CN102520944B - Method for realizing virtualization of Windows application program - Google Patents
Method for realizing virtualization of Windows application program Download PDFInfo
- Publication number
- CN102520944B CN102520944B CN201110402069.3A CN201110402069A CN102520944B CN 102520944 B CN102520944 B CN 102520944B CN 201110402069 A CN201110402069 A CN 201110402069A CN 102520944 B CN102520944 B CN 102520944B
- Authority
- CN
- China
- Prior art keywords
- space
- registration table
- file
- privately owned
- path
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention provides a method for realizing the virtualization of a Windows application program. The method comprises the following steps of: according to configuration files, intercepting a first system call which is related to a system registry and is called by the application program during the process of running, rewriting the intercepted first system call, and fusing a private registry with the system registry by using the rewritten system call so as to form a virtual registry; and according to the configuration files, intercepting a second system call which is related to the operation of a file and is called by the application program during the process of running, acquiring the space where the file belongs, returning path information which is applicable to the operation type for operating the file according to the path mapping relation among system space, software space and user space, and then, operating the file according to the path information. According to the technical scheme of the invention, the degree of coupling between the application program and an operating system is lowered, and the interference among application programs run in the same operating system is lowered.
Description
Technical field
The present invention relates to Intel Virtualization Technology, relate in particular to the virtualized implementation method of a kind of window application.
Background technology
Thin client technology is that application program is operated on back-end server, and by network, its demonstration information is outputed in remote client, accept the input request that remote client sends simultaneously, thereby reach the targets such as resources centralized management, maintenance cost reduction, service quality raising.Along with the development of cloud computing, software served (Software as a Service) and allowed user to operate the application program operating on server by remote client access.Therefrom can find, people more pay close attention to the service that application program provides, instead of what operating system is this application program operate in, where this application program is moved, how operating system supports its operation etc.Application program Intel Virtualization Technology is that application program is isolated from underlying operating system, and keeps apart with other application programs, thereby reduces the degree of coupling between application program and operating system, reduces the technology of the interference between application program.By application program Intel Virtualization Technology, can in same operating system, move independently multiple application programs.
At present, the method for setting up virtual execution environment for application program mainly comprises following several:
(1) adopting virtual machine technique is that application program is set up virtual execution environment
Virtual machine technique is between soft and hardware, to introduce virtual level, can provide independently running environment for application program, dynamic, distributivity and the isomerism of shielding hardware platform, sharing with multiplexing of support hardware resource, and for providing, each user belongs to the computing environment that individual is independent, isolate, the centralized management of hardware resource and software resource is provided for keeper meanwhile.Virtual machine technique makes can move multiple operating system in same computer resource simultaneously.Multiple users can, by network entry in corresponding operating system, move independently application program.Thereby the operation that virtual machine is application program provides the running environment of mutual isolation.
(2) be that application program is set up virtual execution environment by file system isolation technology
Outstanding road (Jails) is by mark off execution environment Jail in origin operation system, and for program operation provides " root " directory pattern of Unix system, limits application is the resource in addressable Jail only.The bound IP address of each Jail.Process in Jail cannot with Jail outside process communication mutual.This system realizes prototype in the kernel of FreeBSD, can be considered a lightweight virtual machine.
Safe operation environment (SEE) adopts direct isolation (One-Way Isolation) mechanism to realize the execution environment of a safety.SEE is by realizing an off-limit file system, make the application program moved in execution environment to the performance constraint of file system in the file system isolating.The resource of the application program of moving in SEE in can read operation system, but any retouching operation is limited in SEE.SEE is by safeguarding a revised file mapping table, facilitate user to check the amendment of making in SEE.SEE can carry out rollback, submit operation to the amendment made therein.SEE system realizes in linux system.
Equally, health is executed (Consh) provides the transparent access of remote resource and local resource, for a limited execution environment has been set up in network calculations processing, in fact in the client layer of present linux system.Another kind of execution environment A Erka (Alcatraz) is by the position of the operation of intercepting and capturing application modification file, redirection file and is program maintenance file modification view, make calling program to the change control of system in a CACHE DIRECTORY, effect after insincere program is carried out and original system isolation, in fact, on present linux system, intercept and capture file operation at Virtual File System VFS (Virtual File System) layer.Advanced deployment system PDS (Progressive Deployment System) is a virtual execution environment designing for convenience of the deployment of application program, realizes the download as required of the software resource in application program operational process by the system call of relevant document operation and registry operations in intercepting and capturing application program operational process.
(3) be that application program is set up virtual execution environment by the mode of configuration file
Patron saint (Janus), by monitoring and limit the system call of auxiliary routine, operates in auxiliary routine in a comparatively safe execution environment.It is according to following hypothesis, if suitably limit the access of an application program to underlying operating system resource, this application program is very little to the harm meeting of system so.
Due to each application requirement difference, designing a restriction scheme that is applicable to common application program used is the thing of a challenge.The isolation features that configurable carton and crate MAPBox not only provides Janus etc. to have, and be configurable.MAPBox sorts out application program by the function of application program and for completing the needed resource of this function, then builds the sandbox of initialization respective classes according to the category attribute of application program.This somewhat similar multifunctional electronic mail extension type (MIME-types), is used for the form of flag data file.In fact on present linux system.
System call is followed the tracks of (Systrace) and is produced corresponding system call strategy by the system call of accessing in analysis application operational process, and according to the operation of this policy constraints application program.Application program in Systrace does not need to be run at franchise state, and can be according to tactful automatic lifting authority.Tactful generation is divided into two stages by Systrace, i.e. training stage and user's operational phase.In the training stage, the system call information in logging program operational process.After program executes, use this recorded information of tool analysis, automatically produce system call strategy.In user's operational phase, for uncertain strategy, with user interactions, determine corresponding system call strategy according to user's selection.In fact on present linux system.
(4) set up virtual execution environment by application program isolation technology
Beans-beanpod (Pea-Pod) provides a kind of insincere isolation and migration mechanism of leaving over program.Privileged program in Pea is limited in moving in fraction system resource, thereby can prevent the invasion of privileged program.Pod by batch processing and user isolation in a virtual environment.Pod provides a kind of and restarts mechanism from checkpoint, facilitates the migration of program.Pod isolates those application components communicating by file system or internet.Pea isolates those and carries out mutual application component by inter-process communication mechanisms.In fact on present linux system.
Plumage amount virtual machine FVM (Feather-weight Virtual Machine) provides so a kind of mechanism, and reality is isolated again.FVM is the lightweight virtual machine for an operating system grade of Windows program structure.FVM is mutual isolation the fully share operating system resource of energy that has realized the resource between virtual machine by Namespace virtualization and COW (copy-on-write) pattern.It can realize the isolation of communication.FVM mainly comprises following part: file is virtual, registration table is virtual, system object is virtual, network interface is virtual, interprocess communication restriction and background service virtual.FVM realizes the inner nuclear layer in Windows system, and its virtualization operations will affect all application programs of moving in this operating system, larger to systematic influence.
As the above analysis, setting up virtual execution environment for application program is that software is the key in service architecture, from operating system, isolates execution environment, and realizes the isolation between execution environment.At present, in the implementation method of virtual execution environment, there is following defect: the implementation method of above-mentioned several virtual execution environments requires first application program to be arranged in origin operation system, and the configuration information of application program and operating file leave in operating system, make the degree of coupling of application program and operating system higher, be not easy to on-demand loading application program and preserve personalized customization data and the privately owned file data that user produces in use application program process.
Summary of the invention
The invention provides the virtualized implementation method of a kind of window application, in order to reduce the degree of coupling of application program and operating system.
The invention provides the virtualized implementation method of a kind of window application, comprising:
According to configuration file, the first system relevant with system registry that intercepting and capturing application program is called in operational process calls, use the system call of the dynamic link library injecting in the time that described application program is carried out, rewriteeing the first system of intercepting and capturing calls, and use the system call after rewriteeing that privately owned registration table and system registry are merged, form virtual registration table, so that described application program conducts interviews to described privately owned registration table and described system registry according to described virtual registration table;
According to described configuration file, intercepting and capturing the second system relevant with file operation that described application program calls in operational process calls, path parameter in calling according to intercepted and captured second system, obtain the affiliated space of file, and according to the system space of storing in described configuration file, software space and user's space path mapping relations each other, return to the routing information adapting with the action type that operates described file, then, according to described routing information, described file is operated.
The virtualized implementation method of window application provided by the invention, by building virtual registration table, leaves the configuration information relying in application program operational process in privately owned registration table in, independently opens with the system registry of operating system; By carrying out virtual to file operation, foundation is independent of user's space, the software space of system space, thereby personalized customization data and private data that user is produced in use application program process are kept in the space that is independent of system space, integrate the access of application program to user resources, software resource and system resource simultaneously, reached the object that reduces the degree of coupling of application program and operating system.
Brief description of the drawings
The process flow diagram of the virtualized implementation method of window application that Fig. 1 provides for one embodiment of the invention;
Fig. 2 A is the functional frame composition of the virtual registration table of the present embodiment;
The process flow diagram of the virtual implementation procedure of file access that Fig. 2 B provides for one embodiment of the invention;
The structural representation of the doubly linked list that Fig. 2 C provides for one embodiment of the invention;
The process flow diagram of the virtualized implementation method of window application that Fig. 3 provides for another embodiment of the present invention.
Embodiment
The process flow diagram of the virtualized implementation method of window application that Fig. 1 provides for one embodiment of the invention.As shown in Figure 1, the method for the present embodiment comprises:
Wherein, reduce the degree of coupling of application program and operating system, namely the configuration information relying in application program operational process and operating file are left in separate space, and by user using the personalized customization data that produce in application program process and privately owned document data saving in separate space, integrate the access of application program to user resources, software resource and system resource simultaneously.
For achieving the above object, the present embodiment has been set up privately owned registration table in advance, for storing configuration information that application program operational process relies on etc.Based on this, this step 101 adopts the mode of virtual registration table, call to realize by rewriting system privately owned registration table and system registry are merged, application program forms virtual registration table, so that can realize the corresponding access to privately owned registration table and system registry according to virtual registration table in operational process.
In order to realize the fusion of privately owned registration table and system registry, application program is in the time carrying out, can in dynamic link library (DLL), inject a system call, this system call is for realizing the rewriting to the system call relevant with system registry, so that privately owned registration table and system registry are merged, make application program can access privately owned registration table and obtain required configuration information.
In actual implementation procedure, first according to configuration file, intercept and capture the system call relevant with system registry that application program is called in operational process, the first system calls.Then, use the system call of injecting dynamic link library in the time that application program is carried out to rewrite the first system of intercepting and capturing and call, privately owned registration table and system registry are merged in the system call after use rewriting, form virtual registration table.Like this, application program just can conduct interviews to privately owned registration table and system registry according to virtual registration table in operational process, and no longer only system registry is conducted interviews, thereby can from privately owned registration table, obtain required configuration information, realize to a certain extent the isolation with operating system.
Wherein, described rewriting can be to replace the first system with the system call in dynamic link library to call, can also be that the parameter that uses the system call in dynamic link library to call the first system is modified, amended the first system is called can be merged system registry and privately owned registration table.
In this step, the first system relevant with system registry of tackling calls the system call mainly referring to registration table reads, creates, amendment or deletion action are closely related.Wherein, each the first system calls and comprises Unicode version and ASCII version.
In order to realize the object of the degree of coupling that reduces application program and operating system, also need operating file, use the personalized customization data that produce of application program and privately owned document data saving in separate space, and to integrate the access of application program to user resources, software resource and system resource, in order to realize this object, the present embodiment is set up the software space and the user's space that are independent of system space in advance.Wherein, software space such as, for storing the data relevant to software, operating file etc.User's space such as, for storing the data relevant with user, personalized customization data, privately owned file data etc. that user uses application program to produce.Wherein, there are path mapping relations in system space, software space and user's space each other, that is to say and can find two other space according to one of them space.Wherein, system space, software space and user's space path mapping relations are each other pre-stored in configuration file.
On the common basis existing of system space, software space and user's space, by intercepting and capturing the system call relevant to file operation, be that second system calls, and according to the path parameter of system call, obtain the affiliated space of file that will operate, then according to pre-stored system space, software space and user's space in configuration file path mapping relations each other, return to the routing information adapting with the action type of operation file, then file is operated in corresponding space according to the routing information returning, executive system is called.
It is virtual that step 102 has realized file access.
The virtual virtual execution environment that isolates application program from operating system of having realized of virtual registration table and file access, has reduced the degree of coupling of application program and operating system.
The present embodiment is by building virtual registration table, the configuration information relying in application program operational process is left in privately owned registration table, independently open with the system registry of operating system, by carrying out virtual to file operation, foundation is independent of the user's space of system space, software space, thereby personalized customization data and private data that user is produced in use application program process are kept in the space that is independent of system space, integrate application program to user resources simultaneously, the access of software resource and system resource, reach the object that reduces the degree of coupling of application program and operating system.
Below how the system call describing in detail by after rewriteeing is merged privately owned registration table and system registry, form virtual registration table, thereby make application program access to privately owned registration table and system registry by virtual registration table.
Fig. 2 A is the functional frame composition of the virtual registration table of the present embodiment.As shown in Figure 2 A, this function structure mainly comprises: privately owned registration table writable layer (VRIOLayer), privately owned registry operations layer (VROPLayer), registration table fused layer (Virtual Registry) system registry (Original Windows APIs) and privately owned registration table (Private Registry).
Wherein, privately owned registration table writable layer (VRIOLayer): safeguard privately owned registration table content.This privately owned registration table writable layer mainly comprises following operation-interface: create key (CreateKey), settings (SetValue), establishment value (CreateValue), query note (QueryRecord), delete (Delete), obtain next node (GetNextNode), obtain next key (GetNextKey), obtain version number (GetVersion) etc., these interfaces are used for auxiliary privately owned registration table writable layer and complete increase, deletion to privately owned registration table content, the operation such as revise and search.Wherein GetVersion is used for reading the version (Version) number of privately owned registration table.Privately owned registration table often makes once and changes, and it just increases 1 No. Version.This multiple process that is employed program creation for No. Version is shared, and is used for safeguarding the consistance of privately owned registration table between multiple processes.
Privately owned registry operations layer (VROPLayer): safeguard the privately owned registration table in internal memory.Privately owned registry operations layer mainly comprises following operation-interface: create key (CreateKeyExW), delete key (DeleteKeyW), deletion value (DeleteValueW), enumerate key (EnumKeyExW), enumerated value (EnumValueW), open key (OpenKeyExW), query key information (QueryInfoKeyW), Query Value information (QueryValueExW), setting value (SetValueExW), read the security information (GetKeySecurity) of key, the security information (SetKeySecurity) of setting key, read version number (GetVersion) etc., these operation-interfaces are used for assisting privately owned registry operations layer to complete the increase relevant to privately owned registration table, delete, amendment, the operation of searching.For example, this privately owned registry operations layer need to be converted into corresponding data memory format (for example FF from internal memory binary value form by data item occurrence in key, 00, FF, 00), and the character string that transmits this data memory format is to privately owned registration table writable layer, then by privately owned registration table writable layer, the character string of this data memory format is stored in privately owned registration table.When read analog value from privately owned registration table time, adopt contrary conversion, be privately owned registration table writable layer reading character string give privately owned registry operations layer from privately owned registration table, by privately owned registry operations layer, the character string of data memory format be converted to internal memory binary format.
Wherein, the privately owned registry operations layer of the present embodiment is managed privately owned registration table with tree structure, and wherein the data item occurrence of registration table is stored in registry key, and sub-key is stored in father's key.Path values identified from root key to object key shortest path the key of process.
Registration table fused layer (Virtual Registry): realize the fusion of privately owned registration table and system registry by virtual key (HKEY) handle.Concrete, by generating virtual HKEY handle, and by registered events object in virtual HKEY handle, this handle will point to an amendment advice node.All amendment advice nodes are stored in doubly linked list.If rewrite the operation generation that the first system calls, trigger the event object of registration.The process of generating virtual key handle comprises: intercept and capture application program and open the first system that creates registration table key assignments and call, open the path values of the registry key of the first system that creates registration table key assignments in calling according to application program, return to virtual key handle; If path values is present in system registry, opens system registry key, and the handle returning is stored in virtual key handle; If path values is present in privately owned registration table, opens privately owned registry key, and the handle returning is stored in virtual key handle; If create new registration table key, in privately owned registration table, create new key, and the handle returning is stored in virtual key handle.
For system registry or privately owned registration table, mainly comprise: the operations such as inquiry, amendment, deletion and amendment advice.Therefore the present embodiment is taking inquiry, amendment, deletion and amendment advice as example, privately owned registration table and system registry are merged in the system call describing in detail after rewriteeing, to realize virtualized process.
For query manipulation: after generating virtual HKEY handle, register virtual registry query event in virtual HKEY, in the time that the amendment advice node corresponding with this virtual registry query event is triggered, will carry out virtual registry query event.That is to say, in the time of application queries registration table key assignments, call by the first system of intercepting and capturing application queries registration table key assignments, the amendment advice node corresponding with virtual registry query event is just triggered, then call middle HKEY parameter according to intercepted and captured the first system, carry out the query manipulation of virtual registration table.The query manipulation of the virtual registration table of the present embodiment comprises following operation: in privately owned registration table, inquire about the first key assignments (actual is a character string) according to the first path values, if the first key assignments exists in privately owned registration table, carry out corresponding operating according to the first key assignments; If the first key assignments does not exist in privately owned registration table, judge whether the first path values exists in delete list; If the first path values exists in delete list, return to key assignments and do not have information; If the first path values does not exist in delete list, illustrate this key assignments exist with system registry in and do not have deletedly, from system registry, inquire about the first key assignments according to the first path values.
Wherein, the first key assignments refers to the registration table key assignments of path values mark; The path values of storage in the first path values virtual key handle (HKEY).For example: when the first key assignments is, when HKEY_LOCAL_MACHINE SOFTWARE, can carry out according to the first key assignments the operation of inquiry.Delete list be storage application program delete system registry in key assignments.Can not be modified by key assignments in this delete list feasible system registration table, can application program cannot access system registration table in deleted key assignments.
From the operating process of above-mentioned query event, application program is preferentially inquired about in privately owned registration table, while existence in privately owned registration table, inquiry system registration table, realize the fusion of privately owned registration table and system registry, realized to a certain extent the isolation of application program and operating system.
For retouching operation: after generating virtual HKEY handle, register virtual Registry Modifications event in virtual HKEY handle, in the time that the amendment advice node corresponding with this virtual Registry Modifications event is triggered, will carry out virtual Registry Modifications event.That is to say, in the time of application modification registration table key assignments, call by the first system of intercepting and capturing application modification registration table key assignments, the amendment advice node corresponding with virtual Registry Modifications event is just triggered, then call middle HKEY parameter according to intercepted and captured the first system, carry out the retouching operation of virtual registration table.The retouching operation of the virtual registration table of the present embodiment comprises following operation: in privately owned registration table, inquire about the second key assignments according to the second path values, if the second key assignments exists in privately owned registration table, carry out corresponding modify operation according to the second key assignments in privately owned registration table; If the second key assignments does not exist in privately owned registration table, judge whether the second path values is present in system registry; If the second path values exists in system registry, in privately owned registration table, create the second key assignments according to the second path values and carry out corresponding modify operation; If the second path values does not exist system registry, return to key assignments and do not have information.
Wherein, the second key assignments refers to the registration table key assignments of path values mark; The path values of storage in the second path values virtual key handle (HKEY).
From the operating process of above-mentioned query event, application program is preferentially inquired about and is revised in privately owned registration table, while existence in privately owned registration table, inquiry system registration table also creates the second key assignments in privately owned registration table, then the operation of modifying in privately owned registration table, realize the fusion of privately owned registration table and system registry, realized to a certain extent the isolation of application program and operating system.
For deletion action: after generating virtual HKEY handle, register virtual registration table deletion event in virtual HKEY handle, in the time that the amendment advice node corresponding with this virtual registration table deletion event is triggered, will carry out virtual registration table deletion event.That is to say, in the time that application program is deleted registration table key assignments, the first system of deleting registration table key assignments by intercepting and capturing application program calls, the amendment advice node corresponding with virtual registration table deletion event is just triggered, then call middle HKEY parameter according to intercepted and captured the first system, carry out the deletion action of virtual registration table.The deletion action of the virtual registration table of the present embodiment comprises following operation: in privately owned registration table, inquire about the 3rd key assignments according to Third Road footpath value, if the 3rd key assignments exists in privately owned registration table, in privately owned registration table, carry out corresponding deletion action according to the 3rd key assignments, and judge whether Third Road footpath value exists in system registry; If the 3rd key assignments does not exist in privately owned registration table, directly judge whether Third Road footpath value exists in system registry; If Third Road footpath value exists in system registry, in delete list, record Third Road footpath value; If Third Road footpath value does not exist in system registry, return to key assignments and do not have information.
Wherein, the delete list in delete list and query manipulation is herein same.A virtual execution environment is safeguarded a delete list.
Wherein, the 3rd key assignments refers to the registration table key assignments of path values mark; The path values of storage in Third Road footpath value virtual key handle (HKEY).
From above-mentioned, application program is preferentially carried out deletion action in privately owned registration table, and carrying out after deletion action, the Third Road footpath value of the existence in system registry is stored in delete list, realizing privately owned registration table synchronizes with the deletion of system registry, realize the fusion of privately owned registration table and system registry, realized to a certain extent the isolation of application program and operating system.
Operate for amendment advice: after generating virtual HKEY handle, in virtual HKEY handle, register virtual Registry Modifications notification event, in the time that the amendment advice node corresponding with this virtual Registry Modifications notification event is triggered, will carry out virtual Registry Modifications notification event.That is to say, in the time of application modification notice registration table key assignments, call by the first system of intercepting and capturing application modification notice registration table key assignments, the amendment advice node corresponding with virtual Registry Modifications notification event is just triggered, then call middle HKEY parameter according to intercepted and captured the first system, carry out the amendment advice operation of virtual registration table.The amendment advice operation of the virtual registration table of the present embodiment comprises following operation: the version number that obtains privately owned registration table from version number's storage space, if the version number of the privately owned registration table obtaining is identical with the version number of local storage, carry out corresponding registration operation according to the version number of privately owned registration table; If the version number of the privately owned registration table obtaining is not identical with the version number of local storage, the privately owned registration table of reconstruct, and the version number that preserves the privately owned registration table of reconstruct, and carry out corresponding registration operation according to the version number of the privately owned registration table of reconstruct; After carrying out the corresponding registry operations of system call of intercepting and capturing, again from version number's storage space, obtain the version number of privately owned registration table, if there is change in the version number of privately owned registration table, operate according to the 4th path values and the corresponding registration of execution the event object of registering, activate registered events, send amendment advice; If the version number of privately owned registration table does not change, exit this system call.
Wherein, the version number of local storage refers to the version number of the privately owned registration table that current process that application program produces in operational process stores.Wherein, the version number of the privately owned registration table in version number's storage space can be employed each process or the thread that program operation process produces and accesses.
Wherein, the privately owned registration table of reconstruct refers to and again reads privately owned registry file, and in internal memory the tree structure of index building node and privately owned registration table.
The present embodiment by registering the events such as virtual registry query, amendment, deletion and amendment advice in virtual HKEY handle, realize the fusion of system registry and privately owned registration table under various operational circumstances, give full play to the effect of privately owned registration table, on configuration information, realized the form of application program and operating system.
Describe the implementation procedure of file accesses virtual in step 102 below in detail, as shown in Figure 2 B, mainly comprise the following steps:
According to the difference in space under file, and difference to file operation type, will return to different routing informations, describe one by one below.In the present embodiment, described space comprises system space, software space and user's space; Describedly to the action type of file can be: create, delete, revise or read.
When the file that will operate is not in deposit system space, software space and user centre, and to file create, delete, when amendment or read operation, the routing information according to the path mapping relations backspace file between system space and user's space in user's space.
When the file that will operate exists in system space, and do not exist in software space and user's space, and when file is carried out to read operation, the routing information according to the path mapping relations backspace file between system space and software space in software space.
When the file that will operate exists in system space, and do not exist in software space and user's space, and file is created or when retouching operation, routing information according to the path mapping relations backspace file between system space and user's space in user's space, and file is copied to user's space from system space.
When the file that will operate exists in system space, and do not exist in software space and user's space, and when file is carried out to deletion action, routing information according to the path mapping relations backspace file between system space and user's space in user's space, and file is copied to user's space from system space, and the path values of system space is stored in the delete list corresponding with system space.Wherein, by this delete list, feasible system file can not be modified, and can application program but cannot access this file.
When the file that will operate exists in software space, and do not exist in user centre, and when file is carried out to read operation, the routing information of backspace file in software space.
When the file that will operate exists in software space, and do not exist in user's space, and file is created or when retouching operation, routing information according to the path mapping relations backspace file between software space and user's space in user's space, and described file is copied to described user's space from described software space.
When the file that will operate exists in software space, and do not exist in user's space, and when file is carried out to deletion action, routing information according to the path mapping relations backspace file between software space and user's space in user's space, and file is copied to user's space from software space, and the path values of software space is stored in the delete list corresponding with software space.
When the file that will operate exists in user's space, and to file create, delete, when amendment or read operation, the routing information of backspace file in user's space.
The present embodiment is also called file redirection rule by the process of above-mentioned return path information, and obtains result as shown in table 1.
Table 1
Wherein, before execution step 1026, the present embodiment has been divided into storage space system space, software space and user's space, and system space, software space and user's space path mapping relations are each other stored in configuration file.Meanwhile, in configuration file, created and system space and software space delete list one to one.
The routing information that step 1027, basis are returned carries out corresponding operating to file.
This step 1027 process that namely executive system is called.
In the time judging path parameter and do not have any space, finish the operation to file.
Further, illustrate the how file in access system of application program in the present embodiment:
In the time that application call file is enumerated access function and is searched qualified first file (FindFirstFileExW), recording parameters information, and construct the routing information in three spaces, return to virtual FIND file handle, and realize the file in priority access user's space by this virtual searching (FIND) file handle, next is the file in software space, is the file in system space again.
In the time that application call file is enumerated access function and is searched next qualified file (FindNextFileW), by virtual FIND file handle, first return to the file in user's space, then return to be present in software space but not to be present in user's space and be not also present in the file in delete list, finally return to be present in system space but not to be present in and in software space, user's space, be not also present in the file in delete list.
In the time that application call file is enumerated access function and closed FIND file handle (FindClose), close virtual FIND file handle.
By aforesaid operations, virtual while having realized application program access file, allows application program access file from software space and user's space, has realized the isolation with operating system.
Further, store in order to realize the parameter that produces when parameter to producing in some system call process or system call finish etc., the present embodiment has marked off parameter spatial cache in advance, and memory buffers space is stored in doubly linked list, that is to say with the form of doubly linked list and carry out stored parameter.
Based on this, in the time carrying out in the system call process relevant with operation file return path information, inspection is stored in the parameter spatial cache in doubly linked list whether have idle parameter node; If there is idle parameter node, be the routing information allocation of parameters node returning, and by the path information storage of returning in distributed parameter node, and the parameter node identification of described distribution is not assigned with; If there is no idle parameter node, for the routing information returning creates parameter node, and created parameter node is inserted in the parameter spatial cache in doubly linked list, simultaneously by the path information storage of returning in created parameter node, and created parameter node identification is not assigned with.
Wherein, parameter node is exactly a fritter memory headroom.
Further, according to the routing information that returns, file is carried out after corresponding operating finishes when application program, the shared parameter node of routing information that release will be returned, now, judges whether d/d parameter node carrys out autoregressive parameter spatial cache; If d/d parameter node carrys out autoregressive parameter spatial cache, d/d parameter node is regained and the parameter node identification of withdrawal is not used, so that other parameters are used this parameter node to store.
Wherein, the various parameters that maybe need amendment of returning in operational process for application program all can be used the parameter spatial cache in doubly linked list to carry out buffer memory, be not limited to the routing information returning in file operation process, the parameter (for example: the system object name after rename) that needs amendment in system object is carried out to rename process for example occurring below also can be used the parameter spatial cache in doubly linked list to carry out buffer memory.
Whether the present embodiment provides a kind of implementation structure of parameter node, comprising: zone bit field: used for identifying this parameter node, for example, fill 0xffff and represent that this node is not used; 0x0 represents that this node is just used, and is assigned with; Memory headroom: be used for the memory headroom of stored parameter; Memory headroom length field: the physical length that represents the memory headroom of stored parameter.Doubly linked list structure as shown in Figure 2 C.
By doubly linked list, parameter is carried out to buffer memory, can improve performance and the availability of realized virtual environment.
The process flow diagram of the virtualized implementation method of window application that Fig. 3 provides for another embodiment of the present invention.The present embodiment is based on realization embodiment illustrated in fig. 1, and as shown in Figure 3, the method for the present embodiment also comprises after step 102:
In the present embodiment, for realizing the isolation between each application program in application program virtualized environment, in the time of access system object, need to carry out rename to system object, with system object shared between virtual execution environment.Wherein, the access of system object is comprised and opens a system object or whether inquiry system object exists.Based on this, the process number of first process that the present embodiment creates according to the virtualized environment that adopts the present embodiment to provide is as mark, and the process of system object being carried out to rename operation comprises:
In the time that whether a system object of inquiry exists, first use original system object name to judge whether this system object exists; If there is no, after original system object name, append the process number of first process relevant to this system object, so that this system object is carried out to rename, then according to this system object of system object name creation of rename.
In the time opening a system object, first use original system object name to judge whether to open this system object; If system object cannot be opened, after original system object name, append the process number of first process relevant to this system object, so that this system object is carried out to rename, then open this system object according to the system object name of rename.
Step 104, according to configuration file, the Quaternary system tracking relevant with pass-along message that interception application program is called in operational process used, according to the shared memory space corresponding with application program, to carrying out control operation according to Quaternary system tracking by the process creating, described shared memory space is for storing the process number of the process corresponding with application program.
In order to realize in application program virtualized environment, the isolation between application program, also needs to limit the communication between process in virtual execution environment.For this reason, the present embodiment is according to configuration file, and the system call relevant with pass-along message of interception application call (being that Quaternary system tracking is used), obtains the process that exists in execution environment accordingly.
Carrying out when above-mentioned arbitrary system call, this system call meeting creates process, and can be created course allocation process number, and the process that this system call produces is mainly used in pass-along message, that is to say and need to communicate with other processes.Communicate by letter in order to realize between limiting process, the present embodiment is by creating a shared memory space for this application program, allow the process that belongs to this application program to access this shared memory space, and the process that does not belong to this application program can not be accessed this shared memory space, and this shared memory space is for storing the process number of the process under this application program.Wherein, the cross-thread being present in same process can be communicated by letter, and also can communicate by letter for the cross-thread in each process of same application; And thread in the process of different application cannot be communicated by letter.Wherein, can find the interdependent process of this thread by thread number, and then judge according to process number whether this thread belongs to current application program.
Concrete, the process creating when system call, in the time starting, is first registered to the process number of this process in shared memory space.In the time that process requested is communicated by letter with a target process (being first object process), whether the process number that checks first object process exists in shared memory space, if so, allows this process and first object process communication, if not, refuse this process and first object process communication.In addition, in the time having target process (i.e. the second target process) request with this process communication, read the process number of target process, whether the process number that checks target process exists in shared memory space, if, allow this process to communicate by letter with target process, if not, refuse this process and communicate by letter with target process.First object process and the second target process are all processes.
Further, in the time that process exits, the process number of this process is deleted from shared memory space.
As can be seen here, realize by the way the object of communicating by letter between limiting process, improved the isolation between application program, made can move multiple application programs in same operating system simultaneously.
The present embodiment is being realized on the virtualized basis of application program, further by system object virtual and the restriction to interprocess communication, makes to realize isolation between application program, allows to move in same operating system multiple application programs simultaneously.
In the various embodiments described above, application program can create multi-process, multithreading in operational process, and exists and share data between multi-process, multithreading, therefore needs to safeguard the consistance of sharing data.In order to prevent that multi-process or multithreading from producing contradiction when the accessing shared data each other, the present embodiment provides a kind of realization mechanism, is process and thread and sets up respectively key, realizes the isolation between each process and each thread.For example: for thread or process are set up a key, in the time that a certain thread or process operate sharing data, first enter this key, other threads or process just cannot operate these shared data like this, thereby have ensured the consistance of each thread or the shared data of each process.
Based on the above-mentioned scheme of setting up key, in above-mentioned steps 103, after original system object name, append the process number of first process relevant to system object, can realize by following steps with the operation of system object being carried out to rename:
First, enter the first key, and carry out subsequent operation in the first key.Described subsequent operation comprises: in the parameter spatial cache from doubly linked list, apply for idle parameter node, this free time parameter node is for storing the system object name after rename; Then, after original system object name, append the process number of first process relevant to system object, obtain the system object name after rename, and the system object name after rename is stored in applied for idle parameter node.And leave immediately the first key after amendment parameter.
By aforesaid operations, in the time having multiple threads to access same system object, can prevent that system object name is carried out to rename causes conflict simultaneously simultaneously.
Based on the above-mentioned scheme of setting up key, the relevant event of various and virtual registration tablies of registering in virtual HKEY handle in above-mentioned steps 101 specifically can be carried out in key.
For example: for virtual registry query event: before inquiring about the first key assignments according to the first path values in described privately owned registration table, can first carry out following operation:
Enter the second key, and from version number's storage space, read the version number of privately owned registration table; The version number of read privately owned registration table and the version number of local storage are compared, judge whether to need the privately owned registration table of reconstruct; If judged result is yes, the privately owned registration table of reconstruct, and then carry out and in the privately owned registration table of reconstruct, inquire about the first key assignments and other operations according to the first path values; If judged result is no, directly carries out and in former privately owned registration table, inquire about the first key assignments and other operations according to the first path values.After virtual registry query event finishes, leave the second key.
In addition, for virtual Registry Modifications event or virtual registration table deletion event: before inquiring about the second key assignments according to the second path values in described privately owned registration table, or before inquiring about the 3rd key assignments according to Third Road footpath value in described privately owned registration table, also can first carry out following operation:
Enter the second key, and from version number's storage space, read the version number of privately owned registration table; The version number of read privately owned registration table and the version number of local storage are compared, judge whether to need the privately owned registration table of reconstruct; If judged result is yes, the privately owned registration table of reconstruct, and then carry out and in the privately owned registration table of reconstruct, inquire about the second key assignments or the 3rd key assignments and other operations according to the second path values or Third Road footpath value; If judged result is no, directly carries out and in former privately owned registration table, inquire about the second key assignments or the 3rd key assignments and other operations according to the second path values or Third Road footpath value.After virtual Registry Modifications event or virtual registration table deletion event finish, leave the second key.
Further, before entering the second key, comprise: the current process of application program is carried out and opened the operation of version number's storage space, and judge that whether opening operation is successful; If opening operation success, the version number that reads the privately owned registration table in version number's storage space, and the version number of the privately owned registration table reading is stored in to this locality; If opening operation failure, creates version number's storage space, and the version number of the privately owned registration table of initialization, the version number of the privately owned registration table that initialization is obtained stores respectively created version number's storage space and this locality into.Described this locality refers in the space of current process existence.
By aforesaid operations, can realize the initialization of the privately owned registration table version number to current process.
Based on the various embodiments described above or embodiment, the present embodiment provides a kind of system architecture of the virtual execution environment of the application program-oriented method that the present invention realizes, mainly comprise: 1, interception system calls: intercept and capture corresponding system call according to configuration file, realize virtual different assembly configurablely.2, virtual registration table: rewrite the system call relevant to system registry table handling, adopt and write copy (Copy-On-Write; Referred to as: COW) mechanism is carried out the access of assistance application to system registry and privately owned registration table.3, file access is virtual: rewrite the pathname parameter in the system call relevant to file operation, and adopt COW mechanism to carry out the access of assistance application to user's space, software space and user's space.4, system object is virtual: rewrite and operate the object name in relevant system call to system object, the access of assistance application to original system object and private object.5, the communication between limiting process: limits application only can send message to the object in the execution environment at its place, realizes many examples operations of application program.
The start-up course of the virtual execution environment of the application program-oriented method of the present embodiment is as follows:
Step 1, loading procedure read configuration information from configuration file (setting.ini) or order line, and wherein the configuration information of order line has precedence over the configuration information in configuration file.
The attribute that configuration file mainly comprises has: (1) starts execute file name (StartExeName): the relative path that starts Exe file; (2) virtual registration table (VirtualRegistry): the relative path of virtual registry file; (3) file redirection (FileRedirection): file access is redirected the relative path of configuration file; (4) system object (SystemObject): whether virtualization system object; (5) internal process (Interprocess): the whether communication between limiting process.
Step 2, configuration information is write in the environmental variance of current process,
Step 3, create subprocess, start the executable file of application program, and will link up with dynamic link library (detoured.dll) and injection dynamic link library (ApplicationExeAssistant.dll) is injected into subprocess.
Step 4, subprocess load its ApplicationExeAssistant.dll dynamic link library relying on, and dynamic link library principal function (DllMain) function in ApplicationExeAssistant.dll is called.
Step 5, in DllMain, read context variable values, and according to context variable values, amended system call is linked up with in original system calls.
In step 6, application program operational process, in the time calling the system call of being linked up with, can carry out the associative operation of amended system call.
After step 7, application program exit, loading procedure also exits.
The virtual execution environment of the application program-oriented method that the present invention realizes has following beneficial effect: (1) is by leaving the configuration information relying in application program operational process and operating file in separate space in, and in personalized customization data and privately owned document data saving separate space that user is produced in use application program process, integrate the access of application program to user resources, software resource and system resource simultaneously, reduced the degree of coupling of application program and operating system.(2) by shared system object between virtual virtual execution environment, and limit the communication between virtual execution environment, realize between virtual execution environment than isolation more completely, make can move the Multi-instance of same application in same operating system, improved the isolation between application program.(3) pass through at client layer, realize the alone family of an application program-oriented method, the lightweight virtual execution environment of one way order, and adopt parameter buffer memory, share data consistency maintenance and optimize the methods such as virtual registration table the performance and the availability that improve virtual execution environments, improve resource utilization and execution efficiency.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can complete by the relevant hardware of programmed instruction, aforesaid program can be stored in a computer read/write memory medium, this program, in the time carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Finally it should be noted that: above embodiment only, in order to technical scheme of the present invention to be described, is not intended to limit; Although the present invention is had been described in detail with reference to previous embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified, or part technical characterictic is wherein equal to replacement; And these amendments or replacement do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.
Claims (9)
1. the virtualized implementation method of window application, is characterized in that, comprising:
According to configuration file, the first system relevant with system registry that intercepting and capturing application program is called in operational process calls, use the system call of the dynamic link library injecting in the time that described application program is carried out, rewriteeing the first system of intercepting and capturing calls, and use the system call after rewriteeing that privately owned registration table and system registry are merged, form virtual registration table, so that described application program conducts interviews to described privately owned registration table and described system registry according to described virtual registration table;
According to described configuration file, intercepting and capturing the second system relevant with file operation that described application program calls in operational process calls, path parameter in calling according to intercepted and captured second system, obtain the affiliated space of file, and according to the system space of storing in described configuration file, software space and user's space path mapping relations each other, return to the routing information adapting with the action type that operates described file, then, according to described routing information, described file is operated;
Described according to configuration file, the first system relevant with system registry that intercepting and capturing application program is called in operational process calls, use the system call of the dynamic link library injecting in the time that described application program is carried out, rewriteeing the first system of intercepting and capturing calls, and use the system call after rewriteeing that privately owned registration table and system registry are merged, form virtual registration table, so that described application program conducts interviews and comprises described privately owned registration table and described system registry according to described virtual registration table:
Intercept and capture described application program and open the first system that creates registration table key assignments and call, open the path values of the registry key of the first system that creates registration table key assignments in calling according to described application program, return to virtual key handle; If described path values is present in described system registry, opens system registry key, and the handle returning is stored in described virtual key handle; If described path values is present in described privately owned registration table, opens privately owned registry key, and the handle returning is stored in virtual key handle; If create new registration table key, in described privately owned registration table, create new key, and the handle returning is stored in virtual key handle;
The first system of intercepting and capturing described application queries registration table key assignments calls, and calls middle virtual key handle parameter according to the first system of described application queries registration table key assignments, carries out the query manipulation of described virtual registration table; The query manipulation of described virtual registration table comprises: in described privately owned registration table, inquire about the first key assignments according to the first path values, if described the first key assignments exists in described privately owned registration table, carry out corresponding operating according to described the first key assignments; If described the first key assignments does not exist in described privately owned registration table, judge whether described the first path values is present in delete list; If described the first path values exists in described delete list, return to key assignments and do not have information; If described the first path values does not exist in described delete list, from described system registry, inquire about described the first key assignments according to described the first path values;
The first system of intercepting and capturing described application modification registration table key assignments calls, and calls middle virtual key handle parameter according to the first system of described application modification registration table key assignments, carries out the retouching operation of virtual registration table; The retouching operation of described virtual registration table comprises: in described privately owned registration table, inquire about the second key assignments according to the second path values, if described the second key assignments exists in described privately owned registration table, in described privately owned registration table, carry out corresponding modify operation according to described the second key assignments; If described the second key assignments does not exist in described privately owned registration table, judge whether the second path values is present in described system registry; If described the second path values exists in described system registry, in described privately owned registration table, create described the second key assignments according to described the second path values and carry out corresponding modify operation; If described the second path values does not exist described system registry, return to key assignments and do not have information;
The first system of intercepting and capturing described application program deletion registration table key assignments calls, and calls middle virtual key handle parameter according to the first system of described application program deletion registration table key assignments, carries out the deletion action of virtual registration table; The deletion action of described virtual registration table comprises: in described privately owned registration table, inquire about the 3rd key assignments according to Third Road footpath value, if described the 3rd key assignments exists in described privately owned registration table, in described privately owned registration table, carry out corresponding deletion action according to described the 3rd key assignments, and judge whether described Third Road footpath value exists in described system registry; If described the 3rd key assignments does not exist in described privately owned registration table, directly judge whether described Third Road footpath value exists in described system registry; If described Third Road footpath value exists in described system registry, in described delete list, record described Third Road footpath value; If described Third Road footpath value does not exist in described system registry, return to key assignments and do not have information;
The first system of intercepting and capturing described application modification notice registration table key assignments calls, and notifies the first system of virtual registration table key assignments to call middle virtual key handle parameter according to described application modification, carries out the amendment advice operation of virtual registration table; The amendment advice operation of described virtual registration table comprises: obtain the version number of described privately owned registration table, if the version number of the privately owned registration table obtaining is identical with the version number of local storage, carry out corresponding registration operation according to the version number of described privately owned registration table; If the version number of the privately owned registration table obtaining is not identical with the version number of local storage, privately owned registration table described in reconstruct, and the version number that preserves the privately owned registration table of reconstruct, and carry out corresponding registration operation according to the version number of the privately owned registration table of reconstruct; After carrying out corresponding registration operation, again obtain the version number of described privately owned registration table, if change has occurred in the version number of described privately owned registration table, operate with the corresponding registration of execution the event object of registering according to the 4th path values and send amendment event notice; If the version number of described privately owned registration table does not change, return.
2. the virtualized implementation method of window application according to claim 1, it is characterized in that, described path parameter in calling according to intercepted and captured second system, obtain the affiliated space of file, and according to the system space of storing in described configuration file, software space and user's space path mapping relations each other, return to the routing information adapting with the action type that operates described file, then, according to described routing information, described file operated and comprised:
Whether the form that judges described path parameter is long path form; If the path form of described path parameter is short path form, the path parameter of short path form is converted to the path parameter of long path form;
Be not present in described system space, described software space and described user's space when judge described file according to the header information of described path parameter, and described file is created, deleted, when amendment or read operation, returns to the routing information of described file in described user's space according to the path mapping relations between described system space and described user's space;
Exist in described system space when judge described file according to the header information of described path parameter, and do not exist in described software space and described user's space, and when described file is carried out to read operation, return to the routing information of described file in described software space according to the path mapping relations between described system space and described software space;
Exist in described system space when judge described file according to the header information of described path parameter, and do not exist in described software space and described user's space, and described file is created or when retouching operation, return to the routing information of described file in described user's space according to the path mapping relations between described system space and described user's space, and described file is copied to described user's space from described system space;
Exist in described system space when judge described file according to the header information of described path parameter, and do not exist in described software space and described user's space, and when described file is carried out to deletion action, return to the routing information of described file in described user's space according to the path mapping relations between described system space and described user's space, and described file is copied to described user's space from described system space, and the path values of described system space is stored in the delete list corresponding with described system space;
Exist in described software space when judging described file according to the header information of described path parameter, and do not exist in described user centre, and when described file is carried out to read operation, return to the routing information of described file in described software space;
Exist in described software space when judge described file according to the header information of described path parameter, and do not exist in described user's space, and described file is created or when retouching operation, return to the routing information of described file in described user's space according to the path mapping relations between described software space and described user's space, and described file is copied to described user's space from described software space;
Exist in described software space when judge described file according to the header information of described path parameter, and do not exist in described user's space, and when described file is carried out to deletion action, return to the routing information of described file in described user's space according to the path mapping relations between described software space and described user's space, and described file is copied to described user's space from software space, and the path values of described software space is stored in the delete list corresponding with described software space;
Exist in described user's space when judging described file according to the header information of described path parameter, and described file is created, deleted, when amendment or read operation, returns to the routing information of described file in described user's space;
According to the routing information returning, described file is carried out to corresponding operating.
3. the virtualized implementation method of window application according to claim 2, it is characterized in that, described according to described configuration file, intercepting and capturing the second system relevant with file operation that described application program calls in operational process calls, path parameter in calling according to intercepted and captured second system, obtain the affiliated space of file, and according to the system space of storing in described configuration file, software space and user's space path mapping relations each other, return to the routing information adapting with the action type that operates described file, then, before described file being operated according to described routing information, comprise:
Storage space is divided into described system space, described software space and described user's space, and described system space, described software space and described user's space path mapping relations are each other stored in described configuration file;
In described configuration file, create and described system space and described software space delete list one to one.
4. according to the virtualized implementation method of window application described in claim 1-3 any one, it is characterized in that, also comprise:
According to described configuration file, tackle three system call relevant with system object that described application program is called in operational process, taking relevant first process number carrying out of the system object being called to described the 3rd system call that created as mark, use described mark to carry out rename operation to described system object, according to the system object name of rename, described system object is operated;
According to configuration file, tackle the Quaternary system tracking use relevant with pass-along message that described application program is called in operational process, according to the process number of storing in the shared memory space corresponding with described application program, the process creating in described application program operational process is limited to control operation, control communicating by letter between the process of described application program establishment and the process of other application programs establishments to limit.
5. the virtualized implementation method of window application according to claim 4, it is characterized in that, the described process number taking first relevant process of the system object being called to described the 3rd system call being created is as mark, use described mark to carry out rename operation to described system object, according to the system object name of rename, described system object operated and comprised:
Use original system object name judge whether described system object exists or whether can be opened;
If described system object does not exist maybe and cannot be opened, check the information that whether has the affiliated process of described system object in described original system object name;
If judged result is not for existing, after described original system object name, append the process number of first process relevant to described system object, so that described system object is carried out to rename;
According to the system object name of rename, carry out the operation that creates or open described system object.
6. the virtualized implementation method of window application according to claim 4, it is characterized in that, according to the process number of storing in the shared memory space corresponding with described application program, the process creating in described application program operational process is limited to control operation, comprises to limit communicating by letter between the process of the described application program establishment of control and the process of other application programs establishment:
When in described application program operational process, create process initiation time, the process number of described process is registered in described shared memory space;
In the time of described process requested and first object process communication, whether the process number that checks described first object process exists in described shared memory space, if so, allows described process and described first object process communication, if not, refuse described process and described first object process communication;
In the time that described process exits, the process number of described process is deleted from described shared memory space.
7. according to the virtualized implementation method of the window application described in claim 2 or 3, it is characterized in that, also comprise:
In the time of return path information, check in the parameter spatial cache being stored in doubly linked list whether have idle parameter node;
If there is idle parameter node, be the described routing information allocation of parameters node returning, and by the described path information storage of returning in distributed parameter node, and by distributed parameter node identification for being assigned with;
If there is no idle parameter node, for the described routing information returning creates parameter node, and created parameter node is inserted in the parameter spatial cache in described doubly linked list, simultaneously by the described path information storage of returning in created parameter node, and by created parameter node identification for being assigned with;
Described file being carried out to corresponding operating while finishing according to the routing information that returns, judge that whether d/d parameter node is from described parameter spatial cache, if d/d parameter node is from described parameter spatial cache, d/d parameter node is regained and by the parameter node identification of withdrawal for not used.
8. the virtualized implementation method of window application according to claim 5, is characterized in that, appends the process number of first process relevant to described system object after described original system object name, comprises so that described system object is carried out to rename:
Enter the first key;
In parameter spatial cache from doubly linked list, apply for idle parameter node;
After described original system object name, append the process number of first process relevant to described system object, obtain the system object name after rename;
System object name after rename is stored in applied for idle parameter node;
Leave described the first key.
9. the virtualized implementation method of window application according to claim 1, it is characterized in that, before inquiring about the first key assignments according to the first path values in described privately owned registration table, or before inquiring about the second key assignments according to the second path values in described privately owned registration table, or comprised before inquiring about the 3rd key assignments according to Third Road footpath value in described privately owned registration table:
Enter the second key;
From version number's storage space, read the version number of privately owned registration table;
The version number of read privately owned registration table and the version number of local storage are compared, judge whether to need privately owned registration table described in reconstruct;
If judged result is yes, privately owned registration table described in reconstruct;
After described virtual registry query event finishes, or after described virtual Registry Modifications event finishes, or after described virtual registration table deletion event finishes, also comprise:
Leave described the second key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110402069.3A CN102520944B (en) | 2011-12-06 | 2011-12-06 | Method for realizing virtualization of Windows application program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110402069.3A CN102520944B (en) | 2011-12-06 | 2011-12-06 | Method for realizing virtualization of Windows application program |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102520944A CN102520944A (en) | 2012-06-27 |
| CN102520944B true CN102520944B (en) | 2014-07-02 |
Family
ID=46291886
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110402069.3A Expired - Fee Related CN102520944B (en) | 2011-12-06 | 2011-12-06 | Method for realizing virtualization of Windows application program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102520944B (en) |
Families Citing this family (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102929716B (en) * | 2012-11-07 | 2015-04-15 | 北京亿赛通科技发展有限责任公司 | Method for starting multiple processes |
| CN102981874B (en) * | 2012-11-15 | 2015-12-02 | 北京奇虎科技有限公司 | Computer processing system and registration table reorientation method |
| CN103019765B (en) * | 2012-11-15 | 2016-08-03 | 北京奇虎科技有限公司 | A kind of file redirection method, device and computer system |
| CN103970740A (en) * | 2013-01-24 | 2014-08-06 | 北京伸得纬科技有限公司 | System layer construction method for virtual machine operating system |
| CN104219078B (en) * | 2013-06-04 | 2018-08-24 | 阿里巴巴集团控股有限公司 | A kind for the treatment of method and apparatus of more runtime environment data |
| CN104423933B (en) * | 2013-08-21 | 2018-01-19 | 华为技术有限公司 | A kind of cloud platform user interface adaptation method and adapter |
| CN105808550B (en) * | 2014-12-30 | 2019-02-15 | 迈普通信技术股份有限公司 | A kind of method and device accessing file |
| CN105824827A (en) * | 2015-01-06 | 2016-08-03 | 阿里巴巴集团控股有限公司 | File path storage and local file visiting method and apparatus |
| CN105700914A (en) * | 2015-12-31 | 2016-06-22 | 北京金山安全软件有限公司 | Application software installation and starting method and device |
| CN105930739B (en) * | 2016-04-14 | 2019-07-23 | 珠海豹趣科技有限公司 | A kind of method and terminal for preventing file deleted |
| WO2017202272A1 (en) * | 2016-05-26 | 2017-11-30 | Huawei Technologies Co., Ltd. | System and method of software defined switches between light weight virtual machines using host kernel resources |
| CN106951061B (en) * | 2017-03-29 | 2020-05-26 | 联想(北京)有限公司 | Electronic apparatus and control method |
| CN109683948A (en) * | 2018-12-13 | 2019-04-26 | 深圳创维-Rgb电子有限公司 | System data introduction method, device, electronic product and storage medium |
| CN110417860A (en) * | 2019-06-21 | 2019-11-05 | 深圳壹账通智能科技有限公司 | File transfer management method, apparatus, equipment and storage medium |
| CN111796972B (en) * | 2020-06-30 | 2022-11-04 | 苏州三六零智能安全科技有限公司 | File hot-repair method, device, equipment and storage medium |
| CN111737690B (en) * | 2020-07-20 | 2020-12-01 | 北京升鑫网络科技有限公司 | Method and device for preventing malicious software from carrying out sensitive operation on data |
| CN113703667A (en) * | 2021-07-14 | 2021-11-26 | 深圳市有为信息技术发展有限公司 | File system processing method and device for storing data in real time, vehicle-mounted terminal and commercial vehicle |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102105861A (en) * | 2008-07-28 | 2011-06-22 | 微软公司 | State separation for application changes |
| CN102231116A (en) * | 2011-07-04 | 2011-11-02 | 成都市华为赛门铁克科技有限公司 | Application program virtualization installing and loading method and device |
-
2011
- 2011-12-06 CN CN201110402069.3A patent/CN102520944B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102105861A (en) * | 2008-07-28 | 2011-06-22 | 微软公司 | State separation for application changes |
| CN102231116A (en) * | 2011-07-04 | 2011-11-02 | 成都市华为赛门铁克科技有限公司 | Application program virtualization installing and loading method and device |
Non-Patent Citations (2)
| Title |
|---|
| Hailei Sun等.Virtual execution environment for windows applications.《Cloud Computing and Intelligence Systems 》.2011,第382-386页. |
| Virtual execution environment for windows applications;Hailei Sun等;《Cloud Computing and Intelligence Systems 》;20110917;第382-386页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102520944A (en) | 2012-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102520944B (en) | Method for realizing virtualization of Windows application program | |
| CN101329636B (en) | Method and apparatus for virtualizing window information | |
| CN111324571B (en) | Container cluster management method, device and system | |
| US8959511B2 (en) | Template virtual machines | |
| US7895156B2 (en) | Method, system, and computer program product for implementing a model exchange framework generating a synchronization record in response to a model exchange request using fusion technology | |
| US20120005255A1 (en) | Method and system of application delivery through application template to client device | |
| US9183130B2 (en) | Data control system for virtual environment | |
| US10915551B2 (en) | Change management for shared objects in multi-tenancy systems | |
| CN103942281A (en) | Method and device for operating object persistently stored | |
| US11755764B2 (en) | Client-side filesystem for a remote repository | |
| CN109871284A (en) | The virtualization technology and method that a kind of application program is executed across Language Runtime | |
| US10983830B2 (en) | Parameter variations for computations using a remote repository | |
| US11720607B2 (en) | System for lightweight objects | |
| US20230115754A1 (en) | Orchestration of computations using a remote repository | |
| US20210365457A1 (en) | Graph database and methods with improved functionality | |
| Fang et al. | An approach to unified cloud service access, manipulation and dynamic orchestration via semantic cloud service operation specification framework | |
| US9009731B2 (en) | Conversion of lightweight object to a heavyweight object | |
| WO2022146714A9 (en) | System and method for real-time, dynamic creation, delivery, and use of customizable web applications | |
| Odun-Ayo et al. | Cloud and application programming interface–Issues and developments | |
| WO2020069196A1 (en) | Client-side filesystem for a remote repository | |
| Rajasekar et al. | Micro-services: a service-oriented paradigm for scalable, distributed data management | |
| US20010013040A1 (en) | General purpose resource manager for hierarchical file systome | |
| CN115443455A (en) | Transactional support for non-relational databases | |
| CN114945908A (en) | System for creating a network of data sets | |
| CN116225464A (en) | Rapid deployment method of platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140702 Termination date: 20171206 |