METHOD AND SYSTEM FOR KERNEL ROUTINE CALLBACKS

US 20190310883A1
Filed: 04/06/2018
Published: 10/10/2019
Est. Priority Date: 04/06/2018
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

hooking a pre-callback handler and a post-callback handler to a pre-existing operating system of a computing device;

obtaining, by the pre-callback handler, a kernel routine request for a kernel routine to be performed in a kernel mode of the operating system;

determining, by the pre-callback handler, whether to allow the kernel routine to be performed based on parameters of the kernel routine request;

upon determining that the kernel routine is allowed to be performed, causing the kernel routine to be performed in the kernel mode to generate kernel routine results;

determining, by the post-callback handler, whether to allow the kernel routine results of the kernel routine to be returned;

upon determining that the kernel routine results of the kernel routine are allowed to be returned, causing the kernel routine results of the kernel routine to be returned to an application that is executed in a non-kernel mode of the operating system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for kernel routine callbacks. Such methods may include hooking a pre-callback handler and a post-callback handler to a pre-existing operating system of a computing device. According to the pre-callback handler, a kernel routine request for a kernel routine to be performed in a kernel mode of the operating system is obtained, whether to allow the kernel routine to be performed is determined, and the kernel routine is caused to be performed in the kernel mode to generate kernel routine results. According to the post-callback handler, whether to allow the kernel routine results of the kernel routine to be returned is determined, and the kernel routine results of the kernel routine is caused to be returned to an application that is executed in a non-kernel mode of the operating system.

6 Citations

View as Search Results

20 Claims

1. A method comprising:
- hooking a pre-callback handler and a post-callback handler to a pre-existing operating system of a computing device;
  
  obtaining, by the pre-callback handler, a kernel routine request for a kernel routine to be performed in a kernel mode of the operating system;
  
  determining, by the pre-callback handler, whether to allow the kernel routine to be performed based on parameters of the kernel routine request;
  
  upon determining that the kernel routine is allowed to be performed, causing the kernel routine to be performed in the kernel mode to generate kernel routine results;
  
  determining, by the post-callback handler, whether to allow the kernel routine results of the kernel routine to be returned;
  
  upon determining that the kernel routine results of the kernel routine are allowed to be returned, causing the kernel routine results of the kernel routine to be returned to an application that is executed in a non-kernel mode of the operating system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising upon determining that the kernel routine is not allowed to be performed, preventing the kernel routine from being performed and causing an pre-operation error to be returned to the application.
  - 3. The method of claim 1, further comprising upon determining that the kernel routine results of the kernel routine are not allowed to be returned, causing a post-operation error to be returned to the application.
  - 4. The method of claim 1, further comprising upon determining that the kernel routine results of the kernel routine are not allowed to be returned, modifying the kernel routine results of the kernel routine and causing the modified kernel routine results to be returned to the application.
  - 5. The method of claim 4, wherein said modifying the kernel routine results comprises filtering out at least part of parameters included in the kernel routine results.
  - 6. The method of claim 1, wherein the pre-callback handler and post-callback handler are uniquely associated with the kernel routine, and a plurality of pre-callback handlers and a plurality of post-callback handlers associated with different types of kernel routines are hooked to the operating system.
  - 7. The method of claim 1, wherein the kernel routine comprises a file system operation.
  - 8. The method of claim 1, wherein the kernel routine comprises a non-file system operation and does not include a file system operation.
  - 9. The method of claim 1, wherein the pre-callback handler and the post-callback handler are hooked to the operating system, in a state where the operating system is not protected by a kernel patch protection.
  - 10. The method of claim 1, wherein the operating system is a macOS or a 32-bit Windows OS.

11. A computing system comprising:
- one or more processors; and
  
  a memory storing instructions, when executed by the one or more processors, cause the computing system to;
  
  obtain, by a pre-callback handler hooked to an operating system of the computing system, a kernel routine request for a kernel routine to be performed in a kernel mode of an operating system of the computing system;
  
  determine, by the pre-callback handler, whether to allow the kernel routine to be performed based on parameters of the kernel routine request;
  
  upon determining that the kernel routine is allowed to be performed, cause the kernel routine to be performed in the kernel mode to generate kernel routine results;
  
  determine, by a post-callback handler that is also hooked to the operating system of the computing system, whether to allow the kernel routine results of the kernel routine to be returned;
  
  upon determine that the kernel routine results of the kernel routine are allowed to be returned, cause the kernel routine results of the kernel routine to be returned to an application that is executed in a non-kernel mode of the operating system.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computing system of claim 11, wherein the instructions further cause the computing system to prevent the kernel routine from being performed and cause an pre-operation error to be returned to the application, upon determining that the kernel routine is not allowed to be performed.
  - 13. The computing system of claim 11, wherein the instructions further cause the computing system to cause a post-operation error to be returned to the application, upon determining that the kernel routine results of the kernel routine are not allowed to be returned.
  - 14. The computing system of claim 11, wherein the instructions further cause the computing system to modify the kernel routine results of the kernel routine and causing the modified kernel routine results to be returned to the application, upon determining that the kernel routine results of the kernel routine are not allowed to be returned.
  - 15. The computing system of claim 14, wherein said modifying the kernel routine results comprises filtering out at least part of data included in the kernel routine results.
  - 16. The computing system of claim 11, wherein the pre-callback handler and post-callback handler are uniquely associated with the kernel routine, and a plurality of pre-callback handlers and a plurality of post-callback handlers associated with different types of kernel routines are hooked to the operating system.
  - 17. The computing system of claim 11, wherein the kernel routine comprises a file system operation.
  - 18. The computing system of claim 11, wherein the kernel routine comprises a non-file system operation and does not include a file system operation.
  - 19. The computing system of claim 11, wherein the pre-callback handler and the post-callback handler are hooked to the operating system, in a state where the operating system is not protected by a kernel patch protection.
  - 20. The computing system of claim 11, wherein the operating system is a macOS or a 32-bit Windows OS.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Beijing Didi Infinity Technology And Development Co.Ltd.
Original Assignee
DiDi Research America, LLC
Inventors
WANG, Yu

Granted Patent

US 11,106,491 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 9/4881   Scheduling strategies for d...

G06F 9/545   where tasks reside in diffe...

G06F 9/547   Remote procedure calls [RPC...

METHOD AND SYSTEM FOR KERNEL ROUTINE CALLBACKS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

METHOD AND SYSTEM FOR KERNEL ROUTINE CALLBACKS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others