CN103312814A - Method for establishing VNC (virtual network computing) covert channel between cloud management platform and virtual machine terminal user - Google Patents
Method for establishing VNC (virtual network computing) covert channel between cloud management platform and virtual machine terminal user Download PDFInfo
- Publication number
- CN103312814A CN103312814A CN2013102685390A CN201310268539A CN103312814A CN 103312814 A CN103312814 A CN 103312814A CN 2013102685390 A CN2013102685390 A CN 2013102685390A CN 201310268539 A CN201310268539 A CN 201310268539A CN 103312814 A CN103312814 A CN 103312814A
- Authority
- CN
- China
- Prior art keywords
- message
- vnc
- module
- window
- virtual machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention relates to the technical field of computer virtualization, and provides a method for establishing a VNC (virtual network computing) covert channel between a cloud management platform and a virtual machine terminal user. The VNC covert channel comprises a message transformation module, a message sending module and a message feedback receiving module. The message transformation module provides an interface for calling the channel and is used for transforming message contents into pixel data which can be identified by a message sending end; the message sending module is used for adding the message image pixel data into original communication frames of a VNC server and a VNC client and sending modified communication frames to the VNC client together; and the message feedback receiving module is used for capturing operation response of the user to a message window during channel display and sending the operation response to the message transformation module. Therefore, the method has the advantages that the channel transparent to a virtual machine system can be established only by modifying parts of functional source codes of the VNC server in a KVM (kernel-based virtual machine) virtualization cloud platform, and bidirectional interaction between the cloud management platform and the virtual machine terminal user can be realized.
Description
?
Technical field
The present invention relates to computer virtualized technical field, especially relate to the method for building up of VNC concealed channel between a kind of cloud management platform and virtual machine terminal use.
Background technology
Various cloud management platform has appearred in industry at present, constantly perfect along with these cloud platform features, in the normal course of operation of platform, many times can produce the terminal use that a large amount of administrative messags need be notified to virtual machine in the cloud platform immediately, such as its real-time consumption information of notice virtual machine tenant;
On the other hand, the current secure virtual machine monitoring external member that a series of VMM of being deployed in layer occurred, in the monitor procedure of these security bundles, when they find that there is potential safety hazard in dummy machine system inside, may need its virtual machine of real-time informing terminal use, wait for that user's mutual selection just can be carried out next step operation.
Between cloud management platform and virtual machine remote terminal use, carry out real time communication at present and mainly contain three kinds of modes: the one, at cloud management end and dummy machine system inside bitcom service end and client are installed respectively, just traditional service end/client communication mode is applied between the physical machine and virtual machine in the cloud management platform; This mode need be in inner bitcom plug-in unit or the client of installing of dummy machine system, yet because the terminal use is to the owned complete control of dummy machine system, if the user selects the refitting system or cleans out this plug-in unit the bitcom client functionality was lost efficacy, and also is that anti-user's interference of this mode is lower;
The second way is directly on cloud platform management terminal device and virtual machine terminal use place machine bitcom service end and client to be installed respectively, namely adopts traditional service end/client communication modes between physical machine; This mode has concrete requirement to client platform, it is subject to the system at user place, client need be developed various Windows, Mac, the system of Linux/Unix series etc. different editions, even the portable terminal at place also needs to develop corresponding client-side program at present, has lost convenience and ease for use in the use of cloud platform remote control function to a great extent, and anti-user's interference is not high yet simultaneously;
The third method is the mode that the present invention proposes and takes: this mode is by revising the software service end of the virtual machine remote desktop control of adopting in the cloud platform, be dissolved in the virtual machine desktop picture message to be sent is integrated, send to the remote desktop control software client that the terminal use uses then together; This mode need be at inner any plug-in unit or the telecommunication customer end installed of dummy machine system, and namely this message channel is transparent to dummy machine system self; Simultaneously this mode yet need also not installed any plug-in unit or telecommunication customer end or make other any changes at terminal use's machine, and also namely this mode can't harm the scope of application of former virtual machine remote desktop control software.
Summary of the invention
The scheme that designs among the present invention be the virtual machine remote desktop control software VNC that increases income be the basis, in conjunction with developing KVM virtual platform rapidly at present, by revising the wherein service end code of remote control software, finally set up one to virtual machine self system transparent can be between cloud platform and terminal use the message channel of two-way interactive.
The present invention is mainly solved by following technical proposals:
The method for building up of VNC concealed channel between a kind of cloud management platform and virtual machine terminal use, this VNC concealed channel comprise following three modules:
Message conversion module: message conversion module is positioned on the physical host at the actual place of virtual machine, be independent of the QEMU module in the KVM framework, cloud platform invoke VNC is provided the interface of concealed channel, the origination message of cloud platform management person being desired to send to the terminal use generates the path message window dialog frame that the keeper sets, grasp this video in window Pixel Information, convert pixel format and the coded system that to identify in the general VNC communication process to; Simultaneously also after receiving terminal use's feedback that the message feedback receiver module sends over, the user is passed to cloud platform management person to the operation of message channel;
Message transmission module: message transmission module is arranged in the QEMU block code of the KVM framework on the physical host of the actual place of virtual machine, by revising the inside of the QEMU module in KVM framework part of V NC service end function source code in the KVM virtualization solution, add the message transmission module source code, the message pixel data of the keeper being desired to mail to the terminal use in revising code converts the form that uses in time VNC connects, seamless interpolation enters in original VNC service end and the client communication frame message then;
The message feedback receiver module: the message feedback receiver module is arranged in the QEMU block code of the KVM framework on the physical host of the actual place of virtual machine, by revising VNC service end function source code in the inside of the QEMU module in the KVM framework in the KVM virtualization solution, add the message feedback receiver module, grasp message terminal use's during end-user desktop shows mouse action in code, the mouse action information that is positioned at path message window viewing area that the terminal use is sent mails to message conversion module by the mode of named pipes.
The realization of the invention following function:
The first, service end message pushes.On cloud management platform control node, can send the message that its desire shows to the remote virtual machine terminal use by this passage, the demonstration of this message is real-time, after namely service end sent, client can be seen immediately;
The second, the client user is fed back identification.Pass through the message channel PUSH message after client in service end, the terminal use makes different reactions according to himself needs to the message window that pushes, this time, service end should be able to identify the concrete feedback operation at this path message window of user, and with the past cloud management platform control end of user feedback transmission, handled accordingly again according to its different Action Events by the cloud management platform.
The 3rd, the customization of PUSH message layout.At the transmitting terminal of message, the cloud management platform should go to customize the situation that path message window content displayed and layout on terminal use VNC client are set type according to its different needs.
Wherein, the main framework of above-mentioned message conversion module specifically can be subdivided into following components again:
Platform interacting message interface: this interface is responsible for directly and origination message transmitting terminal (cloud management platform main controlled node or cloud administrative staff etc.) to carry out direct information mutual, it outwards presents a kind of interface, interface parameters comprises the masterplate type of virtual machine access end slogan, use and comprises message content blocks number, message content, user interactive kind, the isoparametric configuration file of user's content of operation (generally with the port name) that the content of parameter connotation as shown in Figure 1;
The image pixel data file: this document is used for depositing the image pixel data of finally desiring at the message window of terminal use VNC client demonstration.Wide, high, the pixel format and the concrete pixel data content that comprise message window.
Window configuration information completion unit: the message window configuration information that this part is responsible for the cloud platform is sended over carries out completion, and the window configuration parameter that does not specifically customize for cloud platform management person adopts default setting.
Message window layout masterplate unit: main effect is to tell that what kind of message window is the message conversion part should generate, and namely comprises the content of which assembly and assembly in the message window.
The message conversion unit: this is the Core Feature part of this module, is responsible for message format conversion to be sent and user feedback operation Coordinate Conversion.After platform message conversion interface receives the message that cloud management platform or administrative staff send over, the message conversion part will forward window configuration information completion part to according to its parameter that sends, behind the undefined window parameter of completion cloud platform, generate the message image window that final desire shows according to the corresponding window layout of these parameters, image pixel data with this window correspondence deposits in the specific file at last, so that message transmission module reads;
Message conversion part another one function is to receive after terminal use that the user feedback interface passes over operates coordinate, to find the actual operation of carrying out in its corresponding tuple according to this coordinate present position, be in first operating assembly position as this coordinate, what represent then that the user selects is first kind of operation, by that analogy ... the content of operation with correspondence sends to platform interacting message interface at last.When detecting the feedback operation x that the user sends over, when the y coordinate is arranged in message window operational controls zone and this and is fed back to the mouse-click event, then should correspondence control content (being that the virtual machine terminal use is to the selection of message window) send to the origination message transmitting terminal, meanwhile, deletion message image pixel data file is to finish when the demonstration of subchannel message.
Receive the user feedback unit: this part is mainly used to receive the coordinate of user's operation that user message feedback receiver module sends in the VNC service end, sends it to the message conversion part, as its input.This part realizes it mainly being the input of always monitoring the named pipes of respective virtual machine during message shows, be that message feedback receiver module end writes user feedback message to named pipes, read ducted message at this sending module, adopt the mode of pipeline obstruction herein, do not receive that namely pipeline writes message, then monitor always.
Described message conversion module is positioned at cloud service to be provided on the node, and it is the physical host at the actual place of virtual machine that described cloud service provides node; This message conversion module is independent of the QEMU modular program in the KVM framework, is the calling interface that the VNC concealed channel outwards provides, and its realization flow may further comprise the steps:
Step 1: at first the parameter of calling the platform interacting message interface setting of VNC concealed channel according to the keeper reads message content and the message channel composing layout information that the keeper sends over;
Step 2: after the message conversion unit receives these configuration informations that step 1 reads, call window configuration information completion unit module, the masterplate model query messages window layout masterplate unit of in window configuration information completion module, setting according to the keeper, the parameter information that the completion keeper does not dispose when calling the VNC concealed channel;
Step 3: generate an interim message window according to the message window configuration information after step 2 completion, described interim message window outward appearance and finally remote terminal user see that in himself VNC client the path message window is identical;
Step 4: then grasp the image information of the message window of step 3 generation, generate corresponding message window bmp sectional drawing picture;
Step 5: the bmp image information that read step 4 generates converts this image information the use RAW image encoded pixel data file of 32 true color to, so that message transmission module afterwards reads;
Step 6: meanwhile receive user feedback unit monitoring information feedback receiver module and transmit the terminal use that returns at the selection result of this path message, this message conversion module to dissection process after the particular content of terminal use's selection result is transmitted toward the original transmitting terminal of cloud management platform message.
Above-mentioned message transmission module mainly is divided into message image reading unit, message image image conversion unit, three parts of message image image adding device again among the present invention:
Message image pixel reading unit: after message conversion module generates the pixel data of message window image and in the specific file of depositing, the image pixel reading section at first grasps the port numbers that connects as time VNC in the message transmission module, remove to read path message pixel data under the corresponding particular path according to this port numbers then, comprise wide, high, pixel format, the pixel data content of message window.
Message image pixel transitions unit: this part is at first obtained the pixel format that the terminal use selects in time VNC communication session, then and above the pixel format that obtains of image pixel reading section compares, if it is different, then the form of selecting according to the user is changed the image pixel data that above reads, as user's selection is 8, and the message image pixel is 32, then according to the image transitions principle 32 pixel datas is converted to 8 bit data.
Message image data adding device: view data is being converted to after time VNC connects same format, just begin before VNC original desktop picture frame buffering lastest imformation frame (FramebufferUpdate) sends, to add the message image pixel data to the information frame back in conjunction with this frame buffer update information frame data structure.
Described message transmission module is to realize that by the frame buffer update information frame of revising in the communication process its realization flow may further comprise the steps:
Step 1: find the code that the service end initial data generates in VNC service end and the client communication process, in the QEMU module in the KVM framework, this part is arranged in vnc_worker_thread_loop function under the qemu-kvm/ui/vnc-jobs.c, adds code and carry out following steps in this function;
Step 2: message image pixel reading unit reads the message image pixel data that message conversion module produces;
Step 3: obtain employed pixel format and coded system in time VNC connection procedure;
Step 4: then the message image converting unit message image pixel data that begins to read in the step 1 further is converted into employed pixel format and coded system in this VNC connection procedure;
Step 5: in conjunction with the data structure of desktop picture lastest imformation frame, pixel data adds normal image update information frame back in the message image rectangular area after message image pixel data adding device transforms step 4, after the VNC client is received this information frame like this, when drawing, himself terminal display can draw out the message window that transmits in the message channel simultaneously.
The core operation of the message feedback receiver module described in the present invention is that the user carried out respective handling at the operation selection of message window and to it during the identification message passage showed.First byte representation information frame type in the VNC communication information frame that client sends over is 05 expression mouse event as value.User's operational feedback of intending grasping in this programme mainly refers to the mouse action that the terminal use sends.The x of the 3rd to six byte representation mouse action of the key name of second byte representation mouse-click in the mouse message frame (as roller in the middle of the left click, right click, slip etc.) wherein, the y coordinate.Analyze the x in this information frame, the y coordinate judges whether it is in the message channel window area, in this way, think then that the user should operate to as if message window, will send this coordinate and arrive message conversion module this moment, produce a message region update event simultaneously.This area update event implementation procedure mainly is to upgrade frame buffer update solicited message frame by the full dose that simulation generates the appointment rectangular area that a client sends over, so that rectangular area, VNC service end updating message bands window place.
Realization flow may further comprise the steps:
Step 1: the code that finds service end reception client terminal user feedback data in VNC service end and the client communication process, in the QEMU module in the KVM framework, this part is arranged in the vnc_client_read function under the qemu-kvm/ui/vnc.c, adds code and carry out following steps in this function;
Step 2: judge whether to be in during the demonstration of concealed channel message, then the interactive information frame that time session connection sends over from client is worked as in intercepting in this way, otherwise is indicated as VNC service end and client original communication, and this moment, the message feedback module was not done operation bidirectional;
Step 3: according to the position of mouse action coordinate in the interactive information frame of intercepting and capturing judge this time operate the user at object, described object comprises path message or access system, if mouse action is in the rectangular area at message window place, then show user's mouse action to as if the message channel window;
Step 4: behind the interactive information frame of receiving at path message, the particular content of operating is sent to cloud service the program of the message conversion module on the node is provided, final content is mail to the original transmitting terminal of path message by message conversion module;
Step 5: this interactive information frame is changed to the image update information frame that upgrades rectangular area, current message window place, also namely produce the message region update event, updating message window place screen area is finished once mutual.
Therefore, the present invention has following advantage: 1. stability is high, and system is transparent to virtual machine self.The present invention is by revising the software service end of the virtual machine remote desktop control of adopting in the cloud platform, be dissolved in the virtual machine desktop picture message to be sent is integrated, send to the remote desktop control software client that the terminal use uses then together, it need be at inner any plug-in unit or the telecommunication customer end installed of dummy machine system, even if the user selects refitting system or other operations, this concealed channel function still can play a role, also namely this message channel is 2. transparent convenient non-destructives to dummy machine system self, the scope of application.The present invention need also not install any plug-in unit or telecommunication customer end or make other any changes at terminal use's machine, the virtual machine terminal use can just can experience this function by browser or vnc client on any system environmentss such as windows, linux, mac even intelligent mobile terminal, also namely this mode can't harm the scope of application of former virtual machine remote desktop control software.
Description of drawings
Fig. 1 VNC passage of the present invention master-plan Organization Chart.
Fig. 2 path message modular converter of the present invention Organization Chart.
Fig. 3 path message sending module of the present invention Organization Chart.
The data structure diagram of the desktop picture lastest imformation frame that uses in Fig. 4 message transmission module of the present invention.
Fig. 5 path message feedback of the present invention receiver module flow chart.
The data structure diagram of the interactive information frame that uses in Fig. 6 message feedback receiver module of the present invention.
Specific embodiments
Below by embodiment, and by reference to the accompanying drawings, technical scheme of the present invention is described in further detail.
Embodiment:
Referring to Fig. 1, in the cloud platform that uses the KVM Intel Virtualization Technology, realize that the interaction message channel function comprises that mainly message conversion, message send, message feedback receives three modules between cloud management platform and the virtual machine remote terminal use.
Message conversion module: message conversion module is positioned on the physical host at the actual place of virtual machine, it is independent of qemu-kvm, main be responsible for receiving cloud management platform main controlled node administrative messag and the message that receives is changed so that message transmission module can be identified.In this module, can provide an interface to send over the message that desire finally mails to the virtual machine terminal use to receive cloud management platform or cloud keeper to the cloud management platform, because the message that receives is the form of text-string or picture and character string organic assembling, and communication is to transmit by image between VNC service end and the client, so the text-string message conversion need be become image in message conversion module, afterwards the mode of picture material with the bitmap pixels data format read in the specific file, as the informed source of message transmission module; After receiving that the message feedback receiver module sends the coordinate of the expression terminal use operation of returning, convert thereof into corresponding concrete operations according to coordinate simultaneously, the loopback of terminal use's feedback result is toward cloud management platform or cloud keeper the most at last.
Message transmission module: message transmission module is arranged in the qemu-kvm code on the physical host of the actual place of virtual machine, realizes by part VNC service end function source code (being arranged in qemu-kvm/ui/vnc-jobs.c) among the qemu-kvm in the modification KVM virtualization solution.In message transmission module, at first read the message image pixel data that message conversion module produces, find pixel format and the coded system attribute of its VNC connection then according to the purpose virtual machine of message to be sent, the origination message image pixel data is changed, the end of adding VNC original communication information frame in conjunction with the data structure characteristics of the VNC frame buffer update information frame message image pixel data after with conversion again, the end mark that waits for the arrival of news is afterwards recovered original VNC session communication at last.
The message feedback receiver module: the message feedback receiver module is arranged in the qemu-kvm code on the physical host of the actual place of virtual machine, realizes by VNC service end function source code (being arranged in qemu-kvm/ui/vnc.c) among the qemu-kvm in the modification KVM virtualization solution.The main responsible user of reception sends the interactive operation information of message in the past to message transmission module.This module will intercept terminal use's all operations information frame during path message shows, find out the user's response that is directed to the message channel window according to event interactive information frame structure, adopt the mode of named pipes that the coordinate that the user operates is sent to message conversion module then, send a message region update event to finish the demonstration of message this time in the passage to message transmission module simultaneously.
Above-mentioned message conversion module framework realization flow is as shown in Figure 2:
Step 1: at first the parameter of calling VNC concealed channel interface setting according to the keeper reads message content and the message channel composing layout information that the keeper sends over;
Step 2: these configuration informations that read according to step 1 enter window configuration information completion module, the masterplate model query messages window layout masterplate of in window configuration information completion module, setting according to the keeper, the parameter information that the completion keeper does not dispose when calling the VNC concealed channel;
Step 3: generate an interim message window (this message window outward appearance and finally remote terminal user see that in himself VNC client the path message window is the same) according to the message window configuration information after step 2 completion;
Step 4: then grasp the image information of the message window of step 3 generation, generate corresponding message window bmp sectional drawing picture;
Step 5: the bmp image information that read step 4 generates converts this image information the use RAW image encoded pixel data file of 32 true color to, so that message transmission module afterwards reads;
Step 6: meanwhile monitoring information feedback receiver module transmits the terminal use that returns at the selection result of this path message, this message conversion module to dissection process after the particular content of terminal use's selection result is transmitted toward the original transmitting terminal of cloud management platform message.
Above-mentioned message transmission module framework realization flow is as shown in Figure 3:
Step 1: find the code that the service end initial data generates in VNC service end and the client communication process, in qemu-kvm, this part is arranged in the vnc_worker_thread_loop function under the qemu-kvm/ui/vnc-jobs.c, adds code and carry out following steps in this function;
Step 2: read the message image pixel data that message conversion module produces;
Step 3: obtain employed pixel format and coded system in time VNC connection procedure;
Step 4: the message image pixel data that reads in the step 1 further is converted into employed pixel format and coded system in this VNC connection procedure;
Step 5: in conjunction with the data structure (as Fig. 4) of desktop picture lastest imformation frame, add pixel data in the message image rectangular area after step 4 conversion to normal image update information frame back, after the VNC client is received this information frame like this, when drawing, himself terminal display can draw out the message window that transmits in the message channel simultaneously.
Above-mentioned message feedback receiver module workflow is as shown in Figure 5:
Step 1: the code that finds service end reception client terminal user feedback data in VNC service end and the client communication process, in qemu-kvm, this part is arranged in the vnc_client_read function under the qemu-kvm/ui/vnc.c, adds code and carry out following steps in this function;
Step 2: judge whether to be in during the demonstration of concealed channel message, then the interactive information frame that time session connection sends over from client is worked as in intercepting in this way, otherwise is indicated as VNC service end and client original communication, and this moment, the message feedback module was not done operation bidirectional;
Step 3: referring to Fig. 6, according to the position of mouse action coordinate in the interactive information frame of intercepting and capturing judge this time operate the user at object (path message or access system), if mouse action is in the rectangular area at message window place, then show user's mouse action to as if the message channel window;
Step 4: behind the interactive information frame of receiving at path message, the particular content of operating is sent to cloud service the program of the message conversion module on the node is provided, final content is mail to the original transmitting terminal (referring to cloud management platform control node generally speaking) of path message by message conversion module.
Step 5: this interactive information frame is changed to the image update information frame that upgrades rectangular area, current message window place, also namely produce the message region update event, updating message window place screen area is finished once mutual;
Specific embodiment described herein only is that the present invention's spirit is illustrated.Those skilled in the art can make various modifications or replenish or adopt similar mode to substitute described specific embodiment, but can't depart from spirit of the present invention or surmount the defined scope of appended claims.
Claims (4)
1. the method for building up of VNC concealed channel between a cloud management platform and virtual machine terminal use, this VNC concealed channel comprises following three modules:
Message conversion module: message conversion module is positioned on the physical host at the actual place of virtual machine, be independent of the QEMU module in the KVM framework, cloud platform invoke VNC is provided the interface of concealed channel, the origination message of cloud platform management person being desired to send to the terminal use generates the path message window dialog frame that the keeper sets, grasp this video in window Pixel Information, convert pixel format and the coded system that to identify in the general VNC communication process to; Simultaneously also after receiving terminal use's feedback that the message feedback receiver module sends over, the user is passed to cloud platform management person to the operation of message channel;
Message transmission module: message transmission module is arranged in the QEMU block code of the KVM framework on the physical host of the actual place of virtual machine, by revising the inside of the QEMU module in KVM framework part of V NC service end function source code in the KVM virtualization solution, add the message transmission module source code, the message pixel data of the keeper being desired to mail to the terminal use in revising code converts the form that uses in time VNC connects, seamless interpolation enters in original VNC service end and the client communication frame message then;
The message feedback receiver module: the message feedback receiver module is arranged in the QEMU block code of the KVM framework on the physical host of the actual place of virtual machine, by revising VNC service end function source code in the inside of the QEMU module in the KVM framework in the KVM virtualization solution, add the message feedback receiver module, grasp message terminal use's during end-user desktop shows mouse action in code, the mouse action information that is positioned at path message window viewing area that the terminal use is sent mails to message conversion module by the mode of named pipes.
2. according to the method for building up of VNC concealed channel between the cloud management platform described in the claim 1 and virtual machine terminal use, it is characterized in that, described message conversion module is positioned at cloud service to be provided on the node, and it is the physical host at the actual place of virtual machine that described cloud service provides node; This message conversion module is independent of the QEMU modular program in the KVM framework, is the calling interface that the VNC concealed channel outwards provides, and its realization flow may further comprise the steps:
Step 1: at first the parameter of calling the platform interacting message interface setting of VNC concealed channel according to the keeper reads message content and the message channel composing layout information that the keeper sends over;
Step 2: after the message conversion unit receives these configuration informations that step 1 reads, call window configuration information completion unit module, the masterplate model query messages window layout masterplate unit of in window configuration information completion module, setting according to the keeper, the parameter information that the completion keeper does not dispose when calling the VNC concealed channel;
Step 3: generate an interim message window according to the message window configuration information after step 2 completion, described interim message window outward appearance and finally remote terminal user see that in himself VNC client the path message window is identical;
Step 4: then grasp the image information of the message window of step 3 generation, generate corresponding message window bmp sectional drawing picture;
Step 5: the bmp image information that read step 4 generates converts this image information the use RAW image encoded pixel data file of 32 true color to, so that message transmission module afterwards reads;
Step 6: meanwhile receive user feedback unit monitoring information feedback receiver module and transmit the terminal use that returns at the selection result of this path message, this message conversion module to dissection process after the particular content of terminal use's selection result is transmitted toward the original transmitting terminal of cloud management platform message.
3. according to the method for building up of VNC concealed channel between the cloud management platform described in the claim 1 and virtual machine terminal use, it is characterized in that, described message transmission module is to realize that by the frame buffer update information frame of revising in the communication process its realization flow may further comprise the steps:
Step 1: find the code that the service end initial data generates in VNC service end and the client communication process, in the QEMU module in the KVM framework, this part is arranged in vnc_worker_thread_loop function under the qemu-kvm/ui/vnc-jobs.c, adds code and carry out following steps in this function;
Step 2: message image pixel reading unit reads the message image pixel data that message conversion module produces;
Step 3: obtain employed pixel format and coded system in time VNC connection procedure;
Step 4: then the message image converting unit message image pixel data that begins to read in the step 1 further is converted into employed pixel format and coded system in this VNC connection procedure;
Step 5: in conjunction with the data structure of desktop picture lastest imformation frame, pixel data adds normal image update information frame back in the message image rectangular area after message image pixel data adding device transforms step 4, after the VNC client is received this information frame like this, when drawing, himself terminal display can draw out the message window that transmits in the message channel simultaneously.
4. according to the method for building up of VNC concealed channel between the cloud management platform described in the claim 1 and virtual machine terminal use, it is characterized in that described message feedback receiver module realization flow may further comprise the steps:
Step 1: the code that finds service end reception client terminal user feedback data in VNC service end and the client communication process, in the QEMU module in the KVM framework, this part is arranged in the vnc_client_read function under the qemu-kvm/ui/vnc.c, adds code and carry out following steps in this function;
Step 2: judge whether to be in during the demonstration of concealed channel message, then the interactive information frame that time session connection sends over from client is worked as in intercepting in this way, otherwise is indicated as VNC service end and client original communication, and this moment, the message feedback module was not done operation bidirectional;
Step 3: according to the position of mouse action coordinate in the interactive information frame of intercepting and capturing judge this time operate the user at object, described object comprises path message or access system, if mouse action is in the rectangular area at message window place, then show user's mouse action to as if the message channel window;
Step 4: behind the interactive information frame of receiving at path message, the particular content of operating is sent to cloud service the program of the message conversion module on the node is provided, final content is mail to the original transmitting terminal of path message by message conversion module;
Step 5: this interactive information frame is changed to the image update information frame that upgrades rectangular area, current message window place, also namely produce the message region update event, updating message window place screen area is finished once mutual.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310268539.0A CN103312814B (en) | 2013-06-28 | 2013-06-28 | The method for building up of VNC concealed channel between cloud management platform and virtual machine terminal user |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310268539.0A CN103312814B (en) | 2013-06-28 | 2013-06-28 | The method for building up of VNC concealed channel between cloud management platform and virtual machine terminal user |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103312814A true CN103312814A (en) | 2013-09-18 |
| CN103312814B CN103312814B (en) | 2016-03-30 |
Family
ID=49137592
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310268539.0A Active CN103312814B (en) | 2013-06-28 | 2013-06-28 | The method for building up of VNC concealed channel between cloud management platform and virtual machine terminal user |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103312814B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105005716A (en) * | 2015-06-16 | 2015-10-28 | 中国科学院计算技术研究所 | Remote payment system and remote payment method of application program |
| CN107283423A (en) * | 2016-04-11 | 2017-10-24 | 凌华科技股份有限公司 | Intelligent tester device people's system |
| CN107291409A (en) * | 2017-05-10 | 2017-10-24 | 北京西会科技有限公司 | A kind of online desktop sharing method, system |
| CN107589979A (en) * | 2017-09-26 | 2018-01-16 | 新华三云计算技术有限公司 | A kind of terminal screenshot method and device based on virtual desktop |
| CN107888430A (en) * | 2017-12-15 | 2018-04-06 | 新华三云计算技术有限公司 | Virtual Machine Manager operates synchronous method and device |
| CN108628716A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | Information receives guard system, method and device |
| CN109660581A (en) * | 2017-10-11 | 2019-04-19 | 阿里巴巴集团控股有限公司 | Physical machine management method and device, system |
| CN110780880A (en) * | 2019-10-30 | 2020-02-11 | 上海信耀电子有限公司 | Method for implementing embedded remote client |
| CN113438257A (en) * | 2021-08-26 | 2021-09-24 | 网御安全技术(深圳)有限公司 | Time-based hidden channel feature acquisition method, system, equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035849A (en) * | 2010-12-23 | 2011-04-27 | 华为技术有限公司 | Method, equipment and system for realizing resource management in cloud computing |
| JP2013020425A (en) * | 2011-07-11 | 2013-01-31 | Hitachi Solutions Ltd | Hardware and software cooperative verification method using open source software |
| CN102937911A (en) * | 2011-08-16 | 2013-02-20 | 中兴通讯股份有限公司 | Management method and system for virtual machine sources |
-
2013
- 2013-06-28 CN CN201310268539.0A patent/CN103312814B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035849A (en) * | 2010-12-23 | 2011-04-27 | 华为技术有限公司 | Method, equipment and system for realizing resource management in cloud computing |
| JP2013020425A (en) * | 2011-07-11 | 2013-01-31 | Hitachi Solutions Ltd | Hardware and software cooperative verification method using open source software |
| CN102937911A (en) * | 2011-08-16 | 2013-02-20 | 中兴通讯股份有限公司 | Management method and system for virtual machine sources |
Non-Patent Citations (2)
| Title |
|---|
| 徐燕雯: "《中国优秀硕士学位论文全文数据库》", 30 November 2012, article "基于KVM的桌面虚拟化架构设计与实现", pages: 138-146 * |
| 董青: "《中国优秀硕士学位论文全文数据库》", 15 December 2011, article "基于虚拟化的桌面融合技术" * |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105005716B (en) * | 2015-06-16 | 2018-01-09 | 中国科学院计算技术研究所 | A kind of application program remote delivery system and long-range delivery method |
| CN105005716A (en) * | 2015-06-16 | 2015-10-28 | 中国科学院计算技术研究所 | Remote payment system and remote payment method of application program |
| CN107283423A (en) * | 2016-04-11 | 2017-10-24 | 凌华科技股份有限公司 | Intelligent tester device people's system |
| CN108628716A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | Information receives guard system, method and device |
| CN108628716B (en) * | 2017-03-21 | 2020-12-25 | 腾讯科技(深圳)有限公司 | Information receiving and managing system, method and device |
| CN107291409A (en) * | 2017-05-10 | 2017-10-24 | 北京西会科技有限公司 | A kind of online desktop sharing method, system |
| CN107291409B (en) * | 2017-05-10 | 2020-06-19 | 北京西会科技有限公司 | Online desktop sharing method and system |
| CN107589979A (en) * | 2017-09-26 | 2018-01-16 | 新华三云计算技术有限公司 | A kind of terminal screenshot method and device based on virtual desktop |
| CN107589979B (en) * | 2017-09-26 | 2020-12-04 | 新华三云计算技术有限公司 | Terminal screenshot method and device based on virtual desktop |
| CN109660581A (en) * | 2017-10-11 | 2019-04-19 | 阿里巴巴集团控股有限公司 | Physical machine management method and device, system |
| CN107888430A (en) * | 2017-12-15 | 2018-04-06 | 新华三云计算技术有限公司 | Virtual Machine Manager operates synchronous method and device |
| CN107888430B (en) * | 2017-12-15 | 2020-01-14 | 新华三云计算技术有限公司 | Virtual machine management operation synchronization method and device |
| CN110780880A (en) * | 2019-10-30 | 2020-02-11 | 上海信耀电子有限公司 | Method for implementing embedded remote client |
| CN113438257A (en) * | 2021-08-26 | 2021-09-24 | 网御安全技术(深圳)有限公司 | Time-based hidden channel feature acquisition method, system, equipment and storage medium |
| CN113438257B (en) * | 2021-08-26 | 2021-11-12 | 网御安全技术(深圳)有限公司 | Time-based hidden channel feature acquisition method, system, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103312814B (en) | 2016-03-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103312814B (en) | The method for building up of VNC concealed channel between cloud management platform and virtual machine terminal user | |
| CN106527892B (en) | Screen capturing method and system of electronic equipment | |
| JP4434973B2 (en) | Video display device, video composition distribution device, program, system and method | |
| US8549093B2 (en) | Updating a user session in a mach-derived system environment | |
| CN102421028B (en) | Control method for intelligent television (TV), intelligent TV, remote control device and intelligent TV control system | |
| CN105005471A (en) | Method, device, server and system for modifying configuration parameters of BIOS | |
| CN107992301A (en) | User interface implementation method, client and storage medium | |
| CN110704136A (en) | Rendering method of small program assembly, client, electronic device and storage medium | |
| CN111614780A (en) | Cloud rendering system and method | |
| CN102637127B (en) | Method for controlling mouse modules and electronic device | |
| CA2557111A1 (en) | System and method for building mixed mode execution environment for component applications | |
| CN101652742A (en) | Remoting of windows presentation framework based applications in a non-composed desktop | |
| CN100422923C (en) | Device and method for enhancing output display of portable apparatus | |
| TW201027416A (en) | Systems and methods for iconic graphical user interface and embedded device manager | |
| CN108027725B (en) | Method, device and equipment for guiding terminal equipment operation | |
| CN104320406A (en) | Communication system based on mobile terminal and wearable equipment | |
| JP2005228227A (en) | Thin client system and its communication method | |
| CN105338318A (en) | Monitoring system and remote control method thereof | |
| CN102664924A (en) | Method and apparatus for information processing during remote assistance process | |
| CN107256153A (en) | A kind of virtual machine RFB agreements desktop resolution ratio adaptively realizes system and method | |
| CN107643930A (en) | Using operation method and Cloud Server | |
| CN202533929U (en) | Screen capture system based on Android platform intelligent television | |
| CN103036980A (en) | Data transmission equipment and method used for remote service | |
| CN102272719A (en) | System including a server and a terminal provided with graphical interfaces communicating via an image-sharing protocol | |
| CN114417213A (en) | Browser same-screen method, browser and browser plug-in |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200108 Address after: 528437 Zhongshan, Guangdong Torch Development Zone, 6 Xiang Hao Road, South Korea, 11 tower, 1119 cards. Patentee after: Zhongshan Cybertech Technology Co., Ltd. Address before: 430072 Hubei Province, Wuhan city Wuchang District of Wuhan University Luojiashan Patentee before: WuHan University |
|
| TR01 | Transfer of patent right |