From owner-freebsd-fs Wed Jun 19 7:41:32 2002 Delivered-To: freebsd-fs@freebsd.org Received: from lockdown.spectrum.fearmuffs.net (c164-147.pro.thalamus.se [212.31.164.147]) by hub.freebsd.org (Postfix) with ESMTP id 98D0337B40B for ; Wed, 19 Jun 2002 07:41:11 -0700 (PDT) Received: from lockdown.spectrum.fearmuffs.net (localhost.spectrum.fearmuffs.net [127.0.0.1]) by lockdown.spectrum.fearmuffs.net (8.12.3/8.12.3) with ESMTP id g5JEfBvb001888 for ; Wed, 19 Jun 2002 16:41:11 +0200 (CEST) (envelope-from gmh003532@brfmasthugget.se) Received: (from redpixel@localhost) by lockdown.spectrum.fearmuffs.net (8.12.3/8.12.3/Submit) id g5JEfBeo001887 for freebsd-fs@FreeBSD.org; Wed, 19 Jun 2002 16:41:11 +0200 (CEST) (envelope-from gmh003532@brfmasthugget.se) Date: Wed, 19 Jun 2002 16:41:11 +0200 From: Martin Faxer To: freebsd-fs@FreeBSD.org Subject: a bunch of questions Message-ID: <20020619144111.GA1352@lockdown.spectrum.fearmuffs.net> Mail-Followup-To: freebsd-fs@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.3.99i Sender: owner-freebsd-fs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hello! i'm trying to make some sense of vfs and here comes a mail with basically (as the subject says) a bunch of questions: 1) why is it preferred to do the permissions checking in the actual file system specific code instead of vfs_[n]mount()? what i mean is that eg. the ffs code does a permissions check in the !superuser case to see if the user has the necessary permissions on the device (ffs_vfsops.c:ffs_mount()). at the same time vfs_[n]mount() does a permissions check to make sure that the user owns the directory he/she is attempting to mount... why is it split up ? 2) in the statfs() code the f_fsid is zeroed out in the !superuser case. after some searching and cross-checking with OpenBSD i'm lead to believe that this is because of a potential NFS insecurity if any user is able to see the f_fsid. does anybody know more about this ? can a check be added like: if (suser(td) != 0 && strcmp(sp->f_fstypename, "nfs") == 0) ? for what it's worth, NetBSD doesn't appear to zero it out so i guess it can't be that serious... 3) can the vnode lock be of type LK_SHARED when i'm doing a VOP_OPEN() operation with only FREAD (and not FWRITE) set ? 4) what does the flags argument to VOP_UNLOCK() mean ? is it something like "resulting flags" ? (i understand what it means in the VOP_LOCK()/vn_lock() case, but i find it a little bit weird in the VOP_UNLOCK() case.) 5) when i call bread() i'm supposed to hold the vnode lock, right ? i have discussed this loosely with Robert Watson and that's the impression i got. 6) after having called bread(), should i lock it in some way before inspecting the contents of the buffer ? as far as i can tell the ufs/ffs code doesn't do this, at least not in the mount case, but i'm not quite sure if that's correct or simply works because you don't modify the superblock so often. i'm actively reading through the code and understanding more and more for each line, but it's not easy to make sense of everything right away, especially not when you're just a junior kernel hacker like me. i would greatly appreciate some answers to these questions and i believe it will really clear things up, even if only somebody else says what i already know. :) thanks in advance, Martin Faxér To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message