1. Prior-Art
This patent application contains a large number of technical terms a layman may not be familiar with. A glossary providing a short explanation of these terms is available on page 10.
A virtual machine monitor (VMM) is a software program that emulates a computer system. A computer would run a VMM in order to enable the concurrent execution of additional operating system (OS) instances. The additional OS instances run in what is referred to as a virtual machine. A virtual machine consists of ‘virtual’ emulated hardware resources such as a CPU, graphics- and network-adapters, hard disks and hard disk controllers. Each virtual machine runs one OS instance, for example Linux or Microsoft Windows. The computer executing the VMM is referred to as a host system, each OS instance running in a virtual machine is referred to as guest OS. The technology is referred to as full virtualization (see http://en.wikipedia.org/wiki/Full_virtualization, Mar. 10, 2009) but will in the following only be referred to as ‘virtualization’.
Each guest OS runs applications in an isolated environment, independent of the other OS' and the host OS. The host system controls access of the virtual machines to the available hardware resources, such as a physical memory, graphics-, network-, or sound-adapters. The guest OS is typically installed on a virtual hard disk. A virtual hard disk is a large file that contains the complete content and structure of a physical hard disk.
Virtualization is often used in datacenters where applications are tied to operating system installations that each run on a single computer system. It is common that applications deployed in this way only use a fraction of a system's compute capacity. Virtualization allows for replacing multiple underutilized computer systems with virtual machines that run on a single physical system. This migration from real physical machines to virtual machines reduces operating expenses for power and cooling. Other areas where this technology is applicable are development, testing and demo environments. By decoupling the guest OS and applications installed in the guest OS from physical hardware, virtualization allows for the quick deployment of OS instances and applications on existing host systems without requiring the procurement of a new physical system.
Virtualization technologies emerged in the late 1960s and 1970s and virtualization systems for modern hardware architectures have been available since the late 1990s as shown in U.S. Pat. No. 6,397,242 to Bugnion et al., May 28, 2002.
With increasing hardware performance of affordable desktop and laptop systems, the rapidly declining price/capacity ratio of external storage devices, and the free or low-cost availability of VMMs from vendors like Microsoft Inc. or VMWare Inc. these technologies can now be combined to facilitate the concept of a portable virtual machine. A virtual hard disk image that contains an installed OS can be stored on an external storage device, such as a USB flash memory drive, compact flash card, mini hard disk drive, portable music player, or a cell phone with embedded storage. This enables a personal portable ‘computer in a pocket’ that provides persistent storage of an OS, applications, user settings and user data. (Persistent storage means that data is not lost when the system is shut down).
Various solutions for portable computing environments have been proposed. One approach is sold under the trademark Mojopac from RingCube Technologies Inc. of Santa Clara, Calif. Mojopac is not based on full virtualization as described above but rather simulates isolated instances of OS services as for example the registry in Microsoft Windows. The drawback of the approach taken by RingCube is that it is inherently OS specific. The applications installed on a portable device are not portable across different host operating systems.
Another approach to providing a portable computing environment is trademarked Moka5 from Moka5 of Palo Alto, Calif. Moka5 uses hardware virtualization and incorporates a customized VMM from VMware Inc. Other VMMs are not supported. The disadvantage of this solution is that I/O read and write operations from the portable OS directly access a virtual hard disk stored on a portable storage device or a network repository (U.S. patent application Ser. No. 11/428,008 to Monica Sin-Ling Lam et al., Jun. 30, 2006). For maximum portability a small form factor of the portable storage device is highly desirable. Consumer grade flash memory devices offer the smallest form factor but only support significantly lower write speeds than internal storage (The term internal storage refers to storage mediums that are attached internally to a computer system, typically through an internal IDE, SATA or SAS bus). Compared to an OS that is installed on a virtual hard disk on internal storage Moka5 delivers low performance. In addition, I/O operations to a network repository depend on the availability and reliability of a network connection, a dependency that is not desirable for a portable solution.
Another I/O related problem that is not addressed by Moka5 is the fact that the number of sustainable erase/write cycles for flash-memory-based devices is limited. Flash memory is non-volatile computer memory. Storage blocks are electrically erased and reprogrammed with every write operation to the flash memory device. The number of erase/write cycles each data block can sustain is limited. An entire storage device can become unusable because a few blocks that are accessed very frequently, have reached their erase/write cycle limit. If an OS writes directly to a virtual hard disk that is stored on a flash-memory-based device, the lifetime of the storage device is negatively impacted since the OS accesses the virtual hard disk very frequently.
To mitigate the problem of flash memory ‘wearing out’ the concept of ‘Wear Levelling’ was introduced. For consumer grade flash memory devices ‘Wear Levelling’ is implemented in the firmware of the devices' flash memory controller. The method tries to distribute data written to flash-based-memory evenly across all available data blocks on the storage device. The goal is to avoid the situation described above where storage blocks that are erased and re-written frequently fail and render the entire device unusable before the less used data blocks have reached the end of their lifetime.
Several wear levelling algorithms have been proposed, for example in U.S. Pat. No. 5,568,423 to Jou et al., Oct. 22, 1996, and U.S. Pat. No. 5,341,339 to Wells, Aug. 23, 1994. While wear levelling mitigates the problem, the underlying issue remains. Particularly when a high percentage of a device's capacity is in use, write operations can only be balanced across a relatively small number of physical data blocks.
The concept of a ‘Portable Personal Computing Environment Server’ is proposed in U.S. patent application Ser. No. 11/154,084 to Narayanaswami et al., Jun. 16, 2005 (see also Publications U.S. Ser. No. 10/795,153 and U.S. Ser. No. 11/281,795). The concept is based on bootstrapping an OS from a portable storage device. The personal computing environment is then run in a virtual machine that runs on the OS that was booted from the portable storage device. While this approach allows for saving and restoring the state of the personal computing environment it suffers from the limitation that the host OS needs to be booted from the portable device. This implies that any running OS on the host system needs to be shut down first. The other drawback of this approach is that it requires the adjustment of Basic Input/Output System (BIOS) settings on the system the portable storage drive is connected to (The BIOS is a standard defining a firmware interface for IBM PC compatible computers). Particularly inexperienced users will not feel comfortable making changes to the BIOS, as a configuration mistake can render a system unusable. This approach also suffers from the same disadvantage described in the context of Moka5. The virtual machine as well as the portable host OS directly access the portable storage device. Particularly if flash-memory-base storage is used this results in slow performance and limited longevity of the storage device.
U.S. patent application Ser. No. 11/032,775 to Birrell et al., Jan. 10, 2005 proposes a personal computing environment that is based on a combination of data cached on a portable storage device and data stored on a storage device accessible through a network connection. Such an approach is dependent on the availability, performance and reliability of a network connection.
Another approach to providing a portable computing environment is based on the customization of applications to enable them to execute directly from the portable storage device. An example of this approach is sold under the trademark U3 from U3 LLC of Milpitas, Calif. The main drawback of this solution is that only a relatively small number of modified applications is available. The other drawback is the dependence on a host OS that supports the respective applications.
A feature that enables an OS that is installed on a flash-memory-based device to take advantage of a storage medium with faster I/O performance is called Enhanced Write Filter (EWF) from Microsoft Inc. of Redmond, Wash. EWF is packaged with Microsoft Windows XP Embedded. Windows XP Embedded is a modular version of Windows XP specifically for use in embedded devices such as ATMs, arcade games, slot machines, cash registers, industrial robotics, thin clients, set-top boxes etc. EWF is based on a technique that is referred to as copy-on-write (COW). With COW, write operations to a storage medium are redirected to another storage medium. (The COW technique will be described in more detail below). EWF's COW implementation supports the redirection of write operations to flash-memory-based storage to fast volatile Random Access Memory (RAM) or alternatively a second partition on the storage medium the OS is installed on. Redirecting write I/O operations to a second partition on the same storage device does not address the described problem of lack of performance and longevity of flash-memory-based storage devices. Reliably redirecting write I/O operations to RAM provides performance benefits but requires that the storage capacity available on the storage device is matched by the amount of memory available on the host system. Moreover, running an instance of Windows XP Embedded from a portable flash-memory-based storage device would also require the modification of BIOS settings and shut down of the OS running on the system the device is connected to. The other obvious limitation of EWF is that this method is specific to one version of one OS.
2. Advantages
Accordingly, several advantages of one or more aspects are to provide a method for the efficient and secure launch and operation of an OS instance installed in a virtual hard disk that is stored on a portable storage device. After the portable storage device has been connected to a host system with an installed VMM, the OS instance can be run in a virtual machine. In the following this OS instance will be referred to as the portable OS.
Unlike other solutions that require the installation of a specific VMM on a host system or only support a specific host OS, the proposed method provides flexibility by automatically and dynamically adapting the portable OS installation to hardware that is emulated by the VMM that was autodetected on the host system. Examples of VMMs supported in the first embodiment are VMware Workstation and VMware Player from VMware Inc. of Palo Alto, Calif., Virtual PC from Microsoft Inc. of Redmond, Wash. and VirtualBox Open Source Edition (OSE) from Sun Microsystems Inc. of Mountain View, Calif. through acquisition of Innotek GmbH of Weinstadt, Germany.
Providing the source code for the method is compiled for the respective host OS and packaged with the portable storage device, the portable OS can be launched on a wide range of hardware platforms supported by the respective VMMs, such as Microsoft Windows XP, Microsoft Windows Vista, RedHat Linux, SuSE Linux and Apple MacOS. Supporting a wide range of OS and VMM platforms is crucial for a portable solution. A user may not know in advance what type of system will be available for use with the portable OS. For source code portability the first embodiment was implemented in C++ using the cross-platform development toolkit QT from Nokia Corporation that is supported on Microsoft Windows, Unix/Linux and Apple MacOS.
The described method also optimizes the configuration of the virtual machine running the portable OS for performance, security and stability. Write operations from the portable OS to virtual hard disks are redirected to overlay files on a storage medium that provides better I/O write performance than the portable storage device. Particularly consumer grade, flash-memory-based portable storage devices show poor write I/O performance as compared to internal storage. With the proposed configuration slow write I/O performance of the portable storage device does not adversely affect run time performance of the guest OS. It is important to note that read performance of flash-memory-based storage devices is significantly higher than write performance and therefore has a much lesser effect on virtual machine performance.
After the portable OS has been shut down, data that was written to overlay files at run time can be merged with the virtual hard disks on the portable storage device if the respective data is not to be lost.
Another benefit of the described method is increased longevity of the portable storage device, particularly for devices that use flash-memory. Storage blocks in flash-memory can only sustain a limited number of erase/write cycles (http://en.wikipedia.org/wiki/Flash memory, Mar. 10, 2009). The amount of write operations to the external storage device is reduced, as data blocks that have been modified multiple times are only written back to the portable storage device once. As Operating systems frequently access very specific areas of a disk drive the reduction in write operations through consolidated write operations after shut down is very significant.
Other benefits of the described method are superior security and stability as compared to a traditional OS installation to a system's internal storage. User and system data are separated and stored on two different virtual hard disks. For the typical use case where a user accesses user data through an installed application, the first embodiment provides a GUI that allows for enabling the automatic removal of modified system data after shutdown. This means that system changes that are the result of virus infections or unknowingly installed malware can not compromise the system's integrity after shut down. The GUI also provides a configuration option that enables that the user is prompted for feedback regarding the merging of overlay files for system data. This option is provided in case it is not known beforehand if applications will be installed on the virtual hard disk storing system data.
Another benefit of the described method is that it enables a user to create a fixed system installation that includes stable versions of all applications needed. If system changes are deleted after shutdown, the user can rely on a clean installation and the exact version of the respective applications whenever the system is started. As user data is stored on a separate virtual hard disk, system changes can be discarded while user data remains persistent. This is an important factor as some applications update themselves automatically to newer versions that are sometimes less stable than the versions that they are replacing.
The described method also maximizes usable virtual hard disk space on the portable storage device through a specific OS configuration for the management of page file data. Page files are used by modern operating systems to temporarily store data that cannot be accommodated by physical memory. Page files are created and expanded by the OS as needed. Page data is transient and does not need to be permanently stored by the OS. The described method uses a separate, dynamically expanding virtual hard disk for storing paging data. At startup time this virtual hard disk does not contain any data and only one ‘empty’ virtual hard disk per supported VMM type needs to be stored on the portable storage device. This method significantly increases the amount of virtual hard disk space available for the portable OS on the external storage device.
Further advantages of various aspects will become apparent from a consideration of the ensuing description and drawings.