Patents by Inventor Xiaohan Qin
Xiaohan Qin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11907405Abstract: A return address of a caller of a software function within an access control component is determined, the caller comprising a software component seeking access to a protected resource protected by the access control component. From the return address, a filename of the caller is determined. Responsive to determining that the filename is included in a set of filenames of components allowed to access the protected resource, the caller is allowed to access the protected resource.Type: GrantFiled: October 14, 2020Date of Patent: February 20, 2024Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Xiaohan Qin, Pedro V. Torres, Xinya Wang, Amit Agarwal
-
Publication number: 20220114271Abstract: A return address of a caller of a software function within an access control component is determined, the caller comprising a software component seeking access to a protected resource protected by the access control component. From the return address, a filename of the caller is determined. Responsive to determining that the filename is included in a set of filenames of components allowed to access the protected resource, the caller is allowed to access the protected resource.Type: ApplicationFiled: October 14, 2020Publication date: April 14, 2022Applicant: International Business Machines CorporationInventors: Xiaohan Qin, Pedro V. Torres, Xinya Wang, Amit Agarwal
-
Patent number: 10732991Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.Type: GrantFiled: October 25, 2019Date of Patent: August 4, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Curtis S. Eide, Dwayne G. McConnell, Xiaohan Qin
-
Publication number: 20200057655Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.Type: ApplicationFiled: October 25, 2019Publication date: February 20, 2020Inventors: CURTIS S. EIDE, DWAYNE G. MCCONNELL, XIAOHAN QIN
-
Patent number: 10545771Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.Type: GrantFiled: June 26, 2017Date of Patent: January 28, 2020Assignee: International Business Machines CorporationInventors: Curtis S. Eide, Dwayne G. McConnell, Xiaohan Qin
-
Publication number: 20180157496Abstract: Concurrent maintenance of an input/output (I/O) adapter backing a virtual network interface connection (VNIC) including receiving, by a hardware management console (HMC), a request to disconnect the I/O adapter from a computing system, wherein the computing system comprises a logical partition and virtual I/O server; instructing, by the HMC over a communications link, the virtual I/O server to deconfigure and remove the server VNIC driver; determining, by the HMC, that a replacement I/O adapter is installed on the computing system; and in response to determining that the replacement I/O adapter is installed on the computing system, instructing, by the HMC over the communications link, the virtual I/O server to add and configure a replacement server VNIC driver.Type: ApplicationFiled: June 26, 2017Publication date: June 7, 2018Inventors: CURTIS S. EIDE, DWAYNE G. MCCONNELL, XIAOHAN QIN
-
Patent number: 9967105Abstract: A system, and computer program product for leader device selection in a control cluster using a shared virtual local area network (VLAN) are provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.Type: GrantFiled: March 25, 2015Date of Patent: May 8, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9929934Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.Type: GrantFiled: June 3, 2015Date of Patent: March 27, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9906432Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.Type: GrantFiled: December 9, 2014Date of Patent: February 27, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9755846Abstract: A method for leader device selection in a control cluster using a shared virtual local area network (VLAN) is provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.Type: GrantFiled: June 3, 2015Date of Patent: September 5, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9473518Abstract: Embodiments of the present invention provide methods, systems, and computer program products that enable secure network communications with logical partitions. A gateway between a physical network adapter and at least one virtual network trunk adapter receives a packet. The gateway tags the packet with an indication of an origin of the packet. The gateway delivers the tagged packet to an intrusion prevention system for intrusion analysis. When the gateway receives the tagged packet from the intrusion prevention system, the gateway forwards the tagged packet according to the indication of origin of the tagged packet.Type: GrantFiled: October 22, 2010Date of Patent: October 18, 2016Assignee: International Business Machines CorporationInventors: Shaival J. Chokshi, Xiaohan Qin, Rakesh Sharma
-
Publication number: 20160285733Abstract: A method for leader device selection in a control cluster using a shared virtual local area network (VLAN) is provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.Type: ApplicationFiled: June 3, 2015Publication date: September 29, 2016Applicant: International Business Machines CorporationInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Publication number: 20160285739Abstract: A system, and computer program product for leader device selection in a control cluster using a shared virtual local area network (VLAN) are provided in the illustrative embodiments. A broadcast Hello packet is received from a sender virtual device over the VLAN at a first virtual device. When the first virtual device satisfies a partnership criterion specified in the Hello packet, a first ranking of the first virtual device is evaluated to be higher than a ranking of a sender virtual device. A first Live packet is unicast over the VLAN to the sender virtual device and a leadership role in the control cluster is taken by the first virtual device. The sender virtual device is caused to stop a broadcasting operation at the sender virtual device. A second Hello packet is broadcasted from the first virtual device over the VLAN.Type: ApplicationFiled: March 25, 2015Publication date: September 29, 2016Applicant: International Business Machines CorporationInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9426022Abstract: Provided are techniques for active SEA learning about a client LPAR MAC addresses via address resolution protocol (ARP) packets received on a virtual interface (of the active SEA). Any new client MAC addresses learned on the active SEA are sent to the inactive SEA via a control channel. When SEA failover happens, as the previously inactive SEA is about to become active, it will first send out RARP (reverse ARP) packets with the client MAC addresses as the source MAC addresses respectively. This effectively informs the switch connected to the previously inactive SEA that these client MAC addresses are to be routed through this switch port; the client MAC addresses saved on the switch connected to the previously active SEA are cleared as a result.Type: GrantFiled: December 13, 2013Date of Patent: August 23, 2016Assignee: International Business Machines CorporationInventors: Kavitha Vittal Murthy Baratakke, Shaival Jagdishbhai Chokshi, Vishal Ramachandra Mansur, Xiaohan Qin
-
Publication number: 20160164740Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.Type: ApplicationFiled: June 3, 2015Publication date: June 9, 2016Applicant: International Business Machines CorporationInventors: Shaival J. Chokshi, Xiaohan Qin, Patrick T. Vo
-
Publication number: 20160164771Abstract: At a first virtual device executing in a data processing system, a determination is made whether a partner list associated with the first virtual device includes a threshold number of partner virtual devices, the first virtual device participating in the control cluster. A first Live packet is unicast over the VLAN to each partner virtual device identified in the partner list. A unicast of a second Live packet from a second virtual device to the first virtual device is received over the VLAN, the second virtual device being identified in the partner list. A Hello packet is broadcast over the VLAN to cause the Hello packet to reach a third virtual device, wherein the Hello packet is configured to discover a new partner virtual device to add to the partner list, discovering the new partner enlarging the control cluster.Type: ApplicationFiled: December 9, 2014Publication date: June 9, 2016Applicant: International Business Machines CorporationInventors: SHAIVAL J. CHOKSHI, Xiaohan Qin, Patrick T. Vo
-
Patent number: 9128893Abstract: Byte utilization is improved in Remote Direct Memory Access (RDMA) communications by detecting a plurality of concurrent messages on a plurality of application sockets which are destined for the same application, client or computer, intercepting those messages and consolidating their payloads into larger payloads, and then transmitting those consolidated messages to the destination, thereby increasing the payload-to-overhead byte utilization of the RDMA transmissions. At the receiving end, multiplexing information is used to unpack the consolidated messages, and to put the original payloads into a plurality of messages which are then fed into the receiving sockets to the destination application, client or computer, thereby making the consolidation process transparent between the initiator and the target.Type: GrantFiled: January 14, 2013Date of Patent: September 8, 2015Assignee: International Business Machines CorporationInventors: Omar Cardona, Shaival Jagdishbhai Chokshi, Rakesh Sharma, Xiaohan Qin
-
Patent number: 9002970Abstract: Byte utilization is improved in Remote Direct Memory Access (RDMA) communications by detecting a plurality of concurrent messages on a plurality of application sockets which are destined for the same application, client or computer, intercepting those messages and consolidating their payloads into larger payloads, and then transmitting those consolidated messages to the destination, thereby increasing the payload-to-overhead byte utilization of the RDMA transmissions. At the receiving end, multiplexing information is used to unpack the consolidated messages, and to put the original payloads into a plurality of messages which are then fed into the receiving sockets to the destination application, client or computer, thereby making the consolidation process transparent between the initiator and the target.Type: GrantFiled: July 12, 2012Date of Patent: April 7, 2015Assignee: International Business Machines CorporationInventors: Omar Cardona, Shaival Jagdishbhai Chokshi, Rakesh Sharma, Xiaohan Qin
-
Patent number: 8959515Abstract: A system, method, and program product for scheduling applications in a data processing system. The method of the invention includes a step of monitoring memory availability within the data processing system during execution of one or more applications. The method further includes recording a memory usage history for one or more applications from which a memory requirement may be determined. A kernel scheduler is utilized to schedule a next application for execution in accordance with the memory availability and the determined memory requirements of the one or more monitored applications.Type: GrantFiled: January 18, 2006Date of Patent: February 17, 2015Assignee: International Business Machines CorporationInventor: Xiaohan Qin
-
Publication number: 20140140201Abstract: Provided are techniques for active SEA learning about a client LPAR MAC addresses via address resolution protocol (ARP) packets received on a virtual interface (of the active SEA). Any new client MAC addresses learned on the active SEA are sent to the inactive SEA via a control channel. When SEA failover happens, as the previously inactive SEA is about to become active, it will first send out RARP (reverse ARP) packets with the client MAC addresses as the source MAC addresses respectively. This effectively informs the switch connected to the previously inactive SEA that these client MAC addresses are to be routed through this switch port; the client MAC addresses saved on the switch connected to the previously active SEA are cleared as a result.Type: ApplicationFiled: December 13, 2013Publication date: May 22, 2014Applicant: International Business Machines CorporationInventors: Kavitha Vittal Murthy Baratakke, Shaival Jagdishbhai Chokshi, Vishal Ramachandra Mansur, Xiaohan Qin