1. Field of the Invention
The present invention relates to a relocation technique for relocating address information in a program when loading program codes executed on a computer system into a memory, and more particularly to a relocation technique for optimally relocating, during execution, execution program codes partially including encoded code portions and configured so as not to be decoded until their execution is required.
More particularly, the present invention relates to a relocation technique which enables programs including encoded code portions and configured so as not to be decoded until their execution is required to be generated using general purpose compilers.
2. Description of the Prior Art
With recent developments in technical innovation, various types of information processing apparatuses such as workstations and general purpose computers (PC) are being developed and are put on the market. The basic structures of such information processing apparatuses are a processor and a main memory. That is, the processor executes program codes loaded into the main memory and writes the work data to a work area of the main memory. The processor generally executes various types of program codes under control of an operating system (OS).
One of methods of deciding locations or memory addresses on the main memory into which the program codes are loaded is absolute addressing. The absolute addressing uniquely decides memory addresses in a certain unit such as hardware, process, and job. When programs using the absolute addressing are started, if the programs cannot be allocated to intended addresses, the rewriting or relocation of address information in the programs is required. Some operating systems mandatorily perform relocation each time a program is started, without in advance deciding program allocation addresses.
On the other hand, relative addressing (also referred to as PC relative addressing or the like) is available as a method of specifying memory addresses. The relative addressing specifies memory addresses by differences from the address of an instruction currently being executed. Use of the relative addressing eliminates the need to specify absolute addresses to transfer execution control to specific addresses or access memory contents stored at specific address. Therefore, program codes represented by the relative addressing can be executed without performing relocation processing even if they are allocated to any memory addresses, so that the relocation processing is not required as a rule. In a word, start processing can be eased. Therefore, some operating systems assume that program codes are represented by relative addresses.
There is a recent trend toward compressing program codes to reduce a storage capacity necessary to store programs, encrypting program codes to prevent illegal use by analysis and tampering, or encoding program codes for other purposes.
Where an entire program is collectively encoded, if processing is left to a loader of an operating system after program codes have been temporarily decoded during program execution, normal execution of the program can be guaranteed.
On the other hand, some techniques apply encoding not to an entire program but to only part thereof. For example, for a large program size, if the entire program were compressed, a long time would be required for decompression processing at start time. Therefore, the program is compressed only partially and decompressed for execution as required after start. This makes the start of the program faster, compared with the method of compressing the entire program. Also, this method has the advantage that total processing time is reduced, since compressed portions need not be decompressed if they need not be executed. Alternatively, by partially encrypting programs and configuring them so that encrypted portions are not decoded until their execution is actually required, illegal use of the programs by analysis and tampering can be satisfactorily prevented.
However, some types of operating systems disable the rewriting of execution program codes during execution for the following reason.
1. Recently, computer viruses cause a big public concern. Some types of computer viruses cause infection upon rewriting of program codes during program execution. To prevent the infection of such types of viruses, the rewriting of program codes during execution is inhibited.
2. When a single program is started more than once, in terns of use efficiency of computer resources such as memory, it is desirable to share single program codes among programs individually started. On the assumption that programs are rewritten during execution, for example, while one program is performing rewriting, if another program initiates rewriting, program mismatch would occur and a facility for preventing the mismatch would be very complicated, with the result that the processing efficiency of the operating system is reduced. Accordingly, the inhibition of rewriting during program execution eliminates provisions for such mismatch and simplifies the mechanism of the operating system.
In other words, there is the problem that, in a type of operating system inhibiting the rewriting of program codes during execution, programs cannot be configured so that they are partially compressed or encrypted and are decompressed or decoded as required during execution.
On the other hand, several operating systems provide system call functions for executing instruction code strings generated on a data area, that is, for changing the attributes of a memory area (readable, writable, executable, etc.) or maintaining compatibility with CPU cache. Win32 API supported by the Microsoft""s operating system Windows provides VirtualProtect() and FinishInstructionCache() system call functions, the United States Apple Computer""s operating system MacOS provides a MakeDataExecutable() system call function, and UNIX family operating system Linux provides an mprotect() system call function. Use of these functions makes it possible to execute instruction code strings in a data area. Since the data area can be freely modified during execution, as an area for decoding an encoded code area, it may be allocated in a data memory area different from a program code area so that decoding is performed within the area and decoded codes are executed within the area.
However, if a code area to be encoded contains an instruction to transfer execution control to a specific address outside the code area or to access memory contents stored at a specific address, since address information of the instruction code is represented by a value (difference) relative to a calling destination or memory reference destination, an address change in the code area entails a change in relative address information, so that normal execution would be disabled without some processing.
In short, in execution programs including encoded code portions and configured so as not to be decoded until their execution is required, if a code area to be encoded contains an instruction to transfer execution control to a specific address outside the code area or to access memory contents sorted at a specific address, with techniques having been heretofore disclosed, satisfactory execution is impossible on operating systems inhibiting the rewriting of a program code area.
Furthermore, programs having such a function, even if implemented, could not be generated by conventional general purpose compilers. In other words, to generate such programs requires the designing of a special compiler, leading to enormous costs.
The present invention provides a technique that enables execution programs including encoded code portions and configured so as not to be decoded until their execution is required to be satisfactorily executed even on operating systems inhibiting the rewriting of a program code area.
The present invention provides programs that are partially encoded on an operating system inhibiting the rewriting of a program code area and can be normally executed with the encoded portions decoded after the programs are started.
The present invention provides a technique that enables programs including encoded code portions and configured so as not to be decoded until their execution is required to be generated using a general purpose compiler.
The present invention has been made in view of the above problems, and a first aspect of the present invention is a method for generating an execution program of a type that includes the encoding target codes to be encoded in part of program codes thereof, the method including the steps of: (a) encoding the encoding target codes; (b) allocating a memory area for decoding the encoded encoding target codes and providing a decoding execution code portion for decoding the encoded encoding target codes in the allocated area to the execution program; and (c) providing a relocation execution code portion for performing relocation processing for the decoded encoding target codes to the execution program.
A second aspect of the present invention is a method for generating an execution program of a type that includes the encoding target codes to be encoded in part of program codes thereof, the method including the steps of:
(a) generating relocation information of the encoding target codes;
(b) encoding the encoding target codes;
(c) providing a decoding execution code portion for allocating a memory area for decoding the encoded encoding target codes and decoding the encoded encoding target codes in the allocated area to the execution program; and
(d) providing a relocation execution code portion for performing relocation processing for the decoded encoding target codes using the generated relocation information to the execution program.
In the execution program generation method according to the first or second aspect of the present invention, the encoding may be compression processing and the decoding may be decompression processing for compressed data. Or the encoding may be encryption processing and the decoding may be decryption processing for encrypted data.
A third aspect of the present invention is a method for generating an execution program of a type that includes the encoding target codes to be subjected to compression processing in part of an execution code section thereof, the method including the steps of: (a) compressing the encoding target codes; (b) forwardly shifting the area of the execution code section and following sections by the size of a space vacated by compressing the encoding target codes; (c) allocating a memory area for decompressing the compressed encoding target codes and providing a decoding execution code portion for decompressing the compressed encoding target codes in the allocated area to the execution program; and (d) inserting a relocation execution code portion for relocating the decoded encoding target codes to the execution code section.
A fourth aspect of the present invention is a method for generating an execution program of a type that includes the encoding target codes to be subjected to compression processing in part of an execution code section thereof, the method including the steps of: (a) generating relocation information of the encoding target codes; (b) compressing the encoding target codes; (c) forwardly shifting the area of the execution code section and following sections by the size of an area vacated by compressing the encoding target codes; (d) allocating a memory area for decompressing the compressed encoding target codes and providing a decoding execution code portion for decompressing the compressed encoding target codes in the allocated area to the execution program; and (e) inserting a relocation execution code portion for relocating the decoded encoding target codes using the generated relocation information to the execution code section.
In the execution program generation methods according to the first, second, third, and fourth aspects of the present invention, the decoding execution code portion and the relocation execution code portion may be applied to the encoding target codes at the first execution of the encoding target codes after the execution program is loaded into the memory.
A fifth aspect of the present invention is an apparatus that generates an execution program of a type that includes the encoding target codes to be encoded in part of program codes thereof, the apparatus including: (a) a compiler for translating coded source program codes of high-level language format into object program codes; (b) an encoding target code detection unit for determining a range to be encoded in the coded program codes; (c) an encoding processing unit for encoding codes in the encoding target range determined by the encoding target code detection unit; (d) a decoding processing provision unit for providing a decoding unit for allocating a memory area for decoding the encoded encoding target codes and decoding the encoded encoding target codes in the allocated memory area into the execution program; and (e) a relocation processing provision unit for providing a relocation processing unit for relocating address information on the decoded encoding target codes in the execution program.
A sixth aspect of the present invention is an apparatus that generates an execution program of a type that includes the encoding target codes to be encoded in part of program codes thereof, the apparatus including: (a) a compiler for translating coded source program codes of high-level language format into object program codes; (b) an encoding target code detection unit for determining a range to be encoded in the coded program codes; (c) a relocation information generation unit for generating relocation information required to relocate address information on codes in the encoding target range determined by the encoding target code detection unit; (d) an encoding processing unit for encoding codes in the encoding target range determined by the encoding target code detection unit; (e) a decoding processing provision unit for providing a decoding unit for allocating a memory area for decoding the encoded encoding target codes and decoding the encoded encoding target codes in the allocated memory area into the execution program; and (f) a relocation processing provision unit for providing a relocation processing unit for relocating address information on the decoded encoding target codes based on the generated relocation information into the execution program.
In the execution program generation apparatuses according to the fifth and sixth aspects of the present invention, the encoding may be compression processing and the decoding may be decompression processing for the compressed data. Or the encoding may be encryption processing and the decoding may be decryption processing for the encrypted data.
The decoding unit and the relocation processing unit may be applied to the encoding target codes at the first execution of the encoding target codes after the execution program is loaded into the memory.
A seventh aspect of the present invention is a method for executing an execution program of a type that includes encoded encoding target codes in part of program codes thereof, the method including the steps of: (a) allocating the execution program on a memory space; (b) executing the execution program loaded into the memory; (c) before executing the encoding target codes, allocating a memory space for encoding the encoded encoding target codes and decoding the encoded encoding target codes on the allocated memory space; (d) performing relocation processing for the decoded encoding target codes; and (e) executing the decoded encoding target codes.
In the execution program execution method according to the seventh aspect of the present invention, the step (e) may be followed by a step (f) for discarding or deallocating the preallocated memory space including the decoded encoding target codes.
The encoding may be compression processing and the decoding may be decompression processing for compressed data. Or the encoding may be encryption processing and the decoding may be decryption processing for encrypted data.
The execution program includes a decoding execution flag indicating whether encoding target codes have been called again after being loaded into the memory, and may execute the decoding step (c) and the relocating step (d) according to the setting of the decoding execution flag.
An eighth aspect of the present invention is a computer-readable program storage medium that stores an execution program executable on a computer system in computer-readable form, the execution program including: (a) execution codes partially including encoded encoding target codes; (b) a program portion executable on the computer system, coded so as to allocate a memory area for decoding the encoded coding target codes and decode the encoded encoding target codes in the allocated memory area; and (c) a program portion executable on the computer system, coded so as to perform relocation processing for the decoded encoding target codes.
A ninth aspect of the present invention is a computer-readable program storage medium that stores an execution program executable on a computer system in computer-readable form, the execution program including: (a) execution codes partially including encoded encoding target codes; (b) relocation information about the encoding target codes; (c) a program portion executable on the computer system, coded so as to allocate a memory area for decoding the encoded coding target codes and decode the encoded encoding target codes in the allocated memory area; and (d) a program portion executable on the computer system, coded so as to perform relocation processing for the decoded encoding target codes based on the relocation information.
An execution program implementing the present invention includes encoded encoding target codes and other codes not encoded.
The execution program is designed so that, immediately before the encoding target codes are executed, they are decoded and relocated. This is achieved by including a decoding function for decoding the encoding target codes and a relocating function for performing relocation in the execution program.
To efficiently perform relocation processing, relocation information on the encoding target codes may be generated in advance so that it is appended to the execution program when encoded.
Immediately after the execution program is started, the encoding target codes are not decoded. When the program execution has proceeded to the stage in which to execute the encoding target codes, an area for decoding the encoding target codes is allocated not in a program code area but in a data memory area, and then the encoding target codes are decoded within the area to relocate relevant code portions. As a result of going through such a procedure, the program can be normally executed.
Although the foregoing description assumes that an encoded code area is decoded during execution on a type of operating system inhibiting the rewriting of program code areas, it goes without saying that the present invention can also be implemented on a type of operating system permitting the rewriting of program code areas. In this case, since program codes are decoded and executed within data areas, illegal use of programs by analysis and tampering can be more suitably prevented.