System for isolating first computing environment from second execution environment while sharing resources by copying data from first portion to second portion of memory
US7788669B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 2, 2003 |
| Grant date | Aug 31, 2010 |
| Priority date | — |
| Expiry date | Nov 7, 2026 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F9/45537
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques are disclosed to support hosting of a first operating system by a second operating system, where the first system provides at least some of the infrastructure for the second system. A facility is provided whereby the second system can receive data from the first system without the first system being able to modify that data. The second system may use the first system's scheduler by creating shadow threads and synchronization objects known to the first system, while the second system makes the final decision as to whether a thread runs. Separate memory may be allocated to both systems at boot time, or dynamically during their operation. The techniques herein may be used to protect the second system from actions arising in the first system. Preferably, the interaction between the first and second systems is facilitated by a security monitor, which assists in protecting the second system from the first.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.