Buffer overflow?

Matthew Dillon dillon at apollo.backplane.com
Mon Aug 4 00:28:20 PDT 2003

:Also, I am not sure about the possiblity or the viability of what I am 
:about to suggest; that is, things like ACLs should be done as an overlay 
:over a file system, just like Quotas and the ability to make arbitrary 
:file systems volumes as root file systems.  So it would be like:
:	[ UFS ] -> [ ACL-FS ] -> FS visibility (w/ ACLs)
:So then, supposingly, a VFS entry-point exists that can be used by the 
:filesystem for storing the ACL information somewhere, be it on-disk, or 
:temporarily in memory (depending on what type of file system it is 
:Ofcourse, adding ACL support to userland utilities is just a different 
:ball-game altogether. :-)
:Hiten Pandya

    It's even easier then that.

    mount(... option to request ACLs)
	port = openvfs(ufs ... )

	if ((flags & WANTACLS) && doio(query ACL capabilities) == ENOTSUP) {
	    port = overlay_acl(port);
	if ((flags & WANTQUOTAS) && doio(query quota capabilities) == ENOTSUP) {
	    port = overlay_quota(port);

    There would be 'system standard' APIs that the system is able to guarentee
    to userland, like ACLs, QUOTAs, even things like transactions (the
    overlay would generate a separate transactional log and validate the
    underlying filesystem from it after a reboot).

    The actual overlay code would simply shim the port... multiple overlays
    would only use one shim with a subsystem switch on the message command,
    like this:

	newport = allocport(sizeof(overlay_shimport))
	newport->ov_fsport = oldport;
	newport->ov_port.mp_beginmsg = overlay_port_beginmsg;

    overlay_port_beginmsg(port, msg)
	subsystem = msg->ms_cmd >> 24
	return((overlay_subsystem_ary[subsystem])(port->ov_fsport, msg));

    In otherwords, it wouldn't be slow.

					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>

More information about the Kernel mailing list