Roadmap 2022

Johannes Schlatow johannes.schlatow at genode-labs.com
Thu Jan 13 09:57:41 CET 2022


Hi Alexander,

> > 
> >> in that case we need to have single VFS server with own cache/page
> >> mapping for files being shared between different instance of
> >> containers (subsystems), not only for children’s? is it true for
> >> current implementation of [single VFS+FS server] <=> [[multiple
> >> subsystems]]?
> > 
> > I'm afraid you lost me. In Genode, a file system is accessed via a
> > File_system session. This session provides an API for typical
> > file/directory operations (open/create, symlink, watch, move). File
> > content is transferred via a packet stream (cf. Genode Foundations
> > Book). A VFS server would access e.g. a persistent file system and
> > deliver its contents to its own clients, which could be separate
> > subsystems. I see two places for caching here: First, the VFS server
> > could cache some file content so that it can be delivered to
> > multiple clients without transferring it from the block device
> > multiple times. Second, the clients can perform their own (local)
> > caching. Since I'm not familiar with the internals implementation
> > though, I don't know to what extend such mechanisms are already
> > implemented.
> 
> another question here is a way how to provide an access rights
> (different for different clients) which will use the same FS server.
> Do you have something like ACL applied to file system? 

The VFS server has no notion of users or ACL, yet it is possible to
provide different parts of the VFS to different clients/sessions. This
is achieved by specifying a <policy>, which sets the root directory for
the session and whether write operations are permitted. This basically
provides per-directory access control.

> or it just borrowed from, e.g. ext2 implementation (need to provide
> /etc/passwd and /etc/groups together with chmod/chown as separate
> files and utils)? I see in ssh_server.run some inline implementation
> of similar files...
> 
> Do you have own or external auth mechanism, like LDAP
> server/Radius/etc?

Natively, there is no notion of users in Genode. Instead, access
control is conducted on a per-session basis. On the one hand, the init
component takes care of routing a particular session request to a
certain child component (or parent). On the other hand, the child
providing the service may further allow the specification of session
policies (as mentioned above) so that different clients receive
different permissions.

Best
Johannes




More information about the users mailing list