EFFICIENT STORAGE AND TRANSFER OF iOS BINARY FILES
US-2017046134-A1 · Feb 16, 2017 · US
Binary suppression and modification for software upgrades
US10664262B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10664262-B2 |
| Application number | US-201715690182-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 29, 2017 |
| Priority date | Aug 29, 2017 |
| Publication date | May 26, 2020 |
| Grant date | May 26, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A remote security system may generate multiple different binary programs for corresponding operating system (OS) kernel versions that are to receive a software upgrade. A suppression process may then compare code in the code sections between pairs of binary programs, and may also compare the data in the data sections between the pairs of binary programs to identify subsets of “identical” binaries. The remote security system may send a representative binary (while suppressing the remaining binaries in a subset of identical binaries) to host computing devices that run different OS kernel versions. On the receiving end, a host computing device that runs a particular OS kernel version may receive a binary program, and prior to loading the binary program, modify the binary program to render the binary loadable by (or compatible with) the particular OS kernel version running on the host computing device.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: generating a first binary program for a first operating system (OS) kernel version; generating a second binary program for a second OS kernel version, wherein each of the first binary program and the second binary program: is associated with a software upgrade, and includes a code section and a data section; determining that first code in the code section of the first binary program matches second code in the code section of the second binary program; determining that at least a portion of first data in the data section of the first binary program matches at least a portion of second data in the data section of the second binary program; in response to determining (i) that the first code matches the second code and (ii) that at least the portion of the first data matches at least the portion of the second data, sending the first binary program, and not the second binary program, to: a first host computing device that runs the first OS kernel version, and a second host computing device that runs the second OS kernel version; and providing the first host computing device and the second host computing device access to binary modification information, wherein the binary modification information comprises: a first mapping between the first binary program and the first OS kernel version, the first mapping having no associated modifications; and a second mapping between the first binary program and the second OS kernel version, the second mapping having associated therewith one or more modifications to be applied to the first binary program to render the first binary program loadable by the second OS kernel version, wherein the one or more modifications associated with the second mapping include a modification to overwrite identification data in the first binary program with different identification data, the different identification data being compatible with the second OS kernel version. 2. The method of claim 1 , wherein: the software upgrade is an upgrade of security agent software; the first binary program includes a first driver corresponding to the upgrade of the security agent software, the first driver configured to execute on host computing devices that run the first OS kernel version; and the second binary program includes a second driver corresponding to the upgrade of the security agent software, the second driver configured to execute on host computing devices that run the second OS kernel version. 3. The method of claim 1 , wherein the different identification data comprises a cyclic redundancy check (CRC) that is (i) uniquely associated with the second OS kernel version and (ii) authenticated by the second OS kernel version before the second OS kernel version loads any binary program. 4. The method of claim 1 , further comprising: categorizing the first binary program and the second binary program in a group of identical binaries; and selecting the first binary program as a representative binary for the group of identical binaries. 5. A method comprising: receiving a binary program at a host computing device that runs a particular operating system (OS) kernel version, the binary program being associated with a software upgrade for the host computing device; prior to loading the binary program: accessing binary modification information; determining, based at least in part on the binary modification information, one or more modifications to be applied to the binary program to render the binary program loadable by the particular OS kernel version; and applying the one or more modifications to the binary program to obtain a modified binary program, wherein the applying of the one or more modifications comprises: loading the binary program into memory of the host computing device; and modifying the binary program to include identification data that is compatible with the particular OS kernel version by overwriting, in the memory, original identification data included in the binary program with the identification data; loading the modified binary program by the particular OS kernel version. 6. The method of claim 5 , wherein the binary program: corresponds to a different OS kernel version than the particular OS kernel version; and includes code and data that match code and data included in a second binary program that corresponds to the particular OS kernel version. 7. The method of claim 5 , wherein the identification data comprises a cyclic redundancy check (CRC) that is uniquely associated with the particular OS kernel version, the method further comprising, prior to the loading of the modified binary program, authenticating, by the particular OS kernel version, the CRC. 8. The method of claim 5 , wherein: the software upgrade is an upgrade of security agent software; and the binary program includes a driver corresponding to the upgrade of the security agent software, the driver configured to execute on host computing devices that run a different OS kernel version than the particular OS kernel version. 9. The method of claim 5 , wherein the particular OS kernel version represents a version of a Linux OS. 10. The method of claim 5 , wherein the software upgrade is an upgrade of security agent software for a security agent installed on the host computing device, the security agent configured to observe events, and at least one of: determine one or more actions to take based on the events; or send the events to a remote security system. 11. The method of claim 5 , wherein the binary modification information comprises: a first mapping between the binary program and a different OS kernel version than the particular OS kernel version, the first mapping having no associated modifications; and a second mapping between the binary program and the particular OS kernel version, the second mapping having associated therewith a modification to overwrite the original identification data in the binary program with the identification data. 12. A system comprising: one or more processors; and memory storing computer-executable instruction that, when executed by the one or more processors, cause the system to: generate a first binary program for a first operating system (OS) kernel version; generate a second binary program for a second OS kernel version, wherein each of the first binary program and the second binary program: is associated with a software upgrade, and includes a code section and a data section; determine that first code in the code section of the first binary program matches second code in the code section of the second binary program; determine that at least a portion of first data in the data section of the first binary program matches at least a portion of second data in the data section of the second binary program; in response to determining (i) that the first code matches the second code and (ii) that at least the portion of the first data matches at least the portion of the second data, send the first binary program, and not the second binary program, to: a first host computing device that runs the first OS kernel version, and a second host computing device that runs the second OS kernel version; and provide the first host computing device and the second host computing device access to binary modification information, wherein the binary modification information comprises: a first mapping between the first binary program and the first OS kernel version, the first mapping having no associated modifications; and a second mapping between the first binary program and the second OS kernel version, the second mapping having associated therewith one or mo
Assignees
Inventors
Classifications
Code layout in executable memory · CPC title
- G06F8/65Primary
Updates (security arrangements therefor G06F21/57) · CPC title
Version control (security arrangements therefor G06F21/57); Configuration management · CPC title
Program code verification, e.g. Java bytecode verification, proof-carrying code (high-level semantic checks G06F8/43; prevention of errors by analysis, debugging or testing of software G06F11/36) · CPC title
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10664262B2 cover?
- A remote security system may generate multiple different binary programs for corresponding operating system (OS) kernel versions that are to receive a software upgrade. A suppression process may then compare code in the code sections between pairs of binary programs, and may also compare the data in the data sections between the pairs of binary programs to identify subsets of “identical” binari…
- Who is the assignee on this patent?
- Crowdstrike Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F8/65. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 26 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).