Búsqueda Imágenes Maps Play YouTube Noticias Gmail Drive Más »
Iniciar sesión
Usuarios de lectores de pantalla: deben hacer clic en este enlace para utilizar el modo de accesibilidad. Este modo tiene las mismas funciones esenciales pero funciona mejor con el lector.

Patentes

  1. Búsqueda avanzada de patentes
Número de publicaciónUS20080016489 A1
Tipo de publicaciónSolicitud
Número de solicitudUS 11/862,057
Fecha de publicación17 Ene 2008
Fecha de presentación26 Sep 2007
Fecha de prioridad18 Nov 2002
También publicado comoUS7673308, US20050076326
Número de publicación11862057, 862057, US 2008/0016489 A1, US 2008/016489 A1, US 20080016489 A1, US 20080016489A1, US 2008016489 A1, US 2008016489A1, US-A1-20080016489, US-A1-2008016489, US2008/0016489A1, US2008/016489A1, US20080016489 A1, US20080016489A1, US2008016489 A1, US2008016489A1
InventoresJohn McMillan, Gary Chirhart
Cesionario originalSymantec Corporation
Exportar citaBiBTeX, EndNote, RefMan
Enlaces externos: USPTO, Cesión de USPTO, Espacenet
Virtual os computing environment
US 20080016489 A1
Resumen
Multiple, semi-independent virtual operating system (OS) environments coexist within a single (OS) such that a change made in one environment does not affect the main OS or any other environment. In this way each virtual OS environment appears to be an independent OS for the applications running within it. The file system and registry information for each environment is independent of the base OS and other environments. Each of the environments can contain a group of installed applications that will run independently of each other. Although the invention is described in terms of a Windows® environment, the approach is applicable to other operating systems through appropriate modification.
Imágenes(5)
Previous page
Next page
Reclamaciones(11)
1. A computing architecture, comprising:
a base operating system (OS); and
at least one virtual OS environment within the base OS, the virtual OS environment having a file system and registry which is independent of the base OS.
2. The computing architecture of claim 1, wherein the base OS is Windows® or is Windows®-compatible.
3. The computing architecture of claim 1, further including at least one application running under the virtual OS environment, and wherein the application shares one or more of the following with the base OS:
networking information,
user login rights,
services,
hardware information, and
clipboard information.
4. The computing architecture of claim 1, further including multiple virtual OS environments within a single operating system (OS), and wherein a change made in one of the virtual OS environments does not affect the main OS or any other virtual OS environment.
5. The computing architecture of claim 1, wherein each virtual OS environment contains a group of installed applications that run independently of each another.
6. The computing architecture of claim 1, further including one or more applications running under the base OS and each virtual OS environment, and wherein all of the applications run on a single OS desktop.
7. The computing architecture of claim 1, wherein changes made to configuration information with respect to a virtual OS environment does not change configuration information associated with the base OS.
8. A method of configuring a computer with a base operating system (OS) having a base OS file system and registry, the method comprising the steps of:
creating at least one virtual OS environment under the base OS, each virtual OS environment having file system and registry locations which are independent of the base OS file system and registry locations.
9. The method of claim 8, further including the step of installing at least one application program under the virtual OS environment; and
wherein attempts to access the base OS file system and registry locations are instead redirected to the virtual OS environment file system or registry.
10. The method of claim 9, further including the step of altering one or more application programming interfaces (APIs) that access the base OS file system and registry directly and indirectly so as to redirect these accesses into the appropriate virtual OS environment file system and registry.
11. The method of claim 10, further including the step of injecting a DLL into every application that is executed.
Descripción
    REFERENCE TO RELATED APPLICATION
  • [0001]
    This application is a continuation of U.S. patent application Ser. No. 10/716,337, filed Nov. 18, 2003, which claims the benefit of U.S. provisional patent application Ser. No. 60/427,339, filed Nov. 18, 2002, the disclosures of which are each incorporated herein by reference in their entirety.
  • FIELD OF THE INVENTION
  • [0002]
    This invention relates to computing environments and, in particular, to the creation of multiple, semi-independent virtual operating system (OS) environments within a single OS.
  • BACKGROUND OF THE INVENTION
  • [0003]
    An Operating System (OS) is the high-level software that allows users to interact with a computing machine and run programs (i.e., applications). To enhance the versatility of computers, virtual operating systems (VOS) and programs that implement virtual machines (VM) have been developed. Using such systems, applications “expecting” a particular OS may run on a machine executing a different OS, or commands generated by an application may cause a real computer to act like the imaginary machine. Theoretically, a VOS may allow the same program to work on virtually any machine running the Virtual OS, thereby supporting “instant portability” for new machines.
  • [0004]
    The concept of a virtual machine has been popularized by Pascal compilers which produce intermediate “p-code” and, more recently, by Java language from Sun Microsystems. Whereas most compilers produce object code for one family of CPU, Java compilers produce object code (called J-code) for machines that may or may not exist. For each physical target processor, a Java interpreter, or virtual machine, “executes” the J-code. This allows the same object code to run on any CPU for which a Java interpreter exists.
  • [0005]
    Other examples include Limbo, a programming language developed at Lucent Technologies, produces object code for an imaginary CPU, and Perl, which creates an intermediate program representation and executes this intermediate representation instead of creating native executable code.
  • [0006]
    The major standard operating systems, namely Windows, Macintosh and Unix, make very different “calls” to the OS. These calls are critical to writing sophisticated applications, which limits portability. Java solves this problem by providing a set of library functions that communicate with an imaginary OS and imaginary GUI (graphical user interface). In a sense, just like the JVM presents a virtual physical machine, the Java libraries present a virtual OS/GUI. Every Java implementation provides libraries implementing this virtual OS/GUI. Java programs that use these libraries to provide needed OS and GUI functionality port fairly easily.
  • [0007]
    Virtual operating systems include the Amiga OS, which is based on the Taos Elate OS, and Inferno developed by Lucent Technologies. Inferno, a virtual operating system running on top of the Linux operating system, is targeted to creating and supporting distributed services used in a variety of network environments, including advanced telephones, hand-held devices, TV/cable/satellite set-top boxes, Internet computers and conventional computing systems. Applications use various resources internal to the system, such as a consistent virtual machine that runs the application programs, together with library modules that perform services as simple as string manipulation through more sophisticated graphics services for dealing with text, pictures, higher-level toolkits, and video. Applications exist in an external environment containing resources such as data files that can be read and manipulated, together with objects that are named and manipulated like files but are more active.
  • SUMMARY OF THE INVENTION
  • [0008]
    This invention is directed to the creation of multiple, semi-independent virtual OS environments within a single operating system (OS). A change made in one environment does not affect the main OS or any other environment. In this way each virtual OS environment appears to be an independent OS for the applications running within it. The file system and registry information for each environment is independent of the base OS and other environments. Each of the environments can contain a group of installed applications that will run independently of each other. Although the invention is described in terms of a Windows® environment, the approach is applicable to other operating systems through appropriate modification.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0009]
    FIG. 1 is a simplified diagram showing the creation of multiple OS environments under a single OS;
  • [0010]
    FIG. 2 is a illustrates the creation of independent locations for file systems and registry within the base OS file system and registry;
  • [0011]
    FIG. 3 shows how, according to the invention, injected DLL functions can execute code both before and after the OS API function;
  • [0012]
    FIG. 4 shows how any applications that are run from under the virtual OS environment file system are always redirected into that virtual OS environment;
  • [0013]
    FIG. 5 depicts when application is being redirected into a virtual OS environment, it makes an API call that tries to access the file system or registry, causing the API to be redirected to a function in the injected DLL;
  • [0014]
    FIG. 6A is a diagram that shows how getting and setting of the current directory are redirected into the virtual OS environment.
  • [0015]
    FIG. 6B shows how injected DLL functions maintain lists of these handles and the pathnames that they reference. These lists are then used in subsequent calls to OS API functions to modify the parameters properly; and
  • [0016]
    FIG. 7 is a diagram that depicts how OS API calls can be redirected by the injected DLL function modifying a parameter sent to or returned from the OS API.
  • DETAILED DESCRIPTION OF THE INVENTION
  • [0017]
    This invention is directed to the creation of multiple, semi-independent virtual OS environments within a single operating system (OS). A change made in one environment does not affect the main OS or any other environment. In this way each virtual OS environment appears to be an independent OS for the applications running within it. The file system and registry information for each environment is independent of the base OS and other environments. Each of the environments can contain a group of installed applications that will run independently of each other. Although the invention is described in terms of a Windows® environment, the approach is applicable to other operating systems through appropriate modification.
  • [0018]
    The applications running within the virtual OS environments still share the base OS attributes such as networking information, user login rights, services, hardware information, and the Windows clipboard. In addition, all of the applications run on a single OS desktop. The end user does not need to be aware that the applications are being run from different virtual OS environments. While the applications share the base OS attributes, the changes made to configuration information is made into the virtual OS environment and not into the base OS.
  • [0019]
    The virtual OS environment is achieved by creating independent locations for file systems and registry within the base OS file system and registry. When applications attempt to access the file system or registry, the attempt is redirected to the virtual OS environment file system or registry instead of the base OS location.
  • [0020]
    To create the virtual OS environments, the OS APIs that access the file system and registry directly and indirectly must be changed to redirect these accesses into the virtual OS environments file system and registry. This is done by injecting a DLL into every application that is executed. This DLL first must determine whether the current application should be run under one of the possible virtual OS environments or the base OS. If the current application is to run under the base OS the injected DLL does nothing and the application runs normally. If the current application needs to be redirected into a virtual OS environment, the injected DLL scans the applications function import table and redirects all file system and registry API calls to instead call functions within the injected DLL itself. This is done for the application functions and all of the DLLs that are loaded by the application. In addition, Windows COM calls that access the file system or registry are also redirected by the injected DLL.
  • [0021]
    When the application (or one of the applications DLLs) attempts to call an OS API (directly or indirectly) that will access the file system or registry, the injected DLL's function is called instead. The injected DLL's function then examines the parameters that are passed to the API and modifies them to direct them into the virtual OS environment location instead. The injected DLL's function then calls the real OS API with the modified parameters to perform the required function. Lastly, the injected DLL's function returns to the calling function, returning any information from the OS API function. This returned information is also modified to convert the file system or registry location information back from a virtual OS environment location. Using this method, the injected DLL functions can execute code both before and after the OS API function.
  • [0022]
    As mentioned earlier, not all applications are run from virtual OS environments and different applications may be run from different virtual OS environments. When the injected DLL is first loaded it must determine which of the virtual OS environments (if any) to redirect to. This must be done for the current application as well as any spawned or child processes created by the current application. This is determined based on the location of the current application EXE in the base OS file system. The base OS contains a list of directories where applications should be redirected to specific virtual OS environments. Any application EXE that is executed in this directory or optionally a child of this directory will run under a specific virtual OS environment. This is can be set to a CD/DVD drive in the base OS file system and the application run from this location is often a application installation program. Note that this directory is added to the virtual OS environment. File system accesses to this directory (or children) will not be redirected but will be performed in the directory itself. This directory (or directories) are shared by the base OS and the virtual OS environment. This allows the installation program or application to access support files that are then installed into the virtual OS environment.
  • [0023]
    In addition, any applications that are run from under the virtual OS environment file system (ex: C:\VirtualEnvs\Env1) are always redirected into that virtual OS environment. Since the temporary directory is also redirected into the virtual OS environment, if an installation program extracts additional installation programs from itself into a temporary directory and then executes them, they will be redirected into the same virtual OS environment. Since the installation program can only make changes to the virtual OS environment and the shared directory, it can only place files into a location that is under the virtual OS environment itself. It cannot change any file system or registry information in the base OS file system or registry except in shared directories. This method guarantees that the proper applications are always running in the proper virtual OS environment or base OS and that the applications can only modify specific areas of the base OS file system and registry.
  • [0024]
    Because all of the file system and registry calls are redirected, a copy of the base OS file system and registry must be created in the virtual OS environment file system and registry before any applications may be executed in the virtual OS environment. Once this is done, any built-in OS applications that are run by applications within the virtual OS environment (such as Notepad, WordPad, or Internet Explorer) will be executed from the virtual OS environment copy of that application. This will allow multiple versions of built-in OS applications to be supported at the same time in different virtual OS environments.
  • [0025]
    When an application that is being redirected into a virtual OS environment makes an API call that tries to access the file system or registry, the API is redirected to a function in the injected DLL. This is done without any modifications required to the application or support DLLs.
  • [0026]
    This redirection is done for all OS API calls that access the file system. There are file system calls that use a relative path. These calls are relative to a current directory. The getting and setting of the current directory are redirected into the virtual OS environment. The application views that it is accessing/modifying the base OS file system or registry when in fact it is accessing/modifying the virtual OS environment file system and registry.
  • [0027]
    The redirection of registry information is done the same way as file system information. All calls that access the registry are redirected into the injected DLL functions where they modify the parameters to redirect that registry access to a section of the registry that is private to the virtual OS environment. A number of registry and file system APIs are passed handles instead of a specific pathname. The injected DLL functions maintain lists of these handles and the pathnames that they reference. These lists are then used in subsequent calls to OS API functions to modify the parameters properly.
  • [0028]
    Since all of the virtual OS environment information is isolated inside of the base OS file system and registry, it becomes easy to save, store, and load entire virtual OS environments. It is therefore convenient to create a virtual OS environment that contains a set of applications configured in a specific way (or a “clean” virtual OS environment that contains no applications yet) and store it in a separate or central location to be used by multiple computers or the same computer at different times.
  • [0029]
    Not all OS API calls can be redirected by the injected DLL function modifying a parameter sent to or returned from the OS API. For example when creating a shortcut using the Program Manager DDE calls, the shortcut is created in the base OS file system (after backing up any shortcut in that same location) and then moved into the virtual OS environment file system. Afterward, any shortcut that was in the base OS file system is then restored. This occurs within the injected DLL function that is called from an application in the virtual OS environment.
  • [0030]
    Another special case occurs when a 16-bit application is to be executed within the virtual OS environment. The injected DLL does not function with 16-bit applications so this is normally not supported. In cases where the 16-bit application is known to only extract files from itself and then run a 32-bit application an exception is made. The 16-bit application is executed normally and allowed to place the extracted files into a temporary location in the base OS file system. This temporary location is then added as a shared directory with the virtual OS environment and the 32-bit application that was extracted is then executed in the virtual OS environment.
  • [0031]
    Since the virtual OS environment file system files are not being used by the base OS itself, they can be replaced more easily than the actual base OS files that are normally in use (files that are in-use cannot normally be replaced except during a reboot). This also allows a reboot after an installation program to be handled without a reboot being required on the computer itself.
  • [0032]
    When the OS reboot API is called by a program that is running under a virtual OS environment, the injected DLL function performs the operations normally handled by the reboot without allowing the OS API to perform a system reboot. All of the applications in the virtual system are shutdown. The list of files that are queued to be replaced during a reboot are then installed. The list of applications that are normally run during a system startup are then executed in order. This allows application installation programs that contain require one or more reboots function properly without a reboot actually being performed.
Citas de patentes
Patente citada Fecha de presentación Fecha de publicación Solicitante Título
US5063499 *9 Ene 19895 Nov 1991Connectix, Inc.Method for a correlating virtual memory systems by redirecting access for used stock instead of supervisor stock during normal supervisor mode processing
US5961582 *25 Oct 19945 Oct 1999Acorn Technologies, Inc.Distributed and portable execution environment
US6081897 *12 Ene 199827 Jun 2000Recording Industry Of AmericaApparatus for monitoring and preventing unauthorized copying of digital data
US6141698 *29 Ene 199731 Oct 2000Network Commerce Inc.Method and system for injecting new code into existing application code
US6192471 *26 Ene 199620 Feb 2001Dell Usa, LpOperating system independent system for running utility programs in a defined environment
US6397242 *26 Oct 199828 May 2002Vmware, Inc.Virtualization system including a virtual machine monitor for a computer with a segmented architecture
US6611878 *8 Nov 199626 Ago 2003International Business Machines CorporationMethod and apparatus for software technology injection for operating systems which assign separate process address spaces
US6785886 *24 Ago 200031 Ago 2004Vmware, Inc.Deferred shadowing of segment descriptors in a virtual machine monitor for a segmented computer architecture
US20020092003 *29 Nov 200011 Jul 2002Brad CalderMethod and process for the rewriting of binaries to intercept system calls in a secure execution environment
Citada por
Patente citante Fecha de presentación Fecha de publicación Solicitante Título
US871205223 Jul 201229 Abr 2014Cooper Technologies CompanySystem and method for secure power systems infrastructure communications
US20080178143 *5 Oct 200724 Jul 2008Cort DouganSystem, Method and Computer Program Product for Developing, Configuring, Installing and Testing Software
US20100031256 *10 Nov 20084 Feb 2010Eunovation Int'l LimitedMethod for establishing virtual operating system
Clasificaciones
Clasificación de EE.UU.717/100, 718/1
Clasificación internacionalG06F9/455
Clasificación cooperativaG06F9/45537
Clasificación europeaG06F9/455H1