ServiceNow, Inc.
System for accessing a kernel space of an operating system with access control functionality

Abstract:

In an operating system with access control functionality, a request for a function that requires kernel space access can be initiated by an application and executed in the kernel space using a management mechanism having access to the kernel space. An application container within which the application executes includes a signaling mechanism permitted to access a message bus external to the application container using an access control policy of the operating system. The signaling mechanism signals that a message associated with the request is to be processed with kernel space access. An access control policy of the operating system permits the signaling mechanism to access a message bus used to transmit the message to the management mechanism. The management mechanism executes the function in the kernel space responsive to receiving the message from the message bus and determining that the function requires kernel space access.