A computer system typically includes a computer file-system. A computer system typically includes an operating system. The operating system may include a framework for in-line monitoring of accesses to the file-system. Such a framework could be a file-system filter driver.
Need for Manipulating the Original Content of an Original Read-Only Computer File
Such a file-system filter driver would logically reside above the file-system stack and would have the ability to monitor and modify input/output requests that are sent to and completed from the underlying file-system. In addition, such a file-system filter driver could allow sophisticated file-data manipulation features, such as file data encryption and file data compression. Some modern operating systems support using file-system filter drivers to perform non-length preserving data transformations (e.g., file data encryption, file data compression). However, other operating systems do not provide such support. Thus, for those operating systems, there is a need to manipulate the original content of an original read-only computer file.
Challenges in Manipulating the Original Content of an Original Read-Only Computer File
For example, an operating system based on Microsoft Corporation's Windows NT kernel (e.g., Windows 2000, Windows XP, Server 2003) does not support manipulating the original content of an original read-only computer file. Specifically, such an operating system does not support using file-system filter drivers to perform non-length preserving data transformations. Namely, in such an operating system, the underlying file-system discloses the on-disk length of the file to the operating system's cache manager directly, without giving any of the mounted filter drivers a chance to transform the length appropriately. For example, if a file were encrypted (using an algorithm that increases the file length)(i.e., transformed via a non-length preserving data transformation), the cache manager would see the encrypted file-length, which is larger than the decrypted length of the file. If the file were paged-in by the cache-manager for caching, the cache manager would attempt to stream in data past the decrypted end-of-file. Such an attempt would lead to incorrect computer system behavior or an application crash. Specifically, if the encrypted file were a kernel driver for the operating system, the computer system could display an operating system blue-screen and/or experience kernel panics.
Prior Art
As shown in prior art FIG. 1, a typical prior art system (1) transforms the original content of a computer file via a non-length preserving data transformation algorithm, thereby resulting in transformed content, (2) stores the transformed content in a transformed computer file, (3) creates an in-memory state version of the original content, (4) implements each file system operation to support input/output to the in-memory state version, and (5) caches the in-memory state version. Unfortunately, such a system duplicates the functionality of the underlying file system by implementing a mini-file system in (3). Also, the system duplicates file system input/output support for the in-memory state version in (4). Also, the system duplicates file system caching in (5).
Therefore, a method and system of manipulating the original content of at least one original read-only computer file in a computer file-system in a computer system, where the computer system includes an operating system including a framework for in-line monitoring of accesses to the file-system, is needed.