The have been no real significant changes since the previous submission (see
end of this email for detailed changelog).
We believe that the code is stable enough to warrant inclusion into -mm.
As before, there is a git repo at:
git://git.kernel.org/pub/scm/linux/kernel/git/jsipek/unionfs.git
(master.kernel.org:/pub/scm/linux/kernel/git/jsipek/unionfs.git)
The repository contains 24 commits (also available as patches in replies to
this email):
Unionfs: Documentation
lookup_one_len_nd - lookup_one_len with nameidata argument
Unionfs: Branch management functionality
Unionfs: Common file operations
Unionfs: Copyup Functionality
Unionfs: Dentry operations
Unionfs: File operations
Unionfs: Directory file operations
Unionfs: Directory manipulation helper functions
Unionfs: Inode operations
Unionfs: Lookup helper functions
Unionfs: Main module functions
Unionfs: Readdir state
Unionfs: Rename
Unionfs: Privileged operations workqueue
Unionfs: Handling of stale inodes
Unionfs: Miscellaneous helper functions
Unionfs: Superblock operations
Unionfs: Helper macros/inlines
Unionfs: Internal include file
Unionfs: Include file
Unionfs: Unlink
Unionfs: Kconfig and Makefile
Unionfs: Extended Attributes support
Thanks,
Josef 'Jeff' Sipek <[email protected]> on behalf of the Unionfs team.
Changes since try #3:
- Renamed several functions: more consistent and less likely to cause
namespace collisions (Jan Engelhardt)
- Moved Unionfs magic to include/linux/ (Jan Engelhardt)
- Misc coding style cleanup (Jan Engelhardt)
Changes since try #2:
- Added more comments (akpm)
- Cleaned up inode/dentry/file/sb private data structure member names
- Moved struct inode from unionfs_inode_container into unionfs_inode_info
(following ext2's example)
- Renamed {d,i,f,s}topd to UNIONFS_{D,I,F,S} (following almost any fs's
example)
- Removed *_ptr and *_lhs macros, open-coding the assignments (Pekka Enberg)
- Kill wrappers (e.g., unionfs_kill_block_super) (Pekka Enberg)
- Few tiny coding style fixes
- Removed some unnecessary complexity (no need to pass struct file and a
struct dentry for that file to a function - just pass a struct file
and dereference in the function, etc.)
- Removed some unnecessary checks (if (foo) kfree(foo); is completely
redundant as kfree has a null check)
- Changed C++-style comments to C-style comments (Pekka Enberg)
- Use struct kmem_cache instead of kmem_cache_t (Pekka Enberg)
- Use anonymous unions for sioq (Jan Engelhardt)
- Moved some functionality into fsstack (most of it is in -mm already)
Changes since try #1:
- unionfs_lookup must pass lookup intents to the lower filesystem (Trond
Myklebust)
- patches reordered (Stephen Rothwell)
- numerous style comments by Jan Engelhardt
From: Josef "Jeff" Sipek <[email protected]>
This patch contains miscellaneous helper functions used thoughout Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/subr.c | 172 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 172 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/subr.c b/fs/unionfs/subr.c
new file mode 100644
index 0000000..6734776
--- /dev/null
+++ b/fs/unionfs/subr.c
@@ -0,0 +1,172 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* Pass an unionfs dentry and an index. It will try to create a whiteout
+ * for the filename in dentry, and will try in branch 'index'. On error,
+ * it will proceed to a branch to the left.
+ */
+int create_whiteout(struct dentry *dentry, int start)
+{
+ int bstart, bend, bindex;
+ struct dentry *hidden_dir_dentry;
+ struct dentry *hidden_dentry;
+ struct dentry *hidden_wh_dentry;
+ char *name = NULL;
+ int err = -EINVAL;
+
+ verify_locked(dentry);
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+
+ /* create dentry's whiteout equivalent */
+ name = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ for (bindex = start; bindex >= 0; bindex--) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+
+ if (!hidden_dentry) {
+ /* if hidden dentry is not present, create the entire
+ * hidden dentry directory structure and go ahead.
+ * Since we want to just create whiteout, we only want
+ * the parent dentry, and hence get rid of this dentry.
+ */
+ hidden_dentry = create_parents(dentry->d_inode,
+ dentry, bindex);
+ if (!hidden_dentry || IS_ERR(hidden_dentry)) {
+ printk(KERN_DEBUG "create_parents failed for "
+ "bindex = %d\n", bindex);
+ continue;
+ }
+ }
+
+ hidden_wh_dentry = lookup_one_len(name, hidden_dentry->d_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(hidden_wh_dentry))
+ continue;
+
+ /* The whiteout already exists. This used to be impossible, but
+ * now is possible because of opaqueness.
+ */
+ if (hidden_wh_dentry->d_inode) {
+ dput(hidden_wh_dentry);
+ err = 0;
+ goto out;
+ }
+
+ hidden_dir_dentry = lock_parent(hidden_wh_dentry);
+ if (!(err = is_robranch_super(dentry->d_sb, bindex))) {
+ err = vfs_create(hidden_dir_dentry->d_inode,
+ hidden_wh_dentry,
+ ~current->fs->umask & S_IRWXUGO, NULL);
+
+ }
+ unlock_dir(hidden_dir_dentry);
+ dput(hidden_wh_dentry);
+
+ if (!err || !IS_COPYUP_ERR(err))
+ break;
+ }
+
+ /* set dbopaque so that lookup will not proceed after this branch */
+ if (!err)
+ set_dbopaque(dentry, bindex);
+
+out:
+ kfree(name);
+ return err;
+}
+
+/* This is a helper function for rename, which ends up with hosed over dentries
+ * when it needs to revert.
+ */
+int unionfs_refresh_hidden_dentry(struct dentry *dentry, int bindex)
+{
+ struct dentry *hidden_dentry;
+ struct dentry *hidden_parent;
+ int err = 0;
+
+ verify_locked(dentry);
+
+ lock_dentry(dentry->d_parent);
+ hidden_parent = unionfs_lower_dentry_idx(dentry->d_parent, bindex);
+ unlock_dentry(dentry->d_parent);
+
+ BUG_ON(!S_ISDIR(hidden_parent->d_inode->i_mode));
+
+ hidden_dentry = lookup_one_len(dentry->d_name.name, hidden_parent,
+ dentry->d_name.len);
+ if (IS_ERR(hidden_dentry)) {
+ err = PTR_ERR(hidden_dentry);
+ goto out;
+ }
+
+ dput(unionfs_lower_dentry_idx(dentry, bindex));
+ iput(unionfs_lower_inode_idx(dentry->d_inode, bindex));
+ unionfs_set_lower_inode_idx(dentry->d_inode, bindex, NULL);
+
+ if (!hidden_dentry->d_inode) {
+ dput(hidden_dentry);
+ unionfs_set_lower_dentry_idx(dentry, bindex, NULL);
+ } else {
+ unionfs_set_lower_dentry_idx(dentry, bindex, hidden_dentry);
+ unionfs_set_lower_inode_idx(dentry->d_inode, bindex,
+ igrab(hidden_dentry->d_inode));
+ }
+
+out:
+ return err;
+}
+
+int make_dir_opaque(struct dentry *dentry, int bindex)
+{
+ int err = 0;
+ struct dentry *hidden_dentry, *diropq;
+ struct inode *hidden_dir;
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ hidden_dir = hidden_dentry->d_inode;
+ BUG_ON(!S_ISDIR(dentry->d_inode->i_mode) ||
+ !S_ISDIR(hidden_dir->i_mode));
+
+ mutex_lock(&hidden_dir->i_mutex);
+ diropq = lookup_one_len(UNIONFS_DIR_OPAQUE, hidden_dentry,
+ sizeof(UNIONFS_DIR_OPAQUE) - 1);
+ if (IS_ERR(diropq)) {
+ err = PTR_ERR(diropq);
+ goto out;
+ }
+
+ if (!diropq->d_inode)
+ err = vfs_create(hidden_dir, diropq, S_IRUGO, NULL);
+ if (!err)
+ set_dbopaque(dentry, bindex);
+
+ dput(diropq);
+
+out:
+ mutex_unlock(&hidden_dir->i_mutex);
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides helper functions for the lookup operations in Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/lookup.c | 516 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 516 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/lookup.c b/fs/unionfs/lookup.c
new file mode 100644
index 0000000..576e224
--- /dev/null
+++ b/fs/unionfs/lookup.c
@@ -0,0 +1,516 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+static int is_opaque_dir(struct dentry *dentry, int bindex);
+static int is_validname(const char *name);
+
+struct dentry *unionfs_lookup_backend(struct dentry *dentry, struct nameidata *nd,
+ int lookupmode)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL;
+ struct dentry *wh_hidden_dentry = NULL;
+ struct dentry *hidden_dir_dentry = NULL;
+ struct dentry *parent_dentry = NULL;
+ int bindex, bstart, bend, bopaque;
+ int dentry_count = 0; /* Number of positive dentries. */
+ int first_dentry_offset = -1;
+ struct dentry *first_hidden_dentry = NULL;
+ struct vfsmount *first_hidden_mnt = NULL;
+ int locked_parent = 0;
+ int locked_child = 0;
+
+ int opaque;
+ char *whname = NULL;
+ const char *name;
+ int namelen;
+
+ /* We should already have a lock on this dentry in the case of a
+ * partial lookup, or a revalidation. Otherwise it is returned from
+ * new_dentry_private_data already locked.
+ */
+ if (lookupmode == INTERPOSE_PARTIAL || lookupmode == INTERPOSE_REVAL ||
+ lookupmode == INTERPOSE_REVAL_NEG)
+ verify_locked(dentry);
+ else {
+ BUG_ON(UNIONFS_D(dentry) != NULL);
+ locked_child = 1;
+ }
+ if (lookupmode != INTERPOSE_PARTIAL)
+ if ((err = new_dentry_private_data(dentry)))
+ goto out;
+ /* must initialize dentry operations */
+ dentry->d_op = &unionfs_dops;
+
+ parent_dentry = dget_parent(dentry);
+ /* We never partial lookup the root directory. */
+ if (parent_dentry != dentry) {
+ lock_dentry(parent_dentry);
+ locked_parent = 1;
+ } else {
+ dput(parent_dentry);
+ parent_dentry = NULL;
+ goto out;
+ }
+
+ name = dentry->d_name.name;
+ namelen = dentry->d_name.len;
+
+ /* No dentries should get created for possible whiteout names. */
+ if (!is_validname(name)) {
+ err = -EPERM;
+ goto out_free;
+ }
+
+ /* Now start the actual lookup procedure. */
+ bstart = dbstart(parent_dentry);
+ bend = dbend(parent_dentry);
+ bopaque = dbopaque(parent_dentry);
+ BUG_ON(bstart < 0);
+
+ /* It would be ideal if we could convert partial lookups to only have
+ * to do this work when they really need to. It could probably improve
+ * performance quite a bit, and maybe simplify the rest of the code.
+ */
+ if (lookupmode == INTERPOSE_PARTIAL) {
+ bstart++;
+ if ((bopaque != -1) && (bopaque < bend))
+ bend = bopaque;
+ }
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (lookupmode == INTERPOSE_PARTIAL && hidden_dentry)
+ continue;
+ BUG_ON(hidden_dentry != NULL);
+
+ hidden_dir_dentry = unionfs_lower_dentry_idx(parent_dentry, bindex);
+
+ /* if the parent hidden dentry does not exist skip this */
+ if (!(hidden_dir_dentry && hidden_dir_dentry->d_inode))
+ continue;
+
+ /* also skip it if the parent isn't a directory. */
+ if (!S_ISDIR(hidden_dir_dentry->d_inode->i_mode))
+ continue;
+
+ /* Reuse the whiteout name because its value doesn't change. */
+ if (!whname) {
+ whname = alloc_whname(name, namelen);
+ if (IS_ERR(whname)) {
+ err = PTR_ERR(whname);
+ goto out_free;
+ }
+ }
+
+ /* check if whiteout exists in this branch: lookup .wh.foo */
+ wh_hidden_dentry = lookup_one_len(whname, hidden_dir_dentry,
+ namelen + UNIONFS_WHLEN);
+ if (IS_ERR(wh_hidden_dentry)) {
+ dput(first_hidden_dentry);
+ mntput(first_hidden_mnt);
+ err = PTR_ERR(wh_hidden_dentry);
+ goto out_free;
+ }
+
+ if (wh_hidden_dentry->d_inode) {
+ /* We found a whiteout so lets give up. */
+ if (S_ISREG(wh_hidden_dentry->d_inode->i_mode)) {
+ set_dbend(dentry, bindex);
+ set_dbopaque(dentry, bindex);
+ dput(wh_hidden_dentry);
+ break;
+ }
+ err = -EIO;
+ printk(KERN_NOTICE "EIO: Invalid whiteout entry type"
+ " %d.\n", wh_hidden_dentry->d_inode->i_mode);
+ dput(wh_hidden_dentry);
+ dput(first_hidden_dentry);
+ mntput(first_hidden_mnt);
+ goto out_free;
+ }
+
+ dput(wh_hidden_dentry);
+ wh_hidden_dentry = NULL;
+
+ /* Now do regular lookup; lookup foo */
+ nd->dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ /* FIXME: fix following line for mount point crossing */
+ nd->mnt = unionfs_lower_mnt_idx(parent_dentry, bindex);
+
+ hidden_dentry = lookup_one_len_nd(name, hidden_dir_dentry,
+ namelen, nd);
+ if (IS_ERR(hidden_dentry)) {
+ dput(first_hidden_dentry);
+ mntput(first_hidden_mnt);
+ err = PTR_ERR(hidden_dentry);
+ goto out_free;
+ }
+
+ /* Store the first negative dentry specially, because if they
+ * are all negative we need this for future creates.
+ */
+ if (!hidden_dentry->d_inode) {
+ if (!first_hidden_dentry && (dbstart(dentry) == -1)) {
+ first_hidden_dentry = hidden_dentry;
+ /* FIXME: following line needs to be changed
+ * to allow mountpoint crossing
+ */
+ first_hidden_mnt = mntget(
+ unionfs_lower_mnt_idx(parent_dentry,
+ bindex));
+ first_dentry_offset = bindex;
+ } else
+ dput(hidden_dentry);
+
+ continue;
+ }
+
+ /* number of positive dentries */
+ dentry_count++;
+
+ /* store underlying dentry */
+ if (dbstart(dentry) == -1)
+ set_dbstart(dentry, bindex);
+ unionfs_set_lower_dentry_idx(dentry, bindex, hidden_dentry);
+ /* FIXME: the following line needs to get fixed to allow
+ * mountpoint crossing
+ */
+ unionfs_set_lower_mnt_idx(dentry, bindex,
+ mntget(unionfs_lower_mnt_idx(parent_dentry, bindex)));
+ set_dbend(dentry, bindex);
+
+ /* update parent directory's atime with the bindex */
+ fsstack_copy_attr_atime(parent_dentry->d_inode,
+ hidden_dir_dentry->d_inode);
+
+ /* We terminate file lookups here. */
+ if (!S_ISDIR(hidden_dentry->d_inode->i_mode)) {
+ if (lookupmode == INTERPOSE_PARTIAL)
+ continue;
+ if (dentry_count == 1)
+ goto out_positive;
+ /* This can only happen with mixed D-*-F-* */
+ BUG_ON(!S_ISDIR(unionfs_lower_dentry(dentry)->d_inode->i_mode));
+ continue;
+ }
+
+ opaque = is_opaque_dir(dentry, bindex);
+ if (opaque < 0) {
+ dput(first_hidden_dentry);
+ mntput(first_hidden_mnt);
+ err = opaque;
+ goto out_free;
+ } else if (opaque) {
+ set_dbend(dentry, bindex);
+ set_dbopaque(dentry, bindex);
+ break;
+ }
+ }
+
+ if (dentry_count)
+ goto out_positive;
+ else
+ goto out_negative;
+
+out_negative:
+ if (lookupmode == INTERPOSE_PARTIAL)
+ goto out;
+
+ /* If we've only got negative dentries, then use the leftmost one. */
+ if (lookupmode == INTERPOSE_REVAL) {
+ if (dentry->d_inode)
+ UNIONFS_I(dentry->d_inode)->stale = 1;
+
+ goto out;
+ }
+ /* This should only happen if we found a whiteout. */
+ if (first_dentry_offset == -1) {
+ nd->dentry = dentry;
+ /* FIXME: fix following line for mount point crossing */
+ nd->mnt = unionfs_lower_mnt_idx(parent_dentry, bindex);
+
+ first_hidden_dentry = lookup_one_len_nd(name, hidden_dir_dentry,
+ namelen, nd);
+ first_dentry_offset = bindex;
+ if (IS_ERR(first_hidden_dentry)) {
+ err = PTR_ERR(first_hidden_dentry);
+ goto out;
+ }
+
+ /* FIXME: the following line needs to be changed to allow
+ * mountpoint crossing
+ */
+ first_hidden_mnt = mntget(unionfs_lower_mnt_idx(dentry, bindex));
+ }
+ unionfs_set_lower_dentry_idx(dentry, first_dentry_offset, first_hidden_dentry);
+ unionfs_set_lower_mnt_idx(dentry, first_dentry_offset, first_hidden_mnt);
+ set_dbstart(dentry, first_dentry_offset);
+ set_dbend(dentry, first_dentry_offset);
+
+ if (lookupmode == INTERPOSE_REVAL_NEG)
+ BUG_ON(dentry->d_inode != NULL);
+ else
+ d_add(dentry, NULL);
+ goto out;
+
+/* This part of the code is for positive dentries. */
+out_positive:
+ BUG_ON(dentry_count <= 0);
+
+ /* If we're holding onto the first negative dentry & corresponding
+ * vfsmount - throw it out.
+ */
+ dput(first_hidden_dentry);
+ mntput(first_hidden_mnt);
+
+ /* Partial lookups need to reinterpose, or throw away older negs. */
+ if (lookupmode == INTERPOSE_PARTIAL) {
+ if (dentry->d_inode) {
+ unionfs_reinterpose(dentry);
+ goto out;
+ }
+
+ /* This somehow turned positive, so it is as if we had a
+ * negative revalidation.
+ */
+ lookupmode = INTERPOSE_REVAL_NEG;
+
+ update_bstart(dentry);
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ }
+
+ err = unionfs_interpose(dentry, dentry->d_sb, lookupmode);
+ if (err)
+ goto out_drop;
+
+ goto out;
+
+out_drop:
+ d_drop(dentry);
+
+out_free:
+ /* should dput all the underlying dentries on error condition */
+ bstart = dbstart(dentry);
+ if (bstart >= 0) {
+ bend = dbend(dentry);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ dput(unionfs_lower_dentry_idx(dentry, bindex));
+ mntput(unionfs_lower_mnt_idx(dentry, bindex));
+ }
+ }
+ kfree(UNIONFS_D(dentry)->lower_paths);
+ UNIONFS_D(dentry)->lower_paths = NULL;
+ set_dbstart(dentry, -1);
+ set_dbend(dentry, -1);
+
+out:
+ if (!err && UNIONFS_D(dentry)) {
+ BUG_ON(dbend(dentry) > UNIONFS_D(dentry)->bcount);
+ BUG_ON(dbend(dentry) > sbmax(dentry->d_sb));
+ BUG_ON(dbstart(dentry) < 0);
+ }
+ kfree(whname);
+ if (locked_parent)
+ unlock_dentry(parent_dentry);
+ dput(parent_dentry);
+ if (locked_child)
+ unlock_dentry(dentry);
+ return ERR_PTR(err);
+}
+
+/* This is a utility function that fills in a unionfs dentry.*/
+int unionfs_partial_lookup(struct dentry *dentry)
+{
+ struct dentry *tmp;
+ struct nameidata nd = { .flags = 0 };
+
+ tmp = unionfs_lookup_backend(dentry, &nd, INTERPOSE_PARTIAL);
+ if (!tmp)
+ return 0;
+ if (IS_ERR(tmp))
+ return PTR_ERR(tmp);
+ /* need to change the interface */
+ BUG_ON(tmp != dentry);
+ return -ENOSYS;
+}
+
+/* The rest of these are utility functions for lookup. */
+static int is_opaque_dir(struct dentry *dentry, int bindex)
+{
+ int err = 0;
+ struct dentry *hidden_dentry;
+ struct dentry *wh_hidden_dentry;
+ struct inode *hidden_inode;
+ struct sioq_args args;
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ hidden_inode = hidden_dentry->d_inode;
+
+ BUG_ON(!S_ISDIR(hidden_inode->i_mode));
+
+ mutex_lock(&hidden_inode->i_mutex);
+
+ if (!permission(hidden_inode, MAY_EXEC, NULL))
+ wh_hidden_dentry = lookup_one_len(UNIONFS_DIR_OPAQUE, hidden_dentry,
+ sizeof(UNIONFS_DIR_OPAQUE) - 1);
+ else {
+ args.is_opaque.dentry = hidden_dentry;
+ run_sioq(__is_opaque_dir, &args);
+ wh_hidden_dentry = args.ret;
+ }
+
+ mutex_unlock(&hidden_inode->i_mutex);
+
+ if (IS_ERR(wh_hidden_dentry)) {
+ err = PTR_ERR(wh_hidden_dentry);
+ goto out;
+ }
+
+ /* This is an opaque dir iff wh_hidden_dentry is positive */
+ err = !!wh_hidden_dentry->d_inode;
+
+ dput(wh_hidden_dentry);
+out:
+ return err;
+}
+
+/* is the filename valid == !(whiteout for a file or opaque dir marker) */
+static int is_validname(const char *name)
+{
+ if (!strncmp(name, UNIONFS_WHPFX, UNIONFS_WHLEN))
+ return 0;
+ if (!strncmp(name, UNIONFS_DIR_OPAQUE_NAME,
+ sizeof(UNIONFS_DIR_OPAQUE_NAME) - 1))
+ return 0;
+ return 1;
+}
+
+/* The dentry cache is just so we have properly sized dentries. */
+static struct kmem_cache *unionfs_dentry_cachep;
+int unionfs_init_dentry_cache(void)
+{
+ unionfs_dentry_cachep = kmem_cache_create("unionfs_dentry",
+ sizeof(struct unionfs_dentry_info), 0,
+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
+
+ return (unionfs_dentry_cachep ? 0 : -ENOMEM);
+}
+
+void unionfs_destroy_dentry_cache(void)
+{
+ if (unionfs_dentry_cachep)
+ kmem_cache_destroy(unionfs_dentry_cachep);
+}
+
+void free_dentry_private_data(struct unionfs_dentry_info *udi)
+{
+ if (!udi)
+ return;
+ kmem_cache_free(unionfs_dentry_cachep, udi);
+}
+
+/* allocate new dentry private data, free old one if necessary */
+int new_dentry_private_data(struct dentry *dentry)
+{
+ int newsize;
+ int oldsize = 0;
+ struct unionfs_dentry_info *info = UNIONFS_D(dentry);
+
+ spin_lock(&dentry->d_lock);
+ if (!info) {
+ dentry->d_fsdata = kmem_cache_alloc(unionfs_dentry_cachep,
+ GFP_ATOMIC);
+ info = UNIONFS_D(dentry);
+
+ if (!info)
+ goto out;
+ init_MUTEX_LOCKED(&info->sem);
+
+ info->lower_paths = NULL;
+ } else
+ oldsize = sizeof(struct path) * info->bcount;
+
+ info->bstart = -1;
+ info->bend = -1;
+ info->bopaque = -1;
+ info->bcount = sbmax(dentry->d_sb);
+ atomic_set(&info->generation,
+ atomic_read(&UNIONFS_SB(dentry->d_sb)->generation));
+ newsize = sizeof(struct path) * sbmax(dentry->d_sb);
+
+ /* Don't reallocate when we already have enough space. */
+ /* It would be ideal if we could actually use the slab macros to
+ * determine what our object sizes is, but those are not exported.
+ */
+ if (oldsize) {
+ int minsize = malloc_sizes[0].cs_size;
+
+ if (!newsize || ((oldsize < newsize) && (newsize > minsize))) {
+ kfree(info->lower_paths);
+ info->lower_paths = NULL;
+ }
+ }
+
+ if (!info->lower_paths && newsize) {
+ info->lower_paths = kmalloc(newsize, GFP_ATOMIC);
+ if (!info->lower_paths)
+ goto out_free;
+ }
+
+ memset(info->lower_paths, 0, (oldsize > newsize ? oldsize : newsize));
+
+ spin_unlock(&dentry->d_lock);
+ return 0;
+
+out_free:
+ kfree(info->lower_paths);
+
+out:
+ free_dentry_private_data(info);
+ dentry->d_fsdata = NULL;
+ spin_unlock(&dentry->d_lock);
+ return -ENOMEM;
+}
+
+/* scan through the lower dentry objects, and set bstart to reflect the
+ * starting branch
+ */
+void update_bstart(struct dentry *dentry)
+{
+ int bindex;
+ int bstart = dbstart(dentry);
+ int bend = dbend(dentry);
+ struct dentry *hidden_dentry;
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+ if (hidden_dentry->d_inode) {
+ set_dbstart(dentry, bindex);
+ break;
+ }
+ dput(hidden_dentry);
+ unionfs_set_lower_dentry_idx(dentry, bindex, NULL);
+ }
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
Global include file - can be included from userspace by utilities.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
include/linux/magic.h | 2 ++
include/linux/union_fs.h | 18 ++++++++++++++++++
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/include/linux/magic.h b/include/linux/magic.h
index b78bbf4..ab4261c 100644
--- a/include/linux/magic.h
+++ b/include/linux/magic.h
@@ -33,6 +33,8 @@
#define REISER2FS_SUPER_MAGIC_STRING "ReIsEr2Fs"
#define REISER2FS_JR_SUPER_MAGIC_STRING "ReIsEr3Fs"
+#define UNIONFS_SUPER_MAGIC 0xf15f083d
+
#define SMB_SUPER_MAGIC 0x517B
#define USBDEVICE_SUPER_MAGIC 0x9fa2
diff --git a/include/linux/union_fs.h b/include/linux/union_fs.h
new file mode 100644
index 0000000..b724031
--- /dev/null
+++ b/include/linux/union_fs.h
@@ -0,0 +1,18 @@
+#ifndef _LINUX_UNION_FS_H
+#define _LINUX_UNION_FS_H
+
+#define UNIONFS_VERSION "2.0"
+/*
+ * DEFINITIONS FOR USER AND KERNEL CODE:
+ */
+# define UNIONFS_IOCTL_INCGEN _IOR(0x15, 11, int)
+# define UNIONFS_IOCTL_QUERYFILE _IOR(0x15, 15, int)
+
+/* We don't support normal remount, but unionctl uses it. */
+# define UNIONFS_REMOUNT_MAGIC 0x4a5a4380
+
+/* should be at least LAST_USED_UNIONFS_PERMISSION<<1 */
+#define MAY_NFSRO 16
+
+#endif /* _LINUX_UNIONFS_H */
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
Workqueue & helper functions used to perform privileged operations on
behalf of the user process.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/sioq.c | 122 +++++++++++++++++++++++++++++++++++++++++++++++++++++
fs/unionfs/sioq.h | 79 ++++++++++++++++++++++++++++++++++
2 files changed, 201 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/sioq.c b/fs/unionfs/sioq.c
new file mode 100644
index 0000000..444a3e5
--- /dev/null
+++ b/fs/unionfs/sioq.c
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* Super-user IO work Queue - sometimes we need to perform actions which
+ * would fail due to the unix permissions on the parent directory (e.g.,
+ * rmdir a directory which appears empty, but in reality contains
+ * whiteouts).
+ */
+
+struct workqueue_struct *sioq;
+
+int __init init_sioq(void)
+{
+ int err;
+
+ sioq = create_workqueue("unionfs_siod");
+ if (!IS_ERR(sioq))
+ return 0;
+
+ err = PTR_ERR(sioq);
+ printk(KERN_ERR "create_workqueue failed %d\n", err);
+ sioq = NULL;
+ return err;
+}
+
+void __exit stop_sioq(void)
+{
+ if (sioq)
+ destroy_workqueue(sioq);
+}
+
+void run_sioq(work_func_t func, struct sioq_args *args)
+{
+ INIT_WORK(&args->work, func);
+
+ init_completion(&args->comp);
+ while (!queue_work(sioq, &args->work)) {
+ /* TODO: do accounting if needed */
+ schedule();
+ }
+ wait_for_completion(&args->comp);
+}
+
+void __unionfs_create(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct create_args *c = &args->create;
+
+ args->err = vfs_create(c->parent, c->dentry, c->mode, c->nd);
+ complete(&args->comp);
+}
+
+void __unionfs_mkdir(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct mkdir_args *m = &args->mkdir;
+
+ args->err = vfs_mkdir(m->parent, m->dentry, m->mode);
+ complete(&args->comp);
+}
+
+void __unionfs_mknod(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct mknod_args *m = &args->mknod;
+
+ args->err = vfs_mknod(m->parent, m->dentry, m->mode, m->dev);
+ complete(&args->comp);
+}
+
+void __unionfs_symlink(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct symlink_args *s = &args->symlink;
+
+ args->err = vfs_symlink(s->parent, s->dentry, s->symbuf, s->mode);
+ complete(&args->comp);
+}
+
+void __unionfs_unlink(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct unlink_args *u = &args->unlink;
+
+ args->err = vfs_unlink(u->parent, u->dentry);
+ complete(&args->comp);
+}
+
+void __delete_whiteouts(struct work_struct *work) {
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+ struct deletewh_args *d = &args->deletewh;
+
+ args->err = do_delete_whiteouts(d->dentry, d->bindex, d->namelist);
+ complete(&args->comp);
+}
+
+void __is_opaque_dir(struct work_struct *work)
+{
+ struct sioq_args *args = container_of(work, struct sioq_args, work);
+
+ args->ret = lookup_one_len(UNIONFS_DIR_OPAQUE, args->is_opaque.dentry,
+ sizeof(UNIONFS_DIR_OPAQUE) - 1);
+ complete(&args->comp);
+}
+
diff --git a/fs/unionfs/sioq.h b/fs/unionfs/sioq.h
new file mode 100644
index 0000000..5a93414
--- /dev/null
+++ b/fs/unionfs/sioq.h
@@ -0,0 +1,79 @@
+#ifndef _SIOQ_H
+#define _SIOQ_H
+
+struct deletewh_args {
+ struct unionfs_dir_state *namelist;
+ struct dentry *dentry;
+ int bindex;
+};
+
+struct is_opaque_args {
+ struct dentry *dentry;
+};
+
+struct create_args {
+ struct inode *parent;
+ struct dentry *dentry;
+ umode_t mode;
+ struct nameidata *nd;
+};
+
+struct mkdir_args {
+ struct inode *parent;
+ struct dentry *dentry;
+ umode_t mode;
+};
+
+struct mknod_args {
+ struct inode *parent;
+ struct dentry *dentry;
+ umode_t mode;
+ dev_t dev;
+};
+
+struct symlink_args {
+ struct inode *parent;
+ struct dentry *dentry;
+ char *symbuf;
+ umode_t mode;
+};
+
+struct unlink_args {
+ struct inode *parent;
+ struct dentry *dentry;
+};
+
+
+struct sioq_args {
+ struct completion comp;
+ struct work_struct work;
+ int err;
+ void *ret;
+
+ union {
+ struct deletewh_args deletewh;
+ struct is_opaque_args is_opaque;
+ struct create_args create;
+ struct mkdir_args mkdir;
+ struct mknod_args mknod;
+ struct symlink_args symlink;
+ struct unlink_args unlink;
+ };
+};
+
+extern struct workqueue_struct *sioq;
+extern int __init init_sioq(void);
+extern __exit void stop_sioq(void);
+extern void run_sioq(work_func_t func, struct sioq_args *args);
+
+/* Extern definitions for our privlege escalation helpers */
+extern void __unionfs_create(struct work_struct *work);
+extern void __unionfs_mkdir(struct work_struct *work);
+extern void __unionfs_mknod(struct work_struct *work);
+extern void __unionfs_symlink(struct work_struct *work);
+extern void __unionfs_unlink(struct work_struct *work);
+extern void __delete_whiteouts(struct work_struct *work);
+extern void __is_opaque_dir(struct work_struct *work);
+
+#endif /* _SIOQ_H */
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains an internal Unionfs include file. The include file is
specific to kernel code only, and therefore is separate from
include/linux/unionfs.h.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/union.h | 495 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 495 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/union.h b/fs/unionfs/union.h
new file mode 100644
index 0000000..624132b
--- /dev/null
+++ b/fs/unionfs/union.h
@@ -0,0 +1,495 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef Sipek
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef _UNION_H_
+#define _UNION_H_
+
+#include <linux/dcache.h>
+#include <linux/file.h>
+#include <linux/list.h>
+#include <linux/fs.h>
+#include <linux/mm.h>
+#include <linux/module.h>
+#include <linux/mount.h>
+#include <linux/namei.h>
+#include <linux/page-flags.h>
+#include <linux/pagemap.h>
+#include <linux/poll.h>
+#include <linux/security.h>
+#include <linux/seq_file.h>
+#include <linux/slab.h>
+#include <linux/spinlock.h>
+#include <linux/smp_lock.h>
+#include <linux/statfs.h>
+#include <linux/string.h>
+#include <linux/vmalloc.h>
+#include <linux/writeback.h>
+#include <linux/fs_stack.h>
+#include <linux/magic.h>
+
+#include <asm/mman.h>
+#include <asm/system.h>
+
+#include <linux/union_fs.h>
+
+/* the file system name */
+#define UNIONFS_NAME "unionfs"
+
+/* unionfs root inode number */
+#define UNIONFS_ROOT_INO 1
+
+/* Mount time flags */
+#define MOUNT_FLAG(sb) (UNIONFS_SB(sb)->mount_flag)
+
+/* number of characters while generating unique temporary file names */
+#define UNIONFS_TMPNAM_LEN 12
+
+/* number of times we try to get a unique temporary file name */
+#define GET_TMPNAM_MAX_RETRY 5
+
+/* Operations vectors defined in specific files. */
+extern struct file_operations unionfs_main_fops;
+extern struct file_operations unionfs_dir_fops;
+extern struct inode_operations unionfs_main_iops;
+extern struct inode_operations unionfs_dir_iops;
+extern struct inode_operations unionfs_symlink_iops;
+extern struct super_operations unionfs_sops;
+extern struct dentry_operations unionfs_dops;
+
+/* How long should an entry be allowed to persist */
+#define RDCACHE_JIFFIES (5*HZ)
+
+/* file private data. */
+struct unionfs_file_info {
+ int bstart;
+ int bend;
+ atomic_t generation;
+
+ struct unionfs_dir_state *rdstate;
+ struct file **lower_files;
+};
+
+/* unionfs inode data in memory */
+struct unionfs_inode_info {
+ int bstart;
+ int bend;
+ atomic_t generation;
+ int stale;
+ /* Stuff for readdir over NFS. */
+ spinlock_t rdlock;
+ struct list_head readdircache;
+ int rdcount;
+ int hashsize;
+ int cookie;
+
+ /* The hidden inodes */
+ struct inode **lower_inodes;
+ /* to keep track of reads/writes for unlinks before closes */
+ atomic_t totalopens;
+
+ struct inode vfs_inode;
+};
+
+/* unionfs dentry data in memory */
+struct unionfs_dentry_info {
+ /* The semaphore is used to lock the dentry as soon as we get into a
+ * unionfs function from the VFS. Our lock ordering is that children
+ * go before their parents.
+ */
+ struct semaphore sem;
+ int bstart;
+ int bend;
+ int bopaque;
+ int bcount;
+ atomic_t generation;
+ struct path *lower_paths;
+};
+
+/* These are the pointers to our various objects. */
+struct unionfs_data {
+ struct super_block *sb;
+ struct vfsmount *hidden_mnt;
+ atomic_t sbcount;
+ int branchperms;
+};
+
+/* unionfs super-block data in memory */
+struct unionfs_sb_info {
+ int bend;
+
+ atomic_t generation;
+ unsigned long mount_flag;
+ struct rw_semaphore rwsem;
+
+ struct unionfs_data *data;
+};
+
+/*
+ * structure for making the linked list of entries by readdir on left branch
+ * to compare with entries on right branch
+ */
+struct filldir_node {
+ struct list_head file_list; /* list for directory entries */
+ char *name; /* name entry */
+ int hash; /* name hash */
+ int namelen; /* name len since name is not 0 terminated */
+
+ /* we can check for duplicate whiteouts and files in the same branch
+ * in order to return -EIO.
+ */
+ int bindex;
+
+ /* is this a whiteout entry? */
+ int whiteout;
+
+ /* Inline name, so we don't need to separately kmalloc small ones */
+ char iname[DNAME_INLINE_LEN_MIN];
+};
+
+/* Directory hash table. */
+struct unionfs_dir_state {
+ unsigned int cookie; /* The cookie, which is based off of rdversion */
+ unsigned int offset; /* The entry we have returned. */
+ int bindex;
+ loff_t dirpos; /* The offset within the lower level directory. */
+ int size; /* How big is the hash table? */
+ int hashentries; /* How many entries have been inserted? */
+ unsigned long access;
+
+ /* This cache list is used when the inode keeps us around. */
+ struct list_head cache;
+ struct list_head list[0];
+};
+
+/* include miscellaneous macros */
+#include "fanout.h"
+#include "sioq.h"
+
+/* Cache creation/deletion routines. */
+void unionfs_destroy_filldir_cache(void);
+int unionfs_init_filldir_cache(void);
+int unionfs_init_inode_cache(void);
+void unionfs_destroy_inode_cache(void);
+int unionfs_init_dentry_cache(void);
+void unionfs_destroy_dentry_cache(void);
+
+/* Initialize and free readdir-specific state. */
+int init_rdstate(struct file *file);
+struct unionfs_dir_state *alloc_rdstate(struct inode *inode, int bindex);
+struct unionfs_dir_state *find_rdstate(struct inode *inode, loff_t fpos);
+void free_rdstate(struct unionfs_dir_state *state);
+int add_filldir_node(struct unionfs_dir_state *rdstate, const char *name,
+ int namelen, int bindex, int whiteout);
+struct filldir_node *find_filldir_node(struct unionfs_dir_state *rdstate,
+ const char *name, int namelen);
+
+struct dentry **alloc_new_dentries(int objs);
+struct unionfs_data *alloc_new_data(int objs);
+
+/* We can only use 32-bits of offset for rdstate --- blech! */
+#define DIREOF (0xfffff)
+#define RDOFFBITS 20 /* This is the number of bits in DIREOF. */
+#define MAXRDCOOKIE (0xfff)
+/* Turn an rdstate into an offset. */
+static inline off_t rdstate2offset(struct unionfs_dir_state *buf)
+{
+ off_t tmp;
+ tmp = ((buf->cookie & MAXRDCOOKIE) << RDOFFBITS)
+ | (buf->offset & DIREOF);
+ return tmp;
+}
+
+#define unionfs_read_lock(sb) down_read(&UNIONFS_SB(sb)->rwsem)
+#define unionfs_read_unlock(sb) up_read(&UNIONFS_SB(sb)->rwsem)
+#define unionfs_write_lock(sb) down_write(&UNIONFS_SB(sb)->rwsem)
+#define unionfs_write_unlock(sb) up_write(&UNIONFS_SB(sb)->rwsem)
+
+static inline void double_lock_dentry(struct dentry *d1, struct dentry *d2)
+{
+ if (d2 < d1) {
+ struct dentry *tmp = d1;
+ d1 = d2;
+ d2 = tmp;
+ }
+ lock_dentry(d1);
+ lock_dentry(d2);
+}
+
+extern int new_dentry_private_data(struct dentry *dentry);
+void free_dentry_private_data(struct unionfs_dentry_info *udi);
+void update_bstart(struct dentry *dentry);
+
+/*
+ * EXTERNALS:
+ */
+
+/* replicates the directory structure upto given dentry in given branch */
+extern struct dentry *create_parents(struct inode *dir, struct dentry *dentry,
+ int bindex);
+struct dentry *create_parents_named(struct inode *dir, struct dentry *dentry,
+ const char *name, int bindex);
+
+/* check if two branches overlap */
+extern int is_branch_overlap(struct dentry *dent1, struct dentry *dent2);
+
+/* partial lookup */
+extern int unionfs_partial_lookup(struct dentry *dentry);
+
+/* Pass an unionfs dentry and an index and it will try to create a whiteout
+ * in branch 'index'.
+ *
+ * On error, it will proceed to a branch to the left
+ */
+extern int create_whiteout(struct dentry *dentry, int start);
+/* copies a file from dbstart to newbindex branch */
+extern int copyup_file(struct inode *dir, struct file *file, int bstart,
+ int newbindex, loff_t size);
+extern int copyup_named_file(struct inode *dir, struct file *file,
+ char *name, int bstart, int new_bindex,
+ loff_t len);
+/* copies a dentry from dbstart to newbindex branch */
+extern int copyup_dentry(struct inode *dir, struct dentry *dentry, int bstart,
+ int new_bindex, struct file **copyup_file, loff_t len);
+extern int copyup_named_dentry(struct inode *dir, struct dentry *dentry,
+ int bstart, int new_bindex, const char *name,
+ int namelen, struct file **copyup_file,
+ loff_t len);
+
+extern int remove_whiteouts(struct dentry *dentry, struct dentry *hidden_dentry,
+ int bindex);
+
+extern int do_delete_whiteouts(struct dentry *dentry, int bindex,
+ struct unionfs_dir_state *namelist);
+
+/* Is this directory empty: 0 if it is empty, -ENOTEMPTY if not. */
+extern int check_empty(struct dentry *dentry,
+ struct unionfs_dir_state **namelist);
+/* Delete whiteouts from this directory in branch bindex. */
+extern int delete_whiteouts(struct dentry *dentry, int bindex,
+ struct unionfs_dir_state *namelist);
+
+/* Re-lookup a hidden dentry. */
+extern int unionfs_refresh_hidden_dentry(struct dentry *dentry, int bindex);
+
+extern void unionfs_reinterpose(struct dentry *this_dentry);
+extern struct super_block *unionfs_duplicate_super(struct super_block *sb);
+
+/* Locking functions. */
+extern int unionfs_setlk(struct file *file, int cmd, struct file_lock *fl);
+extern int unionfs_getlk(struct file *file, struct file_lock *fl);
+
+/* Common file operations. */
+extern int unionfs_file_revalidate(struct file *file, int willwrite);
+extern int unionfs_open(struct inode *inode, struct file *file);
+extern int unionfs_file_release(struct inode *inode, struct file *file);
+extern int unionfs_flush(struct file *file, fl_owner_t id);
+extern long unionfs_ioctl(struct file *file, unsigned int cmd,
+ unsigned long arg);
+
+/* Inode operations */
+extern int unionfs_rename(struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry);
+int unionfs_unlink(struct inode *dir, struct dentry *dentry);
+int unionfs_rmdir(struct inode *dir, struct dentry *dentry);
+
+int unionfs_d_revalidate(struct dentry *dentry, struct nameidata *nd);
+
+/* The values for unionfs_interpose's flag. */
+#define INTERPOSE_DEFAULT 0
+#define INTERPOSE_LOOKUP 1
+#define INTERPOSE_REVAL 2
+#define INTERPOSE_REVAL_NEG 3
+#define INTERPOSE_PARTIAL 4
+
+extern int unionfs_interpose(struct dentry *this_dentry, struct super_block *sb,
+ int flag);
+
+/* Branch management ioctls. */
+int unionfs_ioctl_incgen(struct file *file, unsigned int cmd,
+ unsigned long arg);
+int unionfs_ioctl_queryfile(struct file *file, unsigned int cmd,
+ unsigned long arg);
+
+/* Verify that a branch is valid. */
+int check_branch(struct nameidata *nd);
+
+/* The root directory is unhashed, but isn't deleted. */
+static inline int d_deleted(struct dentry *d)
+{
+ return d_unhashed(d) && (d != d->d_sb->s_root);
+}
+
+/* returns the sum of the n_link values of all the underlying inodes of the
+ * passed inode
+ */
+static inline int unionfs_get_nlinks(struct inode *inode)
+{
+ int sum_nlinks = 0;
+ int dirs = 0;
+ int bindex;
+ struct inode *hidden_inode;
+
+ /* don't bother to do all the work since we're unlinked */
+ if (inode->i_nlink == 0)
+ return 0;
+
+ if (!S_ISDIR(inode->i_mode))
+ return unionfs_lower_inode(inode)->i_nlink;
+
+ for (bindex = ibstart(inode); bindex <= ibend(inode); bindex++) {
+ hidden_inode = unionfs_lower_inode_idx(inode, bindex);
+
+ /* ignore files */
+ if (!hidden_inode || !S_ISDIR(hidden_inode->i_mode))
+ continue;
+
+ BUG_ON(hidden_inode->i_nlink < 0);
+
+ /* A deleted directory. */
+ if (hidden_inode->i_nlink == 0)
+ continue;
+ dirs++;
+
+ /*
+ * A broken directory...
+ *
+ * Some filesystems don't properly set the number of links
+ * on empty directories
+ */
+ if (hidden_inode->i_nlink == 1)
+ sum_nlinks += 2;
+ else
+ sum_nlinks += (hidden_inode->i_nlink - 2);
+ }
+
+ return (!dirs ? 0 : sum_nlinks + 2);
+}
+
+struct dentry *unionfs_lookup_backend(struct dentry *dentry, struct nameidata *nd, int lookupmode);
+int is_stale_inode(struct inode *inode);
+void make_stale_inode(struct inode *inode);
+
+#define IS_SET(sb, check_flag) ((check_flag) & MOUNT_FLAG(sb))
+
+/* unionfs_permission, check if we should bypass error to facilitate copyup */
+#define IS_COPYUP_ERR(err) ((err) == -EROFS)
+
+/* unionfs_open, check if we need to copyup the file */
+#define OPEN_WRITE_FLAGS (O_WRONLY | O_RDWR | O_APPEND)
+#define IS_WRITE_FLAG(flag) ((flag) & OPEN_WRITE_FLAGS)
+
+static inline int branchperms(const struct super_block *sb, int index)
+{
+ BUG_ON(index < 0);
+
+ return UNIONFS_SB(sb)->data[index].branchperms;
+}
+
+static inline int set_branchperms(struct super_block *sb, int index, int perms)
+{
+ BUG_ON(index < 0);
+
+ UNIONFS_SB(sb)->data[index].branchperms = perms;
+
+ return perms;
+}
+
+/* Is this file on a read-only branch? */
+static inline int is_robranch_super(const struct super_block *sb, int index)
+{
+ return (!(branchperms(sb, index) & MAY_WRITE)) ? -EROFS : 0;
+}
+
+/* Is this file on a read-only branch? */
+static inline int is_robranch_idx(const struct dentry *dentry, int index)
+{
+ int err = 0;
+
+ BUG_ON(index < 0);
+
+ if ((!(branchperms(dentry->d_sb, index) & MAY_WRITE)) ||
+ IS_RDONLY(unionfs_lower_dentry_idx(dentry, index)->d_inode))
+ err = -EROFS;
+
+ return err;
+}
+
+static inline int is_robranch(const struct dentry *dentry)
+{
+ int index;
+
+ index = UNIONFS_D(dentry)->bstart;
+ BUG_ON(index < 0);
+
+ return is_robranch_idx(dentry, index);
+}
+
+/* What do we use for whiteouts. */
+#define UNIONFS_WHPFX ".wh."
+#define UNIONFS_WHLEN 4
+/* If a directory contains this file, then it is opaque. We start with the
+ * .wh. flag so that it is blocked by lookup.
+ */
+#define UNIONFS_DIR_OPAQUE_NAME "__dir_opaque"
+#define UNIONFS_DIR_OPAQUE UNIONFS_WHPFX UNIONFS_DIR_OPAQUE_NAME
+
+/* construct whiteout filename */
+static inline char *alloc_whname(const char *name, int len)
+{
+ char *buf;
+
+ buf = kmalloc(len + UNIONFS_WHLEN + 1, GFP_KERNEL);
+ if (!buf)
+ return ERR_PTR(-ENOMEM);
+
+ strcpy(buf, UNIONFS_WHPFX);
+ strlcat(buf, name, len + UNIONFS_WHLEN + 1);
+
+ return buf;
+}
+
+#define VALID_MOUNT_FLAGS (0)
+
+#ifndef DEFAULT_POLLMASK
+#define DEFAULT_POLLMASK (POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM)
+#endif
+
+/*
+ * EXTERNALS:
+ */
+
+/* These two functions are here because it is kind of daft to copy and paste the
+ * contents of the two functions to 32+ places in unionfs
+ */
+static inline struct dentry *lock_parent(struct dentry *dentry)
+{
+ struct dentry *dir = dget(dentry->d_parent);
+
+ mutex_lock(&dir->d_inode->i_mutex);
+ return dir;
+}
+
+static inline void unlock_dir(struct dentry *dir)
+{
+ mutex_unlock(&dir->d_inode->i_mutex);
+ dput(dir);
+}
+
+extern int make_dir_opaque(struct dentry *dir, int bindex);
+
+#endif /* not _UNION_H_ */
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This file contains the routines for maintaining readdir state.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/rdstate.c | 288 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 288 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/rdstate.c b/fs/unionfs/rdstate.c
new file mode 100644
index 0000000..a970346
--- /dev/null
+++ b/fs/unionfs/rdstate.c
@@ -0,0 +1,288 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* This file contains the routines for maintaining readdir state. */
+
+/* There are two structures here, rdstate which is a hash table
+ * of the second structure which is a filldir_node.
+ */
+
+/* This is a struct kmem_cache for filldir nodes, because we allocate a lot
+ * of them and they shouldn't waste memory. If the node has a small name
+ * (as defined by the dentry structure), then we use an inline name to
+ * preserve kmalloc space.
+ */
+static struct kmem_cache *unionfs_filldir_cachep;
+
+int unionfs_init_filldir_cache(void)
+{
+ unionfs_filldir_cachep =
+ kmem_cache_create("unionfs_filldir", sizeof(struct filldir_node), 0,
+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
+
+ return (unionfs_filldir_cachep ? 0 : -ENOMEM);
+}
+
+void unionfs_destroy_filldir_cache(void)
+{
+ if (unionfs_filldir_cachep)
+ kmem_cache_destroy(unionfs_filldir_cachep);
+}
+
+/* This is a tuning parameter that tells us roughly how big to make the
+ * hash table in directory entries per page. This isn't perfect, but
+ * at least we get a hash table size that shouldn't be too overloaded.
+ * The following averages are based on my home directory.
+ * 14.44693 Overall
+ * 12.29 Single Page Directories
+ * 117.93 Multi-page directories
+ */
+#define DENTPAGE 4096
+#define DENTPERONEPAGE 12
+#define DENTPERPAGE 118
+#define MINHASHSIZE 1
+static int guesstimate_hash_size(struct inode *inode)
+{
+ struct inode *hidden_inode;
+ int bindex;
+ int hashsize = MINHASHSIZE;
+
+ if (UNIONFS_I(inode)->hashsize > 0)
+ return UNIONFS_I(inode)->hashsize;
+
+ for (bindex = ibstart(inode); bindex <= ibend(inode); bindex++) {
+ if (!(hidden_inode = unionfs_lower_inode_idx(inode, bindex)))
+ continue;
+
+ if (hidden_inode->i_size == DENTPAGE)
+ hashsize += DENTPERONEPAGE;
+ else
+ hashsize += (hidden_inode->i_size / DENTPAGE) * DENTPERPAGE;
+ }
+
+ return hashsize;
+}
+
+int init_rdstate(struct file *file)
+{
+ BUG_ON(sizeof(loff_t) != (sizeof(unsigned int) + sizeof(unsigned int)));
+ BUG_ON(UNIONFS_F(file)->rdstate != NULL);
+
+ UNIONFS_F(file)->rdstate = alloc_rdstate(file->f_dentry->d_inode,
+ fbstart(file));
+
+ return (UNIONFS_F(file)->rdstate ? 0 : -ENOMEM);
+}
+
+struct unionfs_dir_state *find_rdstate(struct inode *inode, loff_t fpos)
+{
+ struct unionfs_dir_state *rdstate = NULL;
+ struct list_head *pos;
+
+ spin_lock(&UNIONFS_I(inode)->rdlock);
+ list_for_each(pos, &UNIONFS_I(inode)->readdircache) {
+ struct unionfs_dir_state *r =
+ list_entry(pos, struct unionfs_dir_state, cache);
+ if (fpos == rdstate2offset(r)) {
+ UNIONFS_I(inode)->rdcount--;
+ list_del(&r->cache);
+ rdstate = r;
+ break;
+ }
+ }
+ spin_unlock(&UNIONFS_I(inode)->rdlock);
+ return rdstate;
+}
+
+struct unionfs_dir_state *alloc_rdstate(struct inode *inode, int bindex)
+{
+ int i = 0;
+ int hashsize;
+ int mallocsize = sizeof(struct unionfs_dir_state);
+ struct unionfs_dir_state *rdstate;
+
+ hashsize = guesstimate_hash_size(inode);
+ mallocsize += hashsize * sizeof(struct list_head);
+ /* Round it up to the next highest power of two. */
+ mallocsize--;
+ mallocsize |= mallocsize >> 1;
+ mallocsize |= mallocsize >> 2;
+ mallocsize |= mallocsize >> 4;
+ mallocsize |= mallocsize >> 8;
+ mallocsize |= mallocsize >> 16;
+ mallocsize++;
+
+ /* This should give us about 500 entries anyway. */
+ if (mallocsize > PAGE_SIZE)
+ mallocsize = PAGE_SIZE;
+
+ hashsize = (mallocsize -
+ sizeof(struct unionfs_dir_state)) / sizeof(struct list_head);
+
+ rdstate = kmalloc(mallocsize, GFP_KERNEL);
+ if (!rdstate)
+ return NULL;
+
+ spin_lock(&UNIONFS_I(inode)->rdlock);
+ if (UNIONFS_I(inode)->cookie >= (MAXRDCOOKIE - 1))
+ UNIONFS_I(inode)->cookie = 1;
+ else
+ UNIONFS_I(inode)->cookie++;
+
+ rdstate->cookie = UNIONFS_I(inode)->cookie;
+ spin_unlock(&UNIONFS_I(inode)->rdlock);
+ rdstate->offset = 1;
+ rdstate->access = jiffies;
+ rdstate->bindex = bindex;
+ rdstate->dirpos = 0;
+ rdstate->hashentries = 0;
+ rdstate->size = hashsize;
+ for (i = 0; i < rdstate->size; i++)
+ INIT_LIST_HEAD(&rdstate->list[i]);
+
+ return rdstate;
+}
+
+static void free_filldir_node(struct filldir_node *node)
+{
+ if (node->namelen >= DNAME_INLINE_LEN_MIN)
+ kfree(node->name);
+ kmem_cache_free(unionfs_filldir_cachep, node);
+}
+
+void free_rdstate(struct unionfs_dir_state *state)
+{
+ struct filldir_node *tmp;
+ int i;
+
+ for (i = 0; i < state->size; i++) {
+ struct list_head *head = &(state->list[i]);
+ struct list_head *pos, *n;
+
+ /* traverse the list and deallocate space */
+ list_for_each_safe(pos, n, head) {
+ tmp = list_entry(pos, struct filldir_node, file_list);
+ list_del(&tmp->file_list);
+ free_filldir_node(tmp);
+ }
+ }
+
+ kfree(state);
+}
+
+struct filldir_node *find_filldir_node(struct unionfs_dir_state *rdstate,
+ const char *name, int namelen)
+{
+ int index;
+ unsigned int hash;
+ struct list_head *head;
+ struct list_head *pos;
+ struct filldir_node *cursor = NULL;
+ int found = 0;
+
+ BUG_ON(namelen <= 0);
+
+ hash = full_name_hash(name, namelen);
+ index = hash % rdstate->size;
+
+ head = &(rdstate->list[index]);
+ list_for_each(pos, head) {
+ cursor = list_entry(pos, struct filldir_node, file_list);
+
+ if (cursor->namelen == namelen && cursor->hash == hash &&
+ !strncmp(cursor->name, name, namelen)) {
+ /* a duplicate exists, and hence no need to create
+ * entry to the list
+ */
+ found = 1;
+
+ /* if the duplicate is in this branch, then the file
+ * system is corrupted.
+ */
+ if (cursor->bindex == rdstate->bindex) {
+ printk(KERN_DEBUG "Possible I/O error "
+ "unionfs_filldir: a file is duplicated "
+ "in the same branch %d: %s\n",
+ rdstate->bindex, cursor->name);
+ }
+ break;
+ }
+ }
+
+ if (!found)
+ cursor = NULL;
+
+ return cursor;
+}
+
+inline struct filldir_node *alloc_filldir_node(const char *name, int namelen,
+ unsigned int hash, int bindex)
+{
+ return kmem_cache_alloc(unionfs_filldir_cachep, GFP_KERNEL);
+}
+
+int add_filldir_node(struct unionfs_dir_state *rdstate, const char *name,
+ int namelen, int bindex, int whiteout)
+{
+ struct filldir_node *new;
+ unsigned int hash;
+ int index;
+ int err = 0;
+ struct list_head *head;
+
+ BUG_ON(namelen <= 0);
+
+ hash = full_name_hash(name, namelen);
+ index = hash % rdstate->size;
+ head = &(rdstate->list[index]);
+
+ new = alloc_filldir_node(name, namelen, hash, bindex);
+ if (!new) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ INIT_LIST_HEAD(&new->file_list);
+ new->namelen = namelen;
+ new->hash = hash;
+ new->bindex = bindex;
+ new->whiteout = whiteout;
+
+ if (namelen < DNAME_INLINE_LEN_MIN)
+ new->name = new->iname;
+ else {
+ new->name = kmalloc(namelen + 1, GFP_KERNEL);
+ if (!new->name) {
+ kmem_cache_free(unionfs_filldir_cachep, new);
+ new = NULL;
+ goto out;
+ }
+ }
+
+ memcpy(new->name, name, namelen);
+ new->name[namelen] = '\0';
+
+ rdstate->hashentries++;
+
+ list_add(&(new->file_list), head);
+out:
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains documentation for Unionfs. You will find several files
outlining basic unification concepts and rename semantics.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
Documentation/filesystems/00-INDEX | 2 +
Documentation/filesystems/unionfs/00-INDEX | 8 +++
Documentation/filesystems/unionfs/concepts.txt | 70 ++++++++++++++++++++++++
Documentation/filesystems/unionfs/rename.txt | 31 +++++++++++
Documentation/filesystems/unionfs/usage.txt | 42 ++++++++++++++
5 files changed, 153 insertions(+), 0 deletions(-)
diff --git a/Documentation/filesystems/00-INDEX b/Documentation/filesystems/00-INDEX
index 4dc28cc..c737e3e 100644
--- a/Documentation/filesystems/00-INDEX
+++ b/Documentation/filesystems/00-INDEX
@@ -82,6 +82,8 @@ udf.txt
- info and mount options for the UDF filesystem.
ufs.txt
- info on the ufs filesystem.
+unionfs/
+ - info on the unionfs filesystem
v9fs.txt
- v9fs is a Unix implementation of the Plan 9 9p remote fs protocol.
vfat.txt
diff --git a/Documentation/filesystems/unionfs/00-INDEX b/Documentation/filesystems/unionfs/00-INDEX
new file mode 100644
index 0000000..32e96f2
--- /dev/null
+++ b/Documentation/filesystems/unionfs/00-INDEX
@@ -0,0 +1,8 @@
+00-INDEX
+ - this file.
+concepts.txt
+ - A brief introduction of concepts
+rename.txt
+ - Information regarding rename operations
+usage.txt
+ - Usage and known limitations
diff --git a/Documentation/filesystems/unionfs/concepts.txt b/Documentation/filesystems/unionfs/concepts.txt
new file mode 100644
index 0000000..d417576
--- /dev/null
+++ b/Documentation/filesystems/unionfs/concepts.txt
@@ -0,0 +1,70 @@
+This file describes the concepts needed by a namespace unification file
+system.
+
+Branch Priority:
+================
+
+Each branch is assigned a unique priority - starting from 0 (highest
+priority). No two branches can have the same priority.
+
+
+Branch Mode:
+============
+
+Each branch is assigned a mode - read-write or read-only. This allows
+directories on media mounted read-write to be used in a read-only manner.
+
+
+Whiteouts:
+==========
+
+A whiteout removes a file name from the namespace. Whiteouts are needed when
+one attempts to remove a file on a read-only branch.
+
+Suppose we have a two-branch union, where branch 0 is read-write and branch
+1 is read-only. And a file 'foo' on branch 1:
+
+./b0/
+./b1/
+./b1/foo
+
+The unified view would simply be:
+
+./union/
+./union/foo
+
+Since 'foo' is stored on a read-only branch, it cannot be removed. A
+whiteout is used to remove the name 'foo' from the unified namespace. Again,
+since branch 1 is read-only, the whiteout cannot be created there. So, we
+try on a higher priority (lower numerically) branch and create the whiteout
+there.
+
+./b0/
+./b0/.wh.foo
+./b1/
+./b1/foo
+
+Later, when Unionfs traverses branches (due to lookup or readdir), it
+eliminate 'foo' from the namespace (as well as the whiteout itself.)
+
+
+Duplicate Elimination:
+======================
+
+It is possible for files on different branches to have the same name.
+Unionfs then has to select which instance of the file to show to the user.
+Given the fact that each branch has a priority associated with it, the
+simplest solution is to take the instance from the highest priority
+(numerically lowest value) and "hide" the others.
+
+
+Copyup:
+=======
+
+When a change is made to the contents of a file's data or meta-data, they
+have to be stored somewhere. The best way is to create a copy of the
+original file on a branch that is writable, and then redirect the write
+though to this copy. The copy must be made on a higher priority branch so
+that lookup and readdir return this newer "version" of the file rather than
+the original (see duplicate elimination).
+
diff --git a/Documentation/filesystems/unionfs/rename.txt b/Documentation/filesystems/unionfs/rename.txt
new file mode 100644
index 0000000..e20bb82
--- /dev/null
+++ b/Documentation/filesystems/unionfs/rename.txt
@@ -0,0 +1,31 @@
+Rename is a complex beast. The following table shows which rename(2) operations
+should succeed and which should fail.
+
+o: success
+E: error (either unionfs or vfs)
+X: EXDEV
+
+none = file does not exist
+file = file is a file
+dir = file is a empty directory
+child= file is a non-empty directory
+wh = file is a directory containing only whiteouts; this makes it logically
+ empty
+
+ none file dir child wh
+file o o E E E
+dir o E o E o
+child X E X E X
+wh o E o E o
+
+
+Renaming directories:
+=====================
+
+Whenever a empty (either physically or logically) directory is being renamed,
+the following sequence of events should take place:
+
+1) Remove whiteouts from both source and destination directory
+2) Rename source to destination
+3) Make destination opaque to prevent anything under it from showing up
+
diff --git a/Documentation/filesystems/unionfs/usage.txt b/Documentation/filesystems/unionfs/usage.txt
new file mode 100644
index 0000000..3968c9e
--- /dev/null
+++ b/Documentation/filesystems/unionfs/usage.txt
@@ -0,0 +1,42 @@
+Unionfs is a stackable unification file system, which can appear to merge
+the contents of several directories (branches), while keeping their physical
+content separate. Unionfs is useful for unified source tree management,
+merged contents of split CD-ROM, merged separate software package
+directories, data grids, and more. Unionfs allows any mix of read-only and
+read-write branches, as well as insertion and deletion of branches anywhere
+in the fan-out. To maintain unix semantics, Unionfs handles elimination of
+duplicates, partial-error conditions, and more.
+
+mount -t unionfs -o branch-option[,union-options[,...]] none MOUNTPOINT
+
+The available branch-option for the mount command is:
+
+dirs=branch[=ro|=rw][:...]
+specifies a separated list of which directories compose the union.
+Directories that come earlier in the list have a higher precedence than
+those which come later. Additionally, read-only or read-write permissions of
+the branch can be specified by appending =ro or =rw (default) to each
+directory.
+
+Syntax:
+dirs=/branch1[=ro|=rw]:/branch2[=ro|=rw]:...:/branchN[=ro|=rw]
+
+Example:
+dirs=/writable_branch=rw:/read-only_branch=ro
+
+
+KNOWN ISSUES:
+=============
+
+The NFS server returns -EACCES for read-only exports, instead of -EROFS.
+This means we can't reliably detect a read-only NFS export.
+
+Modifying a Unionfs branch directly, while the union is mounted, is
+currently unsupported. Any such change can cause Unionfs to oops, or stay
+silent and even RESULT IN DATA LOSS.
+
+Unionfs should not use lookup_one_len() on the underlying fs as it confuses
+NFS. Currently, unionfs_lookup() passes lookup intents to the lower
+filesystem, this eliminates part of the problem. The remaining calls to
+lookup_one_len may need to be changed to pass an intent.
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides unlink functionality for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/unlink.c | 162 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 162 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/unlink.c b/fs/unionfs/unlink.c
new file mode 100644
index 0000000..844835f
--- /dev/null
+++ b/fs/unionfs/unlink.c
@@ -0,0 +1,162 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* unlink a file by creating a whiteout */
+static int unionfs_unlink_whiteout(struct inode *dir, struct dentry *dentry)
+{
+ struct dentry *hidden_dentry;
+ struct dentry *hidden_dir_dentry;
+ int bindex;
+ int err = 0;
+
+ if ((err = unionfs_partial_lookup(dentry)))
+ goto out;
+
+ bindex = dbstart(dentry);
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ goto out;
+
+ hidden_dir_dentry = lock_parent(hidden_dentry);
+
+ /* avoid destroying the hidden inode if the file is in use */
+ dget(hidden_dentry);
+ if (!(err = is_robranch_super(dentry->d_sb, bindex)))
+ err = vfs_unlink(hidden_dir_dentry->d_inode, hidden_dentry);
+ dput(hidden_dentry);
+ fsstack_copy_attr_times(dir, hidden_dir_dentry->d_inode);
+ unlock_dir(hidden_dir_dentry);
+
+ if (err && !IS_COPYUP_ERR(err))
+ goto out;
+
+ if (err) {
+ if (dbstart(dentry) == 0)
+ goto out;
+
+ err = create_whiteout(dentry, dbstart(dentry) - 1);
+ } else if (dbopaque(dentry) != -1)
+ /* There is a hidden lower-priority file with the same name. */
+ err = create_whiteout(dentry, dbopaque(dentry));
+ else
+ err = create_whiteout(dentry, dbstart(dentry));
+
+out:
+ if (!err)
+ dentry->d_inode->i_nlink--;
+
+ /* We don't want to leave negative leftover dentries for revalidate. */
+ if (!err && (dbopaque(dentry) != -1))
+ update_bstart(dentry);
+
+ return err;
+}
+
+int unionfs_unlink(struct inode *dir, struct dentry *dentry)
+{
+ int err = 0;
+
+ lock_dentry(dentry);
+
+ err = unionfs_unlink_whiteout(dir, dentry);
+ /* call d_drop so the system "forgets" about us */
+ if (!err)
+ d_drop(dentry);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+static int unionfs_rmdir_first(struct inode *dir, struct dentry *dentry,
+ struct unionfs_dir_state *namelist)
+{
+ int err;
+ struct dentry *hidden_dentry;
+ struct dentry *hidden_dir_dentry = NULL;
+
+ /* Here we need to remove whiteout entries. */
+ err = delete_whiteouts(dentry, dbstart(dentry), namelist);
+ if (err)
+ goto out;
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ hidden_dir_dentry = lock_parent(hidden_dentry);
+
+ /* avoid destroying the hidden inode if the file is in use */
+ dget(hidden_dentry);
+ if (!(err = is_robranch(dentry)))
+ err = vfs_rmdir(hidden_dir_dentry->d_inode, hidden_dentry);
+ dput(hidden_dentry);
+
+ fsstack_copy_attr_times(dir, hidden_dir_dentry->d_inode);
+ /* propagate number of hard-links */
+ dentry->d_inode->i_nlink = unionfs_get_nlinks(dentry->d_inode);
+
+out:
+ if (hidden_dir_dentry)
+ unlock_dir(hidden_dir_dentry);
+ return err;
+}
+
+int unionfs_rmdir(struct inode *dir, struct dentry *dentry)
+{
+ int err = 0;
+ struct unionfs_dir_state *namelist = NULL;
+
+ lock_dentry(dentry);
+
+ /* check if this unionfs directory is empty or not */
+ err = check_empty(dentry, &namelist);
+ if (err)
+ goto out;
+
+ err = unionfs_rmdir_first(dir, dentry, namelist);
+ /* create whiteout */
+ if (!err)
+ err = create_whiteout(dentry, dbstart(dentry));
+ else {
+ int new_err;
+
+ if (dbstart(dentry) == 0)
+ goto out;
+
+ /* exit if the error returned was NOT -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+
+ new_err = create_whiteout(dentry, dbstart(dentry) - 1);
+ if (new_err != -EEXIST)
+ err = new_err;
+ }
+
+out:
+ /* call d_drop so the system "forgets" about us */
+ if (!err)
+ d_drop(dentry);
+
+ if (namelist)
+ free_rdstate(namelist);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides the inode operations for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/inode.c | 939 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 939 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/inode.c b/fs/unionfs/inode.c
new file mode 100644
index 0000000..1bbef1c
--- /dev/null
+++ b/fs/unionfs/inode.c
@@ -0,0 +1,939 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* declarations added for "sparse" */
+extern struct dentry *unionfs_lookup(struct inode *, struct dentry *,
+ struct nameidata *);
+extern int unionfs_readlink(struct dentry *dentry, char __user * buf,
+ int bufsiz);
+extern void unionfs_put_link(struct dentry *dentry, struct nameidata *nd,
+ void *cookie);
+
+static int unionfs_create(struct inode *parent, struct dentry *dentry,
+ int mode, struct nameidata *nd)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL;
+ struct dentry *wh_dentry = NULL;
+ struct dentry *new_hidden_dentry;
+ struct dentry *hidden_parent_dentry = NULL;
+ int bindex = 0, bstart;
+ char *name = NULL;
+
+ lock_dentry(dentry);
+
+ /* We start out in the leftmost branch. */
+ bstart = dbstart(dentry);
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ /* check if whiteout exists in this branch, i.e. lookup .wh.foo first */
+ name = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ wh_dentry = lookup_one_len(name, hidden_dentry->d_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(wh_dentry)) {
+ err = PTR_ERR(wh_dentry);
+ wh_dentry = NULL;
+ goto out;
+ }
+
+ if (wh_dentry->d_inode) {
+ /* .wh.foo has been found. */
+ /* First truncate it and then rename it to foo (hence having
+ * the same overall effect as a normal create.
+ */
+ struct dentry *hidden_dir_dentry;
+ struct iattr newattrs;
+
+ mutex_lock(&wh_dentry->d_inode->i_mutex);
+ newattrs.ia_valid = ATTR_CTIME | ATTR_MODE | ATTR_ATIME
+ | ATTR_MTIME | ATTR_UID | ATTR_GID | ATTR_FORCE
+ | ATTR_KILL_SUID | ATTR_KILL_SGID;
+
+ newattrs.ia_mode = mode & ~current->fs->umask;
+ newattrs.ia_uid = current->fsuid;
+ newattrs.ia_gid = current->fsgid;
+
+ if (wh_dentry->d_inode->i_size != 0) {
+ newattrs.ia_valid |= ATTR_SIZE;
+ newattrs.ia_size = 0;
+ }
+
+ err = notify_change(wh_dentry, &newattrs);
+
+ mutex_unlock(&wh_dentry->d_inode->i_mutex);
+
+ if (err)
+ printk(KERN_WARNING "unionfs: %s:%d: notify_change "
+ "failed: %d, ignoring..\n",
+ __FILE__, __LINE__, err);
+
+ new_hidden_dentry = unionfs_lower_dentry(dentry);
+ dget(new_hidden_dentry);
+
+ hidden_dir_dentry = dget_parent(wh_dentry);
+ lock_rename(hidden_dir_dentry, hidden_dir_dentry);
+
+ if (!(err = is_robranch_super(dentry->d_sb, bstart))) {
+ err = vfs_rename(hidden_dir_dentry->d_inode,
+ wh_dentry,
+ hidden_dir_dentry->d_inode,
+ new_hidden_dentry);
+ }
+ if (!err) {
+ fsstack_copy_attr_times(parent,
+ new_hidden_dentry->d_parent->d_inode);
+ fsstack_copy_inode_size(parent,
+ new_hidden_dentry->d_parent->d_inode);
+ parent->i_nlink = unionfs_get_nlinks(parent);
+ }
+
+ unlock_rename(hidden_dir_dentry, hidden_dir_dentry);
+ dput(hidden_dir_dentry);
+
+ dput(new_hidden_dentry);
+
+ if (err) {
+ /* exit if the error returned was NOT -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+ /* We were not able to create the file in this
+ * branch, so, we try to create it in one branch to
+ * left
+ */
+ bstart--;
+ } else {
+ /* reset the unionfs dentry to point to the .wh.foo
+ * entry.
+ */
+
+ /* Discard any old reference. */
+ dput(unionfs_lower_dentry(dentry));
+
+ /* Trade one reference to another. */
+ unionfs_set_lower_dentry_idx(dentry, bstart, wh_dentry);
+ wh_dentry = NULL;
+
+ err = unionfs_interpose(dentry, parent->i_sb, 0);
+ goto out;
+ }
+ }
+
+ for (bindex = bstart; bindex >= 0; bindex--) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry) {
+ /* if hidden_dentry is NULL, create the entire
+ * dentry directory structure in branch 'bindex'.
+ * hidden_dentry will NOT be null when bindex == bstart
+ * because lookup passed as a negative unionfs dentry
+ * pointing to a lone negative underlying dentry */
+ hidden_dentry = create_parents(parent, dentry, bindex);
+ if (!hidden_dentry || IS_ERR(hidden_dentry)) {
+ if (IS_ERR(hidden_dentry))
+ err = PTR_ERR(hidden_dentry);
+ continue;
+ }
+ }
+
+ hidden_parent_dentry = lock_parent(hidden_dentry);
+ if (IS_ERR(hidden_parent_dentry)) {
+ err = PTR_ERR(hidden_parent_dentry);
+ goto out;
+ }
+ /* We shouldn't create things in a read-only branch. */
+ if (!(err = is_robranch_super(dentry->d_sb, bindex)))
+ err = vfs_create(hidden_parent_dentry->d_inode,
+ hidden_dentry, mode, nd);
+
+ if (err || !hidden_dentry->d_inode) {
+ unlock_dir(hidden_parent_dentry);
+
+ /* break out of for loop if the error wasn't -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ break;
+ } else {
+ err = unionfs_interpose(dentry, parent->i_sb, 0);
+ if (!err) {
+ fsstack_copy_attr_times(parent,
+ hidden_parent_dentry->d_inode);
+ fsstack_copy_inode_size(parent,
+ hidden_parent_dentry->d_inode);
+ /* update number of links on parent directory */
+ parent->i_nlink = unionfs_get_nlinks(parent);
+ }
+ unlock_dir(hidden_parent_dentry);
+ break;
+ }
+ }
+
+out:
+ dput(wh_dentry);
+ kfree(name);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+struct dentry *unionfs_lookup(struct inode *parent, struct dentry *dentry,
+ struct nameidata *nd)
+{
+ struct nameidata lowernd; /* TODO: be gentler to the stack */
+
+ if (nd)
+ memcpy(&lowernd, nd, sizeof(struct nameidata));
+ else
+ memset(&lowernd, 0, sizeof(struct nameidata));
+
+ /* The locking is done by unionfs_lookup_backend. */
+ return unionfs_lookup_backend(dentry, &lowernd, INTERPOSE_LOOKUP);
+}
+
+static int unionfs_link(struct dentry *old_dentry, struct inode *dir,
+ struct dentry *new_dentry)
+{
+ int err = 0;
+ struct dentry *hidden_old_dentry = NULL;
+ struct dentry *hidden_new_dentry = NULL;
+ struct dentry *hidden_dir_dentry = NULL;
+ struct dentry *whiteout_dentry;
+ char *name = NULL;
+
+ double_lock_dentry(new_dentry, old_dentry);
+
+ hidden_new_dentry = unionfs_lower_dentry(new_dentry);
+
+ /* check if whiteout exists in the branch of new dentry, i.e. lookup
+ * .wh.foo first. If present, delete it
+ */
+ name = alloc_whname(new_dentry->d_name.name, new_dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ whiteout_dentry = lookup_one_len(name, hidden_new_dentry->d_parent,
+ new_dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(whiteout_dentry)) {
+ err = PTR_ERR(whiteout_dentry);
+ goto out;
+ }
+
+ if (!whiteout_dentry->d_inode) {
+ dput(whiteout_dentry);
+ whiteout_dentry = NULL;
+ } else {
+ /* found a .wh.foo entry, unlink it and then call vfs_link() */
+ hidden_dir_dentry = lock_parent(whiteout_dentry);
+ err = is_robranch_super(new_dentry->d_sb, dbstart(new_dentry));
+ if (!err)
+ err = vfs_unlink(hidden_dir_dentry->d_inode,
+ whiteout_dentry);
+
+ fsstack_copy_attr_times(dir, hidden_dir_dentry->d_inode);
+ dir->i_nlink = unionfs_get_nlinks(dir);
+ unlock_dir(hidden_dir_dentry);
+ hidden_dir_dentry = NULL;
+ dput(whiteout_dentry);
+ if (err)
+ goto out;
+ }
+
+ if (dbstart(old_dentry) != dbstart(new_dentry)) {
+ hidden_new_dentry =
+ create_parents(dir, new_dentry, dbstart(old_dentry));
+ err = PTR_ERR(hidden_new_dentry);
+ if (IS_COPYUP_ERR(err))
+ goto docopyup;
+ if (!hidden_new_dentry || IS_ERR(hidden_new_dentry))
+ goto out;
+ }
+ hidden_new_dentry = unionfs_lower_dentry(new_dentry);
+ hidden_old_dentry = unionfs_lower_dentry(old_dentry);
+
+ BUG_ON(dbstart(old_dentry) != dbstart(new_dentry));
+ hidden_dir_dentry = lock_parent(hidden_new_dentry);
+ if (!(err = is_robranch(old_dentry)))
+ err = vfs_link(hidden_old_dentry, hidden_dir_dentry->d_inode,
+ hidden_new_dentry);
+ unlock_dir(hidden_dir_dentry);
+
+docopyup:
+ if (IS_COPYUP_ERR(err)) {
+ int old_bstart = dbstart(old_dentry);
+ int bindex;
+
+ for (bindex = old_bstart - 1; bindex >= 0; bindex--) {
+ err =
+ copyup_dentry(old_dentry->d_parent->
+ d_inode, old_dentry,
+ old_bstart, bindex, NULL,
+ old_dentry->d_inode->i_size);
+ if (!err) {
+ hidden_new_dentry =
+ create_parents(dir, new_dentry, bindex);
+ hidden_old_dentry = unionfs_lower_dentry(old_dentry);
+ hidden_dir_dentry =
+ lock_parent(hidden_new_dentry);
+ /* do vfs_link */
+ err = vfs_link(hidden_old_dentry,
+ hidden_dir_dentry->d_inode,
+ hidden_new_dentry);
+ unlock_dir(hidden_dir_dentry);
+ goto check_link;
+ }
+ }
+ goto out;
+ }
+
+check_link:
+ if (err || !hidden_new_dentry->d_inode)
+ goto out;
+
+ /* Its a hard link, so use the same inode */
+ new_dentry->d_inode = igrab(old_dentry->d_inode);
+ d_instantiate(new_dentry, new_dentry->d_inode);
+ fsstack_copy_attr_all(dir, hidden_new_dentry->d_parent->d_inode,
+ unionfs_get_nlinks);
+ fsstack_copy_inode_size(dir, hidden_new_dentry->d_parent->d_inode);
+
+ /* propagate number of hard-links */
+ old_dentry->d_inode->i_nlink = unionfs_get_nlinks(old_dentry->d_inode);
+
+out:
+ if (!new_dentry->d_inode)
+ d_drop(new_dentry);
+
+ kfree(name);
+
+ unlock_dentry(new_dentry);
+ unlock_dentry(old_dentry);
+
+ return err;
+}
+
+static int unionfs_symlink(struct inode *dir, struct dentry *dentry,
+ const char *symname)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL;
+ struct dentry *whiteout_dentry = NULL;
+ struct dentry *hidden_dir_dentry = NULL;
+ umode_t mode;
+ int bindex = 0, bstart;
+ char *name = NULL;
+
+ lock_dentry(dentry);
+
+ /* We start out in the leftmost branch. */
+ bstart = dbstart(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ /* check if whiteout exists in this branch, i.e. lookup .wh.foo
+ * first. If present, delete it
+ */
+ name = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ whiteout_dentry =
+ lookup_one_len(name, hidden_dentry->d_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(whiteout_dentry)) {
+ err = PTR_ERR(whiteout_dentry);
+ goto out;
+ }
+
+ if (!whiteout_dentry->d_inode) {
+ dput(whiteout_dentry);
+ whiteout_dentry = NULL;
+ } else {
+ /* found a .wh.foo entry, unlink it and then call vfs_symlink() */
+ hidden_dir_dentry = lock_parent(whiteout_dentry);
+
+ if (!(err = is_robranch_super(dentry->d_sb, bstart)))
+ err = vfs_unlink(hidden_dir_dentry->d_inode,
+ whiteout_dentry);
+ dput(whiteout_dentry);
+
+ fsstack_copy_attr_times(dir, hidden_dir_dentry->d_inode);
+ /* propagate number of hard-links */
+ dir->i_nlink = unionfs_get_nlinks(dir);
+
+ unlock_dir(hidden_dir_dentry);
+
+ if (err) {
+ /* exit if the error returned was NOT -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+ /* should now try to create symlink in the another branch */
+ bstart--;
+ }
+ }
+
+ /* deleted whiteout if it was present, now do a normal vfs_symlink()
+ * with possible recursive directory creation
+ */
+ for (bindex = bstart; bindex >= 0; bindex--) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry) {
+ /* if hidden_dentry is NULL, create the entire
+ * dentry directory structure in branch 'bindex'.
+ * hidden_dentry will NOT be null when bindex ==
+ * bstart because lookup passed as a negative
+ * unionfs dentry pointing to a lone negative
+ * underlying dentry
+ */
+ hidden_dentry = create_parents(dir, dentry, bindex);
+ if (!hidden_dentry || IS_ERR(hidden_dentry)) {
+ if (IS_ERR(hidden_dentry))
+ err = PTR_ERR(hidden_dentry);
+
+ printk(KERN_DEBUG "hidden dentry NULL (or error)"
+ "for bindex = %d\n", bindex);
+ continue;
+ }
+ }
+
+ hidden_dir_dentry = lock_parent(hidden_dentry);
+
+ if (!(err = is_robranch_super(dentry->d_sb, bindex))) {
+ mode = S_IALLUGO;
+ err =
+ vfs_symlink(hidden_dir_dentry->d_inode,
+ hidden_dentry, symname, mode);
+ }
+ unlock_dir(hidden_dir_dentry);
+
+ if (err || !hidden_dentry->d_inode) {
+ /* break out of for loop if error returned was NOT -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ break;
+ } else {
+ err = unionfs_interpose(dentry, dir->i_sb, 0);
+ if (!err) {
+ fsstack_copy_attr_times(dir,
+ hidden_dir_dentry->d_inode);
+ fsstack_copy_inode_size(dir,
+ hidden_dir_dentry->d_inode);
+ /* update number of links on parent directory */
+ dir->i_nlink = unionfs_get_nlinks(dir);
+ }
+ break;
+ }
+ }
+
+out:
+ if (!dentry->d_inode)
+ d_drop(dentry);
+
+ kfree(name);
+ unlock_dentry(dentry);
+ return err;
+}
+
+static int unionfs_mkdir(struct inode *parent, struct dentry *dentry, int mode)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL, *whiteout_dentry = NULL;
+ struct dentry *hidden_parent_dentry = NULL;
+ int bindex = 0, bstart;
+ char *name = NULL;
+ int whiteout_unlinked = 0;
+ struct sioq_args args;
+
+ lock_dentry(dentry);
+ bstart = dbstart(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ /* check if whiteout exists in this branch, i.e. lookup .wh.foo first */
+ name = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ whiteout_dentry = lookup_one_len(name, hidden_dentry->d_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(whiteout_dentry)) {
+ err = PTR_ERR(whiteout_dentry);
+ goto out;
+ }
+
+ if (!whiteout_dentry->d_inode) {
+ dput(whiteout_dentry);
+ whiteout_dentry = NULL;
+ } else {
+ hidden_parent_dentry = lock_parent(whiteout_dentry);
+
+ /* found a.wh.foo entry, remove it then do vfs_mkdir */
+ if (!(err = is_robranch_super(dentry->d_sb, bstart))) {
+ args.unlink.parent = hidden_parent_dentry->d_inode;
+ args.unlink.dentry = whiteout_dentry;
+ run_sioq(__unionfs_unlink, &args);
+ err = args.err;
+ }
+ dput(whiteout_dentry);
+
+ unlock_dir(hidden_parent_dentry);
+
+ if (err) {
+ /* exit if the error returned was NOT -EROFS */
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+ bstart--;
+ } else
+ whiteout_unlinked = 1;
+ }
+
+ for (bindex = bstart; bindex >= 0; bindex--) {
+ int i;
+ int bend = dbend(dentry);
+
+ if (is_robranch_super(dentry->d_sb, bindex))
+ continue;
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry) {
+ hidden_dentry = create_parents(parent, dentry, bindex);
+ if (!hidden_dentry || IS_ERR(hidden_dentry)) {
+ printk(KERN_DEBUG "hidden dentry NULL for "
+ "bindex = %d\n", bindex);
+ continue;
+ }
+ }
+
+ hidden_parent_dentry = lock_parent(hidden_dentry);
+
+ if (IS_ERR(hidden_parent_dentry)) {
+ err = PTR_ERR(hidden_parent_dentry);
+ goto out;
+ }
+
+ err = vfs_mkdir(hidden_parent_dentry->d_inode, hidden_dentry, mode);
+
+ unlock_dir(hidden_parent_dentry);
+
+ /* did the mkdir suceed? */
+ if (err)
+ break;
+
+ for (i = bindex + 1; i < bend; i++) {
+ if (unionfs_lower_dentry_idx(dentry, i)) {
+ dput(unionfs_lower_dentry_idx(dentry, i));
+ unionfs_set_lower_dentry_idx(dentry, i, NULL);
+ }
+ }
+ set_dbend(dentry, bindex);
+
+ err = unionfs_interpose(dentry, parent->i_sb, 0);
+ if (!err) {
+ fsstack_copy_attr_times(parent,
+ hidden_parent_dentry->d_inode);
+ fsstack_copy_inode_size(parent,
+ hidden_parent_dentry->d_inode);
+
+ /* update number of links on parent directory */
+ parent->i_nlink = unionfs_get_nlinks(parent);
+ }
+
+ err = make_dir_opaque(dentry, dbstart(dentry));
+ if (err) {
+ printk(KERN_ERR "mkdir: error creating "
+ ".wh.__dir_opaque: %d\n", err);
+ goto out;
+ }
+
+ /* we are done! */
+ break;
+ }
+
+out:
+ if (!dentry->d_inode)
+ d_drop(dentry);
+
+ kfree(name);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+static int unionfs_mknod(struct inode *dir, struct dentry *dentry, int mode,
+ dev_t dev)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL, *whiteout_dentry = NULL;
+ struct dentry *hidden_parent_dentry = NULL;
+ int bindex = 0, bstart;
+ char *name = NULL;
+ int whiteout_unlinked = 0;
+
+ lock_dentry(dentry);
+ bstart = dbstart(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ /* check if whiteout exists in this branch, i.e. lookup .wh.foo first */
+ name = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(name)) {
+ err = PTR_ERR(name);
+ goto out;
+ }
+
+ whiteout_dentry = lookup_one_len(name, hidden_dentry->d_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(whiteout_dentry)) {
+ err = PTR_ERR(whiteout_dentry);
+ goto out;
+ }
+
+ if (!whiteout_dentry->d_inode) {
+ dput(whiteout_dentry);
+ whiteout_dentry = NULL;
+ } else {
+ /* found .wh.foo, unlink it */
+ hidden_parent_dentry = lock_parent(whiteout_dentry);
+
+ /* found a.wh.foo entry, remove it then do vfs_mkdir */
+ if (!(err = is_robranch_super(dentry->d_sb, bstart)))
+ err = vfs_unlink(hidden_parent_dentry->d_inode,
+ whiteout_dentry);
+ dput(whiteout_dentry);
+
+ unlock_dir(hidden_parent_dentry);
+
+ if (err) {
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+
+ bstart--;
+ } else
+ whiteout_unlinked = 1;
+ }
+
+ for (bindex = bstart; bindex >= 0; bindex--) {
+ if (is_robranch_super(dentry->d_sb, bindex))
+ continue;
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry) {
+ hidden_dentry = create_parents(dir, dentry, bindex);
+ if (IS_ERR(hidden_dentry)) {
+ printk(KERN_DEBUG
+ "failed to create parents on %d, err = %ld\n",
+ bindex, PTR_ERR(hidden_dentry));
+ continue;
+ }
+ }
+
+ hidden_parent_dentry = lock_parent(hidden_dentry);
+ if (IS_ERR(hidden_parent_dentry)) {
+ err = PTR_ERR(hidden_parent_dentry);
+ goto out;
+ }
+
+ err = vfs_mknod(hidden_parent_dentry->d_inode,
+ hidden_dentry, mode, dev);
+
+ if (err) {
+ unlock_dir(hidden_parent_dentry);
+ break;
+ }
+
+ err = unionfs_interpose(dentry, dir->i_sb, 0);
+ if (!err) {
+ fsstack_copy_attr_times(dir,
+ hidden_parent_dentry->d_inode);
+ fsstack_copy_inode_size(dir,
+ hidden_parent_dentry->d_inode);
+ /* update number of links on parent directory */
+ dir->i_nlink = unionfs_get_nlinks(dir);
+ }
+ unlock_dir(hidden_parent_dentry);
+
+ break;
+ }
+
+out:
+ if (!dentry->d_inode)
+ d_drop(dentry);
+
+ kfree(name);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+int unionfs_readlink(struct dentry *dentry, char __user * buf, int bufsiz)
+{
+ int err;
+ struct dentry *hidden_dentry;
+
+ lock_dentry(dentry);
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ if (!hidden_dentry->d_inode->i_op ||
+ !hidden_dentry->d_inode->i_op->readlink) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ err = hidden_dentry->d_inode->i_op->readlink(hidden_dentry, buf, bufsiz);
+ if (err > 0)
+ fsstack_copy_attr_atime(dentry->d_inode, hidden_dentry->d_inode);
+
+out:
+ unlock_dentry(dentry);
+ return err;
+}
+
+/* We don't lock the dentry here, because readlink does the heavy lifting. */
+static void *unionfs_follow_link(struct dentry *dentry, struct nameidata *nd)
+{
+ char *buf;
+ int len = PAGE_SIZE, err;
+ mm_segment_t old_fs;
+
+ /* This is freed by the put_link method assuming a successful call. */
+ buf = kmalloc(len, GFP_KERNEL);
+ if (!buf) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ /* read the symlink, and then we will follow it */
+ old_fs = get_fs();
+ set_fs(KERNEL_DS);
+ err = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);
+ set_fs(old_fs);
+ if (err < 0) {
+ kfree(buf);
+ buf = NULL;
+ goto out;
+ }
+ buf[err] = 0;
+ nd_set_link(nd, buf);
+ err = 0;
+
+out:
+ return ERR_PTR(err);
+}
+
+void unionfs_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie)
+{
+ kfree(nd_get_link(nd));
+}
+
+/* Basically copied from the kernel vfs permission(), but we've changed
+ * the following:
+ * (1) the IS_RDONLY check is skipped, and
+ * (2) if you set the mount option `mode=nfsro', we assume that -EACCES
+ * means that the export is read-only and we should check standard Unix
+ * permissions. This means that NFS ACL checks (or other advanced
+ * permission features) are bypassed. Note however, that we do call
+ * security_inode_permission, and therefore security inside SELinux, etc.
+ * are performed.
+ */
+static int inode_permission(struct inode *inode, int mask, struct nameidata *nd,
+ int bindex)
+{
+ int retval, submask;
+
+ if (mask & MAY_WRITE) {
+ /* The first branch is allowed to be really readonly. */
+ if (bindex == 0) {
+ umode_t mode = inode->i_mode;
+ if (IS_RDONLY(inode) &&
+ (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
+ return -EROFS;
+ }
+ /*
+ * Nobody gets write access to an immutable file.
+ */
+ if (IS_IMMUTABLE(inode))
+ return -EACCES;
+ }
+
+ /* Ordinary permission routines do not understand MAY_APPEND. */
+ submask = mask & ~MAY_APPEND;
+ if (inode->i_op && inode->i_op->permission) {
+ retval = inode->i_op->permission(inode, submask, nd);
+ if ((retval == -EACCES) && (submask & MAY_WRITE) &&
+ (!strcmp("nfs", (inode)->i_sb->s_type->name)) &&
+ (nd) && (nd->mnt) && (nd->mnt->mnt_sb) &&
+ (branchperms(nd->mnt->mnt_sb, bindex) & MAY_NFSRO)) {
+ retval = generic_permission(inode, submask, NULL);
+ }
+ } else
+ retval = generic_permission(inode, submask, NULL);
+
+ if (retval && retval != -EROFS) /* ignore EROFS */
+ return retval;
+
+ retval = security_inode_permission(inode, mask, nd);
+ return ((retval == -EROFS) ? 0 : retval); /* ignore EROFS */
+}
+
+static int unionfs_permission(struct inode *inode, int mask,
+ struct nameidata *nd)
+{
+ struct inode *hidden_inode = NULL;
+ int err = 0;
+ int bindex, bstart, bend;
+ const int is_file = !S_ISDIR(inode->i_mode);
+ const int write_mask = (mask & MAY_WRITE) && !(mask & MAY_READ);
+
+ bstart = ibstart(inode);
+ bend = ibend(inode);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_inode = unionfs_lower_inode_idx(inode, bindex);
+ if (!hidden_inode)
+ continue;
+
+ /* check the condition for D-F-D underlying files/directories,
+ * we dont have to check for files, if we are checking for
+ * directories.
+ */
+ if (!is_file && !S_ISDIR(hidden_inode->i_mode))
+ continue;
+
+ /* We use our own special version of permission, such that
+ * only the first branch returns -EROFS.
+ */
+ err = inode_permission(hidden_inode, mask, nd, bindex);
+
+ /* The permissions are an intersection of the overall directory
+ * permissions, so we fail if one fails.
+ */
+ if (err)
+ goto out;
+
+ /* only the leftmost file matters. */
+ if (is_file || write_mask) {
+ if (is_file && write_mask) {
+ err = get_write_access(hidden_inode);
+ if (!err)
+ put_write_access(hidden_inode);
+ }
+ break;
+ }
+ }
+
+out:
+ return err;
+}
+
+static int unionfs_setattr(struct dentry *dentry, struct iattr *ia)
+{
+ int err = 0;
+ struct dentry *hidden_dentry;
+ struct inode *inode = NULL;
+ struct inode *hidden_inode = NULL;
+ int bstart, bend, bindex;
+ int i;
+ int copyup = 0;
+
+ lock_dentry(dentry);
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ inode = dentry->d_inode;
+
+ for (bindex = bstart; (bindex <= bend) || (bindex == bstart); bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+ BUG_ON(hidden_dentry->d_inode == NULL);
+
+ /* If the file is on a read only branch */
+ if (is_robranch_super(dentry->d_sb, bindex)
+ || IS_RDONLY(hidden_dentry->d_inode)) {
+ if (copyup || (bindex != bstart))
+ continue;
+ /* Only if its the leftmost file, copyup the file */
+ for (i = bstart - 1; i >= 0; i--) {
+ loff_t size = dentry->d_inode->i_size;
+ if (ia->ia_valid & ATTR_SIZE)
+ size = ia->ia_size;
+ err = copyup_dentry(dentry->d_parent->d_inode,
+ dentry, bstart, i, NULL,
+ size);
+
+ if (!err) {
+ copyup = 1;
+ hidden_dentry = unionfs_lower_dentry(dentry);
+ break;
+ }
+ /* if error is in the leftmost branch, pass it up */
+ if (i == 0)
+ goto out;
+ }
+
+ }
+ err = notify_change(hidden_dentry, ia);
+ if (err)
+ goto out;
+ break;
+ }
+
+ /* get the size from the first hidden inode */
+ hidden_inode = unionfs_lower_inode(dentry->d_inode);
+ fsstack_copy_attr_all(inode, hidden_inode, unionfs_get_nlinks);
+ fsstack_copy_inode_size(inode, hidden_inode);
+
+out:
+ unlock_dentry(dentry);
+ return err;
+}
+
+struct inode_operations unionfs_symlink_iops = {
+ .readlink = unionfs_readlink,
+ .permission = unionfs_permission,
+ .follow_link = unionfs_follow_link,
+ .setattr = unionfs_setattr,
+ .put_link = unionfs_put_link,
+};
+
+struct inode_operations unionfs_dir_iops = {
+ .create = unionfs_create,
+ .lookup = unionfs_lookup,
+ .link = unionfs_link,
+ .unlink = unionfs_unlink,
+ .symlink = unionfs_symlink,
+ .mkdir = unionfs_mkdir,
+ .rmdir = unionfs_rmdir,
+ .mknod = unionfs_mknod,
+ .rename = unionfs_rename,
+ .permission = unionfs_permission,
+ .setattr = unionfs_setattr,
+};
+
+struct inode_operations unionfs_main_iops = {
+ .permission = unionfs_permission,
+ .setattr = unionfs_setattr,
+};
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains many macros and inline functions used thoughout Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/fanout.h | 177 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 177 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/fanout.h b/fs/unionfs/fanout.h
new file mode 100644
index 0000000..ab3bf2c
--- /dev/null
+++ b/fs/unionfs/fanout.h
@@ -0,0 +1,177 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef Sipek
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef _FANOUT_H_
+#define _FANOUT_H_
+
+/* Inode to private data */
+static inline struct unionfs_inode_info *UNIONFS_I(const struct inode *inode)
+{
+ return container_of(inode, struct unionfs_inode_info, vfs_inode);
+}
+
+#define ibstart(ino) (UNIONFS_I(ino)->bstart)
+#define ibend(ino) (UNIONFS_I(ino)->bend)
+
+/* Superblock to private data */
+#define UNIONFS_SB(super) ((struct unionfs_sb_info *)(super)->s_fs_info)
+#define sbstart(sb) 0
+#define sbend(sb) (UNIONFS_SB(sb)->bend)
+#define sbmax(sb) (UNIONFS_SB(sb)->bend + 1)
+
+/* File to private Data */
+#define UNIONFS_F(file) ((struct unionfs_file_info *)((file)->private_data))
+#define fbstart(file) (UNIONFS_F(file)->bstart)
+#define fbend(file) (UNIONFS_F(file)->bend)
+
+/* File to lower file. */
+static inline struct file *unionfs_lower_file(const struct file *f)
+{
+ return UNIONFS_F(f)->lower_files[fbstart(f)];
+}
+
+static inline struct file *unionfs_lower_file_idx(const struct file *f, int index)
+{
+ return UNIONFS_F(f)->lower_files[index];
+}
+
+static inline void unionfs_set_lower_file_idx(struct file *f, int index, struct file *val)
+{
+ UNIONFS_F(f)->lower_files[index] = val;
+}
+
+static inline void unionfs_set_lower_file(struct file *f, struct file *val)
+{
+ UNIONFS_F(f)->lower_files[fbstart(f)] = val;
+}
+
+/* Inode to lower inode. */
+static inline struct inode *unionfs_lower_inode(const struct inode *i)
+{
+ return UNIONFS_I(i)->lower_inodes[ibstart(i)];
+}
+
+static inline struct inode *unionfs_lower_inode_idx(const struct inode *i, int index)
+{
+ return UNIONFS_I(i)->lower_inodes[index];
+}
+
+static inline void unionfs_set_lower_inode_idx(struct inode *i, int index,
+ struct inode *val)
+{
+ UNIONFS_I(i)->lower_inodes[index] = val;
+}
+
+static inline void unionfs_set_lower_inode(struct inode *i, struct inode *val)
+{
+ UNIONFS_I(i)->lower_inodes[ibstart(i)] = val;
+}
+
+/* Superblock to lower superblock. */
+static inline struct super_block *unionfs_lower_super(const struct super_block *sb)
+{
+ return UNIONFS_SB(sb)->data[sbstart(sb)].sb;
+}
+
+static inline struct super_block *unionfs_lower_super_idx(const struct super_block *sb, int index)
+{
+ return UNIONFS_SB(sb)->data[index].sb;
+}
+
+static inline void unionfs_set_lower_super_idx(struct super_block *sb, int index,
+ struct super_block *val)
+{
+ UNIONFS_SB(sb)->data[index].sb = val;
+}
+
+static inline void unionfs_set_lower_super(struct super_block *sb, struct super_block *val)
+{
+ UNIONFS_SB(sb)->data[sbstart(sb)].sb = val;
+}
+
+/* Branch count macros. */
+static inline int branch_count(const struct super_block *sb, int index)
+{
+ return atomic_read(&UNIONFS_SB(sb)->data[index].sbcount);
+}
+
+static inline void set_branch_count(struct super_block *sb, int index, int val)
+{
+ atomic_set(&UNIONFS_SB(sb)->data[index].sbcount, val);
+}
+
+static inline void branchget(struct super_block *sb, int index)
+{
+ atomic_inc(&UNIONFS_SB(sb)->data[index].sbcount);
+}
+
+static inline void branchput(struct super_block *sb, int index)
+{
+ atomic_dec(&UNIONFS_SB(sb)->data[index].sbcount);
+}
+
+/* Dentry macros */
+static inline struct unionfs_dentry_info *UNIONFS_D(const struct dentry *dent)
+{
+ return dent->d_fsdata;
+}
+
+#define dbstart(dent) (UNIONFS_D(dent)->bstart)
+#define set_dbstart(dent, val) do { UNIONFS_D(dent)->bstart = val; } while(0)
+#define dbend(dent) (UNIONFS_D(dent)->bend)
+#define set_dbend(dent, val) do { UNIONFS_D(dent)->bend = val; } while(0)
+#define dbopaque(dent) (UNIONFS_D(dent)->bopaque)
+#define set_dbopaque(dent, val) do { UNIONFS_D(dent)->bopaque = val; } while (0)
+
+static inline void unionfs_set_lower_dentry_idx(struct dentry *dent, int index,
+ struct dentry *val)
+{
+ UNIONFS_D(dent)->lower_paths[index].dentry = val;
+}
+
+static inline struct dentry *unionfs_lower_dentry_idx(const struct dentry *dent, int index)
+{
+ return UNIONFS_D(dent)->lower_paths[index].dentry;
+}
+
+static inline struct dentry *unionfs_lower_dentry(const struct dentry *dent)
+{
+ return unionfs_lower_dentry_idx(dent, dbstart(dent));
+}
+
+static inline void unionfs_set_lower_mnt_idx(struct dentry *dent, int index,
+ struct vfsmount *mnt)
+{
+ UNIONFS_D(dent)->lower_paths[index].mnt = mnt;
+}
+
+static inline struct vfsmount *unionfs_lower_mnt_idx(const struct dentry *dent, int index)
+{
+ return UNIONFS_D(dent)->lower_paths[index].mnt;
+}
+
+static inline struct vfsmount *unionfs_lower_mnt(const struct dentry *dent)
+{
+ return unionfs_lower_mnt_idx(dent,dbstart(dent));
+}
+
+/* Macros for locking a dentry. */
+#define lock_dentry(d) down(&UNIONFS_D(d)->sem)
+#define unlock_dentry(d) up(&UNIONFS_D(d)->sem)
+#define verify_locked(d)
+
+#endif /* _FANOUT_H */
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains the dentry operations for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/dentry.c | 243 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 243 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/dentry.c b/fs/unionfs/dentry.c
new file mode 100644
index 0000000..740c000
--- /dev/null
+++ b/fs/unionfs/dentry.c
@@ -0,0 +1,243 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* declarations added for "sparse" */
+extern int unionfs_d_revalidate_wrap(struct dentry *dentry,
+ struct nameidata *nd);
+extern void unionfs_d_release(struct dentry *dentry);
+extern void unionfs_d_iput(struct dentry *dentry, struct inode *inode);
+
+/*
+ * returns 1 if valid, 0 otherwise.
+ */
+int unionfs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
+{
+ int valid = 1; /* default is valid (1); invalid is 0. */
+ struct dentry *hidden_dentry;
+ int bindex, bstart, bend;
+ int sbgen, dgen;
+ int positive = 0;
+ int locked = 0;
+ int restart = 0;
+ int interpose_flag;
+
+ struct nameidata lowernd; /* TODO: be gentler to the stack */
+
+ if (nd)
+ memcpy(&lowernd, nd, sizeof(struct nameidata));
+ else
+ memset(&lowernd, 0, sizeof(struct nameidata));
+
+restart:
+ verify_locked(dentry);
+
+ /* if the dentry is unhashed, do NOT revalidate */
+ if (d_deleted(dentry)) {
+ printk(KERN_DEBUG "unhashed dentry being revalidated: %*s\n",
+ dentry->d_name.len, dentry->d_name.name);
+ goto out;
+ }
+
+ BUG_ON(dbstart(dentry) == -1);
+ if (dentry->d_inode)
+ positive = 1;
+ dgen = atomic_read(&UNIONFS_D(dentry)->generation);
+ sbgen = atomic_read(&UNIONFS_SB(dentry->d_sb)->generation);
+ /* If we are working on an unconnected dentry, then there is no
+ * revalidation to be done, because this file does not exist within the
+ * namespace, and Unionfs operates on the namespace, not data.
+ */
+ if (sbgen != dgen) {
+ struct dentry *result;
+ int pdgen;
+
+ unionfs_read_lock(dentry->d_sb);
+ locked = 1;
+
+ /* The root entry should always be valid */
+ BUG_ON(IS_ROOT(dentry));
+
+ /* We can't work correctly if our parent isn't valid. */
+ pdgen = atomic_read(&UNIONFS_D(dentry->d_parent)->generation);
+ if (!restart && (pdgen != sbgen)) {
+ unionfs_read_unlock(dentry->d_sb);
+ locked = 0;
+ /* We must be locked before our parent. */
+ if (!
+ (dentry->d_parent->d_op->
+ d_revalidate(dentry->d_parent, nd))) {
+ valid = 0;
+ goto out;
+ }
+ restart = 1;
+ goto restart;
+ }
+ BUG_ON(pdgen != sbgen);
+
+ /* Free the pointers for our inodes and this dentry. */
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ if (bstart >= 0) {
+ struct dentry *hidden_dentry;
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry =
+ unionfs_lower_dentry_idx(dentry, bindex);
+ dput(hidden_dentry);
+ }
+ }
+ set_dbstart(dentry, -1);
+ set_dbend(dentry, -1);
+
+ interpose_flag = INTERPOSE_REVAL_NEG;
+ if (positive) {
+ interpose_flag = INTERPOSE_REVAL;
+ mutex_lock(&dentry->d_inode->i_mutex);
+ bstart = ibstart(dentry->d_inode);
+ bend = ibend(dentry->d_inode);
+ if (bstart >= 0) {
+ struct inode *hidden_inode;
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_inode =
+ unionfs_lower_inode_idx(dentry->d_inode,
+ bindex);
+ iput(hidden_inode);
+ }
+ }
+ kfree(UNIONFS_I(dentry->d_inode)->lower_inodes);
+ UNIONFS_I(dentry->d_inode)->lower_inodes = NULL;
+ ibstart(dentry->d_inode) = -1;
+ ibend(dentry->d_inode) = -1;
+ mutex_unlock(&dentry->d_inode->i_mutex);
+ }
+
+ result = unionfs_lookup_backend(dentry, &lowernd, interpose_flag);
+ if (result) {
+ if (IS_ERR(result)) {
+ valid = 0;
+ goto out;
+ }
+ /* current unionfs_lookup_backend() doesn't return
+ * a valid dentry
+ */
+ dput(dentry);
+ dentry = result;
+ }
+
+ if (positive && UNIONFS_I(dentry->d_inode)->stale) {
+ make_stale_inode(dentry->d_inode);
+ d_drop(dentry);
+ valid = 0;
+ goto out;
+ }
+ goto out;
+ }
+
+ /* The revalidation must occur across all branches */
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ BUG_ON(bstart == -1);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry || !hidden_dentry->d_op
+ || !hidden_dentry->d_op->d_revalidate)
+ continue;
+
+ if (!hidden_dentry->d_op->d_revalidate(hidden_dentry, nd))
+ valid = 0;
+ }
+
+ if (!dentry->d_inode)
+ valid = 0;
+
+ if (valid) {
+ fsstack_copy_attr_all(dentry->d_inode,
+ unionfs_lower_inode(dentry->d_inode),
+ unionfs_get_nlinks);
+ fsstack_copy_inode_size(dentry->d_inode,
+ unionfs_lower_inode(dentry->d_inode));
+ }
+
+out:
+ if (locked)
+ unionfs_read_unlock(dentry->d_sb);
+ return valid;
+}
+
+int unionfs_d_revalidate_wrap(struct dentry *dentry, struct nameidata *nd)
+{
+ int err;
+
+ lock_dentry(dentry);
+ err = unionfs_d_revalidate(dentry, nd);
+ unlock_dentry(dentry);
+
+ return err;
+}
+
+void unionfs_d_release(struct dentry *dentry)
+{
+ int bindex, bstart, bend;
+
+ /* There is no reason to lock the dentry, because we have the only
+ * reference, but the printing functions verify that we have a lock
+ * on the dentry before calling dbstart, etc.
+ */
+ lock_dentry(dentry);
+
+ /* this could be a negative dentry, so check first */
+ if (!UNIONFS_D(dentry)) {
+ printk(KERN_DEBUG "dentry without private data: %.*s",
+ dentry->d_name.len, dentry->d_name.name);
+ goto out;
+ } else if (dbstart(dentry) < 0) {
+ /* this is due to a failed lookup */
+ printk(KERN_DEBUG "dentry without hidden dentries : %.*s",
+ dentry->d_name.len, dentry->d_name.name);
+ goto out_free;
+ }
+
+ /* Release all the hidden dentries */
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ dput(unionfs_lower_dentry_idx(dentry, bindex));
+ mntput(unionfs_lower_mnt_idx(dentry, bindex));
+
+ unionfs_set_lower_dentry_idx(dentry, bindex, NULL);
+ unionfs_set_lower_mnt_idx(dentry, bindex, NULL);
+ }
+ /* free private data (unionfs_dentry_info) here */
+ kfree(UNIONFS_D(dentry)->lower_paths);
+ UNIONFS_D(dentry)->lower_paths = NULL;
+
+out_free:
+ /* No need to unlock it, because it is disappeared. */
+ free_dentry_private_data(UNIONFS_D(dentry));
+ dentry->d_fsdata = NULL; /* just to be safe */
+
+out:
+ return;
+}
+
+struct dentry_operations unionfs_dops = {
+ .d_revalidate = unionfs_d_revalidate_wrap,
+ .d_release = unionfs_d_release,
+};
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
Provides nicer handling of stale inodes.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/stale_inode.c | 112 ++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 112 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/stale_inode.c b/fs/unionfs/stale_inode.c
new file mode 100644
index 0000000..bce938d
--- /dev/null
+++ b/fs/unionfs/stale_inode.c
@@ -0,0 +1,112 @@
+/*
+ * Adpated from linux/fs/bad_inode.c
+ *
+ * Copyright (C) 1997, Stephen Tweedie
+ *
+ * Provide stub functions for "stale" inodes, a bit friendlier than the
+ * -EIO that bad_inode.c does.
+ */
+
+#include <linux/version.h>
+
+#include <linux/fs.h>
+#include <linux/stat.h>
+#include <linux/sched.h>
+
+static struct address_space_operations unionfs_stale_aops;
+
+/* declarations for "sparse */
+extern struct inode_operations stale_inode_ops;
+
+/*
+ * The follow_link operation is special: it must behave as a no-op
+ * so that a stale root inode can at least be unmounted. To do this
+ * we must dput() the base and return the dentry with a dget().
+ */
+static void *stale_follow_link(struct dentry *dent, struct nameidata *nd)
+{
+ return ERR_PTR(vfs_follow_link(nd, ERR_PTR(-ESTALE)));
+}
+
+static int return_ESTALE(void)
+{
+ return -ESTALE;
+}
+
+#define ESTALE_ERROR ((void *) (return_ESTALE))
+
+static struct file_operations stale_file_ops = {
+ .llseek = ESTALE_ERROR,
+ .read = ESTALE_ERROR,
+ .write = ESTALE_ERROR,
+ .readdir = ESTALE_ERROR,
+ .poll = ESTALE_ERROR,
+ .ioctl = ESTALE_ERROR,
+ .mmap = ESTALE_ERROR,
+ .open = ESTALE_ERROR,
+ .flush = ESTALE_ERROR,
+ .release = ESTALE_ERROR,
+ .fsync = ESTALE_ERROR,
+ .fasync = ESTALE_ERROR,
+ .lock = ESTALE_ERROR,
+};
+
+struct inode_operations stale_inode_ops = {
+ .create = ESTALE_ERROR,
+ .lookup = ESTALE_ERROR,
+ .link = ESTALE_ERROR,
+ .unlink = ESTALE_ERROR,
+ .symlink = ESTALE_ERROR,
+ .mkdir = ESTALE_ERROR,
+ .rmdir = ESTALE_ERROR,
+ .mknod = ESTALE_ERROR,
+ .rename = ESTALE_ERROR,
+ .readlink = ESTALE_ERROR,
+ .follow_link = stale_follow_link,
+ .truncate = ESTALE_ERROR,
+ .permission = ESTALE_ERROR,
+};
+
+/*
+ * When a filesystem is unable to read an inode due to an I/O error in
+ * its read_inode() function, it can call make_stale_inode() to return a
+ * set of stubs which will return ESTALE errors as required.
+ *
+ * We only need to do limited initialisation: all other fields are
+ * preinitialised to zero automatically.
+ */
+
+/**
+ * make_stale_inode - mark an inode stale due to an I/O error
+ * @inode: Inode to mark stale
+ *
+ * When an inode cannot be read due to a media or remote network
+ * failure this function makes the inode "stale" and causes I/O operations
+ * on it to fail from this point on.
+ */
+void make_stale_inode(struct inode *inode)
+{
+ inode->i_mode = S_IFREG;
+ inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
+ inode->i_op = &stale_inode_ops;
+ inode->i_fop = &stale_file_ops;
+ inode->i_mapping->a_ops = &unionfs_stale_aops;
+}
+
+/*
+ * This tests whether an inode has been flagged as stale. The test uses
+ * &stale_inode_ops to cover the case of invalidated inodes as well as
+ * those created by make_stale_inode() above.
+ */
+
+/**
+ * is_stale_inode - is an inode errored
+ * @inode: inode to test
+ *
+ * Returns true if the inode in question has been marked as stale.
+ */
+int is_stale_inode(struct inode *inode)
+{
+ return (inode->i_op == &stale_inode_ops);
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides directory file operations.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/dirfops.c | 263 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 263 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/dirfops.c b/fs/unionfs/dirfops.c
new file mode 100644
index 0000000..e2e6545
--- /dev/null
+++ b/fs/unionfs/dirfops.c
@@ -0,0 +1,263 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* Make sure our rdstate is playing by the rules. */
+static void verify_rdstate_offset(struct unionfs_dir_state *rdstate)
+{
+ BUG_ON(rdstate->offset >= DIREOF);
+ BUG_ON(rdstate->cookie >= MAXRDCOOKIE);
+}
+
+struct unionfs_getdents_callback {
+ struct unionfs_dir_state *rdstate;
+ void *dirent;
+ int entries_written;
+ int filldir_called;
+ int filldir_error;
+ filldir_t filldir;
+ struct super_block *sb;
+};
+
+/* based on generic filldir in fs/readir.c */
+static int unionfs_filldir(void *dirent, const char *name, int namelen,
+ loff_t offset, u64 ino, unsigned int d_type)
+{
+ struct unionfs_getdents_callback *buf = dirent;
+ struct filldir_node *found = NULL;
+ int err = 0;
+ int is_wh_entry = 0;
+
+ buf->filldir_called++;
+
+ if ((namelen > UNIONFS_WHLEN) &&
+ !strncmp(name, UNIONFS_WHPFX, UNIONFS_WHLEN)) {
+ name += UNIONFS_WHLEN;
+ namelen -= UNIONFS_WHLEN;
+ is_wh_entry = 1;
+ }
+
+ found = find_filldir_node(buf->rdstate, name, namelen);
+
+ if (found)
+ goto out;
+
+ /* if 'name' isn't a whiteout, filldir it. */
+ if (!is_wh_entry) {
+ off_t pos = rdstate2offset(buf->rdstate);
+ u64 unionfs_ino = ino;
+
+ if (!err) {
+ err = buf->filldir(buf->dirent, name, namelen, pos,
+ unionfs_ino, d_type);
+ buf->rdstate->offset++;
+ verify_rdstate_offset(buf->rdstate);
+ }
+ }
+ /* If we did fill it, stuff it in our hash, otherwise return an error */
+ if (err) {
+ buf->filldir_error = err;
+ goto out;
+ }
+ buf->entries_written++;
+ if ((err = add_filldir_node(buf->rdstate, name, namelen,
+ buf->rdstate->bindex, is_wh_entry)))
+ buf->filldir_error = err;
+
+out:
+ return err;
+}
+
+static int unionfs_readdir(struct file *file, void *dirent, filldir_t filldir)
+{
+ int err = 0;
+ struct file *hidden_file = NULL;
+ struct inode *inode = NULL;
+ struct unionfs_getdents_callback buf;
+ struct unionfs_dir_state *uds;
+ int bend;
+ loff_t offset;
+
+ if ((err = unionfs_file_revalidate(file, 0)))
+ goto out;
+
+ inode = file->f_dentry->d_inode;
+
+ uds = UNIONFS_F(file)->rdstate;
+ if (!uds) {
+ if (file->f_pos == DIREOF) {
+ goto out;
+ } else if (file->f_pos > 0) {
+ uds = find_rdstate(inode, file->f_pos);
+ if (!uds) {
+ err = -ESTALE;
+ goto out;
+ }
+ UNIONFS_F(file)->rdstate = uds;
+ } else {
+ init_rdstate(file);
+ uds = UNIONFS_F(file)->rdstate;
+ }
+ }
+ bend = fbend(file);
+
+ while (uds->bindex <= bend) {
+ hidden_file = unionfs_lower_file_idx(file, uds->bindex);
+ if (!hidden_file) {
+ uds->bindex++;
+ uds->dirpos = 0;
+ continue;
+ }
+
+ /* prepare callback buffer */
+ buf.filldir_called = 0;
+ buf.filldir_error = 0;
+ buf.entries_written = 0;
+ buf.dirent = dirent;
+ buf.filldir = filldir;
+ buf.rdstate = uds;
+ buf.sb = inode->i_sb;
+
+ /* Read starting from where we last left off. */
+ offset = vfs_llseek(hidden_file, uds->dirpos, 0);
+ if (offset < 0) {
+ err = offset;
+ goto out;
+ }
+ err = vfs_readdir(hidden_file, unionfs_filldir, &buf);
+ /* Save the position for when we continue. */
+
+ offset = vfs_llseek(hidden_file, 0, 1);
+ if (offset < 0) {
+ err = offset;
+ goto out;
+ }
+ uds->dirpos = offset;
+
+ /* Copy the atime. */
+ fsstack_copy_attr_atime(inode, hidden_file->f_dentry->d_inode);
+
+ if (err < 0)
+ goto out;
+
+ if (buf.filldir_error)
+ break;
+
+ if (!buf.entries_written) {
+ uds->bindex++;
+ uds->dirpos = 0;
+ }
+ }
+
+ if (!buf.filldir_error && uds->bindex >= bend) {
+ /* Save the number of hash entries for next time. */
+ UNIONFS_I(inode)->hashsize = uds->hashentries;
+ free_rdstate(uds);
+ UNIONFS_F(file)->rdstate = NULL;
+ file->f_pos = DIREOF;
+ } else
+ file->f_pos = rdstate2offset(uds);
+
+out:
+ return err;
+}
+
+/* This is not meant to be a generic repositioning function. If you do
+ * things that aren't supported, then we return EINVAL.
+ *
+ * What is allowed:
+ * (1) seeking to the same position that you are currently at
+ * This really has no effect, but returns where you are.
+ * (2) seeking to the beginning of the file
+ * This throws out all state, and lets you begin again.
+ */
+static loff_t unionfs_dir_llseek(struct file *file, loff_t offset, int origin)
+{
+ struct unionfs_dir_state *rdstate;
+ loff_t err;
+
+ if ((err = unionfs_file_revalidate(file, 0)))
+ goto out;
+
+ rdstate = UNIONFS_F(file)->rdstate;
+
+ /* We let users seek to their current position, but not anywhere else. */
+ if (!offset) {
+ switch (origin) {
+ case SEEK_SET:
+ if (rdstate) {
+ free_rdstate(rdstate);
+ UNIONFS_F(file)->rdstate = NULL;
+ }
+ init_rdstate(file);
+ err = 0;
+ break;
+ case SEEK_CUR:
+ err = file->f_pos;
+ break;
+ case SEEK_END:
+ /* Unsupported, because we would break everything. */
+ err = -EINVAL;
+ break;
+ }
+ } else {
+ switch (origin) {
+ case SEEK_SET:
+ if (rdstate) {
+ if (offset == rdstate2offset(rdstate))
+ err = offset;
+ else if (file->f_pos == DIREOF)
+ err = DIREOF;
+ else
+ err = -EINVAL;
+ } else {
+ rdstate = find_rdstate(file->f_dentry->d_inode,
+ offset);
+ if (rdstate) {
+ UNIONFS_F(file)->rdstate = rdstate;
+ err = rdstate->offset;
+ } else
+ err = -EINVAL;
+ }
+ break;
+ case SEEK_CUR:
+ case SEEK_END:
+ /* Unsupported, because we would break everything. */
+ err = -EINVAL;
+ break;
+ }
+ }
+
+out:
+ return err;
+}
+
+/* Trimmed directory options, we shouldn't pass everything down since
+ * we don't want to operate on partial directories.
+ */
+struct file_operations unionfs_dir_fops = {
+ .llseek = unionfs_dir_llseek,
+ .read = generic_read_dir,
+ .readdir = unionfs_readdir,
+ .unlocked_ioctl = unionfs_ioctl,
+ .open = unionfs_open,
+ .release = unionfs_file_release,
+ .flush = unionfs_flush,
+};
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch renames lookup_one_len to lookup_one_len_nd, and adds a nameidata
argument. An inline function, lookup_one_len (which calls lookup_one_len_nd
with nd == NULL) preserves original behavior.
The following Unionfs patches depend on this one.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
---
fs/namei.c | 8 ++++----
include/linux/namei.h | 10 +++++++++-
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index e4f108f..5a2e89a 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1292,8 +1292,8 @@ static struct dentry *lookup_hash(struct nameidata *nd)
return __lookup_hash(&nd->last, nd->dentry, nd);
}
-/* SMP-safe */
-struct dentry * lookup_one_len(const char * name, struct dentry * base, int len)
+struct dentry *lookup_one_len_nd(const char *name, struct dentry *base,
+ int len, struct nameidata *nd)
{
unsigned long hash;
struct qstr this;
@@ -1313,7 +1313,7 @@ struct dentry * lookup_one_len(const char * name, struct dentry * base, int len)
}
this.hash = end_name_hash(hash);
- return __lookup_hash(&this, base, NULL);
+ return __lookup_hash(&this, base, nd);
access:
return ERR_PTR(-EACCES);
}
@@ -2757,7 +2757,7 @@ EXPORT_SYMBOL(follow_up);
EXPORT_SYMBOL(get_write_access); /* binfmt_aout */
EXPORT_SYMBOL(getname);
EXPORT_SYMBOL(lock_rename);
-EXPORT_SYMBOL(lookup_one_len);
+EXPORT_SYMBOL(lookup_one_len_nd);
EXPORT_SYMBOL(page_follow_link_light);
EXPORT_SYMBOL(page_put_link);
EXPORT_SYMBOL(page_readlink);
diff --git a/include/linux/namei.h b/include/linux/namei.h
index d39a5a6..941be96 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -81,7 +81,15 @@ extern struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry
extern struct file *nameidata_to_filp(struct nameidata *nd, int flags);
extern void release_open_intent(struct nameidata *);
-extern struct dentry * lookup_one_len(const char *, struct dentry *, int);
+extern struct dentry *lookup_one_len_nd(const char *,
+ struct dentry *, int, struct nameidata *);
+
+/* SMP-safe */
+static inline struct dentry *lookup_one_len(const char *name,
+ struct dentry *dir, int len)
+{
+ return lookup_one_len_nd(name, dir, len, NULL);
+}
extern int follow_down(struct vfsmount **, struct dentry **);
extern int follow_up(struct vfsmount **, struct dentry **);
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains directory manipulation helper functions.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/dirhelper.c | 270 ++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 270 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/dirhelper.c b/fs/unionfs/dirhelper.c
new file mode 100644
index 0000000..496ee1f
--- /dev/null
+++ b/fs/unionfs/dirhelper.c
@@ -0,0 +1,270 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* Delete all of the whiteouts in a given directory for rmdir.
+ *
+ * hidden directory inode should be locked
+ */
+int do_delete_whiteouts(struct dentry *dentry, int bindex,
+ struct unionfs_dir_state *namelist)
+{
+ int err = 0;
+ struct dentry *hidden_dir_dentry = NULL;
+ struct dentry *hidden_dentry;
+ char *name = NULL, *p;
+ struct inode *hidden_dir;
+
+ int i;
+ struct list_head *pos;
+ struct filldir_node *cursor;
+
+ /* Find out hidden parent dentry */
+ hidden_dir_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ BUG_ON(!S_ISDIR(hidden_dir_dentry->d_inode->i_mode));
+ hidden_dir = hidden_dir_dentry->d_inode;
+ BUG_ON(!S_ISDIR(hidden_dir->i_mode));
+
+ err = -ENOMEM;
+ name = __getname();
+ if (!name)
+ goto out;
+ strcpy(name, UNIONFS_WHPFX);
+ p = name + UNIONFS_WHLEN;
+
+ err = 0;
+ for (i = 0; !err && i < namelist->size; i++) {
+ list_for_each(pos, &namelist->list[i]) {
+ cursor =
+ list_entry(pos, struct filldir_node, file_list);
+ /* Only operate on whiteouts in this branch. */
+ if (cursor->bindex != bindex)
+ continue;
+ if (!cursor->whiteout)
+ continue;
+
+ strcpy(p, cursor->name);
+ hidden_dentry =
+ lookup_one_len(name, hidden_dir_dentry,
+ cursor->namelen + UNIONFS_WHLEN);
+ if (IS_ERR(hidden_dentry)) {
+ err = PTR_ERR(hidden_dentry);
+ break;
+ }
+ if (hidden_dentry->d_inode)
+ err = vfs_unlink(hidden_dir, hidden_dentry);
+ dput(hidden_dentry);
+ if (err)
+ break;
+ }
+ }
+
+ __putname(name);
+
+ /* After all of the removals, we should copy the attributes once. */
+ fsstack_copy_attr_times(dentry->d_inode, hidden_dir_dentry->d_inode);
+
+out:
+ return err;
+}
+
+/* delete whiteouts in a dir (for rmdir operation) using sioq if necessary */
+int delete_whiteouts(struct dentry *dentry, int bindex,
+ struct unionfs_dir_state *namelist)
+{
+ int err;
+ struct super_block *sb;
+ struct dentry *hidden_dir_dentry;
+ struct inode *hidden_dir;
+
+ struct sioq_args args;
+
+ sb = dentry->d_sb;
+ unionfs_read_lock(sb);
+
+ BUG_ON(!S_ISDIR(dentry->d_inode->i_mode));
+ BUG_ON(bindex < dbstart(dentry));
+ BUG_ON(bindex > dbend(dentry));
+ err = is_robranch_super(sb, bindex);
+ if (err)
+ goto out;
+
+ hidden_dir_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ BUG_ON(!S_ISDIR(hidden_dir_dentry->d_inode->i_mode));
+ hidden_dir = hidden_dir_dentry->d_inode;
+ BUG_ON(!S_ISDIR(hidden_dir->i_mode));
+
+ mutex_lock(&hidden_dir->i_mutex);
+ if (!permission(hidden_dir, MAY_WRITE | MAY_EXEC, NULL))
+ err = do_delete_whiteouts(dentry, bindex, namelist);
+ else {
+ args.deletewh.namelist = namelist;
+ args.deletewh.dentry = dentry;
+ args.deletewh.bindex = bindex;
+ run_sioq(__delete_whiteouts, &args);
+ err = args.err;
+ }
+ mutex_unlock(&hidden_dir->i_mutex);
+
+out:
+ unionfs_read_unlock(sb);
+ return err;
+}
+
+#define RD_NONE 0
+#define RD_CHECK_EMPTY 1
+/* The callback structure for check_empty. */
+struct unionfs_rdutil_callback {
+ int err;
+ int filldir_called;
+ struct unionfs_dir_state *rdstate;
+ int mode;
+};
+
+/* This filldir function makes sure only whiteouts exist within a directory. */
+static int readdir_util_callback(void *dirent, const char *name, int namelen,
+ loff_t offset, u64 ino, unsigned int d_type)
+{
+ int err = 0;
+ struct unionfs_rdutil_callback *buf = dirent;
+ int whiteout = 0;
+ struct filldir_node *found;
+
+ buf->filldir_called = 1;
+
+ if (name[0] == '.' && (namelen == 1 || (name[1] == '.' && namelen == 2)))
+ goto out;
+
+ if (namelen > UNIONFS_WHLEN &&
+ !strncmp(name, UNIONFS_WHPFX, UNIONFS_WHLEN)) {
+ namelen -= UNIONFS_WHLEN;
+ name += UNIONFS_WHLEN;
+ whiteout = 1;
+ }
+
+ found = find_filldir_node(buf->rdstate, name, namelen);
+ /* If it was found in the table there was a previous whiteout. */
+ if (found)
+ goto out;
+
+ /* If it wasn't found and isn't a whiteout, the directory isn't empty. */
+ err = -ENOTEMPTY;
+ if ((buf->mode == RD_CHECK_EMPTY) && !whiteout)
+ goto out;
+
+ err = add_filldir_node(buf->rdstate, name, namelen,
+ buf->rdstate->bindex, whiteout);
+
+out:
+ buf->err = err;
+ return err;
+}
+
+/* Is a directory logically empty? */
+int check_empty(struct dentry *dentry, struct unionfs_dir_state **namelist)
+{
+ int err = 0;
+ struct dentry *hidden_dentry = NULL;
+ struct super_block *sb;
+ struct file *hidden_file;
+ struct unionfs_rdutil_callback *buf = NULL;
+ int bindex, bstart, bend, bopaque;
+
+ sb = dentry->d_sb;
+
+ unionfs_read_lock(sb);
+
+ BUG_ON(!S_ISDIR(dentry->d_inode->i_mode));
+
+ if ((err = unionfs_partial_lookup(dentry)))
+ goto out;
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ bopaque = dbopaque(dentry);
+ if (0 <= bopaque && bopaque < bend)
+ bend = bopaque;
+
+ buf = kmalloc(sizeof(struct unionfs_rdutil_callback), GFP_KERNEL);
+ if (!buf) {
+ err = -ENOMEM;
+ goto out;
+ }
+ buf->err = 0;
+ buf->mode = RD_CHECK_EMPTY;
+ buf->rdstate = alloc_rdstate(dentry->d_inode, bstart);
+ if (!buf->rdstate) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ /* Process the hidden directories with rdutil_callback as a filldir. */
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+ if (!hidden_dentry->d_inode)
+ continue;
+ if (!S_ISDIR(hidden_dentry->d_inode->i_mode))
+ continue;
+
+ dget(hidden_dentry);
+ mntget(unionfs_lower_mnt_idx(dentry, bindex));
+ branchget(sb, bindex);
+ hidden_file =
+ dentry_open(hidden_dentry, unionfs_lower_mnt_idx(dentry, bindex),
+ O_RDONLY);
+ if (IS_ERR(hidden_file)) {
+ err = PTR_ERR(hidden_file);
+ dput(hidden_dentry);
+ branchput(sb, bindex);
+ goto out;
+ }
+
+ do {
+ buf->filldir_called = 0;
+ buf->rdstate->bindex = bindex;
+ err = vfs_readdir(hidden_file,
+ readdir_util_callback, buf);
+ if (buf->err)
+ err = buf->err;
+ } while ((err >= 0) && buf->filldir_called);
+
+ /* fput calls dput for hidden_dentry */
+ fput(hidden_file);
+ branchput(sb, bindex);
+
+ if (err < 0)
+ goto out;
+ }
+
+out:
+ if (buf) {
+ if (namelist && !err)
+ *namelist = buf->rdstate;
+ else if (buf->rdstate)
+ free_rdstate(buf->rdstate);
+ kfree(buf);
+ }
+
+ unionfs_read_unlock(sb);
+
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides rename functionality for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/rename.c | 445 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 445 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/rename.c b/fs/unionfs/rename.c
new file mode 100644
index 0000000..76ec0ce
--- /dev/null
+++ b/fs/unionfs/rename.c
@@ -0,0 +1,445 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry,
+ int bindex, struct dentry **wh_old)
+{
+ int err = 0;
+ struct dentry *hidden_old_dentry;
+ struct dentry *hidden_new_dentry;
+ struct dentry *hidden_old_dir_dentry;
+ struct dentry *hidden_new_dir_dentry;
+ struct dentry *hidden_wh_dentry;
+ struct dentry *hidden_wh_dir_dentry;
+ char *wh_name = NULL;
+
+ hidden_new_dentry = unionfs_lower_dentry_idx(new_dentry, bindex);
+ hidden_old_dentry = unionfs_lower_dentry_idx(old_dentry, bindex);
+
+ if (!hidden_new_dentry) {
+ hidden_new_dentry =
+ create_parents(new_dentry->d_parent->d_inode, new_dentry, bindex);
+ if (IS_ERR(hidden_new_dentry)) {
+ printk(KERN_DEBUG "error creating directory tree for"
+ " rename, bindex = %d, err = %ld\n",
+ bindex, PTR_ERR(hidden_new_dentry));
+ err = PTR_ERR(hidden_new_dentry);
+ goto out;
+ }
+ }
+
+ wh_name = alloc_whname(new_dentry->d_name.name, new_dentry->d_name.len);
+ if (IS_ERR(wh_name)) {
+ err = PTR_ERR(wh_name);
+ goto out;
+ }
+
+ hidden_wh_dentry = lookup_one_len(wh_name, hidden_new_dentry->d_parent,
+ new_dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(hidden_wh_dentry)) {
+ err = PTR_ERR(hidden_wh_dentry);
+ goto out;
+ }
+
+ if (hidden_wh_dentry->d_inode) {
+ /* get rid of the whiteout that is existing */
+ if (hidden_new_dentry->d_inode) {
+ printk(KERN_WARNING "Both a whiteout and a dentry"
+ " exist when doing a rename!\n");
+ err = -EIO;
+
+ dput(hidden_wh_dentry);
+ goto out;
+ }
+
+ hidden_wh_dir_dentry = lock_parent(hidden_wh_dentry);
+ if (!(err = is_robranch_super(old_dentry->d_sb, bindex)))
+ err = vfs_unlink(hidden_wh_dir_dentry->d_inode,
+ hidden_wh_dentry);
+
+ dput(hidden_wh_dentry);
+ unlock_dir(hidden_wh_dir_dentry);
+ if (err)
+ goto out;
+ } else
+ dput(hidden_wh_dentry);
+
+ dget(hidden_old_dentry);
+ hidden_old_dir_dentry = dget_parent(hidden_old_dentry);
+ hidden_new_dir_dentry = dget_parent(hidden_new_dentry);
+
+ lock_rename(hidden_old_dir_dentry, hidden_new_dir_dentry);
+
+ err = is_robranch_super(old_dentry->d_sb, bindex);
+ if (err)
+ goto out_unlock;
+
+ /* ready to whiteout for old_dentry. caller will create the actual
+ * whiteout, and must dput(*wh_old)
+ */
+ if (wh_old) {
+ char *whname;
+ whname = alloc_whname(old_dentry->d_name.name,
+ old_dentry->d_name.len);
+ err = PTR_ERR(whname);
+ if (IS_ERR(whname))
+ goto out_unlock;
+ *wh_old = lookup_one_len(whname, hidden_old_dir_dentry,
+ old_dentry->d_name.len + UNIONFS_WHLEN);
+ kfree(whname);
+ err = PTR_ERR(*wh_old);
+ if (IS_ERR(*wh_old)) {
+ *wh_old = NULL;
+ goto out_unlock;
+ }
+ }
+
+ err = vfs_rename(hidden_old_dir_dentry->d_inode, hidden_old_dentry,
+ hidden_new_dir_dentry->d_inode, hidden_new_dentry);
+
+out_unlock:
+ unlock_rename(hidden_old_dir_dentry, hidden_new_dir_dentry);
+
+ dput(hidden_old_dir_dentry);
+ dput(hidden_new_dir_dentry);
+ dput(hidden_old_dentry);
+
+out:
+ if (!err) {
+ /* Fixup the newdentry. */
+ if (bindex < dbstart(new_dentry))
+ set_dbstart(new_dentry, bindex);
+ else if (bindex > dbend(new_dentry))
+ set_dbend(new_dentry, bindex);
+ }
+
+ kfree(wh_name);
+
+ return err;
+}
+
+static int do_unionfs_rename(struct inode *old_dir,
+ struct dentry *old_dentry,
+ struct inode *new_dir,
+ struct dentry *new_dentry)
+{
+ int err = 0;
+ int bindex, bwh_old;
+ int old_bstart, old_bend;
+ int new_bstart, new_bend;
+ int do_copyup = -1;
+ struct dentry *parent_dentry;
+ int local_err = 0;
+ int eio = 0;
+ int revert = 0;
+ struct dentry *wh_old = NULL;
+
+ old_bstart = dbstart(old_dentry);
+ bwh_old = old_bstart;
+ old_bend = dbend(old_dentry);
+ parent_dentry = old_dentry->d_parent;
+
+ new_bstart = dbstart(new_dentry);
+ new_bend = dbend(new_dentry);
+
+ /* Rename source to destination. */
+ err = do_rename(old_dir, old_dentry, new_dir, new_dentry, old_bstart,
+ &wh_old);
+ if (err) {
+ if (!IS_COPYUP_ERR(err))
+ goto out;
+ do_copyup = old_bstart - 1;
+ } else
+ revert = 1;
+
+ /* Unlink all instances of destination that exist to the left of
+ * bstart of source. On error, revert back, goto out.
+ */
+ for (bindex = old_bstart - 1; bindex >= new_bstart; bindex--) {
+ struct dentry *unlink_dentry;
+ struct dentry *unlink_dir_dentry;
+
+ unlink_dentry = unionfs_lower_dentry_idx(new_dentry, bindex);
+ if (!unlink_dentry)
+ continue;
+
+ unlink_dir_dentry = lock_parent(unlink_dentry);
+ if (!(err = is_robranch_super(old_dir->i_sb, bindex)))
+ err = vfs_unlink(unlink_dir_dentry->d_inode,
+ unlink_dentry);
+
+ fsstack_copy_attr_times(new_dentry->d_parent->d_inode,
+ unlink_dir_dentry->d_inode);
+ /* propagate number of hard-links */
+ new_dentry->d_parent->d_inode->i_nlink =
+ unionfs_get_nlinks(new_dentry->d_parent->d_inode);
+
+ unlock_dir(unlink_dir_dentry);
+ if (!err) {
+ if (bindex != new_bstart) {
+ dput(unlink_dentry);
+ unionfs_set_lower_dentry_idx(new_dentry, bindex, NULL);
+ }
+ } else if (IS_COPYUP_ERR(err)) {
+ do_copyup = bindex - 1;
+ } else if (revert) {
+ dput(wh_old);
+ goto revert;
+ }
+ }
+
+ if (do_copyup != -1) {
+ for (bindex = do_copyup; bindex >= 0; bindex--) {
+ /* copyup the file into some left directory, so that
+ * you can rename it
+ */
+ err = copyup_dentry(old_dentry->d_parent->d_inode,
+ old_dentry, old_bstart, bindex, NULL,
+ old_dentry->d_inode->i_size);
+ if (!err) {
+ dput(wh_old);
+ bwh_old = bindex;
+ err = do_rename(old_dir, old_dentry, new_dir,
+ new_dentry, bindex, &wh_old);
+ break;
+ }
+ }
+ }
+
+ /* make it opaque */
+ if (S_ISDIR(old_dentry->d_inode->i_mode)) {
+ err = make_dir_opaque(old_dentry, dbstart(old_dentry));
+ if (err)
+ goto revert;
+ }
+
+ /* Create whiteout for source, only if:
+ * (1) There is more than one underlying instance of source.
+ * (2) We did a copy_up
+ */
+ if ((old_bstart != old_bend) || (do_copyup != -1)) {
+ struct dentry *hidden_parent;
+ BUG_ON(!wh_old || wh_old->d_inode || bwh_old < 0);
+ hidden_parent = lock_parent(wh_old);
+ local_err = vfs_create(hidden_parent->d_inode, wh_old, S_IRUGO,
+ NULL);
+ unlock_dir(hidden_parent);
+ if (!local_err)
+ set_dbopaque(old_dentry, bwh_old);
+ else {
+ /* We can't fix anything now, so we cop-out and use -EIO. */
+ printk(KERN_ERR "We can't create a whiteout for the "
+ "source in rename!\n");
+ err = -EIO;
+ }
+ }
+
+out:
+ dput(wh_old);
+ return err;
+
+revert:
+ /* Do revert here. */
+ local_err = unionfs_refresh_hidden_dentry(new_dentry, old_bstart);
+ if (local_err) {
+ printk(KERN_WARNING "Revert failed in rename: the new refresh "
+ "failed.\n");
+ eio = -EIO;
+ }
+
+ local_err = unionfs_refresh_hidden_dentry(old_dentry, old_bstart);
+ if (local_err) {
+ printk(KERN_WARNING "Revert failed in rename: the old refresh "
+ "failed.\n");
+ eio = -EIO;
+ goto revert_out;
+ }
+
+ if (!unionfs_lower_dentry_idx(new_dentry, bindex) ||
+ !unionfs_lower_dentry_idx(new_dentry, bindex)->d_inode) {
+ printk(KERN_WARNING "Revert failed in rename: the object "
+ "disappeared from under us!\n");
+ eio = -EIO;
+ goto revert_out;
+ }
+
+ if (unionfs_lower_dentry_idx(old_dentry, bindex) &&
+ unionfs_lower_dentry_idx(old_dentry, bindex)->d_inode) {
+ printk(KERN_WARNING "Revert failed in rename: the object was "
+ "created underneath us!\n");
+ eio = -EIO;
+ goto revert_out;
+ }
+
+ local_err = do_rename(new_dir, new_dentry, old_dir, old_dentry, old_bstart,
+ NULL);
+
+ /* If we can't fix it, then we cop-out with -EIO. */
+ if (local_err) {
+ printk(KERN_WARNING "Revert failed in rename!\n");
+ eio = -EIO;
+ }
+
+ local_err = unionfs_refresh_hidden_dentry(new_dentry, bindex);
+ if (local_err)
+ eio = -EIO;
+ local_err = unionfs_refresh_hidden_dentry(old_dentry, bindex);
+ if (local_err)
+ eio = -EIO;
+
+revert_out:
+ if (eio)
+ err = eio;
+ return err;
+}
+
+static struct dentry *lookup_whiteout(struct dentry *dentry)
+{
+ char *whname;
+ int bindex = -1, bstart = -1, bend = -1;
+ struct dentry *parent, *hidden_parent, *wh_dentry;
+
+ whname = alloc_whname(dentry->d_name.name, dentry->d_name.len);
+ if (IS_ERR(whname))
+ return (void *)whname;
+
+ parent = dget_parent(dentry);
+ lock_dentry(parent);
+ bstart = dbstart(parent);
+ bend = dbend(parent);
+ wh_dentry = ERR_PTR(-ENOENT);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_parent = unionfs_lower_dentry_idx(parent, bindex);
+ if (!hidden_parent)
+ continue;
+ wh_dentry = lookup_one_len(whname, hidden_parent,
+ dentry->d_name.len + UNIONFS_WHLEN);
+ if (IS_ERR(wh_dentry))
+ continue;
+ if (wh_dentry->d_inode)
+ break;
+ dput(wh_dentry);
+ wh_dentry = ERR_PTR(-ENOENT);
+ }
+ unlock_dentry(parent);
+ dput(parent);
+ kfree(whname);
+ return wh_dentry;
+}
+
+/* We can't copyup a directory, because it may involve huge
+ * numbers of children, etc. Doing that in the kernel would
+ * be bad, so instead we let the userspace recurse and ask us
+ * to copy up each file separately
+ */
+static int may_rename_dir(struct dentry *dentry)
+{
+ int err, bstart;
+
+ err = check_empty(dentry, NULL);
+ if (err == -ENOTEMPTY) {
+ if (is_robranch(dentry))
+ return -EXDEV;
+ } else if (err)
+ return err;
+
+ bstart = dbstart(dentry);
+ if (dbend(dentry) == bstart || dbopaque(dentry) == bstart)
+ return 0;
+
+ set_dbstart(dentry, bstart + 1);
+ err = check_empty(dentry, NULL);
+ set_dbstart(dentry, bstart);
+ if (err == -ENOTEMPTY)
+ err = -EXDEV;
+ return err;
+}
+
+int unionfs_rename(struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry)
+{
+ int err = 0;
+ struct dentry *wh_dentry;
+
+ double_lock_dentry(old_dentry, new_dentry);
+
+ if (!S_ISDIR(old_dentry->d_inode->i_mode))
+ err = unionfs_partial_lookup(old_dentry);
+ else
+ err = may_rename_dir(old_dentry);
+
+ if (err)
+ goto out;
+
+ err = unionfs_partial_lookup(new_dentry);
+ if (err)
+ goto out;
+
+ /*
+ * if new_dentry is already hidden because of whiteout,
+ * simply override it even if the whiteouted dir is not empty.
+ */
+ wh_dentry = lookup_whiteout(new_dentry);
+ if (!IS_ERR(wh_dentry))
+ dput(wh_dentry);
+ else if (new_dentry->d_inode) {
+ if (S_ISDIR(old_dentry->d_inode->i_mode) !=
+ S_ISDIR(new_dentry->d_inode->i_mode)) {
+ err = S_ISDIR(old_dentry->d_inode->i_mode) ?
+ -ENOTDIR : -EISDIR;
+ goto out;
+ }
+
+ if (S_ISDIR(new_dentry->d_inode->i_mode)) {
+ struct unionfs_dir_state *namelist;
+ /* check if this unionfs directory is empty or not */
+ err = check_empty(new_dentry, &namelist);
+ if (err)
+ goto out;
+
+ if (!is_robranch(new_dentry))
+ err = delete_whiteouts(new_dentry,
+ dbstart(new_dentry),
+ namelist);
+
+ free_rdstate(namelist);
+
+ if (err)
+ goto out;
+ }
+ }
+ err = do_unionfs_rename(old_dir, old_dentry, new_dir, new_dentry);
+
+out:
+ if (err)
+ /* clear the new_dentry stuff created */
+ d_drop(new_dentry);
+ else
+ /* force re-lookup since the dir on ro branch is not renamed,
+ and hidden dentries still indicate the un-renamed ones. */
+ if (S_ISDIR(old_dentry->d_inode->i_mode))
+ atomic_dec(&UNIONFS_D(old_dentry)->generation);
+
+ unlock_dentry(new_dentry);
+ unlock_dentry(old_dentry);
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains the functions used to perform copyup operations in unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/copyup.c | 677 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 677 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/copyup.c b/fs/unionfs/copyup.c
new file mode 100644
index 0000000..ad70b24
--- /dev/null
+++ b/fs/unionfs/copyup.c
@@ -0,0 +1,677 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York*
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* Determine the mode based on the copyup flags, and the existing dentry. */
+static int copyup_permissions(struct super_block *sb,
+ struct dentry *old_hidden_dentry,
+ struct dentry *new_hidden_dentry)
+{
+ struct inode *i = old_hidden_dentry->d_inode;
+ struct iattr newattrs;
+ int err;
+
+ newattrs.ia_atime = i->i_atime;
+ newattrs.ia_mtime = i->i_mtime;
+ newattrs.ia_ctime = i->i_ctime;
+
+ newattrs.ia_gid = i->i_gid;
+ newattrs.ia_uid = i->i_uid;
+
+ newattrs.ia_mode = i->i_mode;
+
+ newattrs.ia_valid = ATTR_CTIME | ATTR_ATIME | ATTR_MTIME |
+ ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_FORCE |
+ ATTR_GID | ATTR_UID | ATTR_MODE;
+
+ err = notify_change(new_hidden_dentry, &newattrs);
+
+ return err;
+}
+
+int copyup_dentry(struct inode *dir, struct dentry *dentry,
+ int bstart, int new_bindex,
+ struct file **copyup_file, loff_t len)
+{
+ return copyup_named_dentry(dir, dentry, bstart, new_bindex,
+ dentry->d_name.name,
+ dentry->d_name.len, copyup_file, len);
+}
+
+/* create the new device/file/directory - use copyup_permission to copyup
+ * times, and mode
+ *
+ * if the object being copied up is a regular file, the file is only created,
+ * the contents have to be copied up separately
+ */
+static inline int __copyup_ndentry(struct dentry *old_hidden_dentry,
+ struct dentry *new_hidden_dentry,
+ struct dentry *new_hidden_parent_dentry,
+ char *symbuf)
+{
+ int err = 0;
+ umode_t old_mode = old_hidden_dentry->d_inode->i_mode;
+ struct sioq_args args;
+
+ if (S_ISDIR(old_mode)) {
+ args.mkdir.parent = new_hidden_parent_dentry->d_inode;
+ args.mkdir.dentry = new_hidden_dentry;
+ args.mkdir.mode = old_mode;
+
+ run_sioq(__unionfs_mkdir, &args);
+ err = args.err;
+ } else if (S_ISLNK(old_mode)) {
+ args.symlink.parent = new_hidden_parent_dentry->d_inode;
+ args.symlink.dentry = new_hidden_dentry;
+ args.symlink.symbuf = symbuf;
+ args.symlink.mode = old_mode;
+
+ run_sioq(__unionfs_symlink, &args);
+ err = args.err;
+ } else if (S_ISBLK(old_mode) || S_ISCHR(old_mode) ||
+ S_ISFIFO(old_mode) || S_ISSOCK(old_mode)) {
+ args.mknod.parent = new_hidden_parent_dentry->d_inode;
+ args.mknod.dentry = new_hidden_dentry;
+ args.mknod.mode = old_mode;
+ args.mknod.dev = old_hidden_dentry->d_inode->i_rdev;
+
+ run_sioq(__unionfs_mknod, &args);
+ err = args.err;
+ } else if (S_ISREG(old_mode)) {
+ args.create.parent = new_hidden_parent_dentry->d_inode;
+ args.create.dentry = new_hidden_dentry;
+ args.create.mode = old_mode;
+ args.create.nd = NULL;
+
+ run_sioq(__unionfs_create, &args);
+ err = args.err;
+ } else {
+ printk(KERN_ERR "Unknown inode type %d\n",
+ old_mode);
+ BUG();
+ }
+
+ return err;
+}
+
+static inline int __copyup_reg_data(struct dentry *dentry,
+ struct dentry *new_hidden_dentry,
+ int new_bindex,
+ struct dentry *old_hidden_dentry,
+ int old_bindex,
+ struct file **copyup_file,
+ loff_t len)
+{
+ struct super_block *sb = dentry->d_sb;
+ struct file *input_file;
+ struct file *output_file;
+ mm_segment_t old_fs;
+ char *buf = NULL;
+ ssize_t read_bytes, write_bytes;
+ loff_t size;
+ int err = 0;
+
+ /* open old file */
+ mntget(unionfs_lower_mnt_idx(dentry, old_bindex));
+ branchget(sb, old_bindex);
+ input_file = dentry_open(old_hidden_dentry,
+ unionfs_lower_mnt_idx(dentry, old_bindex),
+ O_RDONLY | O_LARGEFILE);
+ if (IS_ERR(input_file)) {
+ dput(old_hidden_dentry);
+ err = PTR_ERR(input_file);
+ goto out;
+ }
+ if (!input_file->f_op || !input_file->f_op->read) {
+ err = -EINVAL;
+ goto out_close_in;
+ }
+
+ /* open new file */
+ dget(new_hidden_dentry);
+ mntget(unionfs_lower_mnt_idx(dentry, new_bindex));
+ branchget(sb, new_bindex);
+ output_file = dentry_open(new_hidden_dentry,
+ unionfs_lower_mnt_idx(dentry, new_bindex),
+ O_WRONLY | O_LARGEFILE);
+ if (IS_ERR(output_file)) {
+ err = PTR_ERR(output_file);
+ goto out_close_in2;
+ }
+ if (!output_file->f_op || !output_file->f_op->write) {
+ err = -EINVAL;
+ goto out_close_out;
+ }
+
+ /* allocating a buffer */
+ buf = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ if (!buf) {
+ err = -ENOMEM;
+ goto out_close_out;
+ }
+
+ input_file->f_pos = 0;
+ output_file->f_pos = 0;
+
+ old_fs = get_fs();
+ set_fs(KERNEL_DS);
+
+ size = len;
+ err = 0;
+ do {
+ if (len >= PAGE_SIZE)
+ size = PAGE_SIZE;
+ else if ((len < PAGE_SIZE) && (len > 0))
+ size = len;
+
+ len -= PAGE_SIZE;
+
+ read_bytes =
+ input_file->f_op->read(input_file,
+ (char __user *)buf, size,
+ &input_file->f_pos);
+ if (read_bytes <= 0) {
+ err = read_bytes;
+ break;
+ }
+
+ write_bytes =
+ output_file->f_op->write(output_file,
+ (char __user *)buf,
+ read_bytes,
+ &output_file->f_pos);
+ if ((write_bytes < 0) || (write_bytes < read_bytes)) {
+ err = write_bytes;
+ break;
+ }
+ } while ((read_bytes > 0) && (len > 0));
+
+ set_fs(old_fs);
+
+ kfree(buf);
+
+ if (err)
+ goto out_close_out;
+ if (copyup_file) {
+ *copyup_file = output_file;
+ goto out_close_in;
+ }
+
+out_close_out:
+ fput(output_file);
+
+out_close_in2:
+ branchput(sb, new_bindex);
+
+out_close_in:
+ fput(input_file);
+
+out:
+ branchput(sb, old_bindex);
+
+ return err;
+}
+
+/* dput the lower references for old and new dentry & clear a lower dentry
+ * pointer
+ */
+static inline void __clear(struct dentry *dentry,
+ struct dentry *old_hidden_dentry,
+ int old_bstart, int old_bend,
+ struct dentry *new_hidden_dentry,
+ int new_bindex)
+{
+ /* get rid of the hidden dentry and all its traces */
+ unionfs_set_lower_dentry_idx(dentry, new_bindex, NULL);
+ set_dbstart(dentry, old_bstart);
+ set_dbend(dentry, old_bend);
+
+ dput(new_hidden_dentry);
+ dput(old_hidden_dentry);
+}
+
+/* copy up a dentry to a file of specified name */
+int copyup_named_dentry(struct inode *dir, struct dentry *dentry,
+ int bstart, int new_bindex, const char *name,
+ int namelen, struct file **copyup_file, loff_t len)
+{
+ struct dentry *new_hidden_dentry;
+ struct dentry *old_hidden_dentry = NULL;
+ struct super_block *sb;
+ int err = 0;
+ int old_bindex;
+ int old_bstart;
+ int old_bend;
+ struct dentry *new_hidden_parent_dentry = NULL;
+ mm_segment_t oldfs;
+ char *symbuf = NULL;
+
+ verify_locked(dentry);
+
+ old_bindex = bstart;
+ old_bstart = dbstart(dentry);
+ old_bend = dbend(dentry);
+
+ BUG_ON(new_bindex < 0);
+ BUG_ON(new_bindex >= old_bindex);
+
+ sb = dir->i_sb;
+
+ unionfs_read_lock(sb);
+
+ if ((err = is_robranch_super(sb, new_bindex))) {
+ dput(old_hidden_dentry);
+ goto out;
+ }
+
+ /* Create the directory structure above this dentry. */
+ new_hidden_dentry = create_parents_named(dir, dentry, name, new_bindex);
+ if (IS_ERR(new_hidden_dentry)) {
+ dput(old_hidden_dentry);
+ err = PTR_ERR(new_hidden_dentry);
+ goto out;
+ }
+
+ old_hidden_dentry = unionfs_lower_dentry_idx(dentry, old_bindex);
+ dget(old_hidden_dentry);
+
+ /* For symlinks, we must read the link before we lock the directory. */
+ if (S_ISLNK(old_hidden_dentry->d_inode->i_mode)) {
+
+ symbuf = kmalloc(PATH_MAX, GFP_KERNEL);
+ if (!symbuf) {
+ __clear(dentry, old_hidden_dentry,
+ old_bstart, old_bend,
+ new_hidden_dentry, new_bindex);
+ err = -ENOMEM;
+ goto out_free;
+ }
+
+ oldfs = get_fs();
+ set_fs(KERNEL_DS);
+ err = old_hidden_dentry->d_inode->i_op->readlink(
+ old_hidden_dentry,
+ (char __user *)symbuf,
+ PATH_MAX);
+ set_fs(oldfs);
+ if (err) {
+ __clear(dentry, old_hidden_dentry,
+ old_bstart, old_bend,
+ new_hidden_dentry, new_bindex);
+ goto out_free;
+ }
+ symbuf[err] = '\0';
+ }
+
+ /* Now we lock the parent, and create the object in the new branch. */
+ new_hidden_parent_dentry = lock_parent(new_hidden_dentry);
+
+ /* create the new inode */
+ err = __copyup_ndentry(old_hidden_dentry, new_hidden_dentry,
+ new_hidden_parent_dentry, symbuf);
+
+ if (err) {
+ __clear(dentry, old_hidden_dentry,
+ old_bstart, old_bend,
+ new_hidden_dentry, new_bindex);
+ goto out_unlock;
+ }
+
+ /* We actually copyup the file here. */
+ if (S_ISREG(old_hidden_dentry->d_inode->i_mode))
+ err = __copyup_reg_data(dentry, new_hidden_dentry, new_bindex,
+ old_hidden_dentry, old_bindex, copyup_file, len);
+ if (err)
+ goto out_unlink;
+
+ /* Set permissions. */
+ if ((err = copyup_permissions(sb, old_hidden_dentry, new_hidden_dentry)))
+ goto out_unlink;
+
+ /* do not allow files getting deleted to be reinterposed */
+ if (!d_deleted(dentry))
+ unionfs_reinterpose(dentry);
+
+ goto out_unlock;
+ /****/
+
+out_unlink:
+ /* copyup failed, because we possibly ran out of space or
+ * quota, or something else happened so let's unlink; we don't
+ * really care about the return value of vfs_unlink
+ */
+ vfs_unlink(new_hidden_parent_dentry->d_inode, new_hidden_dentry);
+
+ if (copyup_file) {
+ /* need to close the file */
+
+ fput(*copyup_file);
+ branchput(sb, new_bindex);
+ }
+
+ /*
+ * TODO: should we reset the error to something like -EIO?
+ *
+ * If we don't reset, the user may get some non-sensical errors, but
+ * on the other hand, if we reset to EIO, we guarantee that the user
+ * will get a "confusing" error message.
+ */
+
+out_unlock:
+ unlock_dir(new_hidden_parent_dentry);
+
+out_free:
+ kfree(symbuf);
+
+out:
+ unionfs_read_unlock(sb);
+
+ return err;
+}
+
+/* This function creates a copy of a file represented by 'file' which currently
+ * resides in branch 'bstart' to branch 'new_bindex.' The copy will be named
+ * "name".
+ */
+int copyup_named_file(struct inode *dir, struct file *file, char *name,
+ int bstart, int new_bindex, loff_t len)
+{
+ int err = 0;
+ struct file *output_file = NULL;
+
+ err = copyup_named_dentry(dir, file->f_dentry, bstart,
+ new_bindex, name, strlen(name), &output_file,
+ len);
+ if (!err) {
+ fbstart(file) = new_bindex;
+ unionfs_set_lower_file_idx(file, new_bindex, output_file);
+ }
+
+ return err;
+}
+
+/* This function creates a copy of a file represented by 'file' which currently
+ * resides in branch 'bstart' to branch 'new_bindex'.
+ */
+int copyup_file(struct inode *dir, struct file *file, int bstart,
+ int new_bindex, loff_t len)
+{
+ int err = 0;
+ struct file *output_file = NULL;
+
+ err = copyup_dentry(dir, file->f_dentry, bstart, new_bindex,
+ &output_file, len);
+ if (!err) {
+ fbstart(file) = new_bindex;
+ unionfs_set_lower_file_idx(file, new_bindex, output_file);
+ }
+
+ return err;
+}
+
+/* This function replicates the directory structure upto given dentry
+ * in the bindex branch. Can create directory structure recursively to the right
+ * also.
+ */
+struct dentry *create_parents(struct inode *dir, struct dentry *dentry,
+ int bindex)
+{
+ return create_parents_named(dir, dentry, dentry->d_name.name, bindex);
+}
+
+static inline void __cleanup_dentry(struct dentry * dentry, int bindex,
+ int old_bstart, int old_bend)
+{
+ int loop_start;
+ int loop_end;
+ int new_bstart = -1;
+ int new_bend = -1;
+ int i;
+
+ loop_start = min(old_bstart, bindex);
+ loop_end = max(old_bend, bindex);
+
+ /* This loop sets the bstart and bend for the new dentry by
+ * traversing from left to right. It also dputs all negative
+ * dentries except bindex
+ */
+ for (i = loop_start; i <= loop_end; i++) {
+ if (!unionfs_lower_dentry_idx(dentry, i))
+ continue;
+
+ if (i == bindex) {
+ new_bend = i;
+ if (new_bstart < 0)
+ new_bstart = i;
+ continue;
+ }
+
+ if (!unionfs_lower_dentry_idx(dentry, i)->d_inode) {
+ dput(unionfs_lower_dentry_idx(dentry, i));
+ unionfs_set_lower_dentry_idx(dentry, i, NULL);
+ } else {
+ if (new_bstart < 0)
+ new_bstart = i;
+ new_bend = i;
+ }
+ }
+
+ if (new_bstart < 0)
+ new_bstart = bindex;
+ if (new_bend < 0)
+ new_bend = bindex;
+ set_dbstart(dentry, new_bstart);
+ set_dbend(dentry, new_bend);
+
+}
+
+/* set lower inode ptr and update bstart & bend if necessary */
+static inline void __set_inode(struct dentry * upper, struct dentry * lower,
+ int bindex)
+{
+ unionfs_set_lower_inode_idx(upper->d_inode, bindex,
+ igrab(lower->d_inode));
+ if (likely(ibstart(upper->d_inode) > bindex))
+ ibstart(upper->d_inode) = bindex;
+ if (likely(ibend(upper->d_inode) < bindex))
+ ibend(upper->d_inode) = bindex;
+
+}
+
+/* set lower dentry ptr and update bstart & bend if necessary */
+static inline void __set_dentry(struct dentry * upper, struct dentry * lower,
+ int bindex)
+{
+ unionfs_set_lower_dentry_idx(upper, bindex, lower);
+ if (likely(dbstart(upper) > bindex))
+ set_dbstart(upper, bindex);
+ if (likely(dbend(upper) < bindex))
+ set_dbend(upper, bindex);
+}
+
+/* This function replicates the directory structure upto given dentry
+ * in the bindex branch.
+ */
+struct dentry *create_parents_named(struct inode *dir, struct dentry *dentry,
+ const char *name, int bindex)
+{
+ int err;
+ struct dentry *child_dentry;
+ struct dentry *parent_dentry;
+ struct dentry *hidden_parent_dentry = NULL;
+ struct dentry *hidden_dentry = NULL;
+ const char *childname;
+ unsigned int childnamelen;
+
+ int old_kmalloc_size;
+ int kmalloc_size;
+ int num_dentry;
+ int count;
+
+ int old_bstart;
+ int old_bend;
+ struct dentry **path = NULL;
+ struct dentry **tmp_path;
+ struct super_block *sb;
+
+ verify_locked(dentry);
+
+ /* There is no sense allocating any less than the minimum. */
+ kmalloc_size = malloc_sizes[0].cs_size;
+ num_dentry = kmalloc_size / sizeof(struct dentry *);
+
+ if ((err = is_robranch_super(dir->i_sb, bindex))) {
+ hidden_dentry = ERR_PTR(err);
+ goto out;
+ }
+
+ old_bstart = dbstart(dentry);
+ old_bend = dbend(dentry);
+
+ hidden_dentry = ERR_PTR(-ENOMEM);
+ path = kzalloc(kmalloc_size, GFP_KERNEL);
+ if (!path)
+ goto out;
+
+ /* assume the negative dentry of unionfs as the parent dentry */
+ parent_dentry = dentry;
+
+ count = 0;
+ /* This loop finds the first parent that exists in the given branch.
+ * We start building the directory structure from there. At the end
+ * of the loop, the following should hold:
+ * - child_dentry is the first nonexistent child
+ * - parent_dentry is the first existent parent
+ * - path[0] is the = deepest child
+ * - path[count] is the first child to create
+ */
+ do {
+ child_dentry = parent_dentry;
+
+ /* find the parent directory dentry in unionfs */
+ parent_dentry = child_dentry->d_parent;
+ lock_dentry(parent_dentry);
+
+ /* find out the hidden_parent_dentry in the given branch */
+ hidden_parent_dentry = unionfs_lower_dentry_idx(parent_dentry, bindex);
+
+ /* store the child dentry */
+ path[count++] = child_dentry;
+
+ /* grow path table */
+ if (count == num_dentry) {
+ old_kmalloc_size = kmalloc_size;
+ kmalloc_size *= 2;
+ num_dentry = kmalloc_size / sizeof(struct dentry *);
+
+ tmp_path = kzalloc(kmalloc_size, GFP_KERNEL);
+ if (!tmp_path) {
+ hidden_dentry = ERR_PTR(-ENOMEM);
+ goto out;
+ }
+ memcpy(tmp_path, path, old_kmalloc_size);
+ kfree(path);
+ path = tmp_path;
+ tmp_path = NULL;
+ }
+
+ } while (!hidden_parent_dentry);
+ count--;
+
+ sb = dentry->d_sb;
+
+ /* This is basically while(child_dentry != dentry). This loop is
+ * horrible to follow and should be replaced with cleaner code.
+ */
+ while (1) {
+ /* get hidden parent dir in the current branch */
+ hidden_parent_dentry = unionfs_lower_dentry_idx(parent_dentry, bindex);
+ unlock_dentry(parent_dentry);
+
+ /* init the values to lookup */
+ childname = child_dentry->d_name.name;
+ childnamelen = child_dentry->d_name.len;
+
+ if (child_dentry != dentry) {
+ /* lookup child in the underlying file system */
+ hidden_dentry =
+ lookup_one_len(childname, hidden_parent_dentry,
+ childnamelen);
+ if (IS_ERR(hidden_dentry))
+ goto out;
+ } else {
+
+ /* is the name a whiteout of the childname ?
+ * lookup the whiteout child in the underlying file system
+ */
+ hidden_dentry =
+ lookup_one_len(name, hidden_parent_dentry,
+ strlen(name));
+ if (IS_ERR(hidden_dentry))
+ goto out;
+
+ /* Replace the current dentry (if any) with the new one. */
+ dput(unionfs_lower_dentry_idx(dentry, bindex));
+ unionfs_set_lower_dentry_idx(dentry, bindex, hidden_dentry);
+
+ __cleanup_dentry(dentry, bindex, old_bstart, old_bend);
+ break;
+ }
+
+ if (hidden_dentry->d_inode) {
+ /* since this already exists we dput to avoid
+ * multiple references on the same dentry
+ */
+ dput(hidden_dentry);
+ } else {
+ struct sioq_args args;
+
+ /* its a negative dentry, create a new dir */
+ hidden_parent_dentry = lock_parent(hidden_dentry);
+
+ args.mkdir.parent = hidden_parent_dentry->d_inode;
+ args.mkdir.dentry = hidden_dentry;
+ args.mkdir.mode = child_dentry->d_inode->i_mode;
+
+ run_sioq(__unionfs_mkdir, &args);
+ err = args.err;
+
+ if (!err)
+ err = copyup_permissions(dir->i_sb,
+ child_dentry, hidden_dentry);
+ unlock_dir(hidden_parent_dentry);
+ if (err) {
+ dput(hidden_dentry);
+ hidden_dentry = ERR_PTR(err);
+ goto out;
+ }
+
+ }
+
+ __set_inode(child_dentry, hidden_dentry, bindex);
+ __set_dentry(child_dentry, hidden_dentry, bindex);
+
+ parent_dentry = child_dentry;
+ child_dentry = path[--count];
+ }
+out:
+ kfree(path);
+ return hidden_dentry;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains helper functions used through the rest of the code which
pertains to files.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/commonfops.c | 593 +++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 593 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/commonfops.c b/fs/unionfs/commonfops.c
new file mode 100644
index 0000000..6685bf7
--- /dev/null
+++ b/fs/unionfs/commonfops.c
@@ -0,0 +1,593 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* 1) Copyup the file
+ * 2) Rename the file to '.unionfs<original inode#><counter>' - obviously
+ * stolen from NFS's silly rename
+ */
+static int copyup_deleted_file(struct file *file, struct dentry *dentry,
+ int bstart, int bindex)
+{
+ static unsigned int counter;
+ const int i_inosize = sizeof(dentry->d_inode->i_ino) * 2;
+ const int countersize = sizeof(counter) * 2;
+ const int nlen = sizeof(".unionfs") + i_inosize + countersize - 1;
+ char name[nlen + 1];
+
+ int err;
+ struct dentry *tmp_dentry = NULL;
+ struct dentry *hidden_dentry = NULL;
+ struct dentry *hidden_dir_dentry = NULL;
+
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bstart);
+
+ sprintf(name, ".unionfs%*.*lx",
+ i_inosize, i_inosize, hidden_dentry->d_inode->i_ino);
+
+ tmp_dentry = NULL;
+ do {
+ char *suffix = name + nlen - countersize;
+
+ dput(tmp_dentry);
+ counter++;
+ sprintf(suffix, "%*.*x", countersize, countersize, counter);
+
+ printk(KERN_DEBUG "unionfs: trying to rename %s to %s\n",
+ dentry->d_name.name, name);
+
+ tmp_dentry = lookup_one_len(name, hidden_dentry->d_parent,
+ UNIONFS_TMPNAM_LEN);
+ if (IS_ERR(tmp_dentry)) {
+ err = PTR_ERR(tmp_dentry);
+ goto out;
+ }
+ } while (tmp_dentry->d_inode != NULL); /* need negative dentry */
+
+ err = copyup_named_file(dentry->d_parent->d_inode, file, name, bstart,
+ bindex, file->f_dentry->d_inode->i_size);
+ if (err)
+ goto out;
+
+ /* bring it to the same state as an unlinked file */
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, dbstart(dentry));
+ hidden_dir_dentry = lock_parent(hidden_dentry);
+ err = vfs_unlink(hidden_dir_dentry->d_inode, hidden_dentry);
+ unlock_dir(hidden_dir_dentry);
+
+out:
+ return err;
+}
+
+/* put all references held by upper struct file and free lower file pointer
+ * array
+ */
+static void cleanup_file(struct file *file)
+{
+ int bindex, bstart, bend;
+ struct file **lf;
+
+ lf = UNIONFS_F(file)->lower_files;
+ bstart = fbstart(file);
+ bend = fbend(file);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ if (unionfs_lower_file_idx(file, bindex)) {
+ branchput(file->f_dentry->d_sb, bindex);
+ fput(unionfs_lower_file_idx(file, bindex));
+ }
+ }
+
+ UNIONFS_F(file)->lower_files = NULL;
+ kfree(lf);
+}
+
+/* open all lower files for a given file */
+static int open_all_files(struct file *file)
+{
+ int bindex, bstart, bend, err = 0;
+ struct file *hidden_file;
+ struct dentry *hidden_dentry;
+ struct dentry *dentry = file->f_dentry;
+ struct super_block *sb = dentry->d_sb;
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+
+ dget(hidden_dentry);
+ mntget(unionfs_lower_mnt_idx(dentry, bindex));
+ branchget(sb, bindex);
+
+ hidden_file = dentry_open(hidden_dentry,
+ unionfs_lower_mnt_idx(dentry, bindex),
+ file->f_flags);
+ if (IS_ERR(hidden_file)) {
+ err = PTR_ERR(hidden_file);
+ goto out;
+ } else
+ unionfs_set_lower_file_idx(file, bindex, hidden_file);
+ }
+out:
+ return err;
+}
+
+/* open the highest priority file for a given upper file */
+static int open_highest_file(struct file *file, int willwrite)
+{
+ int bindex, bstart, bend, err = 0;
+ struct file *hidden_file;
+ struct dentry *hidden_dentry;
+
+ struct dentry *dentry = file->f_dentry;
+ struct inode *parent_inode = dentry->d_parent->d_inode;
+ struct super_block *sb = dentry->d_sb;
+ size_t inode_size = dentry->d_inode->i_size;
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+ if (willwrite && IS_WRITE_FLAG(file->f_flags) && is_robranch(dentry)) {
+ for (bindex = bstart - 1; bindex >= 0; bindex--) {
+ err = copyup_file(parent_inode, file, bstart, bindex,
+ inode_size);
+ if (!err)
+ break;
+ }
+ atomic_set(&UNIONFS_F(file)->generation,
+ atomic_read(&UNIONFS_I(dentry->d_inode)->generation));
+ goto out;
+ }
+
+ dget(hidden_dentry);
+ mntget(unionfs_lower_mnt_idx(dentry, bstart));
+ branchget(sb, bstart);
+ hidden_file = dentry_open(hidden_dentry,
+ unionfs_lower_mnt_idx(dentry, bstart), file->f_flags);
+ if (IS_ERR(hidden_file)) {
+ err = PTR_ERR(hidden_file);
+ goto out;
+ }
+ unionfs_set_lower_file(file, hidden_file);
+ /* Fix up the position. */
+ hidden_file->f_pos = file->f_pos;
+
+ memcpy(&hidden_file->f_ra, &file->f_ra, sizeof(struct file_ra_state));
+out:
+ return err;
+}
+
+static int do_delayed_copyup(struct file *file, struct dentry *dentry)
+{
+ int bindex, bstart, bend, err = 0;
+ struct inode *parent_inode = dentry->d_parent->d_inode;
+ loff_t inode_size = file->f_dentry->d_inode->i_size;
+
+ bstart = fbstart(file);
+ bend = fbend(file);
+
+ BUG_ON(!S_ISREG(file->f_dentry->d_inode->i_mode));
+
+ for (bindex = bstart - 1; bindex >= 0; bindex--) {
+ if (!d_deleted(file->f_dentry))
+ err = copyup_file(parent_inode, file, bstart,
+ bindex, inode_size);
+ else
+ err = copyup_deleted_file(file, dentry, bstart, bindex);
+
+ if (!err)
+ break;
+ }
+ if (!err && (bstart > fbstart(file))) {
+ bend = fbend(file);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ if (unionfs_lower_file_idx(file, bindex)) {
+ branchput(dentry->d_sb, bindex);
+ fput(unionfs_lower_file_idx(file, bindex));
+ unionfs_set_lower_file_idx(file, bindex, NULL);
+ }
+ }
+ fbend(file) = bend;
+ }
+ return err;
+}
+
+/* revalidate the stuct file */
+int unionfs_file_revalidate(struct file *file, int willwrite)
+{
+ struct super_block *sb;
+ struct dentry *dentry;
+ int sbgen, fgen, dgen;
+ int bstart, bend;
+ int size;
+
+ int err = 0;
+
+ dentry = file->f_dentry;
+ lock_dentry(dentry);
+ sb = dentry->d_sb;
+ unionfs_read_lock(sb);
+ if (!unionfs_d_revalidate(dentry, NULL) && !d_deleted(dentry)) {
+ err = -ESTALE;
+ goto out;
+ }
+
+ sbgen = atomic_read(&UNIONFS_SB(sb)->generation);
+ dgen = atomic_read(&UNIONFS_D(dentry)->generation);
+ fgen = atomic_read(&UNIONFS_F(file)->generation);
+
+ BUG_ON(sbgen > dgen);
+
+ /* There are two cases we are interested in. The first is if the
+ * generation is lower than the super-block. The second is if someone
+ * has copied up this file from underneath us, we also need to refresh
+ * things.
+ */
+ if (!d_deleted(dentry) &&
+ (sbgen > fgen || dbstart(dentry) != fbstart(file))) {
+ /* First we throw out the existing files. */
+ cleanup_file(file);
+
+ /* Now we reopen the file(s) as in unionfs_open. */
+ bstart = fbstart(file) = dbstart(dentry);
+ bend = fbend(file) = dbend(dentry);
+
+ size = sizeof(struct file *) * sbmax(sb);
+ UNIONFS_F(file)->lower_files = kzalloc(size, GFP_KERNEL);
+ if (!UNIONFS_F(file)->lower_files) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ if (S_ISDIR(dentry->d_inode->i_mode)) {
+ /* We need to open all the files. */
+ err = open_all_files(file);
+ if (err)
+ goto out;
+ } else {
+ /* We only open the highest priority branch. */
+ err = open_highest_file(file, willwrite);
+ if (err)
+ goto out;
+ }
+ atomic_set(&UNIONFS_F(file)->generation,
+ atomic_read(&UNIONFS_I(dentry->d_inode)->
+ generation));
+ }
+
+ /* Copyup on the first write to a file on a readonly branch. */
+ if (willwrite && IS_WRITE_FLAG(file->f_flags) &&
+ !IS_WRITE_FLAG(unionfs_lower_file(file)->f_flags) &&
+ is_robranch(dentry)) {
+ printk(KERN_DEBUG "Doing delayed copyup of a read-write "
+ "file on a read-only branch.\n");
+ err = do_delayed_copyup(file, dentry);
+ }
+
+out:
+ unlock_dentry(dentry);
+ unionfs_read_unlock(dentry->d_sb);
+ return err;
+}
+
+/* unionfs_open helper function: open a directory */
+static inline int __open_dir(struct inode *inode, struct file *file)
+{
+ struct dentry *hidden_dentry;
+ struct file *hidden_file;
+ int bindex, bstart, bend;
+
+ bstart = fbstart(file) = dbstart(file->f_dentry);
+ bend = fbend(file) = dbend(file->f_dentry);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(file->f_dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+
+ dget(hidden_dentry);
+ mntget(unionfs_lower_mnt_idx(file->f_dentry, bindex));
+ hidden_file = dentry_open(hidden_dentry,
+ unionfs_lower_mnt_idx(file->f_dentry, bindex),
+ file->f_flags);
+ if (IS_ERR(hidden_file))
+ return PTR_ERR(hidden_file);
+
+ unionfs_set_lower_file_idx(file, bindex, hidden_file);
+
+ /* The branchget goes after the open, because otherwise
+ * we would miss the reference on release.
+ */
+ branchget(inode->i_sb, bindex);
+ }
+
+ return 0;
+}
+
+/* unionfs_open helper function: open a file */
+static inline int __open_file(struct inode *inode, struct file *file)
+{
+ struct dentry *hidden_dentry;
+ struct file *hidden_file;
+ int hidden_flags;
+ int bindex, bstart, bend;
+
+ hidden_dentry = unionfs_lower_dentry(file->f_dentry);
+ hidden_flags = file->f_flags;
+
+ bstart = fbstart(file) = dbstart(file->f_dentry);
+ bend = fbend(file) = dbend(file->f_dentry);
+
+ /* check for the permission for hidden file. If the error is COPYUP_ERR,
+ * copyup the file.
+ */
+ if (hidden_dentry->d_inode && is_robranch(file->f_dentry)) {
+ /* if the open will change the file, copy it up otherwise
+ * defer it.
+ */
+ if (hidden_flags & O_TRUNC) {
+ int size = 0;
+ int err = -EROFS;
+
+ /* copyup the file */
+ for (bindex = bstart - 1; bindex >= 0; bindex--) {
+ err = copyup_file(file->f_dentry->d_parent->d_inode,
+ file, bstart, bindex, size);
+ if (!err)
+ break;
+ }
+ return err;
+ } else
+ hidden_flags &= ~(OPEN_WRITE_FLAGS);
+ }
+
+ dget(hidden_dentry);
+
+ /* dentry_open will decrement mnt refcnt if err.
+ * otherwise fput() will do an mntput() for us upon file close.
+ */
+ mntget(unionfs_lower_mnt_idx(file->f_dentry, bstart));
+ hidden_file = dentry_open(hidden_dentry,
+ unionfs_lower_mnt_idx(file->f_dentry, bstart),
+ hidden_flags);
+ if (IS_ERR(hidden_file))
+ return PTR_ERR(hidden_file);
+
+ unionfs_set_lower_file(file, hidden_file);
+ branchget(inode->i_sb, bstart);
+
+ return 0;
+}
+
+int unionfs_open(struct inode *inode, struct file *file)
+{
+ int err = 0;
+ struct file *hidden_file = NULL;
+ struct dentry *dentry = NULL;
+ int bindex = 0, bstart = 0, bend = 0;
+ int size;
+
+ file->private_data = kzalloc(sizeof(struct unionfs_file_info), GFP_KERNEL);
+ if (!UNIONFS_F(file)) {
+ err = -ENOMEM;
+ goto out;
+ }
+ fbstart(file) = -1;
+ fbend(file) = -1;
+ atomic_set(&UNIONFS_F(file)->generation,
+ atomic_read(&UNIONFS_I(inode)->generation));
+
+ size = sizeof(struct file *) * sbmax(inode->i_sb);
+ UNIONFS_F(file)->lower_files = kzalloc(size, GFP_KERNEL);
+ if (!UNIONFS_F(file)->lower_files) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ dentry = file->f_dentry;
+ lock_dentry(dentry);
+ unionfs_read_lock(inode->i_sb);
+
+ bstart = fbstart(file) = dbstart(dentry);
+ bend = fbend(file) = dbend(dentry);
+
+ /* increment, so that we can flush appropriately */
+ atomic_inc(&UNIONFS_I(dentry->d_inode)->totalopens);
+
+ /* open all directories and make the unionfs file struct point to
+ * these hidden file structs
+ */
+ if (S_ISDIR(inode->i_mode))
+ err = __open_dir(inode, file); /* open a dir */
+ else
+ err = __open_file(inode, file); /* open a file */
+
+ /* freeing the allocated resources, and fput the opened files */
+ if (err) {
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_file = unionfs_lower_file_idx(file, bindex);
+ if (!hidden_file)
+ continue;
+
+ branchput(file->f_dentry->d_sb, bindex);
+ /* fput calls dput for hidden_dentry */
+ fput(hidden_file);
+ }
+ }
+
+ unlock_dentry(dentry);
+ unionfs_read_unlock(inode->i_sb);
+
+out:
+ if (err) {
+ kfree(UNIONFS_F(file)->lower_files);
+ kfree(UNIONFS_F(file));
+ }
+
+ return err;
+}
+
+/* release all lower object references & free the file info structure */
+int unionfs_file_release(struct inode *inode, struct file *file)
+{
+ struct file *hidden_file = NULL;
+ struct unionfs_file_info *fileinfo = UNIONFS_F(file);
+ struct unionfs_inode_info *inodeinfo = UNIONFS_I(inode);
+ int bindex, bstart, bend;
+ int fgen;
+
+ /* fput all the hidden files */
+ fgen = atomic_read(&fileinfo->generation);
+ bstart = fbstart(file);
+ bend = fbend(file);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_file = unionfs_lower_file_idx(file, bindex);
+
+ if (hidden_file) {
+ fput(hidden_file);
+ unionfs_read_lock(inode->i_sb);
+ branchput(inode->i_sb, bindex);
+ unionfs_read_unlock(inode->i_sb);
+ }
+ }
+ kfree(fileinfo->lower_files);
+
+ if (fileinfo->rdstate) {
+ fileinfo->rdstate->access = jiffies;
+ printk(KERN_DEBUG "Saving rdstate with cookie %u [%d.%lld]\n",
+ fileinfo->rdstate->cookie,
+ fileinfo->rdstate->bindex,
+ (long long)fileinfo->rdstate->dirpos);
+ spin_lock(&inodeinfo->rdlock);
+ inodeinfo->rdcount++;
+ list_add_tail(&fileinfo->rdstate->cache,
+ &inodeinfo->readdircache);
+ mark_inode_dirty(inode);
+ spin_unlock(&inodeinfo->rdlock);
+ fileinfo->rdstate = NULL;
+ }
+ kfree(fileinfo);
+ return 0;
+}
+
+/* pass the ioctl to the lower fs */
+static inline long do_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+{
+ struct file *hidden_file;
+ int err;
+
+ hidden_file = unionfs_lower_file(file);
+
+ err = security_file_ioctl(hidden_file, cmd, arg);
+ if (err)
+ goto out;
+
+ err = -ENOTTY;
+ if (!hidden_file || !hidden_file->f_op)
+ goto out;
+ if (hidden_file->f_op->unlocked_ioctl) {
+ err = hidden_file->f_op->unlocked_ioctl(hidden_file, cmd, arg);
+ } else if (hidden_file->f_op->ioctl) {
+ lock_kernel();
+ err = hidden_file->f_op->ioctl(hidden_file->f_dentry->d_inode,
+ hidden_file, cmd, arg);
+ unlock_kernel();
+ }
+
+out:
+ return err;
+}
+
+long unionfs_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+{
+ long err;
+
+ if ((err = unionfs_file_revalidate(file, 1)))
+ goto out;
+
+ /* check if asked for local commands */
+ switch (cmd) {
+ case UNIONFS_IOCTL_INCGEN:
+ /* Increment the superblock generation count */
+ err = -EACCES;
+ if (!capable(CAP_SYS_ADMIN))
+ goto out;
+ err = unionfs_ioctl_incgen(file, cmd, arg);
+ break;
+
+ case UNIONFS_IOCTL_QUERYFILE:
+ /* Return list of branches containing the given file */
+ err = unionfs_ioctl_queryfile(file, cmd, arg);
+ break;
+
+ default:
+ /* pass the ioctl down */
+ err = do_ioctl(file, cmd, arg);
+ break;
+ }
+
+out:
+ return err;
+}
+
+int unionfs_flush(struct file *file, fl_owner_t id)
+{
+ int err = 0;
+ struct file *hidden_file = NULL;
+ struct dentry *dentry = file->f_dentry;
+ int bindex, bstart, bend;
+
+ if ((err = unionfs_file_revalidate(file, 1)))
+ goto out;
+ if (!atomic_dec_and_test(&UNIONFS_I(dentry->d_inode)->totalopens))
+ goto out;
+
+ lock_dentry(dentry);
+
+ bstart = fbstart(file);
+ bend = fbend(file);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_file = unionfs_lower_file_idx(file, bindex);
+
+ if (hidden_file && hidden_file->f_op && hidden_file->f_op->flush) {
+ err = hidden_file->f_op->flush(hidden_file, id);
+ if (err)
+ goto out_lock;
+
+ /* if there are no more references to the dentry, dput it */
+ if (d_deleted(dentry)) {
+ dput(unionfs_lower_dentry_idx(dentry, bindex));
+ unionfs_set_lower_dentry_idx(dentry, bindex, NULL);
+ }
+ }
+
+ }
+
+out_lock:
+ unlock_dentry(dentry);
+out:
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains the ioctls to increase the union generation and to query
which branch a file exists on.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/branchman.c | 81 ++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 81 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/branchman.c b/fs/unionfs/branchman.c
new file mode 100644
index 0000000..168c5d5
--- /dev/null
+++ b/fs/unionfs/branchman.c
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* increase the superblock generation count; effectively invalidating every
+ * upper inode, dentry and file object */
+int unionfs_ioctl_incgen(struct file *file, unsigned int cmd, unsigned long arg)
+{
+ struct super_block *sb;
+ int gen;
+
+ sb = file->f_dentry->d_sb;
+
+ unionfs_write_lock(sb);
+
+ gen = atomic_inc_return(&UNIONFS_SB(sb)->generation);
+
+ atomic_set(&UNIONFS_D(sb->s_root)->generation, gen);
+ atomic_set(&UNIONFS_I(sb->s_root->d_inode)->generation, gen);
+
+ unionfs_write_unlock(sb);
+
+ return gen;
+}
+
+/* return to userspace the branch indices containing the file in question
+ *
+ * We use fd_set and therefore we are limited to the number of the branches
+ * to FD_SETSIZE, which is currently 1024 - plenty for most people
+ */
+int unionfs_ioctl_queryfile(struct file *file, unsigned int cmd,
+ unsigned long arg)
+{
+ int err = 0;
+ fd_set branchlist;
+
+ int bstart = 0, bend = 0, bindex = 0;
+ struct dentry *dentry, *hidden_dentry;
+
+ dentry = file->f_dentry;
+ lock_dentry(dentry);
+ if ((err = unionfs_partial_lookup(dentry)))
+ goto out;
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+
+ FD_ZERO(&branchlist);
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+ if (hidden_dentry->d_inode)
+ FD_SET(bindex, &branchlist);
+ }
+
+ err = copy_to_user((void __user *)arg, &branchlist, sizeof(fd_set));
+ if (err)
+ err = -EFAULT;
+
+out:
+ unlock_dentry(dentry);
+ return err < 0 ? err : bend;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
Module init & cleanup code, as well as interposition functions.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/main.c | 687 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 687 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/main.c b/fs/unionfs/main.c
new file mode 100644
index 0000000..9cab716
--- /dev/null
+++ b/fs/unionfs/main.c
@@ -0,0 +1,687 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+#include <linux/module.h>
+#include <linux/moduleparam.h>
+
+/* sb we pass is unionfs's super_block */
+int unionfs_interpose(struct dentry *dentry, struct super_block *sb, int flag)
+{
+ struct inode *hidden_inode;
+ struct dentry *hidden_dentry;
+ int err = 0;
+ struct inode *inode;
+ int is_negative_dentry = 1;
+ int bindex, bstart, bend;
+
+ verify_locked(dentry);
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+
+ /* Make sure that we didn't get a negative dentry. */
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ if (unionfs_lower_dentry_idx(dentry, bindex) &&
+ unionfs_lower_dentry_idx(dentry, bindex)->d_inode) {
+ is_negative_dentry = 0;
+ break;
+ }
+ }
+ BUG_ON(is_negative_dentry);
+
+ /* We allocate our new inode below, by calling iget.
+ * iget will call our read_inode which will initialize some
+ * of the new inode's fields
+ */
+
+ /* On revalidate we've already got our own inode and just need
+ * to fix it up.
+ */
+ if (flag == INTERPOSE_REVAL) {
+ inode = dentry->d_inode;
+ UNIONFS_I(inode)->bstart = -1;
+ UNIONFS_I(inode)->bend = -1;
+ atomic_set(&UNIONFS_I(inode)->generation,
+ atomic_read(&UNIONFS_SB(sb)->generation));
+
+ UNIONFS_I(inode)->lower_inodes =
+ kcalloc(sbmax(sb), sizeof(struct inode *), GFP_KERNEL);
+ if (!UNIONFS_I(inode)->lower_inodes) {
+ err = -ENOMEM;
+ goto out;
+ }
+ mutex_lock(&inode->i_mutex);
+ } else {
+ ino_t ino;
+ /* get unique inode number for unionfs */
+ ino = iunique(sb, UNIONFS_ROOT_INO);
+
+ inode = iget(sb, ino);
+ if (!inode) {
+ err = -EACCES; /* should be impossible??? */
+ goto out;
+ }
+
+ mutex_lock(&inode->i_mutex);
+ if (atomic_read(&inode->i_count) > 1)
+ goto skip;
+ }
+
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry) {
+ unionfs_set_lower_inode_idx(inode, bindex, NULL);
+ continue;
+ }
+
+ /* Initialize the hidden inode to the new hidden inode. */
+ if (!hidden_dentry->d_inode)
+ continue;
+
+ unionfs_set_lower_inode_idx(inode, bindex,
+ igrab(hidden_dentry->d_inode));
+ }
+
+ ibstart(inode) = dbstart(dentry);
+ ibend(inode) = dbend(dentry);
+
+ /* Use attributes from the first branch. */
+ hidden_inode = unionfs_lower_inode(inode);
+
+ /* Use different set of inode ops for symlinks & directories */
+ if (S_ISLNK(hidden_inode->i_mode))
+ inode->i_op = &unionfs_symlink_iops;
+ else if (S_ISDIR(hidden_inode->i_mode))
+ inode->i_op = &unionfs_dir_iops;
+
+ /* Use different set of file ops for directories */
+ if (S_ISDIR(hidden_inode->i_mode))
+ inode->i_fop = &unionfs_dir_fops;
+
+ /* properly initialize special inodes */
+ if (S_ISBLK(hidden_inode->i_mode) || S_ISCHR(hidden_inode->i_mode) ||
+ S_ISFIFO(hidden_inode->i_mode) || S_ISSOCK(hidden_inode->i_mode))
+ init_special_inode(inode, hidden_inode->i_mode,
+ hidden_inode->i_rdev);
+ /* Fix our inode's address operations to that of the lower inode
+ * (Unionfs is FiST-Lite)
+ */
+ if (inode->i_mapping->a_ops != hidden_inode->i_mapping->a_ops)
+ inode->i_mapping->a_ops = hidden_inode->i_mapping->a_ops;
+
+ /* all well, copy inode attributes */
+ fsstack_copy_attr_all(inode, hidden_inode, unionfs_get_nlinks);
+ fsstack_copy_inode_size(inode, hidden_inode);
+
+skip:
+ /* only (our) lookup wants to do a d_add */
+ switch (flag) {
+ case INTERPOSE_DEFAULT:
+ case INTERPOSE_REVAL_NEG:
+ d_instantiate(dentry, inode);
+ break;
+ case INTERPOSE_LOOKUP:
+ err = PTR_ERR(d_splice_alias(inode, dentry));
+ break;
+ case INTERPOSE_REVAL:
+ /* Do nothing. */
+ break;
+ default:
+ printk(KERN_ERR "Invalid interpose flag passed!");
+ BUG();
+ }
+
+ mutex_unlock(&inode->i_mutex);
+
+out:
+ return err;
+}
+
+void unionfs_reinterpose(struct dentry *dentry)
+{
+ struct dentry *hidden_dentry;
+ struct inode *inode;
+ int bindex, bstart, bend;
+
+ verify_locked(dentry);
+
+ /* This is pre-allocated inode */
+ inode = dentry->d_inode;
+
+ bstart = dbstart(dentry);
+ bend = dbend(dentry);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_dentry = unionfs_lower_dentry_idx(dentry, bindex);
+ if (!hidden_dentry)
+ continue;
+
+ if (!hidden_dentry->d_inode)
+ continue;
+ if (unionfs_lower_inode_idx(inode, bindex))
+ continue;
+ unionfs_set_lower_inode_idx(inode, bindex,
+ igrab(hidden_dentry->d_inode));
+ }
+ ibstart(inode) = dbstart(dentry);
+ ibend(inode) = dbend(dentry);
+}
+
+/* make sure the branch we just looked up (nd) makes sense:
+ *
+ * 1) we're not trying to stack unionfs on top of unionfs
+ * 2) it exists
+ * 3) is a directory
+ */
+int check_branch(struct nameidata *nd)
+{
+ if (!strcmp(nd->dentry->d_sb->s_type->name, "unionfs"))
+ return -EINVAL;
+ if (!nd->dentry->d_inode)
+ return -ENOENT;
+ if (!S_ISDIR(nd->dentry->d_inode->i_mode))
+ return -ENOTDIR;
+ return 0;
+}
+
+/* checks if two hidden_dentries have overlapping branches */
+int is_branch_overlap(struct dentry *dent1, struct dentry *dent2)
+{
+ struct dentry *dent = NULL;
+
+ dent = dent1;
+ while ((dent != dent2) && (dent->d_parent != dent))
+ dent = dent->d_parent;
+
+ if (dent == dent2)
+ return 1;
+
+ dent = dent2;
+ while ((dent != dent1) && (dent->d_parent != dent))
+ dent = dent->d_parent;
+
+ return (dent == dent1);
+}
+
+/* parse branch mode */
+static int parse_branch_mode(char *name)
+{
+ int perms;
+ int l = strlen(name);
+ if (!strcmp(name + l - 3, "=ro")) {
+ perms = MAY_READ;
+ name[l - 3] = '\0';
+ } else if (!strcmp(name + l - 3, "=rw")) {
+ perms = MAY_READ | MAY_WRITE;
+ name[l - 3] = '\0';
+ } else
+ perms = MAY_READ | MAY_WRITE;
+
+ return perms;
+}
+
+/* parse the dirs= mount argument */
+static int parse_dirs_option(struct super_block *sb, struct unionfs_dentry_info
+ *hidden_root_info, char *options)
+{
+ struct nameidata nd;
+ char *name;
+ int err = 0;
+ int branches = 1;
+ int bindex = 0;
+ int i = 0;
+ int j = 0;
+
+ struct dentry *dent1;
+ struct dentry *dent2;
+
+ if (options[0] == '\0') {
+ printk(KERN_WARNING "unionfs: no branches specified\n");
+ err = -EINVAL;
+ goto out;
+ }
+
+ /* Each colon means we have a separator, this is really just a rough
+ * guess, since strsep will handle empty fields for us.
+ */
+ for (i = 0; options[i]; i++)
+ if (options[i] == ':')
+ branches++;
+
+ /* allocate space for underlying pointers to hidden dentry */
+ UNIONFS_SB(sb)->data = kcalloc(branches,
+ sizeof(struct unionfs_data), GFP_KERNEL);
+ if (!UNIONFS_SB(sb)->data) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ hidden_root_info->lower_paths = kcalloc(branches,
+ sizeof(struct path), GFP_KERNEL);
+ if (!hidden_root_info->lower_paths) {
+ err = -ENOMEM;
+ goto out;
+ }
+
+ /* now parsing the string b1:b2=rw:b3=ro:b4 */
+ branches = 0;
+ while ((name = strsep(&options, ":")) != NULL) {
+ int perms;
+
+ if (!*name)
+ continue;
+
+ branches++;
+
+ /* strip off =rw or =ro if it is specified. */
+ perms = parse_branch_mode(name);
+ if (!bindex && !(perms & MAY_WRITE)) {
+ err = -EINVAL;
+ goto out;
+ }
+
+ err = path_lookup(name, LOOKUP_FOLLOW, &nd);
+ if (err) {
+ printk(KERN_WARNING "unionfs: error accessing "
+ "hidden directory '%s' (error %d)\n", name, err);
+ goto out;
+ }
+
+ if ((err = check_branch(&nd))) {
+ printk(KERN_WARNING "unionfs: hidden directory "
+ "'%s' is not a valid branch\n", name);
+ path_release(&nd);
+ goto out;
+ }
+
+ hidden_root_info->lower_paths[bindex].dentry = nd.dentry;
+ hidden_root_info->lower_paths[bindex].mnt = nd.mnt;
+
+ set_branchperms(sb, bindex, perms);
+ set_branch_count(sb, bindex, 0);
+
+ if (hidden_root_info->bstart < 0)
+ hidden_root_info->bstart = bindex;
+ hidden_root_info->bend = bindex;
+ bindex++;
+ }
+
+ if (branches == 0) {
+ printk(KERN_WARNING "unionfs: no branches specified\n");
+ err = -EINVAL;
+ goto out;
+ }
+
+ BUG_ON(branches != (hidden_root_info->bend + 1));
+
+ /* ensure that no overlaps exist in the branches */
+ for (i = 0; i < branches; i++) {
+ for (j = i + 1; j < branches; j++) {
+ dent1 = hidden_root_info->lower_paths[i].dentry;
+ dent2 = hidden_root_info->lower_paths[j].dentry;
+
+ if (is_branch_overlap(dent1, dent2)) {
+ printk(KERN_WARNING "unionfs: branches %d and "
+ "%d overlap\n", i, j);
+ err = -EINVAL;
+ goto out;
+ }
+ }
+ }
+
+out:
+ if (err) {
+ for (i = 0; i < branches; i++)
+ if (hidden_root_info->lower_paths[i].dentry) {
+ dput(hidden_root_info->lower_paths[i].dentry);
+ mntput(hidden_root_info->lower_paths[i].mnt);
+ }
+
+ kfree(hidden_root_info->lower_paths);
+ kfree(UNIONFS_SB(sb)->data);
+
+ /* MUST clear the pointers to prevent potential double free if
+ * the caller dies later on
+ */
+ hidden_root_info->lower_paths = NULL;
+ UNIONFS_SB(sb)->data = NULL;
+ }
+ return err;
+}
+
+/*
+ * Parse mount options. See the manual page for usage instructions.
+ *
+ * Returns the dentry object of the lower-level (hidden) directory;
+ * We want to mount our stackable file system on top of that hidden directory.
+ */
+static struct unionfs_dentry_info *unionfs_parse_options(struct super_block *sb,
+ char *options)
+{
+ struct unionfs_dentry_info *hidden_root_info;
+ char *optname;
+ int err = 0;
+ int bindex;
+ int dirsfound = 0;
+
+ /* allocate private data area */
+ err = -ENOMEM;
+ hidden_root_info =
+ kzalloc(sizeof(struct unionfs_dentry_info), GFP_KERNEL);
+ if (!hidden_root_info)
+ goto out_error;
+ hidden_root_info->bstart = -1;
+ hidden_root_info->bend = -1;
+ hidden_root_info->bopaque = -1;
+
+ while ((optname = strsep(&options, ",")) != NULL) {
+ char *optarg;
+ char *endptr;
+ int intval;
+
+ if (!*optname)
+ continue;
+
+ optarg = strchr(optname, '=');
+ if (optarg)
+ *optarg++ = '\0';
+
+ /* All of our options take an argument now. Insert ones that
+ * don't, above this check.
+ */
+ if (!optarg) {
+ printk("unionfs: %s requires an argument.\n", optname);
+ err = -EINVAL;
+ goto out_error;
+ }
+
+ if (!strcmp("dirs", optname)) {
+ if (++dirsfound > 1) {
+ printk(KERN_WARNING
+ "unionfs: multiple dirs specified\n");
+ err = -EINVAL;
+ goto out_error;
+ }
+ err = parse_dirs_option(sb, hidden_root_info, optarg);
+ if (err)
+ goto out_error;
+ continue;
+ }
+
+ /* All of these options require an integer argument. */
+ intval = simple_strtoul(optarg, &endptr, 0);
+ if (*endptr) {
+ printk(KERN_WARNING
+ "unionfs: invalid %s option '%s'\n",
+ optname, optarg);
+ err = -EINVAL;
+ goto out_error;
+ }
+
+ err = -EINVAL;
+ printk(KERN_WARNING
+ "unionfs: unrecognized option '%s'\n", optname);
+ goto out_error;
+ }
+ if (dirsfound != 1) {
+ printk(KERN_WARNING "unionfs: dirs option required\n");
+ err = -EINVAL;
+ goto out_error;
+ }
+ goto out;
+
+out_error:
+ if (hidden_root_info && hidden_root_info->lower_paths) {
+ for (bindex = hidden_root_info->bstart;
+ bindex >= 0 && bindex <= hidden_root_info->bend;
+ bindex++) {
+ struct dentry *d;
+ struct vfsmount *m;
+
+ d = hidden_root_info->lower_paths[bindex].dentry;
+ m = hidden_root_info->lower_paths[bindex].mnt;
+
+ dput(d);
+
+ if (m)
+ mntput(m);
+ }
+ }
+
+ kfree(hidden_root_info->lower_paths);
+ kfree(hidden_root_info);
+
+ kfree(UNIONFS_SB(sb)->data);
+ UNIONFS_SB(sb)->data = NULL;
+
+ hidden_root_info = ERR_PTR(err);
+out:
+ return hidden_root_info;
+}
+
+/* our custom d_alloc_root workalike
+ *
+ * we can't use d_alloc_root if we want to use our own interpose function
+ * unchanged, so we simply call our own "fake" d_alloc_root
+ */
+static struct dentry *unionfs_d_alloc_root(struct super_block *sb)
+{
+ struct dentry *ret = NULL;
+
+ if (sb) {
+ static const struct qstr name = {.name = "/",.len = 1 };
+
+ ret = d_alloc(NULL, &name);
+ if (ret) {
+ ret->d_op = &unionfs_dops;
+ ret->d_sb = sb;
+ ret->d_parent = ret;
+ }
+ }
+ return ret;
+}
+
+static int unionfs_read_super(struct super_block *sb, void *raw_data,
+ int silent)
+{
+ int err = 0;
+
+ struct unionfs_dentry_info *hidden_root_info = NULL;
+ int bindex, bstart, bend;
+
+ if (!raw_data) {
+ printk(KERN_WARNING
+ "unionfs_read_super: missing data argument\n");
+ err = -EINVAL;
+ goto out;
+ }
+
+ /* Allocate superblock private data */
+ sb->s_fs_info = kzalloc(sizeof(struct unionfs_sb_info), GFP_KERNEL);
+ if (!UNIONFS_SB(sb)) {
+ printk(KERN_WARNING "%s: out of memory\n", __FUNCTION__);
+ err = -ENOMEM;
+ goto out;
+ }
+
+ UNIONFS_SB(sb)->bend = -1;
+ atomic_set(&UNIONFS_SB(sb)->generation, 1);
+ init_rwsem(&UNIONFS_SB(sb)->rwsem);
+
+ hidden_root_info = unionfs_parse_options(sb, raw_data);
+ if (IS_ERR(hidden_root_info)) {
+ printk(KERN_WARNING
+ "unionfs_read_super: error while parsing options "
+ "(err = %ld)\n", PTR_ERR(hidden_root_info));
+ err = PTR_ERR(hidden_root_info);
+ hidden_root_info = NULL;
+ goto out_free;
+ }
+ if (hidden_root_info->bstart == -1) {
+ err = -ENOENT;
+ goto out_free;
+ }
+
+ /* set the hidden superblock field of upper superblock */
+ bstart = hidden_root_info->bstart;
+ BUG_ON(bstart != 0);
+ sbend(sb) = bend = hidden_root_info->bend;
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ struct dentry *d;
+
+ d = hidden_root_info->lower_paths[bindex].dentry;
+
+ unionfs_set_lower_super_idx(sb, bindex, d->d_sb);
+ }
+
+ /* Unionfs: Max Bytes is the maximum bytes from highest priority branch */
+ sb->s_maxbytes = unionfs_lower_super_idx(sb, 0)->s_maxbytes;
+
+ sb->s_op = &unionfs_sops;
+
+ /* See comment next to the definition of unionfs_d_alloc_root */
+ sb->s_root = unionfs_d_alloc_root(sb);
+ if (!sb->s_root) {
+ err = -ENOMEM;
+ goto out_dput;
+ }
+
+ /* link the upper and lower dentries */
+ sb->s_root->d_fsdata = NULL;
+ if ((err = new_dentry_private_data(sb->s_root)))
+ goto out_freedpd;
+
+ /* Set the hidden dentries for s_root */
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ struct dentry *d;
+ struct vfsmount *m;
+
+ d = hidden_root_info->lower_paths[bindex].dentry;
+ m = hidden_root_info->lower_paths[bindex].mnt;
+
+ unionfs_set_lower_dentry_idx(sb->s_root, bindex, d);
+ unionfs_set_lower_mnt_idx(sb->s_root, bindex, m);
+ }
+ set_dbstart(sb->s_root, bstart);
+ set_dbend(sb->s_root, bend);
+
+ /* Set the generation number to one, since this is for the mount. */
+ atomic_set(&UNIONFS_D(sb->s_root)->generation, 1);
+
+ /* call interpose to create the upper level inode */
+ if ((err = unionfs_interpose(sb->s_root, sb, 0)))
+ goto out_freedpd;
+ unlock_dentry(sb->s_root);
+ goto out;
+
+out_freedpd:
+ if (UNIONFS_D(sb->s_root)) {
+ kfree(UNIONFS_D(sb->s_root)->lower_paths);
+ free_dentry_private_data(UNIONFS_D(sb->s_root));
+ }
+ dput(sb->s_root);
+
+out_dput:
+ if (hidden_root_info && !IS_ERR(hidden_root_info)) {
+ for (bindex = hidden_root_info->bstart;
+ bindex <= hidden_root_info->bend; bindex++) {
+ struct dentry *d;
+ struct vfsmount *m;
+
+ d = hidden_root_info->lower_paths[bindex].dentry;
+ m = hidden_root_info->lower_paths[bindex].mnt;
+
+ dput(d);
+ mntput(m);
+ }
+ kfree(hidden_root_info->lower_paths);
+ kfree(hidden_root_info);
+ hidden_root_info = NULL;
+ }
+
+out_free:
+ kfree(UNIONFS_SB(sb)->data);
+ kfree(UNIONFS_SB(sb));
+ sb->s_fs_info = NULL;
+
+out:
+ if (hidden_root_info && !IS_ERR(hidden_root_info)) {
+ kfree(hidden_root_info->lower_paths);
+ kfree(hidden_root_info);
+ }
+ return err;
+}
+
+static int unionfs_get_sb(struct file_system_type *fs_type,
+ int flags, const char *dev_name,
+ void *raw_data, struct vfsmount *mnt)
+{
+ return get_sb_nodev(fs_type, flags, raw_data, unionfs_read_super, mnt);
+}
+
+static struct file_system_type unionfs_fs_type = {
+ .owner = THIS_MODULE,
+ .name = "unionfs",
+ .get_sb = unionfs_get_sb,
+ .kill_sb = generic_shutdown_super,
+ .fs_flags = FS_REVAL_DOT,
+};
+
+static int __init init_unionfs_fs(void)
+{
+ int err;
+ printk("Registering unionfs " UNIONFS_VERSION "\n");
+
+ if ((err = unionfs_init_filldir_cache()))
+ goto out;
+ if ((err = unionfs_init_inode_cache()))
+ goto out;
+ if ((err = unionfs_init_dentry_cache()))
+ goto out;
+ if ((err = init_sioq()))
+ goto out;
+ err = register_filesystem(&unionfs_fs_type);
+out:
+ if (err) {
+ stop_sioq();
+ unionfs_destroy_filldir_cache();
+ unionfs_destroy_inode_cache();
+ unionfs_destroy_dentry_cache();
+ }
+ return err;
+}
+
+static void __exit exit_unionfs_fs(void)
+{
+ stop_sioq();
+ unionfs_destroy_filldir_cache();
+ unionfs_destroy_inode_cache();
+ unionfs_destroy_dentry_cache();
+ unregister_filesystem(&unionfs_fs_type);
+ printk("Completed unionfs module unload.\n");
+}
+
+MODULE_AUTHOR("Erez Zadok, Filesystems and Storage Lab, Stony Brook University"
+ " (http://www.fsl.cs.sunysb.edu)");
+MODULE_DESCRIPTION("Unionfs " UNIONFS_VERSION
+ " (http://www.unionfs.org)");
+MODULE_LICENSE("GPL");
+
+module_init(init_unionfs_fs);
+module_exit(exit_unionfs_fs);
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch provides the file operations for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/file.c | 257 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 257 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/file.c b/fs/unionfs/file.c
new file mode 100644
index 0000000..9d05806
--- /dev/null
+++ b/fs/unionfs/file.c
@@ -0,0 +1,257 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* declarations for sparse */
+extern ssize_t unionfs_read(struct file *, char __user *, size_t, loff_t *);
+extern ssize_t unionfs_write(struct file *, const char __user *, size_t,
+ loff_t *);
+
+/*******************
+ * File Operations *
+ *******************/
+
+static loff_t unionfs_llseek(struct file *file, loff_t offset, int origin)
+{
+ loff_t err;
+ struct file *hidden_file = NULL;
+
+ if ((err = unionfs_file_revalidate(file, 0)))
+ goto out;
+
+ hidden_file = unionfs_lower_file(file);
+ /* always set hidden position to this one */
+ hidden_file->f_pos = file->f_pos;
+
+ memcpy(&hidden_file->f_ra, &file->f_ra, sizeof(struct file_ra_state));
+
+ if (hidden_file->f_op && hidden_file->f_op->llseek)
+ err = hidden_file->f_op->llseek(hidden_file, offset, origin);
+ else
+ err = generic_file_llseek(hidden_file, offset, origin);
+
+ if (err < 0)
+ goto out;
+ if (err != file->f_pos) {
+ file->f_pos = err;
+ file->f_version++;
+ }
+out:
+ return err;
+}
+
+ssize_t unionfs_read(struct file * file, char __user * buf, size_t count,
+ loff_t * ppos)
+{
+ struct file *hidden_file;
+ loff_t pos = *ppos;
+ int err;
+
+ if ((err = unionfs_file_revalidate(file, 0)))
+ goto out;
+
+ err = -EINVAL;
+ hidden_file = unionfs_lower_file(file);
+ if (!hidden_file->f_op || !hidden_file->f_op->read)
+ goto out;
+
+ err = hidden_file->f_op->read(hidden_file, buf, count, &pos);
+ *ppos = pos;
+
+out:
+ return err;
+}
+
+ssize_t __unionfs_write(struct file * file, const char __user * buf,
+ size_t count, loff_t * ppos)
+{
+ int err = -EINVAL;
+ struct file *hidden_file = NULL;
+ struct inode *inode;
+ struct inode *hidden_inode;
+ loff_t pos = *ppos;
+ int bstart, bend;
+
+ inode = file->f_dentry->d_inode;
+
+ bstart = fbstart(file);
+ bend = fbend(file);
+
+ BUG_ON(bstart == -1);
+
+ hidden_file = unionfs_lower_file(file);
+ hidden_inode = hidden_file->f_dentry->d_inode;
+
+ if (!hidden_file->f_op || !hidden_file->f_op->write)
+ goto out;
+
+ /* adjust for append -- seek to the end of the file */
+ if (file->f_flags & O_APPEND)
+ pos = inode->i_size;
+
+ err = hidden_file->f_op->write(hidden_file, buf, count, &pos);
+
+ /*
+ * copy ctime and mtime from lower layer attributes
+ * atime is unchanged for both layers
+ */
+ if (err >= 0)
+ fsstack_copy_attr_times(inode, hidden_inode);
+
+ *ppos = pos;
+
+ /* update this inode's size */
+ if (pos > inode->i_size)
+ inode->i_size = pos;
+out:
+ return err;
+}
+
+ssize_t unionfs_write(struct file * file, const char __user * buf, size_t count,
+ loff_t * ppos)
+{
+ int err = 0;
+
+ if ((err = unionfs_file_revalidate(file, 1)))
+ goto out;
+
+ err = __unionfs_write(file, buf, count, ppos);
+
+out:
+ return err;
+}
+
+static int unionfs_file_readdir(struct file *file, void *dirent,
+ filldir_t filldir)
+{
+ return -ENOTDIR;
+}
+
+static unsigned int unionfs_poll(struct file *file, poll_table * wait)
+{
+ unsigned int mask = DEFAULT_POLLMASK;
+ struct file *hidden_file = NULL;
+
+ if (unionfs_file_revalidate(file, 0)) {
+ /* We should pretend an error happend. */
+ mask = POLLERR | POLLIN | POLLOUT;
+ goto out;
+ }
+
+ hidden_file = unionfs_lower_file(file);
+
+ if (!hidden_file->f_op || !hidden_file->f_op->poll)
+ goto out;
+
+ mask = hidden_file->f_op->poll(hidden_file, wait);
+
+out:
+ return mask;
+}
+
+static int __do_mmap(struct file *file, struct vm_area_struct *vma)
+{
+ int err;
+ struct file *hidden_file;
+
+ hidden_file = unionfs_lower_file(file);
+
+ err = -ENODEV;
+ if (!hidden_file->f_op || !hidden_file->f_op->mmap)
+ goto out;
+
+ vma->vm_file = hidden_file;
+ err = hidden_file->f_op->mmap(hidden_file, vma);
+ get_file(hidden_file); /* make sure it doesn't get freed on us */
+ fput(file); /* no need to keep extra ref on ours */
+out:
+ return err;
+}
+
+static int unionfs_mmap(struct file *file, struct vm_area_struct *vma)
+{
+ int err = 0;
+ int willwrite;
+
+ /* This might could be deferred to mmap's writepage. */
+ willwrite = ((vma->vm_flags | VM_SHARED | VM_WRITE) == vma->vm_flags);
+ if ((err = unionfs_file_revalidate(file, willwrite)))
+ goto out;
+
+ err = __do_mmap(file, vma);
+
+out:
+ return err;
+}
+
+static int unionfs_fsync(struct file *file, struct dentry *dentry, int datasync)
+{
+ int err;
+ struct file *hidden_file = NULL;
+
+ if ((err = unionfs_file_revalidate(file, 1)))
+ goto out;
+
+ hidden_file = unionfs_lower_file(file);
+
+ err = -EINVAL;
+ if (!hidden_file->f_op || !hidden_file->f_op->fsync)
+ goto out;
+
+ mutex_lock(&hidden_file->f_dentry->d_inode->i_mutex);
+ err = hidden_file->f_op->fsync(hidden_file, hidden_file->f_dentry,
+ datasync);
+ mutex_unlock(&hidden_file->f_dentry->d_inode->i_mutex);
+
+out:
+ return err;
+}
+
+static int unionfs_fasync(int fd, struct file *file, int flag)
+{
+ int err = 0;
+ struct file *hidden_file = NULL;
+
+ if ((err = unionfs_file_revalidate(file, 1)))
+ goto out;
+
+ hidden_file = unionfs_lower_file(file);
+
+ if (hidden_file->f_op && hidden_file->f_op->fasync)
+ err = hidden_file->f_op->fasync(fd, hidden_file, flag);
+
+out:
+ return err;
+}
+
+struct file_operations unionfs_main_fops = {
+ .llseek = unionfs_llseek,
+ .read = unionfs_read,
+ .write = unionfs_write,
+ .readdir = unionfs_file_readdir,
+ .poll = unionfs_poll,
+ .unlocked_ioctl = unionfs_ioctl,
+ .mmap = unionfs_mmap,
+ .open = unionfs_open,
+ .flush = unionfs_flush,
+ .release = unionfs_file_release,
+ .fsync = unionfs_fsync,
+ .fasync = unionfs_fasync,
+};
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains the superblock operations for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/unionfs/super.c | 346 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 346 insertions(+), 0 deletions(-)
diff --git a/fs/unionfs/super.c b/fs/unionfs/super.c
new file mode 100644
index 0000000..25085bf
--- /dev/null
+++ b/fs/unionfs/super.c
@@ -0,0 +1,346 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* The inode cache is used with alloc_inode for both our inode info and the
+ * vfs inode.
+ */
+static struct kmem_cache *unionfs_inode_cachep;
+
+static void unionfs_read_inode(struct inode *inode)
+{
+ static struct address_space_operations unionfs_empty_aops;
+ int size;
+ struct unionfs_inode_info *info = UNIONFS_I(inode);
+
+ if (!info) {
+ printk(KERN_ERR "No kernel memory when allocating inode "
+ "private data!\n");
+ BUG();
+ }
+
+ memset(info, 0, offsetof(struct unionfs_inode_info, vfs_inode));
+ info->bstart = -1;
+ info->bend = -1;
+ atomic_set(&info->generation,
+ atomic_read(&UNIONFS_SB(inode->i_sb)->generation));
+ spin_lock_init(&info->rdlock);
+ info->rdcount = 1;
+ info->hashsize = -1;
+ INIT_LIST_HEAD(&info->readdircache);
+
+ size = sbmax(inode->i_sb) * sizeof(struct inode *);
+ info->lower_inodes = kzalloc(size, GFP_KERNEL);
+ if (!info->lower_inodes) {
+ printk(KERN_ERR "No kernel memory when allocating lower-"
+ "pointer array!\n");
+ BUG();
+ }
+
+ inode->i_version++;
+ inode->i_op = &unionfs_main_iops;
+ inode->i_fop = &unionfs_main_fops;
+
+ /* I don't think ->a_ops is ever allowed to be NULL */
+ inode->i_mapping->a_ops = &unionfs_empty_aops;
+}
+
+static void unionfs_put_inode(struct inode *inode)
+{
+ /*
+ * This is really funky stuff:
+ * Basically, if i_count == 1, iput will then decrement it and this
+ * inode will be destroyed. It is currently holding a reference to the
+ * hidden inode. Therefore, it needs to release that reference by
+ * calling iput on the hidden inode. iput() _will_ do it for us (by
+ * calling our clear_inode), but _only_ if i_nlink == 0. The problem
+ * is, NFS keeps i_nlink == 1 for silly_rename'd files. So we must for
+ * our i_nlink to 0 here to trick iput() into calling our clear_inode.
+ */
+
+ if (atomic_read(&inode->i_count) == 1)
+ inode->i_nlink = 0;
+}
+
+/*
+ * we now define delete_inode, because there are two VFS paths that may
+ * destroy an inode: one of them calls clear inode before doing everything
+ * else that's needed, and the other is fine. This way we truncate the inode
+ * size (and its pages) and then clear our own inode, which will do an iput
+ * on our and the lower inode.
+ */
+static void unionfs_delete_inode(struct inode *inode)
+{
+ inode->i_size = 0; /* every f/s seems to do that */
+
+ clear_inode(inode);
+}
+
+/* final actions when unmounting a file system */
+static void unionfs_put_super(struct super_block *sb)
+{
+ int bindex, bstart, bend;
+ struct unionfs_sb_info *spd;
+
+ spd = UNIONFS_SB(sb);
+ if (!spd)
+ return;
+
+ bstart = sbstart(sb);
+ bend = sbend(sb);
+
+ /* Make sure we have no leaks of branchget/branchput. */
+ for (bindex = bstart; bindex <= bend; bindex++)
+ BUG_ON(branch_count(sb, bindex) != 0);
+
+ kfree(spd->data);
+ kfree(spd);
+ sb->s_fs_info = NULL;
+}
+
+/* Since people use this to answer the "How big of a file can I write?"
+ * question, we report the size of the highest priority branch as the size of
+ * the union.
+ */
+static int unionfs_statfs(struct dentry *dentry, struct kstatfs *buf)
+{
+ int err = 0;
+ struct super_block *sb, *hidden_sb;
+
+ sb = dentry->d_sb;
+
+ hidden_sb = unionfs_lower_super_idx(sb, sbstart(sb));
+ err = vfs_statfs(hidden_sb->s_root, buf);
+
+ buf->f_type = UNIONFS_SUPER_MAGIC;
+ buf->f_namelen -= UNIONFS_WHLEN;
+
+ memset(&buf->f_fsid, 0, sizeof(__kernel_fsid_t));
+ memset(&buf->f_spare, 0, sizeof(buf->f_spare));
+
+ return err;
+}
+
+/* We don't support a standard text remount. Eventually it would be nice to
+ * support a full-on remount, so that you can have all of the directories
+ * change at once, but that would require some pretty complicated matching
+ * code.
+ */
+static int unionfs_remount_fs(struct super_block *sb, int *flags, char *data)
+{
+ return -ENOSYS;
+}
+
+/*
+ * Called by iput() when the inode reference count reached zero
+ * and the inode is not hashed anywhere. Used to clear anything
+ * that needs to be, before the inode is completely destroyed and put
+ * on the inode free list.
+ */
+static void unionfs_clear_inode(struct inode *inode)
+{
+ int bindex, bstart, bend;
+ struct inode *hidden_inode;
+ struct list_head *pos, *n;
+ struct unionfs_dir_state *rdstate;
+
+ list_for_each_safe(pos, n, &UNIONFS_I(inode)->readdircache) {
+ rdstate = list_entry(pos, struct unionfs_dir_state, cache);
+ list_del(&rdstate->cache);
+ free_rdstate(rdstate);
+ }
+
+ /* Decrement a reference to a hidden_inode, which was incremented
+ * by our read_inode when it was created initially.
+ */
+ bstart = ibstart(inode);
+ bend = ibend(inode);
+ if (bstart >= 0) {
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_inode = unionfs_lower_inode_idx(inode, bindex);
+ if (!hidden_inode)
+ continue;
+ iput(hidden_inode);
+ }
+ }
+
+ kfree(UNIONFS_I(inode)->lower_inodes);
+ UNIONFS_I(inode)->lower_inodes = NULL;
+}
+
+static struct inode *unionfs_alloc_inode(struct super_block *sb)
+{
+ struct unionfs_inode_info *i;
+
+ i = kmem_cache_alloc(unionfs_inode_cachep, GFP_KERNEL);
+ if (!i)
+ return NULL;
+
+ /* memset everything up to the inode to 0 */
+ memset(i, 0, offsetof(struct unionfs_inode_info, vfs_inode));
+
+ i->vfs_inode.i_version = 1;
+ return &i->vfs_inode;
+}
+
+static void unionfs_destroy_inode(struct inode *inode)
+{
+ kmem_cache_free(unionfs_inode_cachep, UNIONFS_I(inode));
+}
+
+/* unionfs inode cache constructor */
+static void init_once(void *v, struct kmem_cache * cachep, unsigned long flags)
+{
+ struct unionfs_inode_info *i = v;
+
+ if ((flags & (SLAB_CTOR_VERIFY | SLAB_CTOR_CONSTRUCTOR)) ==
+ SLAB_CTOR_CONSTRUCTOR)
+ inode_init_once(&i->vfs_inode);
+}
+
+int unionfs_init_inode_cache(void)
+{
+ int err = 0;
+
+ unionfs_inode_cachep =
+ kmem_cache_create("unionfs_inode_cache",
+ sizeof(struct unionfs_inode_info), 0,
+ SLAB_RECLAIM_ACCOUNT, init_once, NULL);
+ if (!unionfs_inode_cachep)
+ err = -ENOMEM;
+ return err;
+}
+
+void unionfs_destroy_inode_cache(void)
+{
+ if (unionfs_inode_cachep)
+ kmem_cache_destroy(unionfs_inode_cachep);
+}
+
+/* Called when we have a dirty inode, right here we only throw out
+ * parts of our readdir list that are too old.
+ */
+static int unionfs_write_inode(struct inode *inode, int sync)
+{
+ struct list_head *pos, *n;
+ struct unionfs_dir_state *rdstate;
+
+ spin_lock(&UNIONFS_I(inode)->rdlock);
+ list_for_each_safe(pos, n, &UNIONFS_I(inode)->readdircache) {
+ rdstate = list_entry(pos, struct unionfs_dir_state, cache);
+ /* We keep this list in LRU order. */
+ if ((rdstate->access + RDCACHE_JIFFIES) > jiffies)
+ break;
+ UNIONFS_I(inode)->rdcount--;
+ list_del(&rdstate->cache);
+ free_rdstate(rdstate);
+ }
+ spin_unlock(&UNIONFS_I(inode)->rdlock);
+
+ return 0;
+}
+
+/*
+ * Used only in nfs, to kill any pending RPC tasks, so that subsequent
+ * code can actually succeed and won't leave tasks that need handling.
+ */
+static void unionfs_umount_begin(struct vfsmount *mnt, int flags)
+{
+ struct super_block *sb, *hidden_sb;
+ struct vfsmount *hidden_mnt;
+ int bindex, bstart, bend;
+
+ if (!(flags & MNT_FORCE))
+ /* we are not being MNT_FORCEd, therefore we should emulate
+ * old behaviour
+ */
+ return;
+
+ sb = mnt->mnt_sb;
+
+ bstart = sbstart(sb);
+ bend = sbend(sb);
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ hidden_mnt = unionfs_lower_mnt_idx(sb->s_root, bindex);
+ hidden_sb = unionfs_lower_super_idx(sb, bindex);
+
+ if (hidden_mnt && hidden_sb && hidden_sb->s_op &&
+ hidden_sb->s_op->umount_begin)
+ hidden_sb->s_op->umount_begin(hidden_mnt, flags);
+ }
+}
+
+static int unionfs_show_options(struct seq_file *m, struct vfsmount *mnt)
+{
+ struct super_block *sb = mnt->mnt_sb;
+ int ret = 0;
+ char *tmp_page;
+ char *path;
+ int bindex, bstart, bend;
+ int perms;
+
+ lock_dentry(sb->s_root);
+
+ tmp_page = (char*) __get_free_page(GFP_KERNEL);
+ if (!tmp_page) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ bstart = sbstart(sb);
+ bend = sbend(sb);
+
+ seq_printf(m, ",dirs=");
+ for (bindex = bstart; bindex <= bend; bindex++) {
+ path = d_path(unionfs_lower_dentry_idx(sb->s_root, bindex),
+ unionfs_lower_mnt_idx(sb->s_root, bindex), tmp_page,
+ PAGE_SIZE);
+ perms = branchperms(sb, bindex);
+
+ seq_printf(m, "%s=%s", path,
+ perms & MAY_WRITE ? "rw" : "ro");
+ if (bindex != bend) {
+ seq_printf(m, ":");
+ }
+ }
+
+out:
+ if (tmp_page)
+ free_page((unsigned long) tmp_page);
+
+ unlock_dentry(sb->s_root);
+
+ return ret;
+}
+
+struct super_operations unionfs_sops = {
+ .read_inode = unionfs_read_inode,
+ .put_inode = unionfs_put_inode,
+ .delete_inode = unionfs_delete_inode,
+ .put_super = unionfs_put_super,
+ .statfs = unionfs_statfs,
+ .remount_fs = unionfs_remount_fs,
+ .clear_inode = unionfs_clear_inode,
+ .umount_begin = unionfs_umount_begin,
+ .show_options = unionfs_show_options,
+ .write_inode = unionfs_write_inode,
+ .alloc_inode = unionfs_alloc_inode,
+ .destroy_inode = unionfs_destroy_inode,
+};
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
Extended attribute support.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
fs/Kconfig | 9 ++++
fs/unionfs/Makefile | 2 +
fs/unionfs/copyup.c | 75 +++++++++++++++++++++++++++++++
fs/unionfs/inode.c | 12 +++++
fs/unionfs/union.h | 15 ++++++
fs/unionfs/xattr.c | 123 +++++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 236 insertions(+), 0 deletions(-)
diff --git a/fs/Kconfig b/fs/Kconfig
index 2e519f4..cf46c71 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -1564,6 +1564,15 @@ config UNION_FS
See <http://www.unionfs.org> for details
+config UNION_FS_XATTR
+ bool "Unionfs extended attributes"
+ depends on UNION_FS
+ help
+ Extended attributes are name:value pairs associated with inodes by
+ the kernel or by users (see the attr(5) manual page).
+
+ If unsure, say N.
+
endmenu
menu "Network File Systems"
diff --git a/fs/unionfs/Makefile b/fs/unionfs/Makefile
index 25dd78f..7c98325 100644
--- a/fs/unionfs/Makefile
+++ b/fs/unionfs/Makefile
@@ -3,3 +3,5 @@ obj-$(CONFIG_UNION_FS) += unionfs.o
unionfs-y := subr.o dentry.o file.o inode.o main.o super.o \
stale_inode.o branchman.o rdstate.o copyup.o dirhelper.o \
rename.o unlink.o lookup.o commonfops.o dirfops.o sioq.o
+
+unionfs-$(CONFIG_UNION_FS_XATTR) += xattr.o
diff --git a/fs/unionfs/copyup.c b/fs/unionfs/copyup.c
index ad70b24..1d59ff3 100644
--- a/fs/unionfs/copyup.c
+++ b/fs/unionfs/copyup.c
@@ -18,6 +18,75 @@
#include "union.h"
+#ifdef CONFIG_UNION_FS_XATTR
+/* copyup all extended attrs for a given dentry */
+static int copyup_xattrs(struct dentry *old_hidden_dentry,
+ struct dentry *new_hidden_dentry)
+{
+ int err = 0;
+ ssize_t list_size = -1;
+ char *name_list = NULL;
+ char *attr_value = NULL;
+ char *name_list_orig = NULL;
+
+ list_size = vfs_listxattr(old_hidden_dentry, NULL, 0);
+
+ if (list_size <= 0) {
+ err = list_size;
+ goto out;
+ }
+
+ name_list = unionfs_xattr_alloc(list_size + 1, XATTR_LIST_MAX);
+ if (!name_list || IS_ERR(name_list)) {
+ err = PTR_ERR(name_list);
+ goto out;
+ }
+ list_size = vfs_listxattr(old_hidden_dentry, name_list, list_size);
+ attr_value = unionfs_xattr_alloc(XATTR_SIZE_MAX, XATTR_SIZE_MAX);
+ if (!attr_value || IS_ERR(attr_value)) {
+ err = PTR_ERR(name_list);
+ goto out;
+ }
+ name_list_orig = name_list;
+ while (*name_list) {
+ ssize_t size;
+
+ /* Lock here since vfs_getxattr doesn't lock for us */
+ mutex_lock(&old_hidden_dentry->d_inode->i_mutex);
+ size = vfs_getxattr(old_hidden_dentry, name_list,
+ attr_value, XATTR_SIZE_MAX);
+ mutex_unlock(&old_hidden_dentry->d_inode->i_mutex);
+ if (size < 0) {
+ err = size;
+ goto out;
+ }
+
+ if (size > XATTR_SIZE_MAX) {
+ err = -E2BIG;
+ goto out;
+ }
+ /* Don't lock here since vfs_setxattr does it for us. */
+ err = vfs_setxattr(new_hidden_dentry, name_list, attr_value,
+ size, 0);
+
+ if (err < 0)
+ goto out;
+ name_list += strlen(name_list) + 1;
+ }
+ out:
+ name_list = name_list_orig;
+
+ if (name_list)
+ unionfs_xattr_free(name_list, list_size + 1);
+ if (attr_value)
+ unionfs_xattr_free(attr_value, XATTR_SIZE_MAX);
+ /* It is no big deal if this fails, we just roll with the punches. */
+ if (err == -ENOTSUPP || err == -EOPNOTSUPP)
+ err = 0;
+ return err;
+}
+#endif /* CONFIG_UNION_FS_XATTR */
+
/* Determine the mode based on the copyup flags, and the existing dentry. */
static int copyup_permissions(struct super_block *sb,
struct dentry *old_hidden_dentry,
@@ -344,6 +413,12 @@ int copyup_named_dentry(struct inode *dir, struct dentry *dentry,
if ((err = copyup_permissions(sb, old_hidden_dentry, new_hidden_dentry)))
goto out_unlink;
+#ifdef CONFIG_UNION_FS_XATTR
+ /* Selinux uses extended attributes for permissions. */
+ if ((err = copyup_xattrs(old_hidden_dentry, new_hidden_dentry)))
+ goto out_unlink;
+#endif
+
/* do not allow files getting deleted to be reinterposed */
if (!d_deleted(dentry))
unionfs_reinterpose(dentry);
diff --git a/fs/unionfs/inode.c b/fs/unionfs/inode.c
index 1bbef1c..36f2660 100644
--- a/fs/unionfs/inode.c
+++ b/fs/unionfs/inode.c
@@ -930,10 +930,22 @@ struct inode_operations unionfs_dir_iops = {
.rename = unionfs_rename,
.permission = unionfs_permission,
.setattr = unionfs_setattr,
+#ifdef CONFIG_UNION_FS_XATTR
+ .setxattr = unionfs_setxattr,
+ .getxattr = unionfs_getxattr,
+ .removexattr = unionfs_removexattr,
+ .listxattr = unionfs_listxattr,
+#endif
};
struct inode_operations unionfs_main_iops = {
.permission = unionfs_permission,
.setattr = unionfs_setattr,
+#ifdef CONFIG_UNION_FS_XATTR
+ .setxattr = unionfs_setxattr,
+ .getxattr = unionfs_getxattr,
+ .removexattr = unionfs_removexattr,
+ .listxattr = unionfs_listxattr,
+#endif
};
diff --git a/fs/unionfs/union.h b/fs/unionfs/union.h
index 624132b..f08eb75 100644
--- a/fs/unionfs/union.h
+++ b/fs/unionfs/union.h
@@ -38,6 +38,7 @@
#include <linux/string.h>
#include <linux/vmalloc.h>
#include <linux/writeback.h>
+#include <linux/xattr.h>
#include <linux/fs_stack.h>
#include <linux/magic.h>
@@ -327,6 +328,20 @@ int unionfs_ioctl_queryfile(struct file *file, unsigned int cmd,
/* Verify that a branch is valid. */
int check_branch(struct nameidata *nd);
+#ifdef CONFIG_UNION_FS_XATTR
+/* Extended attribute functions. */
+extern void *unionfs_xattr_alloc(size_t size, size_t limit);
+extern void unionfs_xattr_free(void *ptr, size_t size);
+
+extern ssize_t unionfs_getxattr(struct dentry *dentry, const char *name,
+ void *value, size_t size);
+extern int unionfs_removexattr(struct dentry *dentry, const char *name);
+extern ssize_t unionfs_listxattr(struct dentry *dentry, char *list,
+ size_t size);
+extern int unionfs_setxattr(struct dentry *dentry, const char *name,
+ const void *value, size_t size, int flags);
+#endif /* CONFIG_UNION_FS_XATTR */
+
/* The root directory is unhashed, but isn't deleted. */
static inline int d_deleted(struct dentry *d)
{
diff --git a/fs/unionfs/xattr.c b/fs/unionfs/xattr.c
new file mode 100644
index 0000000..881a05d
--- /dev/null
+++ b/fs/unionfs/xattr.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2003-2006 Erez Zadok
+ * Copyright (c) 2003-2006 Charles P. Wright
+ * Copyright (c) 2005-2006 Josef 'Jeff' Sipek
+ * Copyright (c) 2005-2006 Junjiro Okajima
+ * Copyright (c) 2005 Arun M. Krishnakumar
+ * Copyright (c) 2004-2006 David P. Quigley
+ * Copyright (c) 2003-2004 Mohammad Nayyer Zubair
+ * Copyright (c) 2003 Puja Gupta
+ * Copyright (c) 2003 Harikesavan Krishnan
+ * Copyright (c) 2003-2006 Stony Brook University
+ * Copyright (c) 2003-2006 The Research Foundation of State University of New York*
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "union.h"
+
+/* This is lifted from fs/xattr.c */
+void *unionfs_xattr_alloc(size_t size, size_t limit)
+{
+ void *ptr;
+
+ if (size > limit)
+ return ERR_PTR(-E2BIG);
+
+ if (!size) /* size request, no buffer is needed */
+ return NULL;
+ else if (size <= PAGE_SIZE)
+ ptr = kmalloc(size, GFP_KERNEL);
+ else
+ ptr = vmalloc(size);
+ if (!ptr)
+ return ERR_PTR(-ENOMEM);
+ return ptr;
+}
+
+void unionfs_xattr_free(void *ptr, size_t size)
+{
+ if (!size) /* size request, no buffer was needed */
+ return;
+ else if (size <= PAGE_SIZE)
+ kfree(ptr);
+ else
+ vfree(ptr);
+}
+
+/* BKL held by caller.
+ * dentry->d_inode->i_mutex locked
+ */
+ssize_t unionfs_getxattr(struct dentry * dentry, const char *name, void *value,
+ size_t size)
+{
+ struct dentry *hidden_dentry = NULL;
+ int err = -EOPNOTSUPP;
+
+ lock_dentry(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ err = vfs_getxattr(hidden_dentry, (char*) name, value, size);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+/* BKL held by caller.
+ * dentry->d_inode->i_mutex locked
+ */
+int unionfs_setxattr(struct dentry *dentry, const char *name, const void *value,
+ size_t size, int flags)
+{
+ struct dentry *hidden_dentry = NULL;
+ int err = -EOPNOTSUPP;
+
+ lock_dentry(dentry);
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ err = vfs_setxattr(hidden_dentry, (char*) name, (void*) value, size, flags);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+/* BKL held by caller.
+ * dentry->d_inode->i_mutex locked
+ */
+int unionfs_removexattr(struct dentry *dentry, const char *name)
+{
+ struct dentry *hidden_dentry = NULL;
+ int err = -EOPNOTSUPP;
+
+ lock_dentry(dentry);
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ err = vfs_removexattr(hidden_dentry, (char*) name);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
+/* BKL held by caller.
+ * dentry->d_inode->i_mutex locked
+ */
+ssize_t unionfs_listxattr(struct dentry * dentry, char *list, size_t size)
+{
+ struct dentry *hidden_dentry = NULL;
+ int err = -EOPNOTSUPP;
+ char *encoded_list = NULL;
+
+ lock_dentry(dentry);
+
+ hidden_dentry = unionfs_lower_dentry(dentry);
+
+ encoded_list = list;
+ err = vfs_listxattr(hidden_dentry, encoded_list, size);
+
+ unlock_dentry(dentry);
+ return err;
+}
+
--
1.4.4.2
From: Josef "Jeff" Sipek <[email protected]>
This patch contains the changes to fs Kconfig file, Makefiles, and Maintainers
file for Unionfs.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: David Quigley <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
---
MAINTAINERS | 7 +++++++
fs/Kconfig | 10 ++++++++++
fs/Makefile | 1 +
fs/unionfs/Makefile | 5 +++++
4 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index 2bd34ef..33dc1b7 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3241,6 +3241,13 @@ L: [email protected]
W: http://www.kernel.dk
S: Maintained
+UNIONFS
+P: Josef "Jeff" Sipek
+M: [email protected]
+L: [email protected]
+W: http://www.unionfs.org
+S: Maintained
+
USB ACM DRIVER
P: Oliver Neukum
M: [email protected]
diff --git a/fs/Kconfig b/fs/Kconfig
index 8cd2417..2e519f4 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -1554,6 +1554,16 @@ config UFS_DEBUG
Y here. This will result in _many_ additional debugging messages to be
written to the system log.
+config UNION_FS
+ tristate "Union file system (EXPERIMENTAL)"
+ depends on EXPERIMENTAL
+ help
+ Unionfs is a stackable unification file system, which appears to
+ merge the contents of several directories (branches), while keeping
+ their physical content separate.
+
+ See <http://www.unionfs.org> for details
+
endmenu
menu "Network File Systems"
diff --git a/fs/Makefile b/fs/Makefile
index b9ffa63..76c6acc 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -115,3 +115,4 @@ obj-$(CONFIG_HPPFS) += hppfs/
obj-$(CONFIG_DEBUG_FS) += debugfs/
obj-$(CONFIG_OCFS2_FS) += ocfs2/
obj-$(CONFIG_GFS2_FS) += gfs2/
+obj-$(CONFIG_UNION_FS) += unionfs/
diff --git a/fs/unionfs/Makefile b/fs/unionfs/Makefile
new file mode 100644
index 0000000..25dd78f
--- /dev/null
+++ b/fs/unionfs/Makefile
@@ -0,0 +1,5 @@
+obj-$(CONFIG_UNION_FS) += unionfs.o
+
+unionfs-y := subr.o dentry.o file.o inode.o main.o super.o \
+ stale_inode.o branchman.o rdstate.o copyup.o dirhelper.o \
+ rename.o unlink.o lookup.o commonfops.o dirfops.o sioq.o
--
1.4.4.2
On Sun, 7 Jan 2007 23:12:53 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> +Modifying a Unionfs branch directly, while the union is mounted, is
> +currently unsupported.
Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
am not allowed to alter anything under /a/b/ and /c/d/? That I may only
alter stuff under /mnt/union?
If so, that sounds like a significant limitation.
> Any such change can cause Unionfs to oops, or stay
> silent and even RESULT IN DATA LOSS.
With a rather rough user interface ;)
Also, is it possible to add new branches to an existing union mount? And
to take old ones away?
On Mon, 8 Jan 2007, Andrew Morton wrote:
> On Sun, 7 Jan 2007 23:12:53 -0500
> "Josef 'Jeff' Sipek" <[email protected]> wrote:
>
>> +Modifying a Unionfs branch directly, while the union is mounted, is
>> +currently unsupported.
>
> Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> alter stuff under /mnt/union?
>
> If so, that sounds like a significant limitation.
haven't we been through this? It's the same thing as modifying a block
device while a file system is using it. Now, when unionfs gets confused,
it shouldn't oops, but would one expect ext3 to allow one to modify its
backing store while its using it?
On Jan 8 2007 14:43, Shaya Potter wrote:
> On Mon, 8 Jan 2007, Andrew Morton wrote:
>> On Sun, 7 Jan 2007 23:12:53 -0500
>> "Josef 'Jeff' Sipek" <[email protected]> wrote:
>>
>> > +Modifying a Unionfs branch directly, while the union is
>> > +mounted, is currently unsupported.
>>
>> Does this mean that if I have /a/b/ and /c/d/ unionised under
>> /mnt/union, I am not allowed to alter anything under /a/b/
>> and /c/d/? That I may only alter stuff under /mnt/union?
>>
>> If so, that sounds like a significant limitation.
>
> haven't we been through this? It's the same thing as
> modifying a block device while a file system is using it.
> Now, when unionfs gets confused, it shouldn't oops, but would
> one expect ext3 to allow one to modify its backing store while
> its using it?
(Blunt counter-example: Modifying the underlying filesystem of
an NFS import does not break. But I agree with Shaya.)
Well it was suggested to make /a/b and /c/d read-only while the
union is mounted, using a ro bind mount, what about it? (To
catch unwanted tampering with the lowlevels)
-`J'
--
In message <[email protected]>, Andrew Morton writes:
> On Sun, 7 Jan 2007 23:12:53 -0500
> "Josef 'Jeff' Sipek" <[email protected]> wrote:
>
> > +Modifying a Unionfs branch directly, while the union is mounted, is
> > +currently unsupported.
>
> Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> alter stuff under /mnt/union?
>
> If so, that sounds like a significant limitation.
This is worth a discussion. While I agree with Shaya's point that this is
no different than editing a raw disk partition directly, there's a
difference here in that the lower layer here is exposing something that
users use all the time -- a namespace tree. So while most users know not to
muck with a raw disk of a mounted f/s, they don't know they're not supposed
to modify a lower f/s of a stackable f/s.
BTW, this is a problem with all stackable file systems, including ecryptfs.
To be fair, our Unionfs users have come up against this problem, usually for
the first time they use Unionfs :-). Then we tell not to do that, but that
if they have to, to run "uniondbg -g" afterward to force a flushing of
Unionfs caches. This practical suggestion worked well for our Unionfs users
so far.
Now, we've discussed a number of possible solutions. Thanks to suggestions
we got at OLS, we discussed a way to hide the lower namespace, or make it
readonly, using existing kernel facilities. But my understanding is that
even it'd work, it'd only address new processes: if an existing process has
an open fd in a lower branch before we "lock up" the lower branch's name
space, that process may still be able to make lower-level changes.
Detecting such processes may not be easy. What to do with them, once
detected, is also unclear. We welcome suggestions.
The ultimate solution is to revise the page cache and VM subsystem to have a
Unified Cache Manager, as John Heidemann did in 1995 (see SOSP'95). But
that's a huge amount of work and it's unclear that it's worth the added
complexity.
Our goal in this (large) set of Unionfs patches was to try and keep it as
small, understandable, and stable as possible. If, however, the community
feels that we should address these concerns, we'd be happy to. But first
we'd like to hear what the community thinks might be the best solution to
this that balances functionality with the desire to keep complexity down.
Another possibility is that after, hopefully, both Unionfs and ecryptfs are
in, and some more user experience has been accumulated, that we'll look into
addressing this page-cache consistency problem for all stacked f/s.
> > Any such change can cause Unionfs to oops, or stay
> > silent and even RESULT IN DATA LOSS.
>
> With a rather rough user interface ;)
Jeff, I don't think it's acceptable to OOPS. If I recall, when ext3 detects
a severe corruption of its data structures (often due to hardware
disk/memory errors), it will sometimes downgrade the file system into
readonly mode; this emergency procedure is meant to reduce the chance of
further corruption. If we know of obvious cases in which Unionfs oopses
when someone modifies lower files, then we should address them in a similar
manner. Better yet, if in some cases we suspect someone modified lower
files, then one possibility is to flush unionfs's caches (ala uniondbg -g),
which would presumably sync up unionfs's cached info.
> Also, is it possible to add new branches to an existing union mount? And
> to take old ones away?
Yes, you can add branches, remove branches, and upgrade/downgrade them b/t
readonly and readwrite. We used to allow this on any of the branches, even
inserting/deleting in the middle, and it worked. But that complicated the
code considerably, and after a couple of years of experience, we found out
that most users just wanted to add/del a new top-level branch. So we
stripped out the older, more complicated code. What we have in this set of
patches allows users to add/del/change top-level branches mostly.
Cheers,
Erez.
On Mon, 8 Jan 2007 14:43:39 -0500 (EST)
Shaya Potter <[email protected]> wrote:
> On Mon, 8 Jan 2007, Andrew Morton wrote:
>
> > On Sun, 7 Jan 2007 23:12:53 -0500
> > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> >
> >> +Modifying a Unionfs branch directly, while the union is mounted, is
> >> +currently unsupported.
> >
> > Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> > am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> > alter stuff under /mnt/union?
> >
> > If so, that sounds like a significant limitation.
>
> haven't we been through this?
If it's not in the changelog or the documentation, it doesn't exist. It's
useful for the developers to keep track of obvious and frequently-asked
questions such as this and to address them completely in the changelog
and/or documentation. Otherwise things just come around again and again,
as we see here.
> It's the same thing as modifying a block
> device while a file system is using it. Now, when unionfs gets confused,
> it shouldn't oops, but would one expect ext3 to allow one to modify its
> backing store while its using it?
There's no such problem with bind mounts. It's surprising to see such a
restriction with union mounts.
On Sun, 7 Jan 2007 23:13:07 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> From: Josef "Jeff" Sipek <[email protected]>
>
> Workqueue & helper functions used to perform privileged operations on
> behalf of the user process.
>
> Signed-off-by: Josef "Jeff" Sipek <[email protected]>
> Signed-off-by: David Quigley <[email protected]>
> Signed-off-by: Erez Zadok <[email protected]>
> +
>
> ...
>
> +#include "union.h"
> +
> +/* Super-user IO work Queue - sometimes we need to perform actions which
> + * would fail due to the unix permissions on the parent directory (e.g.,
> + * rmdir a directory which appears empty, but in reality contains
> + * whiteouts).
> + */
> +
> +struct workqueue_struct *sioq;
Rather a terse identifier for a global symbol.
> +int __init init_sioq(void)
> +{
> + int err;
> +
> + sioq = create_workqueue("unionfs_siod");
> + if (!IS_ERR(sioq))
> + return 0;
> +
> + err = PTR_ERR(sioq);
> + printk(KERN_ERR "create_workqueue failed %d\n", err);
> + sioq = NULL;
> + return err;
> +}
> +
> +void __exit stop_sioq(void)
> +{
> + if (sioq)
> + destroy_workqueue(sioq);
> +}
> +
> +void run_sioq(work_func_t func, struct sioq_args *args)
> +{
> + INIT_WORK(&args->work, func);
> +
> + init_completion(&args->comp);
> + while (!queue_work(sioq, &args->work)) {
> + /* TODO: do accounting if needed */
> + schedule();
> + }
That's a busywait.
> + wait_for_completion(&args->comp);
> +}
> +
>
> ...
>
> +void __delete_whiteouts(struct work_struct *work) {
Misplaced brace.
On Sun, 7 Jan 2007 23:13:11 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> From: Josef "Jeff" Sipek <[email protected]>
>
> This patch contains many macros and inline functions used thoughout Unionfs.
>
> ..
>
> +#define ibstart(ino) (UNIONFS_I(ino)->bstart)
> +#define ibend(ino) (UNIONFS_I(ino)->bend)
> +
> +/* Superblock to private data */
> +#define UNIONFS_SB(super) ((struct unionfs_sb_info *)(super)->s_fs_info)
> +#define sbstart(sb) 0
> +#define sbend(sb) (UNIONFS_SB(sb)->bend)
> +#define sbmax(sb) (UNIONFS_SB(sb)->bend + 1)
> +
> +/* File to private Data */
> +#define UNIONFS_F(file) ((struct unionfs_file_info *)((file)->private_data))
> +#define fbstart(file) (UNIONFS_F(file)->bstart)
> +#define fbend(file) (UNIONFS_F(file)->bend)
>
> ...
>
> +#define dbstart(dent) (UNIONFS_D(dent)->bstart)
> +#define set_dbstart(dent, val) do { UNIONFS_D(dent)->bstart = val; } while(0)
> +#define dbend(dent) (UNIONFS_D(dent)->bend)
> +#define set_dbend(dent, val) do { UNIONFS_D(dent)->bend = val; } while(0)
> +#define dbopaque(dent) (UNIONFS_D(dent)->bopaque)
> +#define set_dbopaque(dent, val) do { UNIONFS_D(dent)->bopaque = val; } while (0)
Please prefer to use inlined C fucntions. Macros should only be used if
there is some reason why an inlined fucntion will not work.
> +#define lock_dentry(d) down(&UNIONFS_D(d)->sem)
> +#define unlock_dentry(d) up(&UNIONFS_D(d)->sem)
> +#define verify_locked(d)
Ditto.
Please use mutexes where possible. Semaphores should only be used when
their counting feature is employed. And, arguably, in situations where a
lock is locked and unlocked from different threads, because this presently
triggers mutex debugging warnings, although we should find a way of fixing
this in the mutex code.
I can't say I like the name "lock_dentry" much. It sounds like a VFS
function and we may well gain a generic lock_dentry() at some time in the
future. unionfs_lock_dentry() would be a better choice.
On Sun, 7 Jan 2007 23:12:56 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> From: Josef "Jeff" Sipek <[email protected]>
>
> This patch contains helper functions used through the rest of the code which
> pertains to files.
>
> Signed-off-by: Josef "Jeff" Sipek <[email protected]>
> Signed-off-by: David Quigley <[email protected]>
> Signed-off-by: Erez Zadok <[email protected]>
>
> ...
>
> +#include "union.h"
> +
> +/* 1) Copyup the file
> + * 2) Rename the file to '.unionfs<original inode#><counter>' - obviously
> + * stolen from NFS's silly rename
> + */
> +static int copyup_deleted_file(struct file *file, struct dentry *dentry,
> + int bstart, int bindex)
> +{
> + static unsigned int counter;
> + const int i_inosize = sizeof(dentry->d_inode->i_ino) * 2;
> + const int countersize = sizeof(counter) * 2;
> + const int nlen = sizeof(".unionfs") + i_inosize + countersize - 1;
> + char name[nlen + 1];
> +
> + int err;
> + struct dentry *tmp_dentry = NULL;
> + struct dentry *hidden_dentry = NULL;
> + struct dentry *hidden_dir_dentry = NULL;
> +
> + hidden_dentry = unionfs_lower_dentry_idx(dentry, bstart);
Slightly strange to initialise a variable twice in a row like this.
> + sprintf(name, ".unionfs%*.*lx",
> + i_inosize, i_inosize, hidden_dentry->d_inode->i_ino);
> +
> + tmp_dentry = NULL;
> + do {
> + char *suffix = name + nlen - countersize;
> +
> + dput(tmp_dentry);
> + counter++;
> + sprintf(suffix, "%*.*x", countersize, countersize, counter);
> +
> + printk(KERN_DEBUG "unionfs: trying to rename %s to %s\n",
> + dentry->d_name.name, name);
> +
> + tmp_dentry = lookup_one_len(name, hidden_dentry->d_parent,
> + UNIONFS_TMPNAM_LEN);
> + if (IS_ERR(tmp_dentry)) {
> + err = PTR_ERR(tmp_dentry);
> + goto out;
> + }
> + } while (tmp_dentry->d_inode != NULL); /* need negative dentry */
> +
> + err = copyup_named_file(dentry->d_parent->d_inode, file, name, bstart,
> + bindex, file->f_dentry->d_inode->i_size);
> + if (err)
> + goto out;
> +
> + /* bring it to the same state as an unlinked file */
> + hidden_dentry = unionfs_lower_dentry_idx(dentry, dbstart(dentry));
> + hidden_dir_dentry = lock_parent(hidden_dentry);
> + err = vfs_unlink(hidden_dir_dentry->d_inode, hidden_dentry);
> + unlock_dir(hidden_dir_dentry);
> +
> +out:
> + return err;
> +}
> +
> +/* put all references held by upper struct file and free lower file pointer
> + * array
> + */
Where in this patchset would the reader go to understand what an "upper
file" is, what a "lower file" is? The relationship between them, lifecycle
management, locking, etc?
<looks at the data structures in union.h>
That's the place. It would be useful to describe things in there a lot
better. For example, bstart, bend and bindev could do with help.
unionfs_get_nlinks() is huge. it has twelve callsites and two out-of-line
copies are generated. Suggest that it not be inlined ;)
alloc_whname() should be out-of-line.
lock_parent() and unlock_dir() are poorly named.
> +long unionfs_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
> +{
> + long err;
> +
> + if ((err = unionfs_file_revalidate(file, 1)))
> + goto out;
> +
> + /* check if asked for local commands */
> + switch (cmd) {
> + case UNIONFS_IOCTL_INCGEN:
> + /* Increment the superblock generation count */
> + err = -EACCES;
> + if (!capable(CAP_SYS_ADMIN))
> + goto out;
> + err = unionfs_ioctl_incgen(file, cmd, arg);
> + break;
> +
> + case UNIONFS_IOCTL_QUERYFILE:
> + /* Return list of branches containing the given file */
> + err = unionfs_ioctl_queryfile(file, cmd, arg);
> + break;
> +
> + default:
> + /* pass the ioctl down */
> + err = do_ioctl(file, cmd, arg);
> + break;
> + }
We normally use one tabstop less than this.
On Mon, 2007-01-08 at 21:24 +0100, Jan Engelhardt wrote:
> On Jan 8 2007 14:43, Shaya Potter wrote:
> > On Mon, 8 Jan 2007, Andrew Morton wrote:
> >> On Sun, 7 Jan 2007 23:12:53 -0500
> >> "Josef 'Jeff' Sipek" <[email protected]> wrote:
> >>
> >> > +Modifying a Unionfs branch directly, while the union is
> >> > +mounted, is currently unsupported.
> >>
> >> Does this mean that if I have /a/b/ and /c/d/ unionised under
> >> /mnt/union, I am not allowed to alter anything under /a/b/
> >> and /c/d/? That I may only alter stuff under /mnt/union?
> >>
> >> If so, that sounds like a significant limitation.
> >
> > haven't we been through this? It's the same thing as
> > modifying a block device while a file system is using it.
> > Now, when unionfs gets confused, it shouldn't oops, but would
> > one expect ext3 to allow one to modify its backing store while
> > its using it?
>
> (Blunt counter-example: Modifying the underlying filesystem of
> an NFS import does not break. But I agree with Shaya.)
>
> Well it was suggested to make /a/b and /c/d read-only while the
> union is mounted, using a ro bind mount, what about it? (To
> catch unwanted tampering with the lowlevels)
not quite true. Run a program on an NFS root based system, modify the
files it has mmaped (on the NFS server). Do you expect the program to
behave correctly? Locally, you wouldn't be able to modify it (you would
have to move it away and put a new copy in its place), I could be wrong,
but I don't think that limitation exists if doing it with NFS.
On Sun, 7 Jan 2007 23:12:57 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> From: Josef "Jeff" Sipek <[email protected]>
>
> This patch contains the functions used to perform copyup operations in unionfs.
What is a copyup operation and why does it exist?
It seems to be copying the entire contents of certain files. That's not a
thing I'd have expected to see in a union filesystem. Explain it all,
please? (Somewhere where the info will be retained for posterity - a
random email is good, but not sufficient...)
On Sun, 7 Jan 2007 23:13:10 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> + if (tmp_page)
> + free_page((unsigned long) tmp_page);
free_page(0) is legal.
On Mon, 2007-01-08 at 13:19 -0800, Andrew Morton wrote:
> On Mon, 8 Jan 2007 14:43:39 -0500 (EST) Shaya Potter <[email protected]> wrote:
> > It's the same thing as modifying a block
> > device while a file system is using it. Now, when unionfs gets confused,
> > it shouldn't oops, but would one expect ext3 to allow one to modify its
> > backing store while its using it?
>
> There's no such problem with bind mounts. It's surprising to see such a
> restriction with union mounts.
the difference is bind mounts are a vfs construct, while unionfs is a
file system.
On Sun, 7 Jan 2007 23:12:58 -0500
"Josef 'Jeff' Sipek" <[email protected]> wrote:
> From: Josef "Jeff" Sipek <[email protected]>
>
> This patch contains the dentry operations for Unionfs.
>
> +/* declarations added for "sparse" */
> +extern int unionfs_d_revalidate_wrap(struct dentry *dentry,
> + struct nameidata *nd);
> +extern void unionfs_d_release(struct dentry *dentry);
> +extern void unionfs_d_iput(struct dentry *dentry, struct inode *inode);
No, declarations go in header files, visible to the definition and to all
callers. (Ditto all the other places where this is done)
On Jan 8 2007 15:51, Erez Zadok wrote:
>
>BTW, this is a problem with all stackable file systems, including
>ecryptfs. To be fair, our Unionfs users have come up against this
>problem, usually for the first time they use Unionfs :-). Then we
>tell not to do that, but that if they have to, to run "uniondbg -g"
>afterward to force a flushing of Unionfs caches. This practical
>suggestion worked well for our Unionfs users so far.
Speaking of practicality, would not it be easiest to add a mount-time
option that says "don't ever cache"? Or perhaps "enable cache, I
assure you I don't fiddle with the lower layer".
>Another possibility is that after, hopefully, both Unionfs and
>ecryptfs are in, and some more user experience has been accumulated,
>that we'll look into addressing this page-cache consistency problem
>for all stacked f/s.
Not that I know much about memory handling, but...:
When a process writes to a file, the write is cached by default. If
now an origin tag (as in: a struct member) is attached to this cached
object, unionfs/VFS can decide whether the last write access has
happened from within unionfs or something else, and act accordingly,
namely (1) flush when origin tag is not "unionfs" (2) do as usual
like today's unionfs. Think of it like a "last changed by"-attribute.
-`J'
--
On Mon, 08 Jan 2007 16:30:48 -0500
Shaya Potter <[email protected]> wrote:
> On Mon, 2007-01-08 at 13:19 -0800, Andrew Morton wrote:
> > On Mon, 8 Jan 2007 14:43:39 -0500 (EST) Shaya Potter <[email protected]> wrote:
> > > It's the same thing as modifying a block
> > > device while a file system is using it. Now, when unionfs gets confused,
> > > it shouldn't oops, but would one expect ext3 to allow one to modify its
> > > backing store while its using it?
> >
> > There's no such problem with bind mounts. It's surprising to see such a
> > restriction with union mounts.
>
> the difference is bind mounts are a vfs construct, while unionfs is a
> file system.
Well yes. So the top-level question is "is this the correct way of doing
unionisation?".
I suspect not, in which case unionfs is at best a stopgap until someone
comes along and implements unionisation at the VFS level, at which time
unionfs goes away.
That could take a long time. The questions we're left to ponder over are
things like
a) is unionfs a sufficiently useful stopgap to justify a merge and
b) would an interim merge of unionfs increase or decrease the motivation
for someone to do a VFS implementation?
I suspect the answer to b) is "increase": if unionfs proves to be useful
then people will be motivated to produce more robust implementations of the
same functionality. If it proves to not be very useful then nobody will
bother doing anything, which in a way would be a useful service.
Is there vendor interest in unionfs?
On Mon, 2007-01-08 at 13:29 -0800, Andrew Morton wrote:
> On Sun, 7 Jan 2007 23:12:57 -0500
> "Josef 'Jeff' Sipek" <[email protected]> wrote:
>
> > From: Josef "Jeff" Sipek <[email protected]>
> >
> > This patch contains the functions used to perform copyup operations in unionfs.
>
> What is a copyup operation and why does it exist?
>
> It seems to be copying the entire contents of certain files. That's not a
> thing I'd have expected to see in a union filesystem. Explain it all,
> please? (Somewhere where the info will be retained for posterity - a
> random email is good, but not sufficient...)
to do the random e-mail, it's because it just doesn't union
"directories", but lets you assign read-write, read-only properties to
them.
If you try to modify a file on a read-only layer, it will be copied to
the top most layer (has to be read-write) and then modified. It can be
slow though (imagine modifying a 1GB file).
>
> Is there vendor interest in unionfs?
MANY live cds seem to use it.
On Mon, Jan 08, 2007 at 03:51:31PM -0500, Erez Zadok wrote:
> BTW, this is a problem with all stackable file systems, including
> ecryptfs. To be fair, our Unionfs users have come up against this
> problem, usually for the first time they use Unionfs :-).
I suspect that the only reason why this has not yet surfaced as a
major issue in eCryptfs is because nobody is bothering to manipulate
the eCryptfs-encrypted lower files. The only code out there right now
that can make sense of the files is in the eCryptfs kernel module.
> Now, we've discussed a number of possible solutions. Thanks to
> suggestions we got at OLS, we discussed a way to hide the lower
> namespace, or make it readonly, using existing kernel facilities.
> But my understanding is that even it'd work, it'd only address new
> processes: if an existing process has an open fd in a lower branch
> before we "lock up" the lower branch's name space, that process may
> still be able to make lower-level changes.
Again, eCryptfs is fortunate in that the vast majority of users who
access the lower eCryptfs files will only want to read the encrypted
files (to do backups, for instance). I do not know of any userspace
utilities that can write correct eCryptfs lower file content.
> Detecting such processes may not be easy. What to do with them,
> once detected, is also unclear. We welcome suggestions.
My first instinct is to say that stacked filesystem should not even
begin to open the file if it is already opened by something other than
the stacked filesystem (-EPERM with a message in the syslog about the
problem). In the case when a stacked filesystem wants to open a file
that is already opened by something other than the stacked filesystem,
the stacked filesystem loses. Once the process closes the file, the
process is hitherto prevented from accessing the file again (via the
before-mentioned mechanism of hiding the lower namespace).
> Another possibility is that after, hopefully, both Unionfs and
> ecryptfs are in, and some more user experience has been accumulated,
> that we'll look into addressing this page-cache consistency problem
> for all stacked f/s.
Unionfs and eCryptfs share almost exactly the same namespace
issues. Unionfs happens to be impacted by them more than eCryptfs
because of the differences in how people actually access the files
under the two filesystems.
> Jeff, I don't think it's acceptable to OOPS.
For now, stacked filesystems just need to stay on their toes. There
are several places where assumptions need to be checked.
Mike
On Mon, Jan 08, 2007 at 11:18:52AM -0800, Andrew Morton wrote:
> On Sun, 7 Jan 2007 23:12:53 -0500
> "Josef 'Jeff' Sipek" <[email protected]> wrote:
>
> > +Modifying a Unionfs branch directly, while the union is mounted, is
> > +currently unsupported.
>
> Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> alter stuff under /mnt/union?
That's correct.
> If so, that sounds like a significant limitation.
It is significant, and I am trying to figure out a nice clean way to allow
_all_ stackable filesystems (yes, ecryptfs which is in vanilla has the same
problem too) to have data modified under them without any cache incoherence.
> > Any such change can cause Unionfs to oops, or stay
> > silent and even RESULT IN DATA LOSS.
>
> With a rather rough user interface ;)
That statement is meant to scare people away from modifying the lower fs :)
I tortured unionfs quite a bit, and it can oops but it takes some effort.
> Also, is it possible to add new branches to an existing union mount? And
> to take old ones away?
Not in the code in the 20-odd patches, it is a minimal version of the code,
maade to be as clean as possible. I hope to port the more complex
features into this code when things like lower branch manipulation are fixed
in a real way - there have been suggestions of (ab)using inotify to keep
track of the lower files, but I would prefer to find a real solution.
Josef "Jeff" Sipek.
--
Research, n.:
Consider Columbus:
He didn't know where he was going.
When he got there he didn't know where he was.
When he got back he didn't know where he had been.
And he did it all on someone else's money.
On Mon, Jan 08, 2007 at 01:19:57PM -0800, Andrew Morton wrote:
...
> If it's not in the changelog or the documentation, it doesn't exist.
Good point. I'll add it for next time.
> > It's the same thing as modifying a block
> > device while a file system is using it. Now, when unionfs gets confused,
> > it shouldn't oops, but would one expect ext3 to allow one to modify its
> > backing store while its using it?
>
> There's no such problem with bind mounts. It's surprising to see such a
> restriction with union mounts.
Bind mounts are a purely VFS level construct. Unionfs is, as the name
implies, a filesystem. Last year at OLS, it seemed that a lot of people
agreed that unioning is neither purely a fs construct, nor purely a vfs
construct.
I'm using Unionfs (and ecryptfs) as guinea pigs to make linux fs stacking
friendly - a topic to be discussed at LSF in about a month.
Josef "Jeff" Sipek.
--
Computer Science is no more about computers than astronomy is about
telescopes.
- Edsger Dijkstra
On Mon, Jan 08, 2007 at 02:02:24PM -0800, Andrew Morton wrote:
> On Mon, 08 Jan 2007 16:30:48 -0500
> Shaya Potter <[email protected]> wrote:
>
> > On Mon, 2007-01-08 at 13:19 -0800, Andrew Morton wrote:
> > > On Mon, 8 Jan 2007 14:43:39 -0500 (EST) Shaya Potter <[email protected]> wrote:
> > > > It's the same thing as modifying a block
> > > > device while a file system is using it. Now, when unionfs gets confused,
> > > > it shouldn't oops, but would one expect ext3 to allow one to modify its
> > > > backing store while its using it?
> > >
> > > There's no such problem with bind mounts. It's surprising to see such a
> > > restriction with union mounts.
> >
> > the difference is bind mounts are a vfs construct, while unionfs is a
> > file system.
>
> Well yes. So the top-level question is "is this the correct way of doing
> unionisation?".
Namespace unification doesn't seem to fit into neither vfs-only nor fs-only
category. My guess is that some of the code that's currently in unionfs
could be replaced by some vfs-level magic.
> I suspect not, in which case unionfs is at best a stopgap until someone
> comes along and implements unionisation at the VFS level, at which time
> unionfs goes away.
>
> That could take a long time. The questions we're left to ponder over are
> things like
>
> a) is unionfs a sufficiently useful stopgap to justify a merge and
We (unionfs team) think so :)
> b) would an interim merge of unionfs increase or decrease the motivation
> for someone to do a VFS implementation?
And is a VFS implementation the right way to do it?
> I suspect the answer to b) is "increase": if unionfs proves to be useful
> then people will be motivated to produce more robust implementations of the
> same functionality.
I think it would "increase" the chance of people doing the right thing -
whatever it may be.
> Is there vendor interest in unionfs?
Many people are currently using the full - lkml-unsafe :) version of the
code which has a considerable amount of bells and whistles - at least
compared to the minimal version submitted. I want to take the good things
"port" them over and make sure everything is good.
Josef "Jeff" Sipek.
--
The box said "Windows XP or better required". So I installed Linux.
On Jan 8 2007 14:02, Andrew Morton wrote:
>Shaya Potter <[email protected]> wrote:
>>
>> the difference is bind mounts are a vfs construct, while unionfs is a
>> file system.
>
>Well yes. So the top-level question is "is this the correct way of doing
>unionisation?".
>I suspect not, in which case unionfs is at best a stopgap until someone
>comes along and implements unionisation at the VFS level, at which time
>unionfs goes away.
Not either. I *think* Jan Blunck wrote a pdf-paper about 'union mounts', i.e.
the vfs construct you refer to. [
http://www.free-it.org/archiv/talks_2005/paper-11254/paper-11254.pdf looks like
it ]
However, it's not duplicating a namespace, hence, unionfs also has a
right to exist.
>a) is unionfs a sufficiently useful stopgap to justify a merge and
>
>b) would an interim merge of unionfs increase or decrease the motivation
> for someone to do a VFS implementation?
>
>I suspect the answer to b) is "increase": if unionfs proves to be useful
>then people will be motivated to produce more robust implementations of the
>same functionality. If it proves to not be very useful then nobody will
>bother doing anything, which in a way would be a useful service.
Fact is, when it's in, bugs could be shaken out. Though then I think what
better AUFS could do.
-`J'
--
On Mon, Jan 08, 2007 at 05:00:18PM -0600, Michael Halcrow wrote:
> On Mon, Jan 08, 2007 at 03:51:31PM -0500, Erez Zadok wrote:
> > BTW, this is a problem with all stackable file systems, including
> > ecryptfs. To be fair, our Unionfs users have come up against this
> > problem, usually for the first time they use Unionfs :-).
>
> I suspect that the only reason why this has not yet surfaced as a
> major issue in eCryptfs is because nobody is bothering to manipulate
> the eCryptfs-encrypted lower files. The only code out there right now
> that can make sense of the files is in the eCryptfs kernel module.
Yeah, you got lucky :)
> > Detecting such processes may not be easy. What to do with them,
> > once detected, is also unclear. We welcome suggestions.
>
> My first instinct is to say that stacked filesystem should not even
> begin to open the file if it is already opened by something other than
> the stacked filesystem (-EPERM with a message in the syslog about the
> problem).
That seems a rather bit too drastic, no?
> In the case when a stacked filesystem wants to open a file
> that is already opened by something other than the stacked filesystem,
> the stacked filesystem loses. Once the process closes the file, the
> process is hitherto prevented from accessing the file again (via the
> before-mentioned mechanism of hiding the lower namespace).
I'd much prefer to somehow link the related pages and invalidate other
"copies" (even after transformations such as encryption). Limiting when
files can be open just sounds nasty.
> Unionfs and eCryptfs share almost exactly the same namespace
> issues. Unionfs happens to be impacted by them more than eCryptfs
> because of the differences in how people actually access the files
> under the two filesystems.
Yep.
> > Jeff, I don't think it's acceptable to OOPS.
>
> For now, stacked filesystems just need to stay on their toes. There
> are several places where assumptions need to be checked.
I think those places can eliminated by modifying the VFS a bit. Heck, it
might even make the NFS folks' lives easier :)
Josef "Jeff" Sipek.
--
Bad pun of the week: The formula 1 control computer suffered from a race
condition
In message <[email protected]>, Andrew Morton writes:
> On Mon, 08 Jan 2007 16:30:48 -0500
> Shaya Potter <[email protected]> wrote:
>
> Well yes. So the top-level question is "is this the correct way of doing
> unionisation?".
> I suspect not, in which case unionfs is at best a stopgap until someone
> comes along and implements unionisation at the VFS level, at which time
> unionfs goes away.
>
> That could take a long time. The questions we're left to ponder over are
> things like
>
> a) is unionfs a sufficiently useful stopgap to justify a merge and
>
> b) would an interim merge of unionfs increase or decrease the motivation
> for someone to do a VFS implementation?
>
> I suspect the answer to b) is "increase": if unionfs proves to be useful
> then people will be motivated to produce more robust implementations of the
> same functionality. If it proves to not be very useful then nobody will
> bother doing anything, which in a way would be a useful service.
>
>
> Is there vendor interest in unionfs?
Andrew, you bring up a very good point (others have asked this legitimate
question before). As someone who (together with a "few" students :-)
probably wrote the most stackable file systems ever (see
http://www.filesystems.org), I can say the following:
Unionfs is definitely useful. Just see http://www.unionfs.org for the list of
current official projects which use unionfs. Many of those projects are
used by many many thousands of users world wide. Plus we know from personal
contacts that there are various companies and researchers who are using
Unionfs in all kinds of interesting ways. The amount of feedback we got,
and the help from users (in the form of patches, testing, etc.) has been
phenomenal and even surprised me to a point where I realized I had to
allocate permanent resources (people, equipment, and $$$) to this project.
A stackable file system has a split personality. Its bottom half behaves
like a mini VFS and treats lower file systems just as the VFS would. Its
top half exports a file system interface and responds to the real VFS just
as a file system would. It's where the two halves meet that the most
complex coding exists.
Many of the stackable file systems we've written offer functionality that is
naturally useful for all file systems, and hence may very well belong at the
VFS level. For example, encryption may not really to need a full-fledged
file system, if the VFS allowed me to cleanly intercept and "overload"
certain operations relating to file reads/writes, as well as file-name ops,
on a per file/dir basis. I've always envisioned that one day a VFS may
exist (in Linux or anywhere) which was designed with this kind of
extensibility in mind (if you read some one the stacking papers from the
early 90s, that's what they talked about).
However, I must caution that a file system like ecryptfs is very different
from Unionfs, the latter being a fan-out file system---and both have very
different goals. The common code between the two file systems, at this
stage, is not much (and we've already extracted some of it into the "stackfs
layer"). I think more experience is needed before anyone tries to merge
them or move their functionality up to the VFS layer.
Stacking's main benefit is incremental file system extensibility. I do
believe that ultimately, that's where a lot of stacking-like functionality
belongs: as VFS-level loadable extensions. But that'd require an overhaul
of the VFS (which may have to be split into a re-entrant sub-layer and a
generic layer) and probably serious work on the VM/MM layers as well. If
that will happen, I'd like to see it happening the right way, such that it
can help support a lot more than just unioning-like functionality.
Having seen the growing interest in stacking over the past 10+ years, and
esp. Unionfs/ecryptfs, I believe you'll see more stackable file systems
being developed and offered for inclusion. I'm certain that numerous people
will use an official Unionfs in the kernel if/when it gets there. I believe
some functionality can and would be generalized each time a new stackable
f/s is developed for Linux. I'd be happy to help generalize the stacking
infrastructure in Linux over time, and, once there's enough experience, to
work on extensible VFS support.
Sincerely,
Erez.
On Mon, 8 Jan 2007 15:51:31 -0500, Erez Zadok wrote:
> Now, we've discussed a number of possible solutions. Thanks to suggestions
> we got at OLS, we discussed a way to hide the lower namespace, or make it
> readonly, using existing kernel facilities. But my understanding is that
> even it'd work, it'd only address new processes: if an existing process has
> an open fd in a lower branch before we "lock up" the lower branch's name
> space, that process may still be able to make lower-level changes.
> Detecting such processes may not be easy. What to do with them, once
> detected, is also unclear. We welcome suggestions.
As a simple user without much knowledge of kernel internals, much less
so filesystems, couldn't something based on the same principle of
lsof+fam be used to handle these situations? lsof, if I'm not
mistaken, can tell a user if someone (and who) has fd opened on a file
system; and fam can notify other processes that a particular file has
been modified. Unionfs could use something like lsof (or som similar
ad hoc solution) to see if something has anything opened on a
filesystem, and it could use something like fam to detect changes in
the underlying filesystem and flush caches as appropriate.
Of course, this wouldn't solve "concurrent changes" problems, but this
could be made possible by having a system to synchronize locks across
filesystems.
--
Giuseppe "Oblomov" Bilotta
[W]hat country can preserve its liberties, if its rulers are not
warned from time to time that [the] people preserve the spirit of
resistance? Let them take arms...The tree of liberty must be
refreshed from time to time, with the blood of patriots and
tyrants.
-- Thomas Jefferson, letter to Col. William S. Smith, 1787
On Tue, Jan 09, 2007 at 01:19:48AM +0100, Giuseppe Bilotta wrote:
> As a simple user without much knowledge of kernel internals, much less
> so filesystems, couldn't something based on the same principle of
> lsof+fam be used to handle these situations?
Using inotify has been suggested before. That let the upper filesystem
know when something changed on the lower filesystem.
I think that, while it would work, it is not the right solution.
Josef "Jeff" Sipek.
--
Intellectuals solve problems; geniuses prevent them
- Albert Einstein
On Jan 8 2007 19:33, Josef Sipek wrote:
>On Tue, Jan 09, 2007 at 01:19:48AM +0100, Giuseppe Bilotta wrote:
>> As a simple user without much knowledge of kernel internals, much less
>> so filesystems, couldn't something based on the same principle of
>> lsof+fam be used to handle these situations?
>
>Using inotify has been suggested before. That let the upper filesystem
>know when something changed on the lower filesystem.
>
>I think that, while it would work, it is not the right solution.
Because inotify is not recursive yet?
-`J'
--
On Tue, 2007-01-09 at 02:26 +0100, Jan Engelhardt wrote:
> On Jan 8 2007 19:33, Josef Sipek wrote:
> >On Tue, Jan 09, 2007 at 01:19:48AM +0100, Giuseppe Bilotta wrote:
> >> As a simple user without much knowledge of kernel internals, much less
> >> so filesystems, couldn't something based on the same principle of
> >> lsof+fam be used to handle these situations?
> >
> >Using inotify has been suggested before. That let the upper filesystem
> >know when something changed on the lower filesystem.
> >
> >I think that, while it would work, it is not the right solution.
>
> Because inotify is not recursive yet?
Even if it was, using inotify would be inherently racy (what if two
writes start at the same time)
On Mon, 2007-01-08 at 13:28 -0800, Andrew Morton wrote:
> Please use mutexes where possible. Semaphores should only be used when
> their counting feature is employed. And, arguably, in situations where a
> lock is locked and unlocked from different threads, because this presently
> triggers mutex debugging warnings, although we should find a way of fixing
> this in the mutex code.
Its a fundamental property of a mutex, not a shortcoming. A mutex has an
owner, the one that takes and releases the resource. This allows things
such as Priority Inheritance to boost owners.
'fixing' this takes away much of what a mutex is.
That said, it seems some folks really want this to happen, weird as it
may be. I'm not sure if all these cases are because of wrong designs. A
possible extension to the mutex interface might be something like this:
mutex_pass_owner(struct task_struct *task);
which would be an atomic unlock/lock pair where the current task
releases the resource and the indicated task gains it. However it must
be understood that from the POV of 'current' this should be treated as
an unlock action.
Ingo, I'd much rather see something like this than the proposed
mutex_unlock_dont_warn_if_a_different_task_did_it()
wart. Esp. since it preserves the mutex semantics and properties.
Am Dienstag, 9. Januar 2007 10:02 schrieb Peter Zijlstra:
> On Mon, 2007-01-08 at 13:28 -0800, Andrew Morton wrote:
>
> > Please use mutexes where possible. Â Semaphores should only be used when
> > their counting feature is employed. Â And, arguably, in situations where a
> > lock is locked and unlocked from different threads, because this presently
> > triggers mutex debugging warnings, although we should find a way of fixing
> > this in the mutex code.
>
> Its a fundamental property of a mutex, not a shortcoming. A mutex has an
> owner, the one that takes and releases the resource. This allows things
> such as Priority Inheritance to boost owners.
>
> 'fixing' this takes away much of what a mutex is.
>
> That said, it seems some folks really want this to happen, weird as it
> may be. I'm not sure if all these cases are because of wrong designs. A
> possible extension to the mutex interface might be something like this:
>
> Â mutex_pass_owner(struct task_struct *task);
>
> which would be an atomic unlock/lock pair where the current task
> releases the resource and the indicated task gains it. However it must
> be understood that from the POV of 'current' this should be treated as
> an unlock action.
This won't help if I want to release from an interrupt handler or tasklet.
Regards
Oliver
On Mon, Jan 08, 2007 at 06:25:16PM -0500, Josef Sipek wrote:
> > There's no such problem with bind mounts. It's surprising to see such a
> > restriction with union mounts.
>
> Bind mounts are a purely VFS level construct. Unionfs is, as the name
> implies, a filesystem. Last year at OLS, it seemed that a lot of people
> agreed that unioning is neither purely a fs construct, nor purely a vfs
> construct.
>
> I'm using Unionfs (and ecryptfs) as guinea pigs to make linux fs stacking
> friendly - a topic to be discussed at LSF in about a month.
And unionfs is the wrong thing do use for this. Unioning is a complex
namespace operation and needs to be implemented in the VFS or at least
needs a lot of help from the VFS. Getting namespace cache coherency
and especially locking right is imposisble with out that.
On Mon, Jan 08, 2007 at 07:03:35PM -0500, Erez Zadok wrote:
> However, I must caution that a file system like ecryptfs is very different
> from Unionfs, the latter being a fan-out file system---and both have very
> different goals. The common code between the two file systems, at this
> stage, is not much (and we've already extracted some of it into the "stackfs
> layer").
I think that's an very important point. We have a chance to get that
non-fanout filesystems right quite easily - something I wished that would
have been done before the ecryptfs merge - while getting fan-out stackable
filesystems is a really hard task. In addition to that I know exactly
one fan-out stackable filesystem that is posisbly useful, which is unionfs.
Because of that I'm much more inclined to add VFS asistance for this
particular problem (unioning) instead of adding complex infrastructure
to solve a general problem that people don't benefit from.
On Tue, Jan 09, 2007 at 09:49:35AM +0000, Christoph Hellwig wrote:
> On Mon, Jan 08, 2007 at 06:25:16PM -0500, Josef Sipek wrote:
> > > There's no such problem with bind mounts. It's surprising to see such a
> > > restriction with union mounts.
> >
> > Bind mounts are a purely VFS level construct. Unionfs is, as the name
> > implies, a filesystem. Last year at OLS, it seemed that a lot of people
> > agreed that unioning is neither purely a fs construct, nor purely a vfs
> > construct.
> >
> > I'm using Unionfs (and ecryptfs) as guinea pigs to make linux fs stacking
> > friendly - a topic to be discussed at LSF in about a month.
>
> And unionfs is the wrong thing do use for this. Unioning is a complex
> namespace operation and needs to be implemented in the VFS or at least
> needs a lot of help from the VFS. Getting namespace cache coherency
> and especially locking right is imposisble with out that.
What I meant was that I use them as an example for a linear and fanout
stacking examples. While unioning itself is a complex operation, the general
idea of one set of vfs objects (dentry, inode, etc.) pointing to several
lower ones is very generic and applies to all fan-out stackable fs.
Josef "Jeff" Sipek.
--
Linux, n.:
Generous programmers from around the world all join forces to help
you shoot yourself in the foot for free.
On Tue, Jan 09, 2007 at 09:53:45AM +0000, Christoph Hellwig wrote:
> On Mon, Jan 08, 2007 at 07:03:35PM -0500, Erez Zadok wrote:
> > However, I must caution that a file system like ecryptfs is very different
> > from Unionfs, the latter being a fan-out file system---and both have very
> > different goals. The common code between the two file systems, at this
> > stage, is not much (and we've already extracted some of it into the "stackfs
> > layer").
>
> I think that's an very important point. We have a chance to get that
> non-fanout filesystems right quite easily - something I wished that would
> have been done before the ecryptfs merge - while getting fan-out stackable
> filesystems is a really hard task.
Hard or harder?
> In addition to that I know exactly
> one fan-out stackable filesystem that is posisbly useful, which is unionfs.
RAIF is another fan-out stackable fs with much more complex logic. (Just the
other day, I saw an announcement for a new version on fsdevel.)
Josef "Jeff" Sipek.
--
Evolution, n.:
A hypothetical process whereby infinitely improbable events occur with
alarming frequency, order arises from chaos, and no one is given credit.
On Tue, Jan 09, 2007 at 05:43:33AM -0500, Josef Sipek wrote:
> RAIF is another fan-out stackable fs with much more complex logic. (Just the
> other day, I saw an announcement for a new version on fsdevel.)
I didn't say none exist, but rather none is useful. While RAIF is
definitly an excellent exercise in academic masturbation it is not in
any remote way practically useful.
On Tue, Jan 09, 2007 at 05:43:33AM -0500, Josef Sipek wrote:
> > I think that's an very important point. We have a chance to get that
> > non-fanout filesystems right quite easily - something I wished that would
> > have been done before the ecryptfs merge - while getting fan-out stackable
> > filesystems is a really hard task.
>
> Hard or harder?
Hard as in really hard.
> On Mon, Jan 08, 2007 at 11:18:52AM -0800, Andrew Morton wrote:
> > On Sun, 7 Jan 2007 23:12:53 -0500
> > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> >
<snip>
> > > Any such change can cause Unionfs to oops, or stay
> > > silent and even RESULT IN DATA LOSS.
> >
> > With a rather rough user interface ;)
>
> That statement is meant to scare people away from modifying the lower fs :)
> I tortured unionfs quite a bit, and it can oops but it takes some effort.
But isn't it then potential DOS? If you happen to union two filesystems
and an untrusted user has write access to both original filesystem and
the union, then you say he'd be able to produce oops? That does not
sound very secure to me... And if any secure use of unionfs requires
limitting access to the original trees, then I think it's a good reason
to implement it in unionfs itself. Just my 2 cents.
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
> In message <[email protected]>, Andrew Morton writes:
> > On Sun, 7 Jan 2007 23:12:53 -0500
> > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> >
> > > +Modifying a Unionfs branch directly, while the union is mounted, is
> > > +currently unsupported.
> >
> > Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> > am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> > alter stuff under /mnt/union?
> >
> > If so, that sounds like a significant limitation.
<snip>
> Now, we've discussed a number of possible solutions. Thanks to suggestions
> we got at OLS, we discussed a way to hide the lower namespace, or make it
> readonly, using existing kernel facilities. But my understanding is that
> even it'd work, it'd only address new processes: if an existing process has
> an open fd in a lower branch before we "lock up" the lower branch's name
> space, that process may still be able to make lower-level changes.
> Detecting such processes may not be easy. What to do with them, once
> detected, is also unclear. We welcome suggestions.
Yes, making fs readonly at VFS level would not work for already opened
files. But you if you create new union, you could lock down the
filesystems you are unioning (via s_umount semaphore), go through lists
of all open fd's on those filesystems and check whether they are open
for write or not. If some fd is open for writing, you simply fail to
create the union (and it's upto user to solve the problem). Otherwise
you mark filesystems as RO and safely proceed with creating the union.
I guess you must have come up with this solution. So what is the problem
with it?
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
On Tue, 2007-01-09 at 13:15 +0100, Jan Kara wrote:
> > On Mon, Jan 08, 2007 at 11:18:52AM -0800, Andrew Morton wrote:
> > > On Sun, 7 Jan 2007 23:12:53 -0500
> > > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> > >
> <snip>
>
> > > > Any such change can cause Unionfs to oops, or stay
> > > > silent and even RESULT IN DATA LOSS.
> > >
> > > With a rather rough user interface ;)
> >
> > That statement is meant to scare people away from modifying the lower fs :)
> > I tortured unionfs quite a bit, and it can oops but it takes some effort.
> But isn't it then potential DOS? If you happen to union two filesystems
> and an untrusted user has write access to both original filesystem and
> the union, then you say he'd be able to produce oops? That does not
> sound very secure to me... And if any secure use of unionfs requires
> limitting access to the original trees, then I think it's a good reason
> to implement it in unionfs itself. Just my 2 cents.
You mean somebody like, say, a perfectly innocent process working on the
NFS server or some other client that is oblivious to the existence of
unionfs stacks on your particular machine?
To me, this has always sounded like a showstopper for using unionfs with
a remote filesystem.
Trond
On Tue, 2007-01-09 at 13:26 +0100, Jan Kara wrote:
> Yes, making fs readonly at VFS level would not work for already opened
> files. But you if you create new union, you could lock down the
> filesystems you are unioning (via s_umount semaphore), go through lists
> of all open fd's on those filesystems and check whether they are open
> for write or not. If some fd is open for writing, you simply fail to
> create the union (and it's upto user to solve the problem). Otherwise
> you mark filesystems as RO and safely proceed with creating the union.
> I guess you must have come up with this solution. So what is the problem
> with it?
Aside from the fact that this is racy (s_umount doesn't protect you
against a process opening a new file while you are busy running through
the open fds to see if you can reset the MS_RDONLY flag) all you will
have achieved is ensure that your client won't write to the file. You
will still be able to Oops.
Trond
On Tue, 2007-01-09 at 11:30 -0500, Trond Myklebust wrote:
> On Tue, 2007-01-09 at 13:15 +0100, Jan Kara wrote:
> > > On Mon, Jan 08, 2007 at 11:18:52AM -0800, Andrew Morton wrote:
> > > > On Sun, 7 Jan 2007 23:12:53 -0500
> > > > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> > > >
> > <snip>
> >
> > > > > Any such change can cause Unionfs to oops, or stay
> > > > > silent and even RESULT IN DATA LOSS.
> > > >
> > > > With a rather rough user interface ;)
> > >
> > > That statement is meant to scare people away from modifying the lower fs :)
> > > I tortured unionfs quite a bit, and it can oops but it takes some effort.
> > But isn't it then potential DOS? If you happen to union two filesystems
> > and an untrusted user has write access to both original filesystem and
> > the union, then you say he'd be able to produce oops? That does not
> > sound very secure to me... And if any secure use of unionfs requires
> > limitting access to the original trees, then I think it's a good reason
> > to implement it in unionfs itself. Just my 2 cents.
>
> You mean somebody like, say, a perfectly innocent process working on the
> NFS server or some other client that is oblivious to the existence of
> unionfs stacks on your particular machine?
> To me, this has always sounded like a showstopper for using unionfs with
> a remote filesystem.
Again, what about fibre channel support? Imagine I have multiple blades
connected to a SAN. For whatever reason I format the san w/ ext3 (I've
actually done this when we didn't need sharing, just needed a huge disk,
for instance for doing benchmarks where I needed a large data set that
was bigger than the 40GB disk that the blades came with). I better not
touch that disk from any of the other blades.
All you are saying is unionfs should always make sure its data is sane,
never make assumptions about it being correct.
Put it this way, imagine I have an ext3 fs on a SAN, I can only use it
frm one machine. Lets say I want to be smart and mount the FS read-only
from another machine, should I have any expectation that it will work?
Nope.
Now, under what conditions can one expect unionfs to work? Basically,
where the underlying FS isn't being modified (though possible others).
Is that a reasonable condition. I believe so. If you disobey the
condition, the machine shouldn't oops, but it should detect it and tell
you and shut down usage of the FS.
On Tue, 2007-01-09 at 11:41 -0500, Shaya Potter wrote:
> On Tue, 2007-01-09 at 11:30 -0500, Trond Myklebust wrote:
> > You mean somebody like, say, a perfectly innocent process working on the
> > NFS server or some other client that is oblivious to the existence of
> > unionfs stacks on your particular machine?
> > To me, this has always sounded like a showstopper for using unionfs with
> > a remote filesystem.
>
> Again, what about fibre channel support? Imagine I have multiple blades
> connected to a SAN. For whatever reason I format the san w/ ext3 (I've
> actually done this when we didn't need sharing, just needed a huge disk,
> for instance for doing benchmarks where I needed a large data set that
> was bigger than the 40GB disk that the blades came with). I better not
> touch that disk from any of the other blades.
>
> All you are saying is unionfs should always make sure its data is sane,
> never make assumptions about it being correct.
>
> Put it this way, imagine I have an ext3 fs on a SAN, I can only use it
> frm one machine. Lets say I want to be smart and mount the FS read-only
> from another machine, should I have any expectation that it will work?
> Nope.
>
> Now, under what conditions can one expect unionfs to work? Basically,
> where the underlying FS isn't being modified (though possible others).
> Is that a reasonable condition. I believe so. If you disobey the
> condition, the machine shouldn't oops, but it should detect it and tell
> you and shut down usage of the FS.
I'm saying that at the very least it should not Oops in these
situations. As to whether or not they are something you want to handle
more gracefully, that is up to you, but Oopses are definitely a
showstopper.
Trond
> On Tue, 2007-01-09 at 13:26 +0100, Jan Kara wrote:
> > Yes, making fs readonly at VFS level would not work for already opened
> > files. But you if you create new union, you could lock down the
> > filesystems you are unioning (via s_umount semaphore), go through lists
> > of all open fd's on those filesystems and check whether they are open
> > for write or not. If some fd is open for writing, you simply fail to
> > create the union (and it's upto user to solve the problem). Otherwise
> > you mark filesystems as RO and safely proceed with creating the union.
> > I guess you must have come up with this solution. So what is the problem
> > with it?
>
> Aside from the fact that this is racy (s_umount doesn't protect you
> against a process opening a new file while you are busy running through
> the open fds to see if you can reset the MS_RDONLY flag) all you will
Ok, but if we first set MS_RDONLY and then check, we should be safe
against new open's.
> have achieved is ensure that your client won't write to the file. You
> will still be able to Oops.
But once you have MS_RDONLY set, there should be no modifications of
the underlying filesystem, should they? And I have understood that the
only problem is modifying the filesystem underneath unionfs. But maybe
I'm missing something.
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
On Tue, 2007-01-09 at 18:04 +0100, Jan Kara wrote:
> But once you have MS_RDONLY set, there should be no modifications of
> the underlying filesystem, should they? And I have understood that the
> only problem is modifying the filesystem underneath unionfs. But maybe
> I'm missing something.
Remote filesystems. The MS_RDONLY bit on your client means bugger all to
the server and all the other clients.
Trond
On Tue, 2007-01-09 at 12:03 -0500, Trond Myklebust wrote:
> I'm saying that at the very least it should not Oops in these
> situations. As to whether or not they are something you want to handle
> more gracefully, that is up to you, but Oopses are definitely a
> showstopper.
I don't think anyone involved disagrees. Any oops is a bug that has to
be fixed.
> On Tue, 2007-01-09 at 11:30 -0500, Trond Myklebust wrote:
> > On Tue, 2007-01-09 at 13:15 +0100, Jan Kara wrote:
> > > > On Mon, Jan 08, 2007 at 11:18:52AM -0800, Andrew Morton wrote:
> > > > > On Sun, 7 Jan 2007 23:12:53 -0500
> > > > > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> > > > >
> > > <snip>
> > >
> > > > > > Any such change can cause Unionfs to oops, or stay
> > > > > > silent and even RESULT IN DATA LOSS.
> > > > >
> > > > > With a rather rough user interface ;)
> > > >
> > > > That statement is meant to scare people away from modifying the lower fs :)
> > > > I tortured unionfs quite a bit, and it can oops but it takes some effort.
> > > But isn't it then potential DOS? If you happen to union two filesystems
> > > and an untrusted user has write access to both original filesystem and
> > > the union, then you say he'd be able to produce oops? That does not
> > > sound very secure to me... And if any secure use of unionfs requires
> > > limitting access to the original trees, then I think it's a good reason
> > > to implement it in unionfs itself. Just my 2 cents.
> >
> > You mean somebody like, say, a perfectly innocent process working on the
> > NFS server or some other client that is oblivious to the existence of
> > unionfs stacks on your particular machine?
> > To me, this has always sounded like a showstopper for using unionfs with
> > a remote filesystem.
>
> Again, what about fibre channel support? Imagine I have multiple blades
> connected to a SAN. For whatever reason I format the san w/ ext3 (I've
> actually done this when we didn't need sharing, just needed a huge disk,
> for instance for doing benchmarks where I needed a large data set that
> was bigger than the 40GB disk that the blades came with). I better not
> touch that disk from any of the other blades.
>
> All you are saying is unionfs should always make sure its data is sane,
> never make assumptions about it being correct.
Nope. I just say that unionfs should do some reasonable precautions so
that it's not easy to screw it (especially not in a DOS way). If I have
a device, then it is usually accessible only to admin and so user cannot
usually do anything bad to e.g. ext3. On the other hand part of
namespace (that unionfs takes instead of a device) is often accessible to
user and so I'd expect it wouldn't be uncommon for a user to be able to
screw unionfs. Of course, you can say: In a reasonable setup, unioned
trees should not be accessible to ordinary user (e.g. their topmost
directory should have 000 permissions). I'm just not sure whether
an average admin will setup his union trees in this way...
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
In message <[email protected]>, Trond Myklebust writes:
> I'm saying that at the very least it should not Oops in these
> situations. As to whether or not they are something you want to handle
> more gracefully, that is up to you, but Oopses are definitely a
> showstopper.
>
> Trond
I totally agree: oopsing is unacceptable. Instead Unionfs should handle it
more gracefully than an oops.
Now, a lot of this "scare" in the past couple of days had been the result of
our documentation, which was intended to prevent people from mucking with
the lower f/s. As Jeff said already yesterday, many of the possible oopses
were already fixed, and you'll be hard pressed right now to be able to
tickle more oopses. But, to be sure, we'll run more tests, and fix whatever
else we can.
Erez.
In message <[email protected]>, Jan Kara writes:
> > In message <[email protected]>, Andrew Morton writes:
> > > On Sun, 7 Jan 2007 23:12:53 -0500
> > > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> > >
> > > > +Modifying a Unionfs branch directly, while the union is mounted, is
> > > > +currently unsupported.
> > >
> > > Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> > > am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> > > alter stuff under /mnt/union?
> > >
> > > If so, that sounds like a significant limitation.
> <snip>
> > Now, we've discussed a number of possible solutions. Thanks to suggestions
> > we got at OLS, we discussed a way to hide the lower namespace, or make it
> > readonly, using existing kernel facilities. But my understanding is that
> > even it'd work, it'd only address new processes: if an existing process has
> > an open fd in a lower branch before we "lock up" the lower branch's name
> > space, that process may still be able to make lower-level changes.
> > Detecting such processes may not be easy. What to do with them, once
> > detected, is also unclear. We welcome suggestions.
> Yes, making fs readonly at VFS level would not work for already opened
> files. But you if you create new union, you could lock down the
> filesystems you are unioning (via s_umount semaphore), go through lists
> of all open fd's on those filesystems and check whether they are open
> for write or not. If some fd is open for writing, you simply fail to
> create the union (and it's upto user to solve the problem). Otherwise
> you mark filesystems as RO and safely proceed with creating the union.
> I guess you must have come up with this solution. So what is the problem
> with it?
Jan, all of it is duable: we can downgrade the f/s to readonly, grab various
locks, search through various lists looking for open fd's and such, then
decide if to allow the mount or not. And hopefully all of that can be done
in a non-racy manner. But it feels just rather hacky and ugly to me. If
this community will endorse such a solution, we'll be happy to develop it.
But right now my impression is that if we posted such patches today, some
people will have to wipe the vomit off of their monitors... :-)
Seriously, can someone suggest a step-by-step procedure to handling this
issue, maybe even sprinkle some pseudo code there? Is there a procedure
that is clean and acceptable to all? We'd love to hear it.
> Honza
> --
> Jan Kara <[email protected]>
> SuSE CR Labs
Thanks,
Erez.
In message <[email protected]>, Christoph Hellwig writes:
> On Mon, Jan 08, 2007 at 07:03:35PM -0500, Erez Zadok wrote:
> > However, I must caution that a file system like ecryptfs is very different
> > from Unionfs, the latter being a fan-out file system---and both have very
> > different goals. The common code between the two file systems, at this
> > stage, is not much (and we've already extracted some of it into the "stackfs
> > layer").
>
> I think that's an very important point. We have a chance to get that
> non-fanout filesystems right quite easily - something I wished that would
> have been done before the ecryptfs merge - while getting fan-out stackable
> filesystems is a really hard task. In addition to that I know exactly
> one fan-out stackable filesystem that is posisbly useful, which is unionfs.
Christoph, on our Unionfs mailing list, we've been asked numerous times for
additional functionality. People asked for load balancing based on CPU
time, rtt, latency, space available, etc. People asked for replication
functionality. People asked for failover. And more. Some users have
become so motivated, that they developed and maintain their own Unionfs
patches to support rudimentary load-balancing and replication.
Our answer had always been the same: those features are nice, but have no
place in Unionfs. That's why we've created RAIF, exactly to give all those
who wanted "just one more thing added to Unionfs" another f/s to play with.
Who knows, maybe one day, some of those features may wind up in a Unionfs-NG
or as composable VFS plugins. But for now, we've given the community RAIF
so they can play with it, experiment, enhance, whatever. RAIF is newer
than Unionfs and for now we're just accumulating experience with it.
In other words, I think there are other fan-out file systems of use other
than Unionfs. If and when Unionfs made it into mainline, I'll guarantee you
that you'll have users asking for other fan-out functionality. That is why I
think it is prudent to wait and gather more experience with stackable file
systems in Linux, before embarking on a more generic functionality layer,
which would support non-fanout as well as fanout extensions.
> Because of that I'm much more inclined to add VFS asistance for this
> particular problem (unioning) instead of adding complex infrastructure
> to solve a general problem that people don't benefit from.
I'd love to see VFS assistance for Unioning in particular and for stacking
in general. But again, I prefer to gather some practical experience first,
and then try to generalize any new VFS-level helper functionality.
Sincerely,
Erez.
On 1/9/07, Erez Zadok <[email protected]> wrote:
> In message <[email protected]>, Christoph Hellwig writes:
> > On Mon, Jan 08, 2007 at 07:03:35PM -0500, Erez Zadok wrote:
> > > However, I must caution that a file system like ecryptfs is very different
> > > from Unionfs, the latter being a fan-out file system---and both have very
> > > different goals. The common code between the two file systems, at this
> > > stage, is not much (and we've already extracted some of it into the "stackfs
> > > layer").
> >
> > I think that's an very important point. We have a chance to get that
> > non-fanout filesystems right quite easily - something I wished that would
> > have been done before the ecryptfs merge - while getting fan-out stackable
> > filesystems is a really hard task. In addition to that I know exactly
> > one fan-out stackable filesystem that is posisbly useful, which is unionfs.
>
> Christoph, on our Unionfs mailing list, we've been asked numerous times for
> additional functionality. People asked for load balancing based on CPU
> time, rtt, latency, space available, etc. People asked for replication
> functionality. People asked for failover. And more. Some users have
> become so motivated, that they developed and maintain their own Unionfs
> patches to support rudimentary load-balancing and replication.
>
> Our answer had always been the same: those features are nice, but have no
> place in Unionfs. That's why we've created RAIF, exactly to give all those
Erez hello
my name is raz.
Just for my better understanding , raifs stands for raided file system ?
what sort of raids do they have ?
thank you
raz
> who wanted "just one more thing added to Unionfs" another f/s to play with.
> Who knows, maybe one day, some of those features may wind up in a Unionfs-NG
> or as composable VFS plugins. But for now, we've given the community RAIF
> so they can play with it, experiment, enhance, whatever. RAIF is newer
> than Unionfs and for now we're just accumulating experience with it.
>
> In other words, I think there are other fan-out file systems of use other
> than Unionfs. If and when Unionfs made it into mainline, I'll guarantee you
> that you'll have users asking for other fan-out functionality. That is why I
> think it is prudent to wait and gather more experience with stackable file
> systems in Linux, before embarking on a more generic functionality layer,
> which would support non-fanout as well as fanout extensions.
>
> > Because of that I'm much more inclined to add VFS asistance for this
> > particular problem (unioning) instead of adding complex infrastructure
> > to solve a general problem that people don't benefit from.
>
> I'd love to see VFS assistance for Unioning in particular and for stacking
> in general. But again, I prefer to gather some practical experience first,
> and then try to generalize any new VFS-level helper functionality.
>
> Sincerely,
> Erez.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
--
Raz
In message <[email protected]>, "Raz Ben-Jehuda(caro)" writes:
> On 1/9/07, Erez Zadok <[email protected]> wrote:
> > In message <[email protected]>, Christoph Hellwig writes:
> > > On Mon, Jan 08, 2007 at 07:03:35PM -0500, Erez Zadok wrote:
> > > > However, I must caution that a file system like ecryptfs is very different
> > > > from Unionfs, the latter being a fan-out file system---and both have very
> > > > different goals. The common code between the two file systems, at this
> > > > stage, is not much (and we've already extracted some of it into the "stackfs
> > > > layer").
> > >
> > > I think that's an very important point. We have a chance to get that
> > > non-fanout filesystems right quite easily - something I wished that would
> > > have been done before the ecryptfs merge - while getting fan-out stackable
> > > filesystems is a really hard task. In addition to that I know exactly
> > > one fan-out stackable filesystem that is posisbly useful, which is unionfs.
> >
> > Christoph, on our Unionfs mailing list, we've been asked numerous times for
> > additional functionality. People asked for load balancing based on CPU
> > time, rtt, latency, space available, etc. People asked for replication
> > functionality. People asked for failover. And more. Some users have
> > become so motivated, that they developed and maintain their own Unionfs
> > patches to support rudimentary load-balancing and replication.
> >
> > Our answer had always been the same: those features are nice, but have no
> > place in Unionfs. That's why we've created RAIF, exactly to give all those
>
> Erez hello
> my name is raz.
> Just for my better understanding , raifs stands for raided file system ?
> what sort of raids do they have ?
> thank you
> raz
To start with, see <http://www.fsl.cs.sunysb.edu/project-raif.html> for
software and documentation. RAIF is storage virtualization at the file
level. It can do levels 0, 1, 2, 4, 5, 6, and several combos. It's
designed such that you could easily plugin a new RAID policy/level that you
invent. We've got LB functionality too (RR and proportional share). And
you can configure stuff on a per file, per dir, or per file-type basis.
BTW, the lkml forum may not be the best forum to discuss it: better divert
future discussions to fsdevel or one of our lists (which you can get to from
the RAIF project URL above).
Cheers,
Erez.
On Jan 9 2007 11:41, Shaya Potter wrote:
>
>Again, what about fibre channel support? Imagine I have multiple blades
>connected to a SAN. For whatever reason I format the san w/ ext3 (I've
>actually done this when we didn't need sharing, just needed a huge disk,
>for instance for doing benchmarks where I needed a large data set that
>was bigger than the 40GB disk that the blades came with). I better not
>touch that disk from any of the other blades.
Except probably for the shared partition table, there should not be a
problem if you mount sda1 on one blade, sda2 on another, etc. Or use
something like GFS2 if you want sharing ;-)
-`J'
--
> In message <[email protected]>, Jan Kara writes:
> > > In message <[email protected]>, Andrew Morton writes:
> > > > On Sun, 7 Jan 2007 23:12:53 -0500
> > > > "Josef 'Jeff' Sipek" <[email protected]> wrote:
> > > >
> > > > > +Modifying a Unionfs branch directly, while the union is mounted, is
> > > > > +currently unsupported.
> > > >
> > > > Does this mean that if I have /a/b/ and /c/d/ unionised under /mnt/union, I
> > > > am not allowed to alter anything under /a/b/ and /c/d/? That I may only
> > > > alter stuff under /mnt/union?
> > > >
> > > > If so, that sounds like a significant limitation.
> > <snip>
> > > Now, we've discussed a number of possible solutions. Thanks to suggestions
> > > we got at OLS, we discussed a way to hide the lower namespace, or make it
> > > readonly, using existing kernel facilities. But my understanding is that
> > > even it'd work, it'd only address new processes: if an existing process has
> > > an open fd in a lower branch before we "lock up" the lower branch's name
> > > space, that process may still be able to make lower-level changes.
> > > Detecting such processes may not be easy. What to do with them, once
> > > detected, is also unclear. We welcome suggestions.
> > Yes, making fs readonly at VFS level would not work for already opened
> > files. But you if you create new union, you could lock down the
> > filesystems you are unioning (via s_umount semaphore), go through lists
> > of all open fd's on those filesystems and check whether they are open
> > for write or not. If some fd is open for writing, you simply fail to
> > create the union (and it's upto user to solve the problem). Otherwise
> > you mark filesystems as RO and safely proceed with creating the union.
> > I guess you must have come up with this solution. So what is the problem
> > with it?
>
> Jan, all of it is duable: we can downgrade the f/s to readonly, grab various
> locks, search through various lists looking for open fd's and such, then
> decide if to allow the mount or not. And hopefully all of that can be done
> in a non-racy manner. But it feels just rather hacky and ugly to me. If
> this community will endorse such a solution, we'll be happy to develop it.
> But right now my impression is that if we posted such patches today, some
> people will have to wipe the vomit off of their monitors... :-)
I see :). To me it just sounds as if you want to do remount-read-only
for source filesystems, which is operation we support perfectly fine,
and after that create union mount. But I agree you cannot do quite that
since you need to have write access later from your union mount. So
maybe it's not so easy as I thought.
On the other hand, there was some effort to support read-only bind-mounts of
read-write filesystems (there were even some patches floating around but
I don't think they got merged) and that should be even closer to what
you'd need...
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
In message <[email protected]>, Jan Kara writes:
> > In message <[email protected]>, Jan Kara writes:
[...]
> > Jan, all of it is duable: we can downgrade the f/s to readonly, grab various
> > locks, search through various lists looking for open fd's and such, then
> > decide if to allow the mount or not. And hopefully all of that can be done
> > in a non-racy manner. But it feels just rather hacky and ugly to me. If
> > this community will endorse such a solution, we'll be happy to develop it.
> > But right now my impression is that if we posted such patches today, some
> > people will have to wipe the vomit off of their monitors... :-)
> I see :). To me it just sounds as if you want to do remount-read-only
> for source filesystems, which is operation we support perfectly fine,
> and after that create union mount. But I agree you cannot do quite that
> since you need to have write access later from your union mount. So
> maybe it's not so easy as I thought.
> On the other hand, there was some effort to support read-only bind-mounts of
> read-write filesystems (there were even some patches floating around but
> I don't think they got merged) and that should be even closer to what
> you'd need...
I didn't know about those patches, but yes, they do sound useful. I'm
curious who needed such functionality before and why. If someone can point
me to those patches, we can look into using them for Unionfs. Thanks.
> Honza
> --
> Jan Kara <[email protected]>
> SuSE CR Labs
> -
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Erez.
Erez Zadok wrote:
> I didn't know about those patches, but yes, they do sound useful. I'm
> curious who needed such functionality before and why. If someone can point
> me to those patches, we can look into using them for Unionfs. Thanks.
I asked for it years ago, You can probably guess why :)
see http://marc.theaimsgroup.com/?l=linux-fsdevel&m=105419650921086&w=2
just had too many other things to do then follow the roadmap Al gave.
> In message <[email protected]>, Jan Kara writes:
> > > In message <[email protected]>, Jan Kara writes:
> [...]
> > > Jan, all of it is duable: we can downgrade the f/s to readonly, grab various
> > > locks, search through various lists looking for open fd's and such, then
> > > decide if to allow the mount or not. And hopefully all of that can be done
> > > in a non-racy manner. But it feels just rather hacky and ugly to me. If
> > > this community will endorse such a solution, we'll be happy to develop it.
> > > But right now my impression is that if we posted such patches today, some
> > > people will have to wipe the vomit off of their monitors... :-)
> > I see :). To me it just sounds as if you want to do remount-read-only
> > for source filesystems, which is operation we support perfectly fine,
> > and after that create union mount. But I agree you cannot do quite that
> > since you need to have write access later from your union mount. So
> > maybe it's not so easy as I thought.
> > On the other hand, there was some effort to support read-only bind-mounts of
> > read-write filesystems (there were even some patches floating around but
> > I don't think they got merged) and that should be even closer to what
> > you'd need...
>
> I didn't know about those patches, but yes, they do sound useful. I'm
> curious who needed such functionality before and why. If someone can point
> me to those patches, we can look into using them for Unionfs. Thanks.
Dave Hansen writes them. One of recent submissions starts for example at
http://openvz.org/pipermail/devel/2006-December/002543.html.
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
On Wed, Jan 10, 2007 at 05:12:15PM +0100, Jan Kara wrote:
> I see :). To me it just sounds as if you want to do remount-read-only
> for source filesystems, which is operation we support perfectly fine,
> and after that create union mount. But I agree you cannot do quite that
> since you need to have write access later from your union mount. So
> maybe it's not so easy as I thought.
> On the other hand, there was some effort to support read-only bind-mounts of
> read-write filesystems (there were even some patches floating around but
> I don't think they got merged) and that should be even closer to what
> you'd need...
Since the RO flag is per-mount point, how do you guarantee that no one is
messing with the fs? (I haven't looked at the patches that do per mount
ro flag, but this would require some over-arching ro flag - in the
superblock most likely.)
Josef "Jeff" Sipek.
--
I think there is a world market for maybe five computers.
- Thomas Watson, chairman of IBM, 1943.
Josef Sipek wrote:
> On Wed, Jan 10, 2007 at 05:12:15PM +0100, Jan Kara wrote:
>> I see :). To me it just sounds as if you want to do remount-read-only
>> for source filesystems, which is operation we support perfectly fine,
>> and after that create union mount. But I agree you cannot do quite that
>> since you need to have write access later from your union mount. So
>> maybe it's not so easy as I thought.
>> On the other hand, there was some effort to support read-only bind-mounts of
>> read-write filesystems (there were even some patches floating around but
>> I don't think they got merged) and that should be even closer to what
>> you'd need...
>
> Since the RO flag is per-mount point, how do you guarantee that no one is
> messing with the fs? (I haven't looked at the patches that do per mount
> ro flag, but this would require some over-arching ro flag - in the
> superblock most likely.)
I thought about it, wrote an email, then cancelled it as it won't work.
what I thought was that you could a limited unionfs case would be with X
layers read-only and the top layer read-write, and what you would do is
dynamically make read only bind mounts for the the X layers and since
you control the top layer hide it from the system.
However, read only bind mounts are great if you want a limit a process
to accessing the files read-only, as they won't have access to the other
vfs_mounts, but it does nothing for the other vfs_mounts that are using
that same file system. hence, does us no good.
> Josef Sipek wrote:
> >On Wed, Jan 10, 2007 at 05:12:15PM +0100, Jan Kara wrote:
> >> I see :). To me it just sounds as if you want to do remount-read-only
> >>for source filesystems, which is operation we support perfectly fine,
> >>and after that create union mount. But I agree you cannot do quite that
> >>since you need to have write access later from your union mount. So
> >>maybe it's not so easy as I thought.
> >> On the other hand, there was some effort to support read-only
> >> bind-mounts of
> >>read-write filesystems (there were even some patches floating around but
> >>I don't think they got merged) and that should be even closer to what
> >>you'd need...
> >
> >Since the RO flag is per-mount point, how do you guarantee that no one is
> >messing with the fs? (I haven't looked at the patches that do per mount
> >ro flag, but this would require some over-arching ro flag - in the
> >superblock most likely.)
>
> I thought about it, wrote an email, then cancelled it as it won't work.
>
> what I thought was that you could a limited unionfs case would be with X
> layers read-only and the top layer read-write, and what you would do is
> dynamically make read only bind mounts for the the X layers and since
> you control the top layer hide it from the system.
>
> However, read only bind mounts are great if you want a limit a process
> to accessing the files read-only, as they won't have access to the other
> vfs_mounts, but it does nothing for the other vfs_mounts that are using
> that same file system. hence, does us no good.
Right, you'd need to remount read-only all the mountpoints of one
filesystem. But if we had read-only bind-mounts, you could do such things
from userspace. It won't be 100% reliable (as it would be racy) but as a
basic protection against stupidity of admin it should work. And it would
be 100% safe against malicious intentions of average user (who has no
right to create new mountpoints).
Honza
--
Jan Kara <[email protected]>
SuSE CR Labs
Hi!
> > > That statement is meant to scare people away from modifying the lower fs :)
> > > I tortured unionfs quite a bit, and it can oops but it takes some effort.
> > But isn't it then potential DOS? If you happen to union two filesystems
> > and an untrusted user has write access to both original filesystem and
> > the union, then you say he'd be able to produce oops? That does not
> > sound very secure to me... And if any secure use of unionfs requires
> > limitting access to the original trees, then I think it's a good reason
> > to implement it in unionfs itself. Just my 2 cents.
>
> You mean somebody like, say, a perfectly innocent process working on the
> NFS server or some other client that is oblivious to the existence of
> unionfs stacks on your particular machine?
> To me, this has always sounded like a showstopper for using unionfs with
> a remote filesystem.
Actually, it is worse than that. find / (and updatedb) *will* write to
all the filesystems (atime).
Expecting sysadmins to know/prevent this seems like expecting quite a
lot from them. Sounds like a show stopper to me :-(....
Pavel
--
Thanks for all the (sleeping) penguins.
Pavel Machek wrote:
> Hi!
>
>>>> That statement is meant to scare people away from modifying the lower fs :)
>>>> I tortured unionfs quite a bit, and it can oops but it takes some effort.
>>> But isn't it then potential DOS? If you happen to union two filesystems
>>> and an untrusted user has write access to both original filesystem and
>>> the union, then you say he'd be able to produce oops? That does not
>>> sound very secure to me... And if any secure use of unionfs requires
>>> limitting access to the original trees, then I think it's a good reason
>>> to implement it in unionfs itself. Just my 2 cents.
>> You mean somebody like, say, a perfectly innocent process working on the
>> NFS server or some other client that is oblivious to the existence of
>> unionfs stacks on your particular machine?
>> To me, this has always sounded like a showstopper for using unionfs with
>> a remote filesystem.
>
> Actually, it is worse than that. find / (and updatedb) *will* write to
> all the filesystems (atime).
>
> Expecting sysadmins to know/prevent this seems like expecting quite a
> lot from them. Sounds like a show stopper to me :-(....
a modified atime will not affect unionfs at all (at least from my
experience)
On Tue, 2007-01-09 at 10:09 +0100, Oliver Neukum wrote:
> Am Dienstag, 9. Januar 2007 10:02 schrieb Peter Zijlstra:
> > Its a fundamental property of a mutex, not a shortcoming. A mutex has an
> > owner, the one that takes and releases the resource. This allows things
> > such as Priority Inheritance to boost owners.
> >
> > 'fixing' this takes away much of what a mutex is.
> >
> > That said, it seems some folks really want this to happen, weird as it
> > may be. I'm not sure if all these cases are because of wrong designs. A
> > possible extension to the mutex interface might be something like this:
> >
> > mutex_pass_owner(struct task_struct *task);
> >
> > which would be an atomic unlock/lock pair where the current task
> > releases the resource and the indicated task gains it. However it must
> > be understood that from the POV of 'current' this should be treated as
> > an unlock action.
>
> This won't help if I want to release from an interrupt handler or tasklet.
Then that shouldn't use a mutex. A mutex is for "mutual exclusion", and
not "shared exclusion". Peter is right that the fundamental property of
a mutex, is that it is for a single thread. And it should never be
released by a separate thread than the one that grabbed it.
A semaphore can be used as a mutex, but not the other way around.
I wouldn't even recommend doing the mutex_pass_owner(). To do so, the
process calling this must be the owner, and the parameter must be a
thread waiting on the mutex. If it is not, then that could introduce
some really nasty races and bugs.
The mutex_unlock_dont_warn_if_a_different_task_did_it() is also a bad
idea.
-- Steve