CN102103674A - Equipment control method and computer - Google Patents
Equipment control method and computer Download PDFInfo
- Publication number
- CN102103674A CN102103674A CN2009102428889A CN200910242888A CN102103674A CN 102103674 A CN102103674 A CN 102103674A CN 2009102428889 A CN2009102428889 A CN 2009102428889A CN 200910242888 A CN200910242888 A CN 200910242888A CN 102103674 A CN102103674 A CN 102103674A
- Authority
- CN
- China
- Prior art keywords
- interface
- input
- bios
- modeled
- usb
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides an equipment control method and a computer. The method comprises the following steps of: when an operating system is detected to access equipment with an interface of a first type, stopping the operating system in accessing a controller with the interface of the first type by using a virtual machine manager. In the scheme provided by the invention, the virtual machine manager stops the operating system in accessing the controller with the interface of the first type, so the interface of the first type is disabled and potential safety hazards are avoided.
Description
Technical field
The present invention relates to computer realm, be meant the control method and the computing machine of the equipment of the computing machine under a kind of virtual machine environment especially.
Background technology
The computing machine of virtual machine is installed, and the security of its use receives publicity.Generally, in the computing machine use, USB (Universal Serial Bus, USB (universal serial bus)) equipment is the equipment that often uses, but USB device has insecurity, especially uses USB device under virtual machine architecture.
As shown in Figure 1, be the virtual machine architecture synoptic diagram, the USB device of inserting on the hardware device, in by client operating system (Guest OS) or master operating system (Host OS) use, can there be potential safety hazard, therefore, need control the USB interface of computer that virtual machine is installed;
In the prior art, filtration drive in client operating system or master operating system adding USB device, different USB device is filtered, do certain security like this, but insecurity exists too, can pass through to revise filtration drive, thereby can realize removing the forbidding of USB device, like this, still dangerous.
The inventor is realizing process of the present invention, finds that there are the following problems in the prior art:
In the prior art, in virtual machine environment,, still there is potential safety hazard to the prohibited method of USB device.
Summary of the invention
The technical problem to be solved in the present invention provides the control method and the computing machine of equipment under the higher virtual machine environment of a kind of security.
For solving the problems of the technologies described above, embodiments of the invention provide a kind of control method of equipment, comprising:
When detecting the equipment of operating system and conduct interviews, stop of the visit of this operating system to the controller of described first kind interface by virtual machine manager to first kind interface.
Wherein, also comprise after stoping of the visit of this operating system by virtual machine manager the controller of described first kind interface:
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
Wherein, described input-output apparatus with the first kind interface step that is modeled to the input-output apparatus of second style interface comprises:
The intact state of BIOS initialization when the recovering state of the controller of described first kind interface is described os starting;
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface by BIOS.
Wherein, described first kind interface is: USB interface, and described input equipment is: the mouse of USB interface and/or keyboard;
Describedly become the step of the input equipment of second style interface to be specially the input device simulation of first kind interface by BIOS:
By BIOS the mouse of USB interface is modeled to the mouse of PS/2 interface, and/or
The keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
Wherein, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Describedly the step that the output device of first kind interface is modeled to the output device of second style interface is specially by BIOS:
The display simulates of USB interface is become the display of digital visual interface DVI interface or show the display of drawing array VGA interface by BIOS.
Embodiments of the invention also provide a kind of computing machine, comprising:
Hardware device has first kind interface;
Virtual machine manager operates on the described hardware device;
At least two operating systems operate on the described virtual machine manager;
Described virtual machine manager comprises:
Control module is used for stoping the visit of this operating system to the controller of described first kind interface when detecting the equipment of operating system to first kind interface and conduct interviews.
Wherein, described virtual machine manager also comprises:
Analogue unit is used for the input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
Wherein, described analogue unit comprises:
Recovery unit, the intact state of BIOS initialization when being used for recovering state with the controller of described first kind interface and being described os starting;
The analog submodule unit is used for by described BIOS the input-output apparatus of first kind interface being modeled to the input-output apparatus of second style interface.
Wherein, described first kind interface is: USB interface, and described input equipment is: the mouse of USB interface and/or keyboard;
Described analog submodule unit is modeled to the mouse of PS/2 interface by BIOS with the mouse of USB interface, and/or the keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
Wherein, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Described analog submodule unit becomes the display of digital visual interface DVI interface by BIOS with the display simulates of USB interface or shows the display of drawing array VGA interface.
The beneficial effect of technique scheme of the present invention is as follows:
In the such scheme, stop the visit of operating system, make this first kind interface disabled, can not produce potential safety hazard the controller of first kind interface by virtual machine manager.
Description of drawings
Fig. 1 is the virtual machine architecture synoptic diagram;
Fig. 2 is the structural representation of computing machine of the present invention.
Embodiment
For making the technical problem to be solved in the present invention, technical scheme and advantage clearer, be described in detail below in conjunction with the accompanying drawings and the specific embodiments.
The present invention is directed in the prior art, still there is the problem of security in the USB device prohibited method of computing machine under the virtual machine environment, and a kind of control method and computing machine of equipment is provided, wherein,
The control method of equipment comprises:
When detecting the equipment of operating system and conduct interviews, stop of the visit of this operating system to the controller of described first kind interface by virtual machine manager to first kind interface.
Wherein, the meeting that this first kind interface is a computing machine produces the interface of safety problem, and as the plug and play interface, this embodiment stops the visit of operating system to the controller of first kind interface by virtual machine manager, make this first kind interface disabled, can not produce potential safety hazard.
In the above-described embodiments, after first kind interface is disabled, then all have the equipment of first kind interface all can be disabled, like this, when the user need use certain equipment of this first kind interface, especially use input-output apparatus,, may make troubles to the user as keyboard, mouse, touch pad, handwriting pad or display etc.;
Therefore, on the basis of the foregoing description, in the control method of this equipment, also comprise after stoping of the visit of this operating system by virtual machine manager the controller of described first kind interface:
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
Specifically, described input-output apparatus with the first kind interface step that is modeled to the input-output apparatus of second style interface comprises:
The intact state of BIOS initialization when the recovering state of the controller of described first kind interface is described os starting;
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface by BIOS.
Certainly, also can the input-output apparatus of first kind interface be modeled to the input-output apparatus of second style interface by special simulation softward; Perhaps use EFI (Extensible Firmware Interface, Extensible Firmware Interface) input-output apparatus of first kind interface to be modeled to the input-output apparatus of second style interface; Wherein, EFI is the upgrading scheme of BIOS.
Preferably, in the foregoing description, described first kind interface is: USB interface, and described input equipment comprises: the mouse of USB interface and/or keyboard;
Describedly become the step of the input equipment of second style interface to be specially the input device simulation of first kind interface by BIOS:
By BIOS the mouse of USB interface is modeled to the mouse of PS/2 interface, and/or
The keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
Like this, when stoping operating system to the USB controller access by virtual machine manager, can realize the use of mouse and keyboard by the PS/2 interface, promptly guaranteed under the virtual machine environment, avoid the potential safety hazard of using USB device to bring, can not influence the use of user again input equipment;
The input equipment here can also be the input equipment of the handwriting pad of USB interface or touch pad and so on, handwriting pad and touch pad can USB interface be modeled to the interface of the safety that operating system can visit by BIOS or EFI too, so that still can be used.
Certainly, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Describedly the step that the output device of first kind interface is modeled to the output device of second style interface is specially by BIOS:
The display simulates of USB interface is become the display of digital visual interface DVI interface or show the display of drawing array VGA interface by BIOS.
Equally, when stoping operating system to the USB controller access by virtual machine manager, can realize the use of display by DVI interface or VGA interface, promptly guaranteed under the virtual machine environment, avoid the potential safety hazard of using USB device to bring, can not influence the use of user again output device.
Above-mentioned input equipment comprises: keyboard and/or mouse, but be not limited to keyboard and/or mouse; Equally, above-mentioned output device comprises: display, but be not limited to display;
In addition, above-mentioned first kind interface is except can be for the USB interface, can also be for as PCI (Peripheral Component Interconnect, peripheral component interconnection) serial ports, the implementation method of its implementation such as above-mentioned USB interface is identical, if promptly the PCI serial ports is forbidden by virtual machine manager, so, equally also some equipment (as not producing the equipment of potential safety hazard) of PCI serial ports can be modeled to the serial equipment that can be operated system's visit, promptly be modeled to the equipment of second style interface, and the equipment of this second style interface can not produce safety problem yet when being operated system's visit.
Embodiments of the invention are prevented OS visit USB controller by virtual machine manager, keep USB to be the intact state of BIOS initialization, and become PS/2 equipment with keyboard by the mouse of BIOS simulation USB.OS can't visit USB device like this, but OS can pass through PS port access USB mouse and keyboard, is solving the safety issue while that USB device is brought, and the mouse-keyboard that solves USB can use.
As shown in Figure 2, embodiments of the invention also provide a kind of computing machine, comprising:
Hardware device has first kind interface;
Virtual machine manager operates on the described hardware device;
At least two operating systems operate on the described virtual machine manager;
Described virtual machine manager comprises:
Control module is used for stoping the visit of this operating system to the controller of described first kind interface when detecting the equipment of operating system to first kind interface and conduct interviews.
Wherein, the meeting that this first kind interface is a computing machine produces the interface of safety problem, as the plug and play interface, this embodiment is by the control module in the virtual machine manager, stop the visit of operating system to the controller of first kind interface, make this first kind interface disabled, can not produce potential safety hazard.
In the above-described embodiments, after first kind interface is disabled, then all have the equipment of first kind interface all can be disabled, like this, when the user need use certain equipment of this first kind interface, especially use input-output apparatus, as keyboard, mouse or display etc., may make troubles to the user, therefore, on the basis of the foregoing description, this virtual machine manager also comprises:
Analogue unit, be used for when described control module stops this operating system to the visit of the controller of described first kind interface, the input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
Specifically, described analogue unit comprises:
Recovery unit, the intact state of BIOS initialization when being used for recovering state with the controller of described first kind interface and being described os starting;
The analog submodule unit is used for by described BIOS the input-output apparatus of first kind interface being modeled to the input-output apparatus of second style interface; Certainly, also can the input-output apparatus of first kind interface be modeled to the input-output apparatus of second style interface by special simulation softward; Perhaps the input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface by EFI.
Wherein, described first kind interface is: USB interface, and described input equipment is: the mouse of USB interface and/or keyboard;
Described analog submodule unit is modeled to the mouse of PS/2 interface by BIOS with the mouse of USB interface, and/or the keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
Like this, when stoping operating system to the USB controller access by virtual machine manager, can realize the use of mouse and keyboard by the PS/2 interface, promptly guaranteed under the virtual machine environment, avoid the potential safety hazard of using USB device to bring, can not influence the use of user again input equipment.
The input equipment here can also be the input equipment of the handwriting pad of USB interface or touch pad and so on, handwriting pad and touch pad can USB interface be modeled to the interface of the safety that operating system can visit by BIOS or EFI too, so that still can be used.
Wherein, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Described analog submodule unit becomes the display of digital visual interface DVI interface by BIOS with the display simulates of USB interface or shows the display of drawing array VGA interface.
Equally, when stoping operating system to the USB controller access by virtual machine manager, can realize the use of display by DVI interface or VGA interface, promptly guaranteed under the virtual machine environment, avoid the potential safety hazard of using USB device to bring, can not influence the use of user again output device.
Above-mentioned input equipment comprises: keyboard and/or mouse, but be not limited to keyboard and/or mouse; Equally, above-mentioned output device comprises: display, but be not limited to display;
In addition, above-mentioned first kind interface is except can be for the USB interface, can also be for as the PCI serial ports, the implementation method of its implementation such as above-mentioned USB interface is identical, if promptly the PCI serial ports is forbidden by virtual machine manager, so, equally also some equipment (as not producing the equipment of potential safety hazard) of PCI serial ports can be modeled to the serial equipment that can be operated system's visit, promptly be modeled to the equipment of second style interface, and the equipment of this second style interface can not produce safety problem yet when being operated system's visit.
The above is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from principle of the present invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (10)
1. the control method of an equipment is characterized in that, comprising:
When detecting the equipment of operating system and conduct interviews, stop of the visit of this operating system to the controller of described first kind interface by virtual machine manager to first kind interface.
2. the control method of equipment according to claim 1 is characterized in that, also comprises after stoping the visit of this operating system to the controller of described first kind interface by virtual machine manager:
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
3. the control method of equipment according to claim 2 is characterized in that, the step that described input-output apparatus with first kind interface is modeled to the input-output apparatus of second style interface comprises:
The intact state of BIOS initialization when the recovering state of the controller of described first kind interface is described os starting;
The input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface by BIOS.
4. the control method of equipment according to claim 3 is characterized in that, described first kind interface is: USB interface, and described input equipment is: the mouse of USB interface and/or keyboard;
Describedly become the step of the input equipment of second style interface to be specially the input device simulation of first kind interface by BIOS:
By BIOS the mouse of USB interface is modeled to the mouse of PS/2 interface, and/or
The keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
5. the control method of equipment according to claim 3 is characterized in that, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Describedly the step that the output device of first kind interface is modeled to the output device of second style interface is specially by BIOS:
The display simulates of USB interface is become the display of digital visual interface DVI interface or show the display of drawing array VGA interface by BIOS.
6. computing machine comprises:
Hardware device has first kind interface;
Virtual machine manager operates on the described hardware device;
At least two operating systems operate on the described virtual machine manager; It is characterized in that described virtual machine manager comprises:
Control module is used for stoping the visit of this operating system to the controller of described first kind interface when detecting the equipment of operating system to first kind interface and conduct interviews.
7. computing machine according to claim 6 is characterized in that, described virtual machine manager also comprises:
Analogue unit is used for the input-output apparatus of first kind interface is modeled to the input-output apparatus of second style interface, and described second style interface is can be by the interface of described operating system access.
8. computing machine according to claim 7 is characterized in that, described analogue unit comprises:
Recovery unit, the intact state of BIOS initialization when being used for recovering state with the controller of described first kind interface and being described os starting;
The analog submodule unit is used for by described BIOS the input-output apparatus of first kind interface being modeled to the input-output apparatus of second style interface.
9. computing machine according to claim 8 is characterized in that, described first kind interface is: USB interface, and described input equipment is: the mouse of USB interface and/or keyboard;
Described analog submodule unit is modeled to the mouse of PS/2 interface by BIOS with the mouse of USB interface, and/or the keyboard of USB interface is modeled to the keyboard of PS/2 interface by BIOS.
10. computing machine according to claim 8 is characterized in that, described first kind interface is: USB interface, and described output device is: the display of USB interface;
Described analog submodule unit becomes the display of digital visual interface DVI interface by BIOS with the display simulates of USB interface or shows the display of drawing array VGA interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910242888.9A CN102103674B (en) | 2009-12-18 | The control method of equipment and computer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910242888.9A CN102103674B (en) | 2009-12-18 | The control method of equipment and computer |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102103674A true CN102103674A (en) | 2011-06-22 |
| CN102103674B CN102103674B (en) | 2016-12-14 |
Family
ID=
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103778088A (en) * | 2012-10-23 | 2014-05-07 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN105335661A (en) * | 2015-09-25 | 2016-02-17 | 北京北信源软件股份有限公司 | USB device monitoring method and device based on USB interface granularity |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1949177A (en) * | 2005-10-11 | 2007-04-18 | 联想(北京)有限公司 | Virtual machine system and method of dynamically distributing UPNP equipment |
| US20070168585A1 (en) * | 2003-04-29 | 2007-07-19 | Bolen Austin P | Method and System for Remote Access to Keyboard Control in Legacy USB Mode |
| CN101004767A (en) * | 2006-01-19 | 2007-07-25 | 联想(北京)有限公司 | Control method for accessing computer system and I/0 ports |
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070168585A1 (en) * | 2003-04-29 | 2007-07-19 | Bolen Austin P | Method and System for Remote Access to Keyboard Control in Legacy USB Mode |
| CN1949177A (en) * | 2005-10-11 | 2007-04-18 | 联想(北京)有限公司 | Virtual machine system and method of dynamically distributing UPNP equipment |
| CN101004767A (en) * | 2006-01-19 | 2007-07-25 | 联想(北京)有限公司 | Control method for accessing computer system and I/0 ports |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103778088A (en) * | 2012-10-23 | 2014-05-07 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN103778088B (en) * | 2012-10-23 | 2017-05-24 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN105335661A (en) * | 2015-09-25 | 2016-02-17 | 北京北信源软件股份有限公司 | USB device monitoring method and device based on USB interface granularity |
| CN105335661B (en) * | 2015-09-25 | 2018-04-03 | 北京北信源软件股份有限公司 | USB device monitoring method and device based on USB interface granularity |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE102014118223A1 (en) | Multi-touch authentication by local device | |
| US20160224493A1 (en) | Universal serial bus (usb) kvm switch using virtual usb for switching among multiple hosts | |
| US20110016253A1 (en) | Auto-function USB port | |
| CN206348723U (en) | A kind of multi-screen desktop computer | |
| CN102195966A (en) | Method for implementing and application of a secure processor stick | |
| US20190012005A1 (en) | Method and device for asynchronous touch and asynchronous display on dual-screen and computer readable storage medium | |
| CN102664873A (en) | Method for realization of KVM-OVER-IP of domestic Loongson CPU server with BMC | |
| CN111742315A (en) | Safety red-black air gap portable computer | |
| CN101996090B (en) | Method for reconfiguring equipment under virtual machine | |
| US10157074B2 (en) | Systems and methods for multi-root input/output virtualization-based management by single service processor | |
| US9547557B2 (en) | Peripheral bus error containment and recovery | |
| US8826435B1 (en) | Apparatus and methods for protecting removable storage devices from malware infection | |
| CN206178579U (en) | VPX computer motherboard based on explain 411 majestic treaters and shen wei nest plate | |
| CN102314574A (en) | HID (human interface device)-based method for setting access rights of host machine | |
| CN102103674A (en) | Equipment control method and computer | |
| US9367399B2 (en) | Graphics processing subsystem and method for recovering a video basic input/output system | |
| CN104932908B (en) | Brush machine method and system | |
| CN104035844A (en) | Fault testing method and electronic device | |
| Carvalho et al. | PCI express hotplug implementation for ATCA based instrumentation | |
| CN102103674B (en) | The control method of equipment and computer | |
| CA2989064A1 (en) | Intermediate module for controlling communication between a data processing device and a peripheral device | |
| CN206224300U (en) | A kind of LRM main processing blocks based on COM Express | |
| TWI441026B (en) | Electronic device and method of setting removal policy of usb device | |
| CN211928568U (en) | OPS tail board for realizing one-key recovery system function | |
| CN201255875Y (en) | External connected touch screen for USB interface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |