Re: Vnode scope implementation

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: David Holland <dholland-tech@...>

Cc: <tech-kern@...>

Date: Saturday, July 4, 2009 - 2:08 pm

Hi,
I've got a feeling that you haven't read the man-page or Apple's

TN2127, but anyway--
On Sat, Jul 4, 2009 at 8:38 PM, David Holland wrote:

quoted text> On Sat, Jul 04, 2009 at 08:14:19PM +0300, Elad Efrat wrote:

>> Once the back-end is in place, I'll follow-up with some more diffs

>> transitioning various file-systems to use kauth(9) in different places

>> -- access, chflags, chmod, etc.

>

> I'd like to see some examples of what this is expected to look like.
There are numerous examples of how this will look like: anything that

was already converted to kauth(9), pretty much, as well as the ACL

examples I've posted not too long ago.
>  >  /*

quoted text>  > + * Vnode scope - actions.

>  > + */

>  > +#define     KAUTH_VNODE_READ_DATA           (1 << 0)

>  > +#define     KAUTH_VNODE_LIST_DIRECTORY      KAUTH_VNODE_READ_DATA

>  > +#define     KAUTH_VNODE_WRITE_DATA          (1 << 1)

>  > +#define     KAUTH_VNODE_ADD_FILE            KAUTH_VNODE_WRITE_DATA

>  > +#define     KAUTH_VNODE_EXECUTE             (1 << 2)

>  > +#define     KAUTH_VNODE_SEARCH              KAUTH_VNODE_EXECUTE

>  > +

>  > +#define     KAUTH_VNODE_ACCESS              (1 << 31)

>

> I assume there's some reason these need to be bits rather than an

> enumeration;
Yes. If you will read Apple's TN2127, you'll see that the vnode

scope's actions are bits so several of them can be authorized in one

call. This is intentional.
> however, when you go to implement you'll find you've left

quoted text> a few things off here.
More than a few. Again, if you will look at TN2127, you'll see that it

contains both the definitions you see above as well as several others.

I would like to implement them incrementally and not add actions

before they're used. This is why my mail says "some actions". This is

how kauth(9) was implemented so far.
> These are the vnode actions VINO's security system defined. I believe

quoted text> that they're sufficient, and that at least most of them are necessary.

> I don't claim that there's anything particularly good about this way

> of structuring things; on the other hand, it *was* implemented and

> *did* work.
I tend to believe Apple's kauth(9) was also implemented and, well,

works, too. ;)
>  > +int

quoted text>  > +secmodel_bsd44_suser_vnode_cb(kauth_cred_t cred, kauth_action_t action,

>  > +    void *cookie, void *arg0, void *arg1, void *arg2,

>  > +    void *arg3)

>  > +{

>  >  [...]

>  > +    int fs_decision;

>  >  [...]

>  > +    fs_decision = (int)(unsigned long)arg2;

>

> Can't you figure out some way to arrange this that doesn't require

> casting integers to pointers and back?
Sure I can, only that it will affect kauth(9) as a whole, and this

email discusses the vnode scope. There are several design changes I

have planned, but I'd like to implement the vnode scope before moving

forward with them. Since all of kauth(9) works that way (emphasis on

"works"), it's going to stay that way, at least for now...
> (And if you really really must do that, use {u,}intptr_t, not unsigned

quoted text> long.)
Will do.
Thanks,
-e.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Vnode scope implementation, Elad Efrat, (Sat Jul 4, 1:14 pm)

Re: Vnode scope implementation, Alan Barrett, (Sat Jul 4, 3:12 pm)

Re: Vnode scope implementation, Alan Barrett, (Sun Jul 5, 6:47 am)

Re: Vnode scope implementation, Martin Husemann, (Sun Jul 5, 5:16 am)

Re: Vnode scope implementation, Marc Balmer, (Sat Jul 4, 1:52 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:15 pm)

Re: Vnode scope implementation, Matthew Mondor, (Sat Jul 4, 3:17 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 3:29 pm)

Re: Vnode scope implementation, David Holland, (Sat Jul 4, 1:38 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:08 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 5, 5:21 pm)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 5, 6:15 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Thu Jul 16, 10:10 am)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 11:44 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 3:32 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 8:00 am)

Re: Vnode scope implementation, David Holland, (Sun Jul 5, 6:53 pm)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 5, 10:02 pm)

Re: Vnode scope implementation, David Holland, (Fri Jul 10, 4:33 am)

Re: Vnode scope implementation, Elad Efrat, (Fri Jul 10, 7:06 am)

Re: Vnode scope implementation, Elad Efrat, (Mon Jul 13, 4:27 am)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 8:06 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Thu Jul 16, 10:12 am)

Re: Vnode scope implementation, Andrew Doran, (Thu Jul 16, 6:06 pm)

Re: Vnode scope implementation, David Young, (Thu Jul 16, 12:19 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 12:39 pm)

Re: Vnode scope implementation, Christoph Badura, (Sun Jul 26, 8:07 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 26, 9:38 am)

Re: Vnode scope implementation, David Young, (Mon Jul 20, 1:02 pm)

Re: Vnode scope implementation, Elad Efrat, (Mon Jul 20, 5:25 pm)

Re: Vnode scope implementation, David Young, (Tue Jul 21, 12:29 pm)

Re: Vnode scope implementation, Elad Efrat, (Tue Jul 21, 2:06 pm)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 8:31 pm)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 9:12 pm)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 10:16 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 12:10 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 3:34 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 7:53 am)

Re: Vnode scope implementation, Thor Lancelot Simon, (Sun Jul 19, 9:47 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 9:54 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 8:49 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 8:58 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Wed Jul 22, 4:05 am)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 6:46 am)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 8:40 pm)

Re: Vnode scope implementation, der Mouse, (Thu Jul 23, 6:08 am)

Re: Vnode scope implementation, David Holland, (Fri Jul 24, 11:46 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Wed Jul 22, 7:05 am)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 8:18 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 26, 10:51 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 26, 10:55 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Mon Aug 3, 7:07 pm)

Re: Vnode scope implementation, Elad Efrat, (Mon Aug 3, 11:19 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Aug 20, 9:52 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Fri Aug 21, 6:19 am)

Re: Vnode scope implementation, Marc Balmer, (Fri Aug 21, 6:26 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Fri Aug 21, 6:32 am)

Re: Vnode scope implementation, Marc Balmer, (Fri Aug 21, 7:17 am)

Re: Vnode scope implementation, Elad Efrat, (Fri Aug 21, 11:11 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Aug 23, 11:15 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Aug 23, 2:31 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Tue Aug 25, 11:43 am)

Re: Vnode scope implementation, Elad Efrat, (Tue Aug 25, 2:06 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Tue Aug 25, 4:00 pm)

Re: Vnode scope implementation, Marc Balmer, (Tue Aug 25, 4:18 pm)

Re: Vnode scope implementation, Elad Efrat, (Fri Aug 28, 3:58 pm)

Re: Vnode scope implementation, Elad Efrat, (Tue Aug 25, 4:18 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 19, 4:17 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 19, 4:19 pm)

Re: Vnode scope implementation, Marc Balmer, (Sun Jul 19, 9:07 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 9:30 am)

Re: Vnode scope implementation, Marc Balmer, (Sun Jul 19, 9:32 am)

Re: Vnode scope implementation, Christoph Egger, (Sat Jul 4, 1:45 pm)

Re: Vnode scope implementation, David Laight, (Sat Jul 4, 6:24 pm)

Re: Vnode scope implementation, Matthew Mondor, (Sat Jul 4, 6:52 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:09 pm)


linux-kernel:
Bart Van Assche	Integration of SCST in the mainstream Linux kernel
Kamalesh Babulal	[BUG] Linux 2.6.25-rc2 - Kernel Ooops while running dbench
Greg Kroah-Hartman	[PATCH 005/196] Chinese: add translation of SubmittingDrivers
Paul Jackson	Re: cpuset-remove-sched-domain-hooks-from-cpusets
git:

linux-netdev:
Gerrit Renker	[PATCH 0/37] dccp: Feature negotiation - last call for comments
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Steven Rostedt	Re: -rt scheduling: wakeup bug?
David Miller	Re: [GIT]: Networking
openbsd-misc:

Re: Vnode scope implementation

Online users