Re: Vnode scope

To: Elad Efrat <elad%NetBSD.org@localhost>
Subject: Re: Vnode scope
From: Andrew Doran <ad%netbsd.org@localhost>
Date: Mon, 11 May 2009 22:07:07 +0000

On Sat, May 09, 2009 at 04:42:16PM +0300, Elad Efrat wrote:

> I would like to implement the vnode scope so we can use kauth(9) to
> authorize file-system related operations.
> 
> There are generally two ways we can go about that:
>   - Move access control to the VFS layer
>   - Keep access control in file-system specific code

Perhaps with tightly-controlled exceptions for performance reasons, I think
it needs to remain in the file-system specific code because:

- There are lots of different conventions and capabilities in this area,
  consider AFS, NFSv4, UFS+extattr, NTFS, ??. Without a plan to handle them
  all, pulling access control into VFS diminishes its generality in the
  short term.

- We have been discussing, and most of the interested parties agree, that we
  should take some portion of concurrency and lifecycle management off VFS,
  and put them back into the file systems. In that case VOP_ACCESS() would
  exist primarily to service the access() system call. There would be no
  immediate, cheap and easy way to ensure correct serialization across
  multiple operations (use VOP_ACCESS() to check ok, perform operation).

Follow-Ups:
- Re: Vnode scope
  - From: Elad Efrat

References:
- Vnode scope
  - From: Elad Efrat

Prev by Date: Re: CVS commit: src/sys/netinet6
Next by Date: Re: Vnode scope
Previous by Thread: Re: Vnode scope
Next by Thread: Re: Vnode scope
Indexes:

Home | Main Index | Thread Index | Old Index