Subject: Re: nfs optimization and veriexec
To: Brett Lymn <blymn@baesystems.com.au>
From: Elad Efrat <elad@NetBSD.org>
List: tech-security
Date: 12/18/2007 13:28:05
Brett Lymn wrote:
> There are two sides to the NFS equation when it comes to veriexec:
>
> 1) Server side, this presents some issues because we usually hook into
> the VOP layer for read/write checking. Unfortunately the NFS
> server does not use the VOP calls when it gets read/write requests,
> the server code pages the requested part of the file into memory
> and then pushes it out to the client. From (possibly incorrect)
> memory, the open code path is different to most other file systems
> too.
>
> 2) Client side, does use the VOP calls so the veriexec checks should
> just work but with the caveat that the server needs to be trusted
> absolutely.
That's exactly the type of information I think we need to document.
Perhaps it's a good time to write an updated D&I paper for Veriexec,
too... :)
> I am sure that the per-page checking I would like to get in would
> address the issues on both sides. I need to get back to the unified
> iodone call - after talking with Chuck a while back I understand
> things a bit better, I need to update my tree and push another patch
> out.
That would be great. :)
Thanks,
-e.