Protected control of devices by user applications in multiprogramming environments

US 6,751,680 B2
Filed: 02/25/2002
Issued: 06/15/2004
Est. Priority Date: 03/25/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of accessing storage from an untrusted application program executing in a computer system, comprising:

in a trusted process in the computer system, creating a private interface between the application program and a storage entity allocated for use by the application program, the interface having associated therewith (i) storage entity identification information identifying the storage entity, and (ii) a command data structure operative to receive storage access commands from the application program for accessing the storage entity, the command data structure and private interface being usable by the application program and not usable by other application programs executing in the computer system;

in the application program, (i) creating a storage access command containing command information identifying a storage access operation to be performed with respect to the storage entity, and (ii) posting the storage access command to the command data structure; and

in a process other than the trusted process and the application program, (i) monitoring the command data structure for the presence of storage access commands posted thereto, and (ii) upon encountering the storage access command posted by the application program, accessing the storage entity as specified by the command information contained therein.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user program directly accesses a storage device for I/O operations, bypassing the operating system. The user registers a virtual memory region and an “extent”, or region, of the storage device with a host bus adapter. A virtual interface is created between the user and the storage device including a queue for transmitting commands from the user to the storage device. To perform I/O, the user creates a descriptor including command information identifying the type of I/O operation, a buffer handle identifying the registered virtual memory region, virtual memory address information identifying the locations of data buffers in the registered virtual memory region to be used for the I/O operation, an extent handle identifying the registered extent, and disk address information identifying an area within the registered extent to or from which data is to be written or read. The user posts this descriptor to the virtual interface by placed it on the associated queue.

The adapter reads the descriptor and verifies that the descriptor and the data buffers are located within the registered virtual memory region identified by the buffer handle. The adapter also verifies that the area on the storage device identified by the disk address information is within the registered extent identified by the extent handle. If both of these verification steps succeed, then the I/O command is forwarded to the storage device. If either verification step fails, then the command is not forwarded, and an indication of the failure is returned to the user or the operating system.

159 Citations

6 Claims

1. A method of accessing storage from an untrusted application program executing in a computer system, comprising:
- in a trusted process in the computer system, creating a private interface between the application program and a storage entity allocated for use by the application program, the interface having associated therewith (i) storage entity identification information identifying the storage entity, and (ii) a command data structure operative to receive storage access commands from the application program for accessing the storage entity, the command data structure and private interface being usable by the application program and not usable by other application programs executing in the computer system;
  
  in the application program, (i) creating a storage access command containing command information identifying a storage access operation to be performed with respect to the storage entity, and (ii) posting the storage access command to the command data structure; and
  
  in a process other than the trusted process and the application program, (i) monitoring the command data structure for the presence of storage access commands posted thereto, and (ii) upon encountering the storage access command posted by the application program, accessing the storage entity as specified by the command information contained therein.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method according to claim 1, further comprising in the application program, creating a data buffer in memory within the computer system, the data buffer being allocated for storing data to be written to or read from the storage entity during the storage access operation, and the data buffer being identified by buffer information in the storage access command, and wherein accessing the storage entity comprises transferring data between the data buffer and the storage entity.
  - 3. A method according to claim 1, wherein the interface also has associated therewith a response data structure via which results of storage access operations are provided to the application program, and further comprising upon the completion of the storage access operation, posting a response to the response data structure of the interface, the response identifying a result from the accessing of the storage entity in response to the posted storage access command.
  - 4. A method according to claim 1, wherein the storage entity is a disk extent.
  - 5. A method according to claim 4, wherein the storage access command includes address and length information identifying a contiguous portion of the disk extent, and wherein accessing the storage entity includes accessing the contiguous portion of the disk extent.
  - 6. A method according to claim 1, wherein the command data structure resides in memory within the computer system allocated for use by the application program, and wherein the use of the command data structure by the application program and the non-use of the command data structure by the other application programs is ensured by a memory management function within the computer system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Network Appliance Incorporated (NetApp, Inc.)
Original Assignee
Network Appliance Incorporated (NetApp, Inc.)
Inventors
Ford, David A., Langerman, Alan B.
Primary Examiner(s)
Lee, Thomas
Assistant Examiner(s)
DU, THUAN N

Application Number

US10/082,663
Publication Number

US 20020083224A1
Time in Patent Office

841 Days
Field of Search

710/3, 710/4, 710/33, 710/39, 710/52, 710/73, 710/74, 710/129, 709/229, 709/238, 711/1-6, 711/100, 711/121, 711/200, 711/203, 713/200, 714/5, 714/25
US Class Current

710/3
CPC Class Codes

G06F 12/1081 for peripheral access to ma...

G06F 12/145 the protection being virtua...

Protected control of devices by user applications in multiprogramming environments

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

159 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Protected control of devices by user applications in multiprogramming environments

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

159 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links