&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12405923.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,405,923 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Validation of container images</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Giuseppe Scrivano,  Milan (IT); and  Alexander Larsson,  Stockholm (SE)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Red Hat, Inc.,  Raleigh, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Red Hat, Inc.,  Raleigh, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Oct.  17, 2023, as Appl. No. 18/488,179.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2025/0124002 A1, Apr.  17, 2025</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 16/16</b></i> (2019.01); <i><b>G06F 9/54</b></i> (2006.01); <i><b>G06F 11/07</b></i> (2006.01); <i><b>G06F 11/30</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 16/164</b></i> (2019.01)&#xa0;[<i><b>G06F 9/545</b></i> (2013.01); <i><b>G06F 11/0769</b></i> (2013.01); <i><b>G06F 11/3086</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>17 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12405923-20250902-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method, comprising:<div class="claim_text">extracting, by a computing system executing a kernel based operating system, a plurality of files from a container image into a filesystem of a container registry of the computing system, the container image comprising a plurality of layers, each file of the plurality of files corresponding to one of the layers of the plurality of layers;</div>
                <div class="claim_text">generating, by the computing system, a metadata file that comprises a directory structure of the plurality of files in the filesystem of the container registry, wherein the directory structure points to a plurality of file locations from which the plurality of files can be respectively accessed within the filesystem of the container registry, and wherein the metadata file does not include contents of the plurality of files in the filesystem;</div>
                <div class="claim_text">mounting, by the computing system in a kernel of the kernel-based operating system, the metadata file to a mount point, wherein mounting the metadata file causes a first digest of the metadata file to be generated and the metadata file and the plurality of files in the filesystem of the container registry to be read-only, wherein the first digest comprises cryptographic information that identifies a plurality of digests of the plurality of files in the filesystem, and wherein mounting the metadata file further causes a file of the plurality of files to be pulled to the mount point from a first file location of the plurality of file locations pointed to by the metadata file;</div>
                <div class="claim_text">subsequent to mounting the metadata file to the mount point, determining, by the computing system, that the filesystem is being accessed;</div>
                <div class="claim_text">responsive to determining that the filesystem is being accessed, generating, by the computing system, a second digest of the metadata file;</div>
                <div class="claim_text">determining, by the computing system based on a comparison of the first digest to the second digest, that the directory structure of the plurality of files in the filesystem has not changed; and</div>
                <div class="claim_text">responsive to determining that the directory structure of the plurality of files has not changed, instantiating, by the computing system, a container using the file pulled to the mount point from the first file location.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>