Global visibility controls for operating system partitions

US 7,437,556 B2
Filed: 01/21/2004
Issued: 10/14/2008
Est. Priority Date: 05/09/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

establishing a global zone, wherein the global zone is a global operating system environment that can support execution of one or more processes;

establishing a non-global zone within the global zone, wherein the non-global zone is a partition of the global operating system environment, wherein the non-global zone operates as a separate and distinct operating system environment, and wherein the non-global zone can support execution of one or more processes;

isolating a first process executing within the non-global zone to the non-global zone so that the first process does not have visibility or access to processes and objects that are not associated with the non-global zone;

permitting a second process executing within the global zone to have visibility and access to processes and objects associated with the global zone; and

permitting the second process executing within the global zone to have access to processes and objects associated with the non-global zone, if the second process has a privilege to cross zone boundaries.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with one embodiment of the present invention, there is provided a mechanism for managing and controlling global visibility of resources in zones within an operating system controlled by a single kernel instance. Embodiments enable isolation and virtualization of processes within a single image of an operating system, without requiring implementation of hardware support (such as the introduction of an additional privilege level) to isolate privileged programs, and without multiple instances of an operating system or operating system kernel for some applications.

64 Citations

View as Search Results

22 Claims

1. A method comprising:
- establishing a global zone, wherein the global zone is a global operating system environment that can support execution of one or more processes;
  
  establishing a non-global zone within the global zone, wherein the non-global zone is a partition of the global operating system environment, wherein the non-global zone operates as a separate and distinct operating system environment, and wherein the non-global zone can support execution of one or more processes;
  
  isolating a first process executing within the non-global zone to the non-global zone so that the first process does not have visibility or access to processes and objects that are not associated with the non-global zone;
  
  permitting a second process executing within the global zone to have visibility and access to processes and objects associated with the global zone; and
  
  permitting the second process executing within the global zone to have access to processes and objects associated with the non-global zone, if the second process has a privilege to cross zone boundaries.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1,permitting the second process executing within the global zone to have visibility of processes and objects associated with the non-global zone without requiring the second process to have the privilege to cross zone boundaries.
  - 3. The method of claim 1, the second process executing within the global zone to cross zone boundaries;
    - andgranting the second process the privilege to cross zone boundaries, if the second process is authorized to receive such a privilege.
  - 4. The method of claim 1, wherein the non-global zone has a first zone identifier associated therewith, wherein processes and objects associated with the non-global zone have the first zone identifier associated therewith, and wherein isolating the first process to the non-global zone comprises:
    - allowing the first process executing within the non-global zone to view or access a target process or object only if the target process or object has the first zone identifier associated therewith.
  - 5. The method of claim 4, wherein the global zone has a second zone identifier associated therewith, wherein processes and objects associated with the global zone have the second zone identifier associated therewith, and wherein permitting the second process to have visibility and access to processes and objects associated with the global zone comprises:
    - allowing the second process executing within the global zone to view and access an intended process or object if the intended process or object has the second zone identifier associated therewith.
  - 6. The method of claim 1, further comprising:
    - receiving an identifier indicating a zone selected from at least one of the global zone and the non-global zone; and
      
      mounting file system resources comprising processes to be executed in the zone indicated by the identifier to a portion of a file system associated with the zone indicated by the identifier;
      
      thereby enabling the processes of the file system resources to obtain at least one of visibility and access to objects within the zone corresponding to the identifier.
  - 7. The method of claim 6, wherein the file system resources are mounted to a subdirectory of a root directory of a portion of a file system associated with the zone indicated by the identifier;
    - thereby enabling processes expecting a tree like directory structure to execute within the zone indicated by the identifier.
  - 8. The method of claim 6, further comprising:
    - enabling select processes to be visible to all other processes in the global zone and the non-global zone.
  - 9. The method of claim 6, wherein file system resources comprise processes to be executed in any zone, the method further comprising:
    - receiving a request by a requesting process to access processes in the file system resources; and
      
      limiting access to processes in the file system resources based upon the requesting process'"'"'relationship with a zone indicated in the request;
      
      thereby enabling the processes of the file system resources to obtain at least one of visibility and access to objects within the zone corresponding to the identifier.
  - 10. The method of claim 1, further comprising:
    - providing information about the zone with which a process is associated based upon identity of a requesting process and relationship between the requesting process and the zone.

11. A computer readable storage medium, comprising:
- instructions for causing one or more processors to establish a global zone, wherein the global zone is a global operating system environment that can support execution of one or more processes;
  
  instructions for causing one or more processors to establish a non-global zone within the global zone, wherein the non-global zone is a partition of the global operating system environment, wherein the non-global zone operates as a separate and distinct operating system environment, and wherein the non-global zone can support execution of one or more processes;
  
  instructions for causing one or more processors to isolate a first process executing within the non-global zone to the non-global zone so that the first process does not have visibility or access to processes and objects that are not associated with the non-global zone;
  
  instructions for causing one or more processors to permit a second process executing within the global zone to have visibility and access to processes and objects associated with the global zone; and
  
  instructions for causing one or more processors to permit the second process executing within the global zone to have access to processes and objects associated with the non-global zone, if the second process has a privilege to cross zone boundaries.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computer readable storage medium of claim 11, further comprising:
    - instructions for causing one or more processors to permit the second process executing within the global zone to have visibility of processes and objects associated with the non-global zone without requiring the second process to have the privilege to cross zone boundaries.
  - 13. The computer readable storage medium of claim 11, further comprising:
    - instructions for causing one or more processors to receive a request from the second process executing within the global zone to cross zone boundaries; and
      
      granting the second process the privilege to cross zone boundaries, if the second process is authorized to receive such a privilege.
  - 14. The computer readable storage medium of claim 11, wherein the non-global zone has a first zone identifier associated therewith, wherein processes and objects associated with the non-global zone have the first zone identifier associated therewith, and wherein the instructions for causing one or more processors to isolate the first process to the non-global zone comprises:
    - instructions for causing one or more processors to allow the first process executing within the non-global zone to view or access a target process or object only if the target process or object has the first zone identifier associated therewith.
  - 15. The computer readable storage medium of claim 14, wherein the global zone has a second zone identifier associated therewith, wherein processes and objects associated with the global zone have the second zone identifier associated therewith, and wherein the instructions for causing one or more processors to permit the second process to have visibility and access to processes and objects associated with the global zone comprises:
    - instructions for causing one or more processors to allow the second process executing within the global zone to view and access an intended process or object if the intended process or object has the second zone identifier associated therewith.
  - 16. The computer readable storage medium of claim 11, further comprising:
    - instructions for causing one or more processors to receive an identifier indicating a zone selected from at least one of the global zone and the non-global zone; and
      
      instructions for causing one or more processors to mount file system resources comprising processes to be executed in the zone indicated by the identifier to a portion of a file system associated with the zone indicated by the identifier.
  - 17. The computer readable storage medium of claim 16, wherein the file system resources are mounted to a subdirectory of a root directory of a portion of a file system associated with the zone indicated by the identifier;
    - thereby enabling processes expecting a tree like directory structure to execute within the zone indicated by the identifier.
  - 18. The computer readable storage medium of claim 16, further comprising:
    - instructions for causing one or more processors to enable select processes to be visible to all other processes in the global zone and the non-global zone.
  - 19. The computer readable storage medium of claim 16, wherein file system resources comprise processes to be executed in any zone, and wherein the computer readable storage medium further comprises:
    - instructions for causing one or more processors to receive a request by a requesting process to access processes in the file system resources; and
      
      instructions for causing one or more processors to limit access to processes in the file system resources based upon a requesting process'"'"'relationship with a zone indicated in the request.
  - 20. The computer readable storage medium of claim 11, further comprising:
    - instructions for causing one or more processors to provide information about the zone with which a process is associated based upon identity of a requesting process and relationship between the requesting process and the zone.

21. An apparatus, comprising:
- means for establishing a global zone, wherein the global zone is a global operating system environment that can support execution of one or more processes;
  
  means for establishing a non-global zone within the global zone, wherein the non-global zone is a partition of the global operating system environment, wherein the non-global zone operates as a separate and distinct operating system environment, and wherein the non-global zone can support execution of one or more processes;
  
  means for isolating a first process executing within the non-global zone to the non-global zone so that the first process does not have visibility or access to processes and objects that are not associated with the non-global zone;
  
  means for permitting a second process executing within the global zone to have visibility and access to processes and objects associated with the global zone; and
  
  means for permitting the second process executing within the global zone to have access to processes and objects associated with the non-global zone, if the second process has a privilege to cross zone boundaries.

22. A system, comprising:
- one or more processors; and
  
  a storage comprising;
  
  instructions for causing the one or more processors to establish a global zone, wherein the global zone is a global operating system environment that can support execution of one or more processes;
  
  instructions for causing the one or more processors to establish a non-global zone within the global zone, wherein the non-global zone is a partition of the global operating system environment, wherein the non-global zone operates as a separate and distinct operating system environment, and wherein the non-global zone can support execution of one or more processes;
  
  instructions for causing the one or more processors to isolate a first process executing within the non-global zone to the non-global zone so that the first process does not have visibility or access to processes and objects that are not associated with the non-global zone;
  
  instructions for causing the one or more processors to permit a second process executing within the global zone to have visibility and access to processes and objects associated with the global zone; and
  
  instructions for causing the one or more processors to permit the second process executing within the global zone to have access to processes and objects associated with the non-global zone, if the second process has a privilege to cross zone boundaries.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Leonard, Ozgur C., Tucker, Andrew G., Comay, David S., Price, Daniel B., Beck, John T., Gabriel, Andrew D.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US10/763,147
Publication Number

US 20050021788A1
Time in Patent Office

1,728 Days
Field of Search

713164-168
US Class Current

713/164
CPC Class Codes

G06F 21/6281 at program execution time, ...

G06F 9/468 Specific access rights for ...

Global visibility controls for operating system partitions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Global visibility controls for operating system partitions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links