WO2022111664A1 - Patching method, related apparatus, and system - Google Patents

Abstract

The present application provides a patching method, a related apparatus, and a system. The method may comprise: a first electronic apparatus where a patch pool is mounted may acquire a first patch issued by a cloud server; the first electronic apparatus may compile the first patch into a first machine code on the basis of first version information of the apparatus itself; the first electronic apparatus may acquire second version information of a first program in a second electronic apparatus in the same local area network; the first electronic apparatus may quickly synthesize, according to a second offset corresponding to the second version information, a second machine code, and generate a second patch file; and the second electronic apparatus may acquire and run the second patch file or an instruction corresponding to the second patch file, such that a patch takes effect, and a first vulnerability in the first program of the second electronic apparatus is repaired. The technical solution of the present application is implemented to prevent a cloud server from repeatedly issuing a patch, and reduce consumption of the network bandwidth, thereby greatly improving repair efficiency of patches, and providing better user experience.

Description

Patching method, related equipment and system

This application claims the priority of the Chinese patent application filed on November 30, 2020 with the application number 202011377442.X and the application name "Patching Method, Related Equipment and System", the entire contents of which are incorporated by reference in this application.

technical field

The present application relates to the field of computer technology, and in particular, to a patching method, related equipment and system.

Background technique

During a user's use of an electronic device, a bug (bug) may appear in system programs or applications. The solution to this problem in the prior art is usually that the cloud server issues a corresponding patch to the electronic device. After the electronic device obtains the patch, install the patch to make the patch take effect, thereby fixing the corresponding loopholes in the program.

When the cloud server issues a patch to an electronic device, the first way is that the cloud server can issue the original interpretive code of the patch to the electronic device. After the electronic device receives the patch, it performs machine coding on the electronic device side, loads and runs the patch. The machine code of the patch, the patch takes effect, and the program bug is fixed. Using the first method, the cloud server may repeatedly issue patches to different electronic devices, which consumes network bandwidth, and the patches are machine-coded on the electronic device side, resulting in low patch repair efficiency.

The second way is that the cloud server can machine code the patch on the cloud server side according to the obtained information such as the version of the program that needs to fix the bug, and then send the machine code of the patch to the electronic device. You can directly load the machine code running the patch, the patch will take effect, and program bugs will be fixed. In the second method, the electronic device directly runs the machine-coded patch file. Compared with the first method, the patch repair efficiency is improved, but the machine-coded patch file is bound to a specific version. However, the versions of the programs on different electronic devices may be different, so the cloud server will issue different patches according to the programs of different versions. Using the second method will cause the cloud server to repeatedly machine code the patch for the same bug, which consumes a lot of network bandwidth when delivering the patch, affects the repair efficiency of the patch, and affects the user experience.

SUMMARY OF THE INVENTION

The purpose of the present application is to provide a patching method, related equipment and system, which can solve the problem that the cloud server repeatedly distributes patches for multiple times when different electronic devices need to repair the same program loophole, reducing network bandwidth. In addition, the patch machine code suitable for different electronic devices can be quickly synthesized on the terminal side, which greatly improves the efficiency of patch repair and brings a better user experience to the user.

The above-mentioned objects and other objects are achieved by the features of the independent claims. Further implementations are embodied in the dependent claims, the description and the drawings.

In a first aspect, the present application provides a patching method, the method may include: a first electronic device may establish a first connection with a second electronic device, and then the first electronic device may obtain a first patch file, the first A patch file may be used for the first vulnerability in the first program, the first vulnerability existing in the first program of the second electronic device. The electronic device may compile the first patch into the first machine code according to the first version information of the first program, and then the first electronic device may synthesize the first machine code and the first offset into the first machine code. Second machine code, and the second machine code can be burned to generate a second patch file. Wherein, the first offset is determined according to the second version information, the second version information is the version information in the first program in the second electronic device, and the second version information is the first electronic device through the first The connection is obtained from the second electronic device, and the second patch file can be used to repair the first vulnerability in the first program whose version information is the second version information.

In this application, the first electronic device may be a smart phone, a tablet computer, a notebook computer, a desktop computer or other types of electronic devices. The first electronic device may have relatively strong computing processing capability and relatively sufficient internal storage space. The first electronic device may be a mounting device of the patch pool, and the first electronic device may also be a device that compiles the patch into machine code. And also has a Bluetooth (bluetooth, BT) module, and/or a wireless local area network (wireless local area networks, WLAN) module. Among them, the Bluetooth (BT) module can provide a solution including one or more Bluetooth communications in classic Bluetooth (Bluetooth 2.1 standard) or Bluetooth low energy (bluetooth low energy, BLE). The WLAN module can provide wireless fidelity direct (wireless fidelity direct, Wi-Fi direct), wireless fidelity local area networks (wireless fidelity local area networks, Wi-Fi LAN) or wireless fidelity software access point (wireless fidelity software access point) , Wi-Fi softAP) in one or more WLAN communication solutions.

In this application, the second electronic device may be a smart phone, a tablet computer, a notebook computer and other electronic devices with strong computing processing capability and sufficient internal storage space, etc., and the second electronic device may also be a smart watch, Smart bracelets, smart speakers, smart headphones and other electronic devices with weak computing processing power or small internal storage space. The second electronic device may have a bluetooth (BT) module, and/or a wireless local area networks (WLAN) module. Among them, the Bluetooth (BT) module can provide a solution including one or more Bluetooth communications in classic Bluetooth (Bluetooth 2.1 standard) or Bluetooth low energy (bluetooth low energy, BLE). The WLAN module can provide wireless fidelity direct (wireless fidelity direct, Wi-Fi direct), wireless fidelity local area networks (wireless fidelity local area networks, Wi-Fi LAN) or wireless fidelity software access point (wireless fidelity software access point) , Wi-Fi softAP) in one or more WLAN communication solutions.

Implementing the method of the first aspect can avoid the problem that the cloud server repeatedly distributes patches when different electronic devices need to fix the same program vulnerability, reduces the consumption of network bandwidth, and can be quickly synthesized and adapted on the terminal side The patch machine code for different electronic devices greatly improves the efficiency of patch repair and brings users a better experience.

With reference to the first aspect, in some embodiments, the first offset may be determined according to the correspondence between the second version information recorded in the first mapping table and the first offset.

In conjunction with the first aspect, in some embodiments, the first electronic device may send the second patch file to the second electronic device. The second patch file can be used together with the first program file in the second electronic device to be collectively referred to as the second program file. The first program file is the executable file of the first program of the unfixed first vulnerability in the second electronic device, and the second program file is the executable file of the first program of the second electronic device that has repaired the first vulnerability document.

With reference to the first aspect, in some embodiments, when the second electronic device receives the interaction request for the first program file, the first electronic device may receive the interaction request for the second program file through the first connection, wherein , the first program file may be the executable file of the first program that does not repair the first vulnerability in the second electronic device, and the second program file may be the first program file and the second patch file of the first electronic device Synthesized, the second program file is the executable file of the first program that has repaired the first vulnerability, and the first program file on the second electronic device can be associated with the second program file on the first electronic device. program files. The first electronic device may read the second program file, generate interactive results or executable instructions, and may send the interactive results or executable instructions to the second electronic device through the first connection.

With reference to the first aspect, in some embodiments, after the first electronic device generates the second patch file, the first electronic device may send broadcast information, where the broadcast information may include: the identification number of the first electronic device, the second electronic device The device identification number and the second version information to which the second patch file applies. After receiving the response information from the second electronic device in response to the broadcast information, the first electronic device may determine that the second patch file is a patch file used by the second electronic device to repair the first vulnerability of the first program, and the response information may include: The identification number of the first electronic device, the identification number of the second electronic device, and the second version information of the first program in the second electronic device.

In a second aspect, the present application provides another patching method, the method may include: the first electronic device may establish a first connection with the second electronic device. The first electronic device can acquire a first patch file, and the first patch file can be used to repair a first vulnerability of the first program, where the first vulnerability exists in the first program of the second electronic device. Then, the first electronic device compiles the first patch into the first machine code according to the first version information of the first program. The first electronic device synthesizes the first machine code and the first offset into a second machine code, and burns the second machine code to generate a second patch file. Wherein, the first offset may be determined according to second version information, the second version information may be version information of the first program in the second electronic device, and the second version information may be the first electronic device through The first connection is obtained from the second electronic device, and the second patch file is used to repair the first vulnerability of the first program whose version information is the second version information.

Implementing the method of the second aspect can avoid the problem that the cloud server repeatedly issues patches many times when different electronic devices need to fix the same program vulnerability, reduces the consumption of network bandwidth, and can be quickly synthesized and adapted on the terminal side The patch machine code for different electronic devices greatly improves the efficiency of patch repair and brings users a better experience.

With reference to the second aspect, in some embodiments, the first offset may be determined according to the correspondence between the second version information recorded in the first mapping table and the first offset.

In conjunction with the second aspect, in some embodiments, the second electronic device may receive the second patch file generated by the first electronic device. The second electronic device synthesizes the first program file and the second patch file into a second program file, wherein the first program file is the executable of the first program in the second electronic device that does not fix the first vulnerability file, the second program file is the executable file of the first program in the second electronic device that has fixed the first vulnerability.

In combination with the second aspect, in some embodiments, after the second electronic device receives the interaction request for the first program file, the second electronic device may forward the interaction request to the first electronic device through the first connection The second program file, wherein the first program file is the executable file of the first program in the second electronic device that does not fix the first vulnerability, and the second program file can be the first electronic device. The first program file and the second patch file are synthesized, the second program file is the executable file of the first program that has repaired the first vulnerability, and the first program file on the second electronic device can be associated with the second program file on the first electronic device. Then, the first electronic device can read the second program file, generate an interaction result or executable instruction, and can send the interaction result or executable instruction to the second electronic device through the first connection. In response to the interaction result or the executable instruction, the second electronic device may run the first program in which the first vulnerability has been fixed.

With reference to the second aspect, in some embodiments, after the first electronic device generates the second patch file, the first electronic device may send broadcast information, and the broadcast information may include: the identification number of the first electronic device, the The identification number of the second electronic device, and the second version information to which the second patch file applies. In response to the broadcast information, the second electronic device may send response information to the first electronic device, and the response information may include: the identification number of the first electronic device, the identification number of the second electronic device, the first electronic device The second version information of the first program in the two electronic devices. The first electronic device may determine that the second patch file is a patch file used by the second electronic device to repair the first vulnerability of the first program.

In a third aspect, the present application provides an electronic device, which may include: a communication device, a memory and a processor coupled to the memory, a plurality of application programs, and one or more programs. When the processor executes one or more of the programs, the electronic device may implement any function of the electronic device in the first aspect and/or the second aspect, which will not be repeated here.

In a fourth aspect, the present application provides a computer-readable medium in which instructions can be stored. When the instruction is executed on the electronic device, the electronic device can be made to perform any function of the first aspect and/or the second aspect, which will not be repeated here.

Implementing the technical solution of the present application can avoid the problem that the cloud server repeatedly distributes patches when different electronic devices need to fix the same program loophole, reduces the consumption of network bandwidth, and can quickly synthesize and adapt to the terminal side The patch machine code for different electronic devices greatly improves the efficiency of patch repair and brings users a better experience.

Description of drawings

FIG. 1 is a schematic diagram of the architecture of a communication system provided by an embodiment of the present application;

2 is a schematic diagram of a hardware structure of an electronic device provided by an embodiment of the present application;

3 is a software framework diagram of an electronic device provided by an embodiment of the present application;

4 is a schematic diagram of a patch machine coding provided by an embodiment of the present application;

5 is a flowchart of a method for patching provided by an embodiment of the present application;

6 is a schematic diagram of a scenario of a method for patching provided by an embodiment of the present application;

7 is a flowchart of another method for patching provided by an embodiment of the present application;

8 is a schematic diagram of a scenario of another method for patching provided by an embodiment of the present application;

9A is a schematic diagram of a user interface provided by an embodiment of the present application;

9B is a schematic diagram of a user interface provided by an embodiment of the present application;

10A is a schematic diagram of a user interface provided by an embodiment of the present application;

10B is a schematic diagram of a user interface provided by an embodiment of the present application;

FIG. 10C is a schematic diagram of a user interface provided by an embodiment of the present application.

Detailed ways

The terms used in the following embodiments of the present application are only for the purpose of describing specific embodiments, and are not intended to be used as limitations of the present application. As used in the specification and appended claims of this application, the singular expressions "a," "an," "the," "above," "the," and "the" are intended to also Plural expressions are included unless the context clearly dictates otherwise. It will also be understood that, as used in this application, the term "and/or" refers to and includes any and all possible combinations of one or more of the listed items. In the embodiments of the present application, the terms "first" and "second" are only used for description purposes, and cannot be understood as implying or implying relative importance or implying the number of indicated technical features. Therefore, the features defined with "first" and "second" may explicitly or implicitly include one or more of the features. In the description of the embodiments of the present application, unless otherwise specified, the "multiple" The meaning is two or more.

或者其他类型的操作系统，本申请同样对此不作限制。 The embodiments of the present application provide a communication system, which may include multiple electronic devices, and a communication connection may be established between the multiple electronic devices by accessing the same local area network, and data interaction may be performed through the communication connection. Wherein, the first electronic device may be a smart phone, a tablet computer, a notebook computer, a desktop computer or other types of electronic devices, which is not limited in this application. The first electronic device may have relatively strong computing processing capability and relatively sufficient internal storage space. The first electronic device may be a mounting device of the patch pool, and the first electronic device may also be a device that compiles the patch into machine code. The first electronic device can provide the compiled patch machine code for the second electronic device in the local area network. The second electronic device may be a smart phone, a tablet computer, a notebook computer and other electronic devices with strong computing processing capability and sufficient internal storage space, etc. The second electronic device may also be a smart watch, a smart bracelet, a smart Electronic devices such as speakers and smart earphones with weak computing processing capability or small internal storage space, etc., are not particularly limited in this application. The second electronic device may receive a patch from the first electronic device through a local area network connection, or receive an instruction from the first electronic device, and execute a corresponding function to repair the vulnerability targeted by the patch. The first electronic device and the second electronic device can carry

Or other types of operating systems, which are also not limited in this application.

The embodiment of the present application also provides a method for applying patches, which solves the problem that the cloud server repeatedly distributes the same patch to different electronic devices. The patching method can be applied to the communication system and the electronic device provided by the embodiments of the present application. In the patching method provided in this application, the first electronic device mounted in the patch pool can obtain the first patch issued by the cloud server. The first patch can be used to repair the first vulnerability of the first program, wherein the first patch can be an interpretive patch code, and the interpretive patch code is a source program written in a high-level computer language (such as C language, Python, etc.). , the explanatory patch code is independent of electronic device and version information, so it can be run across devices. The first electronic device may compile the interpretive patch code into the first machine code based on the first version information of the first program in the device. In the same local area network, the version information of the first program of other electronic devices may not be the same, so the patch machine codes will also be different. For example, for the same function interface, the offset addresses corresponding to different program versions are different. Therefore, for the same interpretive patch code, for different electronic devices, the patched machine code may have a certain difference. The difference can be reflected in some absolute The offset of the address is different. A first mapping table may be recorded in the patch pool, and a one-to-one correspondence between different versions of the first program and offsets may be recorded in the first mapping table.

The first electronic device can acquire the ID of the second electronic device in the same local area network and the second version information of the first program in the second electronic device. The first electronic device can quickly synthesize the second machine code and generate a second patch file according to the second offset corresponding to the second version information obtained by querying in the first mapping table, and the second patch file can be used to repair the second version. A patch file for the first vulnerability of the first program in the electronic device. The second electronic device can obtain the second patch file or an instruction corresponding to the second patch file and run it, the patch takes effect, and the first loophole in the first program of the second electronic device is repaired.

Implementing the technical solutions of the embodiments of the present application, when different electronic devices need to repair the same program vulnerability, the cloud server only needs to issue a patch to the first electronic device in the local area network, and then the patch can be quickly synchronized to the same local area network. on other electronic devices. Therefore, the implementation of the technical solution of the present application can avoid the cloud server from repeatedly issuing patches for many times, reduce the consumption of network bandwidth, and can quickly synthesize the patch machine code suitable for different electronic devices on the terminal side, which greatly improves the efficiency of patch repair. Bring a better user experience to users.

Below, some terms and concepts related to this application are introduced.

A patch refers to a small program released to solve the problems exposed in the use of large software systems or applications. A patch can be used to fix one or more software vulnerabilities, for example, a patch can fix one or more vulnerabilities including but not limited to applications, application frameworks, kernels, hardware drivers, etc. Patches can also be used to add new product features or functionality.

The patch pool (patch pool) may be one or more directories in which one or more patch files are stored. For example, the storage location of the patch pool in the terminal device may be the directory /data/hotpatch, etc., which is not limited in this application. Usually, the patch pool can be mounted on a terminal device with sufficient internal storage space. If the patch pool is set to have a network attribute, the patch pool is visible to other electronic devices in the same local area network, and the storage location of the patch pool is invisible to electronic devices that are not in the local area network. The directory where the patch pool is located can also be provided with a corresponding security protection mechanism. Except for some specific applications with write permissions, modification permissions and/or other related permissions, other electronic devices or other applications in the local area network have only limited access to this directory. read permission, but cannot write and/or modify the directory.

The related devices for patch generation and taking effect mainly involve servers and terminal devices. The server may include a patch package tool, a patch package archive, a patch package release, and the like. Among them, the patch package tool is a script running in the background of the server, which packages the patch files into a compressed file, and the overall layout of each file in the compressed file is unique to the patch package. Patch package archiving is used to place the patch package in the specified archive address after the patch package tool generates the patch package, so that the subsequent server can obtain the patch package. Patch package release is used by the server to deliver patch files to terminal devices. The terminal device may include patch package download, patch engine, patch package upgrade, and patch partition. The patch package download is used to receive the patch package delivered by the server. Patch package upgrade means that after the user searches for the patch package on the mobile phone and confirms that the patch package is downloaded uniformly, the patch engine downloads, verifies, and installs the patch package. The patch engine encapsulates various types of business logic, including verification of patch files, enabling patches to take effect, and undoing abnormal patches. The patch partition is a space address on the hard disk of the terminal device, and the binary patch image in the patch package can be burned into this partition.

Computer language refers to the language used for communication between humans and computers. Computer language is a medium for transferring information between humans and computers. The biggest characteristic of a computer system is that instructions are communicated to the machine through a language. In order to make the electronic computer perform various tasks, a set of numbers, characters and grammar rules for writing computer programs are needed. These characters and grammar rules form various instructions of the computer, that is, the computer language. Computer languages are divided into high-level languages and low-level languages. High-level languages are programming that is closer to natural languages and mathematical formulas, such as C language, python language, java language, PHP language, etc. High-level languages are basically separated from the hardware system of the machine and write programs in a way that is easier for people to understand. The program written is called the source program. Low-level languages are divided into machine language and assembly language, both of which are machine-oriented languages and are closely related to the instruction system of a specific machine. Machine language is a set of machine instructions that can be directly recognized and executed by a computer represented by binary code. That is, machine language is a system of instruction sets. This instruction set is called machine code, which is data that can be directly interpreted by the computer's CPU. The body of assembly language is assembly instructions. The difference between assembly instructions and machine instructions lies in the representation of the instructions. Assembly instructions are the writing format of machine instructions that are easy to remember.

Machine coding refers to the process of compiling a high-level language into machine language. Since the computer cannot directly recognize the high-level language, it can only recognize the machine language. Therefore, the high-level language needs to go through the compiler to program the assembler, and then turn it into machine code through the assembler, and finally can be executed by the computer.

Mounting refers to attaching a file or an external device (usually a storage device) to an existing directory in the device. By accessing this directory, the external device or file is accessed, and at the same time, the external device or file is placed. Under the directory in the device, it is also possible to let the system on the device know how to manage the external device or file, and understand processes such as the readable and writable characteristics of the external device or file.

An image file refers to making a specific series of files into a single file according to a certain format to facilitate users to download and use, such as an operating system, a game, and so on. Its most important feature is that it can be recognized by specific software and can be directly burned to a disc. The image file in the usual sense can be further expanded, and the image file can contain more information, such as system files, boot files, partition table information, etc., so that the image file can contain all the information of a partition or even a hard disk. The type of patch file described below can be an image file.

The absolute address means that in data transmission and storage, the storage unit of the main memory is in units of bytes, and each storage unit has an address corresponding to it. Assuming that the capacity of the main memory is n, the memory has n storage units (taking n bytes of storage space), and its address numbers are: 0, 1, 2, ..., n-1. The address number of the main memory space is called the absolute address of the main memory.

The relative address refers to the address used when addressing relative to a certain reference value (usually 0 is used as the reference value). Relative addresses are often used in the process of program writing and compilation. Since the program must be placed in the main memory before it can be executed, the instructions and data must be related to an absolute address in the main memory—into the main memory unit. However, in a multiprogramming system, the main memory will store multiple jobs, so programmers may not know exactly where their programs are placed in the main memory to run, that is, programmers often do not use absolute addresses to write programs. . Therefore, programmers often use relative addresses, that is, relative to some base address to write programs and arrange the location of instructions and data.

boot.art is a class object image file that can contain all classes listed in all framework/base/preloaded-classes files. These classes are loaded into memory once and can be used directly.

First, a communication system 10 provided by an embodiment of the present application is introduced.

As exemplarily shown in FIG. 1, the communication system 10 may include cloud-side devices such as cloud server 101, and terminal-side devices such as mobile phone 102, router 103, tablet computer 104, notebook computer 105, smart TV 106, smart speaker 107, smart Headphones 108, smart watches 109, smart bracelets 110, etc. Among them, the router 103 can form a wireless network and transmit wireless network signals, and the mobile phone 102, tablet computer 104, notebook computer 105, smart TV 106, smart speaker 107, smart earphone 108, smart watch 109, smart bracelet 110, etc. The wireless network of the router 103 is thus in the same local area network.

系统为例，应用程序(application，APP)层、应用框架(application framework)层、内核(kernel)层或硬件驱动(hardware driver)层等都可能存在相应类型的补丁，本申请对此不作限制。 The cloud server 101 can generate one or more sets of patch packages required by the electronic device. The patch package generated by the cloud server 101 may be the original interpretive patch code written in a computer high-level language and independent of the device, or may be the patch code in the form of machine code. The cloud server can deliver the generated patch package to the mobile phone 102 through far-field communication, and the generated patch package can be used to fix one or more vulnerabilities of the program, or can be used to add one or more product features or functions and functions. and/or functions, which are not limited in this application. For example, electronic devices can add a "voice assistant" function by installing a patch package, which can help users send messages and make calls without touching the electronic device, and can also help users communicate face-to-face with others in different languages. When chatting between users, it helps users to translate the other party's language into a language that the user understands in real time. The electronic device does not have the above-mentioned "voice assistant" series of related functions before the patch package is installed. In addition, patches can be of various types, such as

Taking the system as an example, patches of corresponding types may exist at the application (application, APP) layer, application framework (application framework) layer, kernel (kernel) layer, or hardware driver (hardware driver) layer, etc., which are not limited in this application.

In some embodiments, the mobile phone 102 may have strong computing processing capability and sufficient internal storage space, and the mobile phone 102 may be used as a patch pool to receive one or more patch packages from the cloud server side. The patch pool can have a network attribute, that is, the storage location/directory where the patch pool is located is visible to all devices in the local area network. The mobile phone 102 can synchronize the patch pool information to other devices in the local area network through patch package broadcast. The cell phone 102 may have a bluetooth (BT) module and/or a wireless local area networks (WLAN) module. Among them, the Bluetooth module can provide one or more Bluetooth communication solutions including classic Bluetooth (Bluetooth 2.1) or Bluetooth low energy (BLE), and the WLAN module can provide wireless fidelity direct , Wi-Fi direct), wireless fidelity local area networks (Wi-Fi LAN) or wireless fidelity software access point (wireless fidelity software access point, Wi-Fi softAP) one or more WLANs communication solutions. The mobile phone 102 can establish a wireless communication connection with other electronic devices near the mobile phone 102 using one or more wireless communication technologies of Bluetooth or WLAN or other types, and then the patch can be shared with other electronic devices through the wireless communication connection.

In some embodiments, the mobile phone 102 may receive a patch package actively pushed by the cloud server 101 through the network, and the patch package may be a patch in the form of interpretive codes. After receiving the patch package issued by the cloud server, the mobile phone 102 may When the patch is installed, the patch code is machine-coded on the device side based on the version information of the application that needs to be patched on the device. The mobile phone 102 may also report the version information of the application to be patched to the cloud server 101 , and then the cloud server 101 performs machine coding according to the version information, and then sends the patch in the form of machine code to the mobile phone 102 . A mapping table can be stored in the mobile phone 102, and the mapping table can record the corresponding relationship between the version information and the machine code offset. The mobile phone 102 can generate different machine code patches according to different version information, and then other terminal devices in the local area network. The corresponding patches can be obtained and installed to take effect.

The tablet computer 104 and the notebook computer 105 may be terminal devices with strong computing processing capability and sufficient internal storage space, and may be equipped with wireless communication modules such as a Bluetooth module and a WLAN module. For the description of the Bluetooth module and the WLAN module, reference may be made to the Bluetooth module and the WLAN module in the mobile phone 102, which will not be repeated here. Terminal devices such as the tablet computer 104 and the notebook computer 105 with strong computing processing capability and sufficient internal storage space can also be used as a patch pool, and can also be used as a terminal device for compiling a patch program into machine code. The terminal device where the patch pool is located and the terminal device that compiles the patch program into machine code may be the same terminal device, or may not be the same terminal device. For example, the mobile phone 102 is used as the terminal device mounted in the patch pool, and the laptop 105 is used as the terminal device for compiling the patch machine code. After the mobile phone 102 obtains the patch program issued by the cloud server 101, the laptop computer 105 obtains the patch in the patch pool. The laptop 105 then performs machine coding of the patch.

The smart TV 106, the smart speaker 107, the smart earphone 108, the smart watch 109, and the smart bracelet 110 may be terminal devices with weak computing processing capability or small internal storage space, and may have wireless wireless modules such as Bluetooth modules and WLAN modules. communication module. For the description of the Bluetooth module and the WLAN module, reference may be made to the Bluetooth module and the WLAN module in the mobile phone 102, which will not be repeated here. In some embodiments, the patch files run by the terminal devices with weaker computing processing capability or smaller internal storage space may be mounted on the terminal device with stronger computing processing capability or larger internal storage space in the same local area network. In this case, when these terminal devices with weak computing processing power or small internal storage space are disconnected from the local area network, the patch will become invalid. The patch will take effect again when the LAN connection is reconnected.

As shown in FIG. 1 , the cloud server 101 can generate a patch package required by the electronic device in the local area network where the mobile phone 102 is located, and deliver the patch package to the mobile phone 102 . In some embodiments, the patch packages generated by the cloud server can be distributed in groups. The grouping method can be grouped by functions, such as bug fixes, new product features, etc., or by patch types, such as application (application, APP) layer type patches, hardware driver (hardware driver) layer type patches etc., which are not limited in this application.

系统，在路由器103的连接下，形成一个系统生态。在相同的操作系统下，不同版本信息对应的补丁程序的机器码差异较小，编译机器码的终端设备可以根据版本信息的不同快速合成对应的补丁机器码。 In some embodiments, various terminal devices that share patches, such as mobile phone 102, tablet computer 104, laptop computer 105, smart TV 106, smart speaker 107, smart earphone 108, smart watch 109, smart bracelet 110, etc., may be equipped with the same operating systems such as Hongmeng

The system, under the connection of the router 103, forms a system ecology. Under the same operating system, the differences in the machine codes of patches corresponding to different version information are small, and the terminal device compiling the machine codes can quickly synthesize the corresponding patch machine codes according to the different version information.

It can be understood that the communication system 10 shown in this embodiment does not constitute a specific limitation to the embodiment of this application. In other embodiments of the present application, the communication system 10 may also include more or less devices than shown. For example, the communication system 10 may also include other electronic devices such as desktop computers, smart desk lamps, and smart refrigerators, which are not limited in this application.

Next, the exemplary electronic device 100 provided in the embodiments of the present application is introduced.

FIG. 2 shows a schematic structural diagram of the electronic device 100 .

The electronic device 100 may be a mobile phone 102, a tablet computer 104, a notebook computer 105, a smart TV 106, a smart speaker 107, a smart earphone 108, a smart watch 109, a smart bracelet 110, etc. shown in the communication system 10, or it may be Other electronic devices, such as desktop computers, laptop computers, handheld computers, ultra-mobile personal computers (UMPCs), netbooks, and cellular phones, personal digital assistants (PDAs), augmented reality (augmented reality, AR) equipment, virtual reality (virtual reality, VR) equipment, artificial intelligence (artificial intelligence (AI) equipment, wearable equipment, vehicle-mounted equipment, smart home equipment and/or smart city equipment, embodiments of the present application The specific type of the electronic device is not particularly limited. It can be understood that, the structures illustrated in the embodiments of the present invention do not constitute a specific limitation on the electronic device 100 . In other embodiments of the present application, the electronic device 100 may include more or less components than shown, or combine some components, or separate some components, or arrange different components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

The electronic device 100 may include a processor 111, an external memory interface 120, an internal memory 121, a universal serial bus (USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2 , mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headphone jack 170D, sensor module 180, buttons 190, motor 191, indicator 192, camera 193, display screen 194, and Subscriber identification module (subscriber identification module, SIM) card interface 195 and so on. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, and ambient light. Sensor 180L, bone conduction sensor 180M, etc.

The processor 111 may include one or more processing units, for example, the processor 111 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural-network processing unit (neural-network processing unit, NPU), etc. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.

The controller can generate an operation control signal according to the instruction operation code and timing signal, and complete the control of fetching and executing instructions.

A memory may also be provided in the processor 111 for storing instructions and data. In some embodiments, the memory in the processor 111 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 111 . If the processor 111 needs to use the instruction or data again, it can be called directly from the memory. Repeated access is avoided, and the waiting time of the processor 111 is reduced, thereby improving the efficiency of the system.

In some embodiments, the processor 111 may include one or more interfaces. The interface may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous transceiver (universal asynchronous transmitter) receiver/transmitter, UART) interface, mobile industry processor interface (MIPI), general-purpose input/output (GPIO) interface, subscriber identity module (SIM) interface, and / or universal serial bus (universal serial bus, USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus that includes a serial data line (SDA) and a serial clock line (SCL). In some embodiments, the processor 111 may contain multiple sets of I2C buses. The processor 111 can be respectively coupled to the touch sensor 180K, the charger, the flash, the camera 193 and the like through different I2C bus interfaces. For example, the processor 111 can couple the touch sensor 180K through the I2C interface, so that the processor 111 and the touch sensor 180K communicate with each other through the I2C bus interface, so as to realize the touch function of the electronic device 100 .

The I2S interface can be used for audio communication. In some embodiments, the processor 111 may contain multiple sets of I2S buses. The processor 111 can be coupled with the audio module 170 through an I2S bus to implement communication between the processor 111 and the audio module 170 . In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the I2S interface, so as to realize the function of answering calls through a Bluetooth headset.

The PCM interface can also be used for audio communications, sampling, quantizing and encoding analog signals. In some embodiments, the audio module 170 and the wireless communication module 160 may be coupled through a PCM bus interface. In some embodiments, the audio module 170 can also transmit audio signals to the wireless communication module 160 through the PCM interface, so as to realize the function of answering calls through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.

The UART interface is a universal serial data bus used for asynchronous communication. The bus may be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is typically used to connect the processor 111 with the wireless communication module 160 . For example, the processor 111 communicates with the Bluetooth module in the wireless communication module 160 through the UART interface to implement the Bluetooth function. In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the UART interface, so as to realize the function of playing music through the Bluetooth headset.

The MIPI interface can be used to connect the processor 111 with the display screen 194, the camera 193 and other peripheral devices. MIPI interfaces include camera serial interface (CSI), display serial interface (DSI), etc. In some embodiments, the processor 111 and the camera 193 communicate through a CSI interface to implement the photographing function of the electronic device 100 . The processor 111 communicates with the display screen 194 through the DSI interface to implement the display function of the electronic device 100 .

The GPIO interface can be configured by software. The GPIO interface can be configured as a control signal or as a data signal. In some embodiments, the GPIO interface can be used to connect the processor 111 with the camera 193, the display screen 194, the wireless communication module 160, the audio module 170, the sensor module 180, and the like. The GPIO interface can also be configured as I2C interface, I2S interface, UART interface, MIPI interface, etc.

The USB interface 130 is an interface that conforms to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like. The USB interface 130 can be used to connect a charger to charge the electronic device 100, and can also be used to transmit data between the electronic device 100 and peripheral devices. It can also be used to connect headphones to play audio through the headphones. The interface can also be used to connect other electronic devices, such as AR devices.

It can be understood that the interface connection relationship between the modules illustrated in the embodiment of the present invention is only a schematic illustration, and does not constitute a structural limitation of the electronic device 100 . In other embodiments of the present application, the electronic device 100 may also adopt different interface connection manners in the foregoing embodiments, or a combination of multiple interface connection manners.

The charging management module 140 is used to receive charging input from the charger. The charger may be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 140 may receive charging input from the wired charger through the USB interface 130 . In some wireless charging embodiments, the charging management module 140 may receive wireless charging input through a wireless charging coil of the electronic device 100 . While the charging management module 140 charges the battery 142 , it can also supply power to the electronic device through the power management module 141 .

The power management module 141 is used for connecting the battery 142 , the charging management module 140 and the processor 111 . The power management module 141 receives input from the battery 142 and/or the charging management module 140, and supplies power to the processor 111, the internal memory 121, the display screen 194, the camera 193, and the wireless communication module 160. The power management module 141 can also be used to monitor parameters such as battery capacity, battery cycle times, battery health status (leakage, impedance). In some other embodiments, the power management module 141 may also be provided in the processor 111 . In other embodiments, the power management module 141 and the charging management module 140 may also be provided in the same device.

The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modulation and demodulation processor, the baseband processor, and the like.

Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization. For example, the antenna 1 can be multiplexed as a diversity antenna of the wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide wireless communication solutions including 2G/3G/4G/5G etc. applied on the electronic device 100 . The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (LNA) and the like. The mobile communication module 150 can receive electromagnetic waves from the antenna 1, filter and amplify the received electromagnetic waves, and transmit them to the modulation and demodulation processor for demodulation. The mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor, and then turn it into an electromagnetic wave for radiation through the antenna 1 . In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the processor 111. In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the same device as at least part of the modules of the processor 111 .

The modem processor may include a modulator and a demodulator. Wherein, the modulator is used to modulate the low frequency baseband signal to be sent into a medium and high frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low frequency baseband signal. Then the demodulator transmits the demodulated low-frequency baseband signal to the baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and passed to the application processor. The application processor outputs sound signals through audio devices (not limited to the speaker 170A, the receiver 170B, etc.), or displays images or videos through the display screen 194 . In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modulation and demodulation processor may be independent of the processor 111, and may be provided in the same device as the mobile communication module 150 or other functional modules.

The wireless communication module 160 can provide applications on the electronic device 100 including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global navigation satellites Wireless communication solutions such as global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared technology (IR). The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2 , modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 111 . The wireless communication module 160 can also receive the signal to be sent from the processor 111 , perform frequency modulation on it, amplify it, and then convert it into electromagnetic waves for radiation through the antenna 2 .

In some embodiments, the electronic device 100 may discover a device in the same local area network through a wireless communication technology such as WLAN, and establish a wireless communication connection with the device. The electronic device 100 can also discover devices in a certain area nearby through Bluetooth and establish a communication connection. Among them, the Bluetooth (BT) module can provide a solution including one or more Bluetooth communications in classic Bluetooth (Bluetooth 2.1) or Bluetooth low energy (Bluetooth low energy, BLE). The WLAN module can provide a solution including one or more WLAN communications in Wi-Fi direct, Wi-Fi LAN or Wi-Fi softAP.

In some embodiments, the electronic device 100 can access the Internet through a mobile network (such as 2G/3G/4G/5G and other networks), a wireless network (such as Wi-Fi), and a wired network (such as broadband), and communicate with other For device communication, the WLAN wireless communication solution provided by the wireless communication module 160 can also enable the electronic device to communicate with a device (such as a server) in the network, and to communicate with the cloud device through the device (such as a server) in the network. In this way, electronic devices can discover and transmit data to devices in the network and cloud devices.

In some embodiments, the antenna 1 of the electronic device 100 is coupled with the mobile communication module 150, and the antenna 2 is coupled with the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), broadband Code Division Multiple Access (WCDMA), Time Division Code Division Multiple Access (TD-SCDMA), Long Term Evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc. The GNSS may include a global positioning system (global positioning system, GPS), a global navigation satellite system (GLONASS), a Beidou navigation satellite system (BDS), a quasi-zenith satellite system (quasi -zenith satellite system, QZSS) and/or satellite based augmentation systems (SBAS).

The electronic device 100 implements a display function through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 111 may include one or more GPUs that execute program instructions to generate or alter display information.

Display screen 194 is used to display images, videos, and the like. Display screen 194 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode or an active-matrix organic light-emitting diode (active-matrix organic light). emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light-emitting diode (quantum dot light emitting diodes, QLED) and so on. In some embodiments, the electronic device 100 may include one or N display screens 194 , where N is a positive integer greater than one.

The electronic device 100 may implement a shooting function through an ISP, a camera 193, a video codec, a GPU, a display screen 194, an application processor, and the like.

The ISP is used to process the data fed back by the camera 193 . For example, when taking a photo, the shutter is opened, the light is transmitted to the camera photosensitive element through the lens, the light signal is converted into an electrical signal, and the camera photosensitive element transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise, brightness, and skin tone. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be provided in the camera 193 .

Camera 193 is used to capture still images or video. The object is projected through the lens to generate an optical image onto the photosensitive element. The photosensitive element may be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other formats of image signals. In some embodiments, the electronic device 100 may include 1 or N cameras 193 , where N is a positive integer greater than 1.

A digital signal processor is used to process digital signals, in addition to processing digital image signals, it can also process other digital signals. For example, when the electronic device 100 selects a frequency point, the digital signal processor is used to perform Fourier transform on the frequency point energy and so on.

Video codecs are used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 can play or record videos of various encoding formats, such as: Moving Picture Experts Group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4 and so on.

The NPU is a neural-network (NN) computing processor. By drawing on the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process the input information, and can continuously learn by itself. Applications such as intelligent cognition of the electronic device 100 can be implemented through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.

The internal memory 121 may include one or more random access memories (RAM) and one or more non-volatile memories (NVM).

Random access memory can include static random-access memory (SRAM), dynamic random access memory (DRAM), synchronous dynamic random access memory (SDRAM), double data rate synchronization Dynamic random access memory (double data rate synchronous dynamic random access memory, DDR SDRAM, such as fifth-generation DDR SDRAM is generally called DDR5 SDRAM), etc.;

Non-volatile memory may include magnetic disk storage devices, flash memory.

Flash memory can be divided into NOR FLASH, NAND FLASH, 3D NAND FLASH, etc. according to the operating principle, and can include single-level memory cell (SLC), multi-level memory cell (multi-level memory cell, SLC) according to the level of storage cell potential. cell, MLC), triple-level cell (TLC), quad-level cell (QLC), etc., according to the storage specification can include universal flash storage (English: universal flash storage, UFS) , embedded multimedia memory card (embedded multi media Card, eMMC) and so on.

The random access memory can be directly read and written by the processor 111, and can be used to store executable programs (such as machine instructions) of an operating system or other running programs, and can also be used to store data of users and application programs.

The nonvolatile memory can also store executable programs and store data of user and application programs, etc., and can be loaded into the random access memory in advance for the processor 111 to directly read and write.

The external memory interface 120 can be used to connect an external non-volatile memory, so as to expand the storage capacity of the electronic device 100 . The external non-volatile memory communicates with the processor 111 through the external memory interface 120 to realize the data storage function. For example, save music, video, etc. files in external non-volatile memory.

The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, an application processor, and the like. Such as music playback, recording, etc.

The audio module 170 is used for converting digital audio information into analog audio signal output, and also for converting analog audio input into digital audio signal. Audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be provided in the processor 111 , or some functional modules of the audio module 170 may be provided in the processor 111 .

Speaker 170A, also referred to as a "speaker", is used to convert audio electrical signals into sound signals. The electronic device 100 can listen to music through the speaker 170A, or listen to a hands-free call.

The receiver 170B, also referred to as "earpiece", is used to convert audio electrical signals into sound signals. When the electronic device 100 answers a call or a voice message, the voice can be answered by placing the receiver 170B close to the human ear.

The microphone 170C, also called "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 170C through a human mouth, and input the sound signal into the microphone 170C. The electronic device 100 may be provided with at least one microphone 170C. In other embodiments, the electronic device 100 may be provided with two microphones 170C, which can implement a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device 100 may further be provided with three, four or more microphones 170C to collect sound signals, reduce noise, identify sound sources, and implement directional recording functions.

The earphone jack 170D is used to connect wired earphones. The earphone interface 170D can be the USB interface 130, or can be a 3.5mm open mobile terminal platform (OMTP) standard interface, a cellular telecommunications industry association of the USA (CTIA) standard interface.

The pressure sensor 180A is used to sense pressure signals, and can convert the pressure signals into electrical signals. The gyro sensor 180B may be used to determine the motion attitude of the electronic device 100 . The air pressure sensor 180C is used to measure air pressure. The magnetic sensor 180D includes a Hall sensor. The electronic device 100 can detect the opening and closing of the flip holster using the magnetic sensor 180D. The acceleration sensor 180E can detect the magnitude of the acceleration of the electronic device 100 in various directions (generally three axes). The magnitude and direction of gravity can be detected when the electronic device 100 is stationary. It can also be used to identify the posture of electronic devices, and can be used in applications such as horizontal and vertical screen switching, pedometers, etc. Distance sensor 180F for measuring distance. The electronic device 100 can measure the distance through infrared or laser. In some embodiments, when shooting a scene, the electronic device 100 can use the distance sensor 180F to measure the distance to achieve fast focusing. Proximity light sensor 180G may include, for example, light emitting diodes (LEDs) and light detectors, such as photodiodes. The ambient light sensor 180L is used to sense ambient light brightness. The fingerprint sensor 180H is used to collect fingerprints. The temperature sensor 180J is used to detect the temperature. Touch sensor 180K, also called "touch device". The touch sensor 180K may be disposed on the display screen 194 , and the touch sensor 180K and the display screen 194 form a touch screen, also called a “touch screen”. The touch sensor 180K is used to detect a touch operation on or near it. The touch sensor can pass the detected touch operation to the application processor to determine the type of touch event. Visual output related to touch operations may be provided through display screen 194 . In other embodiments, the touch sensor 180K may also be disposed on the surface of the electronic device 100 , which is different from the location where the display screen 194 is located. The bone conduction sensor 180M can acquire vibration signals.

The keys 190 include a power-on key, a volume key, and the like. Keys 190 may be mechanical keys. It can also be a touch key. The electronic device 100 may receive key inputs and generate key signal inputs related to user settings and function control of the electronic device 100 .

Motor 191 can generate vibrating cues. The motor 191 can be used for vibrating alerts for incoming calls, and can also be used for touch vibration feedback. For example, touch operations acting on different applications (such as taking pictures, playing audio, etc.) can correspond to different vibration feedback effects. The motor 191 can also correspond to different vibration feedback effects for touch operations on different areas of the display screen 194 . Different application scenarios (for example: time reminder, receiving information, alarm clock, games, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.

The indicator 192 can be an indicator light, which can be used to indicate the charging state, the change of the power, and can also be used to indicate a message, a missed call, a notification, and the like.

The SIM card interface 195 is used to connect a SIM card. The SIM card can be contacted and separated from the electronic device 100 by inserting into the SIM card interface 195 or pulling out from the SIM card interface 195 . The electronic device 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 195 can support Nano SIM card, Micro SIM card, SIM card and so on. Multiple cards can be inserted into the same SIM card interface 195 at the same time. The types of the plurality of cards may be the same or different. The SIM card interface 195 can also be compatible with different types of SIM cards. The SIM card interface 195 is also compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to implement functions such as call and data communication. In some embodiments, the electronic device 100 employs an eSIM, ie: an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100 .

系统为例，示例性说明电子设备100的软件架构。 The software system of the electronic device 100 may adopt a layered architecture, an event-driven architecture, a microkernel architecture, a microservice architecture, or a cloud architecture. The embodiments of the present invention use a layered architecture

Taking the system as an example, the software architecture of the electronic device 100 is exemplarily described.

FIG. 3 is a block diagram of a software structure of an electronic device 100 according to an embodiment of the present invention.

runtime)和系统库(libraries)、内核层(kernel)。 As shown in FIG. 3, the software structure of the electronic device 100 may include: an application layer (applications, APP), an application framework layer (application framework, FWK), an Android runtime (

runtime) and system libraries (libraries), kernel layer (kernel).

The application layer can include a series of application packages.

As shown in Figure 3, the application package can include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, short message and so on.

The application framework layer provides an application programming interface (application programming interface, API) and a programming framework for applications in the application layer. The application framework layer includes some predefined functions.

As shown in Figure 3, the application framework layer may include window managers, content providers, view systems, telephony managers, resource managers, notification managers, and the like.

A window manager is used to manage window programs. The window manager can get the size of the display screen, determine whether there is a status bar, lock the screen, take screenshots, etc.

Content providers are used to store and retrieve data and make these data accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phone book, etc.

The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on. View systems can be used to build applications. A display interface can consist of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.

The phone manager is used to provide the communication function of the electronic device 100 . For example, the management of call status (including connecting, hanging up, etc.).

The resource manager provides various resources for the application, such as localization strings, icons, pictures, layout files, video files and so on.

The notification manager enables applications to display notification information in the status bar, which can be used to convey notification-type messages, and can disappear automatically after a brief pause without user interaction. For example, the notification manager is used to notify download completion, message reminders, etc. The notification manager can also display notifications in the status bar at the top of the system in the form of graphs or scroll bar text, such as notifications of applications running in the background, and notifications on the screen in the form of dialog windows. For example, prompting text information in the status bar, making a sound, the head-mounted display device vibrating, the indicator light flashing, etc.

Runtime包括核心库和虚拟机。

runtime负责安卓系统的调度和管理。

Runtime includes core libraries and virtual machines.

The runtime is responsible for scheduling and management of the Android system.

The core library consists of two parts: one is the function functions that the java language needs to call, and the other is the core library of Android.

The application layer and the application framework layer run in virtual machines. The virtual machine executes the java files of the application layer and the application framework layer as binary files. The virtual machine is used to perform functions such as object lifecycle management, stack management, thread management, safety and exception management, and garbage collection.

A system library can include multiple functional modules. For example: surface manager (surface manager), media library (Media Libraries), 3D graphics processing library (eg: OpenGL ES), 2D graphics engine (eg: SGL), etc.

The Surface Manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications.

The media library supports playback and recording of a variety of commonly used audio and video formats, as well as still image files. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing.

2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is the layer between hardware and software. The kernel layer contains at least a display driver, a camera driver, an audio driver, a sensor driver, as well as WLAN Bluetooth capabilities and basic communication protocols.

操作系统中，电子设备100的补丁可以修复上述应用程序层、应用程序框架层、系统库和内核层等一项或多项程序漏洞，补丁还可以用于新增上述应用程序层、应用程序框架层、系统库和内核层等一项或多项产品特性或功能，本申请对此不作限制。 It is understood that a patch may be used to fix one or more software program vulnerabilities, or may be used to add one or more new product features or functionality. For example, in

In the operating system, the patch of the electronic device 100 can repair one or more program vulnerabilities such as the above-mentioned application layer, application framework layer, system library and kernel layer, and the patch can also be used to add the above-mentioned application layer and application framework. One or more product features or functions, such as layer, system library and kernel layer, are not limited in this application.

In some implementations, a patch file may include: version information, verification information, positioning information, and new code to be written, and other segments. The new code to be written can be a differential code or a replacement code. The difference code means that the patch code is the difference code between the old program code that has not fixed the vulnerability and the new program code that has fixed the vulnerability. The differential code can effectively compress the size of the patch file, reduce code duplication and save storage space. The replacement code means that the patch code can directly replace the code at the bug. For example, when reading the function where the bug is located, you can jump to the patch code to read the patch code instead of reading the code at the bug. After the patch code is read , and then jump back to the original program code to continue reading other codes.

The version information may refer to a program version to which the current patch file is applicable, and the version information includes a version number, a version name, and a generation time. The verification information can be a cyclic redundancy check (CRC) code, which is generally used to distinguish the identity information of the patch file and verify the correctness of the data in the patch file. The system can determine the patch through the version information and the verification information. Whether the file matches the system. A bug may be recorded in the positioning information, that is, the address of the code to be modified, and a jump address of jumping to the corresponding newly written code may be recorded. Therefore, the location information of the bug code in the original program can be found through the data in the location information segment, and then the new patch code can be written. The segment of the new code to be written contains the new function code. These new function codes can be generated by the compiler after programming. When the bug is fixed, the data of the segment is written into the original program, and the patch takes effect. Implement bug fixes.

In some embodiments, when a vulnerability is repaired to an original program, the terminal device will detect the running state of the original program in the system. When detecting that the original program is running, the terminal device further detects the patch file in the system. If it is detected that a patch file is set in the system, the patch file will be authenticated to determine whether the patch file matches the original program. Specifically, when verifying the patch file, the version information and verification information in the patch file can be read, and the patch file can be verified through the version information and verification information, that is, the verification data in the patch file, For example, the version number, generation time, and CRC check code are compared with the verification data in the original program to ensure that the patch file matches the original program in the system to avoid using the wrong patch file. If the verification is successful, it means that the patch file matches the original program on the terminal device; if the verification fails, it means that the patch file does not match the original program on the terminal device. In the case of successful verification, the terminal device will obtain the location information of the code to be modified and the new code to be written in the patch file, so as to write the new code for the patch at the bug to realize functions such as repairing the vulnerability.

FIG. 4 is a schematic diagram of machine coding of patch codes according to an embodiment of the present application.

After receiving the original interpretive patch code issued by the cloud server, the electronic device 100 may compile the original interpretive code into machine code that can be directly executed by the computer processor based on the version information of the device.

Referring to FIG. 4 , the patch may be composed of public code 401 and private code 402 , both of which are non-machine codes, ie, interpretive codes. The common code 401 will be compiled into the machine code of the common module in the process of machine coding. The interface or function used by the private code 402 is the code of the lower-level development kit. The compiled machine code of the private code 402 is composed of a combination of absolute addresses and relative addresses. The above-mentioned public code 401 and private code 402 are both original interpretive codes, that is to say, the above-mentioned public code 401 and private code 402 are non-machine codes, which can rely on some specific containers to shield differences, so cross-device can be achieved. run.

When compiling the patched non-machine code into machine code, the electronic device 100 compiles the private code 402 into the machine code 403 of the private code, and compiles the public code 401 into the machine code 404 of the public code. The machine code 403 of the private code is the machine code generated after the private code is compiled in the process of machine coding. Generally, this part of the code can be commonly used on different electronic devices, and the private resources in each platform referenced in this part of the code can be shared. The machine code 404 of the common code is the machine code generated after the common code is compiled in the process of machine coding. The part of the code can be generated based on the code of the middle layer public interface of the electronic device. Since the resources and configurations of different electronic devices are not the same, the public addresses of the public interfaces of different devices are also different. The public code 401 can be combined with the public addresses of the public interfaces of different devices to generate a strong correlation with the electronic devices. machine code. For example, taking the electronic device as the mobile phone 400 as an example, the public code 401 combines the obtained offset address related to the mobile phone 400 to generate the machine code 404 of the public code related to the mobile phone 400, and save it in the boot.art file .

The machine code 403 of the private code and the machine code 404 of the public code are combined to form the patch machine code 405 . The patch machine code 405 may be stored in a buffer pool of the electronic device.

The patch code in the patch pool can be machine-coded based on the device on which the patch pool is mounted. However, on different devices, the body code of the same patch code is the same, and the offset address of the same function may be different, so the corresponding machine codes of the patch code are different when machine coding is performed on different devices. A mapping table can be stored in the patch pool to record these differences and mark the relevant devices corresponding to the differences. In this way, when the machine-coded patch code in the patch pool is migrated to the second device, a new patch machine code can be quickly synthesized in combination with the differences corresponding to the second device. The synthesis method includes but is not limited to binary synthesis, disk block Synthesis or code relocation, etc.

For example, the patch pool stores information about patch offset A 406 corresponding to the mobile phone 400 and patch offset B 407 corresponding to the watch 408 . The patch offset A 406 may include: the patch machine code offset, the identifier of the mobile phone 400 corresponding to the offset in the local area network, and the matching information of the patch-related content. The patch offset B 408 may include: the patch machine code offset, the identifier of the watch 408 corresponding to the offset in the local area network, and the matching information of the patch-related content. If the version information of the mobile phone 400 and the watch 408 to be patched is different, the offset address of the public interface may be different, and the patch offset A 406 and the patch offset B 407 are also different. However, when the patch machine code of the mobile phone 400 is migrated to the watch 408, the patch machine code of the mobile phone 400 can be combined with the patch offset B of the watch 408 to quickly synthesize a new patch machine code, and the new patch machine code can be added to the watch 408. effective on.

Exemplarily, the patch pool may store a mapping table, and the mapping table may record information such as the version number, the unique identification number of the electronic device, and the offset. Wherein, exemplary, the mapping table may be as shown in Table 1 below:

Table 1

As shown in Table 1, the unique identification number of the electronic device recorded in this exemplary mapping table is a product serial number (serial number, SN) of the electronic device as an example. The version number of the electronic device 869672321140250 is 10.0.1, and the offset corresponding to the electronic device is 1F69H. The version number owned by the electronic device 869672321150369 is 10.0.2, and the offset corresponding to the electronic device is 0F60H. The version number of the electronic device 869672321120568 is 10.0.3, and the offset corresponding to the electronic device is 0060H. The H at the end of the offset may represent that the offset is a hexadecimal number.

In other embodiments, the unique identification number of the electronic device recorded in the mapping table may be a fixed physical address (media access control, MAC) of the electronic device, or may be a unique number that distinguishes the electronic device from other electronic devices. This application does not limit this.

It can be understood that, the above example table is only used to explain the present application, and should not be construed to limit the present application.

It can be understood that FIG. 4 merely illustrates the implementation of the machine-coded original explanatory patch code, and should not constitute a specific limitation to the present application.

Hereinafter, based on the aforementioned communication system 10 and electronic device 100, the patching method provided by the present application will be described in detail.

Example 1

In this embodiment, the interaction between the mobile phone and the tablet computer is used as an example for description. Mobile phones can be used as devices to mount patch pools and machine-coded patches, and tablets can be used as devices to obtain patches to fix bugs or upgrade product features. Mobile phones and tablet computers are terminal devices with strong computing processing capabilities and sufficient internal storage space. The mobile phone and the tablet computer are in the same local area network. The mobile phone can machine code the patch on the mobile phone side according to the version information of the tablet computer, generate a patch file in the form of machine code, and then send it to the tablet computer. The tablet computer reads the patch file, Patch takes effect.

In some embodiments, the device on which the patch pool is mounted and the device on which the machine-coded patch is mounted may not be the same device. For example, the laptop is the device on which the patch pool is mounted. The laptop can obtain each patch from the cloud server and store it in the patch pool. The patch pool is visible to all devices connected to the same LAN. The mobile phone, tablet computer and laptop are in the same local area network. The mobile phone can obtain a patch in the patch pool, and machine code the patch on the mobile phone side according to the version information of the tablet computer to generate a patch file in the form of machine code. Then send it to the tablet computer, the tablet computer reads the patch file, and the patch takes effect.

It can be understood that the interaction between the mobile phone and the tablet computer is only for an exemplary illustration, and does not constitute any limitation to the embodiments of the present application.

FIG. 5 shows a flow of a patching method provided by an embodiment of the present application. Specifically, the following steps may be included:

S101, the mobile phone and the tablet computer are connected to the same local area network.

Specifically, the mobile phone and the tablet computer can be in the same local area network by accessing the same Wi-Fi access point provided by the same router, and the mobile phone and the tablet computer can establish a wireless communication connection between the two through the Wi-Fi access point. (may also be referred to as the first connection). In the local area network, information such as the patch pool mounted on the mobile phone and the location of the patch pool may be visible to the tablet computer.

S102. As a device for mounting the patch pool, the mobile phone can obtain the first patch (also referred to as the first patch file) issued by the cloud server, and the first patch can be used to repair the first vulnerability of the first program.

Specifically, the patch pool may refer to one or more directories in which one or more patches are stored. The directory can be set to be visible to other devices in the local area network, and for other devices not in the same local area network, the directory is accessible to other devices. its not visible. Specifically, the patch pool can be a directory on the mounted mobile device, such as /data/hotpatch/, and the properties of the directory can be set to be visible to other devices in the local area network. In this way, the storage location of the patch pool will be exposed in the throughout the local area network.

The first patch may include one or more patch files, and the code form of the first patch may be interpretive code or machine code, which is not limited in this application. If it is a patch file in the form of machine code, the cloud server needs to obtain the version information of the program in the device that needs to be patched before issuing the patch, and then perform machine coding in the cloud according to the version information, and then send it to the device side. No need to compile, you can run machine code directly. The first patch may be actively pushed to the mobile phone after being generated by the cloud server, or may be issued according to the request of the mobile phone, which is not limited in this application.

S103. According to the version number A of the first program in the mobile phone, the mobile phone compiles the code of the first patch into machine code A (also referred to as the first machine code).

Specifically, in the same local area network, the version information of the first program on different electronic devices may be different, and the version information may include information such as version name, version number, etc. In this embodiment, the version information of the first program in the mobile phone It can be called the first version information. The version number of the first program of the mobile phone is version number A. The mobile phone also stores a first mapping table, and the first mapping table may record the one-to-one correspondence between different version numbers of the first program and the offsets relative to the machine code A. The version information of the first program is different, and the offset address of the same function interface may be different, so different versions of the program will correspond to different offsets.

Of course, other corresponding information can also be recorded in the first mapping table. For example, the mobile phone can obtain a certain version of the first program currently used by other electronic devices in the local area network, then the first mapping table can also record the information of the electronic device. The correspondence between the unique identification number (identity document, ID) and the version number. The ID of an electronic device can be its fixed physical address (media access control, MAC), or the product serial number (SN) of the electronic device, or other unique identifications that distinguish the electronic device from other electronic devices. No., this application does not limit it.

S104, the mobile phone obtains information such as the ID of the tablet computer, the version number B of the first program in the tablet computer, and the like.

The tablet's ID is the unique identification number of the tablet. The ID of the tablet computer may be a MAC number, an SN number, or other unique identification numbers of the tablet computer that are different from other electronic devices, which are not limited in this application.

In this embodiment, the version information of the first program in the tablet computer may be referred to as the second version information. The version number of the first program of the tablet computer is version number B, which is different from the version number A of the first program in the mobile phone.

S105, the mobile phone queries the first mapping table, and the version number B corresponds to the offset B (which may also be referred to as the first offset). The mobile phone synthesizes the offset B corresponding to the version number B and the machine code A into the machine code B (also called the second machine code), and generates the patch file B (also called the second patch file), and the patch file B It is a patch file that can be used to fix the first vulnerability whose first program is version B.

Specifically, the manner in which the offset B and the machine code A are combined into the machine code B may include, but is not limited to, a binary synthesis manner, a disk block synthesis manner, and a code relocation manner. Among them, the binary synthesis method refers to synthesizing multiple binary files into one, and the address offset of the data segment is specified, and the addresses between the data segments are filled with default values. The disk block combination method refers to combining multiple physical hard blocks into one logical hard disk. The code relocation method refers to the process of transforming the logical address space of the program into the actual physical address space in the memory. There are two methods of relocation, namely dynamic relocation and static relocation. Static relocation is completed during the process of loading the program into memory, which means that before the program starts to run, all address-related items in the program have been relocated. Change again. Dynamic relocation is not done when the program is loaded into memory, but every time the central processing unit (CPU) accesses the memory, a dynamic address translation mechanism (hardware) automatically converts the relative address into an absolute address. Dynamic relocation requires the cooperation of software and hardware.

It can be understood that the patch file B may include one or more files.

S106, the mobile phone sends a broadcast in the local area network, and the broadcast message may include the device ID (such as the mobile phone ID) of the mounted patch pool, the device ID (such as the tablet computer ID) supported by the patch file B, and the device ID supported by the patch file B. The first program version number (eg version number B) and so on.

S107, the tablet computer responds to the broadcast of the mobile phone, and the response message may include the mobile phone ID, the tablet computer ID, the version number B, and the like.

S108, the tablet computer obtains the patch file B generated by the mobile phone side.

After the tablet computer answers the broadcast of the mobile phone and the mobile phone verifies the identity of the tablet computer, the mobile phone can send the patch file B to the tablet computer side.

S109. When running the first program, the tablet computer loads the patch file B, the first patch takes effect, and the first vulnerability in the first program is repaired.

In some embodiments, the code in the patch file may be a differential code, then load the patch file B, and the patch file B will be synthesized with the original first program code to generate a new first program code, which is repaired in the new first program code The first flaw is the problem.

In other embodiments, the code in the patch file may be replacement code, then when the tablet computer runs the machine code corresponding to the first vulnerability of the first program, it can jump to load the patch file B, the patch takes effect, and the first program The first bug in . After the patch file B is read, jump back to the original program. Specifically, the tablet computer can make the patch file B in the format of a loadable dynamic link library, and the patch file B contains the code information of the first vulnerability in the first program and the code information of repairing the first vulnerability, and then, through In the process of loading the patch file into the address space of the first program process, the loader finds the address of the first vulnerability, changes the entry instruction of the first vulnerability to writable, and at the same time changes the entry instruction of the first vulnerability to jump to the code in patch file B that fixes the first vulnerability. When the tablet computer runs the first program, it runs to the machine code corresponding to the first vulnerability in the first program, and can be redirected to the position of the new code in the patch file B that fixes the first vulnerability. After the patch code for repairing the first vulnerability is executed, it returns to the original first program to continue running.

FIG. 6 is a schematic diagram of a scene of the method for patching according to the first method embodiment.

As exemplarily shown in FIG. 6 , the implementation scenario may include: a mobile phone 102 , a router 103 , and a tablet computer 104 . The mobile phone 102 and the tablet computer 104 can be in the same local area network by accessing the same Wi-Fi access point provided by the router 103 . The first program in the mobile phone 102 is the version number A, and the first program in the tablet computer 104 is the version number B.

In the implementation scenario shown in FIG. 6 , the mobile phone 102 is a mounting device of the patch pool. For the description of the patch pool, reference may be made to the description about the patch pool in the foregoing description, which will not be repeated here.

Referring to the patching method described in steps 101 to 109, the mobile phone 102 can receive the first patch code for repairing the first vulnerability in the first program from the cloud server side. Based on the version information of the mobile phone 102 itself, such as device-related information such as version number A, the mobile phone 102 machine-codes the explanatory patch code of the first patch, compiles it into the patch machine code A, and stores it. The mobile phone 102 may also store a first mapping table. The first mapping table may record a one-to-one correspondence between different version numbers of the first program and the offsets relative to the machine code A. The version information of the first program is different, and the offset address of the same function interface may be different, so different versions of the program will correspond to different offsets.

The mobile phone can obtain information such as the ID of the tablet computer in the same local area network, the version number B of the first program in the tablet computer, and so on. The mobile phone queries the first mapping table, and the version number B corresponds to the offset B. The mobile phone synthesizes the offset B corresponding to the version number B and the patch machine code A to form the patch machine code B, and generates a patch file B. The patch file B is a patch that can be used to fix the first vulnerability whose first program is version B. document.

Then the mobile phone can send a broadcast in the local area network, and the broadcast message can include the mobile phone ID of the patch pool mounted, the tablet ID supported by the patch file B, the first program version number B supported by the patch file B, and so on. After the tablet computer answers the broadcast of the mobile phone and the mobile phone verifies the identity of the tablet computer, the mobile phone can send the patch file B to the tablet computer side. When running the first program, the tablet computer loads the patch file B, the patch takes effect, and the first vulnerability in the first program is repaired.

For more details, reference may be made to the descriptions in steps 101 to 109, which will not be repeated here. It can be understood that, the implementation scenario in FIG. 6 is only used to illustrate the embodiments of the present application, and does not constitute any limitation to the present application.

Embodiment 2

In this embodiment, the interaction between the mobile phone and the smart speaker is used as an example for description. Mobile phones can be used as devices to mount patch pools and machine-coded patches, and smart speakers can be used as devices that need to obtain patches to fix bugs or upgrade product features. A mobile phone is a terminal device with strong computing processing capability and sufficient internal storage space. A smart speaker is a terminal device with weak computing processing power and small internal storage space. The mobile phone and the smart speaker are in the same local area network. The mobile phone can machine code the patch on the mobile phone side according to the version information of the smart speaker, generate a patch file in the form of machine code and store it on the mobile phone side. When the smart speaker receives an interactive request for a file related to the vulnerability repaired by the patch, it can be forwarded to the mobile phone, and the mobile phone will read the file that has been patched to fix the vulnerability, and the mobile phone will send the interactive result or execute the instruction to the smart speaker. The patch takes effect.

In some embodiments, the device on which the patch pool is mounted and the device on which the machine-coded patch is mounted may not be the same device. For example, the laptop is the device on which the patch pool is mounted. The laptop can obtain each patch from the cloud server and store it in the patch pool. The patch pool is visible to all devices connected to the same LAN. The mobile phone, smart speaker and laptop are in the same local area network. The mobile phone can obtain a patch in the patch pool, and machine code the patch on the mobile phone side according to the version information of the smart speaker to generate a patch file in the form of machine code.

It can be understood that the interaction between the mobile phone and the smart speaker is only for an exemplary illustration, and does not constitute any limitation to the embodiments of the present application. In addition to smart speakers, the devices that receive patches can also be smart watches, smart bracelets, smart desk lamps, smart headphones and other electronic devices with weak computing processing power or small internal storage space.

FIG. 7 shows another method flow of patching provided by an embodiment of the present application. Specifically, the following steps may be included:

S201, mobile phone and smart speaker are connected to the same local area network.

Specifically, the mobile phone and the smart speaker can be in the same local area network by accessing the same Wi-Fi access point provided by the same router, and the mobile phone and the smart speaker can establish a wireless communication connection between the two through the Wi-Fi access point. (may also be referred to as the first connection). In the local area network, information such as the patch pool mounted on the mobile phone and the location of the patch pool can be visible to the smart speaker.

S202. As the device for mounting the patch pool, the mobile phone can obtain the first patch (also referred to as the first patch file) issued by the cloud server, and the first patch can be used to repair the first vulnerability of the first program.

Specifically, the patch pool may refer to one or more directories in which one or more patches are stored. The directory can be set to be visible to other devices in the local area network, and for other devices not in the same local area network, the directory is accessible to other devices. its not visible. Specifically, the patch pool can be a directory on the mounted mobile device, such as /data/hotpatch/, and the properties of the directory can be set to be visible to other devices in the local area network. In this way, the storage location of the patch pool will be exposed in the throughout the local area network.

The code form of the first patch may be interpretive code or machine code, which is not limited in this application. If it is a patch file in the form of machine code, the cloud server needs to obtain the version information of the program in the device that needs to be patched before issuing the patch, and then perform machine coding in the cloud according to the version information, and then send it to the device side. No need to compile, you can run machine code directly. The first patch may be actively pushed to the mobile phone after being generated by the cloud server, or may be issued according to the request of the mobile phone, which is not limited in this application.

S203. According to the version number A of the first program in the mobile phone, the mobile phone compiles the code of the first patch into machine code A (also referred to as the first machine code).

Specifically, in the same local area network, the version information of the first program on different electronic devices may be different, and the version information may include information such as version name, version number, etc. In this embodiment, the version information of the first program in the mobile phone It can be called the first version information. The version number of the first program of the mobile phone is version number A. The mobile phone also stores a first mapping table, and the first mapping table may record the one-to-one correspondence between different version numbers of the first program and the offsets relative to the machine code A. The version information of the first program is different, and the offset address of the same function interface may be different, so different versions of the program will correspond to different offsets.

Of course, other corresponding information can also be recorded in the first mapping table. For example, the mobile phone can obtain a certain version of the first program currently used by other electronic devices in the local area network, then the first mapping table can also record the information of the electronic device. The correspondence between ID and version number. The ID of the electronic device may be a MAC number, an SN number of the electronic device, or other unique identification numbers of the electronic device different from other electronic devices, which are not limited in this application.

S204, the mobile phone obtains information such as the ID of the smart speaker, the version number C of the first program in the smart speaker, and the like.

The ID of the smart speaker is the unique identification number of the smart speaker. The ID of the smart speaker may be a MAC number, an SN number, or other unique identification numbers of the smart speaker that are different from other electronic devices, which are not limited in this application.

In this embodiment, the version information of the first program in the smart speaker may be referred to as the second version information. The version number of the first program of the smart speaker is version number C, which is different from the version number A of the first program in the mobile phone.

S205 , the mobile phone queries the first mapping table, and the version number C corresponds to the offset C (which may also be referred to as the first offset). The mobile phone synthesizes the offset C corresponding to the version number C and the machine code A into the machine code C (also called the second machine code), and generates the patch file C (also called the second patch file), the patch file C It is a patch file that can be used to fix the first vulnerability whose first program is version C.

Specifically, the manner of synthesizing the machine code C with the offset C and the machine code A may include, but is not limited to, a binary synthesis manner, a disk block synthesis manner, and a code relocation manner. For the description of the three relocation modes, reference may be made to the description in the foregoing step S105, and details are not repeated here.

S206, the mobile phone sends a broadcast in the local area network, and the broadcast message may include the device ID (such as the mobile phone ID) of the patch pool mounted, the device ID (such as the smart speaker ID) supported by the patch file C, and the device ID supported by the patch file C. The first program version number (eg version number C) and so on.

S207, the smart speaker responds to the broadcast of the mobile phone, and the response message may include the mobile phone ID, the smart speaker ID, the version number C, and the like.

S208, the mobile phone obtains a file L in the smart speaker, where the file L is a file corresponding to the first program.

Since the computing processing capability of the smart speaker is poor or the internal storage space is small, in this embodiment, the patch file C is stored or read on the side of the mobile phone, and the patch file C does not need to be stored on the side of the smart speaker. The file L may include one or more files, and the file L stores the content of the first program.

S209. The mobile phone generates a file M, where the file M may be a file synthesized by the file L and the patch file C, and the file M in the mobile phone is associated with the file L in the smart speaker.

The mobile phone can obtain the file L corresponding to the first program in the smart speaker, and combine the patch file C and the file L into a file M on the mobile phone side, where the file M is one or more first program files for which the first vulnerability has been fixed. The file M can be stored on the mobile phone side. File M may also include one or more files.

On the smart speaker side, you can set the path association between the file L in the smart speaker and the file M in the local area network. When the file L receives an interactive request, the interactive request will be forwarded to the file M.

S210. The file L in the smart speaker receives an interaction request.

S211 , the smart speaker forwards the interactive request for the file L to the file M in the mobile phone.

S212, the mobile phone reads the file M, generates an interaction result or instruction, and sends the interaction result or instruction to the smart speaker.

S213, the smart speaker executes the interactive result or instruction, the first patch takes effect, and the first loophole of the first program of the smart speaker is repaired.

Specifically, the mobile phone can send relevant instructions or interactive results to the smart speaker through the communication connection. After receiving the instruction or interaction result, the smart speaker executes related functions to fix the first loophole in the first program.

S214. The smart speaker is disconnected from the local area network.

When the smart speaker is disconnected from the communication connection with the mobile phone, the file M cached in the mobile phone for solving the first vulnerability can continue to be saved in the mobile phone, and will continue to take effect when the smart speaker is connected to the local area network next time; the file M also It can be deleted when the network is disconnected, and the mobile phone will regenerate the file M when the smart speaker is connected to the local area network next time.

S215. The file L in the smart speaker receives an interaction request.

S216. Since the connection with the local area network has been disconnected, the smart speaker cannot read the file M in the local area network that fixes the first vulnerability, so the file L is read, and the first vulnerability in the first program in the smart speaker is not repaired.

In this embodiment, the vulnerability repair on the side of the smart speaker needs to rely on the patch file provided by the mobile phone in the local area network, so the smart speaker needs to be connected to the network to repair the vulnerability. If the smart speaker is disconnected from the local area network, the patch file to fix the vulnerability cannot be obtained, and the corresponding vulnerability cannot be fixed.

FIG. 8 is a schematic diagram of a scene of the method for patching according to the second method embodiment.

As exemplarily shown in FIG. 8 , the implementation scenario may include: a mobile phone 102 , a router 103 , and a smart speaker 107 . The mobile phone 102 and the smart speaker 107 can be in the same local area network by accessing the same Wi-Fi access point provided by the router 103 . The first program in the mobile phone 102 is version A, and the first program in the smart speaker 107 is version C.

In the implementation scenario shown in FIG. 8 , the mobile phone 102 is a mounting device of the patch pool. For the description of the patch pool, reference may be made to the description about the patch pool in the foregoing description, which will not be repeated here.

Referring to the patching method described in steps 201 to 216, the mobile phone 102 may receive the first patch code for fixing the first vulnerability in the first program from the cloud server side. Based on the version information of the mobile phone 102 itself, such as device-related information such as version number A, the mobile phone 102 machine-codes the explanatory patch code of the first patch, compiles it into the patch machine code A, and stores it. The mobile phone 102 may also store a first mapping table. The first mapping table may record a one-to-one correspondence between different version numbers of the first program and the offsets relative to the machine code A. The version information of the first program is different, and the offset address of the same function interface may be different, so different versions of the program will correspond to different offsets.

The mobile phone can obtain information such as the ID of the smart speaker in the same local area network and the version number C of the first program in the smart speaker. The mobile phone queries the first mapping table, and the version number C corresponds to the offset C. The mobile phone synthesizes the offset C corresponding to the version number C and the patch machine code A into the patch machine code C, and generates a patch file C, which is a patch that can be used to fix the first vulnerability whose first program is version C. document.

Then the mobile phone can send a broadcast in the local area network, and the broadcast message can include the mobile phone ID of the patch pool mounted, the smart speaker ID supported by the patch file C, the first program version number C supported by the patch file C and so on. After the smart speaker responds to the broadcast of the mobile phone and the mobile phone verifies the identity of the smart speaker, the mobile phone can obtain the file L corresponding to the first program in the smart speaker, and synthesize the file L and the patch file C into the file M on the mobile phone side, and the file M is The file of the first vulnerability has been fixed and stored on the mobile phone side. On the smart speaker side, you can set the path association between the file L in the smart speaker and the file M in the local area network. When the file L receives an interactive request, the interactive request will be forwarded to the file M.

When the file L in the smart speaker receives the interactive request, the smart speaker forwards the interactive request for the file L to the file M in the mobile phone. The mobile phone reads the file M, generates interactive results or instructions, and sends the interactive results or instructions to the smart speaker. The smart speaker executes the interactive result or instruction, the first patch takes effect, and the first loophole of the first program of the smart speaker is fixed. When the smart speaker is disconnected from the local area network, the first patch fails and the first vulnerability cannot be fixed.

For more details, reference may be made to the descriptions in steps 101 to 109, which will not be repeated here. It can be understood that, the implementation scenario in FIG. 8 is only for illustrating the embodiments of the present application, and does not constitute any limitation to the present application.

An exemplary user interface for the application menu on the electronic device 100 is described below.

FIG. 9A shows an exemplary user interface 901 .

User interface 901 may include a status bar 902, a calendar indicator 903, other application icons 904, a page indicator 905, and a tray 906 with icons of frequently used applications.

Status bar 902 may include: one or more signal strength indicators for mobile communication signals (also known as cellular signals), one or more signal strength indicators for wireless fidelity (Wi-Fi) signals, battery status indicators, etc.

Calendar indicator 903 may be used to indicate the current time, such as date, day of the week, hour and minute information, and the like.

Other application icons 904 may be, for example, a music icon, a calculator icon, a browser icon, a settings icon, and the like.

The page indicator 905 may be used to indicate the application in which page the user is currently viewing. Users can swipe left and right in the area of other application icons to browse application icons in other pages.

A tray 906 with icons of commonly used applications may display: a camera icon, an address book icon, a phone icon, an information icon, and the like.

In some embodiments, the user interface 901 exemplarily shown in FIG. 9A may be the home screen.

In some other embodiments, the electronic device may also include a home screen key. The home screen key can be a physical key or a virtual key. The home screen button can be used to receive the user's instruction and return the currently displayed UI to the home interface, so that it is convenient for the user to view the home screen at any time. The above instruction may be an operation instruction for the user to press the home screen key once, or an operation instruction for the user to press the home screen key twice in a short period of time, or the user presses the home screen key for a predetermined period of time. operation instructions. In some other embodiments of the present application, the home screen key may also be integrated with a fingerprint reader, so that when the user presses the home screen key, fingerprint collection and identification are performed accordingly.

It can be understood that, FIG. 9A only exemplarily shows the user interface on the electronic device 100 , and should not constitute a limitation to the embodiments of the present application.

The application scenarios involved in the present application and some embodiments of the user interface implemented on the electronic device 100 are described below.

9A and 9B show an exemplary user interface of the electronic device 100 when the mobile phone 102 obtains the relevant authority of the electronic device 100 in the local area network.

As shown in FIG. 9A , when the mobile phone 102 in the same local area network needs to obtain the relevant information of the electronic device 100 (for example, the version number of the first program, the ID of the electronic device 100 , etc.), the electronic device 100 can display in the user interface 901 Prompt box 907, the prompt box 907 can be used to prompt the user whether to give the mobile phone 102 the corresponding permission. For example, the prompt information displayed in the prompt box 907 may be the text "Do you allow the mobile phone 102 in the network to obtain your device information?". Not limited to text information, the prompt information may also be voice output from the electronic device 100 or other types of prompt information, etc., which is not limited in this application. The prompt box 907 can also display corresponding controls, so that the user can choose whether to give the mobile phone 102 corresponding permissions. In response to a user's touch operation (such as a click) on the control, the electronic device 100 may execute the option corresponding to the control to allow the mobile phone 102 to obtain information related to the electronic device 100 only this time, and to always allow the mobile phone 102 to obtain information related to the electronic device 100. Or reject the option of the mobile phone 102 to obtain the relevant information of the electronic device 100 . For example, the prompt box 907 may display an "Allow" control, an "Always Allow" control and a "Deny" control, and after detecting a user's touch operation (such as a click) on the "Always Allow" control, the electronic device 100 may perform a In this state, the mobile phone 102 is always allowed to obtain the instruction of the relevant information of the electronic device 100 .

As shown in FIG. 9B , when the mobile phone 102 in the same local area network sends the patch file for repairing the first vulnerability on the electronic device 100 to the electronic device 100, the electronic device 100 may display a prompt box 908 on the user interface 901, the prompt box 908 It can be used to prompt the user whether to allow the mobile phone 102 to update the patch to the electronic device 100 . For example, the information displayed in the prompt box may be the text "Does the mobile phone 102 in the network allow the mobile phone 102 to update the patch for you?". Not limited to text information, the prompt information may also be voice output from the electronic device 100 or other types of prompt information, etc., which is not limited in this application. The prompt box 908 may also display corresponding controls for the user to select whether to allow the mobile phone 102 to update the patch to the electronic device 100 or not. In response to a user's touch operation (for example, a click) on the control, the electronic device 100 may execute the option corresponding to the control to only allow the mobile phone 102 to send patches to the electronic device 100 this time, and to always allow the mobile phone 102 to send the patch to the electronic device 100 this time. The option to send the patch or to deny the phone 102 the option to send the patch to the electronic device 100 . For example, the prompt box 908 may display an "Allow" control, an "Always Allow" control, and a "Deny" control, and upon detecting a user's touch operation (eg, a click) on the "Always Allow" control, the electronic device 100 may perform a The state always allows the mobile phone 102 to update the patch to the electronic device 100 instruction.

FIG. 10A , FIG. 10B , and FIG. 10C show user interfaces related to the technical effects exhibited after implementing the technical solutions of the present application.

FIG. 10A exemplarily shows an implementation scenario. The implementation scenario may include: a mobile phone 102 , a smart watch 109 and a tablet computer 104 . The mobile phone 102 and the smart watch 109 and the tablet computer 104 can be in the same local area network by accessing the same wireless access point, and establish a communication connection with each other.

The user interface 1001 of the mobile phone 102 may be displayed when the mobile phone 102 finds that the required patch is generated by the cloud server. The user interface 1001 may include a title bar 1004, a program version update main interface 1005, and the like.

Title bar 1004 may include a current page indicator, and return navigation controls. The current page indicator can be used to indicate the current page, for example, the text information "system update" can be used to indicate that the current page is used to display system update related information. Not limited to text information, the current page indicator may also be an icon. Returning a navigation control can be used to listen for actions (such as touches) through the control. In response to this operation, the electronic device can return to the previous interface from the current interface.

The program version update main interface 1005 may display one or more version update related information items, and the one or more version update related information items may include: an electronic device discovers a new patch prompt item, a patch package size information item, an update time information item, Update log information entries, etc.

On each item of version update related information in the program version update main interface 1005, there are corresponding titles and text descriptions. For example, when the electronic device finds a new patch, the corresponding title is "New Patch Found", the corresponding title of the patch package size information entry is "Patch Package", the text description is the found new version number "Size: 2.32MB", and the update time The title corresponding to the information entry is "Update Time", the text description is "Date: September 20, 2020", the title corresponding to the update log information entry is "Update Log", and the text description is "This update adds system security fixes. Patches, Fix System Vulnerabilities" etc.

The program version update main interface 1005 may also include an "update" operation control 1006 and a "cancel" operation control 1007, which can be used to monitor operations (such as touch operations) through the controls. In response to the operation acting on "update" or "cancel", the electronic device will update the patch, or cancel the update patch.

In some other embodiments, the program version update page may display other program version update related information, including but not limited to, for example, third-party applications. On the version update page, information items related to version update may be added, or information items related to version update may be decreased, which is not limited in this application.

The user interface 1002 of the smart watch 109 and the user interface 1003 of the tablet 104 may include some or all of the same interface elements (eg, status bar, calendar indicator, application icon, page indicator, and trays for commonly used application icons, etc.), which will not be repeated here.

The user interface 1008 of the mobile phone 102 exemplarily shown in FIG. 10B can be the user interface displayed on the mobile phone 102 when receiving and downloading the patch issued by the cloud server. The user interface 1008 can be used to prompt the user to download the patch from the cloud server The progress of the server downloading patches. For example, an icon 1009 may be displayed that informs the user that the patch is being downloaded and that the download progress is 25%. The user interface 1008 may also display the text message "Downloading Patch" to remind the user that the patch is being downloaded. Not limited to text information, the prompt information may also be voice output from the mobile phone 102 or other types of prompt information, etc., which is not limited in this application. The user interface 1008 may also display a cancel control 1010 for listening to touch operations (eg, clicks) acting on the control. In response to the "cancel" operation, the mobile phone 102 can cancel the patch download from the cloud-side server.

FIG. 10C exemplarily shows the user interface 1011 of the cell phone 102 , the user interface 1012 of the smart watch 109 , and the user interface 1013 of the tablet computer 104 . The above user interface may prompt the user that, in this implementation scenario, the first vulnerabilities of different versions of the first program in the mobile phone 102 , the smart watch 109 and the tablet computer 104 have all been repaired. For example, the user interface 1011 may display the text prompt information "The first vulnerability has been fixed", and display the version number information "Version 10.0" of the first program possessed by the mobile phone 102, and the user interface 1012 may display the text prompt information "The first program" A bug has been fixed”, and the version number information “Version 8.0” of the first program owned by the smart watch 109 is displayed, and the user interface 1013 can display the text prompt information “The first bug has been fixed”, and display the tablet computer 104 The version number information "version 9.0" of the owned first program. Not limited to text information, the prompt information may also be voice output by the electronic device or other types of prompt information, etc., which is not limited in this application.

In the embodiments shown in FIG. 10A , FIG. 10B , and FIG. 10C , only the mobile phone 102 downloads the first patch to fix the first vulnerability from the cloud server. Machine code. Then the mobile phone can generate a new patch machine code according to the obtained machine code offset corresponding to the version 8.0 of the smart watch 109 and the version 9.0 of the tablet computer 104 . For the specific method for the tablet computer 104 to obtain the patch in the mobile phone 102, please refer to the method embodiment 1, and for the specific method for the smart watch 109 to obtain the patch in the mobile phone 102, please refer to the second method embodiment, which will not be repeated here. The tablet 104 and the smart watch 109 located in the same local area network as the mobile phone 102 do not need to download the same patch from the cloud server repeatedly, so in FIG. However, when the mobile phone 102 downloads the patch, the smart watch 109 and the tablet computer 104 with different program versions in the same local area network will automatically repair the same vulnerability targeted by the patch. By implementing this embodiment, repeated downloading of the same patch can be avoided, bandwidth is saved, and patching efficiency is improved.

It can be understood that FIGS. 9A , 9B, 10A, 10B, and 10C are only examples of some user interfaces, and do not constitute any limitation to other embodiments of the present application.

As used in the above embodiments, the term "when" may be interpreted to mean "if" or "after" or "in response to determining..." or "in response to detecting..." depending on the context. Similarly, depending on the context, the phrases "on determining..." or "if detecting (the stated condition or event)" can be interpreted to mean "if determining..." or "in response to determining..." or "on detecting (the stated condition or event)" or "in response to the detection of (the stated condition or event)".

In the above-mentioned embodiments, it may be implemented in whole or in part by software, hardware, firmware or any combination thereof. When implemented in software, it can be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, all or part of the processes or functions described in the embodiments of the present application are generated. The computer may be a general purpose computer, special purpose computer, computer network, or other programmable device. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be downloaded from a website site, computer, server, or data center Transmission to another website site, computer, server, or data center by wire (eg, coaxial cable, optical fiber, digital subscriber line) or wireless (eg, infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device such as a server, a data center, or the like that includes an integration of one or more available media. The usable media may be magnetic media (eg, floppy disks, hard disks, magnetic tapes), optical media (eg, DVDs), or semiconductor media (eg, solid state drives), and the like.

Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented. The process can be completed by instructing the relevant hardware by a computer program, and the program can be stored in a computer-readable storage medium. When the program is executed , which may include the processes of the foregoing method embodiments. The aforementioned storage medium includes: ROM or random storage memory RAM, magnetic disk or optical disk and other mediums that can store program codes.

Claims (12)

A method for patching, the method comprising: establishing a first connection between the first electronic device and the second electronic device; obtaining, by the first electronic device, a first patch file, where the first patch file is used to repair a first vulnerability of a first program, and the first vulnerability exists in the first program of the second electronic device; The first electronic device compiles the first patch into a first machine code according to the first version information of the first program; The first electronic device synthesizes the first machine code and the first offset into a second machine code, and burns the second machine code to generate a second patch file, wherein the first offset The amount is determined according to the second version information, the second version information is the version information of the first program in the second electronic device, and the second version information is the first electronic device through the first connection obtained from the second electronic device, the second patch file is used to repair the first vulnerability of the first program whose version information is the second version information. The method according to claim 1, wherein the first offset is determined according to the second version information, and specifically includes: The first offset is determined according to the correspondence between the second version information recorded in the first mapping table and the first offset. The method according to claim 1 or 2, further comprising: The first electronic device sends the second patch file to the second electronic device, where the second patch file is used to synthesize the second program file with the first program file in the second electronic device, wherein , the first program file is the executable file of the first program in the second electronic device that has not repaired the first vulnerability, and the second program file is the second electronic device that has been repaired The executable file of the first program of the first vulnerability. The method according to claim 1 or 2, further comprising: When the second electronic device receives the interaction request for the first program file, the first electronic device receives the interaction request for the second program file through the first connection, wherein the The first program file is an executable file of the first program in the second electronic device that does not fix the first vulnerability, and the second program file is the first electronic device that uses the first program The file is synthesized with the second patch file, the second program file is the executable file of the first program that has repaired the first vulnerability, and the first program on the second electronic device file association with the second program file on the first electronic device; The first electronic device reads the second program file, generates interaction results or executable instructions, and sends the interaction results or executable instructions to the second electronic device through the first connection. The method according to any one of claims 1-4, wherein after the first electronic device generates the second patch file, the method further comprises: The first electronic device sends broadcast information, and the broadcast information includes: the identification number of the first electronic device, the identification number of the second electronic device, and the first electronic device to which the second patch file is applicable. Second version information; After receiving the response information from the second electronic device in response to the broadcast information, the first electronic device determines that the second patch file is the first patch file used by the second electronic device to repair the first program A vulnerability patch file, the response information includes: the identification number of the first electronic device, the identification number of the second electronic device, the second electronic device of the first program in the second electronic device Version Information. A method for patching, characterized in that the method comprises: establishing a first connection between the first electronic device and the second electronic device; obtaining, by the first electronic device, a first patch file, where the first patch file is used to repair a first vulnerability of a first program, and the first vulnerability exists in the first program of the second electronic device; The first electronic device compiles the first patch into a first machine code according to the first version information of the first program; The first electronic device synthesizes the first machine code and the first offset into a second machine code, and burns the second machine code to generate a second patch file, wherein the first offset The amount is determined according to the second version information, the second version information is the version information of the first program in the second electronic device, and the second version information is the first electronic device through the first connection obtained from the second electronic device, the second patch file is used to repair the first vulnerability of the first program whose version information is the second version information. The method according to claim 6, wherein the first offset is determined according to the second version information, and specifically includes: The first offset is determined according to the correspondence between the second version information recorded in the first mapping table and the first offset. The method according to claim 6 or 7, further comprising: The second electronic device receives the second patch file generated by the first electronic device; The second electronic device synthesizes the first program file and the second patch file into a second program file, wherein the first program file is all parts of the second electronic device that have not repaired the first vulnerability. the executable file of the first program, and the second program file is the executable file of the first program that has fixed the first vulnerability in the second electronic device. The method according to claim 6 or 7, further comprising: an interaction request for the first program file received by the second electronic device; The second electronic device forwards the interaction request to a second program file of the first electronic device through the first connection, wherein the first program file is the unrepaired part of the second electronic device. The executable file of the first program of the first vulnerability, the second program file is obtained by synthesizing the first program file and the second patch file by the first electronic device, and the second program file is obtained by synthesizing the first program file and the second patch file by the first electronic device. The program file is an executable file of the first program with the first vulnerability fixed, and the first program file on the second electronic device is associated with the second program on the first electronic device document; The first electronic device reads the second program file, generates interactive results or executable instructions, and sends the interactive results or executable instructions to the second electronic device through the first connection; In response to the interaction result or the executable instruction, the second electronic device executes the first program in which the first vulnerability has been fixed. The method according to any one of claims 6-9, wherein after the first electronic device generates the second patch file, the method further comprises: The first electronic device sends broadcast information, and the broadcast information includes: the identification number of the first electronic device, the identification number of the second electronic device, and the first electronic device to which the second patch file is applicable. Second version information; In response to the broadcast information, the second electronic device sends response information to the first electronic device, where the response information includes: an identification number of the first electronic device, an identification number of the second electronic device number, the second version information of the first program in the second electronic device; The first electronic device determines that the second patch file is a patch file used by the second electronic device to repair the first vulnerability of the first program. An electronic device, characterized by comprising a communication device, a memory and a processor coupled to the memory, multiple application programs, and one or more programs; when the processor executes the one or more programs , so that the electronic device implements the method according to any one of claims 1 to 5 and 6 to 10 . A computer-readable storage medium, comprising instructions, characterized in that, when the instructions are executed on an electronic device, the electronic device is made to perform the execution of any one of claims 1 to 5 and 6 to 10. Methods.

Images