Resource management in a processor

摘要

A processor system is arranged to execute user selected applications. A manager module is configured to detect a user selection of an application and configured to initiate a launch process. A supervisor module is configured to intercept the launch process initiated by the manager module and detect whether the application is a trusted application or an untrusted application. Trusted applications have a privilege to access resources without authorization, and untrusted applications do not have the privilege. The supervisor module has the privilege to access the resources. When the application is untrusted, the application is launched in a container, and at least one of the resources is delivered to the untrusted application in the container.

主权项

1. A resource management system arranged to execute a plurality of user selected applications, each application including a computer program executable by a processor, the resource management system comprising:
a manager programmed to detect a user selection of an application and configured to initiate a launch process for the selected applications; a supervisor, the supervisor having a privilege to access resources, the supervisor configured to be executed by the processor to:
intercept the launch process initiated by the manager;determine whether the application is a trusted application or an untrusted application, trusted applications having a privilege to access the resources without authorization, untrusted applications not having the privilege to access the resources without authorization;wherein the processor is configured to execute the supervisor and the manager to:place the untrusted application into a container;access substantially simultaneously a first application in a first container and a second application in a second container;prohibit a launch of the second application in the second container until a launch of the first application in the first container is completed;respond to a launch command for the first application, to capture a first process identifier value, and update an application manager with the first process identifier and a first unique application ID, wherein the first unique application ID may be used for subsequent reference as the identifier of the first application;assign resources to the first application and completing launch of the first application; andterminate the launch of the first application in the first container and launch the second application in the second container in response to the first application in the first container failing to launch within a specified time period.