CN106776066B - Multi-system function processing method and device - Google Patents
Multi-system function processing method and device Download PDFInfo
- Publication number
- CN106776066B CN106776066B CN201611070807.8A CN201611070807A CN106776066B CN 106776066 B CN106776066 B CN 106776066B CN 201611070807 A CN201611070807 A CN 201611070807A CN 106776066 B CN106776066 B CN 106776066B
- Authority
- CN
- China
- Prior art keywords
- container
- systems
- control
- control request
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title description 6
- 230000006870 function Effects 0.000 claims abstract description 306
- 238000000034 method Methods 0.000 claims abstract description 56
- 238000012545 processing Methods 0.000 claims abstract description 25
- 238000004891 communication Methods 0.000 claims description 57
- 230000004044 response Effects 0.000 claims description 32
- 238000007667 floating Methods 0.000 claims description 11
- 238000010586 diagram Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 7
- 230000015654 memory Effects 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000001413 cellular effect Effects 0.000 description 2
- 238000005034 decoration Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003071 parasitic effect Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/544—Buffers; Shared memory; Pipes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a method and a device for processing system functions of multiple systems, wherein the method comprises the following steps: after receiving a control request aiming at system functions of other container systems, the first container system sends the control request to the master control system through a pre-established first container channel; the master control system sends the received control request to other container systems through other pre-established container channels; and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request. In the invention, a user does not need to switch between the first container system in the front and background and other container systems, and the control request can be directly input in the first container system, sent to other container systems and used for calling corresponding system function services in other container systems to respond. The user operation is greatly saved; malicious programs are difficult to invade the master control system, so that the information leakage probability is greatly reduced; user experience can be improved.
Description
Technical Field
The invention relates to the technical field of terminals, in particular to a method and a device for processing system functions of multiple systems.
Background
With the progress of society and the development of science and technology, terminal devices such as smart phones, tablet computers, electronic readers and the like are widely popularized.
A considerable number of terminal devices have two operating systems installed therein. Due to the requirement of fast system switching, two operating systems are usually simultaneously running in the terminal equipment.
In consideration of security and other factors, in the conventional multi-system function processing method, a plurality of system functions of the terminal device are generally divided, so that one operating system of two operating systems does not generally have some system functions, and the other operating system has the system functions. For example, one operating system does not have network access functionality, and the other operating system has specific network access functionality.
However, when a user needs to use a system function that is not available in the operating system currently located in the foreground, the user needs to manually quit and switch from the current operating system to another operating system by using the existing multi-system function processing method; logging in after an unlocking password is input on an unlocking interface of another operating system; starting and using the system function in another operating system; then switching back to the one operating system; after an unlocking password is input into an unlocking interface of the operating system, logging in; continue to interact with the one operating system. Therefore, the user uses the prior art, the operation steps of calling the system function of another operating system by using the foreground operating system are very complicated, inconvenience is brought to the user, and the user experience is easily reduced.
Disclosure of Invention
The invention provides a method and a device for processing system functions of multiple systems aiming at the defects of the prior art, which are used for solving the problem that the operation step of calling the system function of another operating system is complicated under the condition that a user interacts with a foreground operating system in the prior art, so that the user can call the system function of the other operating system without switching the operating system and other steps, and the operation steps of the user are greatly saved.
An embodiment of the present invention provides a method for processing system functions of multiple systems according to a first aspect, including:
after receiving a control request aiming at system functions of other container systems, a first container system sends the control request to a master control system through a pre-established first container channel;
the master control system sends the received control request to other container systems through other pre-established container channels;
and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request.
An embodiment of the present invention provides a multi-system function processing apparatus according to a second aspect, including: a first container system, other container systems and a master control system;
the first container system includes:
the first control module is used for sending the control request to the main control system through a pre-established first container channel after receiving the control request aiming at the system functions of the other container systems;
the master control system comprises:
the main control module is used for sending the received control request to other container systems through other pre-built container channels;
the other container system includes: other control modules and at least one system function module;
and the other control module is used for calling the corresponding system function module in the other container system to which the other control module belongs to respond according to the system function related to the control request after receiving the control request.
Preferably, the first control module in the first embodiment of the present invention includes:
the control request receiving and sending display unit is used for displaying system function options of other container systems in a pull-down status bar of the first container system and/or an expansion interface of a floating window; and after receiving the selection operation of the system function option aiming at the other container systems, confirming that the control request aiming at the system function option is received and forwarding.
Preferably, the first control module in the first embodiment of the present invention further includes: the system comprises a first system control function unit and a first system communication unit;
the first system control function unit is used for sending the received control request to the main control module through a first system communication unit in a first container system and a pre-established first container channel, wherein the control request is transmitted by the display unit; and
other control modules in the first embodiment of the present invention include:
the other system communication unit is used for forwarding after receiving the control request through the other container channel;
and the other system control function units are used for calling corresponding system function modules in other container systems to which the other system control function units belong to respond according to the system function which is expected to be controlled by the received control request forwarded by the other system communication units.
Preferably, the other control modules in the first embodiment of the present invention are further configured to return a response result to the control request;
the first control module in the first embodiment of the invention displays the response result according to the received response result returned by the other control modules.
Preferably, the first container system in the first embodiment of the present invention further includes: at least one system function module; and
the first control module is further configured to call a corresponding system function module in the first container system to respond after receiving a control request for a system function of the first container system.
Preferably, the main control module in the first embodiment of the present invention is further configured to determine whether the security level of the first container system that sends the control request is not lower than the security levels of the other container systems; if yes, the received control request is sent to the other container systems through the pre-established other container channels; otherwise, the received control request is ignored.
In the first embodiment of the present invention, a user does not need to switch between the first container system currently in the foreground and other container systems in the background, and also does not need to use the system functions of the first container system in other container systems, and a control request for the system functions of other container systems can be directly input in the first container system, and the first container system sends the control request to other container systems through the first container channel, the master control system, and the other container channels in sequence; and calling corresponding system function services in the other container systems to respond according to the system functions related to the control request by the other container systems. The operation of the user is greatly saved, and convenience is brought to the user. Because the main control system is positioned at the lower layer of the container system and does not provide the function of directly interacting with the user, the user cannot install the program into the main control system, even if the malicious program is disguised as the application or is parasitic in the application, the malicious program cannot be installed into the main control system, and the safety of the main control system is greatly enhanced; the malicious program is difficult to acquire the communication mode and the communication path between the container system and the main control system, and even if the container system is invaded, the malicious program is difficult to invade the main control system, so that the leakage probability of the confidential information in the terminal equipment is greatly reduced. Therefore, under the condition of ensuring the safety of the information in the terminal equipment, the system functions of other container systems can be directly called from the first container system, and the user experience can be improved.
The embodiment of the present invention also provides a method for processing system functions of multiple systems according to a third aspect, including:
after receiving a control request aiming at system functions of other container systems, a first container system sends the control request to the other container systems through a container channel between the first container system and the other container systems pre-established by a master control system;
and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request.
The embodiment of the present invention also provides, according to a fourth aspect, a multi-system function processing apparatus, including: a first container system, other container systems and a master control system;
the first container system includes:
the first control module is used for sending the control request through a container channel between the first container system and the other container systems pre-established by the main control system after receiving the control request aiming at the system functions of the other container systems;
the other container system includes: other control modules and at least one functional module;
and the other control modules are used for calling corresponding system function modules in other container systems to which the other control modules belong to respond according to the system functions related to the control request after receiving the control request.
Preferably, the first control module in the second embodiment of the present invention includes: the system comprises a first system control function unit and a first system communication unit;
the first system control function unit is used for sending the received control request through a first system communication unit in the first container system and a container channel between the first container system and the other container systems pre-established by the main control system; and
the other control modules in the second embodiment of the present invention include:
the other system communication unit is used for forwarding the control request received by the container channel;
and the other system control function units are used for calling corresponding system function modules in other container systems to which the other system control function units belong to respond according to the system function which is expected to be controlled by the received control request forwarded by the other system communication units.
In the second embodiment of the present invention, a user does not need to switch between the first container system currently in the foreground and the other container systems in the background, or use the system functions of the first container system in the other container systems, and a control request for the system functions of the other container systems can be directly input in the first container system, and the first container system sends the control request to the other container systems through the container channel; and calling corresponding system function services in the other container systems to respond according to the system functions related to the control request by the other container systems. The operation of the user is greatly saved, and convenience is brought to the user; malicious programs are difficult to acquire communication modes and paths among the container systems, even if one container system is invaded, the other container system is difficult to invade, and the leakage probability of confidential information of each container system in the terminal equipment is greatly reduced. Therefore, the safety of the information in the terminal equipment can be improved, the system functions of other container systems can be directly called from the first container system, and the user experience can be improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic frame diagram of the internal structure of a terminal device of the present invention;
fig. 2a and fig. 2b are schematic flow diagrams of two multi-system function processing methods according to a first embodiment of the present invention;
FIG. 2c is a diagram illustrating an example of a first container system pull-down status bar according to a first embodiment of the present invention;
fig. 3 is a schematic diagram of a framework of an internal structure of a multi-system function processing apparatus according to a first embodiment of the present invention;
fig. 4 is a flowchart illustrating a method for processing system functions of multiple systems according to a second embodiment of the present invention;
fig. 5 is a schematic diagram of an internal structure of a multi-system function processing apparatus according to a second embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
In the technical solution of the present invention, a schematic frame diagram of an internal structure of a terminal device is shown in fig. 1, and includes: a master control system and more than two container systems.
Wherein the two or more container systems may include: a first container system, and at least one other container system.
The container system in the embodiment of the present invention is an operating system provided in a container created by the Linux container virtualization technology. The operating system may be a Linux operating system or a Unix operating system in the conventional sense, an Android system or an Ubuntu system derived from the Linux operating system, or a Windows system based on a Windows platform. In fact, the container system of the present invention is not limited to the aforementioned exemplary operating systems, and may cover all operating systems capable of operating in a container. For convenience of description, the technical solution of the present invention is described below by taking an Android system as a container system as an example.
The master control system may be the above-mentioned conventional operating system, or may be an operating system obtained by modifying the conventional operating system. The kernel is a kernel, or an enhanced kernel obtained after a functional module is added on the basis of the kernel. Preferably, the master control system may include a kernel; the container system calls or accesses the kernel through the master control system to realize various functions. Or the container system and the master control system share the kernel; the container system and the master control system comprise parts except the kernel in the existing operating system, such as parts of a framework layer and an application layer; both the container system and the master control system can independently call or access the kernel to realize various functions.
The main control system is mainly used for performing foreground and background management on a plurality of container systems, interacting with each container system and the like.
Preferably, the master control system may communicate with the container system through a container channel. The container systems may communicate with each other through a container channel.
The technical scheme of the invention is suitable for the container system in the foreground and at least one other container system in the background.
For the convenience of understanding, the technical solution of the present invention will be described below by taking a first container system in the foreground and another container system in the background as examples. In fact the one other container system in the background represents each other container system. The first container system is positioned in the foreground and can directly interact with a user; other container systems are in the background and cannot interact directly with the user.
In the technical scheme of the invention, after the first container system receives the control request aiming at the system function of other container systems, the first container system sends the control request to other container systems, and the other container systems call the corresponding system function service to respond. The difference of the way of sending the control request, i.e. whether to relay through the master control system, is divided into several embodiments as follows.
Example one
In the first embodiment of the present invention, after the master control system is started, the first container system and the other container systems are started.
The master system creates a first container channel between the master system and the first container system and other container channels between the master system and the other container systems. Preferably, the container channel may be a socket channel.
The method for creating the first container channel between the master control system and the first container system comprises the following steps:
the first container system sends a first container channel creation request to the master control system, wherein the first container channel creation request comprises a file descriptor, file permissions, system identifiers of more than two operating systems allowing access to the first container channel, the maximum allowed access number, identifiers of descriptors of files to be generated and the like, and the file descriptors correspond to the first container channel. The two or more operating systems include a first container system (that sends a first container channel creation request) and an operating system with which the first container system expects interaction.
After receiving a first container channel creation request of the first container system, the main control system creates a pair of socket file descriptors (socket pair) and a first container channel connecting the pair of file descriptors, and names the pair of file descriptors. And recording the file authority, the system identification of allowed access, the maximum access number allowed and the identification of the descriptor of the file to be generated in the first container channel creating request into the created first container channel.
The main control system registers the first container channel and its identifier, a pair of file descriptors, and a system identifier allowing access to the first container channel in an NSS (domain Space Server) virtual device of the kernel. The master control system and the kernel correspondingly record the registered first container channel, the identification and file descriptor pair thereof and the system identification allowing to access the first container channel.
The NSS of the kernel returns an identification of the first container channel to the first container system, along with system identifications that allow access to the first container channel. And respectively returning the identification of the first container channel and the system identifications allowing to access the first container channel to the operating systems corresponding to the system identifications.
The first container system obtains one file descriptor in the file descriptor pair of the first container channel from the NSS according to the obtained identification of the first container channel.
After receiving the request of the main control system for acquiring the first container channel, the main control system finds out the identifier of the first container channel which is registered, and returns the identifier to the main control system.
After acquiring the identifier of the first container channel, the master control system sends a file descriptor acquisition request carrying the identifier of the first container channel to the NSS virtual device in the kernel.
And the NSS virtual device in the kernel finds out and returns the other file descriptor in the file descriptor pair of the first container channel from the registered first container channel, the identifier of the first container channel and the file descriptor pair according to the identifier of the first container channel in the received file descriptor acquisition request. Preferably, the NSS checks whether the security information such as the system identifier, the access number, and the like of the first container system that sends the file descriptor acquisition request coincides with the corresponding information recorded in the first container channel; if the verification result is that the two file descriptor pairs are matched, according to the identifier of the first container channel in the received file descriptor acquisition request, searching out the other file descriptor in the file descriptor pair of the first container channel from the registered first container channel, the identifier of the first container channel and the file descriptor pair, and returning the file descriptor pair to the master control system.
Equivalently, one file descriptor in a pair of file descriptors connecting two ends of the first container channel is returned to the first container system, and the other file descriptor is returned to the process of the master control system.
And after the master control system acquires the other file descriptor returned by the kernel, the first container channel between the master control system and the first container system is established. The master control system may communicate with the first container system that owns a file descriptor of the first container channel to which the another file descriptor belongs through the another file descriptor.
Preferably, the master control system obtains the structure of the socket description file from the kernel according to one file descriptor returned to one first container system for a pair of file descriptors, associates the structure with the one file descriptor, and records the structure in the first container channel. Thereafter, the first container channel is registered in the NSS virtual device of the kernel.
After receiving a file descriptor acquisition request of a process of a main control system, NSS virtual equipment in a kernel queries an unused file descriptor in the process of the main control system, associates the unused file descriptor with a file structure of a socket description file stored in a first container channel, and returns the associated file descriptor to the process of the main control system. At this time, the associated file descriptor is equivalent to another file descriptor in the file descriptors of the same first container channel.
Likewise, other container channels between the master control system and other container systems may be created.
Preferably, a container channel between the first container system and the kernel can also be created; container channels between other container systems and the kernel are created.
Based on the container channel, an embodiment of the present invention provides a method for processing system functions of multiple systems, where a flow diagram of the method is shown in fig. 2a, and the method includes the following steps:
s201: and after receiving the control request aiming at the system functions of other container systems, the first container system sends the control request to the master control system through a pre-established first container channel.
Hiding the status bar of a status bar application in the first container system, and determining to receive a display instruction of a user for the status bar after receiving a selection operation of the user for the status bar (for example, receiving a sliding operation of the user from the top side to the bottom side of a screen in the case of displaying a system desktop); a drop down display status bar in which at least one system function option of the other container system is displayed.
The floating window application in the first container system displays a floating window on a system desktop, and after receiving selection operation of a user for the floating window, an expansion interface of the floating window is displayed, and at least one system function option of other container systems is displayed in the expansion interface.
Each displayed system function option is associated with one system function of the other container system. The system functions of the other container system may include at least one of: WLAN (Wireless Local Area network) control function, BT (BlueTooth) control function, NFC (Near Field Communication) control function, GPS (Global Positioning System) control function, fingerprint control function, data connection control function, USB (Universal Serial Bus) control function, screen backlight control function, and volume value control function.
Preferably, the control function may include a switching function. For example, the WLAN control function may include a WLAN switch function; the BT control function may include a BT switch function; the NFC control function may include an NFC switch function; the GPS control function may include a GPS switch function; the fingerprint control function may include a fingerprint switch function; the data connection control function may include a data connection switch function; the USB control function may include a USB switch function.
Preferably, the screen backlight control function may include: a screen backlight switching function and a screen backlight brightness adjusting function. The volume value functions may include: a volume value switching function and a volume value adjusting function.
Preferably, in the expansion interface of the drop-down status bar or the floating window in the first container system, the system function options of the first container system and the system function options of the other container systems are displayed. Wherein each system function option of the first container system is associated with a system function of the first container system. The system function of the first container system may comprise at least one of: a screen backlight control function and a volume value control function. The screen backlight control function may include: a screen backlight switching function and a screen backlight brightness adjusting function. The volume value functions may include: a volume value switching function and a volume value adjusting function.
Preferably, the security level of the first container system is not lower than the security levels of the other container systems; for example, the first container system is embodied as an internal domain container system and the other container system is embodied as an external domain container system. The inner-domain container system is a high-security system, has a high security degree and is mainly responsible for processing personal privacy data and data with a high security level (such as financial data operation) of a user; the external domain container system is an open system, is mainly used for data processing with lower security level of users, meets the living and entertainment requirements of the users, and can directly use the existing operating system (such as a third-party operating system) as the external domain container system.
Preferably, the system functions of the first container system may include: control functions of the encrypted flash memory card.
Further, in the expansion interface of the drop-down status bar or the floating window in the first container system, the left half part displays the system function options of the first container system, and the right half part displays the system function options of other container systems.
For example, as shown in FIG. 2c in the drop-down status bar in the first container system, the left half displays the screen backlight brightness adjustment function option, the volume value switch function option, and the switch function option of the encrypted flash memory card of the first container system; the right half of the pull-down status bar displays the WLAN switch function option, BT switch function option, NFC switch function option, and GPS switch function option of the other container systems.
Further, the functional options in fig. 2c may be represented by icons and/or text. For example, the volume value switch function options may be displayed as icons and text corresponding to ringing, vibration, or muting. For the BT switch function option, when the BT function is turned on, icons and characters corresponding to the BT function in a lighting state can be displayed; when the BT function is off, icons and text corresponding to the BT function in the off state may be displayed.
And after receiving the selection operation of the system function option aiming at other container systems, the first container system confirms that the control request aiming at the system function option is received and forwards the control request to a first system control function service in the first container system.
And the first system control function service in the first container system sends the received control request to the main control system through the first system communication service in the first container system and the pre-established first container channel. Specifically, a first system control function service in the first container system sends a received control request to a first system communication service in the first container system; the first system communication service sends the received control request to the main control system through a first container channel which is established in advance.
Preferably, the control request includes the system identifier of the first container system as the sender identifier and the system identifiers of the other container systems as the target identifiers.
S202: and the master control system sends the received control request to other container systems through other pre-established container channels.
After receiving the control request sent by the first container system through the first container channel, the communication service of the main control system in the main control system sends the received control request to other container systems through other pre-established container channels.
S203: and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request.
And other system communication services in other container systems are forwarded to other system control function services in other container systems after receiving the control request sent by the main control system through other container channels.
After receiving the control request, the other system control function service in the other container system analyzes the system function information from the control request, and uses the system function indicated by the analyzed system function information as the system function which is expected to be controlled by the control request.
And the other system control function services call the corresponding system function service from at least one system function service of the other container system to respond according to the system function which is expected to be controlled by the received control request.
S204: the other container systems return the response results to the first container system for the control request.
And other system control function services of other container systems receive the response result of the corresponding system function service to the control request and send the response result to other system communication services.
And the other system communication service returns the received response result, the corresponding control request and the system identification of the other container system to which the other system communication service belongs to the main control system through the other container channel.
The main control system communication service in the main control system confirms that the response result of the other container systems for the control request of the first container system is received after receiving the corresponding response result, the control request and the system identification of the other container systems through the other container channels; and returning the corresponding response result and the control request to the first container system through the first container channel.
S205: and the first container system displays according to the received response result.
And after the first container system receives the response result and the control request through the first container channel, confirming that the response result returned for the control request is received.
And the first container system displays according to the received response result.
For example, for the WLAN switch function in the WLAN control function, before receiving the response result, the icon in the WLAN switch function option in the first container system is displayed in gray; and after the response result of the opening is received, the icon in the WLAN switch function option in the first container system is displayed in green.
Preferably, the response result received by the first container system may send a prompt message in addition to the display of the change of the corresponding system function option. For example, a text prompt is displayed, a corresponding mode of vibration is emitted, or a corresponding audio is played to prompt the user that the system function selected and controlled by the user is responded.
In addition, after receiving the control request for the system function of the first container system, the first container system calls the corresponding system function service in the first container system to respond.
Specifically, after receiving a control request for a system function of the first container system, the first system control function service in the first container system calls a corresponding system function service in the first container system to respond.
For example, after receiving a control request for the read function of the encrypted flash memory card of the first container system, the first system control function service calls the read function service of the corresponding encrypted flash memory card to read the content of the encrypted flash memory card involved in the control request.
Preferably, the corresponding system function service in the first container system calls the corresponding function in the kernel to respond through the container channel between the first container system and the kernel according to the control request for the system function of the first container system.
Preferably, a first embodiment of the present invention further provides another method for processing system functions of multiple systems, where a flow diagram of the method is shown in fig. 2b, and the method includes the following steps:
s211: and after receiving the control request aiming at the system functions of other container systems, the first container system sends the control request to the master control system through a pre-established first container channel.
The method in this step is consistent with the specific method in step S201, and is not described herein again.
S212: the master control system determines whether the security level of the first container system sending the control request is not lower than the security levels of the other container systems; if yes, go to step S213; otherwise, the received control request is ignored.
After a master control system communication service in the master control system receives a control request sent by a first container system through a first container channel, according to a system identifier of the first container system serving as a sender identifier in the control request and system identifiers of other container systems serving as target party identifiers, the security levels of the first container system and the other container systems are found out from the corresponding relationship between a plurality of prestored container systems and the respective security levels; determining whether the security level of the first container system is not lower than the security levels of the other container systems; if yes, go to step S213; otherwise, the received control request is ignored.
S213: and the master control system sends the received control request to other container systems through other pre-established container channels.
The method in this step is consistent with the specific method in step S202, and is not described herein again.
S214: and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request.
The method in this step is consistent with the specific method in step S203, and is not described herein again.
S215: the other container systems return the response results to the first container system for the control request.
The method in this step is consistent with the specific method in step S204, and is not described herein again.
S216: and the first container system displays according to the received response result.
The method in this step is consistent with the specific method in step S205, and is not described herein again.
In addition, after receiving the control request aiming at the system function of the first container system, the other container systems send the control request to the main control system through the other container channels. And after the main control system receives the control request aiming at the system function of the first container system, ignoring the received control request when determining that the security level of the first container system is not lower than the security levels of other container systems. It can be understood that even if a malicious program invades other container systems with lower security level, the control request cannot be transmitted to the first container system with higher security level; therefore, the safety of the first container system can be greatly improved, and the information leakage probability in the first container system is greatly reduced.
Based on the foregoing method for processing system functions of multiple systems, a first embodiment of the present invention further provides a device for processing system functions of multiple systems, where the device is disposed in the terminal device of the present invention, and a schematic frame diagram of an internal structure of the device is shown in fig. 3, where the device includes: a first container system, other container systems, and a master control system.
Wherein the first container system comprises: a first control module 301.
The first control module 301 is configured to receive a control request for a system function of another container system, and then send the control request to the master control system through a pre-established first container channel.
The master control system comprises: a main control module 311.
The main control module 311 is configured to send the received control request to other container systems through other pre-established container channels.
Other container systems include: other control modules 321 and at least one system function module 322.
The other control module 321 is configured to, after receiving the control request, call the corresponding system function module 322 in the other container system to which the other control module 321 belongs to respond according to the system function related to the control request.
Preferably, as shown in fig. 3, the first control module 301 in the embodiment of the present invention includes: the control request transceiving presentation unit 3011.
The control request transceiving presentation unit 3011 is configured to display system function options of other container systems in a drop-down status bar of the first container system and/or an expansion interface of the floating window; and after receiving the selection operation of the system function option aiming at other container systems, confirming that the control request aiming at the system function option is received and forwarding.
Preferably, as shown in fig. 3, the first control module 301 in the embodiment of the present invention further includes: a first system control function unit 3012 and a first system communication unit 3013.
The first system control function unit 3012 is configured to send the received control request to the control request forwarded by the display unit, and send the control request to the main control module 311 through the first system communication unit 3013 in the first container system and the pre-established first container channel.
And the main control module 311 is configured to send the received control request through a pre-established other container channel.
And, as shown in fig. 3, the other control module 321 in the embodiment of the present invention includes: other system communication units 3211 and other system control function units 3212.
The other system communication unit 3211 is configured to forward the control request after receiving the control request through another container channel.
The other system control function units 3212 are configured to invoke, according to the system function desired to be controlled by the received control request forwarded by the other system communication unit 3211, the corresponding system function module 322 in the other container system to which the other system control function units 3212 belong to perform response.
Preferably, the other control module 321 is further configured to return a response result to the control request.
The first control module 301 performs presentation according to the received response result returned by the other control module 321.
More preferably, as shown in fig. 3, the first container system in the embodiment of the present invention further includes: at least one system function module 302.
The first control module 301 is further configured to, after receiving a control request for a system function of the first container system, call a corresponding system function module 302 in the first container system to respond.
Preferably, the main control module 311 is further configured to determine whether the security level of the first container system sending the control request is not lower than the security levels of the other container systems; if yes, the received control request is sent to other container systems through other pre-built container channels; otherwise, the received control request is ignored.
The first control module 301, the control request transceiving display unit 3011, the first system control function unit 3012, the first system communication unit 3013, and the system function module 302; a main control module 311; for the other control modules 321, the other system communication units 3211, the other system control function units 3212, and the method for implementing the functions of the system function module 322, reference may be made to the specific contents of the above process steps in fig. 2a and fig. 2b, which are not described herein again.
In the first embodiment of the present invention, a user does not need to switch between the first container system currently in the foreground and other container systems in the background, and also does not need to use the system functions of the first container system in other container systems, and a control request for the system functions of other container systems can be directly input in the first container system, and the first container system sends the control request to other container systems through the first container channel, the master control system, and the other container channels in sequence; and calling corresponding system function services in the other container systems to respond according to the system functions related to the control request by the other container systems. The operation of the user is greatly saved, and convenience is brought to the user. Because the main control system is positioned at the lower layer of the container system and does not provide the function of directly interacting with the user, the user cannot install the program into the main control system, even if the malicious program is disguised as the application or is parasitic in the application, the malicious program cannot be installed into the main control system, and the safety of the main control system is greatly enhanced; the malicious program is difficult to acquire the communication mode and the communication path between the container system and the main control system, and even if the container system is invaded, the malicious program is difficult to invade the main control system, so that the leakage probability of the confidential information in the terminal equipment is greatly reduced. Therefore, under the condition of ensuring the safety of the information in the terminal equipment, the system functions of other container systems can be directly called from the first container system, and the user experience can be improved.
Moreover, in the first embodiment of the present invention, the master control system may compare the security levels of the sender and the target of the control request during the process of transmitting the control request; when the security level of the container system as the sender is not lower than the security level as the target, normally transmitting the control request; the transmission of the control request is interrupted when the security level of the container system as the sender is lower than the security level as the target. Even if the malicious program enters the container system with lower security level, the malicious program cannot invade the container system with higher security level due to the interception and filtration of the main control system, and the security of the container system with higher security level is further improved.
Example two
In the second embodiment of the present invention, after the master control system is started, the first container system and the other container systems are started.
The master control system creates a container channel between the first container system and the other container systems. Preferably, the container channel may be a socket channel.
The method for creating the container channel between the first container system and the other container system comprises the following steps:
the first container system sends a container channel creating request to the master control system, wherein the container channel creating request comprises file descriptors corresponding to the container channel, file permissions, system identifiers of more than two operating systems allowing access to the container channel, the maximum allowed access number, identifiers of descriptors of files to be generated and the like. The two or more operating systems include a first container system (that sends a container channel creation request) and an operating system for which the first container system expects interaction.
After receiving a container channel creation request of the container system, the master control system creates a pair of socket file descriptors (socket pair) and a container channel connecting the pair of file descriptors, and names the pair of file descriptors. And recording the file authority, the system identification allowed to be accessed, the maximum access number allowed and the identification of the descriptor of the file to be generated in the container channel creating request into the created container channel.
The master control system registers the container channel and its identifier and a pair of file descriptors, and a system identifier allowing access to the container channel in an NSS (domain Space Server) virtual device of the kernel. The master control system and the kernel correspondingly record the registered container channel, the identification and file descriptor pair thereof and the system identification allowing the container channel to be accessed.
The NSS of the kernel returns the identification of the container channel, and the system identifications that allow access to the container channel, to the first container system. And respectively returning the identifier of the container channel and each system identifier allowing to access the container channel to the operating system corresponding to each system identifier.
The first container system obtains one file descriptor in the file descriptor pair of the container channel from the NSS according to the obtained identifier of the container channel.
After receiving the acquisition request of other container systems for the container channel, the main control system finds out the identifier of the registered container channel and returns the identifier to the other container systems.
After acquiring the identifier of the container channel, the other container systems send a file descriptor acquisition request carrying the identifier of the container channel to the NSS virtual device in the kernel.
And the NSS virtual equipment in the kernel searches out the other file descriptor in the file descriptor pair of the container channel from the registered container channel, the identifier of the container channel and the file descriptor pair according to the identifier of the container channel in the received file descriptor acquisition request, and returns the other file descriptor. Preferably, the NSS checks whether the security information such as the system identifier, the access number, and the like of the container system that sends the file descriptor acquisition request matches with the corresponding information recorded in the container channel; if the verification result is that the container channel identifier is matched with the file descriptor identifier, the identifier of the container channel in the request is obtained according to the received file descriptor, another file descriptor in the file descriptor pair of the container channel is found from the registered container channel, the identifier of the container channel and the file descriptor pair, and the other file descriptor is returned to other container systems.
Equivalently, one file descriptor in a pair of file descriptors connecting both ends of the container channel is returned to the first container system, and the other file descriptor is returned to the other container system.
And after the other container systems acquire the other file descriptors returned by the kernel, the container channel between the first container system and the other container systems is established. The other container system may communicate with the first container system that owns a file descriptor of the container channel to which the other file descriptor belongs, through the other file descriptor.
Preferably, for a pair of file descriptors, the master control system obtains a structure of the socket description file from the kernel according to one file descriptor returned to the first container system, associates the structure with the one file descriptor, and records the structure in the container channel. The container channel is then registered into the NSS virtual device of the kernel.
After receiving a file descriptor acquisition request of other container systems, the NSS virtual device in the kernel queries out file descriptors which are not used in the processes of the other container systems, associates the unused file descriptors with a file structure of a socket description file stored in a container channel, and returns the associated file descriptors to the other container systems. At this time, the associated file descriptor is equivalent to another file descriptor in the file descriptors of the same container channel.
Preferably, a container channel between the first container system and the kernel can also be created; container channels between other container systems and the kernel are created.
Based on the container channel in the second embodiment of the present invention, the second embodiment of the present invention provides a method for processing system functions of multiple systems, where a flow diagram of the method is shown in fig. 4, and the method includes the following steps:
s401: and after receiving the control request aiming at the system functions of other container systems, the first container system sends the control request to the other container systems through a container channel between the first container system and the other container systems which is pre-established by the main control system.
The method for the first container system to receive the control request for the system function of the other container system in this step is consistent with the specific method for the first container system to receive the control request for the system function of the other container system in step S201, and is not described herein again.
After receiving a control request for system functions of other container systems, a first system control function service in the first container system sends the received control request to a first system communication service in the first container system.
The first system communication service sends the received control request to other container systems through a container channel which is pre-established by the main control system and is between the first container system and the other container systems.
S402: and after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request.
And after receiving the control request sent by the first container system through the container channel, other system communication services in other container systems forward the control request to other system control function services in the other container systems.
After receiving the control request, the other system control function service in the other container system analyzes the system function information from the control request, and uses the system function indicated by the analyzed system function information as the system function which is expected to be controlled by the control request.
And the other system control function services call the corresponding system function service from at least one system function service of the other container system to respond according to the system function which is expected to be controlled by the received control request.
S403: the other container systems return the response results to the first container system for the control request.
And other system control function services of other container systems receive the response result of the corresponding system function service to the control request and send the response result to other system communication services.
And the other system communication service returns the received response result, the corresponding control request and the system identification of the other container system to which the other system communication service belongs to the first container system through the container channel between the first container system and the other container system.
S404: and the first container system displays according to the received response result.
After the first container system receives the response result and the control request through the container channel, the subsequent method is consistent with the specific method in step S405, and details are not repeated here.
In addition, after receiving the control request for the system function of the first container system, the first container system calls the corresponding system function service in the first container system to respond.
Specifically, after receiving a control request for a system function of the first container system, the first system control function service in the first container system calls a corresponding system function service in the first container system to respond.
Preferably, the corresponding system function service in the first container system calls the corresponding function in the kernel to respond through the container channel between the first container system and the kernel according to the control request for the system function of the first container system.
Based on the foregoing multi-system function processing method in the second embodiment of the present invention, the second embodiment of the present invention further provides a multi-system function processing apparatus, which is disposed in the terminal device of the present invention, and a schematic frame diagram of an internal structure of the apparatus is shown in fig. 5, where the apparatus includes: a first container system, other container systems, and a master control system.
The first container system includes: a first control module 501.
The first control module 501 is configured to receive a control request for a system function of another container system, and then send the control request through a container channel between the first container system and the other container system, which is pre-established by the main control system.
Other container systems include: other control modules 511 and at least one system function module 512.
The other control module 511 is configured to, after receiving the control request, call the corresponding system function module 512 in the other container system to which the other control module 511 belongs to respond according to the system function related to the control request.
Preferably, as shown in fig. 5, the first control module 501 according to the second embodiment of the present invention includes: control request transceiving the display unit 5011.
The control request transceiving presentation unit 5011 is used for displaying system function options of other container systems in a pull-down status bar of a first container system and/or an expansion interface of a floating window; and after receiving the selection operation of the system function option aiming at other container systems, confirming that the control request aiming at the system function option is received and forwarding.
Preferably, as shown in fig. 5, the first control module 501 according to the second embodiment of the present invention includes: a first system control function unit 5012 and a first system communication unit 5013.
The first system control function unit 5012 is configured to send the received control request through the first system communication unit 5013 in the first container system and a container channel between the first container system and another container system pre-established by the main control system.
As shown in fig. 5, the other control module 502 according to the second embodiment of the present invention includes: other system communication units 5021 and other system control function units 5022.
The other system communication unit 5021 is used for forwarding the control request received through the container channel.
The other system control function unit 5022 is configured to invoke a corresponding system function service in another container system to which the other system control function unit 5022 belongs to respond according to a system function that is desired to be controlled by the received control request forwarded by the other system communication unit 5021.
Preferably, the other control module 511 is further configured to return a response result to the control request.
The first control module 501 displays the received response result returned by the other control module 511.
Preferably, as shown in fig. 5, the first container system in the second embodiment of the present invention further includes: at least one system function 502.
The first control module 501 is further configured to, after receiving a control request for a system function of the first container system, call a corresponding system function module 502 in the first container system to respond.
The first control module 501, the control request transceiving display unit 5011, the first system control function unit 5012, the first system communication unit 5013, the system function module 502, the other control module 511, the other system communication unit 5021 therein, the other system control function unit 5022 therein, and the method for implementing the functions of the system function module 512 may refer to the specific contents of the above-mentioned flow steps in fig. 4, and are not described herein again.
In the second embodiment of the present invention, a user does not need to switch between the first container system currently in the foreground and the other container systems in the background, or use the system functions of the first container system in the other container systems, and a control request for the system functions of the other container systems can be directly input in the first container system, and the first container system sends the control request to the other container systems through the container channel; and calling corresponding system function services in the other container systems to respond according to the system functions related to the control request by the other container systems. The operation of the user is greatly saved, and convenience is brought to the user; malicious programs are difficult to acquire communication modes and paths among the container systems, even if one container system is invaded, the other container system is difficult to invade, and the leakage probability of confidential information of each container system in the terminal equipment is greatly reduced. Therefore, the safety of the information in the terminal equipment can be improved, the system functions of other container systems can be directly called from the first container system, and the user experience can be improved.
Those skilled in the art will appreciate that the present invention includes apparatus directed to performing one or more of the operations described in the present application. These devices may be specially designed and manufactured for the required purposes, or they may comprise known devices in general-purpose computers. These devices have stored therein computer programs that are selectively activated or reconfigured. Such a computer program may be stored in a device (e.g., computer) readable medium, including, but not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magnetic-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable Programmable Read-Only memories), EEPROMs (Electrically Erasable Programmable Read-Only memories), flash memories, magnetic cards, or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a bus. That is, a readable medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the features specified in the block or blocks of the block diagrams and/or flowchart illustrations of the present disclosure.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (10)
1. A method for processing system functions of multiple systems is characterized by comprising the following steps:
returning one file descriptor in a pair of file descriptors connected with two ends of a first container channel to a first container system, and returning the other file descriptor to a master control system to create the first container channel;
after the first container system receives a control request aiming at system functions of other container systems, the control request is sent to the master control system through the pre-established first container channel;
the master control system sends the received control request to other container systems through other pre-established container channels;
after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request;
the security level of the first container system is not lower than the security level of the other container systems.
2. The method of claim 1, wherein the first container system receives control requests for system functions of other container systems, comprising:
displaying system function options of the other container systems in an expansion interface of a pull-down status bar or a floating window of the first container system by a status bar application or a floating window application in the first container system;
and after receiving the selection operation of the system function option aiming at the other container systems, confirming that the control request aiming at the system function option is received and forwarding.
3. The method according to claim 1, wherein the sending the control request to the master control system through the pre-established first container channel comprises:
the first system control function service in the first container system sends the received control request to the master control system through the first system communication service in the first container system and the pre-established first container channel; and
the main control system sends the control request to other container systems through other pre-established container channels, and the method comprises the following steps:
the communication service of the master control system in the master control system sends the received control request to other container systems through the pre-established other container channels; and
after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request, including:
other system communication services in the other container systems are forwarded after receiving the control request through the other container channels;
and other system control function services in other container systems call corresponding system function services in other container systems to respond according to the system function which is expected to be controlled by the received control request.
4. The method of claim 1, further comprising:
the other container system returns a response result aiming at the control request to the first container system;
and the first container system displays according to the received response result.
5. The method of claim 1, further comprising:
and after receiving the control request aiming at the system function of the first container system, the first container system calls the corresponding system function service in the first container system to respond.
6. The method according to claim 1, wherein the master control system sends the received control request to the other container systems through other pre-established container channels, further comprising:
the master control system determines whether the security level of the first container system sending the control request is not lower than the security levels of the other container systems; if yes, the received control request is sent to the other container systems through the pre-established other container channels; otherwise, the received control request is ignored.
7. A method for processing system functions of multiple systems is characterized by comprising the following steps:
returning one file descriptor in a pair of file descriptors connecting two ends of a first container channel to a first container system, and returning the other file descriptor to other container systems to create the container channel;
after the first container system receives a control request aiming at system functions of other container systems, the first container system sends the control request to the other container systems through the container channel between the first container system and the other container systems which is pre-established by a master control system;
after receiving the control request, the other container systems call corresponding system function services in the other container systems to respond according to the system functions related to the control request;
the security level of the first container system is not lower than the security level of the other container systems.
8. The method according to claim 7, wherein the sending the control request to the other container system through a container channel pre-established by a master control system between the first container system and the other container system comprises:
the first system control function service in the first container system sends the received control request to other container systems through a first system communication service in the first container system and a container channel between the first container system and the other container systems pre-established by a master control system; and
after receiving the control request, the other container systems call corresponding function services in the other container systems to respond according to the system functions related to the control request, including:
forwarding the control request received by the other system communication service in the other container system through the container channel;
and other system control function services in other container systems call corresponding system function services in other container systems to respond according to the system function which is expected to be controlled by the received control request.
9. A multi-system function processing apparatus, comprising: a first container system, other container systems and a master control system;
the first container system includes:
the creating module is used for returning one file descriptor in a pair of file descriptors connected with two ends of the first container channel to the first container system and returning the other file descriptor to the main control system so as to create the first container channel;
the first control module is used for sending a control request to the main control system through the pre-established first container channel after receiving the control request aiming at the system functions of the other container systems;
the master control system comprises:
the main control module is used for sending the received control request to other container systems through other pre-built container channels;
the other container system includes: other control modules and at least one system function module;
the other control module is used for calling corresponding system function modules in other container systems to which the other control module belongs to respond according to the system functions related to the control request after receiving the control request;
the security level of the first container system is not lower than the security level of the other container systems.
10. A multi-system function processing apparatus, comprising: a first container system, other container systems and a master control system;
the first container system includes:
the creating module is used for returning one file descriptor in a pair of file descriptors connected with two ends of the first container channel to the first container system and returning the other file descriptor to other container systems so as to create the container channel;
the first control module is used for sending the control request through the container channel between the first container system and the other container systems pre-established by the main control system after receiving the control request aiming at the system functions of the other container systems;
the other container system includes: other control modules and at least one functional module;
the other control module is used for calling corresponding system function modules in other container systems to which the other control module belongs to respond according to the system functions related to the control request after receiving the control request;
the security level of the first container system is not lower than the security level of the other container systems.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611070807.8A CN106776066B (en) | 2016-11-29 | 2016-11-29 | Multi-system function processing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611070807.8A CN106776066B (en) | 2016-11-29 | 2016-11-29 | Multi-system function processing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106776066A CN106776066A (en) | 2017-05-31 |
CN106776066B true CN106776066B (en) | 2020-12-29 |
Family
ID=58902489
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611070807.8A Active CN106776066B (en) | 2016-11-29 | 2016-11-29 | Multi-system function processing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106776066B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107479957A (en) * | 2017-08-07 | 2017-12-15 | 广州视源电子科技股份有限公司 | Multi-system application switching method, device, equipment and storage medium |
CN107678846A (en) * | 2017-10-12 | 2018-02-09 | 北京元心科技有限公司 | The management method of application program, device and terminal in multisystem |
CN111371946A (en) * | 2018-12-26 | 2020-07-03 | 成都鼎桥通信技术有限公司 | Dual-system terminal audio service switching method and device |
CN112583977A (en) * | 2019-09-12 | 2021-03-30 | 成都鼎桥通信技术有限公司 | Message synchronization method, device and storage medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1896903A (en) * | 2005-07-15 | 2007-01-17 | 联想(北京)有限公司 | Virtual-machine system for supporting trusted evaluation and method for realizing trusted evaluation |
CN101493786A (en) * | 2008-01-22 | 2009-07-29 | 联想(北京)有限公司 | Computer and equipment accessing method |
US8150971B2 (en) * | 2009-05-31 | 2012-04-03 | Red Hat Israel, Ltd. | Mechanism for migration of client-side virtual machine system resources |
CN103262025A (en) * | 2010-10-01 | 2013-08-21 | Flex Electronics ID Co.,Ltd. | Cross-environment communication using application space API |
CN104796529A (en) * | 2015-03-05 | 2015-07-22 | 宇龙计算机通信科技(深圳)有限公司 | Dual systems-based unprocessed event warning method and system |
CN105550024A (en) * | 2015-12-08 | 2016-05-04 | 北京元心科技有限公司 | Container-based mobile terminal shutdown method and device |
CN105630615A (en) * | 2015-12-28 | 2016-06-01 | 北京元心科技有限公司 | Cross-system application control method and intelligent terminal |
-
2016
- 2016-11-29 CN CN201611070807.8A patent/CN106776066B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1896903A (en) * | 2005-07-15 | 2007-01-17 | 联想(北京)有限公司 | Virtual-machine system for supporting trusted evaluation and method for realizing trusted evaluation |
CN101493786A (en) * | 2008-01-22 | 2009-07-29 | 联想(北京)有限公司 | Computer and equipment accessing method |
US8150971B2 (en) * | 2009-05-31 | 2012-04-03 | Red Hat Israel, Ltd. | Mechanism for migration of client-side virtual machine system resources |
CN103262025A (en) * | 2010-10-01 | 2013-08-21 | Flex Electronics ID Co.,Ltd. | Cross-environment communication using application space API |
CN104796529A (en) * | 2015-03-05 | 2015-07-22 | 宇龙计算机通信科技(深圳)有限公司 | Dual systems-based unprocessed event warning method and system |
CN105550024A (en) * | 2015-12-08 | 2016-05-04 | 北京元心科技有限公司 | Container-based mobile terminal shutdown method and device |
CN105630615A (en) * | 2015-12-28 | 2016-06-01 | 北京元心科技有限公司 | Cross-system application control method and intelligent terminal |
Also Published As
Publication number | Publication date |
---|---|
CN106776066A (en) | 2017-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106789931B (en) | Multi-system network isolation sharing method and device | |
CN108595970B (en) | Configuration method and device of processing assembly, terminal and storage medium | |
CN111066306B (en) | Method for sharing data in local area network and electronic equipment | |
CN108307674B (en) | Method and equipment for guaranteeing terminal safety | |
CN105630615B (en) | cross-system application control method and intelligent terminal | |
US8260355B2 (en) | Portable communication terminal, program executed by portable communication terminal | |
CN106776066B (en) | Multi-system function processing method and device | |
US8577334B1 (en) | Restricted testing access for electronic device | |
US9220011B1 (en) | Electronic device theft self-detection and locking | |
CN104902463A (en) | Mobile terminal, multi-card management method for virtual card terminal thereof, and server | |
CN109155750B (en) | Communication method and device | |
CN104488303A (en) | Device and method for accessing to wireless network | |
CN112291364B (en) | Message pushing processing method and device | |
JP4962237B2 (en) | Program and method for managing information on location of portable device and file encryption key | |
CN106685981B (en) | Multi-system data encryption transmission method and device | |
CN104753677A (en) | Password hierarchical control method and system | |
US7818815B2 (en) | Communication device | |
CN106776013B (en) | Multi-system resource scheduling method and device | |
US9047470B2 (en) | Secure provisioning of commercial off-the-shelf (COTS) devices | |
US20140310824A1 (en) | Method for managing external portable storage device and related machine readable medium | |
CN106789928B (en) | Unlocking method and device based on system bidirectional authentication | |
US8504846B2 (en) | Method and apparatus for secure storing of private data on user devices in telecommunications networks | |
CN115019418B (en) | Bluetooth car key car control method, device and storage medium | |
CN114756849B (en) | Method and device for verifying personal identification number PIN code | |
US8489994B2 (en) | Systems and methods for communicating |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230428 Address after: Room 401, Floor 4, No. 2, Haidian East Third Street, Haidian District, Beijing 100080 Patentee after: Yuanxin Information Technology Group Co.,Ltd. Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Beijing Patentee before: YUANXIN TECHNOLOGY |
|
TR01 | Transfer of patent right |