Method and apparatus for accessing peripheral device

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
By establishing a one-to-one correspondence between the CDI desktop and the interface, the limitations and conflicts in accessing peripheral devices in the CDI desktop environment are resolved, and the isolation and secure access of peripheral devices are achieved.

CN122220005APending Publication Date: 2026-06-16RUIJIE NETWORKS CO LTD

View PDF 0 Cites 0 Cited by

Patent Information

Authority / Receiving Office: CN · China
Patent Type: Applications(China)
Current Assignee / Owner: RUIJIE NETWORKS CO LTD
Filing Date: 2024-12-13
Publication Date: 2026-06-16

Application Information

Patent Timeline

13 Dec 2024

Application

16 Jun 2026

Publication

CN122220005A

IPC: G06F9/451; G06F13/12

AI Tagging

Application Domain

Execution for user interfaces

Explore More Agents

Novelty Search
Search existing technologies and assess novelty
↗
FTO
Analyze whether a product may infringe others' patents
↗
Design FTO
Check prior-design risk for exterior design
↗
Drafting
Draft patent application text based on a technical solution
↗
Find Solutions with TRIZ
Generate feasible solution to solve your technical challenge
↗

Similar Technology Patents

Get free access to AI patent search and analysis

Check patentability, review prior art and ask IP Agent with full patent context.

Smart Images

Figure CN122220005A_ABST

Patent Text Reader

Abstract

The application relates to the communication technical field, and discloses a method and device for accessing peripheral equipment, the method comprises the following steps: in the case that peripheral equipment is connected to a first interface in at least one interface, acquiring the identification of the first interface and the identification of the peripheral equipment; according to the first interface identification and corresponding relationship information, determining that the first interface corresponds to a first CDI desktop in at least one CDI desktop, the corresponding relationship information is used for indicating that at least one CDI desktop and at least one interface are one-to-one corresponding; according to the identification of the peripheral equipment, creating a device node for accessing the peripheral equipment in the first CDI desktop. By using the above method, each CDI desktop can only access the peripheral equipment corresponding to each CDI desktop, and the peripheral equipment isolation between the CDI desktops is realized.

Need to check novelty before this filing date? Find Prior Art

Description

TECHNICAL FIELD

[0001] The present application relates to the technical field of cloud desktop, and particularly relates to a method and device for accessing peripheral devices. BACKGROUND

[0002] Cloud desktop technology is a popular technology in the current enterprise office environment, and there are usually two ways to implement cloud desktop technology, namely, containerization desktop infrastructure (CDI) and visualization desktop infrastructure (VDI). The CDI technology usually runs multiple containers on a server, and each container runs a CDI desktop environment of an operating system. A user uses a terminal device or client software to connect to the desktop environment in the container and uses remote desktop services provided by the server. The VDI technology uses a virtual machine as the basis for running a desktop environment. Compared with the VDI technology, the CDI technology can create a lighter cloud desktop instance, increase the number of instances of a single server, and reduce server performance loss.

[0003] At present, various peripheral devices are used when using cloud desktop in enterprise office, such as USB devices, U disks, UKeys, USB Bluetooth receivers, etc. The types of UKeys include smart card type, storage type and HID type. The cloud desktop using the CDI technology is limited by the kernel of the host operating system due to the particularity of the container environment, and it is difficult to support any type of peripheral device. In addition, when multiple CDI desktops simultaneously access the peripheral devices of the host, each CDI desktop needs to interact with the kernel of the host, which has the risk of mutual conflict. SUMMARY

[0004] The embodiments of the present application provide a method and device for accessing peripheral devices, by introducing a one-to-one correspondence between at least one CDI desktop and at least one interface, so that each CDI desktop accesses the peripheral devices corresponding to each CDI desktop, and the isolation of peripheral devices between CDI desktops is realized.

[0005] In a first aspect, embodiments of the present invention provide a method for accessing a peripheral device, the method comprising: upon detecting that a peripheral device is connected to a first interface among at least one interfaces, obtaining an identifier of the first interface and an identifier of the peripheral device; determining, based on the identifier of the first interface and correspondence information, that the first interface corresponds to a first CDI desktop among at least one containerized desktop infrastructure (CDI) desktops, wherein the correspondence information is used to indicate that the at least one CDI desktop corresponds one-to-one with at least one interface, and the first interface is one of the at least one interface; and creating a device node for accessing the peripheral device in the first CDI desktop based on the identifier of the peripheral device.

[0006] By adopting the above method, by introducing the correspondence between at least one CDI desktop and at least one interface, the accessed peripheral device can determine the first interface corresponding to the first CDI desktop based on the obtained identifier and correspondence information of the first interface. There is no need to establish a corresponding connection by identifying the device information of the peripheral device in advance. This allows each CDI desktop to access the peripheral device corresponding to each CDI desktop, thus realizing the isolation of peripheral devices between CDI desktops.

[0007] In one optional embodiment, the step of obtaining the identifier of the first interface and the identifier of the peripheral device when it is detected that the peripheral device is connected to the first interface of at least one interface includes: generating an event when it is detected that the peripheral device is connected to the first interface, the event including the identifier of the peripheral device and the identifier of the first interface; and obtaining the identifier of the peripheral device and the identifier of the first interface in the event.

[0008] In an optional embodiment, after creating a device node for accessing the peripheral device in the first CDI desktop based on the identifier of the peripheral device, the method further includes: finding the device node based on the identifier of the peripheral device in the event, and completing the configuration before accessing the device node.

[0009] In an optional embodiment, the method further includes: receiving an access request, the access request including a process ID corresponding to the access request; and if it is determined that the process indicated by the process ID is a program in the application whitelist, then allowing the access request to access the device node.

[0010] Using the above method, permission management of device nodes in the first CDI desktop is achieved by determining whether the process indicated by the process ID is a program in the application whitelist.

[0011] In an optional embodiment, the method further includes: if it is determined that the process indicated by the process ID is not a program in the application whitelist, then the access request is prohibited from accessing the device node.

[0012] In one optional embodiment, receiving the access request includes: listening for the access request from the control group corresponding to the first CDI desktop.

[0013] In one alternative embodiment, the peripheral device is connected to a first interface of the at least one interface via Universal Serial Bus IP (USBIP) technology based on Internet Protocol.

[0014] In one alternative embodiment, the at least one CDI desktop runs in a separate namespace.

[0015] By using the above method, since each CDI desktop runs in an independent namespace, isolation between peripheral devices corresponding to multiple CDI desktops can be achieved.

[0016] Secondly, embodiments of the present invention provide an apparatus for accessing peripheral devices. This apparatus may be a server or a component within a server (such as a processor or chip), and is not specifically limited. For example, the apparatus includes: an acquisition module, which, upon detecting that a peripheral device is connected to a first interface among at least one interfaces, acquires the identifier of the first interface and the identifier of the peripheral device; a determination module, configured to determine, based on the identifier of the first interface and corresponding relationship information, that the first interface corresponds to a first CDI desktop among at least one containerized desktop infrastructure (CDI) desktops, wherein the corresponding relationship information indicates that the at least one CDI desktop corresponds one-to-one with at least one interface, and the first interface is one of the at least one interfaces; and a processing module, configured to create a device node in the first CDI desktop for accessing the peripheral device based on the identifier of the peripheral device.

[0017] In an optional embodiment, the acquisition module is specifically configured to: generate an event when it is detected that the peripheral device is connected to the first interface, the event including the identifier of the peripheral device and the identifier of the first interface; and acquire the identifier of the peripheral device and the identifier of the first interface in the event.

[0018] In an optional embodiment, the processing module is further configured to: locate the device node based on the identifier of the peripheral device in the event, and complete the configuration before accessing the device node.

[0019] In an optional embodiment, the processing module is further configured to: receive an access request, the access request including a process ID corresponding to the access request; and if it is determined that the process indicated by the process ID is a program in the application whitelist, then allow the access request to access the device node.

[0020] In an optional embodiment, the processing module is further configured to: if it is determined that the process indicated by the process ID is not a program in the application whitelist, then prohibit the access request from accessing the device node.

[0021] In one optional embodiment, the processing module is specifically configured to: listen for the access request from the control group corresponding to the first CDI desktop.

[0022] In one alternative embodiment, the peripheral device is connected to a first interface of the at least one interface via Universal Serial Bus IP (USBIP) technology based on Internet Protocol.

[0023] In one alternative embodiment, the at least one CDI desktop runs in a separate namespace.

[0024] Thirdly, embodiments of the present invention provide a device for accessing peripheral devices, comprising: a memory for storing computer programs; and a processor for executing the method described in the first aspect according to the obtained program when executing the computer program stored in the memory.

[0025] Fourthly, embodiments of the present invention provide a computer-readable storage medium storing a computer program, wherein when a computer reads and executes the computer program, the method described in the first aspect is performed.

[0026] Fifthly, embodiments of the present invention provide a computer program product that, when read and executed by a computer, causes the method described in the first aspect to be executed. Attached Figure Description

[0027] To more clearly illustrate the technical solutions in the embodiments of the present invention, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0028] Figure 1 A schematic diagram of a system architecture provided for an embodiment of this application;

[0029] Figure 2 A schematic diagram of a system architecture provided for an embodiment of this application;

[0030] Figure 3 This application provides a flowchart corresponding to a method for accessing a peripheral device.

[0031] Figure 4 This application provides a flowchart corresponding to a method for accessing peripheral devices;

[0032] Figure 5 This application provides a flowchart corresponding to the internal implementation of a CDI server in an embodiment;

[0033] Figure 6 This application provides a schematic diagram of the structure of a device for accessing peripheral devices according to an embodiment of the present application;

[0034] Figure 7 This is a schematic diagram of a device for accessing peripheral devices provided in an embodiment of this application. Detailed Implementation

[0035] To make the objectives, technical solutions, and advantages of this invention clearer, the invention will be further described in detail below with reference to the accompanying drawings. Obviously, the described embodiments are merely some embodiments of this invention, and not all embodiments. Based on the embodiments of this invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this invention. It should be noted that the brief descriptions of terminology in this application are only for the convenience of understanding the embodiments described below, and are not intended to limit the embodiments of this application. Unless otherwise stated, these terms should be understood in their ordinary and common meaning.

[0036] In embodiments of the present invention, "multiple" refers to two or more. Terms such as "first" and "second" are used only for descriptive purposes and should not be construed as indicating or implying relative importance or order.

[0037] Before introducing the method for accessing peripheral devices provided in the embodiments of this application, the technical terms of the embodiments of this invention will be introduced first for ease of understanding.

[0038] Container technology: In the Linux kernel system, a technique that uses namespaces and control groups to allow certain programs to run in a relatively independent environment. This relatively independent runtime environment is called a "container". Because a container is only a runtime environment within the Linux system, it can only run Linux applications and cannot run programs from any operating system like a virtual machine.

[0039] Namespaces are a resource isolation mechanism provided by the Linux kernel that can isolate resources such as process IDs, file systems, user IDs, and networks into different resource views. When an application process joins a namespace, it can only see resources within its own namespace, achieving resource isolation between processes. For example, when a program joins a network namespace, it can only receive network packets from that network namespace.

[0040] Control groups, also known as cgroups, are a resource management mechanism provided by the Linux kernel to limit the amount of hardware resources that a group of processes can use, such as the number of CPU cores, memory size, and disk read / write speed.

[0041] Virtual Host Controller Interface (VHCI): VHCI is a virtual host controller (HC) device. HC devices are a type of device defined in the peripheral device bus standard, responsible for peripheral device identification, communication, driver loading, and other tasks on the host side.

[0042] Cloud desktop technology is a popular technology in enterprise office environments, and various peripheral devices are used when using cloud desktops in an enterprise office. Cloud desktops using CDI technology have limitations due to the special nature of the container environment. The access of applications within the container to peripheral devices is restricted by the host operating system kernel, making it difficult to support arbitrary types of peripheral devices. In addition, when multiple CDI desktops access the host machine's peripheral devices at the same time, each CDI desktop needs to interact with the host machine kernel, which poses a risk of mutual conflict.

[0043] There are currently several ways to implement access to peripheral devices, including: Method 1, Method 2, and Method 3.

[0044] Implementation Method 1: Directly map the peripheral device directory in the container runtime environment into the container's namespace, allowing applications within the container to directly access connected peripheral devices. This method provides peripheral device access to containers in the simplest way, but directly mapping the device directory essentially allows containers to access all devices in the runtime environment, lacking control over the access scope and posing numerous security risks. Furthermore, when multiple containers exist in the runtime environment, each accessing the same devices carries the risk of conflicts.

[0045] Implementation Method Two: First, establish the mapping between each container and the peripheral device, then listen for peripheral device access events. When a peripheral device is connected, query the container corresponding to that device and create a node for that peripheral device within that container. Compared to Implementation Method One, this method can manage whether a container can access certain peripheral devices, offering a degree of flexibility. However, this method requires prior knowledge of the device information of potentially connected peripheral devices to establish the mapping between devices and containers, making it suitable for scenarios where the connected devices are relatively fixed.

[0046] Implementation Method 3: Introduce device namespaces into the Linux kernel. The native Linux kernel's namespace isolation does not include the device dimension. This method adds a device namespace mechanism by modifying the Linux kernel code. A corresponding device namespace is created when the container is created. When a peripheral device is connected, the container corresponding to that device is queried, and the device is added to the container's device namespace, enabling the container to access the device. This solution allows the Linux kernel to manage container access to peripheral devices, offering good performance and security. However, this method is technically challenging to implement due to the need to modify the Linux kernel code. Furthermore, for some special peripheral devices, device manufacturers may not have developed them according to the native Linux kernel standard, but rather adopted special handling methods. Introducing device namespaces may conflict with these special handling methods, leading to compatibility issues.

[0047] Based on this, this application provides a method for accessing peripheral devices. By introducing a correspondence between at least one CDI desktop and at least one interface, the accessed peripheral device can determine the first interface corresponding to the first CDI desktop based on the obtained identifier and correspondence information of the first interface. This eliminates the need to establish a corresponding connection by identifying the device information of the peripheral device in advance, allowing each CDI desktop to access only the peripheral device corresponding to each CDI desktop, thus achieving peripheral device isolation between CDI desktops.

[0048] Figure 1 A schematic diagram of a system architecture provided in an embodiment of this application, such as... Figure 1 As shown, the system includes at least a terminal 101 and a server 102. The terminal device 101 can be connected to peripheral devices, such as USB devices. The terminal device 101 can be a tablet computer, a laptop computer, a desktop computer, etc., but is not limited to these.

[0049] Multiple containers are created on server 102 using container technology. Each container runs a CDI desktop environment with an operating system. Users connect to the CDI desktop in the container on server 102 using terminal device 101 and use the remote desktop service provided by server 102. Server 102 can be a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (CDN), and big data and artificial intelligence platforms. Terminal device 101 and server 102 can be connected directly or indirectly through wired or wireless communication. This application does not impose any restrictions on this connection.

[0050] Figure 2 A schematic diagram illustrating another, more specific system architecture provided for embodiments of this application, such as... Figure 2 As shown, the system includes a CDI server 201 and at least one CDI terminal (such as...). Figure 2 The system includes a first CDI terminal 2021 and a second CDI terminal 2022, and at least one peripheral device, which may be a USB device (such as...). Figure 2The system includes a first USB device 2031, a second USB device 2031, a third USB device 2033, and a fourth USB device 2034. The CDI server 201 creates multiple containers using container technology, each running a CDI desktop environment with an operating system. For example, the first container runs a first CDI desktop 2021, and the second container runs a second CDI desktop 2012. Each CDI desktop creates a corresponding interface (such as a VHCI interface). For example, the first CDI desktop 2011 creates a first VHCI 2013, and the second CDI desktop 2012 creates a second VHCI 2014. Each CDI terminal is connected to at least one USB device, and these USB devices can be connected via Universal Serial Bus over Internet Protocol (USB). The system uses USBIP (USB-IP Protocol) technology to connect to the VHCI on the CDI server. For example, the first CDI terminal 2021 connects to two USB devices, namely the first USB device 2031 and the second USB device 2032. The first USB device 2031 and the second USB device 2032 connect to the first VHCI 2013 on the CDI server via USBIP technology. The second CDI terminal connects to two USB devices, namely the third USB device 2033 and the fourth USB device 2034. The third USB device 2033 and the fourth USB device 2034 connect to the second VHCI 2014 on the CDI server via USBIP technology. This application embodiment does not impose any limitations on the number of CDI servers, CDI desktops, CDI terminals, USB devices, or specific connection relationships involved in the above system architecture. For example, there can be more or fewer CDI terminals, more or fewer USB devices, more or fewer CDI desktops, or other devices. Figure 2 The description uses only two CDI desktops, two CDI terminals, and four USB devices as an example.

[0051] The method provided in this application will be described in detail below with reference to specific embodiments.

[0052] Figure 3 This application provides a flowchart corresponding to a method for accessing a peripheral device. This method can be executed by a device for accessing the peripheral device, which can be a server (such as a CDI server) or a component within the server (such as a processor or chip). The following description uses the execution of this method by a CDI server as an example. Figure 3 As shown, the method includes:

[0053] Step 301: When the CDI server detects that a peripheral device (such as a first USB device) is connected to a first interface (such as a first VHCI) of at least one interface, it obtains the identifier of the first interface and the identifier of the peripheral device.

[0054] Specifically, with Figure 2 Taking the first USB device as an example, the first USB device can be connected to the CDI terminal and connect to the first VHCI among multiple VHCIs via USBIP technology. Correspondingly, when the CDI server detects that the first USB device is connected to the first VHCI, the CDI server generates an event, which is a first USB device access event. This event includes the identifier of the first USB device and the identifier of the first VHCI. Further, the CDI server obtains the identifier of the first VHCI and the identifier of the first USB device from the event and establishes a correspondence between the first USB device and the first VHCI. Here, the identifier of the first VHCI may include the sequence number of the first VHCI.

[0055] Step 302: The CDI server determines, based on the identifier and correspondence information of the first interface, that the first interface (such as the first VHCI) corresponds to the first CDI desktop in at least one CDI desktop.

[0056] For example, the CDI server establishes a one-to-one correspondence between the identifier of at least one CDI desktop and the identifier of at least one interface (such as VHCI). There are various specific implementations for the CDI server to establish this correspondence. As one possible implementation, the CDI server includes at least one CDI desktop. The CDI server can create a corresponding VHCI for each CDI desktop, and after creation, it can establish a correspondence between at least one CDI desktop and at least one VHCI. Here, at least one CDI desktop and at least one VHCI correspond one-to-one. For example, see... Figure 2 As shown, when the CDI server creates a first VHCI through a first CDI desktop, it can obtain the identifier of the first CDI desktop and the identifier of the first VHCI corresponding to the first CDI desktop (such as the serial number of the first VHCI), and then establish a correspondence between the first CDI desktop and the first VHCI (i.e., the correspondence between the identifier of the first CDI desktop and the serial number of the first VHCI). When the CDI server creates a second VHCI through a second CDI desktop, the CDI server can obtain the identifier of the second CDI desktop and the identifier of the second VHCI corresponding to the second CDI desktop (such as the serial number of the second VHCI), and then establish a correspondence between the second CDI desktop and the second VHCI (i.e., the correspondence between the identifier of the second CDI desktop and the serial number of the second VHCI). See Table 1, which is an example of a correspondence between at least one CDI desktop and at least one VHCI.

[0057] Table 1: Examples of the correspondence between at least one CDI desktop and at least one VHCI

[0058] CDI desktop VHCI Identity of the first CDI desktop Serial number of the first VHCI Identity of the second CDI desktop Serial number of the second VHCI

[0059] For example, the CDI server determines the first CDI desktop corresponding to the first VHCI based on the identifier of the first interface (i.e., the first VHCI sequence number) and the corresponding relationship information, so as to... Figure 2 Taking the first VHCI as an example, the CDI server determines the identifier of the first CDI desktop corresponding to the first VHCI sequence number based on the sequence number of the first VHCI and the corresponding relationship information in Table 1, and determines the first CDI desktop based on the identifier of the first CDI desktop.

[0060] For example, each of the at least one CDI desktops runs in an independent namespace, thereby enabling isolation between the peripheral devices corresponding to the at least one CDI desktop.

[0061] Step 303: The CDI server creates a device node in the first CDI desktop for accessing the USB device based on the identifier of the peripheral device.

[0062] For example, with Figure 2 Taking the first USB device as an example, the CDI server creates a corresponding device node in the first CDI desktop based on the device information of the first USB device. The device node in the first CDI desktop is only visible to the programs in the first CDI desktop. The application in the first CDI desktop configures the device node according to the device information of the first USB device in the event. At this time, the application in the first CDI desktop can access the first USB device.

[0063] Optionally, before configuring the created device node, the first CDI desktop in the CDI server also needs to check the permissions of the device node. Figure 4 This application provides a flowchart corresponding to a method for accessing peripheral devices, as shown in the embodiments. Figure 4 As shown, it includes the following steps:

[0064] Step 401: Listen for access requests from the control group corresponding to the first CDI desktop.

[0065] Step 402: Receive access request.

[0066] Here, the access request includes the process ID corresponding to the access request and the information of the device node requested for access.

[0067] Step 403: Determine whether the process identified by the process ID is a program in the application whitelist.

[0068] Here, the CDI server pre-stores an application whitelist, and applications on the whitelist can obtain configuration permissions for the device node. If it is determined that the process indicated by the process ID is an application in the application whitelist, then step 404 is executed to allow the access request to access the device node.

[0069] If it is determined that the process indicated by the process ID is not a program in the application whitelist, then step 405 is executed to prohibit the access request from accessing the device node.

[0070] Figure 5 A flowchart illustrating the internal implementation of the CDI server provided in this application embodiment is shown below. Figure 5 As shown, the CDI server internally includes an operating system kernel, an information processing module, and a permission management module. Each CDI desktop within at least one CDI includes a device configuration module and third-party applications, specifically implemented as follows:

[0071] by Figure 2 Taking the first USB device as an example, when the first USB device is connected to the first VHCI, the operating system kernel in the CDI server generates an event and sends the event to the information processing module in the CDI server. This event is the access event of the first USB device, which includes the identifier of the first USB device and the identifier of the first VHCI (such as the serial number of the first VHCI).

[0072] After receiving an event sent by the operating system kernel, the information processing module in the CDI server finds the corresponding first CDI desktop based on the sequence number and corresponding relationship information of the first VHCI in the event. The information processing module of the CDI server then forwards the event to the namespace to which the first CDI desktop belongs.

[0073] The device configuration module in the first CDI desktop receives an event from its own namespace. Based on the device information of the first USB device in the event, the device configuration module in the first CDI desktop creates a device node in the first CDI desktop. This device node is only visible to programs in the first CDI desktop.

[0074] The information processing module of the CDI server will also forward the event to the third-party application of the first CDI desktop. After receiving the event, the third-party application in the first CDI desktop will find the device node corresponding to the first USB device according to the identifier of the first USB device in the event, and configure the device node. At this time, the third-party application in the first CDI desktop can also access the first USB device.

[0075] Optionally, an application whitelist is stored in the permission management module of the CDI server. The permission management module obtains access requests from processes to device nodes from the control group. The access request is initiated by a third-party application based on a received event. The access request includes the process ID corresponding to the access request and the information of the device node to be accessed. If it is determined that the process indicated by the process ID is a program in the application whitelist, the access request is allowed to access the device node. If it is determined that the process indicated by the process ID is not a program in the application whitelist, the access request is prohibited from accessing the device node.

[0076] By adopting the above method, by establishing the correspondence between the first CDI desktop and the first VHCI, as well as the correspondence between the first USB device and the first VHCI, the connected first USB device can determine the first VHCI corresponding to the first CDI desktop based on the obtained identifier and correspondence information of the first VHCI. There is no need to establish the corresponding connection by identifying the device information of the peripheral device in advance. This makes it easier to manage the correspondence between multiple peripheral devices and multiple CDI desktops. Since each CDI desktop runs in an independent namespace, each CDI desktop can only access the peripheral device corresponding to each CDI desktop, thus achieving peripheral device isolation between CDI desktops.

[0077] Based on the same concept, embodiments of this application also provide a device 6000 for accessing peripheral devices. Figure 6 This is a schematic diagram of a device for accessing peripheral devices provided in an embodiment of this application, such as... Figure 6 As shown, the device 6000 includes:

[0078] The acquisition module 601 acquires the identifier of the first interface and the identifier of the peripheral device when it detects that the peripheral device is connected to the first interface of at least one interface.

[0079] The determining module 602 is used to determine, based on the identifier and correspondence information of the first interface, the first interface corresponds to the first CDI desktop in at least one containerized desktop infrastructure (CDI) desktop, wherein the correspondence information is used to indicate that the at least one CDI desktop corresponds one-to-one with at least one interface, and the first interface is one of the at least one interface.

[0080] The processing module 603 is used to create a device node in the first CDI desktop for accessing the peripheral device based on the device information of the peripheral device.

[0081] Optionally, the acquisition module 601 is specifically configured to: generate an event when it is detected that the peripheral device is connected to the first interface, the event including the identifier of the peripheral device and the identifier of the first interface; and acquire the identifier of the peripheral device and the identifier of the first interface in the event.

[0082] Optionally, the processing module 603 is further configured to: locate the device node based on the identifier of the peripheral device in the event, and complete the configuration before accessing the device node.

[0083] Optionally, the processing module 603 is further configured to receive an access request, the access request including a process ID corresponding to the access request; and if it is determined that the process indicated by the process ID is a program in the application whitelist, then the access request is allowed to access the device node.

[0084] Optionally, the processing module 603 is further configured to, if it is determined that the process indicated by the process ID is not a program in the application whitelist, then prohibit the access request from accessing the device node.

[0085] Optionally, the processing module 603 is further configured to listen for the access request from the control group corresponding to the first CDI desktop.

[0086] Optionally, the peripheral device is connected to the first interface of the at least one interface via Universal Serial Bus IP (USBIP) technology based on Internet Protocol.

[0087] Optionally, the at least one CDI desktop runs in an independent namespace.

[0088] Based on the same technological concept Figure 7 This is a schematic diagram of the structure of a device 7000 provided in an embodiment of this application. This device is used to implement the functions of the CDI server in the above embodiments. Figure 7 As shown, the device 7000 includes at least one processor 701 and a memory 702 connected to the at least one processor 701. In this embodiment, the specific connection medium between the processor 701 and the memory 702 is not limited. Figure 7 Taking the connection between processor 701 and memory 702 via a bus as an example, the bus can be divided into address bus, data bus, control bus, etc. In this embodiment of the invention, memory 702 stores instructions that can be executed by at least one processor 701. By executing the instructions stored in memory 702, at least one processor 701 can implement the steps of the above-described method for accessing peripheral devices.

[0089] The processor 701 is the control center of the computer device, capable of connecting various parts of the computer device via various interfaces and lines. It performs resource configuration by running or executing instructions stored in the memory 702 and accessing data stored in the memory 702. Optionally, the processor 701 may include one or more processing units. The processor 701 may integrate an application processor and a modem processor. The application processor primarily handles the operating system, user interface, and applications, while the modem processor primarily handles wireless communication. It is understood that the modem processor may not be integrated into the processor 701. In some embodiments, the processor 701 and the memory 702 may be implemented on the same chip; in other embodiments, they may be implemented on separate chips.

[0090] Processor 701 can be a general-purpose processor, such as a central processing unit (CPU), digital signal processor, application-specific integrated circuit (ASIC), field-programmable gate array (FPGA), or other programmable logic device, discrete gate or transistor logic device, or discrete hardware component, capable of implementing or executing the methods, steps, and logic block diagrams disclosed in the embodiments of this application. The general-purpose processor can be a microprocessor or any conventional processor. The steps of the methods disclosed in the embodiments of this application can be directly manifested as being executed by a hardware processor, or executed by a combination of hardware and software modules within the processor.

[0091] Memory 702, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. Memory 702 may include at least one type of storage medium, such as flash memory, hard disk, multimedia card, card-type memory, random access memory (RAM), static random access memory (SRAM), programmable read-only memory (PROM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), magnetic storage, magnetic disk, optical disk, etc. Memory 702 can be any other medium capable of carrying or storing desired program code in the form of instructions or data structures that can be accessed by a computer, but is not limited thereto. In the embodiments of this application, memory 702 can also be a circuit or any other device capable of implementing storage functions for storing program instructions and / or data.

[0092] Based on the same technical concept, embodiments of the present invention provide a computer-readable storage medium storing a computer program, the computer program being executed by a processor as described above regarding the method of accessing peripheral devices.

[0093] Those skilled in the art will understand that embodiments of this application can be provided as methods, systems, or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0094] This application is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to this application. It should be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart illustrations. Figure 1 One or more processes and / or boxes Figure 1A device that provides the functions specified in one or more boxes.

[0095] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0096] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.

[0097] Obviously, those skilled in the art can make various modifications and variations to this application without departing from the spirit and scope of this application. Therefore, if such modifications and variations fall within the scope of the claims of this application and their equivalents, this application also intends to include such modifications and variations.

Claims

1. A method for accessing peripheral devices, characterized in that, The method is applied to a server, and the method includes: If a peripheral device is detected to be connected to a first interface of at least one interface, the identifier of the first interface and the identifier of the peripheral device are obtained. Based on the identifier and correspondence information of the first interface, it is determined that the first interface corresponds to the first CDI desktop in at least one containerized desktop infrastructure CDI desktop. The correspondence information is used to indicate that the at least one CDI desktop corresponds one-to-one with the at least one interface, and the first interface is one of the at least one interface. Based on the identifier of the peripheral device, a device node for accessing the peripheral device is created in the first CDI desktop.

2. The method as described in claim 1, characterized in that, The step of obtaining the identifier of the first interface and the identifier of the peripheral device when it is detected that the peripheral device is connected to the first interface of at least one interface includes: When the peripheral device is detected to be connected to the first interface, an event is generated, the event including the identifier of the peripheral device and the identifier of the first interface; Obtain the identifier of the peripheral device and the identifier of the first interface in the event.

3. The method as described in claim 2, characterized in that, After creating a device node in the first CDI desktop for accessing the peripheral device based on the identifier of the peripheral device, the method further includes: The device node is located based on the identifier of the peripheral device in the event, and the configuration before accessing the device node is completed.

4. The method as described in claim 3, characterized in that, The method further includes: Receive an access request, the access request including the process ID corresponding to the access request; If it is determined that the process indicated by the process ID is a program in the application whitelist, then the access request is allowed to access the device node.

5. The method as described in claim 4, characterized in that, The method further includes: If it is determined that the process indicated by the process ID is not a program in the application whitelist, then the access request is prohibited from accessing the device node.

6. The method as described in claim 4, characterized in that, The receiving of access requests includes: The access request was detected in the control group corresponding to the first CDI desktop.

7. The method according to any one of claims 1 to 6, characterized in that, The peripheral device is connected to the first interface of the at least one interface via Universal Serial Bus IP technology based on Internet Protocol.

8. The method according to any one of claims 1 to 6, characterized in that, The at least one CDI desktop runs in an independent namespace.

9. A device for accessing peripheral devices, characterized in that, The device includes: The acquisition module, upon detecting that a peripheral device is connected to a first interface among at least one interfaces, acquires the identifier of the first interface and the identifier of the peripheral device. The determining module is used to determine, based on the identifier and correspondence information of the first interface, the first interface corresponds to the first CDI desktop in at least one containerized desktop infrastructure CDI desktop, wherein the correspondence information is used to indicate that the at least one CDI desktop corresponds one-to-one with the at least one interface, and the first interface is one of the at least one interface; The processing module is configured to create a device node in the first CDI desktop for accessing the peripheral device based on the identifier of the peripheral device.

10. A device for accessing peripheral devices, characterized in that, The device includes: Memory, used to store program instructions; A processor is configured to invoke program instructions stored in the memory and execute the steps of the method according to any one of claims 1 to 8.

11. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program, the computer program including program instructions that, when executed by a computer, cause the method as described in any one of claims 1 to 8 to be performed.