The present invention relates generally to techniques for maintaining programming systems, and more particularly, to methods for selecting which sets of program corrections or “patches” are to be installed in accordance with the security needs of a particular organization.
When programs are installed upon a computer system, the programs are constituted of a large number of individual files which are grouped together into what may be called “filesets.” For example, in
As time passes, both through the detection of defects in the various files and also through changes in the needs of the users of the system, corrections and improvements are made to the files that comprise a given system. These are distributed in the form of “patches” each of which contains a number of files that are basically updates and improvements to the files previously installed. It is customary to group all the files contained within a given patch into one or more filesets, and to give the filesets within a patch the same names as the filesets to which they correspond in the actual systems. Accordingly, and with reference to
Over time, further patches are issued for a given system. In
In the past, it has been customary any time a system is updated to install only the newest set of root patches that contain filesets corresponding to the filesets installed on a given system. In this manner, a system is kept up-to-date. However, some of the patches installed may not have undergone sufficient testing to suit the needs of a system that is mission critical and that should not be updated with patches until they have undergone fairly thorough testing. A trained technical expert can go through all the patches, looking at the date of each patch and estimating its reliability, and can then select patches which have been around for sufficient time so that their reliability is fairly certain. However, this is a time consuming process that can also result in erroneous selections.
Briefly described, the present invention is a method for selecting the patches for installation on a given system. First, from a system database, one obtains the names of all the patches that have already been installed on the system, and one also retrieves the names of the system's filesets. Using a patch tree database, one selects the root patches that contain updates for the filesets found within the system. Next, using the patch trees associated with the root patches, one then systemically and recursively searches through the patch trees examining each patch in each patch tree and the sub-tree beyond each patch, and either recommending patches that are either new patch recommendations or successors for previously installed patches, with the ratings of the patches playing a significant role in the selection of the set of recommended patches such that the currency of each is balanced against its reliability as indicated by their ratings to determine which patches to recommend.
As an aid to understanding the present invention,
When Hewlett-Packard's version of UNIX “HPUX,” receives new program files that are to be added to a given system, the files are delivered gathered into filesets having names, such as FS1, FS2, and so on. These filesets are installed upon a given system by a process that unpacks and, possibly, uncompresses the files and places them onto the hard disk drive of that system. As in shown in
Patches, or corrected/updated sets of files, are also delivered to a system as collections of filesets within each patch. In the HPUX system, it is customary that the filesets in a patch have the same names as the installed filesets. A patch fileset will contain updated versions of some (possibly all) of the files in the system fileset having the same name. A given patch PATCH_5 contains new features and fixes or repairs for specific defects. Descriptions of the new features and of the repaired defects are contained in a text file that this maintained in a central database for each patch and that is searchable for words and phrases. Accordingly, a systems administrator may search through the patch text file database and locate patches that repair particular defects or add particular features.
Over time, a first patch may be replaced by a second patch which contains all the fixes and new features of the first patch plus additional changes. These additional changes are called incremental fixes. The new patch then SUPERSEDES the previous patch. With reference to
In some situations, as illustrated in
Typically, large systems will contain large numbers of filesets, and these will be updated by the patches in multiple disjoint patch trees (i.e., a patch will appear in at most one tree). Accordingly,
The beginning point for the patch selection method of the present invention is the determination, at steps 104 and 106 in
The patch tree database 400 can be constructed from a patches database 300 (
The second step needed at the start of the patch selection method of the present invention is to determine which update patches a given system has already received. With reference to
In the example illustrated by
Having found the names of all the patches previously installed in a given system, and having associated those names with the system variable INSTALLED; and having also found all of the patch tree root patch names relevant to the updating of a given system, and having associated those names with the system variable INSTALLED; the present invention now passes the two sets of values INSTALLED and ROOTS to a function entitled FIND_ALL_I_R_L (find all set of the triple values (I, R, L) for this system). As shown at step 108 in
Each triple value returned is a recommendation of a possible way to update the system. Within each triple, the central value “R” is the name of a “recommended” patch to be installed on the system, or “R” is NULL if this triple contains no recommendation. This recommended patch name was retrieved from a patch tree. “L” is the name of the root (or “latest” or most recent) patch in that patch tree. “I” in each triple is the name of an already installed patch that is to be superceded by the recommended patch, or else it is NULL if there was no prior patch installed that is being superceded.
A conservative user will take the name values R, obtain the correspondingly named patches, and install them to update a given system. A user who is not concerned about risks and wants to receive the very latest updates can, instead, take the name values L and install them upon a given system. A very conservative user, after taking the name values R, might then obtain the text files describing the recommended patches R and review what those patches do, and then select only those recommended patches containing changes that are important to that particular user, thereby avoiding the possibility of introducing new problems along with new patches in areas that are irrelevant to a particular user's needs.
The call to the function FIND_ALL_I_R_L performed at step 500 in
A user with a particular system is looking for patches that will bring their system up-to-date. With the possibility of different patch ratings for different patches on the same patch tree, the problem arises as to which patch is the most appropriate to be recommended to a given user. The recommendation depends on the amount of risk that a particular user is willing to accept.
The patch selection algorithm, presented in overview in
Consider two patches I and R, where R is a successor to I. R is considered “clearly better” than I if and only if:
Consider the exemplary patch tree shown in FIG. 14. In this example, the following conclusions may be drawn:
The following definition makes a patch recommendation from all of the “clearly better” patches. The definition will only recommend less risky patches by selecting patches with a rating of at least 2. The most recent, highest rated patches are selected. Note that the definition still applies when the patch tree contains no installed patches.
Definition of “recommended.” A patch R is recommend if and only if:
Consider the example set forth in FIG. 13.
The present invention is implemented by means of a program 500 (
As illustrated in
In this example, the set variable INSTALLED, shown at 1604 in
Briefly summarized, the triple 1608 recommends that PATCH_1 be replaced by PATCH_3. In the patch tree 1502, PATCH_3 which is newer and more reliable than PATCH_1; while the PATCH_4 is still newer, it is not recommended because of its unreliability.
The triple 1610 similarly recommends the installation of the new PATCH_10 to replace the PATCH_5, but it does not recommend installation of the still newer but unreliable PATCH_11. The similar triple 1612 recommends that the same PATCH_10 also replace the previously installed PATCH_9, even though PATCH_10 is less reliable than PATCH_9, since PATCH_10 has already been recommended to replace the even less reliable PATCH_5.
A triple 1614, which relates to the patch tree 1506, does not recommend that the newest PATCH_13 replace the previously installed PATCH_14 because they both have a reliability rating of 2 and therefore PATCH_13 is not “clearly better” than PATCH_14. This triple 1614 contains a recommendation of NULL.
The triple 1616 suggests that the PATCH_15, with a rating of 2, be installed. The NULL value in this triple indicates that no previous patch has been installed.
The triple 1618 recommends against installing the single PATCH_16, since it has an unacceptable reliability rating of 1.
As can be seen in the set of triples shown at 1606 in
With reference to
The function 500 begins at step 504 by setting the set variable TRIPLES equal to NULL. This variable TRIPLES is the return argument which, at step 510, returns the recommendations, as described at 108 in FIG. 1 and as illustrated at 1608-1616 in
Beginning at step 506, this function 500 begins to loop through the steps 506, 600, and 508. Each time through this loop, a temporary variable R is set to the name of one of the patch tree root patch names that is retrieved from the set variable ROOTS. Each time through this loop, the re-enterable function FIND_I_R_L 600 is called and is passed, as the first two of its three incoming arguments, two copies of this variable R which contains the name of the root patch in a patch tree. The third incoming argument is the variable INSTALLED which contains the names of all the installed patches.
At step 508, any triple values returned by a given call to the function 500 are added to the variable set TRIPLES and are thus preserved to be returned by the function 500 to the calling program 100 when the function 500 terminates execution at step 510. Accordingly, each relevant patch tree is analyzed independently by a call to the function 600, the details of which appear in
Referring now to
Referring now to
The second argument, which is different for each call to the function 600 by the function 500 but which is invariant within recursive calls of the function 600 to itself, is the name of the patch that appears at the root of the particular patch tree that is being evaluated by the function 600 at the request of the function 500. It will be recalled that the function 500 receives these root patch names in the set variable ROOTS. The function 500 calls the function 600 repeatedly, each time varying the root patch tree name that is passed to the function 600 so that a different patch tree is evaluated by each call to the function 600.
The first argument, CURRENT, is the one that varies with each recursive call of the function 500. Assume, for example, that the function 500, at step 600, is calling upon the recursive function 600 to evaluate the patch tree 1504 shown in FIG. 15. The initial call of the function 500 to the recursive function 600 will set both the value ROOT and the value CURRENT to the name of the that patch tree 1504's root patch, PATCH_11. Thus, the function 600, before it begins to call itself recursively, is asked to evaluate the CURRENT patch name PATCH_11 in the patch tree having the root patch name PATCH_11. The function 600 proceeds to
In brief summary, it can be seen that each of the patches whose name appears in the patch tree 1504 is individually evaluated, and each such evaluation involves a recursive call to the function 600 with the CURRENT patch set to the name of the particular patch that is being evaluated during this call to the function. During these calls, the ratings of the various predecessor patches contained in the triples returned from the recursive calls, are studied and compared by further recursive calls to the rating of the CURRENT patch, and decisions are made as to which should be the recommended patches to present in the list of triples 1606 (
Having thus described an example of how the functions 500 and 600 operate upon specific data, and having explained the recursive nature of the function 600 and what it does, it now remains only to describe the details of the function 600, as presented in
Beginning at step 604, a test is made to see if the patch whose name appears in CURRENT has already been installed and thus appears in the array of patch names INSTALLED. If so, then there is no point in examining any predecessor (or CHILD) patches, since the system has already been updated beyond those predecessor patches. Accordingly, program control continues at step 606 where the single triple value CURRENT, NULL, ROOT is returned to the calling program. This says to the calling program that the patch name CURRENT is an installed patch, that there is no recommended replacement patch, and that the program which called the routine 600 should proceed with that as its only information concerning the remainder of the patch tree or sub-tree to the left of the patch CURRENT.
Assuming that the patch whose name appears in CURRENT has not been installed, then the function 600 proceeds to evaluate any predecessor (or CHILD) patches relative to the CURRENT patch. First, at step 608, the function 600 accesses the patch tree database 400 shown in
Next, at step 618, four variables also local to each recursion of the function 600 are initialized. A set variable CHILDREN_RESULT, which is used to recollect and store the triples (see step 108 in
Another function variable CURRENT_IS_BETTER is initially set to the Boolean value FALSE. This is a flag which determines whether the patch whose name is in CURRENT is the best and recommended choice for installation, such that it should be recommended in lieu of any predecessor (or CHILD) patches (to the left of the patch CURRENT in the patch sub-tree starting with the patch CURRENT) in all of the triples that are returned by this particular recursive call to the function 600. That is what happens if, after the function 600 nears completion of its run, and has completed all of its recursive calls to itself, this flag is found to be set TRUE. On the other hand, if after analyzing recursively all of the predecessor (or CHILD) patches, the flag CURRENT_IS_BETTER is still found to be set FALSE, that means there are no patches which are predecessor (or CHILD) patches with respect to the patch CURRENT that are worse candidates for installation than the patch CURRENT. In that case, all of the triples that result from further recursive calls of the function 600 to itself to analyze the predecessor (or CHILD) patches are preserved and are simply passed back as return arguments from this particular recursion of the function 600, as will be seen.
Another function variable CURRENT_SUPERSEDES_INSTALLED is initially set to the Boolean value FALSE. This is a flag which will be set to TRUE if any triple returned from any recursive call to the function 600 for any predecessor (or CHILD) of the patch CURRENT contains the name of a patch in the installed component of the triple. This flag will have a value of TRUE if any of the predecessors of CURRENT are in the set of INSTALLED patches. A value of TRUE will indicate that the CURRENT patch can only be recommended if it has a rating of 3 or a rating greater than the rating of at least one of the installed predecessors.
Another function variable CURRENT_IS_BETTER_THAN_NEW_REC is initially set to the Boolean value FALSE. This is a flag which will be set to TRUE if any triple returned by any recursive call to the function 600 for any predecessor (or CHILD) of the patch CURRENT, contains NULL for the installed patch and a recommended patch who's rating is less than or equal to the rating of CURRENT. If the value of CURRENT_SUPERSEDES_INSTALLED is FALSE and the value of CURRENT_IS_BETTER_THAN_NEW_REC is TRUE then CURRENT becomes the patch recommended for installation used during the creation of the returned triples.
Continuing with the detailed description of the function 600,
Additionally triples with Non-NULL installed patches are examined to determine if CURRENT would be a better recommendation than the patch currently recommended in the triple. If the triple contains no recommendation, determine if CURRENT is a good recommendation for the installed patch in the triple. Only one such triple needs to be identified to warrant setting the flag CURRENT_IS_BETTER to TRUE.
Additionally triples with no installed patch specified which contain a recommended patch are examined to determine if CURRENT is a better recommendation than the recommendation in the triple. If such a triple is found the value of CURRENT_IS_BETTER_THAN_NEW_REC is set to TRUE.
Briefly summarized, this setting of the CURRENT_IS_BETTER flag causes all the triples generated by this particular operation of the function 600 to recommend the installation of the CURRENT patch, rather than some predecessor patch. In addition, once the CURRENT_IS_BETTER flag is set true, the checking process carried about by the step 900 is no longer needed and is essentially terminated for subsequent loops through the steps 620, 600A, 622, and 900 in FIG. 7.
When all of the predecessor (or CHILD) patches have been checked in
First at step 624, if no predecessor (or child) patch has been found to be installed and therefore the value of CURRENT_SUPERSEDES_INSTALLED is FALSE and the rating of CURRENT is greater than or equal to the rating of at least one recommended patch appearing in a triple resulting from a recursive call to function 600 (and therefore the value of CURRENT_IS_BETTER_THAN_NEW_REC is TRUE), then the flag CURRENT_IS_BETTER is set equal to TRUE.
Next, at step 625, if no predecessor (or CHILD) patches have been found, then the CURRENT patch is selected as a RECOMMENDED patch if its ranking is 2 or greater. The flag CURRENT_IS_BETTER is set equal to TRUE, and this causes program control to move quickly through the steps 626, 636, 638 and 640. Nothing happens at 636, since there are no triples. At 638, a single triple value recommending the installation of the CURRENT patch is generated, and at step 640, this single triple result is returned to the calling program.
The CURRENT_IS_BETTER flag is examined at step 626. If that flag is still FALSE, then program control normally moves rapidly through the step 628 to the step 634 where the set of triples CHILDREN_RESULT is returned as a return argument from this execution of the function 600. Steps 628 and 630 check for the exceptional condition when there are no predecessor (or CHILD) patches (step 628) and the CURRENT patch is also the ROOT patch of the patch tree. In this one special case, at step 632, the triple (NULL, NULL, ROOT) is returned by the function 600. For example, this is the triple 1618 (
Returning to the step 626, if the flag CURRENT_IS_BETTER has been set TRUE, then at step 636, all of the returned triples are examined, and those triples that do not name a predecessor patch are discarded. The remaining triples are transferred to a new set variable called RESULT. In addition, these remaining triples are edited such that whatever recommendation they may have made is discarded and is replaced with the patch name stored as the value CURRENT such that no patch predecessor to the CURRENT patch is recommended. Next, at step 638, if all the triples are discarded and none remain, a single new triple is added to the set variable RESULT having the value (NULL, CURRENT, ROOT). In every case, the triples in the set named RESULT are then returned at Step 640.
With reference to
Assuming that the flag CURRENT_IS_BETTER is still false, for each triple, program control continues at step 908 where the triple is examined to see if it contains an installed patch. If it does not, then at step 910 the rating of the triple's recommended patch (if one exists) is compared to that of the CURRENT patch. If the CURRENT patch's rating is greater than or equal to that of the recommended patch, then at step 912 the flag CURRENT_IS_BETTER_THAN_NEW_REC is set equal to TRUE. Otherwise, the flag is not adjusted and in either case program control returns to step 902.
Back at step 908, if the triple did contain an installed patch, then at step 914 the CURRENT_SUPERSEDES_INSTALLED flag is set equal to TRUE. Then at step 916 the triple is examined to see if it contains a recommended patch. If it does, then at step 918 the rating of the triple's recommended patch is compared to the rating of the CURRENT patch. If the CURRENT patch's rating is greater than or equal to the rating of the recommended patch, then at step 922 the flag CURRENT_IS_BETTER is set equal to TRUE. Otherwise, the flag is not adjusted and in either case, program control returns to step 902 where the next triple is examined.
Back at step 916, if the triple did not contain a recommended patch, then at step 920, the rating of the CURRENT patch is examined. If it is equal to 3, then at step 922, the CURRENT_IS_BETTER flag is set equal to TRUE. Likewise if the CURRENT patch's rating is greater than the rating of the installed patch specified in the triple under examination, then again, at step 922, the flag CURRENT_IS_BETTER is set equal to TRUE. Otherwise the flag is not adjusted and in all cases, program control returns to step 902 where the next triple is examined.
This looping process in
While the preferred embodiment of the invention has been described, numerous modifications and changes will occur to those who are skilled in the art. Accordingly, it is intended by the claims appended to and forming a part of this application to capture the true spirit and scope of the invention.
The algorithm find_all_recommended_latest is implemented as a function returning a set of triples. The parameter are the set of patches installed on the users system as well as the roots of the patch trees which are applicable to the users system. It works by creating the necessary inputs and passing them to the recursive function find_installed_recommended_latest which processes a single patch tree starting from its root.
Number | Name | Date | Kind |
---|---|---|---|
6289509 | Kryloff | Sep 2001 | B1 |
6363524 | Loy | Mar 2002 | B1 |
6477703 | Smith et al. | Nov 2002 | B1 |
6493871 | McGuire et al. | Dec 2002 | B1 |
6526574 | Jones | Feb 2003 | B1 |
Number | Date | Country | |
---|---|---|---|
20030033597 A1 | Feb 2003 | US |