US20090083829A1 - Computer system - Google Patents

Computer system Download PDF

Info

Publication number
US20090083829A1
US20090083829A1 US12/234,131 US23413108A US2009083829A1 US 20090083829 A1 US20090083829 A1 US 20090083829A1 US 23413108 A US23413108 A US 23413108A US 2009083829 A1 US2009083829 A1 US 2009083829A1
Authority
US
United States
Prior art keywords
operating system
guest operating
processing hardware
controller kernel
security level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/234,131
Inventor
David A. Peterson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FH Innovations Ltd
C and S OPERATIONS Inc
Original Assignee
C and S OPERATIONS Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by C and S OPERATIONS Inc filed Critical C and S OPERATIONS Inc
Priority to US12/234,131 priority Critical patent/US20090083829A1/en
Assigned to C&S OPERATIONS, INC. reassignment C&S OPERATIONS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: PETERSON, DAVID A
Publication of US20090083829A1 publication Critical patent/US20090083829A1/en
Assigned to VIRTUAL DESKTOP TECHNOLOGIES, INC. reassignment VIRTUAL DESKTOP TECHNOLOGIES, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: C&S OPERATIONS, INC.
Assigned to FH INNOVATIONS, LTD reassignment FH INNOVATIONS, LTD ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VIRTUAL DESKTOP TECHNOLOGIES, INC.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45554Instruction set architectures of guest OS and hypervisor or native processor differ, e.g. Bochs or VirtualPC on PowerPC MacOS

Definitions

  • the present invention relates to computer systems with a computer running multiple operating systems and more particularly to computer systems with a computer running multiple containerized (see DEFINITIONS section) operating systems to be respectively used by multiple terminals (see DEFINITIONS section).
  • a computer such as a modified PC desktop type host computer, which controls and operates a plurality of terminals.
  • mainframe computers dating back to at least the 1970s operated in this way. More recently, each terminal has been given its own operating system and/or instance of an operating system. These kind of systems are herein called multi-terminal systems.
  • hypervisor it is conventional to use a hypervisor to run multiple operating systems on a single computer.
  • a hypervisor (or virtual machine monitor) is a virtualization platform that allows multiple operating systems to run on a host computer at the same time.
  • Some hypervisors take the form of software that runs directly on a given hardware platform as an operating system control program. With this kind of hypervisor, the guest operating system runs at the second level above the hardware.
  • Other hypervisors take the form of software that runs within an operating system environment.
  • Hypervisors have conventionally been used in multi-terminal systems where each terminal has a dedicated guest operating system on a single host computer.
  • I/O devices communicate I/O data through the hypervisor to perform basic I/O operations (see DEFINITIONS section). More specifically: (i) data from the I/O devices is communicated through the hypervisor to the computing hardware of the host computer; and (ii) from the computing hardware (if any) is communicated through the hypervisor to the I/O devices. Because the hypervisor is a virtualization platform, this means that the I/O devices must be virtualized in the software of the hypervisor and/or the guest operating system so that the communication of I/O data through the hypervisor can take place.
  • FIG. 1 shows prior art computer system 100 including: desktop PC 102 and four terminals 104 a, 104 b, 104 c and 104 d.
  • Desktop PC 102 includes: video card 110 ; I/O ports 112 ; CPU 114 ; host operating system (“OS”) 116 ; virtualizing middleware 118 , four guest OS's (see DEFINITIONS section) 120 a, 120 b, 120 c, 120 d; and four guest applications 122 a, 122 b, 122 c and 122 d.
  • Each terminal 104 includes: display 130 and keyboard-mouse-audio (“KMA”) devices 132 .
  • Host OS may be any type of OS, such as Windows, Apple or POSIX (see DEFINITIONS section).
  • host OS 116 runs at security level (see DEFINITIONS section) L 0 , which may be, for example in an x86 CPU architecture, Ring Zero. This means that host OS 116 exchanges instructions directly with CPU 116 in native form (see DEFINITIONS section).
  • the guest OS's 120 a, 120 b, 120 c, 120 d are used to respectively control the four terminals 104 a, 104 b, 104 c, 104 d.
  • the four guest OS's 120 a, 120 b, 120 c, 120 d are containerized virtual machines so that work by one user on one terminal does not affect or interfere with work by another user on another terminal. As shown in FIG. 1 , they can respectively run their own application(s) 122 a, 122 b, 122 c, 122 d in an independent manner.
  • the four guest OS's are virtual machines, running at a security level 13 , which is above the OS security level (see DEFINITIONS section) L 0 .
  • the guest OS's 120 a, 120 b, 120 c, 120 d would be running at Ring Three. This is an indirect form of communication with the CPU 114 .
  • the instructions exchanged between the guest OS's and the CPU are virtualized by virtualizing middleware 118 , which may take the form of a hypervisor or virtual machine manager (“VMM”).
  • VMM virtual machine manager
  • some of the exchanged instructions relate to basic I/O operations.
  • the exchanged instructions are virtualized by virtualizing middleware 118 , the instructions are taken out of their native form and put in a virtualized form. This virtualized form is generally a lot more code intensive than native form. This virtualization makes operations slower and more prone to error than similar exchanges between a host OS, running at the OS security level and the CPU.
  • Sun discloses a system including secure operating system switching.
  • Sun discloses that to perform secure OS switching, a logically independent piece of software referred to as the OS switcher is used. When the Sun CPU is executing the Sun OS switcher code, the CPU is in the switcher mode. Otherwise, the CPU is operating in legacy mode.
  • Sun discloses that its OS switching emulates multiple computer systems in one, where at any time only one of them is active and others are suspended.
  • Sun further discloses that special care is taken during OS switching, as OS kernels typically are not ready to deal with the sudden loss of hardware ownership or loss of CPU execution control.
  • Sun further discloses that there are many possible ways to achieve strong security and isolation among multiple OS's in OS switching with VT-x.
  • Sun further discloses that the legacy mode is mapped into the non-root operation mode in VT-x while the switcher code is implemented in the root operation mode (ring 0 specifically).
  • the switcher code is implemented in the root operation mode (ring 0 specifically).
  • certain emulations are implemented in the OS switcher.
  • US published patent application 2006/0267857 (“Zhang”) discloses a multi-terminal system wherein multiple terminals are connected through a single graphical user interface layer.
  • the host computer includes an event queue module for receiving each input command from the input device(s) of each terminal.
  • the Applica PC Sharing Zero Client Network Computing Remote Workstation powered by Applica Inc. discloses a multi-terminal system.
  • US patent application 2003/0018892 (“Tello”) discloses a secure boot process for a personal computer.
  • a security kernel typically resides in the upper area in memory for encrypting/decrypting data from any application that is running under the operating system. In this way, two operating systems can work separately using the same hardware.
  • the Tello process utilizes a security engine including a kernel stored in a flash memory, a modified north bridge and a smart card for auto burning the flash memory portion of the security engine and key generation.
  • the Margulis system includes a host computer that processes applications and the desktop environments for multiple remote terminals.
  • the host computer also includes a terminal services offload processor to supplement the processing of the host CPU.
  • the terminal services offload processor is alleged to improve the video and graphics performance and to allow the multi-user host computer system to more efficiently support multiple users.
  • the host computer includes a graphics processor that manages a virtual display for each remote terminal and provides selective updates of sub frame data.
  • the sub frame data is encoded and transmitted (as appropriate) over the network to the remote terminals.
  • Video data streams are optimized by the terminal services offload processor and optimized for the intended remote terminals and their network connections.
  • the Bypass Interface intercepts the requests, forwards them to the host OS, which passes the request on to the actual resource, and then the returns the response from the host OS resource to the guest OS. Since is unnecessary to implement the Bypass Interface for every OS resource, problematic or performance-insensitive resources can be handled with machine virtualization.”
  • the present invention is directed to computer systems, methods and/or hardware where one or more guest operating systems exchange instructions with the processing hardware (see DEFINITIONS section) through a controller kernel. Even though the instructions are exchanged through the controller kernel, rather than directly between the OS and the processing hardware, the controller kernel does not change the instructions out of native form. The controller kernel refrains from virtualizing or emulating the instructions. For this reason, the controller kernel cannot be considered to be and/or include middleware, a hypervisor or VMM.
  • the use of the controller kernel can be helpful in computer systems with multiple guest OS's because it allows multiple containerized OS's to simultaneously run on a single set of processing hardware. For example, the multiple containerized OS's can be used to run multiple terminals.
  • controller kernel may also be useful even if there is a single guest operating system.
  • a LINUX controller kernel has been found to speed up the operation of the Windows Vista operating system running as the guest OS, relative to the speed of Windows Vista running directly on the same processing hardware in the conventional way.
  • Multi-Sharing Software Cursor Modified event device.
  • Modified Linux kernel that creates a SW cursor for each input device. Hides the HW cursor and allows multiple monitors to be concurrently used (modified EVDEV—event device).
  • EVDEV is based on open source and not modularized, but a unique aspect is the installation script (copyrightable) that allows the EVDEV to be used in a manner for which it was not designed: controlling/handling multiple software cursors.
  • Another aspect of the present invention is Multi-Sharing. Separate desktops for the software cursor (modified zephyr) Modified Linux kernel from associating the same device (KMA) with a different control file.
  • Containerized guest OS on each workstation The ability for the operating system to host individual guest operating systems.
  • the controller kernel is used as a “traffic cop” to allow the loading of guest containerized OS's. It is a modified Linux kernel using propriety code in a module, using elements of Linux to achieve a function for which the individual elements were not designed.
  • the controller kernel runs guest operating systems directly on Ring Zero, so that the “traffic cop” allows host operating systems to link other applications to Ring Zero for a small amount of time.
  • Ring Zero is unmanaged and restricted to authorized code, and interacts most directly with hardware, thus running faster.
  • the benefit of the invention is that it allows the host OS's to work much faster when compared with other virtual machines, as fast as a normal desktop setup.
  • Modified Linux kernel treats a host OS as an application—the controller kernel allows a Linux application that would normally run in a slower Ring Three in a Ring Zero.
  • Another aspect of the present invention is locating the controller kernel in BIOS enables the software cursor and separate desktops for the software cursor.
  • the benefits of this aspect of the present invention are that the start time is decreased.
  • a computer system includes processing hardware, a first guest operating system, and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the controller kernel runs on the processing hardware.
  • the controller kernel is programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
  • a computer includes processing hardware, a first memory portion, and a controller memory portion.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the first memory portion is programmed with a first guest operating system.
  • the controller memory portion is programmed with a controller kernel running on the processing hardware.
  • the controller kernel is programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
  • a method includes the following steps (not necessarily in the following order): (i) providing a computer system; (ii) running the controller kernel on the processing hardware; and (iii) exchanging instructions through the controller kernel between the first guest operating system and the processing hardware at the OS security level.
  • the computer system includes processing hardware, a first guest operating system, and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • a computer system includes processing hardware, a first guest operating system, a second guest operating system and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the first guest operating system and the second guest operating system are containerized with respect to each other.
  • the controller kernel runs on the processing hardware.
  • the controller kernel is programmed to perform cycles including: (i) a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and (ii) a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
  • a computer includes processing hardware, a first memory portion, a second memory portion and a controller memory portion.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the first memory portion is programmed with a first guest operating system.
  • the second memory portion is programmed with a second guest operating system.
  • the first guest operating system and the second guest operating system are containerized with respect to each other.
  • the controller memory portion is programmed with a controller kernel running on the processing hardware.
  • the controller kernel being programmed to perform cycles including: (i) a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and (ii) a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
  • a method includes the step of providing a computer system including processing hardware, a first guest operating system, a second guest operating system and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the first guest operating system and the second guest operating system are containerized with respect to each other.
  • the method further includes the step of running cycles by the controller kernel. Each cycle include the following sub-steps: (i) during a first cycle portion, exchanging instructions between the first guest operating system and the processing hardware at the OS security level through the controller kernel, and (ii) during a second cycle portion, exchanging instructions between the second guest operating system and the processing hardware at the OS security level through the controller kernel.
  • a computer system includes processing hardware, a first guest operating system, a second guest operating system, a controller kernel, a first terminal hardware set and a second terminal hardware set.
  • the first guest operating system and the second guest operating system are containerized with respect to each other.
  • the controller kernel is programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware.
  • the first terminal hardware set is controlled by the first guest operating system.
  • the first terminal hardware set is in the form of an ultra thin terminal.
  • the second terminal hardware set is controlled by the second guest operating system.
  • the second terminal hardware set in the form of an ultra thin terminal.
  • a computer includes processing hardware, a first memory portion, a second memory portion, a controller memory portion, a first terminal hardware set and a second terminal hardware set.
  • the first memory portion is programmed with a first guest operating system.
  • the second memory portion is programmed with a second guest operating system.
  • the first guest operating system and the second guest operating system are containerized with respect to each other.
  • the controller memory portion is programmed with a controller kernel programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware.
  • the first terminal hardware set is controlled by the first guest operating system.
  • the first terminal hardware set in the form of an ultra thin terminal.
  • the second terminal hardware set is controlled by the second guest operating system.
  • the second terminal hardware set is in the form of an ultra thin terminal.
  • a method includes the step of: (a) providing a computer system including processing hardware, a first guest operating system, a second guest operating system (with the first guest operating system and the second guest operating system being containerized with respect to each other), a controller kernel, a first terminal hardware set (in the form of an ultra thin terminal), and a second terminal hardware set (in the form of an ultra thin terminal).
  • the method further includes the following steps: (b) controlling, by the controller kernel, an exchange of instructions between the first guest operating system and the processing hardware; (c) controlling, by the first guest operating system, the first terminal hardware set based on the exchange of instructions occurring at step (b); (d) controlling, by the controller kernel, an exchange of instructions between the second guest operating system and the processing hardware; and (e) controlling, by the second guest operating system, the second terminal hardware set based on the exchange of instructions occurring at step (d).
  • a computer system includes processing hardware, a first guest operating system, a second guest operating system, and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the controller kernel runs on the processing hardware.
  • the controller kernel is programmed to: (i) selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and (ii) selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • a computer includes processing hardware, a first memory portion, a second memory portion, and a controller memory portion.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the first memory portion is programmed with a first guest operating system.
  • the second memory portion is programmed with a second guest operating system.
  • the controller memory portion is programmed with a controller kernel running on the processing hardware.
  • the controller kernel is programmed to: (i) selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and (ii) selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • a method includes the step of: (a) providing a computer system including processing hardware, a first guest OS, a second guest OS and a controller kernel.
  • the processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • the method further includes the steps of: (b) selectively allowing the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel; (c) during step (b), pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running; (d) selectively allowing the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel; and (e) during step (d), pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • FIG. 1 is a schematic of a prior art computer system
  • FIG. 2 is a perspective external view of a first embodiment of a computer system according to the present invention.
  • FIG. 3 is a schematic of the first embodiment computer system
  • FIG. 4 is a more detailed schematic of a portion of the first embodiment computer system
  • FIGS. 5A , 5 B, 5 C and 5 D are a flowchart of a first embodiment of a method according to the present invention.
  • FIG. 6 is a of a second embodiment of a computer system according to the present invention.
  • FIGS. 7A and 7B are a flowchart of a second embodiment of a method according to the present invention.
  • FIG. 2 shows computer system 200 according to the present invention, including desktop PC 202 and four terminals 204 a, 204 b, 204 c and 204 d.
  • Desktop PC 202 could alternatively be any other type of computer now known or to be developed in the future, such as a laptop, a tablet, a mini computer, a mainframe computer, a super computer, a blade, etc.
  • Terminals 204 each includes I/O devices in the form of a display, a keyboard, a mouse and an audio device.
  • the display is the primary output device and may be any type of display now known or to be developed in the future, such as an LCD display or a CRT display.
  • output devices could be present, such as printers, lights (LEDs) and/or vibrating output devices.
  • the keyboard, mouse and audio speakers are the primary input devices, but they may include output capabilities as well.
  • output devices of any type now known or to be developed in the future, such as drawing tablets, joysticks, footpads, eyetracking input devices, touchscreens, etc.
  • each terminal 204 is connected to be in display data communication with desktop PC 202 by a standard parallel display connection, but may be connected by any appropriate data connection now known or to be developed in the future, such as a wireless connection.
  • the input devices of terminal 204 are connected to desktop PC 202 by a USB connection. Alternatively, they may be connected by any means now known or to be developed in the future, such as PS2 connection or wireless connection.
  • One or more USB hubs may be used between desktop PC 202 and the input devices of terminals 204 .
  • Terminals 204 are preferably ultra thin terminals (see DEFINITIONS section). Alternatively, some or all terminals 204 could include a client computer with memory and processing capability. Terminals 204 may also include an I/O port for a portable memory, such as a USB port for a detachably attachable USB flash memory or jump drive.
  • a portable memory such as a USB port for a detachably attachable USB flash memory or jump drive.
  • FIG. 3 is a schematic of system 200 including desktop PC 202 ; terminals 204 ; video card 210 ; I/O ports 212 ; CPU 214 ; POSIX kernel 215 ; four guest OS's 220 a, 220 b, 220 c, 220 d; four guest applications 222 a, 222 b, 222 c, 222 d; four displays 230 a, 230 b, 230 c, 230 d; and four sets of KMA devices 232 a, 232 b, 232 c, 232 d.
  • Video card 210 has at least four outputs to supply display data to the four display devices 230 a, 230 b, 230 c, 230 d. Although not shown, video card 210 may have at least one additional output for: (i) additional terminals; and/or (ii) use with the POSIX kernel and/or any host operating system that may be present.
  • the video card may take the form of multiple video cards.
  • the CPU may be any type of processing hardware, such as x86 architecture or other Windows type, Apple type, Sun type, etc.
  • the hardware structure of the CPU will determine the native form for the instructions that it gives and receives. For this reason, the guest OS's 220 a, 220 b, 220 c, 220 d must be fully compatible with CPU 214 .
  • the POSIX kernel is preferably a LINUX kernel because LINUX is open source and also because a LINUX kernel can be expanded to run LINUX applications.
  • the kernel may be written in other formats to be compatible with the CPU such as Windows or BSD.
  • the PC 202 preferably includes a software algorithm (not shown) that loads the POSIX kernel (Linux 2.6 preferably) onto an available motherboard EEPROM instead of the currently installed proprietary BIOS.
  • the kernel along with several other helpful C based programs preferably run in 32 bit mode, as opposed to the current method of running the BIOS in 16 bit mode. These programs preferably include BusyBox, uClibc, and XII. The result is a greatly decreased boot time. All of this is preferably run in the cache memory of the CPU instead of normal DRAM. The reason for this is that DRAM is normally initialized by the BIOS and can't be used until it is initialized. The first program that runs is also written in C and it is what initializes and uses this CPU memory.
  • the POSIX kernel 215 does not necessarily have any sockets or run any applications. It may only runs sub-modules that control multiple video, keyboard, mouse, and the audio devices for multiple, concurrent local connections. Current technology will allow only one user to use the system at a time using one set of keyboard, mice, and monitors. These modules have been modified to allow multiple inputs (keyboards and mice) and outputs (audio and video) devices to be used independently and concurrently.
  • the terminals 204 are not remotely located, but, in some embodiments of the invention, they may be.
  • the terminals are located on the same machine and the output goes directly via the system bus to the associated devices resulting in multi-user system with very little slow-down. It utilizes the excess CPU power that is available to control multiple sessions just like in a “thin client” environment. The difference is that in a “thin client” environment the output is converted to TCP-IP protocol and sent via a network connection. This conversion and packeteering of video results in slow screen redraws.
  • This ability to run multiple “sessions” is currently available with Linux (XII) and Windows (RDP), on remote machines but the remote machines must have the necessary hardware and software necessary to locally control the keyboard, mouse, audio and video devices. Because everything is preferably loaded from the local EEPROM, boot up from power-on to login is approximately 6 seconds. This compares favorably to current Windows, MacIntosh, or Linux startup times of 30-50 seconds.
  • the invention is able to take advantage of the scheduling components and modularity of Linux to use it as a supervisor for other operating systems to run concurrently. This can efficiently install one guest operating system (for example, guest Windows OS) in conjunction with each set of keyboards, mice, and monitors.
  • guest Windows OS for example, guest Windows OS
  • FIGS. 7A and 7B are a flowchart showing exemplary process flow for the exchange of instructions between the guest OS's 220 and the CPU 214 through the POSIX kernel 215 according to the present invention.
  • This flowchart will now be discussed in narrative terms, after which discussion, FIG. 3 will be further discussed.
  • a modified Linux interrupt service code . . . /kernel/entry-v.s
  • the idle loop . . . /kernel/process.c
  • a modified Interrupt Descriptor Table this can control and tell if a system “session” is: (i) running; (ii) not running; or (iii) pre-empted.
  • the kernel has priority for all actions, but since it is only providing low throughput I/O control and video rendering (video is mostly handled by the GPU on the video card), preemption by the host kernel is very low in proportion to time allowed for the “clients.”
  • Video, ethernet, and audio devices are virtualized, off-the-shelf drivers.
  • Raw I/O from these devices is sent through the modified Linux idle loop and Interrupt Descriptor Table to the “real” hardware in a prioritized fashion. This allows a number of segregated “sessions” to be run at near native speed.
  • the guest OS's 220 are preferably Windows OS's, such as Windows XP or Windows Vista.
  • Windows OS's such as Windows XP or Windows Vista.
  • any type of guest OS now known or to be developed in the future may be used.
  • Windows Vista has been found to run faster when run through the POSIX kernel according to the present invention.
  • the guest OS's will be different from each other. For example, there may be a Windows XP OS, a Windows Vista OS, an Ubuntu LINUX OS and a BSD OS.
  • Systems with multiple OS's may be preferred in embodiments of the present invention where there are not multiple terminals, but rather a single set of I/O devices connected to desktop PC 202 in the conventional way.
  • a single user can switch between various operating systems at will, taking advantage of native applications 222 for a variety of operating systems on a single physical machine.
  • FIG. 4 shows a more detailed schematic of POSIX kernel 215 including: critical portion 215 a; non-critical portion 215 b; interrupt descriptor table 250 ; idle loop 252 ; and POSIX socket 254 .
  • Critical portion 215 a is critical because this is the portion that passes instructions in native form between CPU 214 and guest OS's 220 .
  • critical portion 215 a takes the place of the virtualizing middleware of the prior art, with the important differences that: (i) the POSIX kernel passes instructions in native form, rather than translating them into virtualized or emulated form at intermediate portions of the exchange; and/or (ii) the POSIX kernel permits the guest OS's to run at an OS security level (for example, Ring Zero or Ring One), rather than a higher security level (see FIG. 3 at reference numeral L 0 ). It is noted that applications running on top of the guest OS's will run at a higher security level (see FIG. 3 at reference numeral L 3 ), such as, for example, Ring Three. In other words, despite the presence of the kernel, guest OS's run at the security level that a host OS would normally run at in a conventional computer.
  • OS security level for example, Ring Zero or Ring One
  • the POSIX kernel accomplishes the exchange of native form instructions using interrupt descriptor table 250 and idle loop 252 .
  • Interrupt descriptor table 250 receives requests for service from each of the guest OS's. At any given time it will return a positive service code to one of the guest OS's and it will return a negative service code to all the other guest OS's.
  • the guest OS that receives back a positive return code will exchange instructions in native form with the CPU through idle loop 252 .
  • the other guest OS's, receiving back a negative return code from interrupt descriptor table 250 will be pre-empted and will remain running until they get back a positive return code.
  • the interrupt descriptor table cycles through all the guest OS's over a cycle time period, so that each guest OS can exchange instructions with the CPU in sequence over the course of a single cycle.
  • the interrupt descriptor table could provide for other time division allocations between the various guest OS's.
  • a user could provide user input to switch between guest OS's.
  • This form of time division allocation is preferred in single terminal, multiple operating system embodiments. There may be still other methods of time division allocation, such as random allocation (probably not preferred) or allocation based on detected activity levels at the various terminals.
  • Non-critical portion 215 b shows that the controller kernel may be extended beyond the bare functionality required to control the exchange of instructions between the guest OS's and the CPU.
  • a POSIX socket may be added to allow POSIX applications to run on the kernel itself.
  • the kernel is called a kernel herein, it may be extended to the point where it can be considered as a host operating system, but according to the present invention, these extensions should not interfere (that is virtualize or emulate) instructions being exchanged through the kernel in native form between the guest OS(es) and the CPU.
  • FIGS. 5A to 5D show an embodiment of process flow for one cycle for the exchange of instructions in native form between guest OS's 220 and CPU 214 through a kernel including an interrupt descriptor table and an idle loop.
  • the process includes: a first portion (steps S 302 , S 304 , S 306 , S 308 , S 310 , S 312 , S 314 , S 316 , S 318 ); a second portion (steps S 320 , S 322 , S 324 , S 326 , S 328 , S 330 , S 332 , S 334 , S 336 ); a third portion (steps S 338 , S 340 , S 342 , S 344 , S 346 , S 348 , S 350 , S 352 , S 354 ); and a fourth portion (steps S 356 , S 358 , S 360 , S 362 , S 364 , S 366 , S 368
  • the cycle has four portions because four guest OS's (and no host OS's) are running—each portion allows the exchange of instructions between one of the four guest OS's and the CPU so that all four operating systems can run concurrently and so that multiple users can respectively use the multiple operating systems as if they had a dedicated computer instead of an ultra thin terminal.
  • the entire cycle allows each OS to get a new video frame about every 30 microseconds (MS).
  • MS microseconds
  • each terminal display gets a about 30 frames per second (fps), which results in a smooth display.
  • fps frames per second
  • Above 30 frames per second there is little, if any, improvement in the appearance of the video, but below 30 fps, the display can begin to appear choppy and/or aesthetically irritating.
  • the cycle time, in this four portion embodiment is preferably about 30 MS to maintain a good 30 fps frame rate in the displays, this means that each cycle portion is about 30/4 MS, which equals about 8 MS.
  • FIG. 6 is a schematic of a second embodiment computer system 400 according to the present invention including: guest OS 402 a; guest OS 402 b; guest OS 402 c; guest OS 402 d; hardware control sub-modules 408 ; controller kernel 410 ; hard drive 414 ; hardware layer; and EEPROM 418 .
  • Hardware control sub-modules 408 include the following sub-modules: network interface card (NIC) 434 ; keyboard 436 ; mouse 438 ; audio 440 ; video 442 , memory 444 and CPU 446 .
  • Controller kernel 410 includes the following portions: kernel process module 448 ; kernel entry module 450 ; idle loop 452 ; interrupt service code 454 ; and interrupt descriptor table 456 .
  • Hardware layer 416 includes the following portions: network interface card (NIC) 420 ; keyboard 422 ; mouse 424 ; audio 426 ; video 428 , memory 430 and CPU 432 .
  • the operating systems are containerized.
  • the presentation layer in this embodiment is Windows.
  • the hardware control sub-modules 408 are direct access drivers and may additionally include other sub-modules, such as a video acceleration module.
  • the EEPROM 418 is the normal location for BIOS, but in this embodiment of the present invention is loaded with the controller kernel 410 and X 11 . EEPROM 418 invokes the hard drive after the initial boot up. The control kernel is invoked from hard drive 414 during the original EEPROM 418 boot.
  • each card preferably has its own MAC address and own IP address.
  • FIGS. 7A and 7B show a more detailed embodiment of the process flow through an interrupt descriptor table and idle loop in a LINUX controller kernel according to the present invention.
  • Figures &A and 7 B include LINUX control kernel level steps 502 ; Head 1 steps 504 and Head 2 steps 506 .
  • Present invention means at least some embodiments of the present invention; references to various feature(s) of the “present invention” throughout this document do not mean that all claimed embodiments or methods include the referenced feature(s).
  • ordinals Unless otherwise noted, ordinals only serve to distinguish or identify (e.g., various members of a group); the mere use of ordinals implies neither a consecutive numerical limit nor a serial limitation.
  • Receive/provide/send/input/output unless otherwise explicitly specified, these words should not be taken to imply: (i) any particular degree of directness with respect to the relationship between their objects and subjects; and/or (ii) absence of intermediate components, actions and/or things interposed between their objects and subjects.
  • containerized code portions running at least substantially independently of each other.
  • terminal/terminal hardware set a set of computer peripheral hardware that includes at least one input device that can be used by a human user to input data and at least one output device that outputs data to a human user in human user readable form.
  • ultra thin terminal any terminal or terminal hardware set that has substantially no memory; generally ultra thin terminals will have no more processing capability than the amount of processing capability needed to run a video display, but this is not necessarily required.
  • basic I/O operations operations related to receiving input from or delivering output to a human user; basic I/O operations relate to control of I/O devices including, but not limited to keyboards, mice, visual displays and/or printers.
  • a guest OS may be considered as a guest OS regardless of whether: (i) a host OS exists in the computer system; (ii) the existence or non-existence of other OS's on the system; and/or (iii) whether the guest OS is contained within one or more subsuming OS's.
  • security level a level of privileges and permissions for accessing or exchanging instructions with processing hardware; for example, some types of processing hardware define security levels as Ring Zero (level of greatest permissions and privilege), Ring One, Ring Two, and so on; not all security levels may be used in a given computer system.
  • OS security level any security level defined in a given system that is consistent with normal operations of a typical operating system running directly on the processing hardware (and not as a virtual machine); for example, for an Intel/Windows type of processing hardware Ring Zero, Ring One and perhaps Ring Two would be considered as “OS security levels,” but Ring Three and higher would not.
  • native form a form of instructions that can be operatively received by and/or is output from processing hardware directly and without any sort of translation or modification to form by software running on the hardware; generally speaking, different processing hardware types are characterized by different native forms.
  • POSIX includes, but is not limited to, LINUX.
  • processing hardware typically takes the form of a central processing unit, but it is not necessarily so limited; processing hardware is not limited to any specific type and/or manufacturer (for examples, Intel/Windows, Apple, Sun, Motorola); processing hardware may include multiple cores, and different cores may or may not be allocated to different guest operating systems and/or groups of operating systems.
  • Computer system any computer system without regard to: (i) whether the constituent elements of the system are located within proximity to each other; and/or (ii) whether the constituent elements are located in the same housing.
  • Exchange instructions includes: (i) two way exchanges of instructions flowing in both directions between two elements; and/or (ii) one way transmission of instructions flowing in a single direction from one element to another.
  • Memory portion any portion of a memory structure or structures, including, but not necessarily limited to, hard drive space, flash drive, jump drive, solid state memory, cache memory, DRAM, RAM and/or ROM; memory portions are not limited to: (i) portions with consecutive physical addresses; (ii) portions with consecutive logical address; (iii) portions located within a single piece of hardware; (iv) portions located so that the entire portion is in the same locational proximity; and/or (v) portions located entirely on a single piece of hardware (for example, in a single DRAM).
  • the selectivity may be implemented in many, various ways, such as regular cycling, user input directed, dynamically scheduled, random, etc.
  • pre-empt includes, but is not limited to, delay, queue, interrupt, etc.
  • steps in method steps or process claims need only be performed in the same time order as the order the steps are recited in the claim only to the extent that impossibility or extreme feasibility problems dictate that the recited step order (or portion of the recited step order) be used.
  • This prohibition on inferring method step order merely from the order of step recitation in a claim applies even if the steps are labeled as (a), (b) and so on.
  • This broad interpretation with respect to step order is to be used regardless of whether the alternative time ordering(s) of the claimed steps is particularly mentioned or discussed in this document.

Abstract

The present invention is directed to computer systems, methods and/or hardware where one or more guest operating systems exchange instructions with the processing hardware (see DEFINITIONS section) through a controller kernel. Even though the instructions are exchanged through the controller kernel, rather than directly between the OS and the processing hardware, the controller kernel does not change the instructions out of native form. The controller kernel refrains from virtualizing or emulating the instructions. For this reason, the controller kernel cannot be considered to be and/or include middleware, a hypervisor or VMM. The use of the controller kernel can be helpful in computer systems with multiple guest OS's because it allows multiple containerized OS's to simultaneously run on a single set of processing hardware. For example, the multiple containerized OS's can be used to run multiple terminals. The use of the controller kernel may also be useful even if there is a single guest operating system. For example, a LINUX controller kernel has been found to speed up the operation of the Windows Vista operating system running as the guest OS, relative to the speed of Windows Vista running directly on the same processing hardware in the conventional way.

Description

    RELATED APPLICATION
  • The present application claims priority to U.S. provisional patent application No. 60/973,923, filed on Sep. 20, 2007; all of the foregoing patent-related document(s) are hereby incorporated by reference herein in their respective entirety(ies).
  • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates to computer systems with a computer running multiple operating systems and more particularly to computer systems with a computer running multiple containerized (see DEFINITIONS section) operating systems to be respectively used by multiple terminals (see DEFINITIONS section).
  • 2. Description of the Related Art
  • It is conventional to have a computer, such as a modified PC desktop type host computer, which controls and operates a plurality of terminals. In fact, mainframe computers dating back to at least the 1970s operated in this way. More recently, each terminal has been given its own operating system and/or instance of an operating system. These kind of systems are herein called multi-terminal systems.
  • It is conventional to use a hypervisor to run multiple operating systems on a single computer. A hypervisor (or virtual machine monitor) is a virtualization platform that allows multiple operating systems to run on a host computer at the same time. Some hypervisors take the form of software that runs directly on a given hardware platform as an operating system control program. With this kind of hypervisor, the guest operating system runs at the second level above the hardware. Other hypervisors take the form of software that runs within an operating system environment.
  • Hypervisors have conventionally been used in multi-terminal systems where each terminal has a dedicated guest operating system on a single host computer. In these conventional multi-terminal systems, I/O devices communicate I/O data through the hypervisor to perform basic I/O operations (see DEFINITIONS section). More specifically: (i) data from the I/O devices is communicated through the hypervisor to the computing hardware of the host computer; and (ii) from the computing hardware (if any) is communicated through the hypervisor to the I/O devices. Because the hypervisor is a virtualization platform, this means that the I/O devices must be virtualized in the software of the hypervisor and/or the guest operating system so that the communication of I/O data through the hypervisor can take place.
  • FIG. 1 shows prior art computer system 100 including: desktop PC 102 and four terminals 104 a, 104 b, 104 c and 104 d. Desktop PC 102 includes: video card 110; I/O ports 112; CPU 114; host operating system (“OS”) 116; virtualizing middleware 118, four guest OS's (see DEFINITIONS section) 120 a, 120 b, 120 c, 120 d; and four guest applications 122 a, 122 b, 122 c and 122 d. Each terminal 104 includes: display 130 and keyboard-mouse-audio (“KMA”) devices 132. Host OS may be any type of OS, such as Windows, Apple or POSIX (see DEFINITIONS section). As shown in FIG. 1, host OS 116 runs at security level (see DEFINITIONS section) L0, which may be, for example in an x86 CPU architecture, Ring Zero. This means that host OS 116 exchanges instructions directly with CPU 116 in native form (see DEFINITIONS section).
  • The guest OS's 120 a, 120 b, 120 c, 120 d are used to respectively control the four terminals 104 a, 104 b, 104 c, 104 d. This means that the four guest OS's: (i) control the visual displays respectively shown on displays 130 a, 130 b, 130 c, 130 d; (ii) receive input from the four keyboards 132 a, 132 b, 132 c, 132 d; (iii) receive input from the four mice 132 a, 132 b, 132 c, 132 d; and (iv) control audio for the four audio output devices (for example, speakers, headphones) 132 a, 132 b, 132 c, 132 d. The four guest OS's 120 a, 120 b, 120 c, 120 d are containerized virtual machines so that work by one user on one terminal does not affect or interfere with work by another user on another terminal. As shown in FIG. 1, they can respectively run their own application(s) 122 a, 122 b, 122 c, 122 d in an independent manner.
  • However, the four guest OS's are virtual machines, running at a security level 13, which is above the OS security level (see DEFINITIONS section) L0. For example, in an x86 architecture, the guest OS's 120 a, 120 b, 120 c, 120 d would be running at Ring Three. This is an indirect form of communication with the CPU 114. Furthermore, the instructions exchanged between the guest OS's and the CPU are virtualized by virtualizing middleware 118, which may take the form of a hypervisor or virtual machine manager (“VMM”). For example, some of the exchanged instructions relate to basic I/O operations. When the exchanged instructions are virtualized by virtualizing middleware 118, the instructions are taken out of their native form and put in a virtualized form. This virtualized form is generally a lot more code intensive than native form. This virtualization makes operations slower and more prone to error than similar exchanges between a host OS, running at the OS security level and the CPU.
  • US published patent application 2008/0092145 (“Sun”) discloses a system including secure operating system switching. Sun discloses that to perform secure OS switching, a logically independent piece of software referred to as the OS switcher is used. When the Sun CPU is executing the Sun OS switcher code, the CPU is in the switcher mode. Otherwise, the CPU is operating in legacy mode. Sun discloses that its OS switching emulates multiple computer systems in one, where at any time only one of them is active and others are suspended. Sun further discloses that special care is taken during OS switching, as OS kernels typically are not ready to deal with the sudden loss of hardware ownership or loss of CPU execution control. Sun further discloses that there are many possible ways to achieve strong security and isolation among multiple OS's in OS switching with VT-x. Sun further discloses that the legacy mode is mapped into the non-root operation mode in VT-x while the switcher code is implemented in the root operation mode (ring 0 specifically). In order to ensure the continuing running of the OS's in legacy mode, certain emulations are implemented in the OS switcher.
  • US published patent application 2006/0267857 (“Zhang”) discloses a multi-terminal system wherein multiple terminals are connected through a single graphical user interface layer. The host computer includes an event queue module for receiving each input command from the input device(s) of each terminal.
  • US patent application 2007/0174414 (“Song”) discloses a thin client/server computer system. Communication between the server (or host) and multiple thin clients is performed by independent computing architecture (ICA) from Citrix Systems, Inc., or a remote desktop protocol from Microsoft Corporation. Each thin client includes a CPU, separate individual operating system, a high capacity memory, RAM, BIOS firmware and peripheral device connection hardware. The Song system includes a CPU at each terminal. For example, an execution result is sent from the host to the thin client as a bitmap image which the thin client processes locally, with its processing unit, so that can be displayed on a monitor at the thin client. Song does disclose that its host may include an EEPROM, but does not mention anything about partitions. It is believed that the X300 Access Terminal Kit sold by Ncomputing is an embodiment of the technology described in Song.
  • The Applica PC Sharing Zero Client Network Computing Remote Workstation powered by Applica Inc. (see www.applica.com website, cached versions 31 Jul. 2007 and earlier) discloses a multi-terminal system.
  • US patent application 2003/0018892 (“Tello”) discloses a secure boot process for a personal computer. In the Tello process, a security kernel typically resides in the upper area in memory for encrypting/decrypting data from any application that is running under the operating system. In this way, two operating systems can work separately using the same hardware. In place of a standard BIOS, the Tello process utilizes a security engine including a kernel stored in a flash memory, a modified north bridge and a smart card for auto burning the flash memory portion of the security engine and key generation.
  • US patent application 2007/0097130 (“Margulis”) discloses a multi-user host computer system. The Margulis system includes a host computer that processes applications and the desktop environments for multiple remote terminals. The host computer also includes a terminal services offload processor to supplement the processing of the host CPU. The terminal services offload processor is alleged to improve the video and graphics performance and to allow the multi-user host computer system to more efficiently support multiple users. The host computer includes a graphics processor that manages a virtual display for each remote terminal and provides selective updates of sub frame data. The sub frame data is encoded and transmitted (as appropriate) over the network to the remote terminals. Video data streams are optimized by the terminal services offload processor and optimized for the intended remote terminals and their network connections.
  • US patent application 2008/0168479 (“Purtell”) discloses a computer system that system augments machine virtualization by entirely bypassing resource emulation for performance-critical features, such as 3D graphics acceleration, through the use of high-performance interfaces between the guest OS and the host OS. The Purtell system is alleged to ameliorate the performance penalties and functionality restrictions of conventional resource emulation. Purtell states: “Bypass virtualization avoids the performance penalties and functionality restrictions of conventional resource emulation by a VMM by bypassing the VMM—requests issued by a guest OS for a host OS resource are instead channeled through the Bypass Interface. The Bypass Interface intercepts the requests, forwards them to the host OS, which passes the request on to the actual resource, and then the returns the response from the host OS resource to the guest OS. Since is unnecessary to implement the Bypass Interface for every OS resource, problematic or performance-insensitive resources can be handled with machine virtualization.”
  • Other publications potentially of interest include: (i) U.S. Pat. No. 5,903,752 (“Dingwall”); (ii) US patent application 2007/0028082 (“Lien”); (iii) US patent application 2008/0077917 (“Chen”); (iv) US published patent application 2007/0078891 (“Lescouet”); (v) US published patent application 2007/0204265 (“Oshins”); (vi) US published patent application 2007/0057953 (“Green”); (vii) US patent application 2007/0174410 (“Croft”); (viii) US patent application 2004/0073912 (“Meza”); and/or (ix) US patent application 2007/0043928 (“Panesar”).
  • Description Of the Related Art Section Disclaimer: To the extent that specific publications are discussed above in this Description of the Related Art Section, these discussions should not be taken as an admission that the discussed publications (for example, published patents) are prior art for patent law purposes. For example, some or all of the discussed publications may not be sufficiently early in time, may not reflect subject matter developed early enough in time and/or may not be sufficiently enabling so as to amount to prior art for patent law purposes. To the extent that specific publications are discussed above in this Description of the Related Art Section, they are all hereby incorporated by reference into this document in their respective entirety(ies).
  • BRIEF SUMMARY OF THE INVENTION
  • The present invention is directed to computer systems, methods and/or hardware where one or more guest operating systems exchange instructions with the processing hardware (see DEFINITIONS section) through a controller kernel. Even though the instructions are exchanged through the controller kernel, rather than directly between the OS and the processing hardware, the controller kernel does not change the instructions out of native form. The controller kernel refrains from virtualizing or emulating the instructions. For this reason, the controller kernel cannot be considered to be and/or include middleware, a hypervisor or VMM. The use of the controller kernel can be helpful in computer systems with multiple guest OS's because it allows multiple containerized OS's to simultaneously run on a single set of processing hardware. For example, the multiple containerized OS's can be used to run multiple terminals. The use of the controller kernel may also be useful even if there is a single guest operating system. For example, a LINUX controller kernel has been found to speed up the operation of the Windows Vista operating system running as the guest OS, relative to the speed of Windows Vista running directly on the same processing hardware in the conventional way.
  • Another aspect of the present invention is Multi-Sharing Software Cursor (modified event device). Modified Linux kernel that creates a SW cursor for each input device. Hides the HW cursor and allows multiple monitors to be concurrently used (modified EVDEV—event device). Note that EVDEV is based on open source and not modularized, but a unique aspect is the installation script (copyrightable) that allows the EVDEV to be used in a manner for which it was not designed: controlling/handling multiple software cursors.
  • Another aspect of the present invention is Multi-Sharing. Separate desktops for the software cursor (modified zephyr) Modified Linux kernel from associating the same device (KMA) with a different control file.
  • Another aspect of the present invention is containerization. Containerized guest OS on each workstation The ability for the operating system to host individual guest operating systems. The controller kernel is used as a “traffic cop” to allow the loading of guest containerized OS's. It is a modified Linux kernel using propriety code in a module, using elements of Linux to achieve a function for which the individual elements were not designed.
  • Another aspect of the present invention is connection to Ring Zero. The controller kernel runs guest operating systems directly on Ring Zero, so that the “traffic cop” allows host operating systems to link other applications to Ring Zero for a small amount of time. Normally, Ring Zero is unmanaged and restricted to authorized code, and interacts most directly with hardware, thus running faster. In the case of running multiple operating systems, there is a need to manage the invention the multiple operating systems' use of Ring Zero. The benefit of the invention is that it allows the host OS's to work much faster when compared with other virtual machines, as fast as a normal desktop setup. Modified Linux kernel treats a host OS as an application—the controller kernel allows a Linux application that would normally run in a slower Ring Three in a Ring Zero.
  • Another aspect of the present invention is locating the controller kernel in BIOS enables the software cursor and separate desktops for the software cursor. The benefits of this aspect of the present invention are that the start time is decreased.
  • Various embodiments of the present invention may exhibit one or more of the following objects, features and/or advantages:
  • (1) decreased boot time;
  • (2) eliminate limitations on applications encountered with server based architectures;
  • (3) reduce PC administration (for example, virus updates, service pack updates);
  • (4) extend capabilities of single PC to run a plurality of terminals;
  • (5) reduce cost of acquisition and cost of ownership;
  • (6) allows legal sharing of certain software licenses;
  • (7) multiple terminals with familiar desktop display;
  • (8) multiple terminals with no custom configuration or special protocols; and
  • (9) system useful for libraries, classrooms, businesses, governmental applications retail terminals and/or retail kiosks.
  • According to one aspect of the present invention, a computer system includes processing hardware, a first guest operating system, and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The controller kernel runs on the processing hardware. The controller kernel is programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
  • According to a further aspect of the present invention, a computer includes processing hardware, a first memory portion, and a controller memory portion. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The first memory portion is programmed with a first guest operating system. The controller memory portion is programmed with a controller kernel running on the processing hardware. The controller kernel is programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
  • According to a further aspect of the present invention, a method includes the following steps (not necessarily in the following order): (i) providing a computer system; (ii) running the controller kernel on the processing hardware; and (iii) exchanging instructions through the controller kernel between the first guest operating system and the processing hardware at the OS security level. At the providing step, the computer system includes processing hardware, a first guest operating system, and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level.
  • According to a further aspect of the present invention, a computer system includes processing hardware, a first guest operating system, a second guest operating system and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The first guest operating system and the second guest operating system are containerized with respect to each other. The controller kernel runs on the processing hardware. The controller kernel is programmed to perform cycles including: (i) a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and (ii) a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
  • According to a further aspect of the present invention, a computer includes processing hardware, a first memory portion, a second memory portion and a controller memory portion. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The first memory portion is programmed with a first guest operating system. The second memory portion is programmed with a second guest operating system. The first guest operating system and the second guest operating system are containerized with respect to each other. The controller memory portion is programmed with a controller kernel running on the processing hardware. The controller kernel being programmed to perform cycles including: (i) a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and (ii) a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
  • According to a further aspect of the present invention, a method includes the step of providing a computer system including processing hardware, a first guest operating system, a second guest operating system and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The first guest operating system and the second guest operating system are containerized with respect to each other. The method further includes the step of running cycles by the controller kernel. Each cycle include the following sub-steps: (i) during a first cycle portion, exchanging instructions between the first guest operating system and the processing hardware at the OS security level through the controller kernel, and (ii) during a second cycle portion, exchanging instructions between the second guest operating system and the processing hardware at the OS security level through the controller kernel.
  • According to a further aspect of the present invention, a computer system includes processing hardware, a first guest operating system, a second guest operating system, a controller kernel, a first terminal hardware set and a second terminal hardware set. The first guest operating system and the second guest operating system are containerized with respect to each other. The controller kernel is programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware. The first terminal hardware set is controlled by the first guest operating system. The first terminal hardware set is in the form of an ultra thin terminal. The second terminal hardware set is controlled by the second guest operating system. The second terminal hardware set in the form of an ultra thin terminal.
  • According to a further aspect of the present invention, a computer includes processing hardware, a first memory portion, a second memory portion, a controller memory portion, a first terminal hardware set and a second terminal hardware set. The first memory portion is programmed with a first guest operating system. The second memory portion is programmed with a second guest operating system. The first guest operating system and the second guest operating system are containerized with respect to each other. The controller memory portion is programmed with a controller kernel programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware. The first terminal hardware set is controlled by the first guest operating system. The first terminal hardware set in the form of an ultra thin terminal. The second terminal hardware set is controlled by the second guest operating system. The second terminal hardware set is in the form of an ultra thin terminal.
  • According to a further aspect of the present invention, a method includes the step of: (a) providing a computer system including processing hardware, a first guest operating system, a second guest operating system (with the first guest operating system and the second guest operating system being containerized with respect to each other), a controller kernel, a first terminal hardware set (in the form of an ultra thin terminal), and a second terminal hardware set (in the form of an ultra thin terminal). The method further includes the following steps: (b) controlling, by the controller kernel, an exchange of instructions between the first guest operating system and the processing hardware; (c) controlling, by the first guest operating system, the first terminal hardware set based on the exchange of instructions occurring at step (b); (d) controlling, by the controller kernel, an exchange of instructions between the second guest operating system and the processing hardware; and (e) controlling, by the second guest operating system, the second terminal hardware set based on the exchange of instructions occurring at step (d).
  • According to a further aspect of the present invention, a computer system includes processing hardware, a first guest operating system, a second guest operating system, and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. the controller kernel runs on the processing hardware. The controller kernel is programmed to: (i) selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and (ii) selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • According to a further aspect of the present invention, a computer includes processing hardware, a first memory portion, a second memory portion, and a controller memory portion. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. The first memory portion is programmed with a first guest operating system. The second memory portion is programmed with a second guest operating system. The controller memory portion is programmed with a controller kernel running on the processing hardware. The controller kernel is programmed to: (i) selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and (ii) selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • According to a further aspect of the present invention, a method includes the step of: (a) providing a computer system including processing hardware, a first guest OS, a second guest OS and a controller kernel. The processing hardware defines an OS security level and at least a first additional security level above the OS security level. the method further includes the steps of: (b) selectively allowing the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel; (c) during step (b), pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running; (d) selectively allowing the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel; and (e) during step (d), pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The present invention will be more fully understood and appreciated by reading the following Detailed Description in conjunction with the accompanying drawings, in which:
  • FIG. 1 is a schematic of a prior art computer system;
  • FIG. 2 is a perspective external view of a first embodiment of a computer system according to the present invention;
  • FIG. 3 is a schematic of the first embodiment computer system;
  • FIG. 4 is a more detailed schematic of a portion of the first embodiment computer system;
  • FIGS. 5A, 5B, 5C and 5D are a flowchart of a first embodiment of a method according to the present invention;
  • FIG. 6 is a of a second embodiment of a computer system according to the present invention; and
  • FIGS. 7A and 7B are a flowchart of a second embodiment of a method according to the present invention.
  • DETAILED DESCRIPTION OF THE INVENTION
  • FIG. 2 shows computer system 200 according to the present invention, including desktop PC 202 and four terminals 204 a, 204 b, 204 c and 204 d. Desktop PC 202 could alternatively be any other type of computer now known or to be developed in the future, such as a laptop, a tablet, a mini computer, a mainframe computer, a super computer, a blade, etc. Terminals 204 each includes I/O devices in the form of a display, a keyboard, a mouse and an audio device. The display is the primary output device and may be any type of display now known or to be developed in the future, such as an LCD display or a CRT display. Alternatively or additionally, other output devices could be present, such as printers, lights (LEDs) and/or vibrating output devices. The keyboard, mouse and audio speakers are the primary input devices, but they may include output capabilities as well. Alternatively or additionally, there may be other output devices of any type now known or to be developed in the future, such as drawing tablets, joysticks, footpads, eyetracking input devices, touchscreens, etc.
  • Preferably, the display of each terminal 204 is connected to be in display data communication with desktop PC 202 by a standard parallel display connection, but may be connected by any appropriate data connection now known or to be developed in the future, such as a wireless connection. Preferably, the input devices of terminal 204 are connected to desktop PC 202 by a USB connection. Alternatively, they may be connected by any means now known or to be developed in the future, such as PS2 connection or wireless connection. One or more USB hubs may be used between desktop PC 202 and the input devices of terminals 204.
  • Terminals 204 are preferably ultra thin terminals (see DEFINITIONS section). Alternatively, some or all terminals 204 could include a client computer with memory and processing capability. Terminals 204 may also include an I/O port for a portable memory, such as a USB port for a detachably attachable USB flash memory or jump drive.
  • FIG. 3 is a schematic of system 200 including desktop PC 202; terminals 204; video card 210; I/O ports 212; CPU 214; POSIX kernel 215; four guest OS's 220 a, 220 b, 220 c, 220 d; four guest applications 222 a, 222 b, 222 c, 222 d; four displays 230 a, 230 b, 230 c, 230 d; and four sets of KMA devices 232 a, 232 b, 232 c, 232 d.
  • Video card 210 has at least four outputs to supply display data to the four display devices 230 a, 230 b, 230 c, 230 d. Although not shown, video card 210 may have at least one additional output for: (i) additional terminals; and/or (ii) use with the POSIX kernel and/or any host operating system that may be present. The video card may take the form of multiple video cards.
  • The CPU may be any type of processing hardware, such as x86 architecture or other Windows type, Apple type, Sun type, etc. The hardware structure of the CPU will determine the native form for the instructions that it gives and receives. For this reason, the guest OS's 220 a, 220 b, 220 c, 220 d must be fully compatible with CPU 214. Importantly, there is substantially no virtualizing middleware layer in desktop PC 202 to correct for any incompatibilities.
  • The POSIX kernel is preferably a LINUX kernel because LINUX is open source and also because a LINUX kernel can be expanded to run LINUX applications. Alternative, the kernel may be written in other formats to be compatible with the CPU such as Windows or BSD.
  • The PC 202 preferably includes a software algorithm (not shown) that loads the POSIX kernel (Linux 2.6 preferably) onto an available motherboard EEPROM instead of the currently installed proprietary BIOS. The kernel, along with several other helpful C based programs preferably run in 32 bit mode, as opposed to the current method of running the BIOS in 16 bit mode. These programs preferably include BusyBox, uClibc, and XII. The result is a greatly decreased boot time. All of this is preferably run in the cache memory of the CPU instead of normal DRAM. The reason for this is that DRAM is normally initialized by the BIOS and can't be used until it is initialized. The first program that runs is also written in C and it is what initializes and uses this CPU memory.
  • Once this is loaded, a larger module is called. This would typically be invoked from the hard drive. The POSIX kernel 215 does not necessarily have any sockets or run any applications. It may only runs sub-modules that control multiple video, keyboard, mouse, and the audio devices for multiple, concurrent local connections. Current technology will allow only one user to use the system at a time using one set of keyboard, mice, and monitors. These modules have been modified to allow multiple inputs (keyboards and mice) and outputs (audio and video) devices to be used independently and concurrently. Preferably, the terminals 204 are not remotely located, but, in some embodiments of the invention, they may be.
  • Preferably, the terminals are located on the same machine and the output goes directly via the system bus to the associated devices resulting in multi-user system with very little slow-down. It utilizes the excess CPU power that is available to control multiple sessions just like in a “thin client” environment. The difference is that in a “thin client” environment the output is converted to TCP-IP protocol and sent via a network connection. This conversion and packeteering of video results in slow screen redraws. This ability to run multiple “sessions” is currently available with Linux (XII) and Windows (RDP), on remote machines but the remote machines must have the necessary hardware and software necessary to locally control the keyboard, mouse, audio and video devices. Because everything is preferably loaded from the local EEPROM, boot up from power-on to login is approximately 6 seconds. This compares favorably to current Windows, MacIntosh, or Linux startup times of 30-50 seconds.
  • These modifications allow for a natural separation of the “sessions” to a great degree. Because of this, the invention is able to take advantage of the scheduling components and modularity of Linux to use it as a supervisor for other operating systems to run concurrently. This can efficiently install one guest operating system (for example, guest Windows OS) in conjunction with each set of keyboards, mice, and monitors.
  • FIGS. 7A and 7B are a flowchart showing exemplary process flow for the exchange of instructions between the guest OS's 220 and the CPU 214 through the POSIX kernel 215 according to the present invention. This flowchart will now be discussed in narrative terms, after which discussion, FIG. 3 will be further discussed. Using a modified Linux interrupt service code, . . . /kernel/entry-v.s, the idle loop, . . . /kernel/process.c, and a modified Interrupt Descriptor Table, this can control and tell if a system “session” is: (i) running; (ii) not running; or (iii) pre-empted. The kernel has priority for all actions, but since it is only providing low throughput I/O control and video rendering (video is mostly handled by the GPU on the video card), preemption by the host kernel is very low in proportion to time allowed for the “clients.”
  • Since the architecture is the same for both the host (Linux kernel) and the local “client” (x86-32 bit or 64 bit) operating system, there is little need for emulation of hardware and most instructions can be run directly on the applicable hardware. All CPU requests can be dynamically scheduled by the controller kernel and run in Ring Zero of the machine. If a protected call, privileged instruction, system trap, or page fault is presented that will not run properly or does not have permission to run in this unified system then it is moved to Ring Three. Ring Three is normally unused on an Intel system. All memory calls are directed to protected and pre-allocated memory locations. All hardware except video, ethernet, and audio devices is directly accessed by the “client” OS. Video, ethernet, and audio devices are virtualized, off-the-shelf drivers. Raw I/O from these devices is sent through the modified Linux idle loop and Interrupt Descriptor Table to the “real” hardware in a prioritized fashion. This allows a number of segregated “sessions” to be run at near native speed.
  • This is done without hardware virtualization extension techniques as currently available with the Intel VT or AMD V/SVM CPU chips, hardware emulation (VMWARE, QEMU, Bochs, etc.), or hypervisors like Xen or KVM (these require modification of source code). Finally, products like Cooperative Linux and UserMode Linux work with Windows as the host and Linux as the “guest” because the guest in this case (Linux) can be modified to give up control of the hardware when Windows asks for it. Since Windows can't easily be modified this concept has not been realized in reverse, for example Linux as host and Windows as guest. This aspect of the present invention is the reverse of this in that Linux is the host and Windows is the guest.
  • It may be difficult to modify the guest OS (for example, Windows) to give up control when the host (supervisor) asks for it, we can use /kernel/process.c (idle loop) and /kernel/entry-v.s (interrupt service) and the Interrupt Descriptor Table to trap privileged instructions and force the guest (Windows) to wait, until it is no longer preempted. In other words, we have modified the controller kernel (Linux) to put the requests of the guest (Windows) into the Linux idle loop if the guest is preempted. Since the host is not running applications, since it is only controlling I/O, the wait time during this preemption period is very short and it is not apparent to the user. Finally, when privileged instructions are trapped to Ring Three, the instructions are recompiled (sometimes on the fly) using QEMU recompilation code so that the next time this situation repeats itself, the trap is not needed.
  • Now that the operation of POSIX kernel has been explained in detail, discussion will return to FIG. 3. The guest OS's 220 are preferably Windows OS's, such as Windows XP or Windows Vista. Alternatively, any type of guest OS now known or to be developed in the future may be used. In some embodiments of the invention, there will be but a single guest OS. For example, Windows Vista has been found to run faster when run through the POSIX kernel according to the present invention. In some embodiments of the invention, the guest OS's will be different from each other. For example, there may be a Windows XP OS, a Windows Vista OS, an Ubuntu LINUX OS and a BSD OS. Systems with multiple OS's may be preferred in embodiments of the present invention where there are not multiple terminals, but rather a single set of I/O devices connected to desktop PC 202 in the conventional way. In these single terminal embodiments, a single user can switch between various operating systems at will, taking advantage of native applications 222 for a variety of operating systems on a single physical machine.
  • FIG. 4 shows a more detailed schematic of POSIX kernel 215 including: critical portion 215 a; non-critical portion 215 b; interrupt descriptor table 250; idle loop 252; and POSIX socket 254. Critical portion 215 a is critical because this is the portion that passes instructions in native form between CPU 214 and guest OS's 220. In a sense, critical portion 215 a takes the place of the virtualizing middleware of the prior art, with the important differences that: (i) the POSIX kernel passes instructions in native form, rather than translating them into virtualized or emulated form at intermediate portions of the exchange; and/or (ii) the POSIX kernel permits the guest OS's to run at an OS security level (for example, Ring Zero or Ring One), rather than a higher security level (see FIG. 3 at reference numeral L0). It is noted that applications running on top of the guest OS's will run at a higher security level (see FIG. 3 at reference numeral L3), such as, for example, Ring Three. In other words, despite the presence of the kernel, guest OS's run at the security level that a host OS would normally run at in a conventional computer.
  • In this preferred embodiment of the present invention, the POSIX kernel accomplishes the exchange of native form instructions using interrupt descriptor table 250 and idle loop 252. Interrupt descriptor table 250 receives requests for service from each of the guest OS's. At any given time it will return a positive service code to one of the guest OS's and it will return a negative service code to all the other guest OS's. The guest OS that receives back a positive return code will exchange instructions in native form with the CPU through idle loop 252. The other guest OS's, receiving back a negative return code from interrupt descriptor table 250 will be pre-empted and will remain running until they get back a positive return code.
  • Preferably, and as shown in the flow chart of FIGS. 5A to D, the interrupt descriptor table cycles through all the guest OS's over a cycle time period, so that each guest OS can exchange instructions with the CPU in sequence over the course of a single cycle. This is especially preferred in embodiments of the present invention having multiple terminals, so that different users at the different terminals under control of their respective guest OS's can work concurrently. Alternatively, the interrupt descriptor table could provide for other time division allocations between the various guest OS's. For example, a user could provide user input to switch between guest OS's. This form of time division allocation is preferred in single terminal, multiple operating system embodiments. There may be still other methods of time division allocation, such as random allocation (probably not preferred) or allocation based on detected activity levels at the various terminals.
  • Non-critical portion 215 b shows that the controller kernel may be extended beyond the bare functionality required to control the exchange of instructions between the guest OS's and the CPU. For example, a POSIX socket may be added to allow POSIX applications to run on the kernel itself. Although the kernel is called a kernel herein, it may be extended to the point where it can be considered as a host operating system, but according to the present invention, these extensions should not interfere (that is virtualize or emulate) instructions being exchanged through the kernel in native form between the guest OS(es) and the CPU.
  • FIGS. 5A to 5D show an embodiment of process flow for one cycle for the exchange of instructions in native form between guest OS's 220 and CPU 214 through a kernel including an interrupt descriptor table and an idle loop. The process includes: a first portion (steps S302, S304, S306, S308, S310, S312, S314, S316, S318); a second portion (steps S320, S322, S324, S326, S328, S330, S332, S334, S336); a third portion (steps S338, S340, S342, S344, S346, S348, S350, S352, S354); and a fourth portion (steps S356, S358, S360, S362, S364, S366, S368, S370, S372).
  • The cycle has four portions because four guest OS's (and no host OS's) are running—each portion allows the exchange of instructions between one of the four guest OS's and the CPU so that all four operating systems can run concurrently and so that multiple users can respectively use the multiple operating systems as if they had a dedicated computer instead of an ultra thin terminal.
  • Preferably, the entire cycle allows each OS to get a new video frame about every 30 microseconds (MS). In this way, each terminal display gets a about 30 frames per second (fps), which results in a smooth display. Above 30 frames per second, there is little, if any, improvement in the appearance of the video, but below 30 fps, the display can begin to appear choppy and/or aesthetically irritating. Because the cycle time, in this four portion embodiment is preferably about 30 MS to maintain a good 30 fps frame rate in the displays, this means that each cycle portion is about 30/4 MS, which equals about 8 MS. With current CPUs, 8 MS out of 30 MS is sufficient to handle most common applications that would be run at the various guest OS's, such as word processing, educational software, retail kiosk software, etc. As CPU's get faster over time, due to improvements such as multiple cores, it will become practical to have a greater number of guest operating systems on a single desktop computer—perhaps as many as 40 OS's or more.
  • FIG. 6 is a schematic of a second embodiment computer system 400 according to the present invention including: guest OS 402 a; guest OS 402 b; guest OS 402 c; guest OS 402 d; hardware control sub-modules 408; controller kernel 410; hard drive 414; hardware layer; and EEPROM 418. Hardware control sub-modules 408 include the following sub-modules: network interface card (NIC) 434; keyboard 436; mouse 438; audio 440; video 442, memory 444 and CPU 446. Controller kernel 410 includes the following portions: kernel process module 448; kernel entry module 450; idle loop 452; interrupt service code 454; and interrupt descriptor table 456. Hardware layer 416 includes the following portions: network interface card (NIC) 420; keyboard 422; mouse 424; audio 426; video 428, memory 430 and CPU 432.
  • As shown by the guest OS boxes 402, the operating systems are containerized. As shown schematically by arrow 404, the presentation layer in this embodiment is Windows. As shown schematically by arrow 406, there are OS containers and virtual drivers for NIC, audio and video. Additionally, there may be additional modules, such as video acceleration modules. The hardware control sub-modules 408 are direct access drivers and may additionally include other sub-modules, such as a video acceleration module. The EEPROM 418 is the normal location for BIOS, but in this embodiment of the present invention is loaded with the controller kernel 410 and X11. EEPROM 418 invokes the hard drive after the initial boot up. The control kernel is invoked from hard drive 414 during the original EEPROM 418 boot. At the NIC portion 420, it is noted that each card preferably has its own MAC address and own IP address.
  • FIGS. 7A and 7B, discussed above, show a more detailed embodiment of the process flow through an interrupt descriptor table and idle loop in a LINUX controller kernel according to the present invention. Figures &A and 7B include LINUX control kernel level steps 502; Head 1 steps 504 and Head 2 steps 506.
  • Definitions
  • The following definitions are provided to facilitate claim interpretation:
  • Present invention: means at least some embodiments of the present invention; references to various feature(s) of the “present invention” throughout this document do not mean that all claimed embodiments or methods include the referenced feature(s).
  • First, second, third, etc. (“ordinals”): Unless otherwise noted, ordinals only serve to distinguish or identify (e.g., various members of a group); the mere use of ordinals implies neither a consecutive numerical limit nor a serial limitation.
  • Receive/provide/send/input/output: unless otherwise explicitly specified, these words should not be taken to imply: (i) any particular degree of directness with respect to the relationship between their objects and subjects; and/or (ii) absence of intermediate components, actions and/or things interposed between their objects and subjects.
  • containerized: code portions running at least substantially independently of each other.
  • terminal/terminal hardware set: a set of computer peripheral hardware that includes at least one input device that can be used by a human user to input data and at least one output device that outputs data to a human user in human user readable form.
  • ultra thin terminal: any terminal or terminal hardware set that has substantially no memory; generally ultra thin terminals will have no more processing capability than the amount of processing capability needed to run a video display, but this is not necessarily required.
  • basic I/O operations: operations related to receiving input from or delivering output to a human user; basic I/O operations relate to control of I/O devices including, but not limited to keyboards, mice, visual displays and/or printers.
  • guest OS: a guest OS may be considered as a guest OS regardless of whether: (i) a host OS exists in the computer system; (ii) the existence or non-existence of other OS's on the system; and/or (iii) whether the guest OS is contained within one or more subsuming OS's.
  • security level: a level of privileges and permissions for accessing or exchanging instructions with processing hardware; for example, some types of processing hardware define security levels as Ring Zero (level of greatest permissions and privilege), Ring One, Ring Two, and so on; not all security levels may be used in a given computer system.
  • OS security level: any security level defined in a given system that is consistent with normal operations of a typical operating system running directly on the processing hardware (and not as a virtual machine); for example, for an Intel/Windows type of processing hardware Ring Zero, Ring One and perhaps Ring Two would be considered as “OS security levels,” but Ring Three and higher would not.
  • native form: a form of instructions that can be operatively received by and/or is output from processing hardware directly and without any sort of translation or modification to form by software running on the hardware; generally speaking, different processing hardware types are characterized by different native forms.
  • POSIX: includes, but is not limited to, LINUX.
  • processing hardware: typically takes the form of a central processing unit, but it is not necessarily so limited; processing hardware is not limited to any specific type and/or manufacturer (for examples, Intel/Windows, Apple, Sun, Motorola); processing hardware may include multiple cores, and different cores may or may not be allocated to different guest operating systems and/or groups of operating systems.
  • Computer system: any computer system without regard to: (i) whether the constituent elements of the system are located within proximity to each other; and/or (ii) whether the constituent elements are located in the same housing.
  • Exchange instructions: includes: (i) two way exchanges of instructions flowing in both directions between two elements; and/or (ii) one way transmission of instructions flowing in a single direction from one element to another.
  • Memory portion: any portion of a memory structure or structures, including, but not necessarily limited to, hard drive space, flash drive, jump drive, solid state memory, cache memory, DRAM, RAM and/or ROM; memory portions are not limited to: (i) portions with consecutive physical addresses; (ii) portions with consecutive logical address; (iii) portions located within a single piece of hardware; (iv) portions located so that the entire portion is in the same locational proximity; and/or (v) portions located entirely on a single piece of hardware (for example, in a single DRAM).
  • cycle: any process that returns to its beginning and then repeats itself at least once in the same sequence.
  • selectively allow: the selectivity may be implemented in many, various ways, such as regular cycling, user input directed, dynamically scheduled, random, etc.
  • pre-empt: includes, but is not limited to, delay, queue, interrupt, etc.
  • To the extent that the definitions provided above are consistent with ordinary, plain, and accustomed meanings (as generally shown by documents such as dictionaries and/or technical lexicons), the above definitions shall be considered supplemental in nature. To the extent that the definitions provided above are inconsistent with ordinary, plain, and accustomed meanings (as generally shown by documents such as dictionaries and/or technical lexicons), the above definitions shall control. If the definitions provided above are broader than the ordinary, plain, and accustomed meanings in some aspect, then the above definitions shall be considered to broaden the claim accordingly.
  • To the extent that a patentee may act as its own lexicographer under applicable law, it is hereby further directed that all words appearing in the claims section, except for the above-defined words, shall take on their ordinary, plain, and accustomed meanings (as generally shown by documents such as dictionaries and/or technical lexicons), and shall not be considered to be specially defined in this specification. In the situation where a word or term used in the claims has more than one alternative ordinary, plain and accustomed meaning, the broadest definition that is consistent with technological feasibility and not directly inconsistent with the specification shall control.
  • Unless otherwise explicitly provided in the claim language, steps in method steps or process claims need only be performed in the same time order as the order the steps are recited in the claim only to the extent that impossibility or extreme feasibility problems dictate that the recited step order (or portion of the recited step order) be used. This prohibition on inferring method step order merely from the order of step recitation in a claim applies even if the steps are labeled as (a), (b) and so on. This broad interpretation with respect to step order is to be used regardless of whether the alternative time ordering(s) of the claimed steps is particularly mentioned or discussed in this document.

Claims (46)

1. A computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first guest operating system;
a controller kernel running on the processing hardware, with the controller kernel being programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
2. The system of claim 1 wherein the controller kernel is programmed to allow the first guest operating system access to the processing hardware at the OS security level for basic I/O operations level.
3. The system of claim 2 further comprising a host operating system wherein:
the first guest operating system generates a plurality of first-guest-to-hardware instructions;
the processing hardware generates a plurality hardware-to-first-guest privileged instructions instructions;
the controller kernel is further programmed to selectively and temporarily pre-empt the first guest operating system by temporarily trapping at least some first-guest-to-hardware instructions and at least some hardware-to-first-guest privileged instructions;
the controller kernel is further programmed to deliver the trapped first-guest-to-hardware instructions to the processing hardware when the first guest operating system is no longer pre-empted; and
the controller kernel is further programmed to deliver the trapped hardware-to-first-guest instructions to the first guest operating system when the first guest operating system is no longer pre-empted.
4. The system of claim 3 wherein the controller kernel further comprises an interrupt descriptor table programmed to control the selective pre-emption of the first guest operating system.
5. The system of claim 4 wherein the kernel further comprises an idle loop that temporarily stores the trapped first-guest-to-hardware instructions and the trapped hardware-to-first-guest instructions during periods when the first guest operating system is pre-empted.
6. The system of claim 3 wherein the controller kernel is a POSIX kernel.
7. The system of claim 6 wherein the controller kernel is a LINUX kernel.
8. The system of claim 13 wherein the controller kernel comprises:
a modified interrupt service code;
an idle loop programmed to temporarily store the instructions that are exchanged between the first guest operating system and the processing hardware; and
a modified interrupt descriptor table.
9. The system of claim 1 further comprising a second guest operating system wherein:
the controller kernel is further programmed to allow the second guest operating system access to the processing hardware at the OS security level; and
the first guest operating system and the second guest operating system are containerized with respect to each other.
10. The system of claim 1 wherein:
the processing hardware defines a native form for instructions that the processing hardware receives from and sends to operating systems; and
the controller kernel is programmed so that the instructions communicated through the controller kernel between the first guest operating system and the processing hardware remain in the native form.
11. A computer comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first memory portion programmed with a first guest operating system;
a controller memory portion programmed with a controller kernel running on the processing hardware, with the controller kernel being programmed to allow the first guest operating system exchange instructions with the processing hardware through the controller kernel at the OS security level.
12. A method comprising the steps of:
providing a computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level,
a first guest operating system, and
a controller kernel;
running the controller kernel on the processing hardware;
exchanging instructions through the controller kernel between the first guest operating system and the processing hardware at the OS security level.
13. A computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first guest operating system;
a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other; and
a controller kernel running on the processing hardware, with the controller kernel being programmed to perform cycles including at least:
a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and
a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
14. The system of claim 13 further comprising a third guest operating system, with the first guest operating system, the second guest operating system and the third guest operating system being containerized with respect to each other, wherein the cycles performed by the controller kernel further include at least a third cycle portion when the third guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
15. The system of claim 14 further comprising a fourth guest operating system, with the first guest operating system, the second guest operating system, the third guest operating system and the fourth being containerized with respect to each other, wherein the cycles performed by the controller kernel further include at least a fourth cycle portion when the fourth guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
16. The system of claim 13 wherein the OS security level is Ring Zero and/or Ring One.
17. The system of claim 13 further comprising:
a first terminal controlled by the first guest operating system; and
a second terminal controlled by the second guest operating system.
18. The system of claim 13 wherein:
the processing hardware defines a native form for instructions that the processing hardware receives from and sends to operating systems;
the controller kernel is programmed so that the instructions communicated through the controller kernel between the first guest operating system and the processing hardware remain in the native form; and
the controller kernel is programmed so that the instructions communicated through the controller kernel between the second guest operating system and the processing hardware remain in the native form.
19. The system of claim 13 wherein:
the controller kernel is programmed so that the instructions exchanged through the controller kernel between the first guest operating system and the processing hardware comprise instructions for basic I/O operations; and
the controller kernel is programmed so that the instructions exchanged through the controller kernel between the second guest operating system and the processing hardware comprise instructions for basic I/O operations.
20. The system of claim 19 wherein the controller kernel is programmed to:
during at least the first portion of the cycle, pre-empt the second guest operating system; and
during at least the second portion of the cycle, pre-empt the first guest operating system.
21. The system of claim 20 wherein the controller kernel further comprises an interrupt descriptor table programmed to control the selective pre-emption of the first guest operating system and the second guest operating system.
22. The system of claim 21 wherein the kernel further comprises an idle loop that temporarily stores instructions to and/or from the first guest operating system and the second guest operating system while they are respectively pre-empted.
23. The system of claim 19 wherein the controller kernel is a POSIX kernel.
24. The system of claim 23 wherein the first guest operating system is a Windows type operating system.
25. The system of claim 24 further comprises a POSIX application program, wherein:
the processing hardware defines a native form for instructions that the processing hardware receives from and sends to operating systems;
the instructions exchanged through the controller kernel between the first guest operating system and the processing hardware comprise native form video frame data;
the controller kernel comprises a socket programmed to run the POSIX application program;
the running of the POSIX application program generates POSIX application display data; and
the processing hardware incorporates the POSIX application display data into the native form video frame data.
26. The system of claim 25 wherein:
the controller kernel is a LINUX kernel; and
the POSIX application program is a LINUX application program.
27. The system of claim 13 wherein the controller kernel comprises:
a modified interrupt service code;
an idle loop; and
a modified interrupt descriptor table.
28. A computer comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first memory portion programmed with a first guest operating system;
a second memory portion programmed with a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other; and
a controller memory portion programmed with a controller kernel running on the processing hardware, with the controller kernel being programmed to perform cycles including at least:
a first cycle portion when the first guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel, and
a second cycle portion when the second guest operating system exchanges instructions with the processing hardware at the OS security level through the controller kernel.
29. A method comprising the following steps:
providing a computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level,
a first guest operating system,
a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other, and
a controller kernel;
running cycles by the controller kernel, with each cycle including the following sub-steps:
during a first cycle portion, exchanging instructions between the first guest operating system and the processing hardware at the OS security level through the controller kernel, and
during a second cycle portion, exchanging instructions between the second guest operating system and the processing hardware at the OS security level through the controller kernel.
30. A computer system comprising:
processing hardware;
a first guest operating system;
a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other;
a controller kernel programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware;
a first terminal hardware set controlled by the first guest operating system, with the first terminal hardware set in the form of an ultra thin terminal; and
a second terminal hardware set controlled by the second guest operating system, with the second terminal hardware set in the form of an ultra thin terminal.
31. The system of claim 30 further comprising:
a third guest operating system, with the first guest operating system, the second guest operating system and the third guest operating system being containerized with respect to each other; and
a third terminal hardware set controlled by the third guest operating system, with the third terminal hardware set in the form of an ultra thin terminal; and
wherein the controller kernel further being programmed to control access by the third guest operating system to the processing hardware.
32. The system of claim 31 further comprising:
a fourth guest operating system, with the first guest operating system, the second guest operating system, the third guest operating system and the fourth guest operating system being containerized with respect to each other; and
a fourth terminal hardware set controlled by the fourth guest operating system, with the fourth terminal hardware set in the form of an ultra thin terminal; and
wherein the controller kernel further being programmed to control access by the fourth guest operating system to the processing hardware.
33. The system of claim 30 wherein:
the processing hardware defines a native form for instructions that the processing hardware receives from and sends to operating systems;
the controller kernel is programmed so that the instructions communicated between the first guest operating system and the processing hardware remain in the native form; and
the controller kernel is programmed so that the instructions communicated between the second guest operating system and the processing hardware remain in the native form.
34. The system of claim 30 wherein:
the first terminal hardware set comprises a first keyboard, a first mouse and a first visual display; and
the second terminal hardware set comprises a second keyboard, a second mouse and a second visual display.
35. The system of claim 30 wherein the controller kernel is a POSIX kernel.
36. The system of claim 35 wherein the first guest operating system is a Windows type operating system.
37. The system of claim 35 wherein the controller kernel is a LINUX kernel.
38. The system of claim 30 wherein the controller kernel comprises:
a modified interrupt service code;
an idle loop; and
a modified interrupt descriptor table.
39. A computer comprising:
processing hardware;
a first memory portion programmed with a first guest operating system;
a second memory portion programmed with a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other;
a controller memory portion programmed with a controller kernel programmed to control the exchange of instructions between the first guest operating system and the processing hardware and the exchange of instructions between the second operating systems and the processing hardware;
a first terminal hardware set controlled by the first guest operating system, with the first terminal hardware set in the form of an ultra thin terminal; and
a second terminal hardware set controlled by the second guest operating system, with the second terminal hardware set in the form of an ultra thin terminal.
40. A method comprising the following steps:
(a) providing a computer system comprising:
processing hardware,
a first guest operating system,
a second guest operating system, with the first guest operating system and the second guest operating system being containerized with respect to each other;
a controller kernel,
a first terminal hardware set in the form of an ultra thin terminal, and
a second terminal hardware set in the form of an ultra thin terminal;
(b) controlling, by the controller kernel, an exchange of instructions between the first guest operating system and the processing hardware;
(c) controlling, by the first guest operating system, the first terminal hardware set based on the exchange of instructions occurring at step (b);
(d) controlling, by the controller kernel, an exchange of instructions between the second guest operating system and the processing hardware; and
(e) controlling, by the second guest operating system, the second terminal hardware set based on the exchange of instructions occurring at step (d).
41. A computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first guest operating system;
a second guest operating system;
a controller kernel running on the processing hardware, with the controller kernel being programmed to:
selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and
selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
42. The system of claim 41 wherein the controller kernel being programmed to:
dynamically schedule the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and
dynamically schedule the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
43. The system of claim 41 wherein the controller kernel being programmed to:
selectively allow based on user input the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and
selectively allow based on user input the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
44. The system of claim 41 wherein the controller kernel comprises:
a modified interrupt service code;
an idle loop; and
a modified interrupt descriptor table.
45. A computer comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level;
a first memory portion programmed with a first guest operating system;
a second memory portion programmed with a second guest operating system;
a controller memory portion programmed with a controller kernel running on the processing hardware, with the controller kernel being programmed to:
selectively allow the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running, and
selectively allow the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel while pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
46. A method comprising the steps of:
(a) providing a computer system comprising:
processing hardware that defines an OS security level and at least a first additional security level above the OS security level,
a first guest operating system,
a second guest operating system, and
a controller kernel running on the processing hardware;
(b) selectively allowing the first guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel;
(c) during step (b), pre-empting the second guest operating system in a manner that allows the second guest operating system to continue running;
(d) selectively allowing the second guest operating system to have access to the processing hardware at the OS security level under control of the controller kernel; and
(e) during step (d), pre-empting the first guest operating system in a manner that allows the first guest operating system to continue running.
US12/234,131 2007-09-20 2008-09-19 Computer system Abandoned US20090083829A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/234,131 US20090083829A1 (en) 2007-09-20 2008-09-19 Computer system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US97392307P 2007-09-20 2007-09-20
US12/234,131 US20090083829A1 (en) 2007-09-20 2008-09-19 Computer system

Publications (1)

Publication Number Publication Date
US20090083829A1 true US20090083829A1 (en) 2009-03-26

Family

ID=40468785

Family Applications (3)

Application Number Title Priority Date Filing Date
US12/234,223 Expired - Fee Related US7882274B2 (en) 2007-09-20 2008-09-19 Computer system with multiple terminals
US12/234,158 Abandoned US20090083630A1 (en) 2007-09-20 2008-09-19 Computer system with tunneling
US12/234,131 Abandoned US20090083829A1 (en) 2007-09-20 2008-09-19 Computer system

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US12/234,223 Expired - Fee Related US7882274B2 (en) 2007-09-20 2008-09-19 Computer system with multiple terminals
US12/234,158 Abandoned US20090083630A1 (en) 2007-09-20 2008-09-19 Computer system with tunneling

Country Status (3)

Country Link
US (3) US7882274B2 (en)
CA (4) CA2699562A1 (en)
WO (3) WO2009039376A2 (en)

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090083450A1 (en) * 2007-09-20 2009-03-26 C & S Operations, Inc. Computer system with multiple terminals
US20100115532A1 (en) * 2008-11-05 2010-05-06 C&S Operations, Inc. Computer System with Controller Kernel and Remote Desktop
US20110099590A1 (en) * 2009-10-26 2011-04-28 Lg Electronics Inc. Digital broadcasting system and method of processing data in digital broadcasting system
US8010993B1 (en) * 2010-07-14 2011-08-30 Domanicom Corp. Devices, systems, and methods for enabling reconfiguration of services supported by a network of devices
US20120084798A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Cross-environment redirection
US20120084481A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Auto-waking of a suspended os in a dockable system
US20120086716A1 (en) * 2010-10-01 2012-04-12 Imerj LLC User interaction across cross-environment applications through an extended graphics context
US20120086717A1 (en) * 2010-10-01 2012-04-12 Imerj LLC Instant remote rendering
US20120166585A1 (en) * 2010-12-23 2012-06-28 Electronics And Telecommunications Research Institute Apparatus and method for accelerating virtual desktop
WO2013090202A1 (en) * 2011-12-14 2013-06-20 Intel Corporation Virtualizing interrupt prioritization and delivery
US8726294B2 (en) 2010-10-01 2014-05-13 Z124 Cross-environment communication using application space API
US8761831B2 (en) 2010-10-15 2014-06-24 Z124 Mirrored remote peripheral interface
US8819705B2 (en) 2010-10-01 2014-08-26 Z124 User interaction support across cross-environment applications
US8842080B2 (en) 2010-10-01 2014-09-23 Z124 User interface with screen spanning icon morphing
US8868135B2 (en) 2011-09-27 2014-10-21 Z124 Orientation arbitration
US8966379B2 (en) 2010-10-01 2015-02-24 Z124 Dynamic cross-environment application configuration/orientation in an active user environment
US20150067035A1 (en) * 2009-04-15 2015-03-05 Roshan Sullad Method and apparatus for extending capabilities of a virtualization domain to support features available in a normal desktop application
US20160117183A1 (en) * 2012-09-12 2016-04-28 Freescale Semiconductor, Inc. System-on-chip device, method of peripheral access and integrated circuit
US9578113B2 (en) 2009-04-15 2017-02-21 Wyse Technology L.L.C. Method and apparatus for transferring remote session data
US9690719B2 (en) 2014-09-11 2017-06-27 Nxp Usa, Inc. Mechanism for managing access to at least one shared integrated peripheral of a processing unit and a method of operating thereof
US9781120B2 (en) 2013-07-18 2017-10-03 Nxp Usa, Inc. System on chip and method therefor
US9904802B2 (en) 2012-11-23 2018-02-27 Nxp Usa, Inc. System on chip
US10216529B1 (en) * 2015-11-19 2019-02-26 Virtuozzo International Gmbh Method and system for sharing driver pages
US10244056B2 (en) 2009-04-15 2019-03-26 Wyse Technology L.L.C. Method and apparatus for transferring remote session data
US20190212776A1 (en) * 2018-01-10 2019-07-11 Samsung Electronics Co., Ltd. Electronic apparatus and control method thereof
US10713181B1 (en) * 2019-02-21 2020-07-14 Virtuozzo International Gmbh Method and system for sharing driver pages

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7356539B2 (en) 2005-04-04 2008-04-08 Research In Motion Limited Policy proxy
US11287939B2 (en) 2008-10-09 2022-03-29 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
AU2009222627B2 (en) 2008-10-09 2011-07-21 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
US11385758B2 (en) 2008-10-09 2022-07-12 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
US20100100718A1 (en) * 2008-10-20 2010-04-22 Novell, Inc. In-the-flow security services for guested virtual machines
WO2010048759A1 (en) * 2008-10-31 2010-05-06 Zhang Weiming “one host with multiple workstations” computer system, its configuring method and usb hub box
KR101532587B1 (en) * 2009-05-13 2015-07-01 삼성전자주식회사 Method for transferring data between a car and portable terminal, and interface device thereof
US9372711B2 (en) 2009-07-20 2016-06-21 Google Technology Holdings LLC System and method for initiating a multi-environment operating system
US9389877B2 (en) 2009-07-20 2016-07-12 Google Technology Holdings LLC Multi-environment operating system
US9367331B2 (en) 2009-07-20 2016-06-14 Google Technology Holdings LLC Multi-environment operating system
US9348633B2 (en) 2009-07-20 2016-05-24 Google Technology Holdings LLC Multi-environment operating system
US9280362B2 (en) * 2009-11-15 2016-03-08 Hewlett-Packard Development Company, L.P. System and apparatus for sharing a host computer
US9104252B2 (en) * 2010-02-12 2015-08-11 Microsoft Technology Licensing, Llc Assignment of control of peripherals of a computing device
US9355282B2 (en) * 2010-03-24 2016-05-31 Red Hat, Inc. Using multiple display servers to protect data
US8819792B2 (en) 2010-04-29 2014-08-26 Blackberry Limited Assignment and distribution of access credentials to mobile communication devices
JP2012084747A (en) * 2010-10-13 2012-04-26 National Institute Of Advanced Industrial & Technology Crystal silicon solar cell manufacturing method
AU2011202837B2 (en) * 2010-12-21 2013-08-22 Lg Electronics Inc. Mobile terminal and method of controlling a mode switching therein
US8856950B2 (en) * 2010-12-21 2014-10-07 Lg Electronics Inc. Mobile terminal and method of managing information therein including first operating system acting in first mode and second operating system acting in second mode
US9354900B2 (en) 2011-04-28 2016-05-31 Google Technology Holdings LLC Method and apparatus for presenting a window in a system having two operating system environments
US8924986B2 (en) 2011-09-01 2014-12-30 American Megatrends, Inc. Methods, devices and computer program products for confluence of multiple operating systems
US20130298140A1 (en) * 2012-05-02 2013-11-07 Motorola Mobility, Inc. Method and Apparatus for Displaying Data from a Plurality of Concurrent Operating System Environments
US9417753B2 (en) 2012-05-02 2016-08-16 Google Technology Holdings LLC Method and apparatus for providing contextual information between operating system environments
US9342325B2 (en) 2012-05-17 2016-05-17 Google Technology Holdings LLC Synchronizing launch-configuration information between first and second application environments that are operable on a multi-modal device
US9378038B2 (en) 2013-06-07 2016-06-28 American Megatrends, Inc. Methods, devices and computer readable storage devices for emulating a gyroscope in a guest operating system from a host operating system
US9858097B2 (en) 2013-06-07 2018-01-02 American Megatrends, Inc. Methods, devices and computer readable storage devices for emulating rotation events in a guest operating system from a host operating system
US9934168B2 (en) 2013-10-29 2018-04-03 Userful Corporation Method and system of connecting and switching grouped input and output devices between computers
US9430182B2 (en) 2014-03-06 2016-08-30 American Megatrends, Inc. Methods, systems and computer readable storage devices for presenting screen content
KR102273021B1 (en) * 2015-02-27 2021-07-06 삼성전자주식회사 Method and apparatus for communicating with a peripheral device by operating a plurality of operating system
CN106203082A (en) * 2016-06-29 2016-12-07 上海交通大学 The system and method efficiently isolating kernel module based on virtualization hardware characteristic
WO2023280691A1 (en) * 2021-07-06 2023-01-12 Sony Group Corporation A virtual server, medical system, computer program and method

Citations (69)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4155119A (en) * 1977-09-21 1979-05-15 Sperry Rand Corporation Method for providing virtual addressing for externally specified addressed input/output operations
US5038281A (en) * 1986-09-19 1991-08-06 International Business Machines Corporation Acceleration of system interrupts between operating systems in guest-host relationship
US5410709A (en) * 1992-12-17 1995-04-25 Bull Hn Information System Inc. Mechanism for rerouting and dispatching interrupts in a hybrid system environment
US5694150A (en) * 1995-09-21 1997-12-02 Elo Touchsystems, Inc. Multiuser/multi pointing device graphical user interface system
US5903752A (en) * 1994-10-13 1999-05-11 Intel Corporation Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system
US6247109B1 (en) * 1998-06-10 2001-06-12 Compaq Computer Corp. Dynamically assigning CPUs to different partitions each having an operation system instance in a shared memory space
US6269409B1 (en) * 1997-09-02 2001-07-31 Lsi Logic Corporation Method and apparatus for concurrent execution of operating systems
US20010016879A1 (en) * 1997-09-12 2001-08-23 Hitachi, Ltd. Multi OS configuration method and computer system
US6448956B1 (en) * 1997-10-31 2002-09-10 Eastman Kodak Company Systems and methods for direct image manipulation
US6493008B1 (en) * 1999-02-19 2002-12-10 Canon Kabushiki Kaisha Multi-screen display system and method
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US20030014476A1 (en) * 2001-01-03 2003-01-16 Peterson David Allen Thin client computer operating system
US20030018892A1 (en) * 2001-07-19 2003-01-23 Jose Tello Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
US20030110173A1 (en) * 2001-12-11 2003-06-12 Sun Microsystems, Inc. Methods and apparatus for managing multiple user systems
US20030115443A1 (en) * 2001-12-18 2003-06-19 Cepulis Darren J. Multi-O/S system and pre-O/S boot technique for partitioning resources and loading multiple operating systems thereon
US6597383B1 (en) * 1997-08-25 2003-07-22 International Business Machines Corporation Pointing apparatus and a pointing method
US20030151885A1 (en) * 2002-02-13 2003-08-14 Ben Chang Control system for peripheral devices of a high-density server
US20030221087A1 (en) * 2002-03-20 2003-11-27 Seiko Epson Corporation Information processing system
US20040002052A1 (en) * 2001-10-23 2004-01-01 Hendry Lawrence B. Systems and methods for rapid evaluation and design of molecules for predicted biological activity
US6684343B1 (en) * 2000-04-29 2004-01-27 Hewlett-Packard Development Company, Lp. Managing operations of a computer system having a plurality of partitions
US20040073912A1 (en) * 2000-10-27 2004-04-15 Meza Joseph R. Automatic embedded host configuration system and method
US6738028B2 (en) * 2000-12-14 2004-05-18 Matsushita Electric Industrial Co., Ltd. Multi-display system and cursor controlling method therefor
US6802010B1 (en) * 1999-03-26 2004-10-05 Samsung Electronics Co., Ltd. Multiple user computer system and method for remote control thereof
US20040226041A1 (en) * 2000-02-18 2004-11-11 Xsides Corporation System and method for parallel data display of multiple executing environments
US20050120160A1 (en) * 2003-08-20 2005-06-02 Jerry Plouffe System and method for managing virtual servers
US20050177700A1 (en) * 2004-02-10 2005-08-11 Samsung Electronics Co., Ltd. System for providing multiple window environments in a mobile computing system and method thereof
US20050198578A1 (en) * 2004-01-15 2005-09-08 Maneesh Agrawala System and process for controlling a shared display given inputs from multiple users using multiple input modalities
US6957435B2 (en) * 2001-04-19 2005-10-18 International Business Machines Corporation Method and apparatus for allocating processor resources in a logically partitioned computer system
US6968343B2 (en) * 2000-09-01 2005-11-22 Borland Software Corporation Methods and systems for integrating process modeling and project planning
US20060004944A1 (en) * 2004-06-30 2006-01-05 Mona Vij Memory isolation and virtualization among virtual machines
US20060005190A1 (en) * 2004-06-30 2006-01-05 Microsoft Corporation Systems and methods for implementing an operating system in a virtual machine environment
US20060010314A1 (en) * 2004-07-07 2006-01-12 Yongyong Xu Methods and systems for running multiple operating systems in a single mobile device
US6993620B2 (en) * 2003-06-13 2006-01-31 Hewlett-Packard Development Company, L.P. User resource sharing through the USB interface
US20060053215A1 (en) * 2004-09-07 2006-03-09 Metamachinix, Inc. Systems and methods for providing users with access to computer resources
US20060069828A1 (en) * 2004-06-30 2006-03-30 Goldsmith Michael A Sharing a physical device among multiple clients
US20060065492A1 (en) * 2004-09-27 2006-03-30 Victor Trifu Display systems and methods having individually addressable monitor units
US20060080514A1 (en) * 2004-10-08 2006-04-13 International Business Machines Corporation Managing shared memory
US7030836B2 (en) * 2002-10-22 2006-04-18 Thinsoft, Inc. System and method for configuring a multi-user computer system
US7035963B2 (en) * 2000-12-27 2006-04-25 Intel Corporation Method for resolving address space conflicts between a virtual machine monitor and a guest operating system
US20060112394A1 (en) * 2004-11-24 2006-05-25 Matsushita Electric Industrial Co., Ltd. Computer system
US20060136913A1 (en) * 2004-12-09 2006-06-22 International Business Machines Corporation Method, system and computer program product for an automatic resource management of a virtual machine
US20060206904A1 (en) * 2005-03-11 2006-09-14 Microsoft Corporation Systems and methods for supporting device access from multiple operating systems
US7111145B1 (en) * 2003-03-25 2006-09-19 Vmware, Inc. TLB miss fault handler and method for accessing multiple page tables
US20060218309A1 (en) * 2005-03-24 2006-09-28 Jenn-Shoou Young Device for upgrading a firmware of a display apparatus
US20060214873A1 (en) * 2005-03-24 2006-09-28 Samsung Electronics Co., Ltd. Multi-display driving circuit and method of driving display panels
US7117481B1 (en) * 2002-11-06 2006-10-03 Vmware, Inc. Composite lock for computer systems with multiple domains
US20060229935A1 (en) * 2002-02-13 2006-10-12 Al Subbloie System for managing services and service provider agreements
US7124327B2 (en) * 2002-06-29 2006-10-17 Intel Corporation Control over faults occurring during the operation of guest software in the virtual-machine architecture
US20060267857A1 (en) * 2004-11-19 2006-11-30 Userful Corporation Method of operating multiple input and output devices through a single computer
US7158140B1 (en) * 1999-03-15 2007-01-02 Ati International Srl Method and apparatus for rendering an image in a video graphics adapter
US7161557B2 (en) * 2002-04-08 2007-01-09 Clearcube Technology, Inc. Selectively updating a display in a multi-display system
US20070028082A1 (en) * 2005-07-26 2007-02-01 Che-Liang Lien Method for booting computer multimedia system with high speed data storage
US20070035470A1 (en) * 2005-08-05 2007-02-15 Samsung Electronics Co., Ltd. Apparatus for providing multiple screens and method of dynamically configuring multiple screens
US20070043928A1 (en) * 2005-08-19 2007-02-22 Kiran Panesar Method and system for device address translation for virtualization
US20070057953A1 (en) * 2005-09-15 2007-03-15 Microsoft Corporation Providing 3D graphics across partitions of computing device
US20070067500A1 (en) * 2005-09-22 2007-03-22 Reyes Eduardo L Method and apparatus for centralization configuration of data processing systems
US20070078891A1 (en) * 2003-09-30 2007-04-05 Eric Lescouet Operating systems
US7209994B1 (en) * 2004-05-11 2007-04-24 Advanced Micro Devices, Inc. Processor that maintains virtual interrupt state and injects virtual interrupts into virtual machine guests
US20070097130A1 (en) * 2005-11-01 2007-05-03 Digital Display Innovations, Llc Multi-user terminal services accelerator
US20070136721A1 (en) * 2005-12-12 2007-06-14 Andrew Dunshea Sharing a kernel of an operating system among logical partitions
US20070174414A1 (en) * 2004-02-23 2007-07-26 Ncomputing Co., Ltd. Network terminal operated by downloadable operating system and operating method thereof
US20070174410A1 (en) * 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and systems for incorporating remote windows from disparate remote desktop environments into a local desktop environment
US20070204265A1 (en) * 2006-02-28 2007-08-30 Microsoft Corporation Migrating a virtual machine that owns a resource such as a hardware device
US20080077917A1 (en) * 2006-09-25 2008-03-27 Jun Chen Virtual machine system and a method for sharing a graphics card amongst virtual machines
US20080092145A1 (en) * 2006-03-16 2008-04-17 Jun Sun Secure operating system switching
US20080168479A1 (en) * 2007-01-05 2008-07-10 Thomas Joseph Purtell Bypass Virtualization
US7457878B1 (en) * 2004-11-04 2008-11-25 Sun Microsystems, Inc. Low-latency ultra-thin-client infrastructure
US7831926B2 (en) * 2000-06-12 2010-11-09 Softview Llc Scalable display of internet content on mobile devices
US7930454B2 (en) * 2005-04-08 2011-04-19 Achim Rausenberger Thin-client terminal and client/server-system having such a terminal

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5432900A (en) * 1992-06-19 1995-07-11 Intel Corporation Integrated graphics and video computer display system
IL123186A0 (en) 1998-02-04 1998-09-24 Haviv Uri Network computer
EP1162536A1 (en) * 2000-06-09 2001-12-12 Hitachi, Ltd. Multiple operating system control method
EP1467282B1 (en) 2003-04-09 2008-10-01 Jaluna SA Operating systems
JP4137757B2 (en) * 2003-10-01 2008-08-20 株式会社日立製作所 Network converter and information processing system
KR100636177B1 (en) * 2004-09-20 2006-10-19 삼성전자주식회사 Method and system for managing output of policy based extensible markup language document
EP1732271B1 (en) * 2005-06-10 2012-02-01 ParTec Cluster Competence Center GmbH Data communication system and method with virtual ports
US8479146B2 (en) * 2005-09-23 2013-07-02 Clearcube Technology, Inc. Utility computing system having co-located computer systems for provision of computing resources
WO2007062254A2 (en) * 2005-11-28 2007-05-31 Commvault Systems, Inc. Systems and methods for data management
US7725305B2 (en) * 2006-06-08 2010-05-25 Microsoft Corporation Partial virtualization on computing device
US20080046724A1 (en) * 2006-07-25 2008-02-21 General Dynamics C4 System, Inc. Method for governing interaction between code within a code base
US7786996B2 (en) * 2006-10-24 2010-08-31 Sony Corporation System and method for object oriented hardware including cross-point switch interconnecting modules with I/O
US7882274B2 (en) * 2007-09-20 2011-02-01 Virtual Desktop Technologies, Inc. Computer system with multiple terminals
US8370856B2 (en) * 2008-11-05 2013-02-05 Fh Innovations, Ltd Computer system with controller kernel and remote desktop

Patent Citations (73)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4155119A (en) * 1977-09-21 1979-05-15 Sperry Rand Corporation Method for providing virtual addressing for externally specified addressed input/output operations
US5038281A (en) * 1986-09-19 1991-08-06 International Business Machines Corporation Acceleration of system interrupts between operating systems in guest-host relationship
US5410709A (en) * 1992-12-17 1995-04-25 Bull Hn Information System Inc. Mechanism for rerouting and dispatching interrupts in a hybrid system environment
US5903752A (en) * 1994-10-13 1999-05-11 Intel Corporation Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system
US5694150A (en) * 1995-09-21 1997-12-02 Elo Touchsystems, Inc. Multiuser/multi pointing device graphical user interface system
US6597383B1 (en) * 1997-08-25 2003-07-22 International Business Machines Corporation Pointing apparatus and a pointing method
US6269409B1 (en) * 1997-09-02 2001-07-31 Lsi Logic Corporation Method and apparatus for concurrent execution of operating systems
US20010016879A1 (en) * 1997-09-12 2001-08-23 Hitachi, Ltd. Multi OS configuration method and computer system
US6448956B1 (en) * 1997-10-31 2002-09-10 Eastman Kodak Company Systems and methods for direct image manipulation
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US6247109B1 (en) * 1998-06-10 2001-06-12 Compaq Computer Corp. Dynamically assigning CPUs to different partitions each having an operation system instance in a shared memory space
US6493008B1 (en) * 1999-02-19 2002-12-10 Canon Kabushiki Kaisha Multi-screen display system and method
US7158140B1 (en) * 1999-03-15 2007-01-02 Ati International Srl Method and apparatus for rendering an image in a video graphics adapter
US6802010B1 (en) * 1999-03-26 2004-10-05 Samsung Electronics Co., Ltd. Multiple user computer system and method for remote control thereof
US20040226041A1 (en) * 2000-02-18 2004-11-11 Xsides Corporation System and method for parallel data display of multiple executing environments
US6684343B1 (en) * 2000-04-29 2004-01-27 Hewlett-Packard Development Company, Lp. Managing operations of a computer system having a plurality of partitions
US20040107383A1 (en) * 2000-04-29 2004-06-03 Bouchier Paul H. Service processor with algorithms for supporting a multi partition computer
US7831926B2 (en) * 2000-06-12 2010-11-09 Softview Llc Scalable display of internet content on mobile devices
US7844889B2 (en) * 2000-06-12 2010-11-30 Softview Llc Resolution independent display of internet content
US6968343B2 (en) * 2000-09-01 2005-11-22 Borland Software Corporation Methods and systems for integrating process modeling and project planning
US20040073912A1 (en) * 2000-10-27 2004-04-15 Meza Joseph R. Automatic embedded host configuration system and method
US6738028B2 (en) * 2000-12-14 2004-05-18 Matsushita Electric Industrial Co., Ltd. Multi-display system and cursor controlling method therefor
US7035963B2 (en) * 2000-12-27 2006-04-25 Intel Corporation Method for resolving address space conflicts between a virtual machine monitor and a guest operating system
US20030014476A1 (en) * 2001-01-03 2003-01-16 Peterson David Allen Thin client computer operating system
US6957435B2 (en) * 2001-04-19 2005-10-18 International Business Machines Corporation Method and apparatus for allocating processor resources in a logically partitioned computer system
US20030018892A1 (en) * 2001-07-19 2003-01-23 Jose Tello Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
US20040002052A1 (en) * 2001-10-23 2004-01-01 Hendry Lawrence B. Systems and methods for rapid evaluation and design of molecules for predicted biological activity
US20030110173A1 (en) * 2001-12-11 2003-06-12 Sun Microsystems, Inc. Methods and apparatus for managing multiple user systems
US20030115443A1 (en) * 2001-12-18 2003-06-19 Cepulis Darren J. Multi-O/S system and pre-O/S boot technique for partitioning resources and loading multiple operating systems thereon
US20060229935A1 (en) * 2002-02-13 2006-10-12 Al Subbloie System for managing services and service provider agreements
US20030151885A1 (en) * 2002-02-13 2003-08-14 Ben Chang Control system for peripheral devices of a high-density server
US20030221087A1 (en) * 2002-03-20 2003-11-27 Seiko Epson Corporation Information processing system
US7161557B2 (en) * 2002-04-08 2007-01-09 Clearcube Technology, Inc. Selectively updating a display in a multi-display system
US7124327B2 (en) * 2002-06-29 2006-10-17 Intel Corporation Control over faults occurring during the operation of guest software in the virtual-machine architecture
US7030836B2 (en) * 2002-10-22 2006-04-18 Thinsoft, Inc. System and method for configuring a multi-user computer system
US7117481B1 (en) * 2002-11-06 2006-10-03 Vmware, Inc. Composite lock for computer systems with multiple domains
US7111145B1 (en) * 2003-03-25 2006-09-19 Vmware, Inc. TLB miss fault handler and method for accessing multiple page tables
US6993620B2 (en) * 2003-06-13 2006-01-31 Hewlett-Packard Development Company, L.P. User resource sharing through the USB interface
US20050120160A1 (en) * 2003-08-20 2005-06-02 Jerry Plouffe System and method for managing virtual servers
US20070078891A1 (en) * 2003-09-30 2007-04-05 Eric Lescouet Operating systems
US20050198578A1 (en) * 2004-01-15 2005-09-08 Maneesh Agrawala System and process for controlling a shared display given inputs from multiple users using multiple input modalities
US20050177700A1 (en) * 2004-02-10 2005-08-11 Samsung Electronics Co., Ltd. System for providing multiple window environments in a mobile computing system and method thereof
US20070174414A1 (en) * 2004-02-23 2007-07-26 Ncomputing Co., Ltd. Network terminal operated by downloadable operating system and operating method thereof
US7209994B1 (en) * 2004-05-11 2007-04-24 Advanced Micro Devices, Inc. Processor that maintains virtual interrupt state and injects virtual interrupts into virtual machine guests
US20060069828A1 (en) * 2004-06-30 2006-03-30 Goldsmith Michael A Sharing a physical device among multiple clients
US20060005190A1 (en) * 2004-06-30 2006-01-05 Microsoft Corporation Systems and methods for implementing an operating system in a virtual machine environment
US20060004944A1 (en) * 2004-06-30 2006-01-05 Mona Vij Memory isolation and virtualization among virtual machines
US20060010314A1 (en) * 2004-07-07 2006-01-12 Yongyong Xu Methods and systems for running multiple operating systems in a single mobile device
US20060053215A1 (en) * 2004-09-07 2006-03-09 Metamachinix, Inc. Systems and methods for providing users with access to computer resources
US20060065492A1 (en) * 2004-09-27 2006-03-30 Victor Trifu Display systems and methods having individually addressable monitor units
US20060080514A1 (en) * 2004-10-08 2006-04-13 International Business Machines Corporation Managing shared memory
US7457878B1 (en) * 2004-11-04 2008-11-25 Sun Microsystems, Inc. Low-latency ultra-thin-client infrastructure
US20060267857A1 (en) * 2004-11-19 2006-11-30 Userful Corporation Method of operating multiple input and output devices through a single computer
US20060112394A1 (en) * 2004-11-24 2006-05-25 Matsushita Electric Industrial Co., Ltd. Computer system
US20060136913A1 (en) * 2004-12-09 2006-06-22 International Business Machines Corporation Method, system and computer program product for an automatic resource management of a virtual machine
US20060206904A1 (en) * 2005-03-11 2006-09-14 Microsoft Corporation Systems and methods for supporting device access from multiple operating systems
US20060218309A1 (en) * 2005-03-24 2006-09-28 Jenn-Shoou Young Device for upgrading a firmware of a display apparatus
US20060214873A1 (en) * 2005-03-24 2006-09-28 Samsung Electronics Co., Ltd. Multi-display driving circuit and method of driving display panels
US7930454B2 (en) * 2005-04-08 2011-04-19 Achim Rausenberger Thin-client terminal and client/server-system having such a terminal
US20070028082A1 (en) * 2005-07-26 2007-02-01 Che-Liang Lien Method for booting computer multimedia system with high speed data storage
US20070035470A1 (en) * 2005-08-05 2007-02-15 Samsung Electronics Co., Ltd. Apparatus for providing multiple screens and method of dynamically configuring multiple screens
US20070043928A1 (en) * 2005-08-19 2007-02-22 Kiran Panesar Method and system for device address translation for virtualization
US20070057953A1 (en) * 2005-09-15 2007-03-15 Microsoft Corporation Providing 3D graphics across partitions of computing device
US20070067500A1 (en) * 2005-09-22 2007-03-22 Reyes Eduardo L Method and apparatus for centralization configuration of data processing systems
US20070097130A1 (en) * 2005-11-01 2007-05-03 Digital Display Innovations, Llc Multi-user terminal services accelerator
US20070136721A1 (en) * 2005-12-12 2007-06-14 Andrew Dunshea Sharing a kernel of an operating system among logical partitions
US20070171921A1 (en) * 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and systems for interacting, via a hypermedium page, with a virtual machine executing in a terminal services session
US20070174410A1 (en) * 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and systems for incorporating remote windows from disparate remote desktop environments into a local desktop environment
US8010679B2 (en) * 2006-01-24 2011-08-30 Citrix Systems, Inc. Methods and systems for providing access to a computing environment provided by a virtual machine executing in a hypervisor executing in a terminal services session
US20070204265A1 (en) * 2006-02-28 2007-08-30 Microsoft Corporation Migrating a virtual machine that owns a resource such as a hardware device
US20080092145A1 (en) * 2006-03-16 2008-04-17 Jun Sun Secure operating system switching
US20080077917A1 (en) * 2006-09-25 2008-03-27 Jun Chen Virtual machine system and a method for sharing a graphics card amongst virtual machines
US20080168479A1 (en) * 2007-01-05 2008-07-10 Thomas Joseph Purtell Bypass Virtualization

Cited By (64)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090083450A1 (en) * 2007-09-20 2009-03-26 C & S Operations, Inc. Computer system with multiple terminals
US7882274B2 (en) * 2007-09-20 2011-02-01 Virtual Desktop Technologies, Inc. Computer system with multiple terminals
US20100115532A1 (en) * 2008-11-05 2010-05-06 C&S Operations, Inc. Computer System with Controller Kernel and Remote Desktop
US20100115125A1 (en) * 2008-11-05 2010-05-06 C&S Operations, Inc. Computer System with True Video Signals
US8370856B2 (en) 2008-11-05 2013-02-05 Fh Innovations, Ltd Computer system with controller kernel and remote desktop
US8375138B2 (en) 2008-11-05 2013-02-12 Fh Innovations, Ltd Computer system with true video signals
US10244056B2 (en) 2009-04-15 2019-03-26 Wyse Technology L.L.C. Method and apparatus for transferring remote session data
US9578113B2 (en) 2009-04-15 2017-02-21 Wyse Technology L.L.C. Method and apparatus for transferring remote session data
US9553953B2 (en) * 2009-04-15 2017-01-24 Dell Products L.P. Method and apparatus for extending capabilities of a virtualization domain to support features available in a normal desktop application
US20150067035A1 (en) * 2009-04-15 2015-03-05 Roshan Sullad Method and apparatus for extending capabilities of a virtualization domain to support features available in a normal desktop application
US8250612B2 (en) * 2009-10-26 2012-08-21 Lg Electronics Inc. Digital broadcasting system and method of processing data in digital broadcasting system
US20110099590A1 (en) * 2009-10-26 2011-04-28 Lg Electronics Inc. Digital broadcasting system and method of processing data in digital broadcasting system
US8010993B1 (en) * 2010-07-14 2011-08-30 Domanicom Corp. Devices, systems, and methods for enabling reconfiguration of services supported by a network of devices
US8966379B2 (en) 2010-10-01 2015-02-24 Z124 Dynamic cross-environment application configuration/orientation in an active user environment
US20120081380A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Cross-environment user interface mirroring
US20120084798A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Cross-environment redirection
US20120086716A1 (en) * 2010-10-01 2012-04-12 Imerj LLC User interaction across cross-environment applications through an extended graphics context
US20120081354A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Extended graphics context with divided compositing
US20120084480A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Auto-configuration of a docked system in a multi-os environment
US9727205B2 (en) 2010-10-01 2017-08-08 Z124 User interface with screen spanning icon morphing
US8683496B2 (en) * 2010-10-01 2014-03-25 Z124 Cross-environment redirection
US8726294B2 (en) 2010-10-01 2014-05-13 Z124 Cross-environment communication using application space API
US9678810B2 (en) 2010-10-01 2017-06-13 Z124 Multi-operating system
US8819705B2 (en) 2010-10-01 2014-08-26 Z124 User interaction support across cross-environment applications
US8842080B2 (en) 2010-10-01 2014-09-23 Z124 User interface with screen spanning icon morphing
US20120081383A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Cross-environment user interface mirroring using remote rendering
US8898443B2 (en) 2010-10-01 2014-11-25 Z124 Multi-operating system
US20120086717A1 (en) * 2010-10-01 2012-04-12 Imerj LLC Instant remote rendering
US8933949B2 (en) * 2010-10-01 2015-01-13 Z124 User interaction across cross-environment applications through an extended graphics context
US8957905B2 (en) * 2010-10-01 2015-02-17 Z124 Cross-environment user interface mirroring
US8963939B2 (en) * 2010-10-01 2015-02-24 Z124 Extended graphics context with divided compositing
US20120081353A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Application mirroring using multiple graphics contexts
US20120084481A1 (en) * 2010-10-01 2012-04-05 Imerj LLC Auto-waking of a suspended os in a dockable system
US9405444B2 (en) 2010-10-01 2016-08-02 Z124 User interface with independent drawer control
US9026709B2 (en) * 2010-10-01 2015-05-05 Z124 Auto-waking of a suspended OS in a dockable system
US9047102B2 (en) * 2010-10-01 2015-06-02 Z124 Instant remote rendering
US9049213B2 (en) * 2010-10-01 2015-06-02 Z124 Cross-environment user interface mirroring using remote rendering
US9060006B2 (en) * 2010-10-01 2015-06-16 Z124 Application mirroring using multiple graphics contexts
US9063798B2 (en) 2010-10-01 2015-06-23 Z124 Cross-environment communication using application space API
US9071625B2 (en) 2010-10-01 2015-06-30 Z124 Cross-environment event notification
US9077731B2 (en) 2010-10-01 2015-07-07 Z124 Extended graphics context with common compositing
US9098437B2 (en) 2010-10-01 2015-08-04 Z124 Cross-environment communication framework
US9317457B2 (en) * 2010-10-01 2016-04-19 Z124 Auto-waking of a suspended OS in a dockable system
US9160796B2 (en) 2010-10-01 2015-10-13 Z124 Cross-environment application compatibility for single mobile computing device
US9152582B2 (en) * 2010-10-01 2015-10-06 Z124 Auto-configuration of a docked system in a multi-OS environment
US8761831B2 (en) 2010-10-15 2014-06-24 Z124 Mirrored remote peripheral interface
US20120166585A1 (en) * 2010-12-23 2012-06-28 Electronics And Telecommunications Research Institute Apparatus and method for accelerating virtual desktop
US9128659B2 (en) 2011-09-27 2015-09-08 Z124 Dual display cursive touch input
US9128660B2 (en) 2011-09-27 2015-09-08 Z124 Dual display pinyin touch input
US9104366B2 (en) 2011-09-27 2015-08-11 Z124 Separation of screen usage for complex language input
US9152179B2 (en) 2011-09-27 2015-10-06 Z124 Portrait dual display and landscape dual display
US8996073B2 (en) 2011-09-27 2015-03-31 Z124 Orientation arbitration
US8868135B2 (en) 2011-09-27 2014-10-21 Z124 Orientation arbitration
WO2013090202A1 (en) * 2011-12-14 2013-06-20 Intel Corporation Virtualizing interrupt prioritization and delivery
US8910158B2 (en) 2011-12-14 2014-12-09 Intel Corporation Virtualizing interrupt priority and delivery
US20160117183A1 (en) * 2012-09-12 2016-04-28 Freescale Semiconductor, Inc. System-on-chip device, method of peripheral access and integrated circuit
US9740518B2 (en) * 2012-09-12 2017-08-22 Nxp Usa, Inc. Conflict detection circuit for resolving access conflict to peripheral device by multiple virtual machines
US9904802B2 (en) 2012-11-23 2018-02-27 Nxp Usa, Inc. System on chip
US9781120B2 (en) 2013-07-18 2017-10-03 Nxp Usa, Inc. System on chip and method therefor
US9690719B2 (en) 2014-09-11 2017-06-27 Nxp Usa, Inc. Mechanism for managing access to at least one shared integrated peripheral of a processing unit and a method of operating thereof
US10216529B1 (en) * 2015-11-19 2019-02-26 Virtuozzo International Gmbh Method and system for sharing driver pages
US20190212776A1 (en) * 2018-01-10 2019-07-11 Samsung Electronics Co., Ltd. Electronic apparatus and control method thereof
US10948945B2 (en) * 2018-01-10 2021-03-16 Samsung Electronics Co., Ltd. Electronic apparatus with multiple operating systems and control method thereof
US10713181B1 (en) * 2019-02-21 2020-07-14 Virtuozzo International Gmbh Method and system for sharing driver pages

Also Published As

Publication number Publication date
CA2699564A1 (en) 2009-03-26
WO2009039375A3 (en) 2009-07-02
WO2009039375A2 (en) 2009-03-26
CA2849484A1 (en) 2009-03-26
CA2699564C (en) 2014-07-08
CA2699562A1 (en) 2009-03-26
CA2699565A1 (en) 2009-03-26
WO2009039376A3 (en) 2009-05-22
WO2009039376A2 (en) 2009-03-26
US7882274B2 (en) 2011-02-01
WO2009039384A2 (en) 2009-03-26
US20090083450A1 (en) 2009-03-26
WO2009039384A3 (en) 2009-05-14
US20090083630A1 (en) 2009-03-26
CA2699565C (en) 2014-07-15

Similar Documents

Publication Publication Date Title
US20090083829A1 (en) Computer system
US10691363B2 (en) Virtual machine trigger
JP6329484B2 (en) Deliver a single end-user experience from multiple servers to clients
US8271976B2 (en) Systems and methods for initializing multiple virtual processors within a single virtual machine
JP5042848B2 (en) System and method for depriving components of virtual machine monitor
US20180157519A1 (en) Consolidation of idle virtual machines
US7260702B2 (en) Systems and methods for running a legacy 32-bit x86 virtual machine on a 64-bit x86 processor
US20120054740A1 (en) Techniques For Selectively Enabling Or Disabling Virtual Devices In Virtual Environments
US20050216920A1 (en) Use of a virtual machine to emulate a hardware device
Perez et al. Virtualization and hardware-based security
Armand et al. A practical look at micro-kernels and virtual machine monitors
US9959842B2 (en) On-screen display at thin client
US10564918B2 (en) Techniques of remotely providing user input to thin client
Srinivasan et al. A split driver approach to soc virtualization-challenges and opportunities
Nider A comparison of virtualization technologies for use in cloud data centers
Lei et al. VMM-based real-time embedded system
Lee et al. F-VT: A Friendly Virtualization Framework
US20190012128A1 (en) Multi-monitor alignment on a thin client

Legal Events

Date Code Title Description
AS Assignment

Owner name: C&S OPERATIONS, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PETERSON, DAVID A;REEL/FRAME:021562/0624

Effective date: 20080919

AS Assignment

Owner name: VIRTUAL DESKTOP TECHNOLOGIES, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:C&S OPERATIONS, INC.;REEL/FRAME:023190/0545

Effective date: 20090901

AS Assignment

Owner name: FH INNOVATIONS, LTD, ONTARIO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VIRTUAL DESKTOP TECHNOLOGIES, INC.;REEL/FRAME:028299/0984

Effective date: 20120522

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE