Global visibility controls for operating system partitions

US 20050021788A1
Filed: 01/21/2004
Published: 01/27/2005
Est. Priority Date: 05/09/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

establishing a global zone in an operating system environment controlled by a single operating system kernel instance;

establishing at least one non-global zone;

selectively limiting at least one of visibility and access by processes associated with the global zone to objects within the global zone and select objects within at least one non-global zone; and

limiting visibility and access by processes associated with each non-global zone to objects within that non-global zone.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with one embodiment of the present invention, there is provided a mechanism for managing and controlling global visibility of resources in zones within an operating system controlled by a single kernel instance. Embodiments enable isolation and virtualization of processes within a single image of an operating system, without requiring implementation of hardware support (such as the introduction of an additional privilege level) to isolate privileged programs, and without multiple instances of an operating system or operating system kernel for some applications.

89 Citations

View as Search Results

27 Claims

1. A method comprising:
- establishing a global zone in an operating system environment controlled by a single operating system kernel instance;
  
  establishing at least one non-global zone;
  
  selectively limiting at least one of visibility and access by processes associated with the global zone to objects within the global zone and select objects within at least one non-global zone; and
  
  limiting visibility and access by processes associated with each non-global zone to objects within that non-global zone.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein visibility and access for processes associated with the global zone defaults to objects within the global zone, the method further comprising:
    - receiving a request from a requesting process associated with the global zone for at least one of visibility and access to an object in a non-global zone;
      
      determining whether the requesting process is authorized for the requested at least one of visibility and access; and
      
      if the requesting process is authorized, selectively changing at least one of visibility and access for the requesting process in accordance with the request.
  - 3. The method of claim 1, wherein access for processes associated with the global zone defaults to objects within the global zone and visibility for processes associated with the global zone defaults to objects within the global zone and objects within at least one non-global zone, the method further comprising:
    - receiving a request from a requesting process associated with the global zone for access to an object in a non-global zone;
      
      if the requesting process is authorized, selectively changing access of the requesting process in accordance with the request.
  - 4. The method of claim 3, wherein the request comprises a request for an additional privilege.
  - 5. The method of claim 3, wherein a first process obtains access to objects within the global zone and a second process obtains access to objects within the global zone and at least one non-global zone;
    - and wherein;
      
      the global zone is enabled to provide at least one of a default environment and a system wide administrative environment.
  - 6. The method of claim 1, the method further comprising:
    - receiving an identifier indicating a zone selected from at least one of the global zone and an non-global zone; and
      
      mounting file system resources comprising processes to be executed in the zone indicated by the identifier to a portion of a file system associated with the zone indicated by the identifier;
      
      thereby enabling the processes of the file system resources to obtain at least one of visibility and access to objects within the zone corresponding to the identifier.
  - 7. The method of claim 6, wherein the file system resources are mounted to a subdirectory of a root directory of a portion of a file system associated with the zone indicated by the identifier;
    - thereby enabling processes expecting a tree like directory structure to execute within the zone indicated by the identifier.
  - 8. The method of claim 6, further comprising:
    - enabling select processes to be visible to all other processes in the global zone and the non-global zone.
  - 9. The method of claim 1, wherein file system resources comprise processes to be executed in any zone, the method further comprising:
    - receiving a request by a requesting process to access processes in the file system resources; and
      
      limiting access to processes in the file system resources based upon the requesting process'"'"' relationship with a zone indicated in the request;
      
      thereby enabling the processes of the file system resources to obtain at least one of visibility and access to objects within the zone corresponding to the identifier.
  - 10. The method of claim 1, further comprising:
    - providing information about the zone with which a process is associated based upon identity of a requesting process and relationship between the requesting process and the zone.

11. A computer based method for managing resources in a single kernel instance operating system, the method comprising the steps of:
- creating a global zone and at least one non-global zone;
  
  permitting processes of the global zone to view and access objects in the global zone and view objects in non-global zones;
  
  permitting processes of the non-global zone to view and access objects only in the non-global zone; and
  
  selectively permitting upon authorized request, a process of the global zone to access objects in a non-global zone.
- View Dependent Claims (12)
- - 12. The method of claim 11, wherein a first process obtains access to objects within the global zone and a second process obtains access to objects within the global zone and at least one non-global zone:
    - thereby enabling the global zone to provide at least one of a default environment and a system wide administrative environment.

13. A computer readable medium, comprising:
- instructions for causing one or more processors to establish a global zone;
  
  instructions for causing one or more processors to establish at least one non-global zone;
  
  instructions for causing one or more processors to selectively limit at least one of visibility and access by processes associated with the global zone to objects within the global zone and select objects within at least one non-global zone; and
  
  instructions for causing one or more processors to limit visibility and access by processes associated with each non-global zone to objects within that non-global zone;
  
  wherein the global zone and the at least one non-global zone exist concurrently in an operating system controlled by a single kernel instance.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The computer readable medium of claim 13, wherein visibility and access for processes associated with the global zone defaults to objects within the global zone, and wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to receive a request from a requesting process associated with the global zone for at least one of visibility and access to an object in an non-global zone;
      
      instructions for causing one or more processors to determine whether the requesting process is authorized for the requested at least one of visibility and access; and
      
      instructions for causing one or more processors to selectively change at least one of visibility and access for the requesting process in accordance with the request, if the requesting process is authorized.
  - 15. The computer readable medium of claim 13, wherein access for processes associated with the global zone defaults to objects within the global zone and visibility for processes associated with the global zone defaults to objects within the global zone and objects within at least one non-global zone, and wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to receive a request from a requesting process associated with the global zone for access to an object in an non-global zone; and
      
      instructions for causing one or more processors to selectively change access of the requesting process in accordance with the request, if the requesting process is authorized.
  - 16. The computer readable medium of claim 15, wherein the request comprises a request for an additional privilege.
  - 17. The computer readable medium of claim 15, wherein a first process obtains access to objects within that global zone exclusively and a second process obtains access to objects within the global zone and at least one non-global zone, thereby enabling:
    - the global zone to provide at least one of a default environment and a system wide administrative environment.
  - 18. The computer readable medium of claim 13, wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to receive an identifier indicating a zone selected from at least one of the global zone and an non-global zone; and
      
      instructions for causing one or more processors to mount file system resources comprising processes to be executed in the zone indicated by the identifier to a portion of a file system associated with the zone indicated by the identifier.
  - 19. The computer readable medium of claim 18, wherein the file system resources are mounted to a subdirectory of a root directory of a portion of a file system associated with the zone indicated by the identifier;
    - thereby enabling processes expecting a tree like directory structure to execute within the zone indicated by the identifier.
  - 20. The computer readable medium of claim 18, wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to enable select processes to be visible to all other processes in the global zone and the non-global zone.
  - 21. The computer readable medium of claim 13, wherein file system resources comprise processes to be executed in any zone, and wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to receive a request by a requesting process to access processes in the file system resources;
      
      instructions for causing one or more processors to limit access to processes in the file system resources based upon a requesting process'"'"' relationship with a zone indicated in the request.
  - 22. The computer readable medium of claim 13, wherein the instructions for causing one or more processors to process comprise:
    - instructions for causing one or more processors to provide information about the zone with which a process is associated based upon identity of a requesting process and relationship between the requesting process and the zone.

23. A computer readable medium, comprising:
- instructions for causing one or more processors to create a global zone and at least one non-global zone within an operating system controlled by a single kernel instance;
  
  instructions for causing one or more processors to permit processes of the global zone to view and access objects in the global zone and view objects in non-global zones;
  
  instructions for causing one or more processors to permit processes of the non-global zone to view and access objects only in the non-global zone; and
  
  instructions for causing one or more processors to selectively permit upon authorized request, a process of the global zone to access objects in a non-global zone.
- View Dependent Claims (24)
- - 24. The computer readable medium of claim 23, wherein a first process obtains access to objects within the global zone and a second process obtains access to objects within the global zone and at least one non-global zone:
    - thereby enabling the global zone to provide at least one of a default environment and a system wide administrative environment.

25. An apparatus, comprising:
- a means for establishing a global zone;
  
  a means for establishing at least one non-global zone;
  
  a means for selectively limiting at least one of visibility and access by processes associated with the global zone to objects within the global zone and select objects within at least one non-global zone; and
  
  a means for limiting visibility and access by processes associated with each non-global zone to objects within that zone.

26. An apparatus, comprising:
- a means for creating a first zone and a second zone, wherein the first zone and the second zone exist concurrently in an operating system controlled by a single kernel instance; and
  
  a means for selectively permitting;
  
  access by processes associated with the first zone to computational entities associated with the first zone;
  
  access by certain ones of processes associated with the first zone to computational entities associated with the second zone; and
  
  access by processes associated with the second zone exclusively to computational entities associated with the second zone.

27. A system, comprising:
- a processor; and
  
  a memory connected with the processor, and operative to hold at least one of a plurality of program processes, including;
  
  instructions for providing an operating system;
  
  instructions for establishing and managing a plurality of zones within the operating system under control of a single kernel instance, including;
  
  instructions for creating a global zone and at least one non-global zone;
  
  instructions for permitting processes attached to the global zone to view and access objects in the global zone and view objects in non-global zones;
  
  instructions for permitting processes attached to the non-global zone to view and access objects only in the non-global zone; and
  
  instructions for selectively permitting upon authorized request, a process attached to the global zone to access objects in a non-global zone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Leonard, Ozgur C., Tucker, Andrew G., Comay, David S., Price, Daniel B., Gabriel, Andrew D., Beck, John T.

Granted Patent

US 7,437,556 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

G06F 21/6281 at program execution time, ...

G06F 9/468 Specific access rights for ...

Global visibility controls for operating system partitions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

89 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Global visibility controls for operating system partitions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links