Fwd: Adding bindfs a layer of security.

24 views
Skip to first unread message

Irad K

unread,
Jun 25, 2017, 3:50:38 AM6/25/17
to osxfus...@googlegroups.com
Hi,

I wish to learn about the backend of osx-fuse in order to take part of improving it in the future...  Right now I'm trying to figure out what info/data is actually sent back to the daemon from the kernel driver. 

I've started with some research about the kernel user communication by following the data path in read command  
on the driver that serve as a path through to user-space filesystem deamon. 

so far, I've found out that upon client initiate read request, it forwarded from vfs layer to fuse_vnop_read, with the data kept in 'uio' arguments which is the command arguments in user-space (including buffer for data to be read). 

based on these params and other params like the context details, the struct fuse_dispatcher is created, and this is the entity that eventually being sent to the deamon more or less .. 

here's the fuse_dispatcher class:


struct fuse_dispatcher

{

    struct fuse_ticket    *tick;

    struct fuse_in_header *finh;


    void    *indata;

    size_t   iosize;

    uint64_t nodeid;

    int      answ_stat;

    void    *answ;

};


and here's the command that send the dispatcher and wait for response (from daemon)

            err = fdisp_wait_answ(&fdi);



However, there's some other layer which seem to actually send the data to user-space, which called fuse_device_cdevsw which posses the method fuse_device_read. 

Perhaps do you know how is this method connected to the read flow ? 

basically what it does is dequeuing the ticket (part of the dispatcher data we collected in vnop_read), and send it to the deamon. is it working from a different thread and signal back to vnop_read (in particular fdisp_wait_answ) 
once the read has been completed and response has returned ? 

I hope it not too burdening question, but I'd be really appreciate it if you can elaborate some of this flow if you're familiar with it. 

thanks, 
Irad

iradi...@gmail.com

unread,
Jun 25, 2017, 5:21:34 AM6/25/17
to OSXFUSE
oops, the title went totally incorrect :-( 

It should be something like "Understanding the info passed from Fuse kext to filesystem user-space daemon"

sorry about that.
Reply all
Reply to author
Forward
0 new messages