical segment (when executed to a first or a second instruction, for instance); if the on-line patch is activated at this time, abnormality will occur in the program after the thread is switched back, because the code of the critical segment of the original function has been covered by the new jump instruction.

[0004] Usually employed in the prior art is the Pannus patching technology, which specifically includes the following processes:
  1. (1) suspending the progress of the original function by using the function ptrace;
  2. (2) checking whether the values of the extended instruction pointers (EIP) of all threads of the original function are at the critical segment;
  3. (3) writing a jump instruction at the entry of a patch function if none of the EIP values of the threads is at the critical segment, and restoring executing the progress;
  4. (4) restoring executing the progress for a period of time if there is/are EIP value(s) of the thread(s) at the critical segment, and suspending the progress again for checkup; and
  5. (5) returning failing of activating the patch if the patch can still not be activated after several rounds of checkups (10 rounds, for instance, as this can be self-defined).


[0005] Since the Pannus patching technology firstly suspends the progress of the original function and then checks whether the EIP values of all threads are in the critical segment, program abnormality occurring due to direct writing can be avoided to a certain extent.

[0006] However, the inventors found in the prior art during the process of implementing the present invention:

since only the EIP value of the current thread is checked prior to replacing the function, once there is a thread in the signal processing function, and the return address of the signal is in the critical segment, there will be program error when the thread returns after processing the signal processing function, because the critical segment has already been covered by the jump instruction. Accordingly, the security and reliability in activating patches can still not be guaranteed by such prior art technical solution.



[0007] Patent Publication Number. CN 101004681 A provides a method for implementing long jumping dynamic patch in an embedded system, which solves the problem of damage of the patched function caused by that the machine code of the patched function executable sentence can be covered when the conventional dynamic patch updated. The method includes the following steps: Step A: distributing internal memory for the patch small function region and the patch function region in the short jumping address range where the patched function is; writing the short jumping address corresponding to the patch small function and the patch function address corresponding to the patch function into a patch file; Step B: when uploading the patch function to the internal memory, preparing the corresponding short jumping instruction for the introduction instruction of the patched function; preparing the corresponding long jumping instruction to the small function subjected by short jumping of the patched function; Step C: when activating the patch, substituting the short jumping instruction to the first instruction of the introduction of the patched function; and short-jumping to the small function and then jumping to the patch function to realize long jumping during dynamic patch update. The invention meets the requirement of the embedded software patch on long jumping.

[0008] Patent Publication Number. WO 03/009136 A1 provides that a software updating system, which is capable of updating software modules in the digital products by use of software patches. Figure 7 shows how an exemplary Patch-Control-Block handles the jump to patch program area. A short jump 706 takes the execution from software section 710 to Patch-Control-Block 709, which works as a Patch-Control-Routine. A second jump 711 takes the execution to patch start address 702 of patch program 707. Upon execution of patch program 707, it jumps back to end of the software section 710.

[0009] Patent Publication Number. CN 101482834 A discloses an online patch activation method, which includes: the patch activation thread sends a trigger signal to at least one service thread; obtains the examination result of the at least one service thread related to the trigger signal; determining that all addresses of the current service thread, which are interrupted by signal, are not located in the critical section of the to-be-patched function according to the judgment result of the service thread, wherein the signal interrupting the service thread comprises the trigger signal; and modifies the entry instruction in the critical section of the to-be-patched function into a jump instruction jumping to the patch function.

[0010] Sam242: "API hooking for hotpatchable operating systems" provides that a new compiler option, and hot patch, which includes: a) puts a 2 byte instruction "mov edi, edi" at the beginning of every function; b) implies the / functionpadmin linker switch, which reserves 5 bytes of space in memory before every function. The 5 bytes of nops can be over-written with a long jump opcode and a 4 byte address.

Summary of the Invention



[0011] The present invention is to provide a method and a system for activating software on-line patches, so as to enhance the security and reliability in activating on-line patches of application software.

[0012] The present invention is realized by the following technical solutions.

[0013] A method for activating an on-line patch, applied in a communication system, comprising at least one CPU, a memory and a compiler, the CPU having a Linux operating system running thereon, the Linux operating system having at least one application program running thereon, and the application program being associated with a patch management thread and at least one service thread, wherein the memory is loaded with the application program and a patch file, wherein the application program includes at least one to-be-patched function and the patch file includes a patch function, including:

reserving, by a compiler, while the application program is compiled, a middle segment before or

after an entry position of each function of the at least one to-be-patched function of the application program;

positioning, by the patch management thread, an address of the patch function and an entry address of the to-be-patched function;

writing, by the patch management thread, in the middle segment, a long-jump instruction for jumping to the patch function based on the address of the patch function and the entry address of the to-be-patched function, where the middle segment is the storage space, which is located before or after the entry position of the to-be-patched function and is capable of at least storing one long-jump instruction, and the entry address of the to-be-patched function represents the entry position of the to-be-patched function; and

modifying, by the patch management thread, an instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment;

executing, by the service thread, the short-jump instruction at the entry position of the to-be-patched function, to jump to the middle segment, and to jump to and to execute the patch function through that the long-jump instruction for jumping to the patch function in the middle segment is executed, wherein the middle segment includes one or more instructions, and the long-jump instruction for jumping to the patch function is one of the one or more instructions;

the process of reserving, while the application program is compiled, the middle segment before or after an entry position of each function of the at least one to-be-patched function of the application program includes:

searching for a keyword string representing a function in an assembly file, after a source file of the application program is compiled to generate the assembly file;

inserting an initial instruction with a specified number of bytes, before or after the entry position of the function indicated by each searched keyword string representing the function, to reserve the middle segment, wherein the specified number of bytes represents the size of the middle segment and the initial instruction is an all-null instruction or an all-zero instruction; and

when the all-null instruction or the all-zero instruction with the specified number of bytes has been inserted before or after the entry position of each function of the at least one to-be-patched function, recompiling the assembly file inserted with the initial instruction which is the all-null instruction or the all-zero instruction to generate a new assembly file, compiling the new assembly file to generate a target file, and linking a plurality of target files to generate an executable file of the application program.



[0014] A communication system, comprising at least one CPU, a memory and a compiler, the CPU having a Linux operating system running thereon, the Linux operating system having at least one application program running thereon, and the application program being associated with a patch management thread and at least one service thread, wherein
the memory is loaded with the application program and a patch file, wherein the application program includes at least one to-be-patched function and the patch file includes a patch function, and there is a storage space capable of at least storing one long-jump instruction before or after an entry position of the to-be-patched function;
the compiler is configured to reserve, while the application program is compiled, a storage space capable of at least storing one long-jump instruction before or after an entry position of each function of the at least one to-be-patched function of the application program;
the patch management thread is configured, in the running process of the application program, to position an address of the patch function and an entry address of the to-be-patched function, to write, in the storage space, a long-jump instruction for jumping to the patch function, and to modify an instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space, and the entry address of the to-be-patched function represents the entry position of the to-be-patched function; and
the service thread is configured to execute the short-jump instruction at the entry position of the to-be-patched function, to jump to the storage space, and to jump to and to execute the patch function through that the long-jump instruction for jumping to the patch function in the storage space is executed, wherein the storage space includes one or more instructions, and the long-jump instruction for jumping to the patch function is one of the one or more instructions;
wherein the compiler is specifically configured to search for a keyword string representing a function in an assembly file, after a source file of the application program is compiled to generate the assembly file; to insert the initial instruction with a specified number of bytes, before or after the entry position of the function indicated by each searched keyword string representing the function to reserve the storage space capable of at least storing one long-jump instruction and the initial instruction is an all-null instruction or an all-zero instruction; and to recompile, when the all-null instruction or the all-zero instruction with the specified number of bytes has been inserted before or after the entry position of each function of the at least one to-be-patched function, the assembly file inserted with the initial instruction which is the all-null instruction or the all-zero instruction to generate a new assembly file, to compile the new assembly file to generate a target file, and to link a plurality of target files to generate an executable file of the application program, wherein the specified number of bytes represents the size of the storage space.

[0015] Seen as such, the embodiments of the present invention write, in the storage space, the long-jump instruction for jumping to the patch function before or after the function of the application program, modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space, and enable the patch to become effect by jumping through that the instructions in the storage space are executed while the patch is activated. Since the operation of modifying the instruction at the entry position of the function is an atomic operation, i.e. the lengths of the instruction prior to the modification and the modified instruction are identical, it suffices to modify only one instruction, and there is no need to cover other instructions in the critical segment, thereby avoiding the existing hidden troubles about the security and reliability in activating patches in the prior art under the multi-thread scheduling mechanism caused by the fact that, since the system makes use of a complicated set of instructions, the jump instruction will cover plural instructions at the entry of the function when an on-line patch is activated for application software. Accordingly, the method according to the embodiments of the present invention can ensure the security and reliability in activating on-line patches of the software under the multi-thread condition, and does not interrupt the service.

Brief Description of the Drawings



[0016] To make more clear the explanation to the technical solutions in the embodiments of the present invention or in the prior art, the accompanying drawings to be used in the description of the embodiments or of the prior art will be briefly illustrated below.

Fig. 1 is a schematic diagram illustrating the principle for activating patches in the prior art;

Fig. 2 is a schematic diagram illustrating the critical segment in the prior art;

Fig. 3a is a schematic diagram illustrating the structure of the communication system according to the embodiments of the present invention;

Fig. 3b is a schematic diagram illustrating local logic of the communication system according to the embodiments of the present invention;

Fig. 4 is a schematic diagram illustrating the fabrication and management of an on-line patch according to the embodiments of the present invention;

Fig. 5 is a schematic diagram illustrating the flow of a method for activating a software on-line patch according to the embodiments of the present invention;

Fig. 6 is a schematic diagram illustrating the flow of another method for activating a software on-line patch according to the embodiments of the present invention;

Fig. 7 is a schematic diagram illustrating the principle of a method for activating a software on-line patch according to the embodiments of the present invention;

Fig. 8 is a schematic diagram illustrating the flow of a method for reserving a middle segment in S201 of Fig. 6;

Fig. 9 is a schematic diagram illustrating the principle of a traditional process for compiling an application program;

Fig. 10 is a schematic diagram illustrating the flow of another method for reserving a middle segment in S201 of Fig. 6;

Fig. 11 is a schematic diagram illustrating the specific flow of S2022 in Fig. 10;

Fig. 12 is a schematic diagram illustrating comparison of the effects prior to and after inserting the middle segment in the assembly file according to the embodiments of the present invention; and

Fig. 13 is a schematic diagram illustrating the structure of a patch managing device according to the embodiments of the present invention.


Detailed Description of the Invention



[0017] To make more clear the objectives, technical solutions and advantages of the embodiments of the present invention, the technical solutions according to the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Apparently, the embodiments as described below are merely partial, rather than entire, embodiments of the present invention. On the basis of the embodiments of the present invention, all other embodiments obtained by the persons skilled in the art without paying any creative effort shall all fall within the protection scope of the present invention.

[0018] Referring to Figs. 3a and 3b, which are schematic diagrams illustrating the structure of the communication system according to the embodiments of the present invention, the communication system according to the embodiments of the present invention supports activation of software on-line patches under the multi-thread environment. As should be explained, Fig. 3a includes three CPUs (CPU1, CPU2, CPU3) that access memory 30 via bus 20. As should be understood, the communication system according to the embodiments of the present invention can include one CPU, namely a communication system with a single CPU, and can also include a plurality of CPUs, namely a multi-CPU (multi-core) communication system. That is to say, the communication system according to the embodiments of the present invention includes at least one CPU and a memory, the CPU has an operating system running thereon, the operating system has at least one application program (also referred to as "software") running thereon, and the application program is associated with a patch management thread and at least one service thread. As should be explained, the patch management thread can be either a thread inside the to-be-patched program, or a thread independent of all to-be-patched programs.

[0019] The memory is loaded with an application program including at least one to-be-patched function and a patch file including a patch function, wherein a storage space capable of at least storing one long-jump instruction is located before or after the entry position of the to-be-patched function. The storage space in this context can for instance be within 128 bytes before or after the entry position of the function (also referred to as "initial position of the function"), and can specifically be within six bytes before the entry position of the function.

[0020] The patch management thread is configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a long-jump instruction for jumping to the patch function, and to modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space. The service thread is configured to execute the short-jump instruction at the entry position of the to-be-patched function, jumping to the storage space, and to jump to and execute the patch function through that the instructions in the storage space are executed, thereby making effective the on-line patch.

[0021] To facilitate the subsequent description, the original instruction at the entry position of the to-be-patched function modified to the short-jump instruction is referred to as instruction A in this context.

[0022] The patch management thread is specifically configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a long-jump instruction for jumping to the patch function, or to write a reverse operating instruction to the operating instruction located before instruction A and a long-jump instruction for jumping to the patch function, and to modify instruction A at the entry position of the to-be-patched function and with a length greater than or equal to two bytes to a short-jump instruction for jumping to the storage space.

[0023] Specifically, if instruction A is a first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes, the long-jump instruction for jumping to the patch function is written in the storage space; alternatively, if instruction A is a non-first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes, the reverse operating instruction to the operating instruction located before instruction A and the long-jump instruction for jumping to the patch function are written in the storage space.

[0024] In one specific implementation mode, the patch management thread is specifically configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a Pop from Stack instruction pop and a long-jump instruction for jumping to the patch function, and to modify the instruction move after the Push onto Stack instruction push at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space.

[0025] The communication system according to the embodiments of the present invention further comprises a compiler (not shown in the drawings) configured to reserve, while a to-be-patched program is compiled, a storage space capable of at least storing one long-jump instruction before or after the entry position of each function of the to-be-patched program. The storage space capable of at least storing one long-jump instruction and located before or after the entry position of the to-be-patched function in this context can be referred to as a middle segment.

[0026] In an example, the compiler is specifically configured to output an initial instruction with a number of bytes specified by a compiling option to reserve the storage space (middle segment) capable of at least storing one long-jump instruction, when a function associated with the to-be-patched program is compiled, according to the compiling option that controls reservation of the storage space and size of the storage space, to generate assembly instructions and before the assembly function name of the function is outputted.

[0027] The compiler is specifically configured to search for a keyword string representing the function in an assembly file, after the source file of the to-be-patched program is compiled to generate the assembly file; insert the initial instruction with a specified number of bytes before or after the entry position of the function indicted by the searched keyword string representing the function to reserve the storage space (middle segment) capable of at least storing one long-jump instruction; and recompile the assembly file inserted with the aforementioned initial instruction to generate a new assembly file, compile the new assembly file to generate a target file, and link a plurality of target files to generate an executable file of the to-be-patched program, wherein the specified number of bytes represents the size of the storage space (middle segment).

[0028] In an example a compiling program is further run on the operating system for reserving, while the to-be-patched program is compiled, a storage space capable of at least storing one long-jump instruction before or after the entry position of each function of the to-be-patched program. Refer to the foregoing contents about the compiler for the specific operating process of the compiling program, while no repetition will be made here.

[0029] As should be explained, the patch management thread and the at least one service thread can belong to the same progress, i.e. the patching operation can be completed in a single progress; thus, all threads in the single progress can share accessing the user state storage segment (namely the progress space); within the single progress, the patch management thread writes the long-jump instruction in the storage space (middle segment) before or after the entry position of the to-be-patched function and capable of storing at least one long-jump instruction, and modifies the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space.

[0030] Under another implementation, the patch management thread and the at least one service thread in this context can also belong to different progresses; for instance, the patch management thread belongs to progress A, and the at least one service thread belongs to progress B.

[0031] As should be explained, a task is the mapping of running of a code; as seen from the perspective of the system, a task is the smallest running unit that competes for system resources. The task can use or wait for system resources such as CPU, I/O device and memory space, is independent of other tasks, and runs concurrently therewith. Under the Linux and Win32 systems, the task corresponds to the concept of a thread.

[0032] As should be understood, the communication system according to the embodiments of the present invention can specifically be the Linux X86 system, or the Linux X64 system, and can also be a quasi-Unix system such as Solaris or aix, etc. For example, in case of the Linux X86 system, the communication system includes at least one CPU with the X86 architecture, wherein a Linux operating system is run on the CPU, at least one application program (also referred to as "software") is run on the Linux operating system, and the application program is associated with a patch management thread and at least one service thread (whose specific functions are identical with those discussed above, so that they are not repetitively described here).

[0033] Seen as such, the embodiments of the present invention write, in the storage space, the long-jump instruction for jumping to the patch function before or after the entry position of the function of the to-be-patched program, modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space (middle segment), and enable the patch to become effective by jumping through that the instructions in the middle segment are executed while the patch is activated. Since the operation of modifying the instruction at the entry position of the function is an atomic operation, i.e. the lengths of the instruction prior to the modification and the modified instruction are identical, it suffices to modify only one instruction, and there is no need to cover other instructions in the critical segment, thereby avoiding the existing hidden troubles about the security and reliability in activating patches in the prior art under the multi-thread scheduling mechanism caused by the fact that, since the system makes use of a complicated set of instructions, the jump instruction will cover a plurality of instructions at the entry of the function when an on-line patch is activated for application software (i.e. a circumstance occurs in which threads are switched precisely when a certain thread is executed to the critical segment (namely the instruction segment at the entry of the to-be-patched function), if the on-line patch is activated at this time, abnormality will occur for the program after the thread is switched back, because the critical segment of the original function has been covered by the new jump instruction; or, an error will occur for the program when a thread returns after processing the signal processing function (the return address of the signal is in the critical segment), because the critical segment has already been covered by the jump instruction). Accordingly, the method according to the embodiments of the present invention can ensure the security and reliability in activating on-line patches of the software under the multi-thread condition, and does not interrupt the service.

[0034] Refer to Fig. 4, which is a schematic diagram illustrating the fabrication and management of an on-line patch according to the embodiments of the present invention. As shown in Fig. 4, the patch fabricating process is as follows: after the on-line patch is fabricated at the background using a patching tool, the source code of the patch is compiled into a target file, and the symbol file (in an absolute or relative positioning form) of a to-be-patched program and the target file of a patch program are fabricated by a patch fabricating tool to generate an on-line patch file.

[0035] The patch managing process is as follows: the aforementioned on-line patch file (also referred to as "hot patch file") is read into a memory, and the patch is loaded into a patch segment and activated to become effective.

[0036] Referring to Fig. 5, which is a schematic diagram illustrating the flow of a method for activating an on-line patch according to the embodiments of the present invention, the method is applicable to a communication system comprising at least one CPU and a memory, wherein the CPU has an operating system running thereon, the operating system has at least one application program (also referred to as "software") running thereon, and the application program is associated with a patch management thread and at least one service thread. Specifically, the execution subject of the method can be the patch management thread associated with the to-be-patched program, wherein the method may include the following processes:

S101: positioning an address of a patch function and an entry address of a to-be-patched function.



[0037] Specifically, the address of the patch function and the entry address of the to-be-patched function are positioned in the running process of the to-be-patched program, wherein, specifically, patch function address information is read from a data array in the memory.

[0038] As should be explained, as shown in Fig. 4, if the patch function address information in the patch file is an absolute address, the patch function address information contained in the patch file is directly stored in the assigned data array in the memory during the process of loading the patch.

[0039] If the patch function address information in the patch file is a relative address (non-absolute address), the absolute address of the patch function is obtained by calculating according to the relative address of the patch function, and the calculation result is stored in the assigned data array in the memory during the process of loading the patch.

[0040] S102: writing, in a middle segment, a long-jump instruction for jumping to the patch function based on the address of the patch function and the entry address of the to-be-patched function, wherein the middle segment is a storage space, which is located before or after the entry position of the to-be-patched function and is capable of at least storing one long-jump instruction.

[0041] The storage space (middle segment) in this context can for instance be within 128 bytes before or after the entry position of the to-be-patched function (also referred to as "initial position of the function"), and can specifically be within six bytes before the entry position of the function.

[0042] S103: modifying an instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment, so as to jump to the middle segment after the short-jump instruction is executed, and then to jump to and execute the patch function through that instructions in the middle segment are executed, thereby making effective the on-line patch.

[0043] To facilitate the subsequent description, the original instruction at the entry position of the to-be-patched function modified to the short-jump instruction is referred to as instruction A.

[0044] Under one mode of implementation, instruction A is the first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes.

[0045] Under another implementation mode, instruction A is the non-first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes, in which case the process of writing a long-jump instruction for jumping to the patch function in a middle segment in S102 can specifically be: writing, in the middle segment, a reverse operating instruction to the operating instruction located before instruction A and a long-jump instruction for jumping to the patch function.

[0046] In one specific embodiment of the present invention, instruction A is an instruction (namely the second instruction) after the Push onto Stack instruction push at the entry position of the to-be-patched function, and the reverse operating instruction to the operating instruction push located before instruction A is a Pop from Stack instruction pop. Correspondingly, the Pop from Stack instruction pop and the long-jump instruction for jumping to the patch function are written in the middle segment, and the instruction (namely the second instruction) after the Push onto Stack instruction push at the entry position of the to-be-patched function is modified to a short-jump instruction for jumping to the middle segment.

[0047] The middle segment can be reserved before or after the entry position of each function of a to-be-patched program while the program is compiled. Under one implementation mode, the method for reserving the middle segment before or after the entry positions of all to-be-patched functions specifically includes the following processes:

outputting an initial instruction with a number of bytes specified by a compiling option to reserve the middle segment, when the function of the to-be-patched program is compiled, according to the compiling option that controls the reservation of the middle segment and the size of the middle segment, to generate assembly instructions, and before the assembly function name of the function is outputted. As should be understood, the initial instruction in this context is configured to occupy the storage space in advance; correspondingly, writing, in the middle segment, the long-jump instruction for jumping to the patch function is to modify the original initial instruction in the storage space to the long-jump instruction (and the reverse operating instruction).



[0048] The method for reserving the middle segment before or after the entry positions of all to-be-patched functions specifically includes the following processes:

searching for a keyword string representing the function in an assembly file, after a source file of the to-be-patched program is compiled to generate the assembly file;

inserting the initial instruction with a specified number of bytes before or after the entry position of the function indicted by the searched keyword string representing the function to reserve the middle segment, wherein the specified number of bytes represents the size of the middle segment; and

recompiling the assembly file inserted with the initial instruction to generate a new assembly file, compiling the new assembly file to generate a target file, and linking a plurality of target files to generate an executable file of the to-be-patched program.



[0049] Seen as such, the embodiments of the present invention write, in the storage space, the long-jump instruction for jumping to the patch function before or after the entry position of the function of the to-be-patched program, modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space (middle segment), and enable the patch to become effective by jumping through that the instructions in the middle segment are executed while the patch is activated. Since the operation of modifying the instruction at the entry position of the function is an atomic operation, i.e. the lengths of the instruction prior to the modification and the modified instruction are identical, it suffices to modify only one instruction, and there is no need to cover other instructions in the critical segment, thereby avoiding the existing hidden troubles about the security and reliability in activating patches in the prior art under the multi-thread scheduling mechanism caused by the fact that, since the system makes use of a complicated set of instructions, the jump instruction will cover a plurality of instructions at the entry of the function when an on-line patch is activated for application software (i.e. a circumstance occurs in which threads are switched precisely when a certain thread is executed to the critical segment (namely the instruction segment at the entry of the to-be-patched function), if the on-line patch is activated at this time, abnormality will occur for the program after the thread is switched back, because the critical segment of the original function has been covered by the new jump instruction; or, an error will occur for the program when a thread returns after processing the signal processing function (the return address of the signal is in the critical segment), because the critical segment has already been covered by the jump instruction). Accordingly, the method according to the embodiments of the present invention can ensure the security and reliability in activating on-line patches of the software under the multi-thread condition, and does not interrupt the service.

[0050] Referring to Fig. 6, which is a schematic diagram illustrating the flow of another method for activating an on-line patch according to the embodiments of the present invention, the method is applicable to a communication system comprising at least one CPU and a memory, wherein the CPU has an operating system running thereon, the operating system has at least one application program (also referred to as "software") running thereon, and the application program is associated with a patch management thread and at least one service thread. Specifically, the execution subject of the method can be the patch management thread associated with the to-be-patched program, wherein the method may include the following processes:

S201: reserving, while an application program is compiled, a middle segment before or after the entry position of each function of the application program.



[0051] Preferably, the middle segment is reserved before the entry position of the function, so as to ensure jumping to the middle segment by using a short-jump instruction short jmp. As shown in Fig. 7, in a specific embodiment of the present invention, the middle segment is located before the entry position of the to-be-patched function, and occupies six bytes (relative to the jump instruction). If an absolute jump instruction is configured or if it is applied in a system of x86-64 bytes, the address space of the reserved middle segment should be correspondingly enlarged.

[0052] S202: loading, if the application program needs to be on-line patched, a patch file including a patch function in the memory in the running process of the application program, and storing the address information of the patch function in the memory.

[0053] Specifically, the address information of the patch function included in the patch file is stored in a data array in the memory or calculated and then stored in the data array in the memory.

[0054] S203: writing, when an event of triggering activation of a patch occurs, in the middle segment a reverse operating instruction pop (namely a Pop from Stack instruction that occupies 1 byte) to the instruction push at the entry position of the to-be-patched function and a long-jump instruction long jmp for jumping to the corresponding patch function based on the entry address of the to-be-patched function and the address information of the patch function read from the memory.

[0055] As shown in Fig. 7, in the specific embodiment of the present invention, the long-jump instruction long jmp can be a relative jump instruction with 5 bytes, or an absolute jump instruction occupying more bytes.

[0056] As shown in Fig. 7, in the specific embodiment of the present invention, the instructions written in the middle segment are one pop instruction and one long jmp instruction. Under another implementation mode, the instructions written in the middle segment may as well be one push instruction, two pop instructions and one long jmp instruction. By the same token, under still another implementation mode of, the instructions written in the middle segment may as well be two push instructions, three pop instructions and one long jmp instruction. As should be understood, the number of pop instructions included in the middle segment is equal to a sum of the number of push instructions included in the critical segment and the number of push instructions included in the middle segment; in other words, the total number of Push onto Stack instructions is equal to the total number of Pop from Stack instructions.

[0057] S204: modifying an instruction after the push instruction (namely a Push onto Stack instruction) at the entry position of the to-be-patched function to a short-jump instruction (which occupies two bytes) for jumping to the middle segment, so as to jump to the middle segment after the short-jump instruction is executed, and then to jump to and execute the patch function through instructions in the middle segment are executed, thereby making the on-line patch activated/effective.

[0058] As should be explained, under still another implementation mode, if the original instruction at the entry position of the to-be-patched function to be modified to the short-jump instruction is the first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes, it suffices in S203 to write the long-jump instruction long jmp for jumping to the patch function in the middle segment.

[0059] As shown in Fig. 7, in the specific embodiment of the present invention, the move instruction after the push instruction at the entry position of the to-be-patched function is modified to a short-jump instruction short jmp for jumping to the middle segment, and the move instruction prior to the modification and the short jmp instruction after the modification have the same lengths of two bytes. The move instruction is the second instruction at the entry position of the to-be-patched function. Since the operation of modifying the second instruction at the entry position of the to-be-patched function is an atomic operation, the method according to the embodiments of the present invention can ensure the security and reliability in making effect the on-line patch.

[0060] Seen as such, the embodiments of the present invention reserve the middle segment before or after the entry position of the function of the to-be-patched program, write the long-jump instruction for jumping to the patch function in the reserved middle segment, modify the instruction, namely the second instruction, after the push instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment, and enable the patch to become effective by jumping through the middle segment while the patch is activated. Since the operation of modifying the second instruction at the entry position of the function is an atomic operation, i.e. the lengths of the instruction prior to the modification and the modified instruction are identical, it suffices to modify only one instruction, and there is no need to cover other instructions in the critical segment, thereby avoiding the existing hidden troubles about the security and reliability in activating patches in the prior art under the multi-thread scheduling mechanism caused by the fact that, since the system makes use of a complicated set of instructions, the jump instruction will cover a plurality of instructions at the entry of the function when an on-line patch is activated for application software (i.e. a circumstance occurs in which threads are switched precisely when a certain thread is executed to the critical segment, if the on-line patch is activated at this time, abnormality will occur for the program after the thread is switched back, because the critical segment of the original function has been covered by the new jump instruction; or, an error will occur for the program when a thread returns after processing the signal processing function (the return address of the signal is in the critical segment), because the critical segment has already been covered by the jump instruction). Accordingly, the method according to the embodiments of the present invention can ensure the security and reliability in activating on-line patches of the software under the multi-thread condition, and does not interrupt the service.

[0061] Referring to Fig. 8, which is a schematic diagram illustrating the flow of a method for reserving a middle segment in an example, the method supports reserving a middle segment before or after the entry position of each function of a to-be-patched program while the program is compiled, and the method is applied in a system that uses an open source compiler gcc. The operation of reserving the middle segment according to the embodiment of the present invention can be achieved by modifying the code of the compiler, and specifically includes the following processes:

S2011 - adding a compiling option in the code of a compiler for compiling a to-be-patched program, the compiling option for controlling reservation of the middle segment and size of the middle segment.

S2012 - outputting an initial instruction with a number of bytes specified by a compiling option to reserve the middle segment, when the function of the to-be-patched program is compiled, according to the compiling option, to generate assembly instructions, and before an assembly function name of the function is outputted.



[0062] The initial instruction in this context can for instance be an all-null instruction or an all-zero instruction.

[0063] Correspondingly, processethe process of writing in the middle segment the pop instruction and the long-jump instruction long jmp in S203 of Fig. 6 is specifically to modify the initial instruction to the pop instruction and the long-jump instruction long jmp.

[0064] As should be explained, in the general version of the system using the open source compiler gcc, it is possible to add the operation of outputting the initial instruction with a number of bytes specified by the compiling option to the assembly file, before outputting a function prefix from assemble_start_function in a Varasm.c file to the code of the assembly file.

[0065] Referring to Fig. 9, which is a schematic diagram illustrating the principle of a traditional process for compiling an application program, the traditional compiling process includes compiling a source file (.c file) by a compiler to a target file (.o file, namely a binary file), and linking a plurality of target files into an executable file.

[0066] Referring to Fig. 10, which is a schematic diagram illustrating the flow of the method for reserving a middle segment according to the embodiments of the present invention, the method supports reserving the middle segment before or after the entry positions of all functions while a to-be-patched program is compiled, and the operation of reserving the middle segment according to the embodiment of the present invention can be achieved by modifying an assembly file generated during the compiling process. The method is not only applicable to the application program compiled by using an open source compiler gcc, but is also applicable to application programs compiled by other compilers not using the open source. The method is specifically presented as reserving the middle segment before the entry position of the function, and includes the following processes:

S2021: compiling a source file (.c file) of a to-be-patched program to an assembly file (.s file); since this pertains to the prior art, it is not repetitively described here.

S2022: reserving the middle segment before entry positions of all functions: searching for a keyword string representing the function in the assembly file as generated by compiling, and inserting an initial instruction with a specified number of bytes before the entry position of the function indicated by each searched keyword string representing the function to reserve the middle segment.
The initial instruction in this context can for instance be an all-null instruction or an all-zero instruction. The specified number of bytes represents the size of the reserved middle segment in this context.

S2023: recompiling the assembly file inserted with the initial instruction to generate a new assembly file; since this pertains to the prior art, it is not repetitively described here.

S2024: compiling the new assembly file to generate a target file; since this pertains to the prior art, it is not repetitively described here.

S2025: linking a plurality of target files to generate the executable file of the to-be-patched program; since this pertains to the prior art, it is not repetitively described here. As should be explained, the executable file as generated in this context is precisely the to-be-patched program in which the middle segment has already been reserved before the entry positions of all functions.



[0067] As shown in Fig. 11, the process of reserving the middle segment before the entry position of the function in S2022 specifically includes the following processes:

S2022a: setting size of the middle segment and an initial instruction to be inserted; wherein the size of the middle segment is represented by the specified number of bytes.
As shown in Figs. 12a and 12b, in one specific embodiment of the present invention, the initial instruction is specifically an all-zero instruction 0 x 90. The specified number of bytes is specifically 6 bytes. Fig. 12a is a schematic diagram illustrating the operation before inserting the all-zero instruction with 6 bytes before the searched entry position of the function, and Fig. 12b is a schematic diagram illustrating the operation after inserting the all-zero instruction with 6 bytes before the searched entry position of the function.

S2022b: searching for a keyword string representing the function in the assembly file; proceeding to S2022c if the keyword string is searched to indicate that the entry position of the function is searched; if not, proceeding to S2022d to terminate the operation of the assembly file.
As shown in Fig. 12, in one specific embodiment of the present invention, the keyword string representing the function in this context is @function; as shown in Fig. 12, two instances of @function are searched.

S2022c: inserting an initial instruction with a specified number of bytes before the searched entry position of the function, returning to execute S2022b, and continuing to search for the next keyword string representing the function until all functions have been searched and the initial instruction with a specified number of bytes has been inserted in the entry position of each function. The effect of inserting the middle segment in the assembly file is as shown in Fig. 12, which compares schematic diagrams illustrating the operations before and after inserting the all-zero instruction with 6 bytes before the searched entry position of the function.



[0068] Refer to Fig. 13, which is a schematic diagram illustrating the structure of a patch managing device according to the embodiments of the present invention. As should be explained, the patch managing device according to the embodiments of the present invention can be understood as the foregoing patch management thread, and the patch management thread involved in the embodiments of the present invention can be represented either in the form of a patch management program independent of various application programs, or a thread within a to-be-patched application program. As shown in Fig. 13, the patch managing device according to this embodiment includes:

an address positioning unit 301, configured to position, in the running process of a to-be-patched application program, an address of a patch function and an entry address of a to-be-patched function associated with the application program;

a long-jump instructing unit 302, configured to write, in a middle segment, a long-jump instruction for jumping to the patch function based on the address of the patch function and the entry address of the to-be-patched function, wherein the middle segment is a storage space, which is located before or after the entry position of the to-be-patched function and is capable of at least storing one long-jump instruction; the storage space (middle segment) in this context can for instance be within 128 bytes before or after the entry position of the to-be-patched function (also referred to as "initial position of the function"), and can specifically be within six bytes before the entry position of the function; and

a short-jump instructing unit 303, configured to modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment, so as to jump to the middle segment after the short-jump instruction is executed, and then to jump to and execute the patch function through instructions in the middle segment are executed.



[0069] To facilitate the subsequent description, the original instruction at the entry position of the to-be-patched function modified to the short-jump instruction is referred to as instruction A.

[0070] Under one implementation mode, instruction A is the first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes.

[0071] Under another implementation mode, instruction A is the non-first instruction at the entry position of the to-be-patched function and has a length greater than or equal to two bytes. Correspondingly, the long-jump instructing unit 302 is specifically configured to write a reverse operating instruction to the operating instruction located before the modified instruction (namely instruction A) and a long-jump instruction for jumping to the patch function based on the address of the patch function and the entry address of the to-be-patched function, wherein the middle segment is a storage space, which is located before or after the entry position of the to-be-patched function and is capable of at least storing one long-jump instruction.

[0072] Correspondingly, the short-jump instructing unit 303 is specifically configured to modify a non-first instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes to a short-jump instruction for jumping to the middle segment, so as to jump to the middle segment after the short-jump instruction is executed, and then to jump to and execute the patch function through that instructions in the middle segment are executed.

[0073] Specifically, the contents disclosed above relevant to the embodiments involving in the method for activating an on-line patch can be referred to for the specific operating processes of all units in this embodiment, while no repetition will be made here.

[0074] The embodiments of the present invention further provide a communication system, which comprises at least one processor core and a memory, the processor core has an operating system running thereon, the operating system has at least one application program running thereon, and the application program is associated with a patch management thread and at least one service thread, wherein:

the memory is loaded with an application program including at least one to-be-patched function and a patch file including a patch function, wherein a storage space capable of storing at least one long-jump instruction is located before or after the entry position of the to-be-patched function;

the patch management thread is configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a long-jump instruction for jumping to the patch function, and to modify the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space; and

the service thread is configured to execute the short-jump instruction to the entry position of the to-be-patched function, jumping to the storage space, and to jump to and execute the patch function through that instructions in the storage space are executed.



[0075] As should be explained, the processor involved in the embodiments of the present invention includes, but is not limited to, single-core processors or multi-core processors; correspondingly, the processor core mentioned in the embodiments of the present invention includes, but is not limited to, a CPU (central processing unit) core, a DSP (digital signal processor) core, and an MPU (micro processor unit) core.

[0076] In summary, the aforementioned embodiment of the present invention reserves the middle segment before or after the entry position of the function of the to-be-patched program, writes, in the reserved middle segment, the long-jump instruction for jumping to the patch function, modifies the instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment, and enables the patch to become effective by jumping through the middle segment while the patch is activated. Since the operation of modifying the instruction at the entry position of the function is an atomic operation, i.e. the lengths of the instruction prior to the modification and the modified instruction are identical, it suffices to modify only one instruction, and there is no need to cover other instructions in the critical segment, thereby avoiding the existing hidden troubles about the security and reliability in activating patches in the prior art under the multi-thread scheduling mechanism caused by the fact that, since the system makes use of a complicated set of instructions, the jump instruction will cover a plurality of instructions at the entry of the function when an on-line patch is activated for application software (i.e. a circumstance occurs in which threads are switched precisely when a certain thread is executed to the critical segment, if the on-line patch is activated at this time, abnormality will occur for the program after the thread is switched back, because the critical segment of the original function has been covered by the new jump instruction; or, an error will occur for the program when a thread returns after processing the signal processing function (the return address of the signal is in the critical segment), because the critical segment has already been covered by the jump instruction). Accordingly, the method according to the embodiments of the present invention can ensure the security and reliability in activating on-line patches of the software under the multi-thread condition, and does not interrupt the service.

[0077] It can be understood to the persons skilled in the art, the entire or partial flows of the methods of the aforementioned embodiments can be executed by a computer program instructing relevant hardware, and the program can be stored in a computer-readable storage medium and, when executed, can include the flows of the aforementioned embodiments for each method. The storage medium can be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM), etc.

[0078] Preferred embodiments are taken for examples above to describe in detail the objectives, technical solutions and advantages of the present invention. As should be understood, the aforementioned embodiments are merely preferred embodiments of the present invention.


Claims

1. A method for activating an on-line patch, applied in a communication system, comprising at least one CPU, a memory and a compiler, the CPU having a Linux operating system running thereon, the Linux operating system having at least one application program running thereon, and the application program being associated with a patch management thread and at least one service thread, wherein the memory is loaded with the application program and a patch file, wherein the application program includes at least one to-be-patched function and the patch file includes a patch function, comprising:

reserving (S201), by a compiler, while the application program is compiled, a middle segment before or after an entry position of each function of the at least one to-be-patched function of the application program;

positioning (S101), by the patch management thread, an address of the patch function and an entry address of the to-be-patched function

writing (S102), by the patch management thread, in the middle segment, a long-jump instruction for jumping to the patch function based on the address of the patch function and the entry address of the to-be-patched function, wherein the middle segment is a storage space, which is located before or after the entry position of the to-be-patched function and is capable of at least storing one long-jump instruction, and the entry address of the to-be-patched function represents the entry position of the to-be-patched function; and

modifying (S103), by the patch management thread, an instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the middle segment;

executing (S103), by the service thread, the short-jump instruction at the entry position of the to-be-patched function, to jump to the middle segment, and to jump to and to execute the patch function through that the long-jump instruction for jumping to the patch function in the middle segment is executed, wherein the middle segment includes one or more instructions, and the long-jump instruction for jumping to the patch function is one of the one or more instructions;

wherein the process of reserving, while the application program is compiled, the middle segment before or after an entry position of each function of the at least one to-be-patched function of the application program comprises:

searching (S2022) for a keyword string representing a function in an assembly file, after a source file of the application program is compiled (S2021) to generate the assembly file;

inserting (S2022) an initial instruction with a specified number of bytes, before or after the entry position of the function indicated by each searched keyword string representing the function, to reserve the middle segment, wherein the specified number of bytes represents the size of the middle segment and the initial instruction is an all-null instruction or an all-zero instruction; and

when the all-null instruction or the all-zero instruction with the specified number of bytes has been inserted before or after the entry position of each function of the at least one to-be-patched function, recompiling (S2023) the assembly file inserted with the initial instruction which is the all-null instruction or the all-zero instruction to generate a new assembly file, compiling (S2024) the new assembly file to generate a target file, and linking a plurality of target files to generate(S2025) an executable file of the application program.


 
2. The method for activating an on-line patch according to claim 1, characterized in that the instruction modified to the short-jump instruction is a first instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes.
 
3. The method for activating an on-line patch according to claim 1, characterized in that the instruction modified to the short-jump instruction is a non-first instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes, the method further comprising: writing, in the middle segment, a reverse operating instruction to a operating instruction which is located before the modified instruction.
 
4. The method for activating an on-line patch according to claim 3, characterized in that the non-first instruction at the entry position of the to-be-patched function is an instruction after a Push onto Stack instruction, push; and that
the reverse operating instruction to the operating instruction located before the modified instruction is a Pop from Stack instruction, pop.
 
5. A communication system, comprising at least one CPU, a memory and a compiler, the CPU having a Linux operating system running thereon, the Linux operating system having at least one application program running thereon, and the application program being associated with a patch management thread and at least one service thread, wherein
the memory is loaded with the application program and a patch file, wherein the application program includes at least one to-be-patched function and the patch file includes a patch function, and there is a storage space capable of at least storing one long-jump instruction before or after an entry position of the to-be-patched function;
the compiler is configured to reserve, while the application program is compiled, a storage space capable of at least storing one long-jump instruction before or after an entry position of each function of the at least one to-be-patched function of the application program;
the patch management thread is configured, in the running process of the application program, to position an address of the patch function and an entry address of the to-be-patched function, to write, in the storage space, a long-jump instruction for jumping to the patch function, and to modify an instruction at the entry position of the to-be-patched function to a short-jump instruction for jumping to the storage space, and the entry address of the to-be-patched function represents the entry position of the to-be-patched function; and
the service thread is configured to execute the short-jump instruction at the entry position of the to-be-patched function, to jump to the storage space, and to jump to and to execute the patch function through that the long-jump instruction for jumping to the patch function in the storage space is executed, wherein the storage space includes one or more instructions, and the long-jump instruction for jumping to the patch function is one of the one or more instructions; wherein the compiler is specifically configured to search for a keyword string representing a function in an assembly file, after a source file of the application program is compiled to generate the assembly file; to insert the initial instruction with a specified number of bytes, before or after the entry position of the function indicated by each searched keyword string representing the function to reserve the storage space capable of at least storing one long-jump instruction and the initial instruction is an all-null instruction or an all-zero instruction; and to recompile, when the all-null instruction or the all-zero instruction with the specified number of bytes has been inserted before or after the entry position of each function of the at least one to-be-patched function, the assembly file inserted with the initial instruction which is the all-null instruction or the all-zero instruction to generate a new assembly file, to compile the new assembly file to generate a target file, and to link a plurality of target files to generate an executable file of the application program, wherein the specified number of bytes represents the size of the storage space.
 
6. The communication system according to claim 5, characterized in that the patch management thread is specifically configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, the long-jump instruction for jumping to the patch function, and to modify the instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes to the short-jump instruction for jumping to the storage space, if the instruction modified to the short-jump instruction is a first instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes.
 
7. The communication system according to claim 5, characterized in that
the patch management thread is specifically configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a reverse operating instruction to an operating instruction located before the modified instruction and a long-jump instruction for jumping to the patch function and to modify the instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes to the short-jump instruction for jumping to the storage space, if the instruction modified to the short-jump instruction is a non-first instruction at the entry position of the to-be-patched function and with a length greater than or equal to two bytes.
 
8. The communication system according to claim 5, characterized in that
the patch management thread is specifically configured, in the running process of the application program, to position the address of the patch function and the entry address of the to-be-patched function, to write, in the storage space, a Pop from Stack instruction, pop and the long-jump instruction for jumping to the patch function, and to modify an instruction after a Push onto Stack instruction, push at the entry position of the to-be-patched function to the short-jump instruction for jumping to the storage space.
 
9. A computer program product, characterized in, comprising computer program code, which, when executed by a computer unit, will cause the computer unit to perform the method according to any one of claims 1 to 4.
 


Ansprüche

1. Verfahren zum Aktivieren eines "Online-Patch", das in einem Kommunikationssystem angewandt wird, das wenigstens eine CPU, einen Speicher und einen Compiler umfasst, wobei die CPU ein Linux-Betriebssystem aufweist, das darauf abläuft, wobei das Linux-Betriebssystem wenigstens ein Anwendungsprogramm aufweist, das darauf abläuft, und wobei das Anwendungsprogramm einem "Patch"-Management-"Thread" und wenigstens einem Dienst-"Thread" zugeordnet ist, wobei das Anwendungsprogramm und eine "Patch"-Datei in den Speicher geladen sind, wobei das Anwendungsprogramm wenigstens eine Funktion enthält, die "gepatcht" werden soll, und die "Patch"-Datei eine "Patch"-Funktion enthält, wobei das Verfahren Folgendes umfasst:

Reservieren (S201), durch einen Compiler, während das Anwendungsprogramm kompiliert wird, eines Mittelsegments vor oder nach einer Einsprungposition jeder Funktion aus der wenigstens einen Funktion des Anwendungsprogramms, die "gepatcht" werden soll;

Positionieren (S101), durch den "Patch"-Management-"Thread", einer Adresse der "Patch"-Funktion und einer Einsprungadresse der Funktion, die "gepatcht" werden soll;

Schreiben (S102), durch den "Patch"-Management-"Thread", in dem Mittelsegment eines Langsprungbefehls zum Springen zu der "Patch"-Funktion basierend auf der Adresse der "Patch"-Funktion und der Einsprungadresse der Funktion, die "gepatcht" werden soll, wobei das Mittelsegment ein Speicherplatz ist, der sich vor oder nach der Einsprungposition der Funktion, die "gepatcht" werden soll, befindet und wenigstens einen Langsprungbefehl speichern kann, und die Einsprungadresse der Funktion, die "gepatcht" werden soll, die Einsprungposition der Funktion, die "gepatcht" werden soll, repräsentiert; und

Modifizieren (S103), durch den "Patch"-Management-"Thread", eines Befehls an der Einsprungposition der Funktion, die "gepatcht" werden soll, zu einem Kurzsprungbefehl zum Springen zu dem Mittelsegment;

Ausführen (S103), durch den Dienst-"Thread", des Kurzsprungbefehls an der Einsprungposition der Funktion, die "gepatcht" werden soll, um zu dem Mittelsegment zu springen und zu der "Patch"-Funktion zu springen und sie auszuführen, dadurch dass der Langsprungbefehl zum Springen zu der "Patch"-Funktion in dem Mittelsegment ausgeführt wird, wobei das Mittelsegment einen oder mehrere Befehle enthält und der Langsprungbefehl zum Springen zu der "Patch"-Funktion einer der einen oder mehreren Befehle ist;

wobei der Prozess des Reservierens, während das Anwendungsprogramm kompiliert wird, des Mittelsegments vor oder nach einer Einsprungposition jeder Funktion der wenigstens einen Funktion des Anwendungsprogramms, die "gepatcht" werden soll, Folgendes umfasst:

Suchen (S2022) nach einer Schlüsselwortzeichenfolge, die eine Funktion in einer Assemblerdatei repräsentiert, nachdem eine Quelldatei des Anwendungsprogramms kompiliert ist (S2021), um die Assemblerdatei zu erzeugen;

Einfügen (S2022) eines Anfangsbefehls mit einer spezifizierten Anzahl von Bytes vor oder nach der Einsprungposition der Funktion, die durch jede gesuchte Schlüsselwortzeichenfolge, die die Funktion repräsentiert, angegeben ist, um das Mittelsegment zu reservieren, wobei die spezifizierte Anzahl von Bytes die Größe des Mittelsegments repräsentiert und der Anfangsbefehl ein "All-Null"-Befehl oder ein "All-Zero"-Befehl ist; und

wenn der "All-Null"-Befehl oder der "All-Zero"-Befehl mit der spezifizierten Anzahl von Bytes vor oder nach der Einsprungposition jeder Funktion der wenigstens einen Funktion, die "gepatcht" werden soll, eingefügt worden ist, erneutes Kompilieren (S2023) der Assemblerdatei, in die der Anfangsbefehl, der der "All-Null"-Befehl oder der "All-Zero"-Befehl ist, eingefügt ist, um eine neue Assemblerdatei zu erzeugen, Kompilieren (S2024) der neuen Assemblerdatei, um eine Zieldatei zu erzeugen, und Verknüpfen von mehreren Zieldateien, um eine ausführbare Datei des Anwendungsprogramms zu erzeugen (S2025).


 
2. Verfahren zum Aktivieren eines "Online-Patch" nach Anspruch 1, dadurch gekennzeichnet, dass der Befehl, der zu dem Kurzsprungbefehl modifiziert wird, ein erster Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes ist.
 
3. Verfahren zum Aktivieren eines "Online-Patch" nach Anspruch 1, dadurch gekennzeichnet, dass der Befehl, der zu dem Kurzsprungbefehl modifiziert wird, ein nicht erster Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes ist, wobei das Verfahren ferner Folgendes umfasst: Schreiben, in dem Mittelsegment, eines Umkehroperationsbefehls für einen Operationsbefehl, der vor dem modifizierten Befehl angeordnet ist.
 
4. Verfahren zum Aktivieren eines "Online-Patch" nach Anspruch 3, dadurch gekennzeichnet, dass der nicht erste Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, ein Befehl nach einem "Push onto Stack"-Befehl, push, ist und dass
der Umkehroperationsbefehl für den Operationsbefehl, der vor dem modifizierten Befehl angeordnet ist, ein "Pop from Stack"-Befehl, pop, ist.
 
5. Kommunikationssystem, das wenigstens eine CPU, einen Speicher und einen Compiler umfasst, wobei die CPU ein Linux-Betriebssystem aufweist, das darauf abläuft, wobei das Linux-Betriebssystem wenigstens ein Anwendungsprogramm aufweist, das darauf abläuft, und das Anwendungsprogramm einem "Patch"-Management-"Thread" und wenigstens einem Dienst-"Thread" zugeordnet ist, wobei das Anwendungsprogramm und eine "Patch"-Datei in den Speicher geladen sind, wobei das Anwendungsprogramm wenigstens eine Funktion enthält, die "gepatcht" werden soll, und die "Patch"-Datei eine "Patch"-Funktion enthält, und ein Speicherplatz vorhanden ist, der wenigstens einen Langsprungbefehl vor oder nach einer Einsprungposition der Funktion, die "gepatcht" werden soll, speichern kann; der Compiler konfiguriert ist, während das Anwendungsprogramm kompiliert wird, einen Speicherplatz zu reservieren, der wenigstens einen Langsprungbefehl vor oder nach einer Einsprungposition jeder Funktion aus der wenigstens einen Funktion des Anwendungsprogramms, die "gepatcht" werden soll, speichern kann;
der "Patch"-Management-"Thread" konfiguriert ist, in dem Ablaufprozess des Anwendungsprogramms eine Adresse der "Patch"-Funktion und eine Einsprungadresse der Funktion, die "gepatcht" werden soll, zu positionieren, einen Langsprungbefehl zum Springen zu der "Patch"-Funktion in dem Speicherplatz zu schreiben und einen Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, zu einem Kurzsprungbefehl zum Springen zu dem Speicherplatz zu modifizieren, und wobei die Einsprungadresse der Funktion, die "gepatcht" werden soll, die Einsprungposition der Funktion, die "gepatcht" werden soll, repräsentiert; und
der Dienst-"Thread" konfiguriert ist, den Kurzsprungbefehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, auszuführen, um zu dem Speicherplatz zu springen, und zu der "Patch"-Funktion zu springen und sie auszuführen, dadurch dass der Langsprungbefehl zum Springen zu der "Patch"-Funktion in dem Speicherplatz ausgeführt wird, wobei der Speicherplatz einen oder mehrere Befehle enthält und der Langsprungbefehl zum Springen zu der "Patch"-Funktion einer der einen oder mehreren Befehle ist;
wobei der Compiler insbesondere konfiguriert ist, nach einer Schlüsselwortzeichenfolge zu suchen, die eine Funktion in einer Assemblerdatei repräsentiert, nachdem eine Quelldatei des Anwendungsprogramms kompiliert ist, um eine Assemblerdatei zu erzeugen; und den Anfangsbefehl mit einer spezifizierten Anzahl von Bytes einzufügen, vor oder nach der Einsprungposition der Funktion, die durch jede gesuchte Schlüsselwortzeichenfolge angegeben ist, die die Funktion repräsentiert, um den Speicherplatz zu reservieren, der wenigstens einen Langsprungbefehl speichern kann, und wobei der Anfangsbefehl ein "All-Null"-Befehl oder ein "All-Zero"-Befehl ist; und wenn der "All-Null"-Befehl oder der "All-Zero"-Befehl mit der spezifizierten Anzahl von Bytes vor oder nach der Einsprungposition jeder Funktion der wenigstens einen Funktion, die "gepatcht" werden soll, eingefügt worden ist, die Assemblerdatei, in die der Anfangsbefehl, der der "All-Null"-Befehl oder der "All-Zero"-Befehl ist, eingefügt ist, erneut zu kompilieren, um eine neue Assemblerdatei zu erzeugen, die neue Assemblerdatei zu kompilieren, um eine Zieldatei zu erzeugen, und mehrere Zieldateien zu verknüpfen, um eine ausführbare Datei des Anwendungsprogramms zu erzeugen, wobei die spezifizierte Anzahl von Bytes die Größe des Speicherplatzes repräsentiert.
 
6. Kommunikationssystem nach Anspruch 5, dadurch gekennzeichnet, dass der "Patch"-Management-"Thread" insbesondere konfiguriert ist, in dem ablaufenden Prozess des Anwendungsprogramms die Adresse der "Patch"-Funktion und die Einsprungadresse der Funktion, die "gepatcht" werden soll, zu positionieren, den Langsprungbefehl zum Springen zu der "Patch"-Funktion in dem Speicherplatz zu schreiben und den Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes zu dem Kurzsprungbefehl zum Springen zu dem Speicherplatz zu modifizieren, falls der Befehl, der zu dem Kurzsprungbefehl modifiziert ist, ein erster Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes ist.
 
7. Kommunikationssystem nach Anspruch 5, dadurch gekennzeichnet, dass
der "Patch"-Management-"Thread" insbesondere konfiguriert ist, in dem ablaufenden Prozess des Anwendungsprogramms die Adresse der "Patch"-Funktion und die Einsprungadresse der Funktion, die "gepatcht" werden soll, zu positionieren, einen Umkehroperationsbefehl für einen Operationsbefehl, der vor dem modifizierten Befehl und einem Langsprungbefehl zum Springen zu der "Patch"-Funktion angeordnet ist, in dem Speicherplatz zu schreiben und den Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes zu dem Kurzsprungbefehl zum Springen zu dem Speicherplatz zu modifizieren, falls der Befehl, der zu dem Kurzsprungbefehl modifiziert ist, ein nicht erster Befehl an der Einsprungposition der Funktion, die "gepatcht" werden soll, und mit einer Länge größer als oder gleich zwei Bytes ist.
 
8. Kommunikationssystem nach Anspruch 5, dadurch gekennzeichnet, dass
der "Patch"-Management-"Thread" insbesondere konfiguriert ist, in dem ablaufenden Prozess des Anwendungsprogramms die Adresse der "Patch"-Funktion und die Einsprungadresse der Funktion, die "gepatcht" werden soll, zu positionieren, in dem Speicherplatz einen "Pop from Stack"- Befehl, pop, und den Langsprungbefehl zum Springen zu der "Patch"-Funktion zu schreiben und einen Befehl nach einem "Push onto Stack"-Befehl, push, an der Einsprungposition der Funktion, die "gepatcht" werden soll, zu dem Kurzsprungbefehl zum Springen zu dem Speicherplatz zu modifizieren.
 
9. Computerprogrammprodukt, dadurch gekennzeichnet, dass es Computerprogrammcode umfasst, der dann, wenn er durch eine Computereinheit ausgeführt wird, die Computereinheit dazu veranlasst, das Verfahren nach einem der Ansprüche 1 bis 4 auszuführen.
 


Revendications

1. Procédé pour activer un correctif en ligne, appliqué dans un système de communication, comprenant au moins une unité centrale, CPU, une mémoire et un compilateur, un système d'exploitation Linux étant exécuté sur la CPU, le système d'exploitation Linux comprenant au moins un programme d'application s'exécutant sur celui-ci, et le programme d'application étant associé à un fil d'exécution de gestion de correctif et au moins un fil d'exécution de service, où la mémoire est chargée avec le programme d'application et un fichier de correctif, où le programme d'application comprend au moins une fonction à corriger et le fichier de correctif comprend une fonction correctrice, comprenant les étapes suivantes :

réserver (S201), par un compilateur, tandis que le programme d'application est compilé, un segment médian avant ou après une position d'entrée de chaque fonction de l'au moins une fonction à corriger du programme d'application ;

positionner (S101), par le fil d'exécution de gestion de correctif, une adresse de la fonction correctrice et une adresse d'entrée de la fonction à corriger ;

écrire (S102), par le fil d'exécution de gestion de correctif, dans le segment médian, une instruction de long saut pour sauter jusqu'à la fonction correctrice sur la base de l'adresse de la fonction correctrice et de l'adresse d'entrée de la fonction à corriger, où le segment médian est un espace de stockage, qui est situé avant ou après la position d'entrée de la fonction à corriger et est capable d'au moins stocker une instruction de long saut, et l'adresse d'entrée de la fonction à corriger représente la position d'entrée de la fonction à corriger ; et

modifier (S103), par le fil d'exécution de gestion de correctif, une instruction à la position d'entrée de la fonction à corriger en une instruction de court saut pour sauter jusqu'au segment médian ;

exécuter (S103), par le fil d'exécution de service, l'instruction de court saut à la position d'entrée de la fonction à corriger, pour sauter jusqu'au segment médian, et pour sauter jusqu'à et exécuter la fonction correctrice par le biais de laquelle l'instruction de long saut pour sauter jusqu'à la fonction correctrice dans le segment médian est exécutée, où le segment médian comprend une ou plusieurs instructions, et l'instruction de long saut pour sauter jusqu'à la fonction correctrice est une instruction parmi les une ou plusieurs instructions ;

où le processus de réservation, tandis que le programme d'application est compilé, du segment médian avant ou après une position d'entrée de chaque fonction de l'au moins une fonction à corriger du programme d'application comprend les étapes suivantes :

rechercher (S2022) une chaîne de mots clés représentant une fonction dans un fichier d'assemblage, après qu'un fichier source du programme d'application a été compilé (S2021) pour générer le fichier d'assemblage ;

insérer (S2022) une instruction initiale avec un nombre spécifié d'octets, avant ou après la position d'entrée de la fonction indiquée par chaque chaîne de mots clés recherchée représentant la fonction, pour réserver le segment médian, où le nombre spécifié d'octets représente la taille du segment médian et l'instruction initiale est une instruction d'annulation globale ou une instruction de passage de tout à zéro ; et lorsque l'instruction d'annulation globale ou l'instruction de passage de tout à zéro avec le nombre spécifié d'octets a été insérée avant ou après la position d'entrée de chaque fonction de l'au moins une fonction à corriger, recompiler (S2023) le fichier d'assemblage inséré avec l'instruction initiale qui est l'instruction d'annulation globale ou l'instruction de passage de tout à zéro pour générer un nouveau fichier d'assemblage, compiler (S2024) le nouveau fichier d'assemblage pour générer un fichier cible, et lier une pluralité de fichiers cibles pour générer (S2025) un fichier exécutable du programme d'application.


 
2. Procédé pour activer un correctif en ligne selon la revendication 1, caractérisé en ce que l'instruction modifiée en l'instruction de court saut est une première instruction à la position d'entrée de la fonction à corriger et ayant une longueur supérieure ou égale à deux octets.
 
3. Procédé pour activer un correctif en ligne selon la revendication 1, caractérisé en ce que l'instruction modifiée en l'instruction de court saut est une instruction qui n'est pas la première à la position d'entrée de la fonction à corriger et ayant une longueur supérieure ou égale à deux octets, le procédé comprenant en outre écrire, dans le segment médian, une instruction de fonctionnement inverse à une instruction de fonctionnement qui est située avant l'instruction modifiée.
 
4. Procédé pour activer un correctif en ligne selon la revendication 3, caractérisé en ce que l'instruction qui n'est pas la première à la position d'entrée de la fonction à corriger est une instruction après une instruction Push onto Stack, push ; et en ce que l'instruction de fonctionnement inverse à l'instruction de fonctionnement située avant l'instruction modifiée est une instruction Pop from Stack, pop.
 
5. Système de communication, comprenant au moins une CPU, une mémoire et un compilateur, un système d'exploitation Linux étant exécuté sur la CPU, le système d'exploitation Linux comprenant au moins un programme d'application s'exécutant sur celui-ci, et le programme d'application étant associé un fil d'exécution de gestion de correctif et au moins un fil d'exécution de service, où
la mémoire est chargée avec le programme d'application et un fichier de correctif, où le programme d'application comprend au moins une fonction à corriger et le fichier de correctif comprend une fonction correctrice, et il y a un espace de stockage capable d'au moins stocker une instruction de long saut avant ou après une position d'entrée de la fonction à corriger ;
le compilateur est configuré pour réserver, tandis que le programme d'application est compilé, un espace de stockage capable d'au moins stocker une instruction de long saut avant ou après une position d'entrée de chaque fonction de l'au moins une fonction à corriger du programme d'application ;
le fil d'exécution de gestion de correctif est configuré, dans le processus d'exécution du programme d'application, pour positionner une adresse de la fonction correctrice et une adresse d'entrée de, la fonction à corriger, pour écrire, dans l'espace de stockage, une instruction de long saut pour sauter jusqu'à la fonction correctrice, et pour modifier une instruction à la position d'entrée de la fonction à corriger en une instruction de court saut pour sauter jusqu'à l'espace de stockage, et l'adresse d'entrée de la fonction à corriger représente la position d'entrée de la fonction à corriger ; et
le fil d'exécution de service est configuré pour exécuter l'instruction de court saut à la position d'entrée de la fonction à corriger, pour sauter jusqu'à l'espace de stockage, et pour sauter jusqu'à et exécuter la fonction correctrice par le biais de laquelle l'instruction de long saut pour sauter jusqu'à la fonction correctrice dans l'espace de stockage est exécutée, où l'espace de stockage comprend une ou plusieurs instructions, et l'instruction de long saut pour sauter jusqu'à la fonction correctrice est une instruction parmi les une ou plusieurs instructions ;
où le compilateur est spécifiquement configuré pour rechercher une chaîne de mots clés représentant une fonction dans un fichier d'assemblage, après qu'un fichier source du programme d'application a été compilé pour générer le fichier d'assemblage ; pour insérer l'instruction initiale avec un nombre spécifié d'octets, avant ou après la position d'entrée de la fonction indiquée par chaque chaîne de mots clés recherchée représentant la fonction pour réserver l'espace de stockage capable d'au moins stocker une instruction de long saut et l'instruction initiale est une instruction d'annulation globale ou une instruction de passage de tout à zéro ; et pour recompiler, lorsque l'instruction d'annulation globale ou l'instruction de passage de tout à zéro avec le nombre spécifié d'octets a été insérée avant ou après la position d'entrée de chaque fonction de l'au moins une fonction à corriger, le fichier d'assemblage inséré avec l'instruction initiale qui est l'instruction d'annulation globale ou l'instruction de passage de tout à zéro pour générer un nouveau fichier d'assemblage, pour compiler le nouveau fichier d'assemblage pour générer un fichier cible, et pour lier une pluralité de fichiers cibles pour générer un fichier exécutable du programme d'application, où le nombre spécifié d'octets représente la taille de l'espace de stockage.
 
6. Système de communication selon la revendication 5, caractérisé en ce que le fil d'exécution de gestion de correctif est spécifiquement configuré, dans le processus d'exécution du programme d'application, pour positionner l'adresse de la fonction correctrice et l'adresse d'entrée de la fonction à corriger, pour écrire, dans l'espace de stockage, l'instruction de long saut pour sauter jusqu'à la fonction correctrice, et pour modifier l'instruction à la position d'entrée de la fonction à corriger et avec une longueur supérieure ou égale à deux octets en l'instruction de court saut pour sauter jusqu'à l'espace de stockage, si l'instruction modifiée en l'instruction de court saut est une première instruction à la position d'entrée de la fonction à corriger et avec une longueur supérieure ou égale à deux octets.
 
7. Système de communication selon la revendication 5, caractérisé en ce que le fil d'exécution de gestion de correctif est spécifiquement configuré, dans le processus d'exécution du programme d'application, pour positionner l'adresse de la fonction correctrice et l'adresse d'entrée de la fonction à corriger, pour écrire, dans l'espace de stockage, une instruction de fonctionnement inverse à une instruction de fonctionnement située avant l'instruction modifiée et une instruction de long saut pour sauter jusqu'à la fonction correctrice et pour modifier l'instruction à la position d'entrée de la fonction à corriger et avec une longueur supérieure ou égale à deux octets en l'instruction de court saut pour sauter jusqu'à l'espace de stockage, si l'instruction modifiée en l'instruction de court saut est une instruction qui n'est pas une première instruction à la position d'entrée de la fonction à corriger et avec une longueur supérieure ou égale à deux octets.
 
8. Système de communication selon la revendication 5, caractérisé en ce que le fil d'exécution de gestion de correctif est spécifiquement configuré, dans le processus d'exécution du programme d'application, pour positionner l'adresse de la fonction correctrice et l'adresse d'entrée de la fonction à corriger, pour écrire, dans l'espace de stockage, une instruction Pop from Stack, pop, et l'instruction de long saut pour sauter jusqu'à la fonction correctrice, et pour modifier une instruction après une instruction Push onto Stack, push, à la position d'entrée de la fonction à corriger en l'instruction de court saut pour sauter jusqu'à l'espace de stockage.
 
9. Produit programme informatique, caractérisé en ce qu'il comprend un code de programme informatique, qui, lorsqu'il est exécuté par une unité informatique, amènera l'unité informatique à exécuter le procédé selon l'une quelconque des revendications 1 à 4.
 




Drawing






































Cited references

REFERENCES CITED IN THE DESCRIPTION



This list of references cited by the applicant is for the reader's convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description