diff options
author | Justin Lecher <jlec@gentoo.org> | 2011-08-28 09:48:57 +0000 |
---|---|---|
committer | Justin Lecher <jlec@gentoo.org> | 2011-08-28 09:48:57 +0000 |
commit | bd4ba32e8a9e523422854629119e7195308d1571 (patch) | |
tree | 0490fae675affd742b088d0d45c1a8a8add09be1 /sys-fs | |
parent | Change version scheme (diff) | |
download | gentoo-2-bd4ba32e8a9e523422854629119e7195308d1571.tar.gz gentoo-2-bd4ba32e8a9e523422854629119e7195308d1571.tar.bz2 gentoo-2-bd4ba32e8a9e523422854629119e7195308d1571.zip |
Moved to tree, fixes bug 376175
(Portage version: 2.2.0_alpha51/cvs/Linux x86_64)
Diffstat (limited to 'sys-fs')
-rw-r--r-- | sys-fs/aufs3/ChangeLog | 34 | ||||
-rw-r--r-- | sys-fs/aufs3/aufs3-3_p20110815.ebuild | 123 | ||||
-rw-r--r-- | sys-fs/aufs3/files/aufs3-base-0.patch | 70 | ||||
-rw-r--r-- | sys-fs/aufs3/files/aufs3-standalone-0.patch | 257 | ||||
-rw-r--r-- | sys-fs/aufs3/files/pax.patch | 135 | ||||
-rw-r--r-- | sys-fs/aufs3/metadata.xml | 21 |
6 files changed, 640 insertions, 0 deletions
diff --git a/sys-fs/aufs3/ChangeLog b/sys-fs/aufs3/ChangeLog new file mode 100644 index 000000000000..65393413cf42 --- /dev/null +++ b/sys-fs/aufs3/ChangeLog @@ -0,0 +1,34 @@ +# ChangeLog for sys-fs/aufs3 +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/aufs3/ChangeLog,v 1.1 2011/08/28 09:48:57 jlec Exp $ + + 28 Aug 2011; Justin Lecher <jlec@gentoo.org> +files/aufs3-base-0.patch, + +files/aufs3-standalone-0.patch, +aufs3-3_p20110815.ebuild, +files/pax.patch, + +metadata.xml: + Moved to tree, fixes bug 376175 + + 27 Aug 2011; Justin Lecher <jlec@gentoo.org> aufs3-3_p20110815.ebuild: + Make CONFIG check for EXPORTFS matadory for USE=nfs + + 19 Aug 2011; Justin Lecher <jlec@gentoo.org> files/aufs3-standalone-0.patch, + -files/aufs3-base-1.patch, -files/aufs3-standalone-1.patch, + aufs3-3_p20110815.ebuild: + Cleaned some USE=doc problems + + 18 Aug 2011; Justin Lecher <jlec@gentoo.org> aufs3-3_p20110815.ebuild: + Corrected to new kernel versioning scheme + + 16 Aug 2011; Justin Lecher <jlec@gentoo.org> files/aufs3-standalone-1.patch: + Fix missing upstream export of symbols + + 15 Aug 2011; Justin Lecher <jlec@gentoo.org> aufs3-3_p20110815.ebuild, + metadata.xml: + Changed USE hardened to pax_kernel, #375811 + +*aufs3-3_p20110815 (15 Aug 2011) + + 15 Aug 2011; Justin Lecher <jlec@gentoo.org> +files/aufs3-base-0.patch, + +files/aufs3-standalone-0.patch, +files/aufs3-base-1.patch, + +files/aufs3-standalone-1.patch, +aufs3-3_p20110815.ebuild, +metadata.xml: + Initial commit + diff --git a/sys-fs/aufs3/aufs3-3_p20110815.ebuild b/sys-fs/aufs3/aufs3-3_p20110815.ebuild new file mode 100644 index 000000000000..e8ffbc6c3ac6 --- /dev/null +++ b/sys-fs/aufs3/aufs3-3_p20110815.ebuild @@ -0,0 +1,123 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/aufs3/aufs3-3_p20110815.ebuild,v 1.1 2011/08/28 09:48:57 jlec Exp $ + +EAPI=4 + +inherit linux-mod multilib toolchain-funcs + +AUFS_VERSION="${PV%%_p*}" + +DESCRIPTION="An entirely re-designed and re-implemented Unionfs" +HOMEPAGE="http://aufs.sourceforge.net/" +SRC_URI="http://dev.gentoo.org/~jlec/distfiles/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug doc fuse pax_kernel hfs inotify kernel-patch nfs ramfs" + +DEPEND="dev-vcs/git" +RDEPEND=" + !sys-fs/aufs + !sys-fs/aufs2" + +S="${WORKDIR}"/${PN}-standalone + +MODULE_NAMES="aufs(misc:${S})" + +pkg_setup() { + CONFIG_CHECK="${CONFIG_CHECK} ~EXPERIMENTAL" + use inotify && CONFIG_CHECK="${CONFIG_CHECK} ~FSNOTIFY" + use nfs && CONFIG_CHECK="${CONFIG_CHECK} EXPORTFS" + use fuse && CONFIG_CHECK="${CONFIG_CHECK} ~FUSE_FS" + use hfs && CONFIG_CHECK="${CONFIG_CHECK} ~HFSPLUS_FS" + + # this is needed so merging a binpkg ${PN} is possible w/out a kernel unpacked on the system + [ -n "$PKG_SETUP_HAS_BEEN_RAN" ] && return + + get_version + kernel_is lt 3 0 0 && die "kernel too old, Please use sys-fs/aufs2" + kernel_is gt 3 0 99 && die "kernel too new" + + linux-mod_pkg_setup + if ! ( patch -p1 --dry-run --force -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-standalone-${KV_MINOR}.patch >/dev/null && \ + patch -p1 --dry-run --force -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-base-${KV_MINOR}.patch >/dev/null ); then + if use kernel-patch; then + cd ${KV_DIR} + ewarn "Patching your kernel..." + patch --no-backup-if-mismatch --force -p1 -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-standalone-${KV_MINOR}.patch >/dev/null + patch --no-backup-if-mismatch --force -p1 -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-base-${KV_MINOR}.patch >/dev/null + epatch "${FILESDIR}"/${PN}-{base,standalone}-${KV_MINOR}.patch + ewarn "You need to compile your kernel with the applied patch" + ewarn "to be able to load and use the aufs kernel module" + else + eerror "You need to apply a patch to your kernel to compile and run the ${PN} module" + eerror "Either enable the kernel-patch useflag to do it with this ebuild" + eerror "or apply ${FILESDIR}/${PN}-base-${KV_MINOR}.patch and" + eerror "${FILESDIR}/${PN}-standalone-${KV_MINOR}.patch by hand" + die "missing kernel patch, please apply it first" + fi + fi + export PKG_SETUP_HAS_BEEN_RAN=1 +} + +set_config() { + for option in $*; do + grep -q "^CONFIG_AUFS_${option} =" config.mk || die "${option} is not a valid config option" + sed "/^CONFIG_AUFS_${option}/s:=:= y:g" -i config.mk || die + done +} + +src_prepare() { +# local branch=origin/${PN}-${KV_MINOR} + local branch=origin/${PN}.0 + git checkout -q $branch || die + + # All config options to off + sed "s:= y:=:g" -i config.mk || die + + set_config RDU BRANCH_MAX_127 SBILIST + + use debug && set_config DEBUG + use fuse && set_config BR_FUSE POLL + use hfs && set_config BR_HFSPLUS + use inotify && set_config HNOTIFY HFSNOTIFY + use nfs && set_config EXPORT + use nfs && use amd64 && set_config INO_T_64 + use ramfs && set_config BR_RAMFS + + use pax_kernel && epatch "${FILESDIR}"/pax.patch + + sed -i "s:aufs.ko usr/include/linux/aufs_type.h:aufs.ko:g" Makefile || die + sed -i "s:__user::g" include/linux/aufs_type.h || die + + cd "${WORKDIR}"/${PN/3}-util + git checkout -q origin/${PN}.0 + sed -i "/LDFLAGS += -static -s/d" Makefile || die + sed -i -e "s:m 644 -s:m 644:g" -e "s:/usr/lib:/usr/$(get_libdir):g" libau/Makefile || die +} + +src_compile() { + local ARCH=x86 + + emake CC=$(tc-getCC) CONFIG_AUFS_FS=m KDIR=${KV_DIR} + + cd "${WORKDIR}"/${PN/3}-util + emake CC=$(tc-getCC) AR=$(tc-getAR) KDIR=${KV_DIR} C_INCLUDE_PATH="${S}"/include +} + +src_install() { + linux-mod_src_install + + insinto /usr/share/doc/${PF} + + use doc && doins -r Documentation + + dodoc README + + cd "${WORKDIR}"/${PN/3}-util + emake DESTDIR="${D}" KDIR=${KV_DIR} install + + newdoc README README-utils +} diff --git a/sys-fs/aufs3/files/aufs3-base-0.patch b/sys-fs/aufs3/files/aufs3-base-0.patch new file mode 100644 index 000000000000..7fa7db4ee6c7 --- /dev/null +++ b/sys-fs/aufs3/files/aufs3-base-0.patch @@ -0,0 +1,70 @@ +aufs3.0 base patch + +diff --git a/fs/namei.c b/fs/namei.c +index 14ab8d3..eb4aef1 100644 +--- a/fs/namei.c ++++ b/fs/namei.c +@@ -1697,7 +1697,7 @@ static struct dentry *__lookup_hash(struct qstr *name, + * needs parent already locked. Doesn't follow mounts. + * SMP-safe. + */ +-static struct dentry *lookup_hash(struct nameidata *nd) ++struct dentry *lookup_hash(struct nameidata *nd) + { + return __lookup_hash(&nd->last, nd->path.dentry, nd); + } +diff --git a/fs/splice.c b/fs/splice.c +index aa866d3..19afec6 100644 +--- a/fs/splice.c ++++ b/fs/splice.c +@@ -1085,8 +1085,8 @@ EXPORT_SYMBOL(generic_splice_sendpage); + /* + * Attempt to initiate a splice from pipe to file. + */ +-static long do_splice_from(struct pipe_inode_info *pipe, struct file *out, +- loff_t *ppos, size_t len, unsigned int flags) ++long do_splice_from(struct pipe_inode_info *pipe, struct file *out, ++ loff_t *ppos, size_t len, unsigned int flags) + { + ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, + loff_t *, size_t, unsigned int); +@@ -1113,9 +1113,9 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out, + /* + * Attempt to initiate a splice from a file to a pipe. + */ +-static long do_splice_to(struct file *in, loff_t *ppos, +- struct pipe_inode_info *pipe, size_t len, +- unsigned int flags) ++long do_splice_to(struct file *in, loff_t *ppos, ++ struct pipe_inode_info *pipe, size_t len, ++ unsigned int flags) + { + ssize_t (*splice_read)(struct file *, loff_t *, + struct pipe_inode_info *, size_t, unsigned int); +diff --git a/include/linux/namei.h b/include/linux/namei.h +index eba45ea..21ed6c9 100644 +--- a/include/linux/namei.h ++++ b/include/linux/namei.h +@@ -82,6 +82,7 @@ extern int vfs_path_lookup(struct dentry *, struct vfsmount *, + extern struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry, + int (*open)(struct inode *, struct file *)); + ++extern struct dentry *lookup_hash(struct nameidata *nd); + extern struct dentry *lookup_one_len(const char *, struct dentry *, int); + + extern int follow_down_one(struct path *); +diff --git a/include/linux/splice.h b/include/linux/splice.h +index 997c3b4..be9a153 100644 +--- a/include/linux/splice.h ++++ b/include/linux/splice.h +@@ -89,4 +89,10 @@ extern int splice_grow_spd(struct pipe_inode_info *, struct splice_pipe_desc *); + extern void splice_shrink_spd(struct pipe_inode_info *, + struct splice_pipe_desc *); + ++extern long do_splice_from(struct pipe_inode_info *pipe, struct file *out, ++ loff_t *ppos, size_t len, unsigned int flags); ++extern long do_splice_to(struct file *in, loff_t *ppos, ++ struct pipe_inode_info *pipe, size_t len, ++ unsigned int flags); ++ + #endif diff --git a/sys-fs/aufs3/files/aufs3-standalone-0.patch b/sys-fs/aufs3/files/aufs3-standalone-0.patch new file mode 100644 index 000000000000..1c406c07e9b7 --- /dev/null +++ b/sys-fs/aufs3/files/aufs3-standalone-0.patch @@ -0,0 +1,257 @@ +aufs3.0 standalone patch + +diff --git a/fs/file_table.c b/fs/file_table.c +index 01e4c1e..0e800e2 100644 +--- a/fs/file_table.c ++++ b/fs/file_table.c +@@ -443,6 +443,8 @@ void file_sb_list_del(struct file *file) + } + } + ++EXPORT_SYMBOL(file_sb_list_del); ++ + #ifdef CONFIG_SMP + + /* +diff --git a/fs/inode.c b/fs/inode.c +index 43566d1..4291eae 100644 +--- a/fs/inode.c ++++ b/fs/inode.c +@@ -69,6 +69,7 @@ static DEFINE_SPINLOCK(inode_lru_lock); + + __cacheline_aligned_in_smp DEFINE_SPINLOCK(inode_sb_list_lock); + __cacheline_aligned_in_smp DEFINE_SPINLOCK(inode_wb_list_lock); ++EXPORT_SYMBOL(inode_sb_list_lock); + + /* + * iprune_sem provides exclusion between the icache shrinking and the +diff --git a/fs/namei.c b/fs/namei.c +index eb4aef1..66d04c6 100644 +--- a/fs/namei.c ++++ b/fs/namei.c +@@ -365,6 +365,7 @@ int deny_write_access(struct file * file) + + return 0; + } ++EXPORT_SYMBOL(deny_write_access); + + /** + * path_get - get a reference to a path +@@ -1701,6 +1702,7 @@ struct dentry *lookup_hash(struct nameidata *nd) + { + return __lookup_hash(&nd->last, nd->path.dentry, nd); + } ++EXPORT_SYMBOL(lookup_hash); + + /** + * lookup_one_len - filesystem helper to lookup single pathname component +diff --git a/fs/namespace.c b/fs/namespace.c +index fe59bd1..7d3843f 100644 +--- a/fs/namespace.c ++++ b/fs/namespace.c +@@ -1508,6 +1508,7 @@ int iterate_mounts(int (*f)(struct vfsmount *, void *), void *arg, + } + return 0; + } ++EXPORT_SYMBOL(iterate_mounts); + + static void cleanup_group_ids(struct vfsmount *mnt, struct vfsmount *end) + { +diff --git a/fs/notify/group.c b/fs/notify/group.c +index d309f38..f0e9568 100644 +--- a/fs/notify/group.c ++++ b/fs/notify/group.c +@@ -22,6 +22,7 @@ + #include <linux/srcu.h> + #include <linux/rculist.h> + #include <linux/wait.h> ++#include <linux/module.h> + + #include <linux/fsnotify_backend.h> + #include "fsnotify.h" +@@ -70,6 +71,7 @@ void fsnotify_put_group(struct fsnotify_group *group) + if (atomic_dec_and_test(&group->refcnt)) + fsnotify_destroy_group(group); + } ++EXPORT_SYMBOL(fsnotify_put_group); + + /* + * Create a new fsnotify_group and hold a reference for the group returned. +@@ -102,3 +104,4 @@ struct fsnotify_group *fsnotify_alloc_group(const struct fsnotify_ops *ops) + + return group; + } ++EXPORT_SYMBOL(fsnotify_alloc_group); +diff --git a/fs/notify/mark.c b/fs/notify/mark.c +index 252ab1f..2199b9b 100644 +--- a/fs/notify/mark.c ++++ b/fs/notify/mark.c +@@ -112,6 +112,7 @@ void fsnotify_put_mark(struct fsnotify_mark *mark) + if (atomic_dec_and_test(&mark->refcnt)) + mark->free_mark(mark); + } ++EXPORT_SYMBOL(fsnotify_put_mark); + + /* + * Any time a mark is getting freed we end up here. +@@ -189,6 +190,7 @@ void fsnotify_destroy_mark(struct fsnotify_mark *mark) + if (unlikely(atomic_dec_and_test(&group->num_marks))) + fsnotify_final_destroy_group(group); + } ++EXPORT_SYMBOL(fsnotify_destroy_mark); + + void fsnotify_set_mark_mask_locked(struct fsnotify_mark *mark, __u32 mask) + { +@@ -276,6 +278,7 @@ err: + + return ret; + } ++EXPORT_SYMBOL(fsnotify_add_mark); + + /* + * clear any marks in a group in which mark->flags & flags is true +@@ -331,6 +334,7 @@ void fsnotify_init_mark(struct fsnotify_mark *mark, + atomic_set(&mark->refcnt, 1); + mark->free_mark = free_mark; + } ++EXPORT_SYMBOL(fsnotify_init_mark); + + static int fsnotify_mark_destroy(void *ignored) + { +diff --git a/fs/open.c b/fs/open.c +index b52cf01..c1b341c 100644 +--- a/fs/open.c ++++ b/fs/open.c +@@ -60,6 +60,7 @@ int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs, + mutex_unlock(&dentry->d_inode->i_mutex); + return ret; + } ++EXPORT_SYMBOL(do_truncate); + + static long do_sys_truncate(const char __user *pathname, loff_t length) + { +diff --git a/fs/splice.c b/fs/splice.c +index 19afec6..11f07f8 100644 +--- a/fs/splice.c ++++ b/fs/splice.c +@@ -1109,6 +1109,7 @@ long do_splice_from(struct pipe_inode_info *pipe, struct file *out, + + return splice_write(pipe, out, ppos, len, flags); + } ++EXPORT_SYMBOL(do_splice_from); + + /* + * Attempt to initiate a splice from a file to a pipe. +@@ -1135,6 +1136,7 @@ long do_splice_to(struct file *in, loff_t *ppos, + + return splice_read(in, ppos, pipe, len, flags); + } ++EXPORT_SYMBOL(do_splice_to); + + /** + * splice_direct_to_actor - splices data directly between two non-pipes +diff --git a/security/commoncap.c b/security/commoncap.c +index f20e984..d39acd9 100644 +--- a/security/commoncap.c ++++ b/security/commoncap.c +@@ -976,3 +976,4 @@ int cap_file_mmap(struct file *file, unsigned long reqprot, + } + return ret; + } ++EXPORT_SYMBOL(cap_file_mmap); +diff --git a/security/device_cgroup.c b/security/device_cgroup.c +index 1be6826..215278c 100644 +--- a/security/device_cgroup.c ++++ b/security/device_cgroup.c +@@ -508,6 +508,7 @@ found: + + return -EPERM; + } ++EXPORT_SYMBOL(__devcgroup_inode_permission); + + int devcgroup_inode_mknod(int mode, dev_t dev) + { +diff --git a/security/security.c b/security/security.c +index 4ba6d4c..9f64bb8 100644 +--- a/security/security.c ++++ b/security/security.c +@@ -373,6 +373,7 @@ int security_path_rmdir(struct path *dir, struct dentry *dentry) + return 0; + return security_ops->path_rmdir(dir, dentry); + } ++EXPORT_SYMBOL(security_path_rmdir); + + int security_path_unlink(struct path *dir, struct dentry *dentry) + { +@@ -389,6 +390,7 @@ int security_path_symlink(struct path *dir, struct dentry *dentry, + return 0; + return security_ops->path_symlink(dir, dentry, old_name); + } ++EXPORT_SYMBOL(security_path_symlink); + + int security_path_link(struct dentry *old_dentry, struct path *new_dir, + struct dentry *new_dentry) +@@ -397,6 +399,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir, + return 0; + return security_ops->path_link(old_dentry, new_dir, new_dentry); + } ++EXPORT_SYMBOL(security_path_link); + + int security_path_rename(struct path *old_dir, struct dentry *old_dentry, + struct path *new_dir, struct dentry *new_dentry) +@@ -415,6 +418,7 @@ int security_path_truncate(struct path *path) + return 0; + return security_ops->path_truncate(path); + } ++EXPORT_SYMBOL(security_path_truncate); + + int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, + mode_t mode) +@@ -423,6 +427,7 @@ int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, + return 0; + return security_ops->path_chmod(dentry, mnt, mode); + } ++EXPORT_SYMBOL(security_path_chmod); + + int security_path_chown(struct path *path, uid_t uid, gid_t gid) + { +@@ -430,6 +435,7 @@ int security_path_chown(struct path *path, uid_t uid, gid_t gid) + return 0; + return security_ops->path_chown(path, uid, gid); + } ++EXPORT_SYMBOL(security_path_chown); + + int security_path_chroot(struct path *path) + { +@@ -506,6 +512,7 @@ int security_inode_readlink(struct dentry *dentry) + return 0; + return security_ops->inode_readlink(dentry); + } ++EXPORT_SYMBOL(security_inode_readlink); + + int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd) + { +@@ -520,6 +527,7 @@ int security_inode_permission(struct inode *inode, int mask) + return 0; + return security_ops->inode_permission(inode, mask, 0); + } ++EXPORT_SYMBOL(security_inode_permission); + + int security_inode_exec_permission(struct inode *inode, unsigned int flags) + { +@@ -626,6 +634,7 @@ int security_file_permission(struct file *file, int mask) + + return fsnotify_perm(file, mask); + } ++EXPORT_SYMBOL(security_file_permission); + + int security_file_alloc(struct file *file) + { +@@ -653,6 +662,7 @@ int security_file_mmap(struct file *file, unsigned long reqprot, + return ret; + return ima_file_mmap(file, prot); + } ++EXPORT_SYMBOL(security_file_mmap); + + int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, + unsigned long prot) diff --git a/sys-fs/aufs3/files/pax.patch b/sys-fs/aufs3/files/pax.patch new file mode 100644 index 000000000000..df53004daddb --- /dev/null +++ b/sys-fs/aufs3/files/pax.patch @@ -0,0 +1,135 @@ +commit 584bf002ec62a333840b87193b93ee5a521063f7 +Author: J. R. Okajima <hooanon05@yahoo.co.jp> +Date: Thu May 27 11:28:41 2010 +0900 + + aufs: dynop supports grsec/pax patch + + The grsec/pax patches make member of struct brabra_operation 'const.' + I don't understand why they need these 'const'. They modifies some of + structures, but other structures. + What do they want to protect from what? + + The keyword 'const' is essentially a feature of C language and it never + modifes the behaviour of software. It just prohibits the assignment (or + modification) to a variable which is expected not to be modified. + In other word, it is a feature for programmers and doesn't enhance the + security level. Actually programmers can bypass 'const' easily by + indirect assignment as this patch does. + + Also the grsec/pax patches modifies some assignments to the member + of struct brabra_operation in mainline kernel, but they don't make the + confirmation fot that. For example, they replaced these assignments by + declaring a structure statically. + + - /* inherit and extend fuse_dev_operations */ + - cuse_channel_fops = fuse_dev_operations; + - cuse_channel_fops.owner = THIS_MODULE; + - cuse_channel_fops.open = cuse_channel_open; + - cuse_channel_fops.release = cuse_channel_release; + + +static const struct file_operations cuse_channel_fops = { + + .owner = THIS_MODULE, + + .llseek = no_llseek, + + .read = do_sync_read, + + .aio_read = fuse_dev_read, + + .write = do_sync_write, + + .aio_write = fuse_dev_write, + + .poll = fuse_dev_poll, + + .open = cuse_channel_open, + + .release = cuse_channel_release, + + .fasync = fuse_dev_fasync, + +}; + + By this modification, there exists major possible future problem I am + afraid. _If_ fuse_dev_operations is modified, then this code needs to + follow the change. But it is hard to detect such modification since + there is no trick to do so. Generally it is recommended to put code such + like this. + + ---------------------------------------------------------------------- + int n; + n++; + BUG_ON(super.member != derive.member); + } while (0); + + n++; /* owner */ + MakeSure(fuse_dev_operations, cuse_channel_fops, llseek); + MakeSure(fuse_dev_operations, cuse_channel_fops, read); + ::: + BUG_ON(n != sizeof(cuse_channel_fops)/sizeof(cuse_channel_fops.owner)); + ---------------------------------------------------------------------- + + This piece of code ensures two things. + - cuse_channel_fops correctly inherits fuse_dev_operations, eg. all + members are equivalent except the overrided ones. + - if some members are added or deleted from struct file_operations, it + should be detected by a debugging feature, the variable 'n'. + + Without such trick, I am afraid the simple modification is a regression. + + Signed-off-by: J. R. Okajima <hooanon05@yahoo.co.jp> + +diff --git a/fs/aufs/dynop.c b/fs/aufs/dynop.c +index 12ea894..109d3bb 100644 +--- a/fs/aufs/dynop.c ++++ b/fs/aufs/dynop.c +@@ -146,11 +146,22 @@ void au_dy_put(struct au_dykey *key) + #define DyDbgInc(cnt) do {} while (0) + #endif + ++#define AuGrsecPaxPtr(func, dst, src) do { \ ++ union { \ ++ const void *o; \ ++ char **p; \ ++ } u; \ ++ BUILD_BUG_ON(sizeof(u.o) != sizeof(&dst.func)); \ ++ BUILD_BUG_ON(sizeof(*u.p) != sizeof(src.func)); \ ++ u.o = (void *)&dst.func; \ ++ *u.p = (void *)src.func; \ ++} while (0) ++ + #define DySet(func, dst, src, h_op, h_sb) do { \ + DyDbgInc(cnt); \ + if (h_op->func) { \ + if (src.func) \ +- dst.func = src.func; \ ++ AuGrsecPaxPtr(func, dst, src); \ + else \ + AuDbg("%s %s\n", au_sbtype(h_sb), #func); \ + } \ +@@ -159,7 +170,7 @@ void au_dy_put(struct au_dykey *key) + #define DySetForce(func, dst, src) do { \ + AuDebugOn(!src.func); \ + DyDbgInc(cnt); \ +- dst.func = src.func; \ ++ AuGrsecPaxPtr(func, dst, src); \ + } while (0) + + #define DySetAop(func) \ +@@ -297,14 +308,21 @@ out: + */ + static void dy_adx(struct au_dyaop *dyaop, int do_dx) + { ++ union { ++ void *direct_IO, *get_xip_mem; ++ } grsec_pax_dummy = { ++ .get_xip_mem = NULL ++ }; ++ + if (!do_dx) { +- dyaop->da_op.direct_IO = NULL; +- dyaop->da_op.get_xip_mem = NULL; ++ AuGrsecPaxPtr(direct_IO, dyaop->da_op, grsec_pax_dummy); ++ AuGrsecPaxPtr(get_xip_mem, dyaop->da_op, grsec_pax_dummy); + } else { +- dyaop->da_op.direct_IO = aufs_aop.direct_IO; +- dyaop->da_op.get_xip_mem = aufs_aop.get_xip_mem; ++ AuGrsecPaxPtr(direct_IO, dyaop->da_op, aufs_aop); ++ AuGrsecPaxPtr(get_xip_mem, dyaop->da_op, aufs_aop); + if (!dyaop->da_get_xip_mem) +- dyaop->da_op.get_xip_mem = NULL; ++ AuGrsecPaxPtr(get_xip_mem, dyaop->da_op, ++ grsec_pax_dummy); + } + } + diff --git a/sys-fs/aufs3/metadata.xml b/sys-fs/aufs3/metadata.xml new file mode 100644 index 000000000000..5916c9f01a77 --- /dev/null +++ b/sys-fs/aufs3/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>no-herd</herd> + <maintainer> + <email>jlec@gentoo.org</email> + </maintainer> + <maintainer> + <email>tommy@gentoo.org</email> + </maintainer> + <use> + <flag name="debug">Enable additional debugging support</flag> + <flag name="hfs">Enable hfs support</flag> + <flag name="fuse">Enable fuse support</flag> + <flag name="inotify">Enable inotify support</flag> + <flag name="kernel-patch">Patch the current kernel for aufs2 support</flag> + <flag name="nfs">Enable support for nfs export</flag> + <flag name="pax_kernel">Apply patch needed for pax enabled kernels</flag> + <flag name="ramfs">Enable initramfs/rootfs support</flag> + </use> +</pkgmetadata> |