ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2025-01-02 12:06:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
451c08ac01
genode/repos/os/src/server/ram_fs
History
Alexander Boettcher 28b359703d ram_fs: avoid Deref_unconstructed_object exception 
if ROM is invalid. With the patch one gets a name of the ROM and the
server continues.
2017-02-28 12:59:30 +01:00
..
main.cc ram_fs: avoid Deref_unconstructed_object exception 2017-02-28 12:59:30 +01:00
README
target.mk

README 

This directory contains an in-memory file-system implementation.

Configuration
~~~~~~~~~~~~~

Access to the file system can be tailored for each session depending on the
session's label. By default, no permissions are granted to any session.
To selectively permit access to (a part of) the file system, at least one
ram_fs policy must be defined.

The following configuration illustates the way of how to express policy.

! <config>
!   <!-- preload RAM file system with some ROM images -->
!   <content>
!     <dir name="tmp">
!       <rom name="init" as="blubb" />
!     </dir>
!     <dir name="home">
!       <dir name="user">
!         <inline name=".vimrc">
!           set hidden
!         </inline>
!       </dir>
!     </dir>
!   </content>
!   <!-- constrain sessions according to their labels -->
!   <policy label="noux -> root" root="/" />
!   <policy label="noux -> home" root="/home/user" writeable="yes" />
!   <policy label="noux -> tmp"  root="/tmp"       writeable="yes" />
! </config>

The '<content>' sub node of the '<config>' node provides a way to pre-populate
the file system with directories and files. Note that '<dir>' nodes can be
arbitrarily nested. Files can be loaded from the ROM service. By adding the
optional 'at' attribute to a rom node, the file name can be defined
independently from the ROM module name. In addition to creating files from
ROM modules, files can be created from data specified directly as part of the
configuration using '<inline>' nodes. The content of such nodes is used as
file content as is.

Session-specific access-control policy is expressed via one or more '<policy>'
nodes. At session-creation time, each policy node is matched against the label
of the new session. If the label of a policy node matches, the defined policy
is applied. If multiple policies match, the one with the longest 'label'
attribute (the most specific one) is selected.

A policy node may contain the following attributes. The mandatory 'root'
attribute defines the viewport of the session onto the file system. The
optional 'writeable' attribute grants the permission to modify the file system.


Example
~~~~~~~

To illustrate the use of ram_fs, refer to the 'libports/run/libc_fs.run'
script.