On Thu, 22 Apr 2010, Gleb Kurtsou wrote:
> Date: Thu, 22 Apr 2010 22:18:49 +0300
> From: Gleb Kurtsou <gleb.kurt...@gmail.com>
> To: Lukáš Czerner <czerner.lu...@gmail.com>
> Cc: freebsd-hackers@freebsd.org
> Subject: Re: How to change vnode operations ?
>
> On (22/04/2010 16:02), Lukáš Czerner wrote:
> > Hi all,
> >
> > this may sound a little odd, since I have noticed that there is much
> > work done to not allow such a thing ($SUBJ). But may be you can help
> > me and point me to the right direction.
> >
> > I am writing a kernel module with somewhat similar functionality
> > like nullfs has, BUT it has to have some features which nullfs
> > itself does not provide :
> >
> > 1. I need the new layer to completely hide underlaying layer so no
> > one can bypass it.
> Is hypothetic 'mount -t mynullfs /a /a' good enough for you? I'm not sure
> what your goals are but completely finding underlaying filesystem won't
> be easy because of VFS_GET, getfh and other stuff operating with inode
> numbers.
Well, it may be good enough, or not. Thats what I am trying to find
out. Obviously there are problems, as you mentioned, which will not
exist when I change the vop_vector of the vnode, but as I thought
and you mentioned it as well, this is not very clean way.
>
> > 2. Nullfs allows me to to overlay just one directory, but i want to
> > include another directories and/or exclude subdirectories/files.
> > 3. Nullfs just redirects vnode operations to lower layer, I need to
> > catch that operation, do something (for example alter the arguments
> > somehow etc..), pass the operation (with possibly altered arguments)
> > to the lower layer, get the result and then return the result.
> I'd suggest to take a look at pefs: http://github.com/glk/pefs
> It's cryptographic stacked filesystem for FreeBSD. It changes file
> names, hides directory entries, modifies data from lower layer
> (encrypts or decrypts), supports mounting on same directory, etc.
Thats great, thanks! I will look at it.
>
> > The best way to do that (I think) is to change vnode operations of
> > particular vnodes to point to functions defined in that module. At
> > this point, I can catch any operations with the vnode and this is
> > the base of what i want.
> >
> > So my question is. I there any "clean" way to chande vnode
> > operations ? If not, is there any "not so clean" way ? Anyway I will
> > appreciate any good idea how to do what I have described.
> Imho, stacked filesystem is the only right way to do it (see null,
> unionfs, pefs).
OK. Thanks for pointing me to the pefs, it is interesting and looks
like a good start. But I would appreciate more comment on the side
of the whole idea about changing vnode operations from the kernel
module. It is a little hacky, but aside this I do not see any bigger
problems, do you ?
Thanks.
-Lukas
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
