diff options
Diffstat (limited to 'Documentation/filesystems')
| -rw-r--r-- | Documentation/filesystems/caching/cachefiles.txt | 8 | ||||
| -rw-r--r-- | Documentation/filesystems/pohmelfs/design_notes.txt | 5 | ||||
| -rw-r--r-- | Documentation/filesystems/pohmelfs/info.txt | 21 | ||||
| -rw-r--r-- | Documentation/filesystems/vfs.txt | 3 |
4 files changed, 25 insertions, 12 deletions
diff --git a/Documentation/filesystems/caching/cachefiles.txt b/Documentation/filesystems/caching/cachefiles.txt index c78a49b7bba6..748a1ae49e12 100644 --- a/Documentation/filesystems/caching/cachefiles.txt +++ b/Documentation/filesystems/caching/cachefiles.txt | |||
| @@ -407,7 +407,7 @@ A NOTE ON SECURITY | |||
| 407 | ================== | 407 | ================== |
| 408 | 408 | ||
| 409 | CacheFiles makes use of the split security in the task_struct. It allocates | 409 | CacheFiles makes use of the split security in the task_struct. It allocates |
| 410 | its own task_security structure, and redirects current->act_as to point to it | 410 | its own task_security structure, and redirects current->cred to point to it |
| 411 | when it acts on behalf of another process, in that process's context. | 411 | when it acts on behalf of another process, in that process's context. |
| 412 | 412 | ||
| 413 | The reason it does this is that it calls vfs_mkdir() and suchlike rather than | 413 | The reason it does this is that it calls vfs_mkdir() and suchlike rather than |
| @@ -429,9 +429,9 @@ This means it may lose signals or ptrace events for example, and affects what | |||
| 429 | the process looks like in /proc. | 429 | the process looks like in /proc. |
| 430 | 430 | ||
| 431 | So CacheFiles makes use of a logical split in the security between the | 431 | So CacheFiles makes use of a logical split in the security between the |
| 432 | objective security (task->sec) and the subjective security (task->act_as). The | 432 | objective security (task->real_cred) and the subjective security (task->cred). |
| 433 | objective security holds the intrinsic security properties of a process and is | 433 | The objective security holds the intrinsic security properties of a process and |
| 434 | never overridden. This is what appears in /proc, and is what is used when a | 434 | is never overridden. This is what appears in /proc, and is what is used when a |
| 435 | process is the target of an operation by some other process (SIGKILL for | 435 | process is the target of an operation by some other process (SIGKILL for |
| 436 | example). | 436 | example). |
| 437 | 437 | ||
diff --git a/Documentation/filesystems/pohmelfs/design_notes.txt b/Documentation/filesystems/pohmelfs/design_notes.txt index 6d6db60d567d..dcf833587162 100644 --- a/Documentation/filesystems/pohmelfs/design_notes.txt +++ b/Documentation/filesystems/pohmelfs/design_notes.txt | |||
| @@ -56,9 +56,10 @@ workloads and can fully utilize the bandwidth to the servers when doing bulk | |||
| 56 | data transfers. | 56 | data transfers. |
| 57 | 57 | ||
| 58 | POHMELFS clients operate with a working set of servers and are capable of balancing read-only | 58 | POHMELFS clients operate with a working set of servers and are capable of balancing read-only |
| 59 | operations (like lookups or directory listings) between them. | 59 | operations (like lookups or directory listings) between them according to IO priorities. |
| 60 | Administrators can add or remove servers from the set at run-time via special commands (described | 60 | Administrators can add or remove servers from the set at run-time via special commands (described |
| 61 | in Documentation/pohmelfs/info.txt file). Writes are replicated to all servers. | 61 | in Documentation/pohmelfs/info.txt file). Writes are replicated to all servers, which are connected |
| 62 | with write permission turned on. IO priority and permissions can be changed in run-time. | ||
| 62 | 63 | ||
| 63 | POHMELFS is capable of full data channel encryption and/or strong crypto hashing. | 64 | POHMELFS is capable of full data channel encryption and/or strong crypto hashing. |
| 64 | One can select any kernel supported cipher, encryption mode, hash type and operation mode | 65 | One can select any kernel supported cipher, encryption mode, hash type and operation mode |
diff --git a/Documentation/filesystems/pohmelfs/info.txt b/Documentation/filesystems/pohmelfs/info.txt index 4e3d50157083..db2e41393626 100644 --- a/Documentation/filesystems/pohmelfs/info.txt +++ b/Documentation/filesystems/pohmelfs/info.txt | |||
| @@ -1,6 +1,8 @@ | |||
| 1 | POHMELFS usage information. | 1 | POHMELFS usage information. |
| 2 | 2 | ||
| 3 | Mount options: | 3 | Mount options. |
| 4 | All but index, number of crypto threads and maximum IO size can changed via remount. | ||
| 5 | |||
| 4 | idx=%u | 6 | idx=%u |
| 5 | Each mountpoint is associated with a special index via this option. | 7 | Each mountpoint is associated with a special index via this option. |
| 6 | Administrator can add or remove servers from the given index, so all mounts, | 8 | Administrator can add or remove servers from the given index, so all mounts, |
| @@ -52,16 +54,27 @@ mcache_timeout=%u | |||
| 52 | 54 | ||
| 53 | Usage examples. | 55 | Usage examples. |
| 54 | 56 | ||
| 55 | Add (or remove if it already exists) server server1.net:1025 into the working set with index $idx | 57 | Add server server1.net:1025 into the working set with index $idx |
| 56 | with appropriate hash algorithm and key file and cipher algorithm, mode and key file: | 58 | with appropriate hash algorithm and key file and cipher algorithm, mode and key file: |
| 57 | $cfg -a server1.net -p 1025 -i $idx -K $hash_key -k $cipher_key | 59 | $cfg A add -a server1.net -p 1025 -i $idx -K $hash_key -k $cipher_key |
| 58 | 60 | ||
| 59 | Mount filesystem with given index $idx to /mnt mountpoint. | 61 | Mount filesystem with given index $idx to /mnt mountpoint. |
| 60 | Client will connect to all servers specified in the working set via previous command: | 62 | Client will connect to all servers specified in the working set via previous command: |
| 61 | mount -t pohmel -o idx=$idx q /mnt | 63 | mount -t pohmel -o idx=$idx q /mnt |
| 62 | 64 | ||
| 63 | One can add or remove servers from working set after mounting too. | 65 | Change permissions to read-only (-I 1 option, '-I 2' - write-only, 3 - rw): |
| 66 | $cfg A modify -a server1.net -p 1025 -i $idx -I 1 | ||
| 67 | |||
| 68 | Change IO priority to 123 (node with the highest priority gets read requests). | ||
| 69 | $cfg A modify -a server1.net -p 1025 -i $idx -P 123 | ||
| 64 | 70 | ||
| 71 | One can check currect status of all connections in the mountstats file: | ||
| 72 | # cat /proc/$PID/mountstats | ||
| 73 | ... | ||
| 74 | device none mounted on /mnt with fstype pohmel | ||
| 75 | idx addr(:port) socket_type protocol active priority permissions | ||
| 76 | 0 server1.net:1026 1 6 1 250 1 | ||
| 77 | 0 server2.net:1025 1 6 1 123 3 | ||
| 65 | 78 | ||
| 66 | Server installation. | 79 | Server installation. |
| 67 | 80 | ||
diff --git a/Documentation/filesystems/vfs.txt b/Documentation/filesystems/vfs.txt index deeeed0faa8f..f49eecf2e573 100644 --- a/Documentation/filesystems/vfs.txt +++ b/Documentation/filesystems/vfs.txt | |||
| @@ -277,8 +277,7 @@ or bottom half). | |||
| 277 | unfreeze_fs: called when VFS is unlocking a filesystem and making it writable | 277 | unfreeze_fs: called when VFS is unlocking a filesystem and making it writable |
| 278 | again. | 278 | again. |
| 279 | 279 | ||
| 280 | statfs: called when the VFS needs to get filesystem statistics. This | 280 | statfs: called when the VFS needs to get filesystem statistics. |
| 281 | is called with the kernel lock held | ||
| 282 | 281 | ||
| 283 | remount_fs: called when the filesystem is remounted. This is called | 282 | remount_fs: called when the filesystem is remounted. This is called |
| 284 | with the kernel lock held | 283 | with the kernel lock held |