- 09 Mar, 2019 26 commits
-
-
J. R. Okajima authored
While most people (especially who use tmpfs as top writable branch) doesn't care, I care and think it can be a security problem. For example, when the lower readonly branch may contain /etc/{passwd,shadow} and the permission bits of the upper empty branch is world-writable, then a malicious user can make these files manually with by-passing aufs. Aufs can do nothing but produce a warning. For details, see aufs manual in aufs-util.git. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Introduce the new mount options, dirren and nodirren, which activates and deactivates DIRREN feature. In remount and unmount, the inum-list per branch should be flushed to the file. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
This commits brings a list of the inode numbers which indicates the logically renamed dir into a branch. The list will be referred in lookup, and its lifetime is equivalent to the branch's, ie. the list is loaded/created in adding a branch, and stored/deleted in deleting a branch. The simple storing happens in remounting and unmounting aufs too. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Since aufs can have multiple writable branches, these options are useful. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
This is a feature to optimize for rmdir and rename dir. When the number of whiteouts under the target dir is very many, it may take a long time to remove them all. To prevent this, 'dirwh=%d' option specifies the watermark to decide when to remove them. For details, see aufs manual in aufs-util.git. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Sometimes the aufs policy to respect the branch fs's permission bits makes users confused. IE. the direcotry permission bits on the top branch allows users to read, but the lower branch prohibts. This option may be useful for such case. See also the document in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
The permissions and attributes of a branch can be modified dynamically. See also the document in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Implement the user interface. Since users often wonder "Why I cannot delete this branch?", 'verbose' option was introduced. You may think aufs should not hold several strings for the variation of the option, and the mount helper (/sbin/mount.aufs) can convert all variations to a single fixed string, and in kernel space aufs should contain this only one string. I agree, but in our real world, many users don't install /sbin/mount.aufs. To be convenient, aufs contains these variations. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Delete a branch which is not busy. Aufs judges the branch is deletable by testing the opened files, the cached dentries and inodes. Even if a directory is in use, as long as the same named entry exist on another branch, then the branch is deletable. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
An enhancement for udba=none if possible. The condition is same to the 'no ->d_revalidate()' patch series. Refresh i_op in all cached inodes at the remount-time. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Optimize out ->d_revalidate() if possible. If the refreshing failed, then ->d_revalidate() remains. In this case, aufs has two types of dentries. One has ->d_revalidate, the other doesn't. I am afraid it will confuse me someday. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Maintain the internal array including corresponding XINO file and sysfs entries. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
This commit is just to prepare for the succeeding commit, and split to suppress the size of a single commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
In order to prevent firing the notify event from aufs itself, hnotify feature is suspend/resume-able. They are combined with mutex lock/unlock for the parent dir. See also previous commits. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
This is the hardest test to support UDBA (users' direct branch access). It uses 'fsnotify' internally. Detecting UDBA, decrements the generation of the cached aufs objects. In the next access to the file, aufs detects the generation is obsoleted and tries refreshing it. Eventually aufs cache will be updated to latest status. The fsnotify is set on the cached dirs on the non-RR branches. The RR (real readonly) branches will never be modified and it is unnecessary to set fsnotify for them. This commit is for the declarations mainly, and the body parts will be in succeeding commits. This feature is compiled only when CONFIG_AUFS_HNOTIFY is enabled. See also the document in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
As a result of branch management, the virtual inode may point a different real inode from it used to. And aufs has to maintain its address_space_operations, since its definition may affect the behaviour. I know some people (including grsec-patch) doesn't like a non-const address_space_operations, but in order to keep the consistency of the behaviour, the correct address_space_operations is important. See also the document in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Aufs allows users' direct branch access (UDBA), ie. by-passing aufs. Of course it will make aufs inode/dentry-caches obsolete. In order to detect such change by the several tests, "udba=" option is introduced. For details, see lookup.txt in later commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Several policies to select one among multiple writable branches. See also the document in previous commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Aufs can have multiple writable branches, and there are several policies to select one among them. This commit implements default "top-down-parent" for both of creating-policy and copyup-policy. See also the document in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Actually prepare the whiteout bases on the adding writable branch. For details, refer to previous commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
Aufs pseudo-link (plink) represents a virtual hardlink across the branches. To implement the plink maintenance mode, aufs uses procfs. See also the document in this commit. There is an external user-space utility called 'auplink' in aufs-util.git, which has these features. - 'list' shows the pseudo-linked inode numbers and filenames. - 'cpup' copies-up all pseudo-link to the writable branch. - 'flush' calls 'cpup', and then 'mount -o remount,clean_plink=inum' Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
As mentioned earlier, sometimes the size of XINO file is a problem. Aufs has a feature to truncate it asynchronously using workqueue. But it may not be so effective in some cases, and you may want to stop discontiguous distribution of the inode numbers on branch fs. See also the log in another commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
XINO and XIB files are read and written frequently after unlinked, and it means that the remote filesystems are not suitable for them. Additionally aufs shows their metadata via debugfs (in later commit). To make it easier to do this, aufs expects branch filesystems to maintain their i_size and i_blocks. And it means some filesystem are not suitable for XINO. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
XINO and XIB files are to maintain the inode numbers in aufs (cf. struct.txt and aufs manual in aufs-util.git). XINO file contains just a sequence of the inode numbers, and their offset in the file is real_inum x sizeof(inum). So the size is limited by s_maxbytes of the filesystem where XINO file is located. In order to support the larger inum, aufs stores XINO files as an internal array. Sometimes the size of XINO file can be a problem, ie. too big, particularly when XINO files are located on tmpfs. In this case, another separate patch tmpfs-ino.patch in aufs4-standalone.git is recommended (as well as vfs-ino.patch). The patch makes tmpfs to maintain inode number within itself and suppress its discontiguous distribution. See also the document in next commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
For details, see previous commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-
J. R. Okajima authored
The branch object is managed by the sbinfo object as an element of its internal array. The iinfo and dinfo objects contain the branch id, and it will be used to implement the correct order in branch management (add/del). See also the documents in this commit. Signed-off-by: J. R. Okajima <hooanon05g@gmail.com>
-