Search

CN-122027203-A - Isolation method, medium and application isolation system of application instance

CN122027203ACN 122027203 ACN122027203 ACN 122027203ACN-122027203-A

Abstract

The application discloses an application instance isolation method, medium and application isolation system, which relate to the technical field of intelligent home/intelligent families and are characterized in that a first hardware peripheral access request initiated by service application is received and converted into a second hardware peripheral access request, a corresponding first application instance is determined, then authority verification and memory out-of-range verification are carried out on each first application instance, the first priority of each first application instance is determined, and after the instances pass double verification, a corresponding peripheral driver is called according to the first priority, and an operation result is determined. The method realizes double isolation of the application through memory boundary checking and priority scheduling, effectively solves the problem of application isolation when the third party application program is deployed on the embedded equipment, and can enable different applications to orderly run in a safe isolation environment, thereby guaranteeing the stability and the safety of the embedded equipment.

Inventors

  • ZHENG JIANXIN

Assignees

  • 海尔优家智能科技(北京)有限公司

Dates

Publication Date
20260512
Application Date
20251229

Claims (10)

  1. 1. An application instance isolation method, applied to an application isolation system of an embedded device, comprising: Receiving a first hardware peripheral access request initiated by at least one business application; Determining a second hardware peripheral access request and a first application instance corresponding to at least one first hardware peripheral access request respectively; determining a checking result and a first priority corresponding to at least one first application instance, wherein the checking result is used for indicating whether the first application instance has the operation authority corresponding to the second hardware peripheral access request or not and indicating whether the first application instance has memory boundary crossing behavior or not; For any one first application instance, determining a first priority corresponding to the first application instance when the check result indicates that the first application instance has the operation authority corresponding to the second hardware peripheral access request and the first application instance does not have memory out-of-range behavior, calling a peripheral driver corresponding to the second hardware peripheral access request according to the first priority corresponding to the first application instance, and determining an operation result of the first application instance based on the peripheral driver.
  2. 2. The method of claim 1, wherein the first hardware peripheral access request includes hardware to be accessed and a virtual memory address of the business application, and wherein determining at least one second hardware peripheral access request to which the first hardware peripheral access request corresponds includes: Determining first physical addresses corresponding to at least one virtual memory address respectively; and determining the second hardware peripheral access request according to at least one first physical address and at least one piece of hardware to be accessed.
  3. 3. The method of claim 2, wherein determining the check result corresponding to each of the at least one first application instance comprises: for any one first application instance, acquiring a permission configuration table, wherein the permission configuration table comprises a plurality of second application instances and an operation permission list corresponding to each second application instance; Acquiring a data buffer physical address, wherein the data buffer physical address comprises a plurality of third application instances and a second physical address corresponding to each third application instance; And determining a verification result of the first application instance according to the plurality of second application instances, the operation authority list corresponding to each second application instance, the plurality of third application instances and the second physical address corresponding to each third application instance.
  4. 4. The method of claim 3, wherein determining the verification result of the first application instance according to the plurality of second application instances, the operation authority list corresponding to each of the second application instances, the plurality of third application instances, and the second physical address corresponding to each of the third application instances comprises: If a fourth application instance corresponding to the first application instance exists in the plurality of second application instances, determining that the first application instance has the operation authority corresponding to the second hardware peripheral access request according to an operation authority list corresponding to the fourth application instance; And if the fifth application instance corresponding to the first application instance is determined to exist from the plurality of third application instances, determining that the first application instance does not have memory boundary crossing behavior according to a second physical address corresponding to the fifth application instance and the first physical address.
  5. 5. The method of claim 1, wherein determining a first priority level for each of the at least one first application instance comprises: determining the resource occupancy rate and the second priority of each first application instance; If the resource occupancy rate of any one first application instance is smaller than the preset resource occupancy rate, determining the second priority as the first priority; and if the resource occupancy rate of any one first application instance is greater than or equal to the preset resource occupancy rate, adjusting the first priority according to a preset adjustment strategy to obtain an adjusted first priority.
  6. 6. The method according to claim 1, wherein the method further comprises: generating a first failure result under the condition that the check result indicates that the first application instance does not possess the operation authority corresponding to the second hardware peripheral access request, wherein the first failure result indicates that the operation authority of the service application is insufficient; and/or/, And under the condition that the second check result indicates that the first application instance has memory out-of-limit behavior, generating a second failure result, wherein the second failure result indicates that the memory of the service application is out-of-limit.
  7. 7. The method of claim 1, wherein the determining, based on the peripheral driver, an operation result of the first application instance comprises: generating an operation instruction based on the peripheral driver; And determining an operation result of the first application instance according to the operation instruction.
  8. 8. An application isolation system for use with an embedded device, the system comprising: The application layer comprises at least one business application, and the business application is used for initiating a first hardware peripheral access request; the micro-runtime layer is used for creating an application instance and a second hardware peripheral access request which correspond to at least one business application; The isolation management layer is used for determining whether at least one application instance has the operation authority corresponding to the second hardware peripheral access request, determining whether at least one application instance has the memory out-of-range behavior, determining the priority corresponding to at least one application instance under the condition that at least one application instance has the operation authority corresponding to the second hardware peripheral access request and the application instance does not have the memory out-of-range behavior, and forwarding at least one second hardware peripheral access request according to the priority corresponding to at least one application instance; The kernel layer is used for calling at least one peripheral driver corresponding to each second hardware peripheral access request according to the received at least one second hardware peripheral access request, and forwarding the second hardware peripheral access request through the peripheral driver; and the hardware layer is used for determining the operation result of the application instance according to the second hardware peripheral access request forwarded by the kernel layer through the peripheral driver.
  9. 9. The system of claim 8, wherein the isolation management layer comprises a memory boundary checker, a permission control module, and a resource scheduler, further comprising: the memory boundary checker is configured to perform memory boundary crossing checking on each application instance; The permission control module is used for checking whether each application instance has the operation permission corresponding to the second hardware peripheral access request; the resource scheduler is used for determining the priority of each application instance in the task execution process.
  10. 10. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to execute the method according to any of claims 1 to 7 by means of the computer program.

Description

Isolation method, medium and application isolation system of application instance Technical Field The application relates to the technical field of intelligent home/intelligent families, in particular to an isolation method, medium and application isolation system of an application instance. Background Along with the rapid development of the internet of things technology, the embedded device is widely applied to a plurality of fields such as intelligent home, industrial automation, medical electronics, internet of vehicles and the like. These devices typically rely on microcontrollers to perform core tasks. The microcontroller is used as a core component of the embedded system, is responsible for processing data, executing instructions and communicating with external equipment. In practical applications, a developer needs to deploy a secondary application program developed by a third party on an embedded device. However, the stability and security of the system is compromised because third party applications may carry potential security risks or performance issues. There are two main solutions available, one is to use a trusted zone technology to achieve security isolation, which must be implemented by a processor that relies on the technology. The other mode is to adopt an operating system level containerization technology to realize safety isolation, and the safety isolation is mainly finished by depending on an operating system kernel, and the kernel isolation capability is realized by almost completely depending on kernel functions. Disclosure of Invention The application provides an isolation method, medium and application isolation system of an application instance, which are used for solving the problem of application isolation when a third party application program is deployed on embedded equipment. In a first aspect, the present application provides an isolation method for an application instance, applied to an application isolation system of an embedded device, where the method includes: Receiving a first hardware peripheral access request initiated by at least one business application; Determining a second hardware peripheral access request and a first application instance corresponding to at least one first hardware peripheral access request respectively; determining a checking result and a first priority corresponding to at least one first application instance, wherein the checking result is used for indicating whether the first application instance has the operation authority corresponding to the second hardware peripheral access request or not and indicating whether the first application instance has memory boundary crossing behavior or not; For any one first application instance, determining a first priority corresponding to the first application instance when the check result indicates that the first application instance has the operation authority corresponding to the second hardware peripheral access request and the first application instance does not have memory out-of-range behavior, calling a peripheral driver corresponding to the second hardware peripheral access request according to the first priority corresponding to the first application instance, and determining an operation result of the first application instance based on the peripheral driver. Optionally, the first hardware peripheral access request includes hardware to be accessed and a virtual memory address of the service application, and the determining at least one second hardware peripheral access request corresponding to the first hardware peripheral access request includes: Determining first physical addresses corresponding to at least one virtual memory address respectively; and determining the second hardware peripheral access request according to at least one first physical address and at least one piece of hardware to be accessed. Optionally, the determining the verification result corresponding to each of the at least one first application instance includes: for any one first application instance, acquiring a permission configuration table, wherein the permission configuration table comprises a plurality of second application instances and an operation permission list corresponding to each second application instance; Acquiring a data buffer physical address, wherein the data buffer physical address comprises a plurality of third application instances and a second physical address corresponding to each third application instance; And determining a verification result of the first application instance according to the plurality of second application instances, the operation authority list corresponding to each second application instance, the plurality of third application instances and the second physical address corresponding to each third application instance. Optionally, the determining, according to the plurality of second application instances, the operation authority list corresponding to each of the second a