[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
feature-mtab-translator (v3)
|
From: |
Justus Winter |
|
Subject: |
feature-mtab-translator (v3) |
|
Date: |
Fri, 19 Jul 2013 17:25:02 +0200 |
Hi,
this is a updated patch series for the mtab translator. I believe I
have cleanly addressed all concerns and all issues I encountered while
I was testing the translator (I'm dogfooding by the way).
Notable changes:
* The correct path is now stored in the peropen struct. The fact that
it previously kinda worked was a mere accident.
* fsys_get_children now filters the list of active translators
according to the credentials of the client.
* The translator used to traverse the translator tree and if it
encountered itself, it would deadlock. This is cleanly solved by
comparing the control ports of the current node and the mtab
translator.
* The translator has been cleaned up, produces more meaningful mtab
files and afaics implements all the necessary libtrivfs bits. Please
have a look, I mostly followed the advice in the hello translator
(handy regexp there, though I don't understand it, I just used it)
and looked at the null translator for reference.
Most importantly this version addresses Neals concern about not
revealing mount points if the requesting user has no read permissions
in the parent directory. The fix is clean and at the RPC level.
Richard mentioned that revealing mount points does not seem to be a
concern on Linux, but arguably on Hurd an active translator is more
common than a mount on linux.
With this iteration of the patch it is actually possible to get both
the Linux behavior and a privacy enhanced (bling bling) Hurd
behavior. If the mtab translator is running as root, it shows all
active translators to anyone who accesses it. If the translator is
running as a unprivileged user created solely for this purpose, one
get's only translators in directories matching S_IROTH. If the
translator is run by a regular user, she can see exactly those
translators that she could also discover using say ls. However, if she
knows a specific path to a translator in a directory that she may not
read, she can use the full path as entry point to discover any
translators below that node.
I have tested that the access checks works as expected using tmpfs and
nfs for libdiskfs and libnetfs respectively.
For your convenience I've pushed this series to my hurd.git on
darnassus in the branch feature-mtab-translator-v3:
git://darnassus.sceen.net/teythoon/hurd.git
More gory details:
[PATCH 01/17] libnetfs: implement file_get_translator_cntl
This is needed so that one can get the control port to active
translators bound to nodes of libnetfs based translators. I can
confirm that binding a tmpfs translator to a node on an nfs translator
works as expected.
[PATCH 02/17] pfinet: Fix call to kfree_s
I found that while playing around with coccinelle. Please have a
look. coccinelle is awesome by the way.
[PATCH 03/17] libdiskfs: track file name in struct peropen
[PATCH 04/17] libnetfs: track file name in struct peropen
Properly store the path relative to the translator root.
[PATCH 05/17] libfshelp: add translator-list.c
fshelp_get_active_translators now takes a callback to filter the list
of children to return.
[PATCH 06/17] libdiskfs: add fsys_get_children
[PATCH 07/17] libnetfs: add fsys_get_children
There's a filter function that performs the permission check. Please
have a close look at these two, there's locking and reference counting
involved.
Btw, I think we should make libdiskfs and libnetfs more alike. Now I
know that renaming files and identifiers and reorganizing code is an
intrusive operation that affects the history of the version control
system, but I think in this case this might be worth it. This would
let us compare libdiskfs and libnetfs more easily using diff and will
most likely reveal opportunities to move common functionality to
libfshelp.
[PATCH 08/17] libtrivfs: add fsys_get_children
[PATCH 09/17] trans/symlink.c: add fsys_get_children
[PATCH 10/17] hurd: add fsys_get_children
[PATCH 11/17] libdiskfs: add fsys_get_source
[PATCH 12/17] libnetfs: add fsys_get_source
[PATCH 13/17] libtrivfs: add fsys_get_source
[PATCH 14/17] trans/symlink.c: add fsys_get_source
[PATCH 15/17] hurd: add fsys_get_source
No changes other than stylistic ones.
[PATCH 16/17] XXX this looks wrong to me, please have a look
Please have a look. I think this cannot work (and it does not work
according to my tests).
[PATCH 17/17] add mtab prototype
Many changes, should be feature complete by now.
Cheers,
Justus
- Re: [PATCH 10/17] hurd: add fsys_get_children, (continued)
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/12
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Justus Winter, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Richard Braun, 2013/07/18
- feature-mtab-translator (v3),
Justus Winter <=
- [PATCH 01/17] libnetfs: implement file_get_translator_cntl, Justus Winter, 2013/07/19
- [PATCH 02/17] pfinet: Fix call to kfree_s, Justus Winter, 2013/07/19
- Re: [PATCH 02/17] pfinet: Fix call to kfree_s, Samuel Thibault, 2013/07/20
- [PATCH 03/17] libdiskfs: track file name in struct peropen, Justus Winter, 2013/07/19
- Re: [PATCH 03/17] libdiskfs: track file name in struct peropen, Neal H. Walfield, 2013/07/22
- [PATCH 04/17] libnetfs: track file name in struct peropen, Justus Winter, 2013/07/19
- [PATCH 06/17] libdiskfs: add fsys_get_children, Justus Winter, 2013/07/19
- [PATCH 05/17] libfshelp: add translator-list.c, Justus Winter, 2013/07/19
- [PATCH 08/17] libtrivfs: add fsys_get_children, Justus Winter, 2013/07/19
- [PATCH 07/17] libnetfs: add fsys_get_children, Justus Winter, 2013/07/19