Patent Application
20080052709
The method for protecting hard disk data in a virtual context according to the present invention protects the storage unit (e.g., sector, cylinder or even the entire hard disk space under some disk label) of a hard disk by means of a VMM. Specifically, it is judged whether the storage unit related to the hard disk access operation is a storage unit under protection after a hard disk access operation is intercepted by the VMM, and different processing methods are adopted based on the result of the above judgment, thereby effectively guaranteeing the security of hard disk data.
The protection method for hard disk storage unit, as mentioned in the present invention, comprises locking or locking plus encrypting the hard disk storage unit or other protection methods.
A detailed explanation is now given to the present invention by example of a hard disk sector that is the smallest storage unit in a hard disk.
As shown in
In step 11, a VMM acquires the sector numbers of sectors needed to be protected as a user instructs.
In step 12, the VMM intercepts a hard disk read-write command from operating system and acquires the number of the sector to be accessed by the hard disk read-write command.
In step 13, the VMM compares the number of the sector to be accessed by said read-write command with the numbers of the sectors needed to be protected and performs corresponding processing depending on the judgment as to whether the sector number involved in said read-write command is included in the sector numbers of the sectors needed to be protected.
Further, a more detailed description will be made on the present invention.
The sector numbers of the sectors needed to be protected in the step 11 may be represented in various forms. For example, the sector numbers of the sectors needed to be protected can be saved in a sector access control list, or the blocks of sectors whose sector numbers are continuous in the sectors needed to be protected are saved as one part that includes the sector number of the initial sector and the amount of the sectors included in the continuous blocks.
Take an example of the following case, in which the sector numbers of the sectors needed to be protected is assumed as 10001˜50000, 70001˜80000 and 90001˜95000, the sector access control lists corresponding to the above two forms are shown as the two tables below, respectively.
Next, the step 11 in the present invention will be elaborated, where the process of issuing the information on the sectors needed to be protected to the VMM via the operating system by the user can be realized by sharing memory or reading or writing I/O port.
The user invokes a command VMCALL via the operating system, transfers the pointer of the shared memory via EAX and the size of the shared memory via EBX.
The data in the shared memory contains the sector numbers of the sectors needed to be protected.
Of cause, if there are sectors needed to be protected whose sector numbers are continuous, the data in the shared memory can also contains the sector number of the initial sector and the quantity of the sectors in these continuous blocks of sectors needed to be protected.
The above data can further include content as to whether there is an encryption and what the encryption scheme is.
The VMM can acquire the sector numbers of the sectors needed to be protected from the shared memory to create the sector access control list. On the other hand, since the VMM may access to all memories, it doesn't have to acquire the data in the shared memory. In the step 3, the VMM compares the sector number of the sector to be access by the read-write command with the data in the shared memory and make relevant judgment directly after acquiring the sector number of the sector to be access by the read-write command.
The information on the sectors needed to be protected can also be issued to the VMM by intercepting read-write I/O, which will be illustrated in two embodiments.
In the first embodiment, one command is issued via the port (IOBASE=1F0,170)+7 for sending a command to hard disk, the pointer to the shared memory is transferred via IOBASE+2, IOBASE+3, IOBASE+4 and IOBASE+5, and the size of the shared memory is transferred via IOBASE+2, IOBASE+3, IOBASE+4 and IOBASE+5 which have been written once more. The shared memory is the same as that mentioned in the above memory sharing scheme.
After acquiring the pointer to the shared memory and the size of the shared memory by intercepting hard disk read-write I/O, the VMM acquires the information on the sectors needed to be protected from the shared memory and further maintains the sector access control list based on the information on the sectors needed to be protected.
Since the VMM may access to all memories, it doesn't have to acquire the data in the shared memory. In step 3, the VMM compares the sector number of the sector to be access by the read-write command with the data in the shared memory and make a relevant judgment directly after acquiring the sector number of the sector to be access by the read-write command.
In the second embodiment, one command is issued via the port (IOBASE=1F0,170)+7 for sending a command to hard disk, and the sector numbers of the sectors needed to be protected are sent via IOBASE+3, IOBASE+4 and IOBASE+5. Meanwhile, the VMM intercepts the command, acquires the sector numbers of the sectors needed to be protected included in the command and further maintains the sector access control list.
In the above second embodiment, if there are sectors needed to be protected whose sector numbers are continuous, the relevant flow can be carried out in such manner as follows.
One command is issued via the port (IOBASE=1F0,170)+7 for sending a command to hard disk, and the sector number of the initial sector in the continuous blocks of the sectors needed to be protected is sent via IOBASE+3, IOBASE+4 and IOBASE+5. Meanwhile, with another command, the quantity of the sectors in the continuous blocks of the sectors needed to be protected is sent via IOBASE+3, IOBASE+4 and IOBASE+5. The VMM intercepts the commands, acquires the information on the sectors needed to be protected and further maintains the sector access control list.
In step 12, the VMM needs to intercept the read-write command for hard disk I/O from the operating system so as to acquire the hard disk sector involved in the read-write command. Below is a detailed illustration for this step.
Since there exist various commands for hard disk access, and these commands have substantially the same mode, the present invention will be described by example of a PIO-mode (Programmed I/O) reading command for hard disk.
The VMM intercepts the command for hard disk IO from the operating system via IOBASE+0X7 and judges whether the command is 0×20 (PIO read). If the answer is yes, the VMM acquires the sector quantity involved in the command for hard disk IO via IOBASE+0X2 and the associated sector number of hard disk sector by intercepting data IOBASE+0X6, IOBASE+0X5, IOBASE+0X4 and IOBASE+0X3.
Hereafter, the present invention will be explained in detail in conjunction with two cases of reading and writing.
In step 12, a VMEXIT is generated at the time of accessing IO space of an IDE (Integrated Driver Equipment) controller, and the VMM obtains the right to control and further acquires the sector number involve in the read-write command in the manner as described above.
If the sector number of hard disk sector involved in the hard disk read-write command from the operating system is included in the sector access control list or in the sectors needed to be protected saved in the shared memory, it is indicated that the hard disk sectors involve in the read-write command are sector needed to be protected as desired by the user, and the VMM returns information indicating non-operability or an error result, for example, the result is only 0. If the sector number of hard disk sector involved in the hard disk read-write command from the operating system is not included in the sector access control list, it is indicated that the hard disk sector involve in the read-write command is a general hard disk sector, and thus the VMM reads or writes on the hard disk sector by use of normal read-write program and returns the result of the operation to the user.
Furthermore, the present invention also proposes a system for protecting hard disk data in a virtual context, which is provided in the VMM and, as shown in
a hard disk read-write command acquiring and analyzing module which intercepts a hard disk read-write command from operating system and acquires information on a hard disk storage unit to be accessed by the hard disk read-write command;
a hard disk read-write command judging module which judges whether the hard disk storage unit to be accessed by the read-write command is the hard disk storage unit needed to be protected based on the information on the hard disk storage unit to be accessed by the read-write command as well as the information on the hard disk storage unit needed to be protected; and
hard disk read-write command executing module which returns error data or information indicating non-operability to the operating system if the hard disk storage unit to be accessed by the read-write command is the hard disk storage unit needed to be protected, and reads or writes on the hard disk in a normal flow if the hard disk storage unit to be accessed by the read-write command is not the hard disk storage unit needed to be protected.
The above describes only the preferred embodiments of the invention. It will be appreciated for those skilled in the art that various modification and refinement can be made in the principle of the present invention, and these modification and refinement should fall into the scope of the present invention.
| Number | Date | Country | Kind |
|---|---|---|---|
| 200610115074.5 | Aug 2006 | CN | national |
