System and method for restoring a computer system after a failure

US 20020049883A1
Filed: 04/25/2001
Published: 04/25/2002
Est. Priority Date: 11/29/1999
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising keeping a record of the roles of some disk locations X and Y, wherein after an operating system requests overwriting of old data at location X with new data, the storing of the new data is at least initially diverted to a different disk location Y instead of taking the place of the old data at location X, and wherein the old data remains in its original location on the disk;

and reconstructing a prior state of data stored on the disk by (i) reading data from the disk which the operating system has not requested to be overwritten before the prior state occurred, (ii) reading old data retained on the disk, and (iii) combining the data read from both sources (i) and (ii).

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for reverting a disk drive to an earlier point in time is disclosed. Changes made to the drive are saved in a circular history buffer which includes the old data, the time it was replaced by new data, and the original location of the data. The circular history buffer may also be implemented by saving new data elements into new locations and leaving the old data elements in their original locations. References to the new data elements are mapped to the new location. The disk drive is reverted to an earlier point in time by replacing the new data elements with the original data elements retrieved from the history buffer, or in the case of the other embodiment, reads to the disk are mapped to the old data elements stilled stored in their original locations. The method and apparatus may be implemented as part of an operating system, or as a separate program, or in the controller for the disk drive. The method and apparatus are applicable to other forms of data storage as well. Also disclosed are method and apparatus for providing firewall protection to data in a data storage medium of a computer system.

341 Citations

56 Claims

1. A method, comprising keeping a record of the roles of some disk locations X and Y, wherein after an operating system requests overwriting of old data at location X with new data, the storing of the new data is at least initially diverted to a different disk location Y instead of taking the place of the old data at location X, and wherein the old data remains in its original location on the disk;
- and reconstructing a prior state of data stored on the disk by (i) reading data from the disk which the operating system has not requested to be overwritten before the prior state occurred, (ii) reading old data retained on the disk, and (iii) combining the data read from both sources (i) and (ii).
- View Dependent Claims (3, 4, 5, 6, 7, 8, 17, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39, 40)
- - 3. A method according to claim 1 further wherein in response to a request of the operating system to overwrite a disk location, determining if the location is being modified for the first time since a previous reference point and if not directly overwriting the location with new data, wherein its original state is discarded and there is preserved for specific reference points in time the original states of data that is overwritten on the disk.
  - 4. A method according to claim 3 wherein the reference points are times that are automatically selected and likely correspond to points in time in which the disk'"'"'s data has been completely written to the disk by the operating system, wherein the automatically selected reference times are selected at least partially on observing a period of non-disk write activity by the operating system.
  - 5. A method according to claim 4 wherein reference points in time are at least partially selected by signals from the operating system that it has flushed all of its cached data from internal memory (RAM) to the disk.
  - 6. A method according to claim 1 wherein the record that maintains where overwritten data has been re-directed for the purpose of preserving the original states is maintained on a disk and involves complex data structures that cannot be updated in a single disk write, and further wherein safe transitions from one usable state of the record to another is provided by representing the record using a mapping system in which the record is broken into a set of components, providing for the existence of two records, one of which is the prior valid record state and the other is a transitional state, where both versions may share common components, where the valid record is fully flushed and present on the physical disk, where a switch page on the disk holds sufficient information to locate the prior valid record mapping, wherein the transitional record state mapping is defined in terms of zero or more components present in the prior valid record state as well as components reflective of desired changes to achieve a new valid state, wherein after all data associated with the transitional version is stored to disk, the switch page is updated to establish this transitional version as the new prior valid record state, and wherein any interrupt of this update results in a switch page that either in effect indicates the original prior valid state or the new state that was associated with the transitional state.
  - 7. A method according to claim 1 wherein the disk'"'"'s state, as viewable by the operating system, is effectively returned to a state from an earlier time, by moving data and/or re-mapping the current and old data such that accesses by the operating system to various disk locations are re-directed to the disk locations that contain the data from this earlier time, while at the same time maintaining current data on the disk.
  - 8. A method according to claim 7 wherein the old data forming part of the earlier state of the disk from a previous time that is viewable by the operating system is considered current, and wherein what was current data whose effective overwriting was requested in order to return to the earlier state is now considered recently overwritten (old) data, and the continued use and tracking of the original states of data whose overwriting is requested by the operating system is performed according as specified in claim 1.
  - 17. A method according to claim 7 including annotating the selection times at which a disk may be reverted by logging various computer activity that occurs between selection times, where the log is circular in nature such that as selection times become unavailable, the associated annotation is discarded.
  - 29. A method according to claim 7 for reverting a disk to an earlier state while at the same time maintaining certain files in their current state, comprising reverting the disk to a specified time in the past time, scanning a record of previous file activity to establish a list of files that have changed between the specified time in the past and the time just prior to the requested revert, presenting said list of files to a user and allowing files to be selected, and at a time after the revert, and retrieving the last state of said files just prior to the reversion.
  - 30. A method according to claim 1 further including providing hardware redundancy for a main disk on which both a current operating system visible image as well as circular record of the prior states of overwritten disk locations is maintained, comprising providing a second hard disk and a communication link between it and a computer to which the main hard disk is interfaced, wherein original states of overwritten data is maintained on both disks, and where synchronization between the two disks is maintained such that if the second disk does not contain any data from the main disk, or such data is so far out of date that a simulated disk established on the main disk cannot reach sufficiently back in time to reflect the current image last established on the second disk, then the second disk'"'"'s contents is discarded and re-initialized by:
    - suspending the second disk'"'"'s normal processing, establishing a simulated disk on the main disk near the current time, and transferring the simulated image to the second disk, and should the main disk'"'"'s simulated image be overrun by changes occurring on the main disk, re-starting the process, and once the simulated image has been transferred, the available historic prior states of overwritten data on the main disk, starting at the time at which the simulated disk was established, and moving backward to more distant times, are transferred to the second disk for as much as there is such data on the main disk and sufficient disk space on the second disk to accept it.
  - 31. A method according to claim 30 wherein once it is possible to establish a simulated disk as of a certain time on the main disk that corresponds to the current image on the second disk, the second disk begins tracking changes made to its data, and the historic record is scanned forward from this certain time, and appropriate writes are generated that re-create in chronological order at least some of the writes that occurred over time to the main disk, as well as transferring any other appropriate information kept on the main disk relating to the historic record, and once the entire record has been scanned, there is a wait for more data to be added to the record, after which the scanning and transfer process continues.
  - 32. A method according to claim 31 for recovering from a complete main disk failure in which a second redundant disk has been maintained, comprising restarting the computer system, reverting the second disk back to the last safe point, and re-directing all access of the main disk to the second such that the second disk transparently takes over the role of the original main disk, while at the same time ceases the activities relating to maintaining a redundant copy of the original failed main disk.
  - 33. A method according to claim 32 of replacing a failed main disk in a computer system in which a second normally redundant disk has taken over the role of the main disk, comprising replacing or repairing the main disk such that it is now operable, continuing to treat the second disk as if it were the main disk, treating the main disk as the redundant disk, re-initializing and synchronizing the two disks, and at which point when both disks are completely synchronized to the current operating system visible image, the roles exchange, wherein the second disk resumes providing time lagged redundancy to the main disk.
  - 34. A method of providing redundant disk storage according to claim 30 wherein the second disk interfaces to the computer associated with the main disk using a parallel port, serial port, Universal Serial Bus (USB), Firewire, or network interface.
  - 35. A method of providing redundant disk storage according to claim 34 wherein the second disk also contains embedded within or associated with it, its own computer system capable of managing its storage.
  - 36. A method according to claim 34 including a redundant disk storage system in which its storage is managed such that it provides backup services to multiple computers each with their own main disks by assigning and mapping portions of its collective storage to each backed up computer system.
  - 37. A method according to claim 34 including providing both redundant and off-site backup of a main disk by allowing the second disk to be removable and portable, either in whole or its storage medium.
  - 39. A method according to claim 1 further including reverting an application executing on a computer system back in time, comprising periodically saving during times at which a disk reversion or creation of a simulated disk is possible, a copy of appropriate internal memory (RAM) associated with the application, along with a reference to the current time, such that the application can be re-started as of a saved point in the past along with effectively restoring the state of the disk to the same point, and wherein upon re-starting an application, the disk is restored to the same point in time by establishing a simulated disk, and directing all main disk access made by the re-started application to the simulated disk.
  - 40. A method according to claim 38 wherein the saved internal memory snapshots are compressed.

2. A method comprising keeping a record of old data at some location X on a disk whose overwriting with new data is requested by the operating system, wherein an alternate location Y on the disk is selected corresponding to least recently overwritten data, the storing of the new data is at least initially diverted to this different disk location Y instead of taking the place of the old data at location X, and wherein the old data remains in its original location and a mapping is established such that it is known to divert any further access of location X by the operating system to location Y, and a record records that location X now contains most recently overwritten data along with an indication of the approximate time at which the overwrite was requested, and the original operating system location X to which this old data belonged;
- and reconstructing a prior state of data stored on the disk by (i) reading data from the disk which the operating system has not requested to be overwritten before the prior state occurred, (ii) reading old data retained on the disk, and (iii) combining the data read from both sources (i) and (ii).

9. A method of simulating the existence of a disk drive in order to allow access to the state of a real physical disk from an earlier time, comprising establishing the existence of a simulated disk to the operating system substantially consistent with how a real physical disk is accessed, wherein the data of the simulated disk is created by combining the current and old overwritten data from the real physical disk corresponding to a earlier time.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 10. A method according to claim 9 wherein after the initial existence of the simulated disk is established, the operating system is allowed to overwrite on the simulated disk, its data with new data.
  - 11. A method according to claim 10 comprising allocating storage locations, if available, that are not used in representing the real physical disk'"'"'s current image, or involved in representing the simulated disk as of the time after the overwrite, wherein the new data is stored in these locations, and a mapping for the simulated disk is appropriately adjusted.
  - 12. A method according to claim 11 wherein if such storage locations cannot be allocated then a disk error status is returned to the operating system in response to its overwrite request.
  - 13. A method according to claim 10 further including adjusting a mapping system that is maintaining the current state of the original disk as viewed by the operating system and the simulated disk, such that the current disk image becomes that which was simulated, and data that was effectively overwritten in the original current disk image, is preserved.
  - 14. A method according to claim 9 wherein the roles of a simulated disk and that of a current disk, the latter whose earlier state is the basis for the simulated disk, are exchanged by re-directing all references of the simulated disk by the operating system to the current disk, and vice versa, such that all references embedded in disk based data to the current disk are effectively routed to the simulated disk.
  - 15. A method according to claim 9 wherein the simulated disk may be swapped into the role of the current disk.
  - 16. A method according to claim 9 of restoring the roles of the simulated and current disks, where the roles are either automatically restored upon re-starting a computer system having the disk, or upon appropriate signaling from the user, wherein the current disk'"'"'s state is reverted to that of the simulated disk.
  - 18. A method according to claim 9 including annotating the selection times at which a simulated disk may be reverted by logging various computer activity that occurs between selection times, where the log is circular in nature such that as selection times become unavailable, the associated annotation is discarded.
  - 19. A method according to claim 18 wherein the computer activity includes program launches.
  - 20. A method according to claim 18 wherein the computer activity includes file creation, modification, deletion, renaming, or moving within the file system hierarchy.
  - 21. A method according to claim 18 wherein the computer activity includes system boots.
  - 22. A method according to claim 18 wherein the computer activity includes screen shots.
  - 23. A method according to claim 18 wherein the computer activity includes user keystrokes and or mouse activity.
  - 24. A method according to claim 9 further including copying a desired file from the simulated disk to a destination selected by the user.
  - 25. A method according to claim 17 for retrieving an overwritten version of a file based on scanning the activity notes stored in the log, correlating these notes with the possible times at which a simulated disk can be established, presenting a resulting set of files and selection times to the user, and upon selection of one such time, retrieving the file to be copied to another location.
  - 26. A method according to claim 17 wherein the set of files and selection times presented to the user is subject to filtering based on any one of, but not limited to, file name, file extension, directory location, and selection time.
  - 27. A method according to claim 17 wherein the set of files and selection times presented to the user is limited to a specific file name at a specific directory path location.
  - 28. A method according to claim 20 for accessing earlier versions of files, comprising maintaining a record (log) of file creation, deletion, modification, renaming, and move activity entries in a record and associating each with a reference point in time, sorting the activity entries, presenting to a user a file hierarchy based on the unique files and directory entries in the sorted list, allowing the user to select a file after which a list of available versions is presented based on the duplicate entries found for the selected file, allowing the selection of a specific version, and retrieving the file to be copied to another location.

38. A method of reverting an application executing on a computer system back in time, comprising periodically saving during times at which a disk reversion or creation of a simulated disk is possible, a copy of appropriate internal memory (RAM) associated with the application, along with a reference to the current time, such that the application can be re-started as of a saved point in the past along with effectively restoring the state of the disk to the same point.

41. A method of reverting a computer system back in time, comprising periodically saving during times at which a disk reversion is possible, a copy of appropriate internal memory (RAM) necessary to re-start the operating system and applications, along with a reference to the current time, such that the computer system can be re-started as of a saved point in the past along with reverting the state of the disk to the same point.
- View Dependent Claims (42)
- - 42. A method according to claim 41 wherein the saved internal memory snapshots are compressed.

43. A method of saving the original states of data on a hard disk that are about to be overwritten by an operating system, wherein as part of the mapping and optimization of such processes, large numbers of disk pages are exchanged, whereas such exchanging is optimally done in batch processes involving sweeping read and write passes, that to avoid having to wait until such batch operation competes in order to service a disk read request by the operating system, the read request is immediately processed, comprising interrupting the batch exchange process, determining where the data to be read currently exists and re-directing the read to such location, and then resuming processing of the batch exchange.

44. A method of protecting the resources on a computer necessary to operate a data storage device, wherein the computer has a processor for executing program code, comprising disallowing the processor from altering the resources unless program code execution passes through a gate which validates that the code executed by the processor is trusted code and is authorized to alter the resources, and further wherein the trusted code re-enables the protection of the resources prior to the processor returning to execution of non-trusted code.
- View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52)
- - 45. A method according to claim 44 wherein the gate is implemented by electronic hardware that in response to a request from executing non-trusted code, causes the processor to process an interrupt request and vector into known and trusted code, and at the same time, enable access to the resources.
  - 46. A method according to claim 44 wherein the gate is implemented by electronic hardware that detects the execution of a specific program instruction at a gating point in the computer, where the instruction disables any program interrupt that can cause a preemptive jump to non-trusted code, and, after the instruction'"'"'s execution, allows access to the resources.
  - 47. A method according to claim 44 wherein the resources include a disk or tape interface.
  - 48. A method according to claim 44 wherein the resources include random access memory (RAM).
  - 49. A method according to claim 44 wherein trusted code for which access to resources is allowed resides in a read-only memory (ROM).
  - 50. A method according to claim 44 wherein the trusted code for which access to resources is allowed resides in an alterable non-volatile memory that is considered a protected resource.
  - 51. A method according to claim 50 wherein encryption techniques are used to insure any update of the trusted code is done with valid data.
  - 52. A method according to claim 44 wherein while executing trusted code, hardware that monitors the status of a form of physically external switch is directly read by the processor, and where when said switch is in a particular state, it provides user validation of a software initiated request.

53. Apparatus for recording original states of altered data on a disk, comprising a driver program that runs from within a disk/tape controller, wherein the driver program replaces the role of interfacing to a main processing unit for the purposes of disk or tape access, and wherein the driver program uses random access memory (RAM) and other resources separate from the main processing unit, such that a virus or malicious program executing on the main processing unit is hindered from controlling the disk or tape or corrupting the internal data structures of the driver program.
- View Dependent Claims (54)
- - 54. Apparatus according to claim 53 wherein a switch is directly readable by the driver program to validate a given operation requested by the main processing unit has in fact been approved by the user.

55. A method comprising recording original states of altered data on a disk, over some period of time, sufficient to recreate the disk'"'"'s image at various points within the period of time, and writing the recorded data as well as the current operating system (OS) visible image of the disk to another secondary storage medium, such that the medium can be used to recreate the disk'"'"'s OS visible state at various points in time.
- View Dependent Claims (56)
- - 56. A method according to claim 55 wherein a directory is included on the secondary storage medium that optimizes sequential access to the data associated with a specific file from a specific time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
NortonLifeLock Inc.
Inventors
Schwartz, Larry, Schneider, Eric, Wheeler, Doug, Ferril, Chuck, Bruggeman, Edward

Application Number

US09/843,127
Publication Number

US 20020049883A1
Time in Patent Office

Days
Field of Search
US Class Current

711/100
CPC Class Codes

G06F 12/08 in hierarchically structure...

G06F 21/80 in storage media based on m...

System and method for restoring a computer system after a failure

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

341 Citations

56 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for restoring a computer system after a failure

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

341 Citations

56 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links