Method and system for implementing a multilevel file system in a virtualized environment
First Claim
1. A system, comprising:
- a processor;
a host operating system (OS) configured to execute on the processor, wherein the host OS comprises;
a global zone comprising;
a multilevel filesystem (MLFS) mounted in the global zone and comprising a directory and a first file located within the directory,wherein the directory is associated with a directory label, andwherein the first file is associated with a first file label that is different than the directory label;
a first non-global zone, external to the MLFS, comprising a first loopback file system acting as a proxy to the MLFS; and
a second non-global zone, external to the MLFS, comprising a second loopback file system acting as a proxy to the MLFS,wherein the host OS is configured to;
receive, from a process executing on the host OS, a request to access the first file of a plurality of files in the MLFS,obtain a process label associated with the process,obtain the first file label associated with the first file,make a first determination that the process label dominates the first file label,based on the first determination, make a second determination that the first file label is equal to the process label,in response to the second determination, provide read and write access to the first file,receive, from the process executing on the host OS, a request to access a second file of the plurality of files in the MLFS,obtain a second file label associated with the second file,make a third determination that the process label dominates the second file label,based on the third determination, make a fourth determination that the second file label does not equal the process label, andin response to the fourth determination provide read only access to the second file.
1 Assignment
0 Petitions
Accused Products
Abstract
A global zone executing on a host OS that includes a multilevel filesystem (MLFS) associated with a label range, where the MLFS includes files and directories, where each of the files is associated with its own label and where each of the directories is associated with its own label. The global zone further includes a first non-global zone, where the MLFS is mounted in the first non-global zone as a first loopback file system. The host OS is configured to receive, from a process executing on the host OS, a request to access a first file in the MLFS, make a first determination that a process label dominates a first file label, based on the first determination, make a second determination that the first file label is equal to the process label, and in response to the second determination, provide read and write access to the first file.
30 Citations
20 Claims
-
1. A system, comprising:
-
a processor; a host operating system (OS) configured to execute on the processor, wherein the host OS comprises; a global zone comprising; a multilevel filesystem (MLFS) mounted in the global zone and comprising a directory and a first file located within the directory, wherein the directory is associated with a directory label, and wherein the first file is associated with a first file label that is different than the directory label; a first non-global zone, external to the MLFS, comprising a first loopback file system acting as a proxy to the MLFS; and a second non-global zone, external to the MLFS, comprising a second loopback file system acting as a proxy to the MLFS, wherein the host OS is configured to; receive, from a process executing on the host OS, a request to access the first file of a plurality of files in the MLFS, obtain a process label associated with the process, obtain the first file label associated with the first file, make a first determination that the process label dominates the first file label, based on the first determination, make a second determination that the first file label is equal to the process label, in response to the second determination, provide read and write access to the first file, receive, from the process executing on the host OS, a request to access a second file of the plurality of files in the MLFS, obtain a second file label associated with the second file, make a third determination that the process label dominates the second file label, based on the third determination, make a fourth determination that the second file label does not equal the process label, and in response to the fourth determination provide read only access to the second file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium comprising computer readable program code that when executed by a processor cause the processor to:
-
receive, from a process executing on a host operating system, a request to access a first file of a plurality of files in a multilevel filesystem (MLFS) mounted in a global zone, the MLFS comprising a directory and the first file located within the directory, wherein the directory is associated with a directory label, wherein the first file is associated with a first file label that is different than the directory label, and wherein the host operating system comprises the global zone, the global zone comprising; a first non-global zone, external to the MLFS, comprising a first loopback file system acting as a proxy to the MLFS; and a second non-global zone, external to the MLFS, comprising a second loopback file system acting as a proxy to the MLFS; obtain a process label associated with the process; obtain the first file label associated with the first file; make a first determination that the process label dominates the first file label; based on the first determination, make a second determination that the first file label is equal to the process label; in response to the second determination, provide read and write access to the first file; receive, from the process executing on the host OS, a request to access a second file of the plurality of files in the MLFS; obtain a second file label associated with the second file; make a third determination that the process label dominates the second file label; based on the third determination, make a fourth determination that the second file label does not equal the process label; and in response to the fourth determination provide read only access to the second file. - View Dependent Claims (18, 19, 20)
-
Specification