CN108289080A - A kind of methods, devices and systems accessing file system - Google Patents

A kind of methods, devices and systems accessing file system Download PDF

Info

Publication number
CN108289080A
CN108289080A CN201710014428.5A CN201710014428A CN108289080A CN 108289080 A CN108289080 A CN 108289080A CN 201710014428 A CN201710014428 A CN 201710014428A CN 108289080 A CN108289080 A CN 108289080A
Authority
CN
China
Prior art keywords
access request
file system
data manipulation
node
user program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710014428.5A
Other languages
Chinese (zh)
Other versions
CN108289080B (en
Inventor
田力
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201710014428.5A priority Critical patent/CN108289080B/en
Publication of CN108289080A publication Critical patent/CN108289080A/en
Application granted granted Critical
Publication of CN108289080B publication Critical patent/CN108289080B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the present application discloses a kind of method accessing file system.This method includes:Under constrained environment, the access request to the file system is generated in response to user program, verifies whether the access request meets the network access authority that the constrained environment provides, the user program operation is under the constrained environment;The network access authority is not met in response to the access request, the access request is sent to the network environment except the constrained environment by refusal;Meet the network access authority in response to the access request, the access request is sent to the file system;It receives the file system and is directed to the response results that the access request returns, and the response results are returned into the user program.In addition, the embodiment of the present application also discloses a kind of device and system accessing file system.

Description

A kind of methods, devices and systems accessing file system
Technical field
This application involves network communication technology field, more particularly to a kind of methods, devices and systems accessing file system.
Background technology
Currently, the appearance of distributed file system so that the realization of big data technology and universal be possibly realized.In distribution In file system, by coordinating the storage resource of more physical machines, mass data can be stored and accessed, to mass data It can realize and be handled and analyzed.Specifically, user program can initiate access request, distributed text to distributed file system Part system then carries out the operations such as the reading and writing of data file according to the access request of user program, so that user program can The access and analysis of data are realized by distributed file system.
Since user program can voluntarily change program code by user, user program may include malice generation Code.In the prior art, in order to ensure that distributed file system can not be threatened by malicious code, distributed file system pair The access rights of user program are limited.Specifically, there is control node and memory node in distributed file system. Wherein, memory node is for the data file in distributed storage file system.For each in distributed file system File, each file is that different user is provided with different access permission in control node.In distributed file system, control When node receives access request of the user program to file, judge whether the access request meets the file for the use The access rights of the corresponding user setting of family program, refuse the access request if not meeting, if meeting the access The storage address of corresponding data is asked to return to the user program, so that the user program is according to the storage address of return Data manipulation is carried out to the data file in memory node.
But since distributed file system allows user program to carry out network access, and user program is to distributed text The access rights of part system are only to be controlled according to the access request of user program by control node, and user program is actually Directly the resources such as disk, network in distributed file system can be operated, therefore, distributed file system is actually It can still be threatened by malicious code in user program, to be easy to cause the private data leakage of user.For example, including evil The user program of meaning code can not send access request to control node, and directly in the case where not limited by access rights Data manipulation is carried out to the data file in memory node, to cause the data of other users maliciously to be revealed or maliciously repair Change.
Invention content
The technical problem to be solved in the embodiments of the present application is that provide it is a kind of access file system method, apparatus and be System, so that avoiding using in the case where ensureing that user program can carry out data access and analysis by distributed file system Family program directly accesses to the resource in distributed file system, to avoid the user data in distributed file system It is maliciously revealed or malicious modification.
In a first aspect, the embodiment of the present application provides a kind of method accessing file system, including:
Under constrained environment, the access request to the file system is generated in response to user program, verifies the access Whether request meets the network access authority that the constrained environment provides, and the user program operation is under the constrained environment;
The network access authority is not met in response to the access request, the access request is sent to described by refusal Network environment except constrained environment;
Meet the network access authority in response to the access request, sending the access to the file system asks It asks;
It receives the file system and is directed to the response results that the access request returns, and the response results are returned to The user program.
Optionally, the constrained environment is subprocess, and the subprocess is created by parent process, and the subprocess passes through described Parent process carries out network access;
The access request is first sent from the subprocess to the parent process, again from the parent process to the file What system was sent;
The response results are first received from the file system by the parent process, again by subprocess from the parent process It receives.
Optionally, described to meet the network access authority in response to the access request, it is sent to the file system The access request, including:
Meet the network access authority in response to the access request, identifies the corresponding data manipulation of the access request Type;
By the corresponding request handler of the type access request is sent to the file system.
Optionally, the file system includes control node and memory node;
The method further includes:
After sending the access request to the file system, receives the control node and be directed to the access request The storage address of return;
According to the storage address data manipulation instruction is initiated to the memory node;
Wherein, the corresponding memory space of the storage address is used to store the access request data to be accessed text Part, the data manipulation instruction execute the corresponding data manipulation of the access request, the sound for triggering the memory node It answers the result is that the memory node is to the implementing result of the data manipulation.
Optionally, the storage address includes the address on multiple memory nodes, the corresponding data behaviour of the access request As read operation;
It is described to initiate data manipulation instruction to the memory node according to the storage address, specially:According to described more Data manipulation instruction is initiated in address on a memory node to the multiple memory node respectively;
The response results are returned respectively by the multiple memory node.
Optionally, the storage address includes the address on multiple memory nodes, the corresponding data behaviour of the access request As write operation or create operation;
It is described to initiate data manipulation instruction to the memory node according to the storage address, including:
A target storage node is chosen in the multiple memory node;
Data manipulation instruction is initiated to the target storage node according to the storage address, is saved so that the target stores Point forwards the data manipulation instruction to other corresponding memory nodes of the storage address;
The response results be the target storage node according to the target storage node to the data manipulation instruction Implementing result and other described memory nodes return to the execution of the target storage node for the data manipulation instruction As a result it returns.
Optionally, the type of the corresponding data manipulation of the access request be opening operation, create operation, read operation, Write operation or delete operation.
Second aspect, the embodiment of the present application provide a kind of device accessing file system, including:
Authentication unit, under constrained environment, the access request to the file system to be generated in response to user program, Verify whether the access request meets the network access authority that the constrained environment provides, the user program operation is described Under constrained environment;
Refuse unit, for not meeting the network access authority in response to the access request, refuses the access Request is sent to the network environment except the constrained environment;
First transmission unit, for meeting the network access authority in response to the access request, to the file system System sends the access request;
First receiving unit is directed to the response results that the access request returns for receiving the file system, and will The response results return to the user program.
Optionally, the constrained environment is subprocess, and the subprocess is created by parent process, and the subprocess passes through described Parent process carries out network access;
The access request is first sent from the subprocess to the parent process, again from the parent process to the file What system was sent;
The response results are first received from the file system by the parent process, again by subprocess from the parent process It receives.
Optionally, first transmission unit, is specifically used for:
Meet the network access authority in response to the access request, identifies the corresponding data manipulation of the access request Type;
By the corresponding request handler of the type access request is sent to the file system.
Optionally, the file system includes control node and memory node;
Described device further includes:
Second receiving unit receives the control node needle after sending the access request to the file system The storage address that the access request is returned;
Second transmission unit, for initiating data manipulation instruction to the memory node according to the storage address;
Wherein, the corresponding memory space of the storage address is used to store the access request data to be accessed text Part, the data manipulation instruction execute the corresponding data manipulation of the access request, the sound for triggering the memory node It answers the result is that the memory node is to the implementing result of the data manipulation.
Optionally, the storage address includes the address on multiple memory nodes;The corresponding data behaviour of the access request As read operation;
Second transmission unit, is specifically used for:According to the address on the multiple memory node, respectively to the multiple Memory node initiates data manipulation instruction;
The response results are returned respectively by the multiple memory node.
Optionally, the storage address includes the address on multiple memory nodes;The corresponding data behaviour of the access request As write operation or create operation;
Second transmission unit, is specifically used for:
A target storage node is chosen in the multiple memory node;
Data manipulation instruction is initiated to the target storage node according to the storage address, is saved so that the target stores Point forwards the data manipulation instruction to other corresponding memory nodes of the storage address;
The response results be the target storage node according to the target storage node to the data manipulation instruction Implementing result and other described memory nodes return to the execution of the target storage node for the data manipulation instruction As a result it returns.
Optionally, the type of the corresponding data manipulation of the access request is opening operation, creates operation, read operation, writes Operation or delete operation.
The third aspect, the embodiment of the present application provide a kind of system accessing file system, including user program operation system System and file system;The user program operation system configuration has the device described in any one embodiment of second aspect.
Compared with prior art, the application has the following advantages:
According to the technical solution of the embodiment of the present application, user program is arranged and is run in user program operation system Constrained environment can verify the access request when user program will initiate access request to file system by constrained environment The network access authority whether constrained environment offer is provided, if not meeting refusal by the access request to except constrained environment Network environment is sent, by the access request to the file system except constrained environment if meeting, so that user program can It obtains file system and is directed to the response results that the access request returns, to which user program can pass through distributed file system Carry out data access and analysis.It can be seen that meeting since user program can only be sent to the network environment except constrained environment The access request for the network access authority that constrained environment provides, user program can not be directly to the magnetic in distributed file system The resources such as disk, network are operated, and therefore, distributed file system can be no longer influenced by the prestige of malicious code in user program The side of body, to which user data is maliciously revealed or is avoided by malicious modification.
Description of the drawings
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments described in application, for those of ordinary skill in the art, without creative efforts, Other drawings may also be obtained based on these drawings.
Fig. 1 is the network system block schematic illustration involved by an application scenarios in the embodiment of the present application;
Fig. 2 is a kind of flow diagram for the method accessing file system in the embodiment of the present application;
Fig. 3 realizes the example schematic diagram of the constrained environment for a kind of father and son's process in the embodiment of the present application;
Fig. 4 carries out data write operation to memory node for a kind of user program operation system in the embodiment of the present application and shows It illustrates and is intended to;
Fig. 5 is a kind of structural schematic diagram for the device accessing file system in the embodiment of the present application;
Fig. 6 is a kind of structural schematic diagram for the device accessing file system in the embodiment of the present application.
Specific implementation mode
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application Attached drawing, technical solutions in the embodiments of the present application are clearly and completely described, it is clear that described embodiment is only this Apply for a part of the embodiment, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art exist The every other embodiment obtained under the premise of creative work is not made, shall fall in the protection scope of this application.
The application can be used in numerous general or special purpose computing system environments or configuration.Such as:Personal computer, service Device computer, handheld device or portable device, laptop device, multicomputer system, microprocessor-based system, top set Box, programmable consumer-elcetronics devices, network PC, minicomputer, mainframe computer including any of the above system or equipment Distributed computing environment etc..
The application can describe in the general context of computer-executable instructions executed by a computer, such as program Module.Usually, program module includes routines performing specific tasks or implementing specific abstract data types, program, object, group Part, data structure etc..The application can also be put into practice in distribution counts environment, in these distributed computing environments, by leading to Cross communication network and connected remote processing devices execute task.In a distributed computing environment, program module can position In the local and remote computer storage media including storage device.
Present inventor passes through the study found that in the prior art, distributed file system can be by user program The threat of malicious code, therefore, the user data of distributed file system is easy to be leaked or malicious modification.And the prior art it So there are such technical problem, the reason is that, user program is by distribution to the access rights of distributed file system Control node in file system is controlled, and user program directly can initiate network to distributed file system and access, Therefore, user program can essentially directly operate the resources such as disk, network in distributed file system, this just makes Distributed file system can directly be operated without Authority Verification by obtaining the user program comprising malicious code.For example, including evil The user program of meaning code can not send access request to control node and directly be carried out to the data file in memory node Data manipulation, in this case the user program of malicious code the visit of control node can be got around to the data manipulation of memory node Authority Verification is asked, to cause the data of other users maliciously to be revealed or malicious modification.
To solve the above-mentioned problems, in the embodiment of the present application, user program is arranged in user program operation system And constrained environment is run on, when user program will initiate access request to file system, the access request is needed by being limited ring The network access authority verification in border can just be sent to the network environment except constrained environment.Since user program can only be to limited ring Network environment except border sends the access request verified by the network access authority of constrained environment, therefore, user program without Method gets around access authority verification and is directly operated to resources such as disk, networks in distributed file system, therefore, distribution Formula file system can be no longer influenced by the threat of malicious code in user program, maliciously be revealed so as to avoid user data Or by malicious modification.
For example, the embodiment of the present application for example can be applied in network system as shown in Figure 1.In the network system In, user program operation system 101 runs on user program 102 in a constrained environment 103.Under constrained environment 103, ring The access request to the file system 104 should be generated in user program 101, user program operation system 101 verifies the visit Ask whether request meets the network access authority of the offer of constrained environment 103, the user program operation is under the constrained environment. The network access authority is not met in response to the access request, the refusal of user program operation system 101 asks the access Seek the network environment being sent to except the constrained environment 103.Meet the network access authority in response to the access request, User program operation system 101 sends the access request to the file system 104.Then, user program operation system 101 It receives the file system 104 and is directed to the response results that the access request returns, and the response results are returned to described User program 101.
Below in conjunction with the accompanying drawings, the various non-limiting embodiments of the application are described in detail.
Illustrative methods
Referring to Fig. 2, a kind of flow diagram for the method accessing file system in the embodiment of the present application is shown.In this reality It applies in example, the method for example can be applied to user program operation system, i.e., the method is by the user program operation system System executes.The method for example can specifically include following steps:
Step 201, under constrained environment, generated to the access request of the file system, verification in response to user program Whether the access request meets the network access authority of constrained environment offer, and the user program operation is in the constrained environment Under.
In user program operation system, user program is arranged and operates in constrained environment, and constrained environment is user's journey Sequence accesses the network environment except constrained environment and is provided with network access authority.When user program needs to access except constrained environment Network environment when, for the access request that user program generates, user program operation system judges whether the access request accords with The network access authority set by constrained environment is closed, except determining permission user program to constrained environment by judging result Network environment initiate access.As it can be seen that in the present embodiment, user program is to be visited by user program operation system to verify network Ask permission, therefore, user program cannot directly access network, and must by the Authority Verification of user program operation system it After could to network initiate access.
Specifically, constrained environment can be that limited network is arranged in user program according to the network access authority of user program Access interface, user program are only capable of accessing the network rings except constrained environment by the network access interface that constrained environment provides Border.Wherein, each network access interface is used to provide the network access operation that a kind of user program has access rights, such as network Access operation, disk I/O operation etc..For example, pipe file system (PipeFileSystem) can be provided in constrained environment Program, step 201 can be specifically that pipe file system program executes, if that is, user program is generated to the file system The access request of system, pipe file system program verify the network the access right whether access request meets constrained environment offer Limit.
Step 202 does not meet the network access authority in response to the access request, and refusal sends out the access request The network environment being sent to except the constrained environment.
It is understood that if the access request of user program triggering does not meet the network access right of constrained environment offer Limit, then user program is without the permission for initiating the access request to the network environment except constrained environment, user program operation System can be refused for the access request to be sent to the network environment except constrained environment.
Step 203 meets the network access authority in response to the access request, described in file system transmission Access request.
If it is understood that user program triggering access request meet constrained environment offer network access authority, Then user program has the permission that the access request is initiated to the network environment except constrained environment, and user program operation system can To allow the access request to be sent to the network environment except constrained environment, that is, user program operation system can be by the visit Ask that request is sent to file system.
In the present embodiment, the access request of user program triggering can for example correspond to a variety of different types of data Operation.Specifically, the type of the corresponding data manipulation of the access request can be for example opening operation, create operation, read behaviour Work, write operation or delete operation.Wherein, opening operation, i.e. Open operate, and are used to indicate file system and open access connection;Wound Operation is built, i.e. Create operations are used to indicate file system and create data file;Read operation, i.e. Read operate, and are used to indicate File system reads stored data and returns;Write operation, i.e. Write operate, and are used to indicate file system write-in data; Delete operation, i.e. Delete operate, and are used to indicate file system and delete the data stored.
Can be different data manipulations in user program operation system in some embodiments of the present embodiment The different request handler of type configuration handles the data by the corresponding request handler of the type of data manipulation and grasps Make corresponding access request.Specifically, step 203 can for example specifically include:Meet the net in response to the access request Network access rights identify the type of the corresponding data manipulation of the access request;Journey is handled by the corresponding request of the type Sequence sends the access request to the file system.
Step 204 receives the response results that the file system is directed to access request return, and the response is tied Fruit returns to the user program.
When specific implementation, when file system receives the access request, the access request can be responded and execute institute The corresponding data manipulation of access request is stated, and result returns to user program operation system in response by implementing result, so as to The response results are returned to user program by user program operation system.In this way, user program can by file system into The access and analysis of row data.
In some embodiments of the present embodiment, father and son's process communication technology can be used to transport in the user program It is realized user program operation in constrained environment in row system.Wherein, the constrained environment for example can be a subprocess, institute It can be created by parent process to state subprocess, and the subprocess can carry out network access by the parent process;The visit Ask that request can first be sent from the subprocess to the parent process, sent out again from the parent process to the file system It send;The response results can first be received from the file system by the parent process, again by subprocess from described What parent process received.
Specifically, Fig. 3 shows that a kind of father and son's process realizes the example of the constrained environment.In this example, parent process It can be by being based on channel (English between subprocess:Channel remote procedure call protocol (English):Remote Procedure Call Protocol, abbreviation RPC) it is interactive, the RPC based on Channel is also referred to as CRpc.Wherein, it is for RPC points AsyncCall and SyncCall is respectively used to realize asynchronous call and synchronization call between father and son's process.It is transported in subprocess Row has user program, pipe file system program (i.e. " PipeFileSystem " in Fig. 3) and CRpc client-side program (to scheme " CRpcClient " in 3).Operation has CRpc serve end programs (i.e. " CRpcServer " in Fig. 3) and asks in parent process Seek processing routine (i.e. " Request Handler " in Fig. 3).
In step 1:In subprocess, the access request of user program generation is sent to PipeFileSystem and carries out net Network access authority verification.
In step 2:In subprocess, if the access request meets the network access authority of subprocess offer, PipeFileSystem is packaged the access request and by the access request (i.e. " FsRequest " in Fig. 3) after encapsulation It is sent to CRpcClient;By the interaction between CRpcServer in CRpcClient in subprocess and parent process, FsRequest is sent to parent process from subprocess;In parent process, by identifying the corresponding data manipulations of FsRequest Type, CRpcServer send FsRequest to the corresponding Request Handler of the type.
In step 3:Request Handler parse FsRequest, and the access for obtaining user program generation is asked It asks, which is sent to distributed file system by the access interface (i.e. " panguAPI " in Fig. 3) of distributed file system Ask request.
In step 4:When distributed file system is directed to the access request to user program operation system returning response knot When fruit, in parent process, Request Handler receive the response results by PanguAPI.
In steps of 5:Request Handler the response results are packaged and by the response results after encapsulation (i.e. " FsRosponse " in Fig. 3) it is sent to CRpcServer;By in CRpcClient in subprocess and parent process Interaction between CRpcServer, FsRosponse are sent to subprocess from parent process;In subprocess, CRpcClient will FsRosponse is sent to PipeFileSystem.
In step 6:PipeFileSystem parses the response of distributed file system return from FsRosponse As a result and it is sent to user program.
It is understood that access authority verification of the Pipe file system program to access request, specific implementation can To be, Pipe file system programs provide the access interface for corresponding to the network access authority that subprocess provides and pass through access Whether the access request of Interface Controller user program can encapsulate and be sent to CRpc client-side program.When an access request is sent out When being sent to Pipe file system programs, Pipe file system judges whether the access request meets the access interface of itself offer, The access request is packaged if meeting and is sent to CRpc client-side program, is asked if not meeting and can abandon the access It asks.
It is understood that in father and son's process communication technology, the network access authority of subprocess is severely limited, son The interaction of process and extraneous network environment is required for the processing by parent process, allows for operating in the user in subprocess in this way Program uses file system under Network Isolation environment.In addition, parent process can also control the life cycle of subprocess.Specifically Ground, parent process can be created, monitored and be destroyed to one or more subprocess, and the safety of each subprocess can also be controlled Relevant white list, such as the white list of network, system call white list, namespace white list.
It is understood that the file system referred in the present embodiment for example can be distributed file system.It is being distributed Formula file system includes control node and memory node.When user program operation system accesses distributed file system, use Family program operating system sends access request to control node, and control node asks institute to user program operation system backward reference The storage address for the data file to be accessed, then, user program operation system according still further to the storage address to memory node into The corresponding data manipulation of row.Specifically, in some embodiments, the present embodiment for example can also include:To the file After system sends the access request, receives the control node and be directed to the storage address that the access request returns;According to The storage address initiates data manipulation instruction to the memory node;Wherein, the corresponding memory space of the storage address is used In storing the access request data file to be accessed, the data manipulation instruction is executed for triggering the memory node The corresponding data manipulation of the access request, the response results are execution knot of the memory node to the data manipulation Fruit.
It should be noted that when control node returns to the address on multiple memory nodes for access request, if accessing Ask the type of corresponding data manipulation different, user program operation system initiates the mode of data manipulation instruction to memory node It can be different.
For example, in some embodiments of the present embodiment, if the corresponding data manipulation of the access request is to read to grasp Make, then user program operation system can initiate data read command, each memory node difference to each memory node respectively The corresponding data respectively preserved is returned into user program operation system result in response.Specifically, data manipulation is initiated to refer to The mode of order for example can be, according to the address on the multiple memory node, initiate number to the multiple memory node respectively According to operational order;The response results are returned respectively by the multiple memory node.
For another example, in other embodiments of the present embodiment, if the corresponding data manipulation of the access request is write-in Operation creates operation, then user program operation system can select one as target from this multiple memory node and store section Point, only initiates data manipulation instruction to the target storage node, which is executing the same of the data manipulation instruction When the data manipulation instruction is also transmitted to other memory nodes, then, which collects each memory node pair The response results of the data manipulation instruction return to user program operation system together.Specifically, data manipulation instruction is initiated Mode for example may include:A target storage node is chosen in the multiple memory node;According to the storage address to The target storage node initiates data manipulation instruction, so as to the target storage node to the storage address it is corresponding other Memory node forwards the data manipulation instruction;The response results are that the target storage node stores section according to the target Point returns to institute to the implementing result of the data manipulation instruction and other described memory nodes for the data manipulation instruction It states the implementing result of target storage node and returns.
For example, it is assumed that be held according to the storage address user program operation system that control node returns Capable data manipulation is memory node A, memory node B and memory node C to be write data into, then user program operation system can With to memory node A transmission data operational orders, memory node A forwards the data to memory node B while data are written, Memory node B forwards the data to memory node C while data are written, and memory node B and C are written successfully in data respectively Backward memory node A return successful response results be written, memory node A is written successfully and has received in data and deposits It stores up the successful response results of write-in that node B and C are returned and can return to be written to user program operation system later and successfully ring Answer result.
It is understood that a variety of different distributed file systems can be used to implement the file system that the present embodiment refers to System.For example, the file system that the present embodiment refers to can be Pangu file system, control node can be Pangu file system In Master, memory node can be the ChunkServer in Pangu file system.For another example, the file that the present embodiment refers to System can be HDFS file system, and control node can be the Namenode in HDFS file system, and memory node can be Datanode in HDFS file system.
In addition, in the present embodiment, user program operation system and file system may belong to same be used for as user The network system of network service is provided, i.e. user program operation system and file system is all located at network side, such as the cloud of network side End.
It is understood that user program operation system for example can also be real on the memory node of distributed file system It is existing.That is, user program and its subprocess, parent process can be realized with memory node on same physical equipment.
The method of various embodiments in through this embodiment, in user program operation system simultaneously by user program setting Constrained environment is run on, the access request needs to pass through constrained environment when user program will initiate access request to file system Network access authority verification can just be sent to network environment except constrained environment.Since user program can only be to constrained environment Except network environment send the access request verified by the network access authority of constrained environment, therefore, user program can not It gets around access authority verification and directly the resources such as disk, network in distributed file system is operated, it is therefore, distributed File system can be no longer influenced by the threat of malicious code in user program, maliciously revealed so as to avoid user data or By malicious modification.
Example devices
Referring to Fig. 5, a kind of structural schematic diagram for the device accessing file system in the embodiment of the present application is shown.In this reality It applies in example, described device can be configured at user program operation system.Described device for example may include:
Authentication unit 501, under constrained environment, being asked to the access of the file system in response to user program generation It asks, verifies the network access authority whether access request meets constrained environment offer, the user program operation is described Under constrained environment;
Refuse unit 502, for not meeting the network access authority in response to the access request, refuses the visit Ask the network environment that request is sent to except the constrained environment;
First transmission unit 503, for meeting the network access authority in response to the access request, to the file System sends the access request;
First receiving unit 504 is directed to the response results that the access request returns for receiving the file system, and The response results are returned into the user program.
Optionally, the constrained environment is subprocess, and the subprocess is created by parent process, and the subprocess passes through described Parent process carries out network access;
The access request is first sent from the subprocess to the parent process, again from the parent process to the file What system was sent;
The response results are first received from the file system by the parent process, again by subprocess from the parent process It receives.
Optionally, first transmission unit 503, is specifically used for:
Meet the network access authority in response to the access request, identifies the corresponding data manipulation of the access request Type;
By the corresponding request handler of the type access request is sent to the file system.
Optionally, the file system includes control node and memory node;
Described device further includes:
Second receiving unit receives the control node needle after sending the access request to the file system The storage address that the access request is returned;
Second transmission unit, for initiating data manipulation instruction to the memory node according to the storage address;
Wherein, the corresponding memory space of the storage address is used to store the access request data to be accessed text Part, the data manipulation instruction execute the corresponding data manipulation of the access request, the sound for triggering the memory node It answers the result is that the memory node is to the implementing result of the data manipulation.
Optionally, the storage address includes the address on multiple memory nodes;The corresponding data behaviour of the access request As read operation;
Second transmission unit, is specifically used for:According to the address on the multiple memory node, respectively to the multiple Memory node initiates data manipulation instruction;
The response results are returned respectively by the multiple memory node.
Optionally, the storage address includes the address on multiple memory nodes;The corresponding data behaviour of the access request As write operation or create operation;
Second transmission unit, is specifically used for:
A target storage node is chosen in the multiple memory node;
Data manipulation instruction is initiated to the target storage node according to the storage address, is saved so that the target stores Point forwards the data manipulation instruction to other corresponding memory nodes of the storage address;
The response results be the target storage node according to the target storage node to the data manipulation instruction Implementing result and other described memory nodes return to the execution of the target storage node for the data manipulation instruction As a result it returns.
Optionally, the type of the corresponding data manipulation of the access request be opening operation, create operation, read operation, Write operation or delete operation.
The device of various embodiments in through this embodiment, in user program operation system simultaneously by user program setting Constrained environment is run on, the access request needs to pass through constrained environment when user program will initiate access request to file system Network access authority verification can just be sent to network environment except constrained environment.Since user program can only be to constrained environment Except network environment send the access request verified by the network access authority of constrained environment, therefore, user program can not It gets around access authority verification and directly the resources such as disk, network in distributed file system is operated, it is therefore, distributed File system can be no longer influenced by the threat of malicious code in user program, maliciously revealed so as to avoid user data or By malicious modification.
Referring to Fig. 6, a kind of structural schematic diagram for the system accessing file system in the embodiment of the present application is shown.In this reality It applies in example, the system for example may include user program operation system 601 and file system 602;The user program operation System 601 is configured with the device described in any one embodiment in embodiment shown in fig. 5.
The system of various embodiments in through this embodiment, in user program operation system simultaneously by user program setting Constrained environment is run on, the access request needs to pass through constrained environment when user program will initiate access request to file system Network access authority verification can just be sent to network environment except constrained environment.Since user program can only be to constrained environment Except network environment send the access request verified by the network access authority of constrained environment, therefore, user program can not It gets around access authority verification and directly the resources such as disk, network in distributed file system is operated, it is therefore, distributed File system can be no longer influenced by the threat of malicious code in user program, maliciously revealed so as to avoid user data or By malicious modification.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.The terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that the process, method, article or equipment including a series of elements includes not only those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or equipment institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including institute State in the process, method, article or equipment of element that there is also other identical elements.
For device embodiments, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.Apparatus embodiments described above are merely indicative, wherein described be used as separating component The unit of explanation may or may not be physically separated, and the component shown as unit can be or can also It is not physical unit, you can be located at a place, or may be distributed over multiple network units.It can be according to actual It needs that some or all of module therein is selected to achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not In the case of making the creative labor, you can to understand and implement.
The above is only the specific implementation mode of the application, it is noted that for the ordinary skill people of the art For member, under the premise of not departing from the application principle, several improvements and modifications can also be made, these improvements and modifications are also answered It is considered as the protection domain of the application.

Claims (15)

1. a kind of method accessing file system, which is characterized in that including:
Under constrained environment, the access request to the file system is generated in response to user program, verifies the access request Whether network access authority that the constrained environment provide is met, and the user program operation is under the constrained environment;
The network access authority is not met in response to the access request, the access request is sent to described limited by refusal Network environment except environment;
Meet the network access authority in response to the access request, the access request is sent to the file system;
It receives the file system and is directed to the response results that the access request returns, and the response results are returned to described User program.
2. according to the method described in claim 1, it is characterized in that, the constrained environment is subprocess, the subprocess is by father Process creation, the subprocess carry out network access by the parent process;
The access request is first sent from the subprocess to the parent process, again from the parent process to the file system It sends;
The response results are first to be received from the file system by the parent process, received again from the parent process by subprocess 's.
3. according to the method described in claim 1, it is characterized in that, described meet the network visit in response to the access request It asks permission, the access request is sent to the file system, including:
Meet the network access authority in response to the access request, identifies the class of the corresponding data manipulation of the access request Type;
By the corresponding request handler of the type access request is sent to the file system.
4. according to the method described in claim 1, it is characterized in that, the file system includes control node and memory node;
The method further includes:
After sending the access request to the file system, receives the control node and returned for the access request Storage address;
According to the storage address data manipulation instruction is initiated to the memory node;
Wherein, the corresponding memory space of the storage address is for storing the access request data file to be accessed, institute It states data manipulation instruction and executes the corresponding data manipulation of the access request, the response results for triggering the memory node It is implementing result of the memory node to the data manipulation.
5. according to the method described in claim 4, it is characterized in that, the storage address includes the ground on multiple memory nodes Location, the corresponding data manipulation of the access request are read operation;
It is described to initiate data manipulation instruction to the memory node according to the storage address, specially:It is deposited according to the multiple The address on node is stored up, initiates data manipulation instruction to the multiple memory node respectively;
The response results are returned respectively by the multiple memory node.
6. according to the method described in claim 4, it is characterized in that, the storage address includes the ground on multiple memory nodes Location, the corresponding data manipulation of the access request are write operation or create operation;
It is described to initiate data manipulation instruction to the memory node according to the storage address, including:
A target storage node is chosen in the multiple memory node;
According to the storage address to the target storage node initiate data manipulation instruction, so as to the target storage node to Other corresponding memory nodes of the storage address forward the data manipulation instruction;
The response results are that the target storage node holds the data manipulation instruction according to the target storage node Row result and other described memory nodes return to the implementing result of the target storage node for the data manipulation instruction And return.
7. according to the method described in claim 1~6 any one, which is characterized in that the corresponding data behaviour of the access request The type of work is opening operation, creates operation, read operation, write operation or delete operation.
8. a kind of device accessing file system, which is characterized in that including:
Authentication unit, under constrained environment, the access request to the file system, verification to be generated in response to user program Whether the access request meets the network access authority that the constrained environment provides, and the user program operation is described limited Under environment;
Refuse unit, for not meeting the network access authority in response to the access request, refuses the access request The network environment being sent to except the constrained environment;
First transmission unit is sent out for meeting the network access authority in response to the access request to the file system Send the access request;
First receiving unit is directed to the response results that the access request returns for receiving the file system, and will be described Response results return to the user program.
9. device according to claim 8, which is characterized in that the constrained environment is subprocess, and the subprocess is by father Process creation, the subprocess carry out network access by the parent process;
The access request is first sent from the subprocess to the parent process, again from the parent process to the file system It sends;
The response results are first to be received from the file system by the parent process, received again from the parent process by subprocess 's.
10. device according to claim 8, which is characterized in that first transmission unit is specifically used for:
Meet the network access authority in response to the access request, identifies the class of the corresponding data manipulation of the access request Type;
By the corresponding request handler of the type access request is sent to the file system.
11. device according to claim 8, which is characterized in that the file system includes control node and memory node;
Described device further includes:
Second receiving unit receives the control node and is directed to institute after sending the access request to the file system State the storage address of access request return;
Second transmission unit, for initiating data manipulation instruction to the memory node according to the storage address;
Wherein, the corresponding memory space of the storage address is for storing the access request data file to be accessed, institute It states data manipulation instruction and executes the corresponding data manipulation of the access request, the response results for triggering the memory node It is implementing result of the memory node to the data manipulation.
12. according to the devices described in claim 11, which is characterized in that the storage address includes the ground on multiple memory nodes Location;The corresponding data manipulation of the access request is read operation;
Second transmission unit, is specifically used for:According to the address on the multiple memory node, respectively to the multiple storage Node initiates data manipulation instruction;
The response results are returned respectively by the multiple memory node.
13. according to the devices described in claim 11, which is characterized in that the storage address includes the ground on multiple memory nodes Location;The corresponding data manipulation of the access request is write operation or creates operation;
Second transmission unit, is specifically used for:
A target storage node is chosen in the multiple memory node;
According to the storage address to the target storage node initiate data manipulation instruction, so as to the target storage node to Other corresponding memory nodes of the storage address forward the data manipulation instruction;
The response results are that the target storage node holds the data manipulation instruction according to the target storage node Row result and other described memory nodes return to the implementing result of the target storage node for the data manipulation instruction And return.
14. according to the device described in claim 8~13 any one, which is characterized in that the corresponding data of the access request The type of operation is opening operation, creates operation, read operation, write operation or delete operation.
15. a kind of system accessing file system, which is characterized in that including user program operation system and file system;It is described The device that user program operation system configuration is had the right described in 8~14 any one of requirement.
CN201710014428.5A 2017-01-09 2017-01-09 Method, device and system for accessing file system Active CN108289080B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710014428.5A CN108289080B (en) 2017-01-09 2017-01-09 Method, device and system for accessing file system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710014428.5A CN108289080B (en) 2017-01-09 2017-01-09 Method, device and system for accessing file system

Publications (2)

Publication Number Publication Date
CN108289080A true CN108289080A (en) 2018-07-17
CN108289080B CN108289080B (en) 2021-02-05

Family

ID=62819354

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710014428.5A Active CN108289080B (en) 2017-01-09 2017-01-09 Method, device and system for accessing file system

Country Status (1)

Country Link
CN (1) CN108289080B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109257235A (en) * 2018-11-12 2019-01-22 深信服科技股份有限公司 Network Abnormal restoration methods, device, equipment and computer readable storage medium
CN109656884A (en) * 2018-12-14 2019-04-19 郑州云海信息技术有限公司 A kind of method and device accessing file
CN114489486A (en) * 2021-12-28 2022-05-13 无锡宇宁智能科技有限公司 Industry data long storage method, equipment and storage medium
CN115964353A (en) * 2023-03-10 2023-04-14 阿里巴巴(中国)有限公司 Distributed file system and access metering method thereof

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102136003A (en) * 2011-03-25 2011-07-27 上海交通大学 Large-scale distributed storage system
US20130007891A1 (en) * 2011-06-29 2013-01-03 Canon Kabushiki Kaisha Server system, control method, and storage medium for securely executing access to data of a tenant
CN103778389A (en) * 2012-10-18 2014-05-07 美国博通公司 Integration of untrusted framework component with secure operating system environment
CN104268484A (en) * 2014-09-24 2015-01-07 科云(上海)信息技术有限公司 Cloud environment data leakage prevention method based on virtual isolation mechanism
CN105138904A (en) * 2015-08-25 2015-12-09 华为技术有限公司 Access control method and device
CN105518693A (en) * 2014-12-29 2016-04-20 华为技术有限公司 Safety protection method and device
AU2016256794A1 (en) * 2012-09-20 2016-12-01 Airwatch Llc Controlling distribution of resources on a network

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102136003A (en) * 2011-03-25 2011-07-27 上海交通大学 Large-scale distributed storage system
US20130007891A1 (en) * 2011-06-29 2013-01-03 Canon Kabushiki Kaisha Server system, control method, and storage medium for securely executing access to data of a tenant
AU2016256794A1 (en) * 2012-09-20 2016-12-01 Airwatch Llc Controlling distribution of resources on a network
CN103778389A (en) * 2012-10-18 2014-05-07 美国博通公司 Integration of untrusted framework component with secure operating system environment
CN104268484A (en) * 2014-09-24 2015-01-07 科云(上海)信息技术有限公司 Cloud environment data leakage prevention method based on virtual isolation mechanism
CN105518693A (en) * 2014-12-29 2016-04-20 华为技术有限公司 Safety protection method and device
CN105138904A (en) * 2015-08-25 2015-12-09 华为技术有限公司 Access control method and device

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109257235A (en) * 2018-11-12 2019-01-22 深信服科技股份有限公司 Network Abnormal restoration methods, device, equipment and computer readable storage medium
CN109257235B (en) * 2018-11-12 2022-03-22 深信服科技股份有限公司 Network anomaly recovery method, device, equipment and computer readable storage medium
CN109656884A (en) * 2018-12-14 2019-04-19 郑州云海信息技术有限公司 A kind of method and device accessing file
CN114489486A (en) * 2021-12-28 2022-05-13 无锡宇宁智能科技有限公司 Industry data long storage method, equipment and storage medium
CN114489486B (en) * 2021-12-28 2023-07-14 无锡宇宁智能科技有限公司 Industry data long storage method, equipment and storage medium
CN115964353A (en) * 2023-03-10 2023-04-14 阿里巴巴(中国)有限公司 Distributed file system and access metering method thereof
CN115964353B (en) * 2023-03-10 2023-08-22 阿里巴巴(中国)有限公司 Distributed file system and access metering method thereof

Also Published As

Publication number Publication date
CN108289080B (en) 2021-02-05

Similar Documents

Publication Publication Date Title
Tian et al. A real-time correlation of host-level events in cyber range service for smart campus
Scott-Hayward et al. Operationcheckpoint: Sdn application control
CN107426152B (en) Multitask security isolation system and method under cloud platform actual situation Interconnection Environment
CN108289080A (en) A kind of methods, devices and systems accessing file system
CN105303112B (en) The detection method and device of component call loophole
CN105760787B (en) System and method for the malicious code in detection of random access memory
Berrouyne et al. CyprIoT: framework for modelling and controlling network-based IoT applications
CN104937897B (en) The system and method analyzed for the redundant safety eliminated to network packet
JP2018521405A (en) Access method and apparatus
CN109587151A (en) Access control method, device, equipment and computer readable storage medium
CN106873958A (en) The call method and device of a kind of API
Picco et al. Understanding code mobility
CN114328217A (en) Application testing method, device, equipment, medium and computer program product
Pecka et al. Privilege escalation attack scenarios on the devops pipeline within a kubernetes environment
CN112398857B (en) Firewall testing method, device, computer equipment and storage medium
CN100561516C (en) Network gridding service system of national geolopy spatial data
KR101458930B1 (en) Apparatus and method for smart terminal fuzzing using multi node
CN105868622A (en) Method and device for controlling startup of application
Johnson et al. Exposing software security and availability risks for commercial mobile devices
CN105610639A (en) Total log grabbing method and device
CN105871928B (en) A kind of method of controlling security and system of distributed network
Yu et al. Towards Automated Detection of Higher-Order Memory Corruption Vulnerabilities in Embedded Devices
CN115604103A (en) Configuration method and device of cloud computing system, storage medium and electronic equipment
CN106130969B (en) A kind of method of controlling security and system of system for cloud computing
CN114996955A (en) Target range environment construction method and device for cloud-originated chaotic engineering experiment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant