CN109491698B - System updating method and device based on hot patch - Google Patents
System updating method and device based on hot patch Download PDFInfo
- Publication number
- CN109491698B CN109491698B CN201811637628.7A CN201811637628A CN109491698B CN 109491698 B CN109491698 B CN 109491698B CN 201811637628 A CN201811637628 A CN 201811637628A CN 109491698 B CN109491698 B CN 109491698B
- Authority
- CN
- China
- Prior art keywords
- file
- plane process
- updating
- updated
- data plane
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/658—Incremental updates; Differential updates
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The application discloses a system updating method and device based on hot patching, and the method comprises the following steps: acquiring a hot patch package, wherein the hot patch package comprises verification information and a patch file; verifying the validity of the hot patch package according to the verification information; if the hot patch is legal, determining a system process needing to be updated according to the patch file; if the system process is a control plane process, starting a timer, and updating the control plane process when the timer reaches a first preset time length; and if the system process is a data plane process, setting the data plane process as an updating mode, and updating the data plane process. In the application, the communication equipment checks the legality of the hot patch package through the check information in the hot patch package, and the safety of the files and data in the hot patch package is ensured. For the control plane process, ensuring the stack security of the process through a timer; for the data plane process, the stack security of the data is ensured by setting an updating mode. The security of the system can be improved at the time of update.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a system updating method and apparatus based on hot patch.
Background
With the development of communication technology, embedded communication equipment provides various special services for people, a large number of embedded communication equipment is deployed in units such as operators, enterprises and schools, the maintenance pressure of equipment manufacturers is high, newly added service functions and equipment software fault repair are required to be reissued, the service of embedded communication equipment users is often interrupted during software upgrading, and the influence is wide. Under the condition of not influencing the normal operation of the service, the hot patch is usually used for updating the equipment software system, including newly added functions, function updating, fault repairing and the like.
Hot patching techniques provide a way to implement local modifications to a system without interrupting the operation of the system. On one hand, the hot patching technology provides a convenient means for correcting system errors in operation in time; on the other hand, by adding system functions through the hot patch technology, the number of times of upgrading the version of the whole system can be reduced, so that the requirement that the seamless upgrading can be carried out without interrupting the service is met.
In the prior art, the hot patching technology takes the primary goal of not interrupting the operation of the system while updating the system. The system operation needs to be considered during updating, so that the security of the system during updating is not high.
Disclosure of Invention
The application provides a system updating method and device based on hot patching, which can be used for solving the problem that in the prior art, the safety of a system is not high during updating because the operation of the system is required to be considered during updating.
In a first aspect, the present application provides a system update method based on hot patching, including:
acquiring a hot patch package, wherein the hot patch package comprises verification information and a patch file for updating a system;
verifying the validity of the hot patch package according to the verification information;
if the hot patch is legal, determining a system process needing to be updated according to the patch file;
if the system process needing to be updated is a control plane process, starting a timer, and updating the control plane process according to the patch file when the timer reaches a first preset time length;
if the system process needing to be updated is a data plane process, setting the data plane process as an updating mode, and updating the data plane process according to the patch file; the update mode refers to a mode in which the data plane process stops processing and forwarding data.
Optionally, the check information includes a magic word, hardware information and version information, the hardware information is used for indicating a hardware architecture to which the hot patch package is applicable, and the version information is used for indicating a version of system update;
the verifying the validity of the hot patch package according to the verification information includes:
detecting whether a magic word in the check information is matched with a stored magic word, whether a hardware architecture indicated by the hardware information is correct, and whether a version indicated by the version information is correct;
and if the magic word in the verification information is matched with the stored magic word, the hardware architecture indicated by the hardware information is correct, and the version indicated by the version information is correct, determining that the hot patch package is legal.
Optionally, the patch file includes: the directory file and the update shared library corresponding to each system process needing to be updated;
the updating shared library comprises a replacement function required by the corresponding system process updating;
the directory file comprises corresponding relations among all system processes needing to be updated, all update shared libraries and all replacement functions, and position information of the replacement functions in the update shared libraries.
Optionally, updating the control plane process includes:
determining an updated shared library corresponding to the control plane process according to the directory file;
loading a replacement function in the updated shared library corresponding to the control plane process to a memory;
determining a first memory address and a second memory address, wherein the first memory address refers to an address of an original function needing to be updated in the control plane process in a memory, and the second memory address refers to an address of a replacement function in an update shared library corresponding to the control plane process in the memory;
generating a first replacement instruction according to the first memory address and the second memory address, wherein the first replacement instruction is used for indicating an address when the control plane process calls an original function, and the first memory address is replaced by the second memory address;
and replacing the original function in the system file corresponding to the control plane process with a corresponding replacement function in the updated shared library.
Optionally, updating the data plane process includes:
determining an updated shared library corresponding to the data plane process according to the directory file;
loading a replacement function in the updated shared library corresponding to the data plane process to a memory;
determining a third memory address and a fourth memory address, wherein the third memory address refers to an address of an original function to be updated in the data plane process in the memory, and the fourth memory address refers to an address of a replacement function in an update shared library corresponding to the data plane process in the memory;
generating a second replacement instruction according to the third memory address and the fourth memory address, wherein the second replacement instruction is used for indicating an address of the data plane process when the original function is to be called, and the third memory address is replaced by the fourth memory address;
and replacing the original function in the system file corresponding to the data plane process with a corresponding replacement function in the update shared library.
Optionally, the method further comprises:
and generating a rollback file, wherein the rollback file is used for backing up the original function in the system file corresponding to the system process needing to be modified.
Optionally, after the generating the rollback file, the method further includes:
determining a system process needing rollback according to the patch file;
if the system process needing to be rolled back is a control plane process, starting the timer, and rolling back the control plane process according to the rollback file when the timer reaches the first preset time length;
and if the system process needing to be rolled back is the data plane process, setting the data plane process as the updating mode, and rolling back the data plane process according to the rollback file.
In a second aspect, the present application provides a hotpatch-based system update apparatus, the apparatus comprising:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a hot patch package, and the hot patch package comprises verification information and a patch file for system updating;
the verification module is used for verifying the validity of the hot patch package according to the verification information;
the updating module is used for determining the system process needing to be updated according to the patch file when the hot patch package is legal;
the update module is further configured to: when the system process needing to be updated is a control plane process, starting a timer, and updating the control plane process according to the patch file after the timer reaches a first preset time; when the system process needing to be updated is a data plane process, setting the data plane process as an updating mode, and updating the data plane process according to the patch file; the update mode refers to a mode in which the data plane process stops processing and forwarding data.
In the application, the communication equipment checks the legality of the hot patch package through the checking information in the hot patch package to ensure that the files and data in the hot patch package which is updated and used are legal and safe; moreover, when the control plane process is updated, the communication equipment ensures the stack security of the process through a timer; when the data plane process is updated, the stack security of the data is ensured by setting the data plane process to be in an updating mode. Since the security of the file, data, and stack is ensured, the security of the system can be improved at the time of update.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flow diagram illustrating a method for hot patch based system update in accordance with an exemplary embodiment;
FIG. 2 is a flow diagram illustrating a method of hot patch production in accordance with an exemplary embodiment;
FIG. 3 is a flow diagram illustrating a method of uninstalling a patch in accordance with an exemplary embodiment;
FIG. 4 is a block diagram illustrating a hot patch based system update apparatus in accordance with an exemplary embodiment.
Detailed Description
For the purpose of making the present application more clear, its technical solutions and advantages will be further described in detail below with reference to the accompanying drawings.
In the method provided by the embodiment of the present application, the execution subject of each step may be a communication device that needs to be updated, such as an embedded communication device, or may be a monitoring process in the communication device. The monitoring process is a process responsible for checking, storing, loading, unloading, deleting hot patches and other update related operations. Updating the system of the communication device by hot patching generally requires updating functions of various system processes in the system, i.e. modifying the functions. Wherein, the modification of the function of the system process also comprises the modification of the global variable related to the function.
The above system processes in the communication device include a data plane process and a control plane process. The data plane process refers to a process related to a data plane, and is used for processing and forwarding various types of data on various different ports of the communication device, for example, processing and forwarding various specific data such as Access Control List (ACL), multicast, security protection, and the like. The control plane process is a process related to the control plane, and is used for controlling and managing the operation of all network protocols, and providing various network information and forwarding query table entries required before data processing and forwarding of the data plane. Among other things, the data plane process is also referred to as a forwarding plane process.
FIG. 1 is a flow diagram illustrating a method for hot patch based system update in accordance with an exemplary embodiment. The method may include the steps of:
in step S10, a hot patch package is obtained.
First, in order to update its own system, the communication apparatus needs to acquire a hot patch package for hot patch update. The hot patch package is a compressed file that includes verification information and a patch file for system updates. The communication device may determine the validity of the hot patch package by checking the check information, and then determine whether the system can be updated based on the hot patch package. The patch file includes specific data required for system update, such as code of a function to be modified, a text file containing data to be modified, and the like.
The communication device obtains the hot patch package actually by the control terminal uploading the hot patch package to the communication device. The control terminal may be a terminal that generates a hot patch package, or may be a terminal that stores only a hot patch package. Specifically, the control terminal transmits the hot patch packet from the internet (World Wide Web, Web) via a HyperText Transfer Protocol (HTTP), or from the command line via a File Transfer Protocol (FTP) or a simple File Transfer Protocol (TFTP).
When the control terminal is a terminal that generates a hot patch package, as shown in fig. 2, the control terminal generates the hot patch package including the following specific steps.
Step S101, a replacement function is extracted.
And step S102, compiling a replacement function to generate an updated shared library.
In step S103, a directory file is generated.
And step S104, extracting the text modification record.
Step S105, add the text modification record to the update script file and the rollback script file.
And step S106, compressing and updating the shared library, the directory file, the update script file and the rollback script file to generate the hot patch package.
Firstly, the control terminal extracts a replacement function related to a system process needing to be updated according to a modification record of a technician on a code updated by the system. The replacement function refers to a function after modifying the code. The communication device includes a plurality of system processes, each corresponding to a plurality of functions. In one update, part of the system processes in the communication device may need to be updated, or all the system processes in the communication device may be updated. Wherein, in each system process needing updating, at least one corresponding function is modified.
After the replacement function is extracted, the control terminal compiles the replacement function and generates at least one updated shared library. Each update shared library corresponds to a system process needing to be updated and comprises a replacement function in the system process needing to be updated. For example, two system processes requiring updating are included in the communication device: aaa and bbb, the control terminal generates two update sharing libraries: aa. so. y and bbb. so. y. Where aaa and bbb are the names of system processes. The update shared library is named by the name of the system process. Then, when acquiring the updated shared library, the communication device may determine the system process corresponding to the updated shared library. Y denotes a version number of the updated shared library.
After the updated shared library corresponding to each system process is generated, the control terminal generates a directory file, such as a patch _ app. And writing the name of the system process, the name of the corresponding updating shared library, the name of the replacing function in the library and the position information of the replacing function in the corresponding updating shared library in the directory file line by line. Therefore, in addition to the location of the replacement function in the corresponding update shared library, the directory file includes the correspondence between each system process that needs to be updated, each update shared library, and each replacement function.
In one system update of the communication equipment, besides the function of the system process, the text file in the system file needs to be updated. For the text file, the control state extracts a text modification record of the text file through a diff or svn diff tool, and adds the text modification record to an update script file and a rollback script file, such as a patch _ install. Then, when updating the system, the communication device executes the text update script file and modifies the text file according to the text modification record. And when the communication equipment unloads the update, executing the text rollback script file, and repairing the text file according to the text modification record.
It should be noted that the steps S104 and S105 may be executed before the steps S101 to S103, after the steps S101 to S103, or simultaneously. If the text file is not updated, step S104 and step S105 may not be executed.
And finally, the control terminal stores the update shared library, the directory file, the update script file and the rollback script file into a folder, compresses the folder and generates the hot patch package. In addition, the control terminal adds check information in the header of the file generating the hot patch package.
And step S11, verifying the validity of the hot patch package.
And after the communication equipment acquires the hot patch package, verifying the legality of the hot patch package according to the verification information. If the hot patch package is legal, that means the communication device can update the system according to the hot patch package, the step S12 is executed; if the hot patch package is illegal, the communication equipment refuses to update the system according to the hot patch package if the hot patch package has potential safety hazard.
In one possible implementation, the check information includes a magic word, hardware information, and version information. Magic words are unique strings of characters generated by a device to uniquely indicate a device. The magic word may include the serial number of the device, a network hardware address or clock, etc. The communication device detects whether the magic words in the check information match the stored magic words. The stored magic words refer to the prestored magic words of the control terminal. The source of the hot patch package is detected by detecting the magic word. If the magic words are matched, determining that the hot patch packet is from the control terminal and the source is safe; if the magic words are not matched, the source of the hot patch package is determined to be unsafe, and the updating is refused.
In an embodiment of the present application, a hardware architecture of a communication device includes: the X86 hardware architecture and the MIPS (Microprocessor with interlocked pipeline) hardware architecture. The hardware information is used to indicate a hardware architecture to which the hot patch package applies. The communication device detects whether the hardware architecture indicated by the hardware information is correct, that is, detects whether the hardware architecture indicated by the hardware information is consistent with the hardware architecture of the communication device. If the hardware configuration is consistent with the hardware configuration indicated by the hardware information, the hardware configuration indicated by the hardware information is correct; if not, the hardware structure indicated by the hardware information is incorrect.
The version information is used to indicate the version of the system update. The communication device detects whether the version indicated by the version information is correct, in fact whether the version indicated by the version information is higher than the current version of the system. If the version information is higher than the preset version information, the version indicated by the version information is correct; if not, the version indicated by the version information is wrong. For example, the current version of the system is 1.0.05 and the version indicated by the version information is 1.0.04, which is lower than the current version of the system, the communication device determines that the version is wrong.
When the magic word in the verification information is matched with the stored magic word, the hardware architecture indicated by the hardware information is correct, and the version indicated by the version information is correct, the communication equipment determines that the hot patch package is legal. When the magic word in the verification information is not matched with the stored magic word, or the hardware architecture indicated by the hardware information is incorrect, or the version indicated by the version information is incorrect, the communication equipment determines that the hot patch package is illegal, and rejects the updating.
It should be noted that, for the verification information and the verification of the validity of the hot patch package, the embodiment of the present application only shows one possible implementation manner. The verification information may also include other content used for validity verification, such as file type, file version information, hash values of file headers, hash values of file content, and so forth. This is not listed in the embodiments of the present application.
In another embodiment, the communication device also detects the number of hot patches. And when the number of the hot patch packages is larger than the preset number, rejecting the uploading of the hot patch packages. The preset number may be set according to practical experience, for example, the preset number is set to 5.
In addition, for the communication equipment in the dual-computer cluster or distributed environment, after determining that the hot patch package is legal, the communication equipment synchronizes the patch file in the hot patch package to the standby computer in the dual-computer cluster or the distributed service board card.
And step S12, determining the system process needing to be updated according to the patch file.
If the hot patch package is legal, the communication device can update the system according to the hot patch package. In order to update the system, the communication device needs to determine which system processes need to be updated for the update. Therefore, the communication device determines the system process that needs to be updated based on the patch file. Specifically, the communication device loads a directory file in the patch file, and determines a system process to be updated according to the correspondence recorded by the directory file. For example, the communication device parses the directory file, obtains the name of the system process in the directory file, and determines that the system process corresponding to the name is the system process that needs to be updated.
In another embodiment, the communication device may not update the system immediately after determining that the hot patch package is legitimate, but instead store the hot patch package. When the updating is needed, the hot patch package is decompressed, and the patch file is obtained for updating. Specifically, when the update is needed, the version information of the hot patch package is encapsulated into a first Inter-Process Communication (IPC) message through the WEB or a command line, and then sent to the monitoring Process. The first IPC message is used to instruct the monitoring process to start updating the system. Accordingly, after receiving the first IPC message, the monitoring process detects whether the version indicated by the version information is higher than the current version of the system. Further ensuring the safety of the update. And when the version indicated by the version information is higher than the current version of the system, decompressing the hot patch package by the monitoring process, reading the directory file in the patch file, and determining the system process needing to be updated. And when the version indicated by the version information is not higher than the current version of the system, the monitoring process refuses the updating.
And after the system process needing to be updated is determined, the communication equipment sends an updating signal to the system process needing to be updated through the monitoring process so as to trigger the system process needing to be updated. For example, a SIGUSR2 signal may be sent. The system processes of the communication device include a control plane process and a data plane process. The two are updated in different ways. When the system process is the control plane process, executing step S13; when the system process is a data plane process, step S14 is performed.
Optionally, before triggering the system process needing updating to update, the communication device may detect whether the system of the communication device is updating. If the updating is being carried out, the updating is cancelled; and if the update is not in progress, triggering the system process needing to be updated to update. Specifically, the monitoring process of the communication device detects the update status value. The update status value is 0 or 1. When the update state value is 0, the system is not updated; when the update status value is 1, it indicates that the system is updating. When the system process needing updating is triggered to update, the monitoring process sets the update state value to be 1.
And step S13, starting a timer, and updating the control plane process according to the patch file when the timer reaches a first preset time length.
And updating the system through hot patching, and requiring to keep the normal operation of the system. Therefore, when updating the control plane process, it is also required to ensure the normal operation of the control plane process. The control plane process relies on the stack of control plane processes when processing traffic associated with the control plane. To avoid updates affecting the security of the stack, stack problems such as stack overflow are caused. And when detecting an updating signal sent by the monitoring process, the communication equipment starts a timer through the control plane process. And when the timer reaches the first preset time length, updating the control plane process according to the patch file. The first preset duration can be set according to practical experience to ensure that updating is performed after the first preset duration without affecting the stack security of the control plane process. Through the timer, the control plane process is prevented from being updated immediately, and the stack safety of the control plane process can be guaranteed.
Optionally, the control plane process registers the signal processing function, and synchronously registers the patch processing callback function. When the control plane process detects an update signal, the registered signal processing function is called, and a timing is synchronously added to protect the security of the control plane process stack. And after the timer reaches a first preset time, calling the registered patch processing callback function for updating.
Optionally, the updating the control plane process comprises the sub-steps of:
and S13a, determining the updated shared library corresponding to the control plane process according to the directory file.
And S13b, loading the replacement function in the updated shared library corresponding to the control plane process to the memory.
S13c, determining a first memory address and a second memory address.
S13d, generate a first replacement command according to the first memory address and the second memory address.
And S13e, replacing the original function in the system file corresponding to the control plane process with a replacement function in the updated shared library.
Firstly, the communication device determines an update shared library corresponding to the control plane process according to the corresponding relation between each system process and each update shared library in the directory file. The update shared library has a function, namely a replacement function, which is modified by the control plane process in the update. And the communication equipment reads the replacement function from the updated shared library according to the position information of the replacement function recorded in the directory file in the updated shared library and loads the replacement function to the memory.
After loading, the communication device determines a first memory address and a second memory address. The first memory address refers to an address of a primitive function needing to be updated in the control plane process, which is loaded in the memory. The second memory address refers to an address of the memory where the replacement function in the updated shared library corresponding to the control plane process is loaded. The communication device calculates a relative distance between the first memory address and the second memory address according to the first memory address and the second memory address, and generates a first replacement instruction according to the relative distance. When the control plane process calls the original function in the memory, the called address is jumped from the first memory address to the second memory address according to the relative distance in the first replacing instruction. Therefore, in the updating process, the control plane process calls the original function to actually call the modified replacement function, so that the normal operation of the control plane process cannot be interrupted even if the original function is modified.
After the first replacement instruction is generated, the communication device only ensures that the control plane process can normally run and call the replacement function, but the original function of the system file is not modified. Therefore, the communication device modifies the read-write permission of the system file written with the original function, and the system file is allowed to be modified. And the communication equipment replaces the original function in the system file corresponding to the control plane process with the modified replacement function so as to complete the updating.
And step S14, setting the system process into an updating mode, and updating the system process according to the patch file.
The data plane processes are used to process and forward various types of data on various different ports of the communication device. In order to ensure that the system can normally operate during updating, the stack security of various data of the data plane is required to be ensured. Therefore, the communication device first sets the data plane process to the update mode. The data plane process in update mode no longer processes and forwards new data. And then, after the data plane process finishes processing and forwarding the received data, updating the data plane process according to the patch file. And after the updating is finished, removing the updating mode of the data plane process. The data plane process starts processing and forwarding new data. By setting the data plane process to be in an updating mode, the data plane process is ensured not to process and forward new data when updating is carried out, and therefore the stacking safety of the data plane is ensured.
Optionally, the data plane process registers a signal processing function and synchronously adds a patch processing callback function. The data plane process registers a model handling function. The data plane process is first set to an update mode for protecting the stack security of data associated with the data plane process. The data plane process firstly carries out the operation related to the data being processed by the data plane process, and synchronously carries out the operation related to updating after the operation is finished. And after the data plane process determines that the updating is finished, adding a timer. And after the timer is triggered, the updating mode is released, and normal service processing is carried out.
Optionally, the update data plane process comprises the sub-steps of:
and S13a, determining the update shared library corresponding to the data plane process according to the directory file.
And S13b, loading the replacement function in the updated shared library corresponding to the data plane process into the memory.
S13c, determining a third memory address and a fourth memory address.
S13d, generating a second replacement command according to the third memory address and the fourth memory address.
S13e, replacing the original function in the system file corresponding to the data plane process with a replacement function in the update shared library.
Firstly, the communication equipment determines an update shared library corresponding to the data plane process according to the corresponding relation between each system process and each update shared library in the directory file. The update shared library has a function modified by the data plane process in the update, namely a replacement function. And the communication equipment reads the replacement function from the updated shared library according to the position information of the replacement function recorded in the directory file in the updated shared library and loads the replacement function to the memory.
After loading, the communication device determines a third memory address and a fourth memory address. The third memory address refers to an address of a primitive function needing to be updated in the data plane process, which is loaded in the memory. The fourth memory address refers to an address of the memory where the replacement function in the update shared library corresponding to the data plane process is loaded. And the communication equipment calculates the relative distance between the third memory address and the fourth memory address according to the third memory address and the fourth memory address, and generates a second replacement instruction according to the relative distance. When the data plane process calls the original function in the memory, the called address is jumped from the third memory address to the fourth memory address according to the relative distance in the second replacing instruction. Therefore, in the updating process, the data plane process calls the original function to actually call the modified replacement function, so that the normal operation of the data plane process cannot be interrupted even if the original function is modified.
After the second replacement instruction is generated, the communication device modifies the read-write permission of the system file written with the original function, and the system file is allowed to be modified. And the communication equipment replaces the original function in the system file corresponding to the data plane process with the modified replacement function so as to complete the updating.
After the updating is completed, the communication equipment modifies the version information of the system version and adds a configuration file related to the system restart.
Note that, regardless of whether the control plane process is updated in step S13 or the data plane process is updated in step S14, the system process is updated. The two processes are different just in preprocessing before updating, and the specific updating mode is the same.
In another embodiment, the system process requiring an update includes a restart process that needs to be stopped to perform the update. And for the restarting process, the communication equipment reads the updating script file in the patch file, executes the script in the updating script file, and modifies and backups the original function needing to be updated in the restarting process. And after the updating is completed, sending a restart signal to restart the restart process. For example, a kill signal is sent. In addition, when the script file is updated to include the text modification record, the communication device modifies and updates the text file in the system file according to the text modification record when executing the script.
In the embodiment of the application, the communication equipment checks the legality of the hot patch package through the checking information in the hot patch package to ensure that the files and data in the hot patch package used for updating are legal and safe; moreover, when the control plane process is updated, the communication equipment ensures the stack security of the process through a timer; when the data plane process is updated, the stack security of the data is ensured by setting the data plane process to be in an updating mode. Since the security of the file, data, and stack is ensured, the security of the system can be improved at the time of update.
In some embodiments of the present application, the communication device further supports offloading operations of the update patch. The unloading of the patch is actually rolling back the content modified in the update to recover the content before the update. Therefore, in order to achieve the uninstallation of the patch, the communication device needs to record the modified primitive functions in each system process before updating. Specifically, in the updating process, the communication device backs up the original function in the system file corresponding to the system process to be modified, and generates a rollback file.
The method of uninstalling the patch is similar to the update method shown in fig. 1 described above. Specifically, as shown in fig. 3, the method of uninstalling a patch includes the following steps.
And step S30, determining the system process needing to be rolled back according to the directory file.
To offload a patch, the communication device needs to determine which system processes are updated. Therefore, the communication device determines the system process to complete the update based on the patch file. In the process of unloading the patch, the system process needing to be rolled back is the system process needing to be updated when the system is updated.
Specifically, the communication device loads a directory file in the patch file, and determines a system process for completing updating according to the patch file according to the correspondence recorded by the directory file.
Optionally, when the patch needs to be uninstalled, the version information of the hot patch package needing to be uninstalled is packaged into a second IPC message through the WEB or a command line, and then sent to the monitoring process. The second IPC message is used to instruct the monitoring process to uninstall the patch. Correspondingly, after receiving the second IPC message, the monitoring process detects whether the version indicated by the version information is consistent with the current version of the system. When the version indicated by the version information is consistent with the current version of the system, the monitoring process decompresses the hot patch package, reads the directory file in the patch file, and determines the system process needing to be rolled back. And when the version indicated by the version information is inconsistent with the current version of the system, the monitoring process refuses the unloading.
And after the system process needing to be rolled back is determined, the communication equipment sends a roll-back signal to the system process needing to be rolled back through the monitoring process so as to trigger the system process needing to be rolled back to carry out roll-back operation. When the system process is the control plane process, executing step S31; when the system process is the data plane process, step S32 is performed.
Optionally, the communication device may also detect whether the system of the communication device is updating before triggering the system process that needs to be rolled back to perform the roll back operation. If the update is being carried out, the unloading is cancelled; and if the system is not updated, triggering the system process needing rollback to perform rollback operation. Specifically, the monitoring process of the communication device detects the update status value. When the update state value is 0, the system is not updated; when the update status value is 1, it indicates that the system is updating.
And step S31, starting a timer, and rolling back the control plane process according to the rollback file when the timer reaches a first preset time length.
As with system updates, the normal operation of the control plane is also required to be guaranteed when rolling back the control plane process. Therefore, when detecting the rollback signal sent by the monitoring process, the communication device also starts the timer through the control plane process. And when the timer reaches the first preset duration, rolling back the control plane process according to the rollback file. By the timer, the rollback operation of the control plane process is avoided immediately, and the stack safety of the control plane process can be guaranteed.
Specifically, the communication device reads the primitive function of the control plane process written in the rollback file, and loads the primitive function to the memory. After loading, the communication device determines a first memory address and a second memory address. And the communication equipment calculates the relative distance between the first memory address and the second memory address according to the first memory address and the second memory address, and generates a third replacement instruction according to the relative distance. When the control plane process calls the replacement function in the memory, the called address is jumped from the second memory address to the first memory address according to the relative distance in the third replacement instruction. Therefore, in the updating process, the control plane process calls the updated replacement function to actually call the original function before updating, so that the normal operation of the control plane process cannot be interrupted when the rollback operation is carried out.
After the third replacement instruction is generated, the communication device modifies the read-write permission of the system file written with the replacement function, and the system file is allowed to be modified. And the communication equipment modifies the replacement function in the system file after the control plane process is updated into the original function, thereby finishing the rollback operation of the control plane process and finishing the unloading of the patch.
And step S32, setting the data plane process to be in an updating mode, and rolling back the data plane process according to the rollback file.
As in the case of system update, the stack security of data in the data plane is also guaranteed when the data plane process is rolled back. Therefore, the communication device first sets the data plane process to the update mode. And then, after the data plane process finishes processing and forwarding the received data, rolling back the data plane process according to the rollback file. And after the rollback is finished, removing the updating mode of the data plane process. The data plane process starts processing and forwarding new data. By setting the data plane process to be in an updating mode, the data plane process is ensured not to process and forward new data when rollback operation is carried out, and therefore stacking safety of various data of the data plane is ensured.
Specifically, the communication device reads the primitive function of the data plane process written in the rollback file, and loads the primitive function to the memory. After loading, the communication device determines a third memory address and a fourth memory address. And the communication equipment calculates the relative distance between the third memory address and the fourth memory address according to the third memory address and the fourth memory address, and generates a fourth replacement instruction according to the relative distance. When the data plane process calls the replacement function in the memory, the called address is jumped from the fourth memory address to the third memory address according to the relative distance in the fourth replacement instruction. Therefore, in the updating process, the data plane process calls the updated replacement function to actually call the original function before updating, so that the normal operation of the data plane process cannot be interrupted when the rollback operation is carried out.
After the fourth replacement instruction is generated, the communication device modifies the read-write permission of the system file written with the replacement function, and the system file is allowed to be modified. And the communication equipment modifies the replacement function in the system file after the data plane process is updated into the original function, thereby finishing the rollback operation of the data plane process and finishing the unloading of the patch.
In another embodiment, the system process requiring rollback includes the restart process described above. And for the restarting process, the communication equipment reads the updated rollback file in the patch file, executes the script in the rollback script file, and performs rollback operation on the original function needing to be rolled back in the restarting process. And after the rollback operation is completed, sending a restart signal to restart the restart process. In addition, when the rollback script file comprises the text modification record, when the communication equipment executes the script, the rollback operation is carried out on the text file in the system file according to the text modification record, and the text file is restored to the state before updating.
After the patch is uninstalled, the communication device restores the version information of the system version to the version information before updating, and deletes the configuration file and the temporary file generated when the system is updated by using the hot patch package.
In other embodiments of the present application, the communication device may delete the hot patch package after the update is complete, or after the patch is uninstalled. Specifically, the WEB or the command line encapsulates the version information of the hot patch package into a third IPC message, and then sends the third IPC message to the monitoring process. And after receiving the third IPC message, the monitoring process detects whether the system of the communication equipment is updated or not through the update state value. If the update is being performed, deleting the update; if not, detecting whether a patch file in a hot patch package corresponding to the version information in the third IPC message is loaded in the internal memory; if yes, deleting is cancelled; and if not, deleting the corresponding hot patch package.
It should be noted that, in the above method example, if the communication device is a dual-computer cluster or a device in a distributed environment, the communication device may synchronously instruct a standby computer in the dual-computer cluster or perform the same operation regardless of updating a system process, unloading a patch, or deleting a hot patch packet.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the apparatus of the present application, reference is made to the embodiments of the method of the present application.
FIG. 4 is a block diagram illustrating a hot patch based system update apparatus in accordance with an exemplary embodiment. The device has the functions of realizing the method examples, and the functions can be realized by hardware or by hardware executing corresponding software. The apparatus may include: an acquisition module 401, a verification module 402 and an update module 403.
The obtaining module 401 is configured to obtain a hot patch package, where the hot patch package includes verification information and a patch file used for system update.
A checking module 402, configured to check validity of the hot patch package according to the checking information;
an updating module 403, configured to determine, according to the patch file, a system process that needs to be updated if the hot patch package is legal.
The update module 403 is further configured to: when the system process needing to be updated is a control plane process, starting a timer, and updating the control plane process according to the patch file after the timer reaches a first preset time; when the system process needing to be updated is a data plane process, setting the data plane process as an updating mode, and updating the data plane process according to the patch file; the update mode refers to a mode in which the data plane process stops processing and forwarding data.
In the device provided by the embodiment of the application, the communication equipment checks the legality of the hot patch package through the checking information in the hot patch package to ensure that the files and data in the hot patch package used for updating are legal and safe; moreover, when the control plane process is updated, the communication equipment ensures the stack security of the process through a timer; when the data plane process is updated, the stack security of the data is ensured by setting the data plane process to be in an updating mode. Since the security of the file, data, and stack is ensured, the security of the system can be improved at the time of update.
Optionally, the check information includes a magic word, hardware information and version information, the hardware information is used to indicate a hardware architecture to which the hot patch package is applicable, and the version information is used to indicate a version of system update.
The verification module 402 is specifically configured to:
detecting whether a magic word in the check information is matched with a stored magic word, whether a hardware architecture indicated by the hardware information is correct, and whether a version indicated by the version information is correct; and when the magic word in the verification information is matched with the stored magic word, the hardware architecture indicated by the hardware information is correct, and the version indicated by the version information is correct, determining that the hot patch package is legal.
Optionally, the patch file includes: and the directory file and the update shared library corresponding to each system process needing to be updated. And the update shared library comprises a replacement function required by the corresponding system process update. The directory file comprises corresponding relations among all system processes needing to be updated, all update shared libraries and all replacement functions, and position information of the replacement functions in the update shared libraries.
Optionally, the updating module 403 is specifically configured to: determining an updated shared library corresponding to the control plane process according to the directory file; loading a replacement function in the updated shared library corresponding to the control plane process to a memory; determining a first memory address and a second memory address, wherein the first memory address refers to an address of an original function needing to be updated in the control plane process in a memory, and the second memory address refers to an address of a replacement function in an update shared library corresponding to the control plane process in the memory; generating a first replacement instruction according to the first memory address and the second memory address, wherein the first replacement instruction is used for indicating an address when the control plane process calls an original function, and the first memory address is replaced by the second memory address; and replacing the original function in the system file corresponding to the control plane process with a corresponding replacement function in the updated shared library.
Optionally, the updating module 403 is specifically configured to: determining an updated shared library corresponding to the data plane process according to the directory file; loading a replacement function in the updated shared library corresponding to the data plane process to a memory; determining a third memory address and a fourth memory address, wherein the third memory address refers to an address of an original function to be updated in the data plane process in the memory, and the fourth memory address refers to an address of a replacement function in an update shared library corresponding to the data plane process in the memory; generating a second replacement instruction according to the third memory address and the fourth memory address, wherein the second replacement instruction is used for indicating an address of the data plane process when the original function is to be called, and the third memory address is replaced by the fourth memory address; and replacing the original function in the system file corresponding to the data plane process with a corresponding replacement function in the update shared library.
Optionally, the apparatus further comprises: and a backup module. And the backup module is used for generating a rollback file, and the rollback file is used for backing up the original function in the system file corresponding to the system process needing to be modified.
Optionally, the apparatus further comprises: and unloading the module. The uninstalling module is used for determining the system process needing rollback according to the patch file; when the system process needing to be rolled back is a control plane process, starting the timer, and rolling back the control plane process according to the rollback file after the timer reaches the first preset time length; and when the system process needing to be rolled back is a data plane process, setting the data plane process to be in the updating mode, and rolling back the data plane process according to the rollback file.
In specific implementation, the present application further provides a computer storage medium, where the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments of the method provided in the present application when executed. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
Those skilled in the art will clearly understand that the techniques in the embodiments of the present application may be implemented by way of software plus a required general hardware platform. Based on such understanding, the technical solutions in the embodiments of the present application may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present application.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (8)
1. A method for hot patch based system update, the method comprising:
acquiring a hot patch package, wherein the hot patch package comprises verification information and a patch file for updating a system;
verifying the validity of the hot patch package according to the verification information;
if the hot patch is legal, determining a system process needing to be updated according to the patch file;
if the system process needing to be updated is a control plane process, starting a timer, and updating the control plane process according to the patch file when the timer reaches a first preset time length;
if the system process needing to be updated is a data plane process, setting the data plane process as an updating mode, and updating the data plane process according to the patch file; the update mode refers to a mode in which the data plane process stops processing and forwarding data.
2. The method of claim 1, wherein the verification information comprises a magic word, hardware information and version information, wherein the hardware information is used for indicating a hardware architecture to which the hot patch package is applicable, and wherein the version information is used for indicating a version of a system update;
the verifying the validity of the hot patch package according to the verification information comprises:
detecting whether a magic word in the check information is matched with a stored magic word, whether a hardware architecture indicated by the hardware information is correct, and whether a version indicated by the version information is correct;
and if the magic word in the verification information is matched with the stored magic word, the hardware architecture indicated by the hardware information is correct, and the version indicated by the version information is correct, determining that the hot patch package is legal.
3. The method of claim 1, wherein the patch file comprises: the directory file and the update shared library corresponding to each system process needing to be updated;
the updating shared library comprises a replacement function required by the corresponding system process updating;
the directory file comprises corresponding relations among all system processes needing to be updated, all update shared libraries and all replacement functions, and position information of the replacement functions in the update shared libraries.
4. The method of claim 3, wherein updating the control plane process comprises:
determining an updated shared library corresponding to the control plane process according to the directory file;
loading a replacement function in the updated shared library corresponding to the control plane process to a memory;
determining a first memory address and a second memory address, wherein the first memory address refers to an address of an original function needing to be updated in the control plane process in a memory, and the second memory address refers to an address of a replacement function in an update shared library corresponding to the control plane process in the memory;
generating a first replacement instruction according to the first memory address and the second memory address, wherein the first replacement instruction is used for indicating an address when the control plane process calls an original function, and the first memory address is replaced by the second memory address;
and replacing the original function in the system file corresponding to the control plane process with a corresponding replacement function in the updated shared library.
5. The method of claim 3, wherein updating the data plane process comprises:
determining an updated shared library corresponding to the data plane process according to the directory file;
loading a replacement function in the updated shared library corresponding to the data plane process to a memory;
determining a third memory address and a fourth memory address, wherein the third memory address refers to an address of an original function to be updated in the data plane process in the memory, and the fourth memory address refers to an address of a replacement function in an update shared library corresponding to the data plane process in the memory;
generating a second replacement instruction according to the third memory address and the fourth memory address, wherein the second replacement instruction is used for indicating an address of the data plane process when the original function is to be called, and the third memory address is replaced by the fourth memory address;
and replacing the original function in the system file corresponding to the data plane process with a corresponding replacement function in the update shared library.
6. The method of claim 1, further comprising:
and generating a rollback file, wherein the rollback file is used for backing up the original function in the system file corresponding to the system process needing to be updated.
7. The method of claim 6, wherein after generating the rollback file, further comprising:
determining a system process needing rollback according to the patch file;
if the system process needing to be rolled back is a control plane process, starting the timer, and rolling back the control plane process according to the rollback file when the timer reaches the first preset time length;
and if the system process needing to be rolled back is the data plane process, setting the data plane process as the updating mode, and rolling back the data plane process according to the rollback file.
8. A hot-patch based system update apparatus, the apparatus comprising:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a hot patch package, and the hot patch package comprises verification information and a patch file for system updating;
the verification module is used for verifying the validity of the hot patch package according to the verification information;
the updating module is used for determining the system process needing to be updated according to the patch file when the hot patch package is legal;
the update module is further configured to: when the system process needing to be updated is a control plane process, starting a timer, and updating the control plane process according to the patch file after the timer reaches a first preset time; when the system process needing to be updated is a data plane process, setting the data plane process as an updating mode, and updating the data plane process according to the patch file; the update mode refers to a mode in which the data plane process stops processing and forwarding data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811637628.7A CN109491698B (en) | 2018-12-29 | 2018-12-29 | System updating method and device based on hot patch |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811637628.7A CN109491698B (en) | 2018-12-29 | 2018-12-29 | System updating method and device based on hot patch |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109491698A CN109491698A (en) | 2019-03-19 |
| CN109491698B true CN109491698B (en) | 2022-07-08 |
Family
ID=65713436
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811637628.7A Active CN109491698B (en) | 2018-12-29 | 2018-12-29 | System updating method and device based on hot patch |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109491698B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110543322A (en) * | 2019-07-19 | 2019-12-06 | 浪潮思科网络科技有限公司 | hot patching method and device for Loongson platform |
| CN111158735B (en) * | 2019-12-05 | 2023-03-31 | 青岛海信移动通信技术股份有限公司 | Hot patch file processing method and communication terminal |
| CN111522615B (en) * | 2020-04-23 | 2023-08-15 | 深圳赛安特技术服务有限公司 | Method, device, equipment and storage medium for updating command line interface |
| CN112463198B (en) * | 2020-12-09 | 2021-06-22 | 深圳智药科技有限公司 | Updating method and system based on Electron |
| CN112685063B (en) * | 2020-12-30 | 2023-11-28 | 北京天融信网络安全技术有限公司 | Feature library updating method, device, network equipment and readable storage medium |
| CN112631632B (en) * | 2020-12-30 | 2024-03-12 | 北京天融信网络安全技术有限公司 | System upgrade method, framework, electronic device and readable storage medium |
| CN113110864B (en) * | 2021-03-19 | 2023-01-20 | 深圳市腾讯网络信息技术有限公司 | Application program updating method and device and storage medium |
| CN113342376B (en) * | 2021-06-23 | 2022-08-30 | 支付宝(杭州)信息技术有限公司 | Method and device for upgrading operating system of Internet of things equipment |
| CN113885921A (en) * | 2021-11-09 | 2022-01-04 | 南京慧尔视智能科技有限公司 | Method and equipment for updating embedded system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1475909A (en) * | 2002-08-16 | 2004-02-18 | 华为技术有限公司 | realization of isertion type system soft ware patch and control method |
| CN104239082A (en) * | 2013-06-20 | 2014-12-24 | 上海博达数据通信有限公司 | Hot patching implementation method of embedded system |
| US9335986B1 (en) * | 2013-12-11 | 2016-05-10 | Amazon Technologies, Inc. | Hot patching to update program code and/or variables using a separate processor |
| CN106502763A (en) * | 2016-11-01 | 2017-03-15 | 上海优刻得信息科技有限公司 | A kind of Oftware updating method and device |
| CN107766069A (en) * | 2017-10-17 | 2018-03-06 | 安徽皖通邮电股份有限公司 | A kind of embedded system hot patch implementation method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8706834B2 (en) * | 2011-06-30 | 2014-04-22 | Amazon Technologies, Inc. | Methods and apparatus for remotely updating executing processes |
| CN103916277B (en) * | 2014-04-11 | 2017-07-04 | 新华三技术有限公司 | The method and apparatus that realization does not interrupt forwarding service when restarting |
| US9569199B2 (en) * | 2015-01-22 | 2017-02-14 | Futurewei Technologies, Inc. | Systems and methods to update source code files |
| US10031763B1 (en) * | 2015-08-24 | 2018-07-24 | Amazon Technologies, Inc. | Network switch recovery after reboot |
| CN108712298B (en) * | 2018-08-28 | 2021-08-13 | 深信服科技股份有限公司 | Network equipment upgrading method and device, network equipment and storage medium |
-
2018
- 2018-12-29 CN CN201811637628.7A patent/CN109491698B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1475909A (en) * | 2002-08-16 | 2004-02-18 | 华为技术有限公司 | realization of isertion type system soft ware patch and control method |
| CN104239082A (en) * | 2013-06-20 | 2014-12-24 | 上海博达数据通信有限公司 | Hot patching implementation method of embedded system |
| US9335986B1 (en) * | 2013-12-11 | 2016-05-10 | Amazon Technologies, Inc. | Hot patching to update program code and/or variables using a separate processor |
| CN106502763A (en) * | 2016-11-01 | 2017-03-15 | 上海优刻得信息科技有限公司 | A kind of Oftware updating method and device |
| CN107766069A (en) * | 2017-10-17 | 2018-03-06 | 安徽皖通邮电股份有限公司 | A kind of embedded system hot patch implementation method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109491698A (en) | 2019-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109491698B (en) | System updating method and device based on hot patch | |
| CN104679534B (en) | System application installation package loading processing method, apparatus and terminal | |
| WO2017067448A1 (en) | Firmware-over-the-air upgrade method, system and computer storage medium | |
| US8107945B2 (en) | Wireless device remote recovery | |
| CN101383724B (en) | Network updating method and operation maintaining element, and network element updating system | |
| CN107783776B (en) | Processing method and device of firmware upgrade package and electronic equipment | |
| CN106775610B (en) | Electronic equipment starting method and electronic equipment | |
| TWI533216B (en) | Operating system updating method | |
| CN104484240B (en) | Terminal data storage method and device | |
| CN109753301A (en) | Application system dispositions method, device, storage medium and electronic equipment | |
| CN101826026A (en) | Embedded equipment and on-line updating system and method of firmware in embedded equipment | |
| CN106815049B (en) | Method and device for upgrading feature library | |
| CN114417335A (en) | Malicious file detection method and device, electronic equipment and storage medium | |
| CN112463191A (en) | File updating method and device, equipment and storage medium | |
| CN111158719B (en) | Application software upgrading method and device | |
| CN112416406A (en) | Terminal equipment upgrading method and device, terminal equipment and medium | |
| CN104918114A (en) | Method and device for upgrading operation system | |
| CN107643898A (en) | Terminal staging method and device | |
| CN105786636B (en) | A kind of system repair and device | |
| WO2017198156A1 (en) | Service deployment method, apparatus and system | |
| CN114356855A (en) | File management method, file management device, electronic device and readable storage medium | |
| CN109471799B (en) | Method, device, storage medium and terminal for deploying demand environment | |
| CN117056115B (en) | Application program repairing method and device, storage medium and electronic equipment | |
| CN106022125B (en) | A kind of restorative procedure and device of client | |
| CN114090055A (en) | Application program updating method and device, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230414 Address after: 100120 room c0310, building 6, No.3, Dongbinhe Road, Deshengmen, Xicheng District, Beijing Patentee after: BEIJING ABT NETWORKS CO.,LTD. Address before: 430070 No.01, 2 / F, building A4, financial port backstage service center phase I, 77 Guanggu Avenue, Donghu New Technology Development Zone, Wuhan City, Hubei Province Patentee before: WUHAN SIPULING TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |