1. Field of the Invention
The present invention relates to computer systems with a computer running multiple operating systems and more particularly to computer systems with a computer running multiple containerized (see DEFINITIONS section) operating systems to be respectively used by multiple terminals (see DEFINITIONS section).
2. Description of the Related Art
It is conventional to have a computer, such as a modified PC desktop type host computer, which controls and operates a plurality of terminals. In fact, mainframe computers dating back to at least the 1970s operated in this way. More recently, each terminal has been given its own operating system and/or instance of an operating system. These kind of systems are herein called multi-terminal systems.
It is conventional to use a hypervisor to run multiple operating systems on a single computer. A hypervisor (or virtual machine monitor) is a virtualization platform that allows multiple operating systems to run on a host computer at the same time. Some hypervisors take the form of software that runs directly on a given hardware platform as an operating system control program. With this kind of hypervisor, the guest operating system runs at the second level above the hardware. Other hypervisors take the form of software that runs within an operating system environment.
Hypervisors have conventionally been used in multi-terminal systems where each terminal has a dedicated guest operating system on a single host computer. In these conventional multi-terminal systems, I/O devices communicate I/O data through the hypervisor to perform basic I/O operations (see DEFINITIONS section). More specifically: (i) data from the I/O devices is communicated through the hypervisor to the computing hardware of the host computer; and (ii) from the computing hardware (if any) is communicated through the hypervisor to the I/O devices. Because the hypervisor is a virtualization platform, this means that the I/O devices must be virtualized in the software of the hypervisor and/or the guest operating system so that the communication of I/O data through the hypervisor can take place.
FIG. 1 shows prior art computer system 100 including: desktop PC 102 and four terminals 104a, 104b, 104c and 104d. Desktop PC 102 includes: video card 110; I/O ports 112; CPU 114; host operating system (“OS”) 116; virtualizing middleware 118, four guest OS's (see DEFINITIONS section) 120a, 120b, 120c, 120d; and four guest applications 122a, 122b, 122c and 122d. Each terminal 104 includes: display 130 and keyboard-mouse-audio (“KMA”) devices 132. Host OS may be any type of OS, such as Windows, Apple or POSIX (see DEFINITIONS section). As shown in FIG. 1, host OS 116 runs at security level (see DEFINITIONS section) L0, which may be, for example in an x86 CPU architecture, Ring Zero. This means that host OS 116 exchanges instructions directly with CPU 116 in native form (see DEFINITIONS section).
The guest OS's 120a, 120b, 120c, 120d are used to respectively control the four terminals 104a, 104b, 104c, 104d. This means that the four guest OS's: (i) control the visual displays respectively shown on displays 130a, 130b, 130c, 130d; (ii) receive input from the four keyboards 132a, 132b, 132c, 132d; (iii) receive input from the four mice 132a, 132b, 132c, 132d; and (iv) control audio for the four audio output devices (for example, speakers, headphones) 132a, 132b, 132c, 132d. The four guest OS's 120a, 120b, 120c, 120d are containerized virtual machines so that work by one user on one terminal does not affect or interfere with work by another user on another terminal. As shown in FIG. 1, they can respectively run their own application(s) 122a, 122b, 122c, 122d in an independent manner.
However, the four guest OS's are virtual machines, running at a security level 13, which is above the OS security level (see DEFINITIONS section) L0. For example, in an x86 architecture, the guest OS's 120a, 120b, 120c, 120d would be running at Ring Three. This is an indirect form of communication with the CPU 114. Furthermore, the instructions exchanged between the guest OS's and the CPU are virtualized by virtualizing middleware 118, which may take the form of a hypervisor or virtual machine manager (“VMM”). For example, some of the exchanged instructions relate to basic I/O operations. When the exchanged instructions are virtualized by virtualizing middleware 118, the instructions are taken out of their native form and put in a virtualized form. This virtualized form is generally a lot more code intensive than native form. This virtualization makes operations slower and more prone to error than similar exchanges between a host OS, running at the OS security level and the CPU.
US patent application 2004/0073912 (“Meza”) discloses a system and method for automatically detecting the attachment of a peripheral device to a host system, and configuring the host system for communication with the peripheral device. In Meza, advertisements or other relevant information about the peripheral device or the host system is displayed to a user, when the host system detects the attachment of the device. In Meza, a host includes a USB hub to which device attaches via a pipe. Hubs are wiring concentrators that define an attachment point in a bus (for example, USB) architecture. An attachment point in Meza is typically an addressing scheme that corresponds with a unique identifier which allows the host to communicate with the attached peripheral. In Meza, attachments points are also referred to as ports. The USB device can be attached to one or more ports on the USB hub. When the USB device attaches to the host, an embedded hub (that is, root hub) at the host senses the presence of device on a port and interrogates the USB device for identifying information.
US patent application 2007/0043928 (“Panesar”) discloses a method of giving virtual machines (VMs) direct access to USB devices with a combination hardware and software solutions. The USB host controller replaces device identifiers assigned by the VM with real device identifiers that are unique in the system. The real device identifiers are assigned by the VMM or the host controller.
US patent application 2007/0174410 (“Croft”) discloses a computer system for incorporating remote windows from remote desktop environments into a local desktop environment. In the Croft system: (i) a first virtual channel is coupled to a remote desktop environment provided by a virtual machine; (ii) a second virtual channel is coupled to the remote desktop environment; and (iii) a local agent is coupled to the remote desktop environment via the first and second virtual channels. The first virtual channel conveys graphical data associated with a remote window provided by the remote desktop environment. The second virtual channel conveys window attribute data associated with the remote window provided by the remote desktop environments. The local agent directs the formation of a local window in the local desktop environment corresponding to the remote window provided by the remote desktop environment, the first local window displaying the graphical data conveyed by the first virtual channel in accordance with the window attribute data conveyed by the second virtual channel.
Other publications potentially of interest include: (i) US published patent application 2008/0092145 (“Sun”); (ii) US published patent application 2006/0267857 (“Zhang”); (iii) US patent application 2007/0174414 (“Song”); (iv) Applica PC Sharing Zero Client Network Computing Remote Workstation powered by Applica Inc. (see www.applica.com website, cached versions 31 Jul. 2007 and earlier); (v) US patent application 2003/0018892 (“Tello”); (vi) US patent application 2007/0097130 (“Margulis”); (vii) US patent application 2008/0168479 (“Purtell”); (viii) U.S. Pat. No. 5,903,752 (“Dingwall”); (ix) US patent application 2007/0028082 (“Lien”); (x) US patent application 2008/0077917 (“Chen”); (xi) US published patent application 2007/0078891 (“Lescouet”); (xii) US published patent application 2007/0204265 (“Oshins”); and/or (xiii) US published patent application 2007/0057953 (“Green”).
Description Of the Related Art Section Disclaimer: To the extent that specific publications are discussed above in this Description of the Related Art Section, these discussions should not be taken as an admission that the discussed publications (for example, published patents) are prior art for patent law purposes. For example, some or all of the discussed publications may not be sufficiently early in time, may not reflect subject matter developed early enough in time and/or may not be sufficiently enabling so as to amount to prior art for patent law purposes. To the extent that specific publications are discussed above in this Description of the Related Art Section, they are all hereby incorporated by reference into this document in their respective entirety(ies).