发明名称 |
Integrity Assurance Through Early Loading in the Boot Phase |
摘要 |
Techniques utilizing library and pre-boot components to ensure that a driver associated with a kernel-mode component is initialized before other drivers during a boot phase are described herein. The library component is processed during a boot phase; the pre-boot component, which may be an alternative to the library component, is processed during a pre-boot phase. By ensuring that the driver is the first driver initialized, the components enable the driver to launch the kernel-mode component before other drivers are initialized. The library component may also determine whether another driver is to be initialized before the kernel-mode component driver, may ensure that kernel-mode component driver is initialized first, and may alert the kernel-mode component. Also, the library component may retrieve information that is to be deleted by the operating system before initialization of drivers and may provide that information to the kernel-mode component. |
申请公布号 |
US2017061127(A1) |
申请公布日期 |
2017.03.02 |
申请号 |
US201514810840 |
申请日期 |
2015.07.28 |
申请人 |
CrowdStrike, Inc. |
发明人 |
Ionescu Ion-Alexandru |
分类号 |
G06F21/57 |
主分类号 |
G06F21/57 |
代理机构 |
|
代理人 |
|
主权项 |
1. A computing device comprising:
a processor; and a plurality of components operable by the processor during a boot phase of the computing device, the components including:
a library component to be processed before initialization of drivers by an operating system of the computing device and which, when processed, ensures that a driver component associated with a kernel-mode component is the first of the drivers initialized by the operating system; andthe driver component which, when initialized, causes the computing device to launch the kernel-mode component before initializing the other drivers. |
地址 |
Irvine CA US |