Buffer overflow?

Matthew Dillon dillon at apollo.backplane.com
Mon Aug 4 00:28:20 PDT 2003


:Also, I am not sure about the possiblity or the viability of what I am 
:about to suggest; that is, things like ACLs should be done as an overlay 
:over a file system, just like Quotas and the ability to make arbitrary 
:file systems volumes as root file systems.  So it would be like:
:
:	[ UFS ] -> [ ACL-FS ] -> FS visibility (w/ ACLs)
:
:So then, supposingly, a VFS entry-point exists that can be used by the 
:filesystem for storing the ACL information somewhere, be it on-disk, or 
:temporarily in memory (depending on what type of file system it is 
:ofcourse).
:
:Ofcourse, adding ACL support to userland utilities is just a different 
:ball-game altogether. :-)
:
:Cheers.
:
:-- 
:Hiten Pandya

    It's even easier then that.

    mount(... option to request ACLs)
    {
	port = openvfs(ufs ... )

	if ((flags & WANTACLS) && doio(query ACL capabilities) == ENOTSUP) {
	    port = overlay_acl(port);
	}
	if ((flags & WANTQUOTAS) && doio(query quota capabilities) == ENOTSUP) {
	    port = overlay_quota(port);
	}
	etc...
    }

    There would be 'system standard' APIs that the system is able to guarentee
    to userland, like ACLs, QUOTAs, even things like transactions (the
    overlay would generate a separate transactional log and validate the
    underlying filesystem from it after a reboot).

    The actual overlay code would simply shim the port... multiple overlays
    would only use one shim with a subsystem switch on the message command,
    like this:

    overlay_acl(oldport)
    {
	newport = allocport(sizeof(overlay_shimport))
	newport->ov_fsport = oldport;
	newport->ov_port.mp_beginmsg = overlay_port_beginmsg;
	return(newport);
    }


    int
    overlay_port_beginmsg(port, msg)
    {
	subsystem = msg->ms_cmd >> 24
	return((overlay_subsystem_ary[subsystem])(port->ov_fsport, msg));
    }

    In otherwords, it wouldn't be slow.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>





More information about the Kernel mailing list