ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2025-01-04 04:54:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
47c616ab94
genode/repos/os/src/server/lx_fs
History
Norman Feske 4d442bca30 Streamline exception types 
This patch reduces the number of exception types by facilitating
globally defined exceptions for common usage patterns shared by most
services. In particular, RPC functions that demand a session-resource
upgrade not longer reflect this condition via a session-specific
exception but via the 'Out_of_ram' or 'Out_of_caps' types.

Furthermore, the 'Parent::Service_denied', 'Parent::Unavailable',
'Root::Invalid_args', 'Root::Unavailable', 'Service::Invalid_args',
'Service::Unavailable', and 'Local_service::Factory::Denied' types have
been replaced by the single 'Service_denied' exception type defined in
'session/session.h'.

This consolidation eases the error handling (there are fewer exceptions
to handle), alleviates the need to convert exceptions along the
session-creation call chain, and avoids possible aliasing problems
(catching the wrong type with the same name but living in a different
scope).
2017-05-31 13:16:07 +02:00
..
directory.h base: avoid use of deprecated base/printf.h 2016-08-29 17:27:10 +02:00
file.h linux: prevent hybrid-mode compiler warnings 2015-05-26 09:39:53 +02:00
lx_util.h Move repositories to 'repos/' subdirectory 2014-05-14 16:08:00 +02:00
main.cc Streamline exception types 2017-05-31 13:16:07 +02:00
node.h Remove Genode namespace from File_system 2016-01-08 14:48:52 +01:00
README Move repositories to 'repos/' subdirectory 2014-05-14 16:08:00 +02:00
symlink.h rump_fs/fuse_fs/lx_fs/ram_fs: symlink fixup 2015-07-21 09:40:19 +02:00
target.mk Build dynamically linked executables by default 2016-12-14 11:22:27 +01:00

README 

This directory contains an Genode file-system service to Linux host fs
wrapper.

Configuration
~~~~~~~~~~~~~

Access to the file system can be tailored for each session depending on the
session's label. By default, no permissions are granted to any session.
To selectively permit access to (a part of) the file system, at least one
policy must be defined.

The following configuration illustates the way of how to express policy.

! <config>
!   <!-- constrain sessions according to their labels -->
!   <policy label="noux -> root" root="/" />
!   <policy label="noux -> home" root="/home/user" writeable="yes" />
!   <policy label="noux -> tmp"  root="/tmp"       writeable="yes" />
! </config>

Session-specific access-control policy is expressed via one or more '<policy>'
nodes. At session-creation time, each policy node is matched against the label
of the new session. If the label of a policy node matches, the defined policy
is applied. If multiple policies match, the one with the longest 'label'
attribute (the most specific one) is selected.

A policy node may contain the following attributes. The mandatory 'root'
attribute defines the viewport of the session onto the file system. The
optional 'writeable' attribute grants the permission to modify the file system.


Example
~~~~~~~

To illustrate the use of lx_fs, refer to the 'base-linux/run/lx_fs.run'
script.


Notes
~~~~~

If the Linux file system experiences changes from other processes
'inotify' may help to keep the servers cache up-to-date. This is not
implemented yet.