Entity authentication for pre-authenticated links
US-2024396898-A1 · Nov 28, 2024 · US
Computing machine, access management method, and access management program
US9558364B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9558364-B2 |
| Application number | US-201214371891-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 23, 2012 |
| Priority date | Feb 23, 2012 |
| Publication date | Jan 31, 2017 |
| Grant date | Jan 31, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
When an access occurs to an I/O device from an OS 231 a , an I/O allocation unit refers to an I/O allocation table, and determines whether the I/O device is allocated to other OS 231 b . When the I/O device is allocated to another OS 231 b , a control unit notifies the OS 231 a of an error. When the I/O device is not allocated to either of the OSs 231 a - b , the I/O allocation unit updates the I/O allocation table in order to allocate the I/O device to the OS 231 a , and an I/O emulation unit emulates the access to the I/O device.
First claim
Opening claim text (preview).
The invention claimed is: 1. A computing machine, where a plurality of OSs (Operating Systems) each operate and are configured to access a device, comprising: a memory configured to store a device allocation table to allocate the device to one of the plurality of OSs, in order of occurrence of access; and processing circuitry configured, when an access to the device occurs, to determine to which OS of the plurality of OSs the device is allocated, based on the device allocation table, when the device is not allocated to any OS, to update the device allocation table in order to allocate the device to an OS being an accessing party and to allow the access to the device, and when the device is allocated to an OS other than the OS being the accessing party, to deny the access to the device, wherein the device allocation table is data correspondingly indicating a physical address space of the device and the OS to which the device is allocated, and when the device is not allocated to any OS, the processing circuitry further maps all of the physical address space of the device indicated by the device allocation table to a virtual address space of the OS being the accessing party, and when the access to the device is an access to a PCI (Peripheral Components Interconnect bus) configuration register received from the OS being the accessing party, the processing circuitry intercepts the access to the PCI configuration register and accesses the PCI configuration register of the device instead of allowing the access to be performed by the OS being the accessing party. 2. The computing machine according to claim 1 , wherein the processing circuitry, when an access to the PCI configuration register of the device occurs, determines the OS to which the device is allocated, based on the device allocation table, when the device is allocated to the OS being the accessing party, allows the access, and when the device is not allocated to the OS being the accessing party, denies the access. 3. The computing machine according to claim 2 , wherein when the access to the PCI configuration register is a change of a base address and the device is allocated to the OS being the accessing party, processing circuitry updates information of the physical address space of the device in the device allocation table, based on a changed base address, and maps the physical address space of the device indicated by updated information to the virtual address space of the OS being the accessing party. 4. The computing machine according to claim 3 , wherein the processing circuitry, when an access to write to a PCI configuration register of a device of a predetermined type occurs, denies the access to write, and when an access to read to the PCI configuration register of the device of the predetermined type occurs, allows the access to read. 5. The computing machine according to claim 4 , wherein when an access to write to the PCI configuration register of the device of the predetermined type occurs from a predetermined management OS other than the plurality of OSs, the processing circuitry allows the access to write. 6. The computing machine according to claim 1 , wherein the processing circuitry stores the device allocation table as a stored allocation table when operation is finished, and generates a new device allocation table by using the stored allocation table when operation is started. 7. An access management method that is executed by a computing machine, where a plurality of OSs (Operating Systems) each operate and are configured to access a device, wherein the computing machine includes a memory to store a device allocation table to allocate the device to one of the plurality of OSs, in order of occurrence of access, and processing circuitry, the method comprising: when an access to the device occurs, determining to which OS of the plurality of OSs the device is allocated, based on the device allocation table, by the processing circuitry; when the device is not allocated to any OS, updating the device allocation table in order to allocate the device to an OS being an accessing party and allowing the access to the device by the processing circuitry; and when the device is allocated to an OS other than the OS being the accessing party, denying the access to the device by the processing circuitry, wherein the device allocation table is data correspondingly indicating a physical address space of the device and the OS to which the device is allocated, and when the device is not allocated to any OS, the processing circuitry further maps all of the physical address space of the device indicated by the device allocation table to a virtual address space of the OS being the accessing party, and when the access to the device is an access to a PCI (Peripheral Components Interconnect bus) configuration register received from the OS being the accessing party, the processing circuitry intercepts the access to the PCI configuration register and accesses the PCI configuration register of the device instead of allowing the access to be performed by the OS being the accessing party. 8. A non-transitory computer readable medium that stores an access management program, which uses a device allocation table, to cause a computer to implement access management processing, wherein the device allocation table is a table to allocate a device to one of a plurality of OSs (Operating Systems) that each access the device, in order of occurrence of access, and the access management processing comprising: when an access to the device occurs, determining to which OS of the plurality of OSs the device is allocated, based on the device allocation table; when the device is not allocated to any OS, updating the device allocation table in order to allocate the device to an OS being an accessing party and allowing the access to the device; and when the device is allocated to an OS other than the OS being the accessing party, denying the access to the device, wherein the device allocation table is data correspondingly indicating a physical address space of the device and the OS to which the device is allocated, and when the device is not allocated to any OS, further mapping all of the physical address space of the device indicated by the device allocation table to a virtual address space of the OS being the accessing party, and when the access to the device is an access to a PCI (Peripheral Components Interconnect bus) configuration register received from the OS being the accessing party, the method includes intercepting the access to the PCI configuration register and accessing the PCI configuration register of the device instead of allowing the access to be performed by the OS being the accessing party.
Assignees
Inventors
Classifications
Logical partitioning of resources; Management or configuration of virtualized resources (specific details on emulation or internal functioning of virtual machines G06F9/455) · CPC title
Isolation or security of virtual machine instances · CPC title
Hypervisor-specific management and integration aspects · CPC title
I/O management, e.g. providing access to device drivers or storage · CPC title
- G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9558364B2 cover?
- When an access occurs to an I/O device from an OS 231 a , an I/O allocation unit refers to an I/O allocation table, and determines whether the I/O device is allocated to other OS 231 b . When the I/O device is allocated to another OS 231 b , a control unit notifies the OS 231 a of an error. When the I/O device is not allocated to either of the OSs 231 a - b , the I/O allocation …
- Who is the assignee on this patent?
- Okabe Ryo, Mitsubishi Electric Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6218. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 31 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).