1. 25 7月, 2008 1 次提交
    • M
      eCryptfs: Privileged kthread for lower file opens · 746f1e55
      Michael Halcrow 提交于
      eCryptfs would really like to have read-write access to all files in the
      lower filesystem.  Right now, the persistent lower file may be opened
      read-only if the attempt to open it read-write fails.  One way to keep
      from having to do that is to have a privileged kthread that can open the
      lower persistent file on behalf of the user opening the eCryptfs file;
      this patch implements this functionality.
      
      This patch will properly allow a less-privileged user to open the eCryptfs
      file, followed by a more-privileged user opening the eCryptfs file, with
      the first user only being able to read and the second user being able to
      both read and write.  eCryptfs currently does this wrong; it will wind up
      calling vfs_write() on a file that was opened read-only.  This is fixed in
      this patch.
      Signed-off-by: NMichael Halcrow <mhalcrow@us.ibm.com>
      Cc: Dave Kleikamp <shaggy@austin.ibm.com>
      Cc: Serge Hallyn <serue@us.ibm.com>
      Cc: Eric Sandeen <sandeen@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      746f1e55
  2. 29 4月, 2008 1 次提交
  3. 15 2月, 2008 2 次提交
  4. 07 2月, 2008 4 次提交
  5. 25 1月, 2008 8 次提交
  6. 24 12月, 2007 1 次提交
  7. 18 12月, 2007 1 次提交
  8. 17 10月, 2007 10 次提交
  9. 12 8月, 2007 1 次提交
  10. 20 7月, 2007 1 次提交
    • P
      mm: Remove slab destructors from kmem_cache_create(). · 20c2df83
      Paul Mundt 提交于
      Slab destructors were no longer supported after Christoph's
      c59def9f change. They've been
      BUGs for both slab and slub, and slob never supported them
      either.
      
      This rips out support for the dtor pointer from kmem_cache_create()
      completely and fixes up every single callsite in the kernel (there were
      about 224, not including the slab allocator definitions themselves,
      or the documentation references).
      Signed-off-by: NPaul Mundt <lethal@linux-sh.org>
      20c2df83
  11. 12 7月, 2007 1 次提交
    • T
      sysfs: kill unnecessary attribute->owner · 7b595756
      Tejun Heo 提交于
      sysfs is now completely out of driver/module lifetime game.  After
      deletion, a sysfs node doesn't access anything outside sysfs proper,
      so there's no reason to hold onto the attribute owners.  Note that
      often the wrong modules were accounted for as owners leading to
      accessing removed modules.
      
      This patch kills now unnecessary attribute->owner.  Note that with
      this change, userland holding a sysfs node does not prevent the
      backing module from being unloaded.
      
      For more info regarding lifetime rule cleanup, please read the
      following message.
      
        http://article.gmane.org/gmane.linux.kernel/510293
      
      (tweaked by Greg to not delete the field just yet, to make it easier to
      merge things properly.)
      Signed-off-by: NTejun Heo <htejun@gmail.com>
      Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
      7b595756
  12. 17 5月, 2007 1 次提交
    • C
      Remove SLAB_CTOR_CONSTRUCTOR · a35afb83
      Christoph Lameter 提交于
      SLAB_CTOR_CONSTRUCTOR is always specified. No point in checking it.
      Signed-off-by: NChristoph Lameter <clameter@sgi.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Jens Axboe <jens.axboe@oracle.com>
      Cc: Steven French <sfrench@us.ibm.com>
      Cc: Michael Halcrow <mhalcrow@us.ibm.com>
      Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
      Cc: Miklos Szeredi <miklos@szeredi.hu>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Roman Zippel <zippel@linux-m68k.org>
      Cc: David Woodhouse <dwmw2@infradead.org>
      Cc: Dave Kleikamp <shaggy@austin.ibm.com>
      Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
      Cc: "J. Bruce Fields" <bfields@fieldses.org>
      Cc: Anton Altaparmakov <aia21@cantab.net>
      Cc: Mark Fasheh <mark.fasheh@oracle.com>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Jan Kara <jack@ucw.cz>
      Cc: David Chinner <dgc@sgi.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      a35afb83
  13. 08 5月, 2007 1 次提交
    • C
      slab allocators: Remove SLAB_DEBUG_INITIAL flag · 50953fe9
      Christoph Lameter 提交于
      I have never seen a use of SLAB_DEBUG_INITIAL.  It is only supported by
      SLAB.
      
      I think its purpose was to have a callback after an object has been freed
      to verify that the state is the constructor state again?  The callback is
      performed before each freeing of an object.
      
      I would think that it is much easier to check the object state manually
      before the free.  That also places the check near the code object
      manipulation of the object.
      
      Also the SLAB_DEBUG_INITIAL callback is only performed if the kernel was
      compiled with SLAB debugging on.  If there would be code in a constructor
      handling SLAB_DEBUG_INITIAL then it would have to be conditional on
      SLAB_DEBUG otherwise it would just be dead code.  But there is no such code
      in the kernel.  I think SLUB_DEBUG_INITIAL is too problematic to make real
      use of, difficult to understand and there are easier ways to accomplish the
      same effect (i.e.  add debug code before kfree).
      
      There is a related flag SLAB_CTOR_VERIFY that is frequently checked to be
      clear in fs inode caches.  Remove the pointless checks (they would even be
      pointless without removeal of SLAB_DEBUG_INITIAL) from the fs constructors.
      
      This is the last slab flag that SLUB did not support.  Remove the check for
      unimplemented flags from SLUB.
      Signed-off-by: NChristoph Lameter <clameter@sgi.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      50953fe9
  14. 03 5月, 2007 1 次提交
  15. 05 3月, 2007 1 次提交
  16. 02 3月, 2007 1 次提交
  17. 17 2月, 2007 1 次提交
  18. 13 2月, 2007 3 次提交
    • M
      [PATCH] eCryptfs: Generalize metadata read/write · dd2a3b7a
      Michael Halcrow 提交于
      Generalize the metadata reading and writing mechanisms, with two targets for
      now: metadata in file header and metadata in the user.ecryptfs xattr of the
      lower file.
      
      [akpm@osdl.org: printk warning fix]
      [bunk@stusta.de: make some needlessly global code static]
      Signed-off-by: NMichael Halcrow <mhalcrow@us.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      dd2a3b7a
    • M
      [PATCH] eCryptfs: xattr flags and mount options · 17398957
      Michael Halcrow 提交于
      This patch set introduces the ability to store cryptographic metadata into an
      lower file extended attribute rather than the lower file header region.
      
      This patch set implements two new mount options:
      
      ecryptfs_xattr_metadata
       - When set, newly created files will have their cryptographic
         metadata stored in the extended attribute region of the file rather
         than the header.
      
         When storing the data in the file header, there is a minimum of 8KB
         reserved for the header information for each file, making each file at
         least 12KB in size.  This can take up a lot of extra disk space if the user
         creates a lot of small files.  By storing the data in the extended
         attribute, each file will only occupy at least of 4KB of space.
      
         As the eCryptfs metadata set becomes larger with new features such as
         multi-key associations, most popular filesystems will not be able to store
         all of the information in the xattr region in some cases due to space
         constraints.  However, the majority of users will only ever associate one
         key per file, so most users will be okay with storing their data in the
         xattr region.
      
         This option should be used with caution.  I want to emphasize that the
         xattr must be maintained under all circumstances, or the file will be
         rendered permanently unrecoverable.  The last thing I want is for a user to
         forget to set an xattr flag in a backup utility, only to later discover
         that their backups are worthless.
      
      ecryptfs_encrypted_view
       - When set, this option causes eCryptfs to present applications a
         view of encrypted files as if the cryptographic metadata were
         stored in the file header, whether the metadata is actually stored
         in the header or in the extended attributes.
      
         No matter what eCryptfs winds up doing in the lower filesystem, I want
         to preserve a baseline format compatibility for the encrypted files.  As of
         right now, the metadata may be in the file header or in an xattr.  There is
         no reason why the metadata could not be put in a separate file in future
         versions.
      
         Without the compatibility mode, backup utilities would have to know to
         back up the metadata file along with the files.  The semantics of eCryptfs
         have always been that the lower files are self-contained units of encrypted
         data, and the only additional information required to decrypt any given
         eCryptfs file is the key.  That is what has always been emphasized about
         eCryptfs lower files, and that is what users expect.  Providing the
         encrypted view option will provide a way to userspace applications wherein
         they can always get to the same old familiar eCryptfs encrypted files,
         regardless of what eCryptfs winds up doing with the metadata behind the
         scenes.
      
      This patch:
      
      Add extended attribute support to version bit vector, flags to indicate when
      xattr or encrypted view modes are enabled, and support for the new mount
      options.
      Signed-off-by: NMichael Halcrow <mhalcrow@us.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      17398957
    • M
      [PATCH] eCryptfs: Public key; packet management · dddfa461
      Michael Halcrow 提交于
      Public key support code.  This reads and writes packets in the header that
      contain public key encrypted file keys.  It calls the messaging code in the
      previous patch to send and receive encryption and decryption request
      packets from the userspace daemon.
      
      [akpm@osdl.org: cleab fix]
      Signed-off-by: NMichael Halcrow <mhalcrow@us.ibm.com>
      Cc: David Howells <dhowells@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      dddfa461