From owner-freebsd-fs  Fri Jun  8 19: 2:46 2001
Delivered-To: freebsd-fs@freebsd.org
Received: from mass.dis.org (fumerola-laptop.corp.yahoo.com [216.145.60.111])
	by hub.freebsd.org (Postfix) with ESMTP
	id AB5F537B401; Fri,  8 Jun 2001 19:02:41 -0700 (PDT)
	(envelope-from msmith@mass.dis.org)
Received: from mass.dis.org (localhost [127.0.0.1])
	by mass.dis.org (8.11.3/8.11.3) with ESMTP id f592Cjb02166;
	Fri, 8 Jun 2001 19:12:45 -0700 (PDT)
	(envelope-from msmith@mass.dis.org)
Message-Id: <200106090212.f592Cjb02166@mass.dis.org>
X-Mailer: exmh version 2.1.1 10/15/1999
To: Pat Dirks <pwd@apple.com>
Cc: FreeBSD-Arch@freebsd.org, FreeBSD-FS@freebsd.org
Subject: Re: Support for pivot_root-like system call? 
In-reply-to: Your message of "Fri, 08 Jun 2001 14:27:04 PDT."
             <200106082127.OAA23988@scv1.apple.com> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 08 Jun 2001 19:12:45 -0700
From: Mike Smith <msmith@freebsd.org>
Sender: owner-freebsd-fs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-fs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-fs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-fs>
X-Loop: FreeBSD.org


Just a couple of observations about this approach:

 - If you only replace the / mount, you only protect /.  If an 
   application traverses off / onto another filesystem during a lookup,
   the eventuating vnode is going to get the vfsops pointer for the
   filesystem handling the FS the lookup terminates on, circumventing
   the protection.

   A better approach will probably be to implement a 'mount template', 
   where an FS can register a hook which allows it to decide whether if
   wants to be automagically layered over another FS being mounted, 
   something like an automatic version of Terry's union mount.

 - There's an ugly tradeoff between kernel footprint and performance
   here.  You want the checker in kernel space to avoid context switching 
   and piping all your I/O to/from userspace, but if you're doing 
   dictionary searches, that's stuff that is going to be sitting 
   permanently mapped. 8(

Hope this helps; thanks for raising the issue, it's an interesting one. 8)

Regards,
Mike


-- 
... every activity meets with opposition, everyone who acts has his
rivals and unfortunately opponents also.  But not because people want
to be opponents, rather because the tasks and relationships force
people to take different points of view.  [Dr. Fritz Todt]
           V I C T O R Y   N O T   V E N G E A N C E



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-fs" in the body of the message