Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 31 Jul 2013 13:09:56 +0400
From:      Lev Serebryakov <lev@FreeBSD.org>
To:        freebsd-geom@freebsd.org, freebsd-arch@FreeBSD.org
Subject:   [PROPOSAL] GEOM probing/tasting firewall
Message-ID:  <447183917.20130731130956@serebryakov.spb.ru>
next in thread | raw e-mail | index | archive | help 
Hello, Freebsd-geom.

  After message to GEOM list by Rotate 13 <rabgvzr@gmail.com> I was "forced"
 to write this proposal.

  For first time this idea was formulated in Jabber talk with friend of
 mine, who uses FreeBSD for massive iSCSI hosting on ZVOLs. He has problems
 with tasting these ZVOLs, which contain different types of data (Windows
 disks, Linux disks, FreeBSD disks, etc). Here are label conflicts, strange
 messages about corrupted GPTs, etc. So, it looks like to have configurable
 way to prevent some GEOM tasting is good idea.

  I propose to have mechanism, modelled after ipfw, to filter all new GEOMs
 before passing it to class tasting mechanisms.

  It will be chain of (numbered) rules with format:

rule ::= (enable | disable) ['taste'] ['by'] <consumer-spec> [['of'] <conditions>]
consumer-spec ::= 'all' | <class-name>
conditions ::= <condtition> ('and' <condition>)*
condition ::= [not] ( 'class' <mask>' | 'name' <mask> | 'path' <mask> )
mask ::= <shell-like-glob>

 'path' means "path in /dev hierarchy' here.

 Of course, default last (and only one, if user does nothing) rule must be

 "enable taste by all"

 Maybe, <conditions> could be expanded to full-featured boolean expressions,
with parenthesis and 'or' operator, it is possible, but ommitted in this
proposal to save time (I don't want to write out full expression EBNF now).

 Every added rule should trigger spoiling and re-tasting of all providers,
which are not opened by upper level (so, already mounted file systems will
prevent GEOMs from disappearing even if new rule forbid such tasting).

 I could write prototype code for this proposal, it it is not rejected right
now :)

-- 
// Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?447183917.20130731130956>