WO2013161056A1 - Programme, procédé et dispositif de mise en œuvre de processus - Google Patents

Programme, procédé et dispositif de mise en œuvre de processus Download PDF

Info

Publication number
WO2013161056A1
WO2013161056A1 PCT/JP2012/061371 JP2012061371W WO2013161056A1 WO 2013161056 A1 WO2013161056 A1 WO 2013161056A1 JP 2012061371 W JP2012061371 W JP 2012061371W WO 2013161056 A1 WO2013161056 A1 WO 2013161056A1
Authority
WO
WIPO (PCT)
Prior art keywords
restriction
execution
event
group
identifier
Prior art date
Application number
PCT/JP2012/061371
Other languages
English (en)
Japanese (ja)
Inventor
有時 ▲高▼田
雅昭 小川
Original Assignee
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社日立製作所 filed Critical 株式会社日立製作所
Priority to PCT/JP2012/061371 priority Critical patent/WO2013161056A1/fr
Publication of WO2013161056A1 publication Critical patent/WO2013161056A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system

Definitions

  • the present invention relates to a process processing apparatus, and more particularly to a computer that executes software including an operating system (OS) and application process groups, and a control method thereof.
  • OS operating system
  • the software that runs on the computer implements an operating system (OS) that realizes functions that are commonly required regardless of the purpose of the computer, and functions for each application.
  • OS operating system
  • a method of configuring from a user program is common.
  • the contents of the processing are often limited because the user program can include processing that is disadvantageous to other user processes and computer systems regardless of the creator's actions or omissions. For example, a program bug or a virus-resistant program.
  • Non-patent Document 1 As an example of restriction on the user process, there is a method of adding restriction to the API called in the process (Patent Document 1).
  • the API is inspected when the API is called, and the execution of processing corresponding to the API is permitted or rejected according to the inspection result, or An API inspection device for inquiring the user is provided.
  • restrictions are imposed based on the static nature of the user process, such as the name of the process and the name of the user who instructed execution.
  • a user process that receives data via a network can be a target of a malicious attack via the network, it is desirable to be able to restrict the use of computer resources resulting from the process, that is, memory allocation, computing power consumption, and device access. .
  • Patent Document 1 rejects or permits an API call for an API call in a user process based on a preset policy or an inquiry to the user when the call occurs. I can only do that. Therefore, it is impossible to permit a certain API call with a condition such as a computer resource use restriction.
  • the method of determining the content of restriction based on the static nature of the user process shown in Non-Patent Document 1 is that each user can execute a special user such as an administrator for all user processes that can be executed on the computer. It is necessary to determine and set the restriction contents in consideration of the contents of the process. At this time, for example, when the user process includes a process that is not assumed by the administrator, or when a user process that is not known by the administrator is executed, the restriction expected by the administrator cannot be provided.
  • An object of the present invention is to dynamically limit the operation according to the operation content of the user process.
  • the present invention comprises the following arrangement.
  • it is a process processing device that includes a processor and executes processes, and holds process conditions that can be subject to execution restrictions according to user requests, event conditions that trigger execution restrictions, and details of execution restrictions.
  • a storage unit that performs processing, an initial setting processing unit configured to execute processing when an event that triggers execution restriction occurs, a process condition that can be subject to execution restriction when starting execution of a process, and , Compare the information of the process to start execution, and set the process to be executed when the event occurs as the process is executed, the process start time processing unit, the execution restriction held in the storage unit when the event occurs When an event occurs that refers to the contents of, and adds restrictions on the execution of the process or process group according to the event that occurred With a processing section.
  • An example of the outline of the embodiment of the present invention is as follows, for example.
  • an event trap process for detecting this and notifying a limit addition daemon to be described later and a limit addition daemon having a process to be described later are stored in the memory. Place and run.
  • the daemon is a program that operates in the background in the multitasking OS, and is not a program that is directly controlled by the user.
  • the restriction addition daemon Based on a request from the user, the restriction addition daemon creates an initial setting process with a process for issuing a group setting change request for creation / update of restriction control information and a group management process, and an appropriate process at the start of execution of the user process.
  • Process start processing that requests the OS to be placed in a group, event detection processing that receives notifications from user processes and event trap processing based on execution of processing when a specific type of processing in the user process is executed, and reception
  • a dynamic control daemon having a restriction adding process for adding a restriction to the user process according to the type of event is arranged on the memory and executed.
  • FIG. 1 is a diagram showing an example of the configuration of the computer system of this embodiment.
  • the computer 1 includes at least one CPU 2 and a memory 3 as a storage unit. Further, it may be connected to the external device 5 via one or more input / output interfaces (I / F) 4.
  • I / F input / output interfaces
  • the computer 1 has at least an OS 10 having a multitask processing function, one or more user processes 90, and a limit addition daemon 50 on the memory 3 as programs to be executed by itself.
  • the computer 1 operates when the CPU 2 executes the OS 10, the user process 90, and the limit addition daemon 50 while sequentially switching programs to be executed.
  • the OS 10 is an operating system having a multitask processing function. Like the general OS, the OS 10 includes an OS internal process 11 for realizing functions such as computer resource management. Similarly, the process management information 12 including information such as the state of the process 90 and a memory area to be used is provided for the process 90 executed on the computer as in a general OS. Furthermore, a system call receiving process 13 for receiving a system call that is a request to the OS 10 described in the user process 90 and a system call process 14 for executing a process corresponding to the system call are provided.
  • the OS 10 has a group control function described below.
  • the OS 10 includes a group control function that classifies a plurality of processes 90 into one or more groups and restricts operations caused by the processes 90 belonging to the group for each group.
  • the group control function is, for example, the Process Containers function listed in “CGROUPS” (http://kernel.org/doc/Documentation/cgroups/cgroups.txt).
  • CGROUPS http://kernel.org/doc/Documentation/cgroups/cgroups.txt.
  • the relationship between the group and the process may be one-to-many or many-to-many.
  • One-to-many means that a process 90 can belong to only one group at a time
  • many-to-many means that a process 90 can belong to a plurality of groups at the same time.
  • the group control function is realized mainly by the group management process 40 that changes the contents of the group information 20 based on the group information change request described in the user information 90 and the group information 20 that is information related to the group.
  • An example of the group information 20 is shown in FIG. FIG. 2 shows an example of the group information 20.
  • the group information 20 is provided with information to be described later, and holds the state / property for each group.
  • the group information 20 includes at least a group identifier 21 that is information for identifying the group itself from other groups, and a group attribute 23 that represents restriction information regarding the operation of processes in the group.
  • the group information 20 should include an intra-group process identifier 22 representing the process 90 belonging to the group. However, as an alternative to the intra-group process identifier 22, each process 90 and each process 90 is included in the process management information 12.
  • the group identifier 21 of the group to which the group belongs may be associated and held.
  • FIG. 3 shows an example of the group attribute 23 for managing the attribute for each group.
  • the group attribute 23 includes at least one set of an attribute identifier 24 and an attribute parameter 25.
  • the combination of the attribute identifier 24 and the attribute parameter 25 is, for example, an identifier representing the type of a certain computer resource and the upper limit of the available amount. Alternatively, an identifier indicating the type of function / device to be acted on in relation to the process 90 and whether the action is possible or not. Alternatively, the type of action that occurs in connection with process 90 and its priority or weight value.
  • the group management process 40 realizes the following functions.
  • the group management process 40 is called when the CPU executes a group management request process in the process 90.
  • the group management request process 40 is a process for issuing a change request for the group information 20.
  • the change request for the group information 20 includes, for example, creation of a new group, deletion of an existing group, movement of a process to a specific group, group This is a request to change the attribute of.
  • the group management request processing includes one of a group creation request 26, a group deletion request 27, a process movement request 28, and a group attribute change request 29 shown in FIGS. 4 to 7 according to the content of the requested change. .
  • the request is for deleting a group
  • information about the group having the target group identifier 30 specified by the group deletion request 27 as shown in FIG. 5 as the group identifier 21 is deleted from the group information 20.
  • the process identifier 31 is added to the intra-group process identifier 22 corresponding to the group identifier 21 to be performed.
  • the process identifier 31 is deleted from the intra-group process identifier 22 corresponding to the group identifier 21 that matches the source group identifier 32 in the group information 20.
  • the process identifier 31 is similarly deleted from the intra-group process identifier 22 for the group that competes with the group corresponding to the destination group 33 based on the restriction of the group to which the process can belong at the same time.
  • the process identifier 31 is searched from the intra-group process identifier 22 for each group in the information 20, and the process identifier 31 is deleted from the intra-group process identifier 22.
  • the migration source group identifier 32 may not be included in the process migration request 28 if it is not referenced in the processing described above.
  • the attribute identifier 34 and attribute parameter change are performed as the group attribute information 23 corresponding to the group identifier 21 matching the target group identifier 30 included in the group attribute change request 28 shown in FIG.
  • a set of content 35 is added.
  • the content of the attribute parameter change content 35 is reflected on the attribute parameter 25 of the group attribute 23 that already exists as the group attribute information 23 and has the attribute identifier 24 that matches the attribute identifier 34.
  • the OS internal process 11 and the system call process 14 include a process for determining whether or not the process can be executed with reference to the group information 20 and a process for changing the subsequent process contents. For example, in the process of selecting the process 90 to be executed next in the OS internal process 11, the process identifier corresponding to the process 90 that is a candidate for execution is searched in the group information table 20, and the group attribute corresponding to this is searched. 23, if the group attribute 23 has an attribute identifier 24 indicating the CPU usage rate, the CPU operating time consumed for executing the process 90 is compared with the CPU usage upper limit represented by the attribute parameter 25. If the CPU operating time of the process 90 has already exceeded the CPU usage rate upper limit, the execution of the process is not resumed. As a result, the group information 20 is set based on the request in the user process 90, whereby the processing contents of the OS internal processing 11 and the system call processing 14 are based on the group attribute 24 held in the group information 20.
  • a trap group function added to such an OS 10 is considered.
  • the trap group function is realized by adding trap definition information 50 and event trap processing 70 and adding processing for calling event trap processing 70 to system call reception processing 13 and OS internal processing 11.
  • Trap definition information 50 defining the contents of trap processing is a kind of group attribute 23.
  • An example of the trap definition information 50 is shown in FIG.
  • the trap definition information 50 includes attributes such as a trap target event 51, a trap action target 52, a trap action 53, and a trap notification destination 54.
  • Each attribute includes an attribute identifier 24 and an attribute parameter 25.
  • the trap definition information 50 is used for the process corresponding to the trap action target 52 when a trap target event 51 occurs when a process in the group for which the trap definition information 50 is set as an attribute is triggered. This indicates that the processing corresponding to the operation 53 is executed and that the process indicated by the trap notification destination 54 is notified.
  • the trap target event 51 is information that means that a system call is issued together with a parameter that satisfies a specific condition, or that execution of internal processing of the OS 10 that may occur in connection with execution of a specific process. It may be. For example, it may be information indicating execution of a memory reservation request system call request existing in the user process 90 and having a requested memory amount of 1 megabyte or more. Alternatively, it may be information indicating that an input request is issued to a specific type of input / output I / F, which is caused by execution of a certain process 90.
  • the trap operation target 52 is, for example, “corresponding process” or “all processes in the group”.
  • the “corresponding process” is the process that caused the event, and the “all processes in the group” means all the processes described as the in-group process identifiers 22 for the group in which the trap definition information 50 is set. Is a process.
  • the trap action 53 is, for example, “process pause”, “process forced termination”, or “process continuation” indicated by the trap action target 52.
  • the trap notification destination is an identifier representing a process that is a notification destination of the trap occurrence information 60 or a set thereof.
  • the trap occurrence information 60 shown in FIG. 9 is information in which the trap occurrence target and the trap event are managed by the OS 10 and transmitted to the process 90.
  • the trap occurrence group identifier 61, the trap occurrence process identifier 62, and the trap occurrence event 63 indicate that the event indicated by the trap occurrence event 63 has occurred in accordance with the execution of the process indicated by the trap occurrence process identifier 62 in the group indicated by the trap occurrence group identifier 61.
  • trap generation information as shown in FIG. 9 is generated and sent to the process 90.
  • the trap group function is realized by the CPU 2 performing the operations described below (FIGS. 10 to 13).
  • FIG. 10 and 11 show event trap processing based on system call issuance by the user process 90
  • FIGS. 12 and 13 show event trap processing by OS internal processing.
  • trap targets can be grouped by those related to each other, thereby eliminating the trap target.
  • the process identifier of the user process 90 that is the system call calling source is searched from the intra-group process identifier 22 in the group information 20, and the user process 90 belongs The group to be identified is specified (S51).
  • the trap definition information 50 relating to the group in the group information 20 is referred to (S52).
  • the system call type specified at the time of calling the system call reception process 13 is collated with the trap target event 51 in the trap definition information 50 (S53).
  • S54 an event trap process 70 described later is called (S56, FIG. 11). If they do not match, the system call process 14 is simply executed (S55).
  • the trap action in the trap definition information 50 is referred to, and it is determined whether this is “process stop” (S71). If applicable, process stop processing is executed (S72).
  • the process stop process is, for example, to set the target process state to the stop state for each process state recorded and managed in the process management information 12. If the target process is being executed by a CPU 2 that is different from the CPU 2 that is executing this process, the CPU 2 that is executing the process stop process is notified to the CPU 2 that is executing the process that is the stop target. The execution may be requested to be stopped by means such as an interrupt.
  • the target process is the process of the system call caller when the trap action target 52 in the trap definition information 50 is “corresponding process”, and within the group when “all processes in the group”. All processes represented by process identifiers included in the process identifier 22.
  • the trap information notification is performed (S75) both when the process stop process (S72) is executed, when the process end process (S74) is executed, or when the operation at the time of trap is "continue processing". However, when there is no notification destination of trap information, that is, when a valid process identifier is not recorded in the notification destination 54 at the time of trapping, notification is not performed.
  • the trap information notification is a notification to the process represented by the process identifier described in the trap notification destination 54, and is realized as, for example, a signal transmission process or a data transmission process using a socket.
  • trap generation information 60 as shown in FIG. 9 is generated and transmitted to a process that is a notification destination.
  • the trap generation group identifier 61 is an identifier indicating the group specified in S51
  • the trap generation process identifier 62 is an identifier indicating the process that is the caller of the system call reception process 13
  • the trap generation event 63 Is information that represents the type of system call in this case, that is, an event determined to match the trap target event in S54.
  • the OS internal process 11 is a process executed in association with a process 90, for example, asynchronously with the execution of the process 90 and triggered by the execution of another process 90 or an interrupt process. Therefore, the OS internal processing 11 is, for example, an OS adopting a virtual memory method, in which data stored in a memory area used by the process 90 is saved in a storage device, and the memory area is stored in the process 90.
  • This may be swap-out processing that is not suitable for execution, or, based on an external input / output request by the process 90, an input / output I / O to the external device 5 connected via the input / output I / F 4.
  • / F4 and external device 5 may be an external input / output process that instructs input / output at an appropriate timing in consideration of the state of the external device 5.
  • the operation is almost the same as that in the case of the system call reception process 13.
  • the execution start of the system call reception process 13 corresponds to the start of the execution of the OS internal process 11
  • the execution of the system call process 14 corresponds to the continuation of the process of the OS internal process 11.
  • the user process 90 related to the OS internal process 11 is specified (S61).
  • the specific method refers to an identifier representing a request source process included in input / output request information representing an input / output request to be processed.
  • processing is performed in the same manner as in the case of the system call shown in FIG.
  • the group to which the user process 90 specified in step S61 belongs is determined (S62).
  • trap definition information acquisition (S63) and processing verification (S64) are performed in the same manner as in the system call reception processing 13, and the event trap processing is called only when the event matches the trap target event (S65) (S67, FIG. 13). . If the event does not match the trap target event (S65), the OS internal processing is continued (S66).
  • the restriction addition function is realized by the restriction addition daemon 100 shown in FIG.
  • the restriction addition daemon 100 is a program on the memory 3 and is realized as a kind of the user process 90, for example.
  • the restriction addition daemon 100 newly generates at least an initial setting process 101 for performing a setting for transition to a state in which the computer 1 can dynamically restrict the user process, and a process 90 that can be restricted by the CPU 2.
  • Initial setting processing 102 that performs appropriate processing at times
  • event occurrence processing 103 that adds restrictions when an event that triggers the addition of restrictions occurs, possibility of restriction or restriction
  • a process end-time process 104 is provided for performing an appropriate process when the user process 90 that has occurred shifts to the end state and disappears.
  • restriction adding daemon 100 includes restriction control information 150 including the contents of restriction performed on the process and the restriction state.
  • restriction control information 150 includes at least a control target process condition 151, a restriction trigger event 153, restriction contents 154, a pre-restriction group identifier 155, a pre-restriction process identifier 156, a post-restriction group identifier 157, and a post-restriction process identifier 158. Hold.
  • the restriction control information 150 may include a restriction addition unit 152.
  • the restriction control target process condition 151 is a condition for determining whether or not a certain process 90 is a restriction control target.
  • the restriction control target process condition 151 is a condition relating to the file path of the program file used for generating the process 90.
  • it is a condition relating to the identifier of the user who has instructed the generation of the process 90, or a complex condition thereof.
  • the restriction trigger event 153 is information representing an event that triggers the addition of a restriction to the process 90 that matches the restriction control target process condition 151.
  • the restriction trigger event 153 may be information indicating that a system call is issued together with a parameter that satisfies a specific condition, or execution of processing inside the OS 10 that may occur in association with execution of a specific process. .
  • it may be information indicating execution of a memory reservation request system call request existing in the user process 90 and having a requested memory amount of 1 megabyte or more.
  • it may be information indicating that an input request is issued to a specific type of input / output I / F, which is caused by execution of a certain process 90.
  • the information may mean that the execution of the processing has caused a specific result, that is, success or a specific type of error.
  • the information may mean that any of the listed processing or results occurs as described above.
  • the restriction content 154 is a restriction content added to the process 90 when the restriction trigger event 153 occurs.
  • the contents of the restriction include, for example, the allocation amount of the memory 3 in the computer 1 or the storage area inside the computer 1 or connected to the computer 1, the time that the CPU 2 spends for the execution of the process 90, the bus inside the computer 1 This is the upper limit of the amount allocated to the execution of the process 90 regarding computer resources, such as the bandwidth of the wiring connected to the output I / F 4.
  • it is a priority that is information for resolving a priority relationship when a conflict with another process 90 occurs with respect to the computer resources listed above. Alternatively, for example, execution of specific processing is prohibited.
  • the pre-restriction group identifier 155 is an identifier of the group to which the previous process 90 that is the target of the restriction content 154 belongs, and the pre-restriction process identifier 156 is a set of identifiers of the processes 90 belonging to the pre-restriction group identifier 155. It is.
  • the post-restriction group identifier 157 is an identifier of the group to which the process 90 subject to the restriction content 154 belongs, and the post-restriction process identifier is a set of identifiers of the processes 90 belonging to the post-restriction group identifier 158. is there.
  • FIG. 16 is a diagram illustrating an example of a processing flow of the initial setting processing 101 in the present embodiment.
  • the initial setting process 101 is executed by the CPU 2 when the computer 1 is started or when an instruction is given from the user.
  • the restriction request information 160 created by the user in advance is acquired (S101).
  • the restriction request information 160 includes a restriction target process condition 161, a restriction trigger event 163, and restriction contents 164.
  • a restriction addition unit 162 may be included.
  • the restriction request information 160 is a file on a file system realized as a parameter when a command execution instruction is issued by the user or by the OS 10.
  • pre-restriction group creation and setting processing is performed (S102).
  • the pre-restriction group creation and setting process is based on the same target group identifier 30 and the restriction trigger event 163 after determining an arbitrary target group identifier 30 and creating the group creation request 26 and calling the group management process 40.
  • the group attribute change request 29 including the trap definition information 50 is created and the group management process 40 is called.
  • the trap target event 41 of the trap definition information 50 is set to the same event as the restriction trigger event 163 or the same meaning.
  • “applicable process” is set when the restriction addition unit 152 is “process”
  • “all processes in the group” is set when it is “process group”.
  • “process stop” is set in the trap operation 53
  • the process identifier of the restriction adding daemon 100 is set in the trap notification destination 54. If it is not essential to immediately add a restriction when an event occurs, the specified contents of the trap action target 52 may be arbitrary, and the contents of the trap action 53 may be “do nothing”.
  • post-restricted group creation and setting processing is performed (S103).
  • the post-restriction group creation and setting process is based on the same target group identifier 30 and the restriction content 154 after determining an arbitrary target group identifier 30 and creating the group creation request 26 and calling the group management process 40.
  • a group attribute change request 29 including an attribute identifier 34 and an attribute parameter change content 35 is created and a group management process 40 is called.
  • the restriction control information is updated (S104).
  • a new line is added to the restriction control information 150, the restriction target process condition 151 in the restriction request information 160, the restriction trigger event 163, and the restriction contents 164 are added to the restriction target process condition 151, the restriction trigger event 153, and the restriction content 154.
  • the restriction addition unit 162 in the restriction request information 160 may be set in the restriction addition unit 152.
  • the group identifiers determined in the pre-restriction group creation and setting (S102) and the post-restriction group creation and setting (S103) are set in the pre-restriction group identifier 155 and the post-restriction group identifier 157, respectively. Further, at this time, processes that match the restriction target process condition 151 may be searched, and those identifiers may be added to the pre-restriction process identifier 156.
  • FIG. 17 is a diagram showing an example of a process flow of the process start time process 102 in the present embodiment.
  • the process start time process 102 is called when the execution of a new process 90 is started on the computer 1 (S110).
  • the start of the execution of the process 90 means that the process 90 is generated by the operation of the CPU 2 and that the contents of the process 90 are newly replaced with the contents of a specific program file.
  • the restriction addition daemon 100 is registered as a notification destination of the process event notification function provided in the OS 10, and the CPU 2 performs a process event notification waiting process in the restriction addition daemon 100. Realize by executing.
  • the restriction control information 150 is referred to, and first, a restriction target process condition 151 that matches the newly started process 90 is searched (S111).
  • the group represented by the pre-restriction group identifier 155 corresponding to the matched restriction target process condition 151 is determined as the initial placement group (S112).
  • the restriction addition unit 152 is a “process group” and the identifier of an arbitrary process 90 is recorded in the post-restriction process identifier 158
  • the group represented by the pre-restriction group identifier 157 is It may be an initial placement group.
  • the process 90 whose execution has been started is moved to the group determined as the initial placement group (S113). This is because, as the process movement request 28 shown in FIG. 6, the process identifier of the process 90 that has started execution is set in the process identifier 31, and the group identifier of the initial placement group is set in the movement destination group identifier 33. This is realized by creating the request 28 and calling the group management process 40.
  • the process identifier of the process 90 that has started execution is added to the pre-restriction process identifier 156 corresponding to the restriction target process condition 151 in the restriction control information 150 (S114). Thereafter, the process start process 102 ends (S115).
  • FIG. 18 is a diagram showing an example of the processing flow of the event occurrence processing 103 in the present embodiment.
  • the event occurrence process 103 is registered in the intra-group process identifier 22 because the process identifier of the restriction adding daemon 100 is registered as the trap destination in the trap definition information 50 in the group information 20 in the initial setting process 101. Called when an event occurs in connection with the execution of the process 90 having the specified process identifier (S120).
  • the restriction request information corresponding to the occurred event is referred to (S121). This is to search the trap occurrence group identifier 61 in the trap occurrence information 60 generated and notified in the execution of the event trap processing 70 from the group identifier 155 before restriction in the restriction control information 150. Alternatively, the trap occurrence process identifier 62 in the trap occurrence information 60 may be searched from the pre-restriction process identifier 156 in the restriction control information 150.
  • the post-implementation process identifier 158 and the restriction addition unit 152 are targets to be referred to or changed in the processing described later in the event occurrence processing 103.
  • the process 90 that is the target of the restriction content change that is, the group movement target is determined (S122). This is to determine the process 90 represented by the trap generation process identifier 62 as a restriction target when the restriction addition unit 152 does not exist or when “process” is set in the restriction addition unit 152. Alternatively, when the “process group” is set in the restriction addition unit 152, the process 90 represented by the trap generation process identifier 62 and the process represented by the process identifier held in the pre-restriction process identifier 156. Everything is determined as a restriction target.
  • the destination group is determined (S123). This simply determines the group represented by the post-restriction group identifier 157 as the movement destination. Based on the content determined above, group movement is performed (S124).
  • the group migration corresponds to the destination group determined in the destination group determination (S123) with the process identifier corresponding to the process or process group determined in the target process determination (S122) as the process identifier 31.
  • a process migration request 28 with the group identifier as the migration destination group identifier 33 is created and the group management process 40 is called.
  • the pre-restriction group identifier 155 may be set as the source group identifier 32.
  • the creation of the process movement request 28 and the calling of the group management process 40 may be performed for each process belonging to the process group.
  • the trap action 53 in the trap definition information 50 is set to “process stop”, for the target process or process group, issue of a signal instructing process execution resumption, etc.
  • the method may transition the state of the process or group of processes from a stopped state to an operating state.
  • the restriction control information 150 is updated based on the contents of the group movement performed in this process (S125).
  • the update here is to delete the process identifier of the process or process group to be moved from the pre-restricted process identifier 156 and add it to the post-restricted process identifier 158. Thereafter, the event occurrence process ends (S126).
  • the process end process 104 is a process that is called when an arbitrary process transitions to the end state, and is unnecessary in this embodiment, but is used in the second and third examples described later.
  • the process 90 when a specific event occurs in connection with the execution of the process 90 based on an instruction or setting from the user, the process 90 that is present on the computer 1 and executed by the CPU 2 is executed. There may be restrictions on the execution of process 90. For example, when a “recv system call” issuance process is executed during execution of a certain process 90, the amount of memory used for execution of the process 90 can be limited to a maximum of 1024 megabytes. Alternatively, when an unexpected event occurs during execution of a process 90, such as execution of a file access request process accompanying execution of the process 90 that is not accompanied by file access, problem analysis is performed. Therefore, the process 90 can be prohibited from taking a state other than the stopped state, that is, the execution of the process 90 can be stopped.
  • FIG. 19 is a diagram illustrating an example of the restriction control information 150 in the present embodiment
  • FIG. 20 is a diagram illustrating an example of target process information 252 that is a part of information constituting the restriction control information 150 in the present embodiment.
  • the restriction control information 150 includes the restriction target process condition 151, the restriction trigger event 153, the restriction content 154, and the restriction addition unit 152 is the same as the first embodiment. It differs from the first embodiment in that a plurality of sets of restriction trigger event 153 and restriction contents 154 may exist for a set of target process condition 151 and restriction addition unit 152.
  • the restriction control information 150 includes a restriction content identifier 251 corresponding to a set of the restriction trigger event 153 and the restriction content 154.
  • target process information 252 is included instead of the pre-restricted group identifier 155, the pre-restricted process identifier 156, the post-restricted group identifier 157, and the post-restricted process identifier 158.
  • the target process information 252 includes at least a process identifier 253, a group identifier 254, a restriction content identifier 251, and a restriction state 255.
  • the target information process information 252 is a set of a restriction trigger event 153 and a restriction content 154 indicated by the restriction content identifier 251 in which the process 90 represented by the identifier described as the process identifier 253 belongs to the group indicated by the group identifier 254. This is information indicating whether or not the restriction has been applied. Accordingly, a plurality of restriction contents, that is, a restriction content identifier 251 and a restriction state 255 are associated with a certain process or group of processes and a certain group set.
  • FIG. 22 shows a flow of the initial setting processing 101 in the present embodiment.
  • the restriction request information 260 created in advance by the user is received (S201).
  • the restriction request information 260 in the present embodiment shown in FIG. 21 is a restriction information process condition 161 or a combination of a restriction target process condition 161 and a restriction addition unit 162.
  • a plurality of sets of the restriction trigger event 163 and the restriction content 164 may be associated.
  • the restriction control information 150 is updated based on the contents of the restriction request information 260 (S202).
  • the restriction target process condition 161, the restriction addition unit 162, the restriction trigger event 163, and the restriction content 164 in the restriction request information 260 are respectively included in the restriction control information 150, the restriction target process condition 151, the restriction addition unit 152, and the restriction trigger event 153.
  • the restriction content 154 is set.
  • a restriction content identifier 251 representing this set is determined and set. In this way, while the unprocessed restriction request information 251 exists (S203), the processes after the restriction request information acquisition (S201) are repeated.
  • FIG. 23 shows the flow of the process start time process 102 in this embodiment.
  • the restriction target process condition 151 that matches the newly started process 90 is searched (S111).
  • group creation and setting means that an arbitrary target group identifier 30 is determined, a group creation request 26 is created, the group management process 40 is called, and then the same target group identifier 30 and the restriction trigger event 163 are entered.
  • a group attribute change request 29 including the trap definition information 50 based thereon is created and the group management process 40 is called.
  • the trap target event 51 of the trap definition information 50 is set with a list of each restriction trigger event 153 associated with the restriction target process condition 151 or one having the same meaning.
  • the trap target operation object 52 is “corresponding process” when the restriction addition unit 152 is “process”, and “all processes in the group” when it is “process group”. “Stop process” or “Do nothing” is set in the trap operation 53, and the process identifier of the restriction adding daemon 100 is set in the trap notification destination 54.
  • the group move process is performed next (S214).
  • the group move is a process move request in which the process identifier of the newly started process 90 is the process identifier 31 and the previously created group or the created group identifier found in S212 is the move destination group identifier 33. 28 is created and the group management process 40 is called.
  • the restriction control information 150 is updated (S215).
  • a set of the process identifier 253 and the group identifier 254 is added to the target process information 252 associated with the restriction target process condition 151.
  • the process identifier 253 is set to the identifier of the process that has been started
  • the group identifier 254 is set to the identifier of the group created in step S213.
  • the restriction content identifier 251 and the restriction state 255 for each restriction content identifier 251 associated with the restriction target process condition 151, a set of the restriction content identifier 251 and the restriction state 255 that is “not applied” is set. Thereafter, the process start process is terminated (S216).
  • FIG. 24 shows a flow of the event occurrence processing 103 in the present embodiment.
  • information related to the process 90 that causes the trap generation is selected from the restriction control information 150 (S221). This is to search the process identifier 253 in the target process information 252 for a match with the trap generation process identifier 62 in the trap generation information 60. Alternatively, a search is made for a match with the trap generation group identifier 61 from the group identifier 254 in each target process information 252. In any case, the target process information 252 and the set of the process identifier 253 and the group identifier 254 are uniquely selected.
  • the restriction trigger event 153 that matches the trap occurrence event 63 in the trap occurrence information 60 is searched, and the restriction content identifier 150 corresponding to this is selected.
  • the operation target group is a group represented by the group identifier 254 in the target process information 252 selected in the restriction control information S221.
  • the setting change content for the group to be operated is determined (S223).
  • the restriction state 255 in the target process information 252 is “applied”, no setting change is required, and the restriction state 255 Is “unapplied”, the restriction content 154 recorded in the restriction control information 150 in association with the restriction content identifier 251 is set as the setting change content.
  • the group setting is changed (S224). This is to perform the setting change determined in the setting change content determination processing S223 for the group determined in the target group determination processing S222.
  • the target group identifier 30 is set as the group identifier determined in step S222, and the attribute identifier 34 and the attribute parameter change content 35 are set according to the change content determined in the setting change content determination processing S223.
  • a change request 29 is created and a group management process 40 is performed.
  • restriction control information 150 S225
  • restriction state 255 corresponding to the restriction content identifier 251 selected in the restriction request information reference S221 in the target process information 252 is changed to “applied”. Thereafter, the event occurrence process is terminated (S226).
  • FIG. 25 shows the flow of processing at the end of the process in the present embodiment.
  • the process end time process 104 is a process that is called when the process transitions to the end state. For example, similarly to the process start time process 102, the process end time process 104 is called when triggered by a process end notification by the process event notification function provided in the OS 10.
  • the identifier of the terminated process is searched from the process identifier 253 in each target process information 252 in the restriction control information 150 (S231).
  • the process identifier 253 includes a process identifier other than the identifier of the terminated process, that is, the process remains in the group or does not include a process identifier other than the identifier of the terminated process, that is, within the group. It is determined whether no process remains in (S232).
  • the group indicated by the corresponding group identifier 254 is deleted (S233). This is realized by creating a group deletion request 27 specifying the group identifier 254 as the target group identifier 30 and calling the group management process 40.
  • the restriction control information is updated at the end (S234).
  • the group deletion S232 when the group deletion S232 is executed, the set of the process identifier 253, the group identifier 254, the restriction content identifier 251 and the restriction state 255 in the target process information 252 is deleted.
  • the process identifier of the process 90 that has been terminated is simply deleted from the process identifier 253. Thereafter, the process termination process is terminated (S235).
  • the execution of the process 90 is restricted only while the access to a certain computer resource can occur due to the execution of the certain process 90, and the restriction is released when the possibility of the occurrence of the access disappears, or there is
  • this embodiment will be described as a difference from the second embodiment.
  • FIG. 26 is an example of the restriction control information 150 in the present embodiment.
  • the restriction control information 150 includes a release trigger event 351 and a prior restriction content 352.
  • the prior restriction content 352 indicates the content of the restriction provided for the execution of the process 90 before the event represented by the restriction trigger event 153 occurs.
  • the release trigger event 351 is a restriction indicated by the prior restriction content 352 by releasing or changing the restriction content when a restriction indicated by the restriction content 154 is provided for execution of a certain process 90. Indicates an event that triggers a change to the content.
  • FIG. 27 is an example of the restriction request information 260 in the present embodiment. Similar to the restriction control information 150, the restriction request information 260 in the present embodiment differs from the restriction request information 260 in the second embodiment in that it includes a release trigger event 361 and pre-restriction contents 362.
  • the initial setting process 101 in this embodiment is basically the same as the flow of the initial setting process 101 in the second embodiment shown in FIG. However, when the restriction request information is acquired (S201), the restriction request information 260 including the release trigger event 361 and the advance restriction content 362 shown in FIG. 27 is received, and the restriction control information is updated (S202). The difference is that the contents of the release trigger event 361 and the advance restriction content 362 in the request information 260 are set to the release trigger event 351 and the advance restriction content 352 in the restriction control information 250.
  • the process start time process 102 in this embodiment is basically the same as the process start time process 102 in the second embodiment shown in FIG.
  • the contents of the release trigger event 361 in the prior restriction contents 352 in the restriction control information 250 are also included in the trap definition information.
  • a group attribute change request 29 is issued.
  • a group attribute change request 29 based on the content of the prior restriction content 352 in the restriction control information 150 is created and the group management processing 40 is called in the creation and setting of the group (S213).
  • the relationship between the prior restriction content 352 and the group attribute change request 29 is the restriction control in the event occurrence processing 103 in the second embodiment, setting change content determination (S213) and group setting change (S214). This is the same as the relationship between the restriction content 154 in the information 150 and the group attribute change request 29.
  • the flow of the event occurrence process 103 in this embodiment is also basically the same as the flow of the event occurrence process 103 in the second embodiment shown in FIG.
  • the trap occurrence event 63 in the trap occurrence information 60 is selected after selecting a combination of the process identifier 253 and the group identifier 254, as in the second embodiment.
  • the restriction event 153 or the release event 361 that matches is searched, and the restriction content identifier 150 corresponding to this is selected.
  • the restriction trigger event 153 is met or the release trigger event 361 is met. That is, it is determined and stored whether the event that triggered the event occurrence process 103 is an event that should cause a restriction to be added or an event that should cause a restriction to be released or relaxed.
  • the setting change content is determined (S233)
  • whether the event that has been determined in advance as the trigger of the event occurrence processing 103 matches the restriction trigger event 153 or the release trigger Information indicating whether the event 361 is met is used. If the restriction trigger event 153 matches, the restriction content 154 recorded in association with the restriction content identifier 251 is changed only when the restriction state 255 is “unapplied”, as in the second embodiment. Content.
  • the release trigger event 361 is matched, only when the restriction state 255 is “applied”, the prior restriction content 362 recorded in association with the restriction content identifier 251 is set as the change content.
  • the expressions of the restriction trigger event 163, the release trigger event 361, the advance restriction content 362, and the restriction content 164 are used.
  • the restriction content 164 is more severe than the advance restriction content 362.
  • the contents of the pre-restriction content 362 are less relaxed than the content of the restriction content 164, or the pre-restriction content 362 and the restriction content 164 each represent different kinds of restrictions.
  • the advance restriction content 362 is a restriction that allows only the first CPU 2 to execute the target process 90 in the computer 1 having a plurality of CPUs 2
  • the restriction content 164 is only the second CPU 2. It may be a restriction that enables the process 90 to be executed.
  • the form for implementing this invention was demonstrated using the 1st, 2nd, 3rd example.
  • the first embodiment when a specific event occurs in connection with execution of a certain process 90 by the CPU 2, which is a basic form in the embodiment of the present invention, the subsequent process 90 or a group of processes including the process 90 is performed. Some restrictions are placed on execution.
  • the second embodiment is an example of a mode that enables the restriction of operation contents to be added in a stepwise manner according to the type of event that has occurred for a certain process 90 or process group.
  • the third embodiment not only adds a restriction to a process or group of processes depending on the event that occurred for a certain process 90 or group of processes, but conversely relaxes the restriction when a specific event occurs. It is possible to change the restriction content.
  • a user process in which the administrator does not know the processing content in advance, or a user process in which the manager's recognition regarding the processing content is different from the actual processing content is simply In addition to prohibiting the detected process, it is possible to implement a restriction that takes into account the effect of the detected process. Further, by grouping trap targets by those related to each other, it is possible to eliminate leakage of trap targets.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

L'invention concerne un dispositif de mise en œuvre de processus qui comprend : une unité de mémorisation, qui contient les conditions d'un processus, dont l'exécution peut être restreinte en conformité avec une requête d'un utilisateur, les conditions d'un événement qui déclenche la restriction de l'exécution et les détails de la restriction d'exécution ; une unité de traitement de réglage initial qui établit l'exécution du traitement temporel de génération d'événement, lorsqu'un événement est généré, qui constitue un déclenchement pour la restriction d'exécution ; une unité de traitement temporel de commencement de processus qui, lorsque l'exécution d'un processus est commencée, compare les conditions de processus pour la restriction d'exécution et les informations du processus dont l'exécution est commencée et réalise un réglage, de sorte que le traitement temporel de génération d'événement soit exécuté lorsque l'événement est généré, accompagnant l'exécution du processus ; et une unité de traitement temporel de génération d'événement qui fait référence aux détails de la restriction d'exécution détenus par l'unité de mémorisation et, en fonction de l'événement généré, ajoute une restriction relative à l'exécution du processus.
PCT/JP2012/061371 2012-04-27 2012-04-27 Programme, procédé et dispositif de mise en œuvre de processus WO2013161056A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2012/061371 WO2013161056A1 (fr) 2012-04-27 2012-04-27 Programme, procédé et dispositif de mise en œuvre de processus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2012/061371 WO2013161056A1 (fr) 2012-04-27 2012-04-27 Programme, procédé et dispositif de mise en œuvre de processus

Publications (1)

Publication Number Publication Date
WO2013161056A1 true WO2013161056A1 (fr) 2013-10-31

Family

ID=49482422

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2012/061371 WO2013161056A1 (fr) 2012-04-27 2012-04-27 Programme, procédé et dispositif de mise en œuvre de processus

Country Status (1)

Country Link
WO (1) WO2013161056A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016538675A (ja) * 2014-10-31 2016-12-08 シャオミ・インコーポレイテッド メモリ最適化方法、装置、プログラム、及び記録媒体
US9678868B2 (en) 2014-10-31 2017-06-13 Xiaomi Inc. Method and device for optimizing memory

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007122664A (ja) * 2005-10-31 2007-05-17 Sony Computer Entertainment Inc 情報処理方法および情報処理装置
WO2008126773A1 (fr) * 2007-04-05 2008-10-23 Nec Corporation Système de traitement d'informations et procédé de traitement d'informations

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007122664A (ja) * 2005-10-31 2007-05-17 Sony Computer Entertainment Inc 情報処理方法および情報処理装置
WO2008126773A1 (fr) * 2007-04-05 2008-10-23 Nec Corporation Système de traitement d'informations et procédé de traitement d'informations

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016538675A (ja) * 2014-10-31 2016-12-08 シャオミ・インコーポレイテッド メモリ最適化方法、装置、プログラム、及び記録媒体
US9678868B2 (en) 2014-10-31 2017-06-13 Xiaomi Inc. Method and device for optimizing memory

Similar Documents

Publication Publication Date Title
US11307939B2 (en) Low impact snapshot database protection in a micro-service environment
JP4436036B2 (ja) 情報処理装置、トレース処理方法、プログラム及び記録媒体
RU2444056C1 (ru) Система и способ ускорения решения проблем за счет накопления статистической информации
CN112668386A (zh) 使用机器人过程自动化用于文档处理的长时间运行工作流
US8316120B2 (en) Applicability detection using third party target state
CN110908641B (zh) 基于可视化的流计算平台、方法、设备和存储介质
WO2012056596A1 (fr) Système informatique et procédé de commande de traitement
EP2400386A2 (fr) Administration de système à distance utilisant un environnement de ligne de commande
US6928378B2 (en) Stress testing at low cost through parallel execution of unit tests
US20100017515A1 (en) Resource migration system and resource migration method
US7996893B2 (en) Determining roles for automated tasks in a role-based access control environment
CN111930489B (zh) 一种任务调度方法、装置、设备及存储介质
US9594796B2 (en) Storage apparatus and data management method
US20120291033A1 (en) Thread-related actions based on historical thread behaviors
US11620310B1 (en) Cross-organization and cross-cloud automated data pipelines
US20170168843A1 (en) Thread-agile execution of dynamic programming language programs
US9430222B2 (en) Controlling a running application for live scene graph editing
US10599472B2 (en) Information processing apparatus, stage-out processing method and recording medium recording job management program
WO2013161056A1 (fr) Programme, procédé et dispositif de mise en œuvre de processus
US20220237025A1 (en) Active build migration in continuous integration environments
Yu et al. Sasm: Improving spark performance with adaptive skew mitigation
JP6418419B2 (ja) ハードディスクがアプリケーションコードを実行するための方法および装置
US20170228383A1 (en) Active archive bridge
KR101692964B1 (ko) 프로비저닝 장치 및 그 방법
KR20010110097A (ko) 작업흐름-관리-시스템에서의 보관 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12875655

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12875655

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP