Mimi Zohar wrote:
> The x509_validate_trust() was originally added for IMA to ensure, on a
> secure boot system, a certificate chain of trust rooted in hardware.
> The IMA MOK keyring extends this certificate chain of trust to the
> running system.
The problem is that
d keyring.
Whilst I appreciate what the patch is trying to do, I don't think this is
quite the right solution.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: Petko Manolov <pet...@mip-labs.com>
cc: Mimi Zohar <zo...@linux.vnet.ibm.com>
cc: keyri...@vger.kernel.org
-
Mimi Zohar wrote:
> Once the builtin keys are loaded onto the system keyring, isn't the
> system keyring locked?
No.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More
David Howells <dhowe...@redhat.com> wrote:
> Partially revert commit 41c89b64d7184a780f12f2cccdabe65cb2408893:
>
> Author: Petko Manolov <pet...@mip-labs.com>
> Date: Wed Dec 2 17:47:55 2015 +0200
> IMA: create machine owner and blacklis
Mimi Zohar wrote:
> You're missing Petko's patch:
> 41c89b6 IMA: create machine owner and blacklist keyrings
It should also be cc'd to the keyrings mailing list.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of
on a
self-signed cert then succeeding. This is most likely to happen when a
duplicate of the certificate is already on the trust keyring - in which
case it shouldn't be a problem.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
cc: Mi
Mimi Zohar wrote:
> You're missing Petko's patch:
> 41c89b6 IMA: create machine owner and blacklist keyrings
Hmmm... This is wrong. x509_key_preparse() shouldn't be polling the IMA MOK
keyring under all circumstances.
David
--
To unsubscribe from this list: send the
David Howells <dhowe...@redhat.com> wrote:
> If a certificate is self-signed, don't bother checking the validity of the
> signature. The cert cannot be checked by validation against the next one
> in the chain as this is the root of the chain. Trust for this certificate
> can
module when the result of calculating "m =
s^e mod n" is checked.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
cc: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
crypto/asymmetric_keys/x509_public_key.c | 15 ++
Here's a set of patches that fix X.509 time handling in three ways:
(1) Fix leap year handling.
(2) Add leap second handling (where you get a time of 23:59:60).
(3) Add end-of-day midnight encoding (where you get a time of 24:00:00).
David
---
David Howells (4):
X.509: Fix leap year
as valid parameters.
These facility will be used by the X.509 parser. Doing it in mktime64()
makes the policy common to the whole kernel and easier to find.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: Arnd Bergmann <a...@arndb.de>
cc: John Stultz <john.stu...@linaro.org>
Polzer <rpol...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
cc: John Stultz <john.stu...@linaro.org>
cc: Arnd Bergmann <a...@arndb.de>
---
crypto/asymmetric_keys/x509_cert_parser.c |2 +-
1 file chang
pol...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: Arnd Bergmann <a...@arndb.de>
cc: David Woodhouse <david.woodho...@intel.com>
cc: John Stultz <john.stu...@linaro.org>
---
crypto/asymmetric_keys/x509_cert_parser.c |2 +-
1 file changed, 1 insertion
Josh Boyer wrote:
> Should this also be Cc'd to stable?
Argh. Probably.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at
Linus Torvalds <torva...@linux-foundation.org> wrote:
> > David Howells (7):
> > Handle leap seconds in mktime64()
>
> This one is completely wrong.
>
> Leap seconds are inserted *at* the minute, not at the secodn before the
> minute.
>
> So
Linus Torvalds wrote:
> Side note: the key handling extra checks seem pretty pointless too.
Except that it has been argued that they have to be there or someone can use
dates that contribute to the signature to fake a signed content. Admittedly
being able to have
Polzer <rpol...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
cc: John Stultz <john.stu...@linaro.org>
cc: Arnd Bergmann <a...@arndb.de>
cc: sta...@vger.kernel.org
---
crypto/asymmetric_keys/x509_cert_
m>
Signed-off-by: David Howells <dhowe...@redhat.com>
Acked-By: David Woodhouse <david.woodho...@intel.com>
cc: sta...@vger.kernel.org
---
crypto/asymmetric_keys/x509_cert_parser.c |8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/crypto/asymmetric_keys/
from all the parameters since
they don't really achieve anything and we do need to alter the sec
parameter.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: John Stultz <john.stu...@linaro.org>
cc: Arnd Bergmann <a...@arndb.de>
cc: sta...@vger.kernel.org
---
include/l
the
Issuer and Subject names differ.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
---
crypto/asymmetric_keys/x509_public_key.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/crypto/asymmetric_key
.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: John Stultz <john.stu...@linaro.org>
cc: Arnd Bergmann <a...@arndb.de>
cc: sta...@vger.kernel.org
---
kernel/time/time.c |5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/kernel/time/time.c b/kernel
().
Without this patch, certain X.509 certificates will be rejected and could
lead to an unbootable kernel.
Reported-by: Rudolf Polzer <rpol...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: David Woodhouse <david.woodho...@intel.com>
cc: John Stultz <john.stu...
Here's a set of patches that fix X.509 time handling in three ways:
(1) Fix leap year handling.
(2) Add leap second handling (where you get a time of 23:59:60).
(3) Add end-of-day midnight encoding (where you get a time of 24:00:00).
David
---
David Howells (5):
X.509: Fix leap year
to handle kernel NULL pointer dereference at
0010
IP: [] user_read+0x56/0xa3
...
Call Trace:
[] keyctl_read_key+0xb6/0xd7
[] SyS_keyctl+0x83/0xe0
[] entry_SYSCALL_64_fastpath+0x12/0x6f
Reported-by: Dmitry Vyukov <dvyu...@google.com>
Greg Kroah-Hartman wrote:
> David, any reason you didn't put a cc: stable in the commit for it to be
> picked up in the stable releases?
I did cc it to stable.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of
Rudolf Polzer wrote:
> Also, while at it - apparently hour 24 is allowed by ISO 8601 too as long as
> minutes and seconds are zero, leading to even more non-canonicality... can
> you check whether this is also valid ASN.1 then?
Sorry, I missed this bit. The ASN.1 spec says
Paul Gortmaker wrote:
> Paul Gortmaker (2):
> security/keys: make big_key.c explicitly non-modular
> security/integrity: make ima/ima_mok.c explicitly non-modular
Note that I only see patch 1. Note also that keyri...@linux-nfs.org should
now be
Petko Manolov wrote:
> 0) does keyrings keep a timestamp when created or last updated? David?
No.
> 0) is crucial. If there is no such thing as "time of the last update" for
> keyrings i guess we'll either have to implement it or use another mechanism
> to get
onds value in the range 00-59.
Reported-by: Rudolf Polzer <rpol...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
---
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c
b/crypto/asymmetric_keys/x509_cert_parser.c
index 021d39c0ba75..f57c3c1b5ae7 100644
--- a/
Rudolf Polzer wrote:
> the leap second support still looks a bit suspect, as mktime64 will convert
> mm/dd/ HH/MM/60 and mm/dd/ HH/MM+1/00 to the same time64_t,
> essentially meaning that two different inputs can yield the same output,
> possibly violating ASN.1 CER
James Morris wrote:
> Is this triggerable by normal users?
Yes.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
d or it will fail with EINVAL before getting to the bit that
will crashes.
Reported-by: Dmitry Vyukov <dvyu...@google.com>
Signed-off-by: David Howells <dhowe...@redhat.com>
Acked-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
---
security/keys/encrypted-keys/encrypted.c |2
Hi James,
Can this be passed straight to Linus please?
Thanks,
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Al Viro wrote:
> All of them? I see two kinds there - one is magical symlink (recognized
> by contents in afs_iget()), another is this autocell thing, the latter
> having no ->readlink(). Both serve as automount points, don't they?
The "autocell" thing is where you
by doing the following:
cat <
Signed-off-by: David Howells <dhowe...@redhat.com>
Tested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Acked-by: David Woodhouse <david.woodho...@intel.com>
---
crypto/asymmetric_keys/x509_cert_parser.c | 12 +++-
1 file changed, 7 inser
by doing the following:
cat <
Signed-off-by: David Howells <dhowe...@redhat.com>
Tested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
Acked-by: David Woodhouse <david.woodho...@intel.com>
---
crypto/asymmetric_keys/x509_cert_parser.c | 12 +++-
1 file changed, 7 inser
be secondarily linked.
To accomplish this, the authentication data associated with the key source
must now be retained. For an X.509 cert, this means the contents of the
AuthorityKeyIdentifier and the signature data.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
certs/system_key
Merge the type-specific data with the payload data into one four-word chunk
as it seems pointless to keep them separate.
Use user_key_payload() for accessing the payloads of overloaded
user-defined keys.
Signed-off-by: David Howells <dhowe...@redhat.com>
cc: linux-c...@vger.kernel.org
cc:
These patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-next
And tagged with:
keys-next-20151021
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to
=keys-trust
and are tagged with:
keys-trust-20151021
David
---
David Howells (10):
KEYS: Generalise system_verify_data() to provide access to internal
content
PKCS#7: Make trust determination dependent on contents of trust keyring
KEYS: Add facility to check key
keyring being searched.
(3) KEY_ALLOC_TRUSTED now acts as an override. If this is passed to
key_create_or_update() then the ->verify_trust() method will be
ignored and the key will be added anyway.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
Documentation/security
Make the determination of the trustworthiness of a key dependent on whether
a key that can verify it is present in the ring of trusted keys rather than
whether or not the verifying key has KEY_FLAG_TRUSTED set.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
certs/system_key
to the
function. If the callback is not required, that can be set to NULL.
The function is now called verify_pkcs7_signature() to contrast with
verify_pefile_signature() and the definitions of both have been moved into
linux/verification.h along with the key_being_used_for enum.
Signed-off-by: David Howells
From: Insu Yun <wuni...@gmail.com>
key->description and key->index_key.description are same because
they are unioned. But, for readability, using same name for
duplication and validation seems better.
Signed-off-by: Insu Yun <wuni...@gmail.com>
Signed-off-by: David Howells &l
Certificate list at file offset 0x141c540
If vmlinux contains symbols then that is used rather than System.map - even
if one is given.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
scripts/extract-sys-certs.pl | 144 ++
1 file changed, 144 inse
Move the X.509 trust validation code out to its own file so that it can be
generalised.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
crypto/asymmetric_keys/Makefile |2
crypto/asymmetric_keys/public_key_trust.c | 192 +
it to a ring
of trusted keys or follow it further up the chain of trust.
Making these checks earlier allows x509_check_signature() to be removed and
replaced with direct calls to public_key_verify_signature().
Signed-off-by: David Howells <dhowe...@redhat.com>
---
crypto/asymmetri
. This means we can use
public_key_free() to get rid of the signature record.
Signed-off-by: David Howells <dhowe...@redhat.com>
---
crypto/asymmetric_keys/pkcs7_parser.c | 38 +++-
crypto/asymmetric_keys/pkcs7_parser.h | 10 +++---
crypto/asymmetric_keys/pkcs7_trust.c
Petko Manolov wrote:
> > > As far as i know there is no concept of write-once to a keyring in the
> > > kernel. David will correct me if i am wrong. I wonder how hard would
> > > it be to add such functionality, in case it is missing?
> >
> > Not hard, particularly if
Mimi Zohar wrote:
> > I need to think about this. Should -EKEYREVOKED be the same as -ENOKEY in
> > this case? I guess the end result is pretty much the same from IMA view
> > point, but there may be a requirement to list all revoked keys...
>
> When checking the
Dmitry Vyukov wrote:
> > Does the attached patch fix it for you?
>
> Yes, it fixes the crash for me.
Can I put you down as a Tested-by?
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to
with
keyring metadata.
Now the kernel gives an error:
request_key("keyring", "#selinux,bdekeyring", "keyring",
KEY_SPEC_USER_SESSION_KEYRING) = -1 EPERM (Operation not permitted)
Signed-off-by: David Howells <dhowe...@redhat.com>
---
security/keys/request
f/0x70
[] ? kthread_create_on_node+0x1c2/0x1c2
Note the value in RAX. This is a 32-bit representation of -ENOKEY.
The solution is to only call ->destroy() if the key was successfully
instantiated.
Reported-by: Dmitry Vyukov <dvyu...@google.com>
Signed-off-by: David Howells <dhowe...@
Hi Jarkko,
For some reason I don't see patch 1.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Dmitry Vyukov wrote:
> RAX: ff82
This is the value that matters. It would appear to be -ENOKEY and would be in
key->type_data.reject_error, I think.
David
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a
Insu Yun wrote:
> Thanks David. Then it is not a bug.
> It's a pure question.
> Why use different name for allocation and check?
> For me, it is quite confusing.
Either I didn't notice at the time, or the shorter variant is the original.
If you want to give me a patch
Does the attached patch fix it for you?
David
---
commit a7609e0bb3973d6ee3c9f1ecd0b6a382d99d6248
Author: David Howells <dhowe...@redhat.com>
Date: Thu Oct 15 17:21:37 2015 +0100
KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
The following se
Daniel Phillips [EMAIL PROTECTED] wrote:
I need to respond to this in pieces... first the bit that is bugging
me:
* two new page flags
I need to keep track of two bits of per-cached-page information:
(1) This page is known by the cache, and that the cache must be informed if
Daniel Phillips [EMAIL PROTECTED] wrote:
This factor of four (even worse on XFS, not quite as bad on Ext3) is
worth ruminating upon. Is all of the difference explained by avoiding
seeks on the server, which has the files in memory?
Here are some more stats for you to consider:
(1) Copy
Daniel Phillips [EMAIL PROTECTED] wrote:
The way the client works is like this:
Thanks for the excellent ascii art, that cleared up the confusion right
away.
You know what they say about pictures... :-)
What are you trying to do exactly? Are you actually playing with it, or
just
Chris Mason [EMAIL PROTECTED] wrote:
The interesting case is where the disk cache is warm, but the pagecache is
cold (ie: just after a reboot after filling the caches). Here, for the two
big files case, BTRFS appears quite a bit better than Ext3, showing a 21%
reduction in time for the
David Howells [EMAIL PROTECTED] wrote:
Have you got before/after benchmark results?
See attached.
Attached here are results using BTRFS (patched so that it'll work at all)
rather than Ext3 on the client on the partition backing the cache.
And here are XFS results.
Tuning XFS makes
Chris Mason [EMAIL PROTECTED] wrote:
Thanks for trying this, of course I'll ask you to try again with the latest
v0.13 code, it has a number of optimizations especially for CPU usage.
Here you go. The numbers are very similar.
David
=
FEW BIG FILES TEST ON
Daniel Phillips [EMAIL PROTECTED] wrote:
I am eventually going to suggest cutting the backing filesystem entirely out
of the picture,
You still need a database to manage the cache. A filesystem such as Ext3
makes a very handy database for four reasons:
(1) It exists and works.
(2) It has
Daniel Phillips [EMAIL PROTECTED] wrote:
These patches add local caching for network filesystems such as NFS.
Have you got before/after benchmark results?
I need to get a new hard drive for my test machine before I can go and get
some more up to date benchmark results. It does seem,
Daniel Phillips [EMAIL PROTECTED] wrote:
Have you got before/after benchmark results?
See attached.
These show a couple of things:
(1) Dealing with lots of metadata slows things down a lot. Note the result of
looking and reading lots of small files with tar (the last result). The
David Howells [EMAIL PROTECTED] wrote:
Have you got before/after benchmark results?
See attached.
Attached here are results using BTRFS (patched so that it'll work at all)
rather than Ext3 on the client on the partition backing the cache.
Note that I didn't bother redoing the tests
Daniel Phillips [EMAIL PROTECTED] wrote:
When you say Ext3 cache vs NFS cache is the first on the server and the
second on the client?
The filesystem on the server is pretty much irrelevant as long as (a) it
doesn't change, and (b) all the data is in memory on the server anyway.
The way the
These patches add local caching for network filesystems such as NFS.
The patches can roughly be broken down into a number of sets:
(*) 01-keys-inc-payload.diff
(*) 02-keys-search-keyring.diff
(*) 03-keys-callout-blob.diff
Three patches to the keyring code made to help the CIFS
(see set_security_override[_from_ctx]()).
NOTE! This patch must be rolled in to one of the earlier security patches to
make it compile fully.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfsd/auth.c| 37 +++-
fs/nfsd/nfs4recover.c | 64
Change current-fs[ug]id to current_fs[ug]id() so that fsgid and fsuid can be
separated from the task_struct.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
arch/ia64/kernel/perfmon.c|4 ++--
arch/powerpc/platforms/cell/spufs/inode.c |4 ++--
drivers/isdn/capi
Register NFS for caching and retrieve the top-level cache index object cookie.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/Makefile|1 +
fs/nfs/fscache-index.c | 53
fs/nfs/fscache.h | 35
and
2) check whether that top-level keyring is the thing being searched for
Signed-off-by: Kevin Coffman [EMAIL PROTECTED]
Signed-off-by: David Howells [EMAIL PROTECTED]
---
security/keys/keyring.c | 35 +++
1 files changed, 31 insertions(+), 4 deletions
Permit local filesystem caching to be enabled for NFS in the kernel
configuration.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/Kconfig |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/fs/Kconfig b/fs/Kconfig
index c42ec50..fa8e978 100644
--- a/fs
is checked when a new
NFS in-memory inode is set up that matches an already existing data storage
object in the cache. If the coherency data is the same, the on-disk object is
retained and used; if not, it is scrapped and a new one created.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs
) to do the honours.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
mm/readahead.c | 39 +--
1 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/mm/readahead.c b/mm/readahead.c
index c9c50ca..75aa6b6 100644
--- a/mm/readahead.c
+++ b/mm/readahead.c
-off-by: David Howells [EMAIL PROTECTED]
---
security/keys/keyctl.c | 38 ++
1 files changed, 30 insertions(+), 8 deletions(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index d9ca15c..8ec8432 100644
--- a/security/keys/keyctl.c
+++ b
Bind data storage objects in the local cache to NFS inodes.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache.c | 131
fs/nfs/fscache.h | 19 +++
fs/nfs/inode.c | 39 --
include/linux
permission on the key for this function to be
successful.
Signed-off-by: David Howells [EMAIL PROTECTED]
Acked-by: Stephen Smalley [EMAIL PROTECTED]
---
Documentation/keys.txt | 21 +++
include/linux/keyctl.h |1 +
include/linux/security.h | 20 +-
security
to share the on-disk cache. It will be possible to manually provide a
uniquifier through a mount option with a later patch to avoid the error
otherwise produced.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache-index.c| 34 +
fs/nfs/fscache.c | 116
Add FS-Cache option bit to nfs_server struct. This is set to indicate local
on-disk caching is enabled for a particular superblock.
Also add debug bit for local caching operations.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
include/linux/nfs_fs.h|1 +
include/linux/nfs_fs_sb.h
use of by
the generic hook in the next patch, which is used by CacheFiles to write
pages to a file without setting up a file struct.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/ext3/inode.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/ext3
to make the checks for both
PG_private and PG_private_2 at the same time.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/splice.c|2 +-
include/linux/page-flags.h | 39 +--
include/linux/pagemap.h| 11 +++
mm/filemap.c
Invalidate the FsCache page flags on the pages belonging to an inode when the
cache backing that NFS inode is removed.
This allows a live cache to be withdrawn.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache-index.c | 40
1 files
nfs_readpage_async() needs to be non-static so that it can be used as a
fallback for the local on-disk caching should an EIO crop up when reading the
cache.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/read.c |4 ++--
include/linux/nfs_fs.h |2 ++
2 files changed
Display the local caching state in /proc/fs/nfsfs/volumes.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/client.c |7 ---
fs/nfs/fscache.h | 15 +++
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index
This one-line patch fixes the missing export of copy_page introduced
by the cachefile patches. This patch is not yet upstream, but is required
for cachefile on ia64. It will be pushed upstream when cachefile goes
upstream.
Signed-off-by: Prarit Bhargava [EMAIL PROTECTED]
Signed-off-by: David
Read pages from an FS-Cache data storage object representing an inode into an
NFS inode.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache.c | 112 ++
fs/nfs/fscache.h | 47 +++
fs/nfs/read.c| 18
-off-by: David Howells [EMAIL PROTECTED]
---
include/linux/pagemap.h |5 +
mm/filemap.c| 18 ++
2 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h
index c8bd762..76b5307 100644
--- a/include/linux
FS-Cache page management for NFS. This includes hooking the releasing and
invalidation of pages marked with PG_fscache (aka PG_private_2) and waiting for
completion of the write-to-cache flag (PG_fscache_write aka PG_owner_priv_2).
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs
Store pages from an NFS inode into the cache data storage object associated
with that inode.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache.c | 26 ++
fs/nfs/fscache.h | 16
fs/nfs/read.c|5 +
3 files changed, 47
.
Supply a generic implementation for this that uses the write_begin() and
write_end() address_space operations to bind a copy directly into the page
cache.
Hook the Ext2 and Ext3 operations to the generic implementation.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/ext2/inode.c|2
-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/client.c |2 ++
fs/nfs/internal.h |1 +
fs/nfs/super.c| 25 +
3 files changed, 28 insertions(+), 0 deletions(-)
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index d67d52f..8357f68 100644
--- a/fs/nfs/client.c
Add some new NFS I/O event counters for FS-Cache events. They have to be
added as byte counters because I may need to be able to increase the numbers
by more than 1 at a time.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/iostat.h |7 +++
1 files changed, 7 insertions(+), 0
Serge E. Hallyn [EMAIL PROTECTED] wrote:
Seems *really* weird that every time you send this, patch 6 doesn't seem
to reach me in any of my mailboxes... (did get it from the url
you listed)
It's the largest of the patches, so that's not entirely surprising. Hence why
I included the URL to
Read pages from an FS-Cache data storage object representing an inode into an
NFS inode.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache.c | 112 ++
fs/nfs/fscache.h | 47 +++
fs/nfs/read.c| 18
Store pages from an NFS inode into the cache data storage object associated
with that inode.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache.c | 26 ++
fs/nfs/fscache.h | 16
fs/nfs/read.c|5 +
3 files changed, 47
Permit local filesystem caching to be enabled for NFS in the kernel
configuration.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/Kconfig |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/fs/Kconfig b/fs/Kconfig
index c42ec50..fa8e978 100644
--- a/fs
Invalidate the FsCache page flags on the pages belonging to an inode when the
cache backing that NFS inode is removed.
This allows a live cache to be withdrawn.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache-index.c | 40
1 files
to share the on-disk cache. It will be possible to manually provide a
uniquifier through a mount option with a later patch to avoid the error
otherwise produced.
Signed-off-by: David Howells [EMAIL PROTECTED]
---
fs/nfs/fscache-index.c| 34 +
fs/nfs/fscache.c | 116
1 - 100 of 263 matches
Mail list logo