Package: linux-2.6 Severity: wishlist Tags: patch Currently, we are shipping aufs1 in Debian unstable, which is not supported upstream anymore since January 2009. This is a bad situation.
We now have 3 options: 1) Ship aufs2 (which requires 18 symbol exports in the kernel) 2) Ship unionfs2 (which requires 4 symbol exports in the kernel) 3) Ship no kernel-based union filesystem Option 1 (aufs2): The straight-forward way from aufs would be to migrate to aufs2. This option has been chosen by projects like Ubuntu and is preferred by the Debian Live team. In comparison to unionfs2, aufs2 has several disadvantages; it is much larger and thus harder to maintain, it requires many more exports. Choosing this option would also allow us to implement option 2 at the same time, as aufs2's symbol export patch is basically a superset of unionfs2's one. Option 2 (unionfs2): UnionFS has been dropped from Debian in the past, because its maintainer favoured aufs1. The benefit of aufs1 is the much smaller codebase, the small number of to-be-exported symbols. Option 3 (not kernel-based, performance ISSUES): This option may have a large negative impact on the performance of Debian Live and is not acceptable for them. It was used by Ubuntu for a short time during their 'karmic' alpha cycle, but replaced by aufs2. All in all, I would like you to apply the attached patch (aufs2-standalone.diff) to the kernel, so we can continue with option 1. If you think that this option is not acceptable, please apply unionfs.diff so we can implement option 2. We could get Unionfs working without any kernel patches at all, but it would certainly cause security problems, like ignored file permissions. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (990, 'unstable'), (350, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
aufs2 standalone patch for linux-2.6.30
diff --git a/fs/namei.c b/fs/namei.c
index 967c3db..64a5060 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -337,6 +337,7 @@ int deny_write_access(struct file * file)
return 0;
}
+EXPORT_SYMBOL(deny_write_access);
/**
* path_get - get a reference to a path
@@ -1200,7 +1201,7 @@ out:
* needs parent already locked. Doesn't follow mounts.
* SMP-safe.
*/
-static struct dentry *lookup_hash(struct nameidata *nd)
+struct dentry *lookup_hash(struct nameidata *nd)
{
int err;
@@ -1209,8 +1210,9 @@ static struct dentry *lookup_hash(struct nameidata *nd)
return ERR_PTR(err);
return __lookup_hash(&nd->last, nd->path.dentry, nd);
}
+EXPORT_SYMBOL(lookup_hash);
-static int __lookup_one_len(const char *name, struct qstr *this,
+int __lookup_one_len(const char *name, struct qstr *this,
struct dentry *base, int len)
{
unsigned long hash;
@@ -1231,6 +1233,7 @@ static int __lookup_one_len(const char *name, struct qstr *this,
this->hash = end_name_hash(hash);
return 0;
}
+EXPORT_SYMBOL(__lookup_one_len);
/**
* lookup_one_len - filesystem helper to lookup single pathname component
diff --git a/fs/namespace.c b/fs/namespace.c
index 134d494..5a6d038 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -38,6 +38,7 @@
/* spinlock for vfsmount related operations, inplace of dcache_lock */
__cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
+EXPORT_SYMBOL(vfsmount_lock);
static int event;
static DEFINE_IDA(mnt_id_ida);
diff --git a/fs/open.c b/fs/open.c
index bdfbf03..81c39b3 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -221,6 +221,7 @@ int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs,
mutex_unlock(&dentry->d_inode->i_mutex);
return err;
}
+EXPORT_SYMBOL(do_truncate);
static long do_sys_truncate(const char __user *pathname, loff_t length)
{
diff --git a/fs/splice.c b/fs/splice.c
index 666953d..fbc3f77 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -905,8 +905,8 @@ EXPORT_SYMBOL(generic_splice_sendpage);
/*
* Attempt to initiate a splice from pipe to file.
*/
-static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
- loff_t *ppos, size_t len, unsigned int flags)
+long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
+ loff_t *ppos, size_t len, unsigned int flags)
{
int ret;
@@ -925,13 +925,14 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
return out->f_op->splice_write(pipe, out, ppos, len, flags);
}
+EXPORT_SYMBOL(do_splice_from);
/*
* Attempt to initiate a splice from a file to a pipe.
*/
-static long do_splice_to(struct file *in, loff_t *ppos,
- struct pipe_inode_info *pipe, size_t len,
- unsigned int flags)
+long do_splice_to(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags)
{
int ret;
@@ -947,6 +948,7 @@ static long do_splice_to(struct file *in, loff_t *ppos,
return in->f_op->splice_read(in, ppos, pipe, len, flags);
}
+EXPORT_SYMBOL(do_splice_to);
/**
* splice_direct_to_actor - splices data directly between two non-pipes
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 518098f..42a5279 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -74,6 +74,9 @@ extern struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry
extern struct file *nameidata_to_filp(struct nameidata *nd, int flags);
extern void release_open_intent(struct nameidata *);
+extern struct dentry *lookup_hash(struct nameidata *nd);
+extern int __lookup_one_len(const char *name, struct qstr *this,
+ struct dentry *base, int len);
extern struct dentry *lookup_one_len(const char *, struct dentry *, int);
extern struct dentry *lookup_one_noperm(const char *, struct dentry *);
diff --git a/include/linux/splice.h b/include/linux/splice.h
index 5f3faa9..d2f8660 100644
--- a/include/linux/splice.h
+++ b/include/linux/splice.h
@@ -83,4 +83,10 @@ extern ssize_t splice_to_pipe(struct pipe_inode_info *,
extern ssize_t splice_direct_to_actor(struct file *, struct splice_desc *,
splice_direct_actor *);
+extern long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
+ loff_t *ppos, size_t len, unsigned int flags);
+extern long do_splice_to(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags);
+
#endif
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 5fda7df..440e476 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -512,6 +512,7 @@ acc_check:
return -EPERM;
}
+EXPORT_SYMBOL(devcgroup_inode_permission);
int devcgroup_inode_mknod(int mode, dev_t dev)
{
diff --git a/security/security.c b/security/security.c
index 5284255..ed62ecd 100644
--- a/security/security.c
+++ b/security/security.c
@@ -389,6 +389,7 @@ int security_path_mkdir(struct path *path, struct dentry *dentry, int mode)
return 0;
return security_ops->path_mkdir(path, dentry, mode);
}
+EXPORT_SYMBOL(security_path_mkdir);
int security_path_rmdir(struct path *path, struct dentry *dentry)
{
@@ -396,6 +397,7 @@ int security_path_rmdir(struct path *path, struct dentry *dentry)
return 0;
return security_ops->path_rmdir(path, dentry);
}
+EXPORT_SYMBOL(security_path_rmdir);
int security_path_unlink(struct path *path, struct dentry *dentry)
{
@@ -403,6 +405,7 @@ int security_path_unlink(struct path *path, struct dentry *dentry)
return 0;
return security_ops->path_unlink(path, dentry);
}
+EXPORT_SYMBOL(security_path_unlink);
int security_path_symlink(struct path *path, struct dentry *dentry,
const char *old_name)
@@ -411,6 +414,7 @@ int security_path_symlink(struct path *path, struct dentry *dentry,
return 0;
return security_ops->path_symlink(path, dentry, old_name);
}
+EXPORT_SYMBOL(security_path_symlink);
int security_path_link(struct dentry *old_dentry, struct path *new_dir,
struct dentry *new_dentry)
@@ -419,6 +423,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir,
return 0;
return security_ops->path_link(old_dentry, new_dir, new_dentry);
}
+EXPORT_SYMBOL(security_path_link);
int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
struct path *new_dir, struct dentry *new_dentry)
@@ -429,6 +434,7 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
return security_ops->path_rename(old_dir, old_dentry, new_dir,
new_dentry);
}
+EXPORT_SYMBOL(security_path_rename);
int security_path_truncate(struct path *path, loff_t length,
unsigned int time_attrs)
@@ -437,6 +443,7 @@ int security_path_truncate(struct path *path, loff_t length,
return 0;
return security_ops->path_truncate(path, length, time_attrs);
}
+EXPORT_SYMBOL(security_path_truncate);
#endif
int security_inode_create(struct inode *dir, struct dentry *dentry, int mode)
@@ -508,6 +515,7 @@ int security_inode_readlink(struct dentry *dentry)
return 0;
return security_ops->inode_readlink(dentry);
}
+EXPORT_SYMBOL(security_inode_readlink);
int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
{
@@ -522,6 +530,7 @@ int security_inode_permission(struct inode *inode, int mask)
return 0;
return security_ops->inode_permission(inode, mask);
}
+EXPORT_SYMBOL(security_inode_permission);
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
{
@@ -622,6 +631,7 @@ int security_file_permission(struct file *file, int mask)
{
return security_ops->file_permission(file, mask);
}
+EXPORT_SYMBOL(security_file_permission);
int security_file_alloc(struct file *file)
{
diff --git a/fs/namei.c b/fs/namei.c
index 967c3db..fd48bb0 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -375,6 +375,7 @@ void release_open_intent(struct nameidata *nd)
else
fput(nd->intent.open.file);
}
+EXPORT_SYMBOL_GPL(release_open_intent);
static inline struct dentry *
do_revalidate(struct dentry *dentry, struct nameidata *nd)
diff --git a/fs/splice.c b/fs/splice.c
index 666953d..26bf825 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -905,8 +905,8 @@ EXPORT_SYMBOL(generic_splice_sendpage);
/*
* Attempt to initiate a splice from pipe to file.
*/
-static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
- loff_t *ppos, size_t len, unsigned int flags)
+long vfs_splice_from(struct pipe_inode_info *pipe, struct file *out,
+ loff_t *ppos, size_t len, unsigned int flags)
{
int ret;
@@ -925,13 +925,14 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
return out->f_op->splice_write(pipe, out, ppos, len, flags);
}
+EXPORT_SYMBOL_GPL(vfs_splice_from);
/*
* Attempt to initiate a splice from a file to a pipe.
*/
-static long do_splice_to(struct file *in, loff_t *ppos,
- struct pipe_inode_info *pipe, size_t len,
- unsigned int flags)
+long vfs_splice_to(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags)
{
int ret;
@@ -947,6 +948,7 @@ static long do_splice_to(struct file *in, loff_t *ppos,
return in->f_op->splice_read(in, ppos, pipe, len, flags);
}
+EXPORT_SYMBOL_GPL(vfs_splice_to);
/**
* splice_direct_to_actor - splices data directly between two non-pipes
@@ -1016,7 +1018,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd,
size_t read_len;
loff_t pos = sd->pos, prev_pos = pos;
- ret = do_splice_to(in, &pos, pipe, len, flags);
+ ret = vfs_splice_to(in, &pos, pipe, len, flags);
if (unlikely(ret <= 0))
goto out_release;
@@ -1075,7 +1077,7 @@ static int direct_splice_actor(struct pipe_inode_info *pipe,
{
struct file *file = sd->u.file;
- return do_splice_from(pipe, file, &sd->pos, sd->total_len, sd->flags);
+ return vfs_splice_from(pipe, file, &sd->pos, sd->total_len, sd->flags);
}
/**
@@ -1149,7 +1151,7 @@ static long do_splice(struct file *in, loff_t __user *off_in,
} else
off = &out->f_pos;
- ret = do_splice_from(pipe, out, off, len, flags);
+ ret = vfs_splice_from(pipe, out, off, len, flags);
if (off_out && copy_to_user(off_out, off, sizeof(loff_t)))
ret = -EFAULT;
@@ -1170,7 +1172,7 @@ static long do_splice(struct file *in, loff_t __user *off_in,
} else
off = &in->f_pos;
- ret = do_splice_to(in, off, pipe, len, flags);
+ ret = vfs_splice_to(in, off, pipe, len, flags);
if (off_in && copy_to_user(off_in, off, sizeof(loff_t)))
ret = -EFAULT;
diff --git a/include/linux/splice.h b/include/linux/splice.h
index 5f3faa9..dcf21eb 100644
--- a/include/linux/splice.h
+++ b/include/linux/splice.h
@@ -82,5 +82,10 @@ extern ssize_t splice_to_pipe(struct pipe_inode_info *,
struct splice_pipe_desc *);
extern ssize_t splice_direct_to_actor(struct file *, struct splice_desc *,
splice_direct_actor *);
+extern long vfs_splice_from(struct pipe_inode_info *pipe, struct file *out,
+ loff_t *ppos, size_t len, unsigned int flags);
+extern long vfs_splice_to(struct file *in, loff_t *ppos,
+ struct pipe_inode_info *pipe, size_t len,
+ unsigned int flags);
#endif
diff --git a/security/security.c b/security/security.c
index 5284255..2205a77 100644
--- a/security/security.c
+++ b/security/security.c
@@ -522,6 +522,7 @@ int security_inode_permission(struct inode *inode, int mask)
return 0;
return security_ops->inode_permission(inode, mask);
}
+EXPORT_SYMBOL(security_inode_permission);
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
{
pgp1F2hHtWwTN.pgp
Description: PGP signature
