United States Patent
`US 7,117,495 B2
`(10) Patent No.:
`(12)
`Blaseret al.
`(45) Date of Patent:
`Oct. 3, 2006
`
`
`US007117495B2
`
`(75)
`
`andall Nichards©00K, Springville, 6,366,900 B1 4/2002 Hu
`
`(54) SYSTEMS AND METHODS FOR THE
`11/1999 Jia et al. veces 705/59
`5,991,402 A *
`CREATION OF SOFTWARE PACKAGES
`5,991,753 A * LI/1999 Wilde oo... eceeeeseeteetees 707/2
`USING LAYERED SYSTEMS
`6,161,218 A
`12/2000 Taylor
`6,185,574 BI*
`2/2001 Howard et al... 707/200
`Inventors: pared RiesBlaserorem: ur oR
`6,356,915 B1*
`3/2002 Chtchetkineetal. ....... 707/200
`
`
`
`
`UT (US)
`6,374,402 BL
`4/2002 Schmeidler etal.
`os
`6,381,735 Bl
`4/2002 Hunt
`:
`:
`(73) Assignee: Altiris, Inc., Lindon, UT (US)
`6,453,468 BL*
`9/2002 D’Souza veesssssessseseeeen 717/168
`(*) Notice:
`Subject to any disclaimer, the term ofthis
`2002/0157089 Al
`10/2002 Patel et al.
`patent is extended or adjusted under 35
`2002/0174215 A1* 11/2002 Schaefer ....0. 709/224
`US.C. 154(b) by 163 days.
`2003/0033441 Al
`2/2003 Forin et al.
`
`(21) Appl. No.: 10/459,936
`(22)
`Filed:
`Jun. 11, 2003
`(65)
`Prior Publication Data
`US 2003/0233490 Al
`Dec. 18, 2003
`
`Related U.S. Application Data
`oo.
`..
`(60) Provisional application No. 60/387,969, filed on Jun.
`12, 2002.
`Int. Cl
`nt.
`Cl.
`GOG6F 9/445
`(2006.01)
`GOGF 9/44
`(2006.01)
`(52) US. C0 cieceeccccsssssseeeessssssesssseeeeees 717174; 719/328
`:
`.
`:
`/
`:
`(58) Field of Classification Search........ 717/168-178;
`707/2, 200, 101; 705/59; 709/328-329,
`709/217-229;, 713/165
`See application file for complete search history.
`References Cited
`U.S. PATENT DOCUMENTS
`
`(51)
`
`(56)
`
`1.
`
`OTHER PUBLICATIONS
`ft P:
`NTR
`Kit, 1993, Mi
`Mi
`ft Wind
`Tess, VO.
`1. pp.325-346
`esource
`Kit,
`4
`ICTOSO.
`Heidemann, J.S, File-System Development with Stackable Layers,
`Feb. 1994, ACM Transations on Computer Systems, vol. 12, No. 1,
`pp. 58-89.*
`NEWCOMB, “‘Softricity has cure for app conflict blues”, Thin
`Planet wesbsite, May 2002, Parts 1 and 2, Jupitermedia Corp.
`“SystemGuard”, www.sofiricity.com website, Apr. 24, 2003 or
`earlier.
`
`(Continued)
`.
`.
`.
`.
`Primary Examiner—Kakali Chaki
`Assistant Examiner—Trenton J Roche
`(74) Attorney, Agent, or Firm—Everett D. Robinson:
`Parsons Behle & Latimer
`
`(57)
`
`ABSTRACT
`
`The claimed inventionsrelate generally to computer systems
`having facilities for providing virtual portionsoffile systems
`5/1994 Hendrickset al.
`5,313,646 A *
`and configuration settings to applications. More particularly,
`7/1996 Narihiro
`5,537,539 A
`the claimed inventions relate to methods of capturing soft-
`5,561,799 A * 10/1996 Khalidi et al... 707/200
`ware packages using layered computing systems and soft-
`5,586,304 A
`12/1996 Stupek, Jr. et al.
`ware package products produced by those methods.
`5,905,990 A *
`5/1999 Inglett oo. eee eeeee 707/200
`
`5,930,513 A * 7/1999 Taylor oe.eeeceeeeeee T17/174
`
`8/1999 Aronberget al.
`5,933,647 A
`17 Claims, 5 Drawing Sheets
`
`.......... 707/101
`
`404a}avert|Applications|406a
`
` 402
`
`Storage
`
`
`404b}taperApplications|*~406b
`
`
`404n}ayerApplications|~-406n
`
`
`Baseos:OS Applications}~- 410
`
`
`400
`
`Processor
`
`”
`
`—-4-—
`
`408
`
`Google Exhibit 1005
`Google v. VirtaMove
`
`Google Exhibit 1005
`Google v. VirtaMove
`
`

`

`US 7,117,495 B2
`Page 2
`
`OTHER PUBLICATIONS
`
`“SoftGrid for Windows Desktopos Transforms Business Applica-
`tions into Web-enabled services, reshaping the economics of enter-
`prise... ”, www.softricity.com website, Oct. 15, 2001.
`“Softricity secures $14.6 million in oversubscribed third round.
`venture funding”, www.softricity.com website, Jul. 29, 2002.
`“Microsoft and Softricity announce agreement to manage existing
`Windows applications with web services”, www.softricity.com
`website, May 28, 2002.
`“Softricity announces SoftGrid 2.0 first customer deployments and
`general availability”, www.sofiricity.com website, May 6, 2002.
`“Softricity unveils SoftGrid Dual-Mode”, www.softricity.com
`website, Mar. 24, 2003.
`“Softricity becomes premier member of Citrix Business Alliance”,
`www.softricity.com website, Feb. 25, 2002.
`“SoftGrid Sequencer”, www.softricity.com website, Apr. 24, 2003
`or earlier.
`Longwell, “Softricity lowers price on Dual-Mode deployments”,
`www.cm.com website, Mar. 28, 2003.
`“Microsoft and Softricity announce agreement to manage existing
`Windows-based. applications with Web services”, a Microsoft
`website, May 28, 2002.
`“Softricity Data Sheet: Softricity SystemGuard; The foundation for
`stable on-demand application access”, www.softricity.com website,
`Feb. 2002.
`“Softricity Data Sheet: Softricity SystemGuard; Softricity’s patent-
`pending technology enables any application to run on any
`desktop ... ”, www.softricity.com website, Oct. 2002.
`“Turning software into a service:
`there are no silver bullets”,
`www.softricity.com website, Apr. 24, 2003 or earlier.
`“Softricity acquires intellectual property of Seaport Software to
`extend virtual installation technology”, www.choicesolutions.com
`website, Nov. 18, 2002.
`
`“Softricity SoftGrid Platform: Softricity platform training guide”,
`www.softricity.com website, Apr. 24, 2003 or earlier.
`Jeff Tranter, “CD-ROM and Linux”, Linux Journal, Nov. 11, 1994.
`Retrieved from the Internet:<URL:http://www.linuxjournal.com/ar-
`ticle/2851>.
`Jeff Tranter, “The Linux CD-ROM HOWTO”,v.1.2, Aug. 21, 1994.
`Retreived from the Internet: <URL: http://www.ibiblio.org/pub/
`historic-linux/ftp-archives/sunsite.unc.edu/Nov-06-1994/docs/
`HOWTO/CDROM-HOWTO>.
`from the
`retrieved
`tarball,
`ifs.5.1-targz
`source
`code
`Internet: <URL: http://www.ibiblio.org/pub/historic-linux/ftp-ar-
`chives/tsx-11 .mit.edu/Oct-07-1996/ALPHA/ifs/>.
`from the
`ovlfs.1.0.sre.tgz
`source
`code
`tarball,
`retrieved
`Internet: <URL:http://www.ibiblio.org/pub/Linux/system/
`filesystems/>.
`“Clean Slate”, http://www.fortres.com/products/cleanslate.htm, Jan.
`13, 2004.
`“FAQ—2001013”, http://www.fortres.com/support/faqviewarticle.
`asp?ID=2001013, Oct. 24, 2003.
`“FAQ—2001014”, http://www.fortres.com/support/faqviewarticle.
`asp?ID=2001014, Nov. 25, 2003.
`“FAQ—2001015”, http://www.fortres.com/support/faqviewarticle.
`asp?ID=2001015, Nov. 23, 2003.
`“FAQ—2001025”, http://www.fortres.com/support/faqviewarticle.
`asp?ID=2001025, Dec. 15, 2003.
`Fortres Grand Corporation, “Computer Security Software—ALife-
`saver for Schools”, www.fortres.com, May/Jun. 2001 (presumed.
`from presented article: periodical not available).
`“Clean
`Slate
`FAQ,”,
`http://www.fortres.com/products/
`cleanslate_faq.htm, Jan. 13, 2004.
`“Awards”,
`http://www.fortres.com/products/awards.
`htm#cleanslate, Jan. 13, 2004.
`
`* cited by examiner
`
`

`

`U.S. Patent
`
`Oct. 3, 2006
`
`Sheet 1 of 5
`
`US 7,117,495 B2
`
`Layer Manager
`
`100
`
`Applications
`
`102 —~_
`
`ManagementAPI
`
`104
`
`Fig. 1
`
`200
`
`202
`
`204
`
`206
`
`Base File system
`
`
`
`
`
`
`
`

`

`U.S. Patent
`
`Oct. 3, 2006
`
`Sheet 2 of 5
`
`US 7,117,495 B2
`
`Fig. 3
`300
`
`
`
`
`FSL Management
`Application
`
`Windows Explorer
`
`
`
`304
` Other
`
`Applications
`
` 306
`
`
`
`
`
`
`
`FSL API Library
`
`
`312
`
`FSL Compression
`Library
`
`FSL System Driver
`
`
`
`Operating System \
`
`
`
`
`
`Registry Subsystem
`
`File System Subsystem
`
`318
`
`314—
`
`Storage
`
`
`
`
`Processor
`
`

`

`Wait for read request
`
`502
`
`
`Is
`
`file reference
`
`maintained in
`an enabled
`
`layer?
`
`
`
`Use reference of request
`
`
`to execute regular read
`
`
`
`U.S. Patent
`
`Oct. 3, 2006
`
`Sheet 3 of 5
`
`US 7,117,495 B2
`
`500
`
`Fig. 5
` 506
`
`
` Identify owner layer
`
`
` Execute read using
`virtual file reference
`
`
`Identify virtual
`file reference
`
`

`

`U.S. Patent
`
`Oct. 3, 2006
`
`Sheet 4 of 5
`
`US 7,117,495 B2
`
`600
`
`Wait for write request
`
`Is
`
`file reference
`to be captured to
`an enabled
`layer?
`
`Fig. 6
` 602
`to execute regular write
`
`
`
`
`
`
`606
`
`Use reference of request
`
`Identify capturing layer
`
`Create virtual
`file reference
`
`Execute write using
`virtual file reference
`
`

`

`U.S. Patent
`
`Oct. 3, 2006
`
`Sheet 5 of 5
`
`US 7,117,495 B2
`
`700
`
`Wait for requestfor registry setting
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`706
`
`Execute normalregistry
`function
`
`
`Is
`
`registry request
`to be captured to
`an enabled
`layer?
`
`Yes
`
`Identify destination layer
`
`712
`
`Create virtual registry
`setting in layer
`
`Create delete entry in virtual
`registry, or delete entry if
`isolated to layer
`
`
`
`Setvirtual registry
`setting in layer
`
`

`

`US 7,117,495 B2
`
`1
`SYSTEMS AND METHODS FOR THE
`CREATION OF SOFTWARE PACKAGES
`USING LAYERED SYSTEMS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application claims the benefit of U.S. Provisional
`Application No. 60/387,969 filed Jun. 12, 2002 which is
`hereby incorporated by reference in its entirety.
`
`BACKGROUND OF THE INVENTIONS
`
`Prior computing systems have been susceptible to appli-
`cation conflicts with the host operating system (OS) and
`other applications. Whenan applicationis installed to an OS,
`a numberof globally accessible files are often placed to the
`computing system, including for example shared libraries
`and system configuration. Those shared libraries are often
`provided in different versions, with applications requiring
`one version or another. A mismatch between a library
`version and a version required by an application sometimes
`results in that application crashing, becoming inoperable, or
`exhibiting other errors. Shared configuration elements are
`sometimes globally available to applications, which may
`write a favored configuration thereto. Following a write to
`that configuration other applications may be unable to read
`the configuration properly, or may be unable to function
`under a new specified configuration. Thusit is that following
`the installation of an application to a computer, other appli-
`cations may stop working.
`Installing a numberof applications to a computer can be
`something of a black art. An administrator may, with good
`intentions and understanding, install several applications to
`a computer. Upon testing an installation or during use, the
`administrator or a user may discover that one or more
`applications operate errantly or notat all. It is usually not
`apparent which applications are in conflict. The administra-
`tor may enter a procedure in which applications are unin-
`stalled from the computer in a process of elimination to find
`the offending applications. Sometimes deinstallation pro-
`grams do not remove all
`installed files,
`in which that
`procedure mayfail to locate the problem. The administrator
`is then required to continue by creating a clean (or virgin)
`installation, and installing applications oneat a time until the
`problem is located.
`When applications are found to conflict, a choice must
`usually be made as to which one will be installed. One of the
`applications is sometimesinstalled to a different computer to
`avoid the conflict. If conflicting applications must be
`installed to a single computer, a new version ofat least one
`of the applications must be sought and purchased from the
`software vendors. A non-conflicting version may not be
`available, especially if a vendor is small, not supporting the
`application, or no longer in business.
`Snapshotutilities are available, which generally operate
`to create a database ofall files and registry settings on a
`computer. Prior to installing an application, a snapshot is
`taken of the files and registry settings. The application is
`then installed, and tested. If the application fails to work
`satisfactorily, the system can be restored by comparing the
`existing files and registry settings against the snapshot and
`removing installed files and otherwise restoring the system
`as before. Snapshotutilities have several limitations. First, if
`a newly installed application causes a prior installed appli-
`cation to fail, it is often not possible to simply revert to a
`snapshot madeprior to older application installation, espe-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`cially if there have been other applications installed in the
`interim. The administrator may be required to revert back to
`the earlier snapshot, and then re-install
`the intervening
`applications and the new application. Additionally, there are
`usually a limited numberof snapshots that can be stored, and
`thus a required snapshot may not have been retained when
`found to be needed.
`
`Likewise, a system may berestored to an earlier state if
`backups have been made. That restoration process, however,
`usually involves a significant amount of time and destroys
`all data recorded to the system after the time of the backup.
`Another method involves recording a series of changes
`(or “diffs”) to a buffer. Using that method a system can be
`restored back to a point in time by reverse application of the
`diffs to the file system backto the selected point in time. That
`method typically requires a fixed amount of disk space for
`the diff buffer, which becomes unavailable for regular use.
`As the buffer becomes full, the only way to continue to
`record diffs is to overwrite older diffs. Because of this
`
`limitation, the method can only restore a system back to a
`date for which diffs remain available.
`In addition,
`this
`method requires three disk operations per write request: one
`to read the existing disk information, one two write the diff,
`and one to write the original request. This method is
`therefore processor and disk intensive.
`The Microsoft Windows ME™OS includes a feature
`
`called “System Restore”. That system is essentially a snap-
`shot system, and only backs up files related to the OS and
`installed applications (not userfiles).
`A current practice of maintaining computers is to image
`the hard drive of a computer while in a workingstate. If the
`computer becomes unstable, or
`if undesirable content
`appears on the computer, the computer’s drive is restored
`using the earlier made image. This practice is lacking in that
`all changes made following the image creation are wiped off
`the system when the computer is restored, including user
`files and other applications.
`Also, someapplications are not provided with an uninstall
`program. To de-install those applications an administratoris
`required to know where the application files and settings
`reside in the system, and remove them manually.
`It is therefore apparent that much time and moneyis
`expendedin the administration of applications on computing
`platforms, and thus there is a need for a way to ease the
`installation and de-installation of applications, and prevent
`application conflicts.
`
`BRIEF SUMMARY OF THE INVENTIONS
`
`The inventions relate generally to computer systems hav-
`ing facilities for providing virtual portions of file systems
`and configuration settings to applications. More particularly,
`the inventions relate to methods of capturing software
`packages using layered computing systems and software
`package products produced by those methods. Detailed
`information on various example embodimentsof the inven-
`tions are provided in the Detailed Description below, and the
`inventions are defined by the appended claims.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 illustrates components of a layering computer
`system at a conceptuallevel.
`FIG. 2 illustrates an operation of a layering computer
`system at a conceptuallevel.
`FIG. 3 illustrates components of a particular layering
`computer system.
`
`

`

`US 7,117,495 B2
`
`ments of the inventions, example of which are illustrated in
`the accompanying drawings.
`
`DETAILED DESCRIPTION
`
`15
`
`3
`FIG. 4 illustrates components of a layering computer
`system at simple organizational level.
`FIG. 5 showsa simplified method for performing read file
`system operations using a layered computing system.
`FIG. 6 shows a simplified method for performing write
`file system operations using a layered computing system.
`FIG. 7 showsa simplified method for performing registry
`operations using a layered computing system.
`Reference will now be made in detail to some embodi-
`
`4
`managed with a greater degree of flexibility and reliability,
`also with improved security. As changes to a layered system
`are made, the changes are organized while being written,
`rather than tracking the changes made. By doing this both a
`speed penalty and the dedication of large amounts of storage
`for images and changes are avoided.
`Depicted in FIG. 1 are components of a layering computer
`system at a conceptual level. A base operating system 110
`forms a platform with which applications can be run and
`files can be accessed infile systems. Base operating system
`110 further has registry settings, globally available to appli-
`cations for reading and writing. The system has libraries 108
`for executing the functions of the operating system including
`operating file systems and registries, and other operating
`General Concepts
`system functions. Tied into libraries 108 are layering system
`For the purpose of simplifying the discussion herein, an
`libraries and/or software 106 which intercept file system and
`example computing device may be referenced. That device
`registry accesses from applications 104. As accesses are
`is a conventional personal computer or workstation having
`received from applications 104, the layering system soft-
`a CPU, memory, display, keyboard, mouse, andat least one
`ware 106 performs computations to determine whether the
`fixed disk. It will be apparent to one of ordinary skill in the
`accesses should be permitted to continue to the base oper-
`art that the concepts disclosed herein may apply equally to
`ating system 110, or should be redirected to layer informa-
`other computing systems that are not personal computers,
`tion 112, the information relating to and the contentsoffiles
`for example diskless workstations, headless workstations or
`and registry settings. A layer manager application 100 may
`servers, and embedded systems. Herein it is contemplated
`be provided to permit control and configuration of the
`that
`the inventions may be applied to these and other
`layering system software 106 through a management API
`computing systems, both existing and yet to be, using the
`and library 102.
`methods and principles disclosed herein.
`Depicted in FIG. 2 is the operation of a layering computer
`Likewise the discussion below speaks of Registries and
`system at a conceptual level. An application 200 is running
`registry settings, which are specific to Microsoft Windows™
`on a layered computing system. This computing system
`operating systems. It will be recognizedthatregistry settings
`contains a base file system 206, and twolayers labeled “A”
`are merely configuration for the operating system and appli-
`and “B”, 204 and 202 respectively. In this example layer B
`cations installed to a computing device, accessible through
`has priority over layer A, which in turn has priority over the
`a system-wide API. The meaningofregistries and registry
`base file system. A first file access 208 is made by applica-
`settings is therefore extended to future Windowsoperating
`tion 200. The layered computing system determines the
`systems and operating systems other than Windows, where
`ownerofthe file being accessed. Finding an entry forfile
`equivalent structures and access facilities exist thereon.
`access 208 in layer B, the correspondingfile in layer B is
`In the discussion below, the words “enabled” and “acti-
`opened and returned to the application. The file access of
`vated” are used-interchangeably to describe layers that are
`208 might also correspondto files in layers A or thebasefile
`active or enabled on a layering computing system. Likewise,
`system, howeverlayer B is determined to be the ownerasit
`the words “disabled” and “deactivated” may be used to
`has priority over layer A and the base. Anotherfile access
`describe layers that are not enabledor active.
`210 is madeby application 200. The computing system does
`Provided in one aspect of the invention are application
`not, however, find a corresponding entry in layer B. An entry
`layers which are isolated from other applications on a
`is found in layer A, which haspriority over the base file
`computer. In that aspect, an application layer may be defined
`system. Again,
`if a file existed in the base file system
`to be a group offiles in combination with any associated
`corresponding to the file access, it would not be accessed
`application configuration stored to operating system files.
`because layer A is found to be the ownerwith priority. The
`An application of a layered system maybe an application in
`computing system is not able to find corresponding entries
`the most commonly used meaning, such as word processors,
`in layers A or B for file access 212, so that access is made
`browsers, system tools, games, and the like, or may extend
`to the base file system.
`to other software installed to a host providing an environ-
`In FIG. 4 components of a layering computer system at
`ment, such as a graphical user environmentor shell. It will
`simple organizational level are shown. A computing device
`be seen thatisolating application files and configuration in a
`includes a processor 400, which may also haveperipheral
`layer provides several benefits,
`including the ability to
`devices attached such as memory, input devices or output
`delete, disable, and enable applications in a simple way and
`devices as desired. Processor 400 interacts with one or more
`to provide a barrier between applications which may use
`storage devices 402, providing storage for the processor. On
`conflicting configuration or library files. The use of a lay-
`storage 402 is a base operating system 408 andapplications
`ering system may therefore enhancethe stability, reliability,
`410. A number of layers 404a—» are also contained on
`usability and security of a computing system.
`storage 402, each having applications 406a—n.
`A layered system introduces a new concept of organizing
`
`data from disparate sources and presenting a virtual view of In larger aspects, a layer may be defined to beasetoffile
`that data to an operating system and a user. This permits the
`system and registry changes, that combination forming an
`real data to be much morelogically organized while still
`organizational unit that may be managed by layered system
`presenting to the operating system and the user an expected
`software. In some cases, a layer need not contain registry
`view and access of that data. In a sense, a layer is a higher
`changes, but only changes to one or morefile systems. In
`order storage unit. Because a layer can be managedas a unit
`those cases it may be desirable to limit support in the layered
`for the purposes of exporting,
`importing, enabling, dis-
`system software to files of file systems. A layer definition
`abling, and so on, a computer system and user data can be
`may include layer properties and settings, layer inclusive
`
`25
`
`30
`
`35
`
`40
`
`45
`
`

`

`US 7,117,495 B2
`
`6
`5
`pending the receipt of a write request. A determination is
`files, references to thosefiles, registry settings and locations,
`then made in step 604 as to whetheror not the file reference
`and a manifest or directory thosefile and registry references.
`of the request should be captured to an enabled layer. That
`References may be made inherent, if desired, by locating
`determination may be made, for example, by noting the state
`files and registry settings in a structure that mirrors a real
`of the system software is in a capture state, and in some
`underlying file system. Such a mirroring system may be
`circumstances by noting the PID of the calling application
`organized in a commondirectory, with one subdirectory per
`and parents. If no enabled layer is configured for capture,
`defined layer, each containing a mirrored directory structure
`step 606 executes in which the usual write operation is
`of the underlying file system.
`executed using the file reference of the request. Otherwise,
`An exported layer will contain all of the layer-included
`a capture layer is identified in step 608. Step 610 then
`information bundled in a transportable archive. Exported
`executes, in which a virtual file reference is determined that
`layers may be further bundled into groups, which is espe-
`corresponds to the file reference of the write request. That
`cially useful for layers that rely on other layers, such as
`virtual file reference might be an offset and length for an
`layers of a hierarchy or peer layers. For systemsthat utilize
`unused portion of a storage device in some systems, a
`a mirror structure of an underlying file system, it may be
`pathnameat a mirrored location in other systems, or other
`desirable to hide the mirror structure from applications,
`reference. Afterward, the write operation is executed using
`except perhaps a manager application, so as to prevent
`that virtual file reference in step 612.
`accidental data modification, loss, or meddling.
`The read and write operations spoken ofin the discussion
`A layer intending to isolate an application has stored
`of FIGS. 5 and 6 may be performed on some systems
`thereon the files and directory structure of the application’s
`through an open( ) call. A read request, for example, might
`installation. When that layer becomes mounted (or enabled),
`be a call to open( ) with a pathnameasa file reference and
`those application files and directories are shadowed or
`“ry? as an option. Likewise, a write request might be a call to
`overlaid over the regular operating system file system.
`open with “w” or “+” as an option. In either case, a file
`Shared libraries (such as DLLs), system accessible configu-
`handle is returned which would correspondeither to a true
`ration (such as registry entries), and version control are
`
`managed by the layering subsystem, optionally using an file reference (if the file reference is not managedinalayer)
`internal database. Though each layer is a separate and
`or to a virtual file reference (if the file reference is managed
`individual entity within the host OS, the application files,
`in at least one layer). That file handle will continue to be
`data, and system accessible configuration are presented as if
`used in data read and write operations, and thus the data will
`they resided in their respective ordinary locations. Thus an
`be delivered to and from the correct system locations. Other
`application stored in a layer appears to the host OS asif it
`systems may use other equivalent methods of opening,
`were installed in the ordinary fashion with the expected
`reading and writing, and applicable using the methods
`described herein.
`functionality.
`For example, suppose a layer existed in a Windows OS
`FIG. 7 shows a simple method for performing registry
`environment that specified that in C:\windows there should
`operations using a layered computing system. The method
`be a file called winfile.exe. Suppose that this file did not
`begins at step 700, following which a pause is executed at
`reside in the real C:\windowsdirectory. When the layer is
`step 702 until a request for registry setting operation is
`not active, a file listing of C:\windows does not show a
`received. Whena registry setting request is received, step
`704 executes in which a determination is made as to whether
`winfile.exe. When the layer becomes active, the layering
`or not the request is to be captured to an enabled layer.If not,
`system merges (or overlays) the real listing of C:\windows
`step 706 is executed in which a usual registry function is
`and the file list described in the layer. In this example,
`called, as if layering were not present in the system. Oth-
`applications (and thereby a user) would see all ofthefiles in
`erwise, step 708 is performed, in which a destination layer
`the real C:\windows directory and winfile.exe. Registry
`is identified. Step 710 tests the request for a registry entry
`values in a layer may be handled in a similar manner.
`creation request. If a creation request was received, step 712
`Shownin FIG. 5 is a simple method for performing read
`executes in which a virtual registry entry is created in the
`file system operations using a layered computing system. A
`destination layer. Otherwise step 714 is performed, testing
`loop is entered beginning at step 500. Execution halts in step
`for a registry entry deletion request. If positive, step 716 is
`502 pendingthe receipt of a read request. A determination is
`executed in which either a virtual registry entry is deleted,
`then madein step 504 as to whetherornot the file reference
`if the entry exists in a single layer, or a delete entry is made
`of the request is maintained in an enabledlayer. To perform
`in the virtual registry of the destination layer signifying that
`that determination all the layers on the system are generally
`examinedfor a virtual file correspondingto thefile reference
`the registry entry should not appear while that
`layer is
`
`of the request. Ifno enabled layer contains suchavirtualfile, enabled. If the request is neither a create or delete request,
`step 506 executes in which the usual read operation is
`step 718 is performedtesting for a set registry entry request.
`executed using the file reference of the request. Otherwise,
`If positive, step 720 executes creating a virtual setting in the
`an ownerlayer is identified in step 508. For example, if two
`destination layer.
`
`enabled layers contain a virtual referencetoafile, one will As in the above example, layers may contain file and
`take priority over the other and be identified as the owner
`registry deletion references. Those references may be used
`layer. Step 510 then executes, in which a virtual file refer-
`where a layer specifies the absence of a file or registry,
`ence is determined that correspondsto the file reference of
`setting, whereby a specified file or registry setting will
`the read request. Thatvirtualfile reference mightbe an offset
`appear to be absent from the computing system only when
`and length for a storage device in some systems, a pathname
`the layer is enabled.
`at a mirrored location in other systems, or other reference.
`The use of a layering system provides several advantages.
`Afterward, the read operation is executed using that virtual
`If applications are stored individually in layers, interactions
`file reference in step 512.
`between application files may no longer occur due to con-
`FIG. 6 shows a simple method for performing write file
`flicting shared libraries (DLLs), as each application ‘sees’
`system operations using a layered computing system. A loop
`only it’s owninstalledlibraries first, followed by libraries in
`is entered beginning at step 600. Execution halts in step 602
`the base operating system, those base libraries optionally
`
`40
`
`45
`
`
`
`

`

`US 7,117,495 B2
`
`8
`7
`A single layer having a read-only and a read-writable
`preceeded by libraries from other layers if desired. Appli-
`portion is equivalent to two layers, one of which is write
`cations captured in a layer may be safely and completely
`protected. In alternate systems, read-only and read-writable
`uninstalled by simply removing the layer from the host
`layer portions are individual peer layers; those layer defini-
`computing system. Different versions of an application may
`tions containing a reference to the accompanying peerlayer.
`be stored as layers on a single computer; the user may select
`In layered systems layers may be stacked on top of each
`a desired version by enabling the particular layer. A layering
`other, with the real file system at the bottom of the stack. If
`system mayalso extend the file systems of the OS beyond
`files of the same nameandlocation exist in multiple layers,
`physical limits if layers are stored on separate disk partitions
`or in the basefile system, rules can be provided wherebythe
`or remote file systems. If layering is used for a group of
`layered system can determine which file to present to an
`installed applications,
`the computing system may be
`application. In some systems,
`layers include dependency
`restored to a “virgin” or checkpoint state by removing one
`information. That dependency information may include a
`or a group ofapplication layers. The transfer of applications
`list of layer identifiers which are required to be enabled
`between similar computing systems can be simplified, in
`when a particular layer is enabled. Dependencies may be
`that the transfer may be done simply by moving the layer
`asserted when a layer is created, by recording the layers
`containing the application. The bundling of an application
`enabled on a layered system at the time of layer creation.
`and user files into a layer provides a package that may be
`The layering system software may automatically enable all
`compressed or encrypted and transported conveniently.
`dependent layers when a particular layer is enabled.
`Using a layering system application vendors can provide
`For ease of configuring and managing a layering system,
`‘pre-installed’ applications as layers on CD-ROM orother
`a manager application may be provided. The managerappli-
`media, those applications being pre-tested and guaranteed to
`cation permits an administrator or user to control the pre-
`work with a high reliability. A layer also provides a conve-
`sentation of applica