news

Solaris操作系统下的过滤驱动程序, C源码程序.

*** Notes specific to fistgen 0.0.6.1:

Minor Linux bug fixes:

	Use current->fsuid not ->uid
	in ->write, check if lower ->write exists, not ->read
	properly support exporting NODEV file systems (using fsid=N)
	Check for kmalloc failures.

*** Notes specific to fistgen 0.0.6:

Significant new features:

- New "attach-mode" mntstyle supported.  Similar to how CFS (Matt Blaze)
  creates per-user attached nodes to a mounted directory.  This is a delayed
  binding mount that non-superusers can affect right below the mount point.
  See templates/Linux-2.4/README.attach for details.  Turn code for this
  using "mntstyle attach" in your .fist file.

- FiST-Lite (Linux 2.4): data page copying (encode/decode_block) are no
  longer needed.  This halves the amount of memory that non-data-filtering
  file systems use.  It speeds things up, especially on systems under memory
  pressure.  This is now turned on when you don't specify "filter data" in
  your .fist file.

- new templates for FreeBSD 4.5 and 4.6 (written from scratch).  Pass all
  sorts of benchmarks and tests, including fsx.

Minor features:

- {en,de}code_block functions are now passed the page number (so you can,
  for example, compute an IV based on pagenum and inode-num).

- new global .fist feature: dynamic_inode_numbers on (off by default).  Will
  generate dynamic inode numbers for the stackable file systems, instead of
  inheriting the one from the lower file systems.  With
  dynamic_inode_numbers on, the stackable file system will traverse any
  number of mounted file systems below.  With "off", the stackable file
  system will refuse to descend into a second mounted file system below, to
  avoid inode number conflicts.  Note that with "on," inums are volatile so
  don't use them in a scenario that needs persistent inums (e.g., NFS).

- Fistgen supports $0.inum to get the inode number of a file system object.

Bugs fixed:

- sparse files properly supported in Linux 2.2/2.4, including creation of
  holes using lseek+write or truncate().  fist file systems now pass
  fsx-linux.

- Linux 2.4: properly initialize special inodes such as devices

- security fixes for zlib (gzipfs)

- provide (autoconf) replacements for basename/dirname as needed


*** Notes specific to fistgen 0.0.5.3:

Linux fixes:

- more module versioning problems fixed

- the default debug level is now 0, and it can be changed though a mount
  option (debug=%d) or a module parameter (fist_debug_var=%d)

- the poll method now returns sane defaults if the underlying fs doesn't
  support poll() [was breaking rpm, patch from Marc Boucher]

- the cryptfs ioctls() now returns 0 on success

- llseek() fix for SCA filesystems [patch from David Chow]

*** Notes specific to fistgen 0.0.5.2:

Fistgen now supports two new declarations:

(1) encoding_blocksize N;

    It takes a single integer between 1 and 4096 (1 being the default).
    This defines the smallest "chunking" size of the encoding algorithm used
    by a file system which defines "filter data".  1 is used by wrapfs,
    rot13fs, and the stream ciphers (cryptfs), but 8 must be set for vanilla
    Blowfish, a 64-bit (8 byte) block cipher.  If this value is set
    incorrectly, data corruption could occur. This new keyword was added
    because it is knowledge that can only be given by the developer of a
    fist-based file system.  Now that this number is available to fist code,
    the templates can do two things: (1) avoid corruption when the chunking
    size in greater than one, and (2) optimize copying data between upper
    and lower layers to the smallest amount needed instead of an entire
    page of data.  To developers, this keyword translates into a #define
    FIST_ENCODING_BLOCKSIZE statement in a fist-generated header file that
    gets included in all template sources.

    WARNING: encoding_blocksize > 1 is not yet supported!

(2) encoding_type (none|stream|block);

    This defines the encoding type for file systems that modify file data.

    - "none" means that no change is made in the data between the lower and
       upper layers (essentially wrapfs).

    - "stream" means that you're using a stream encoding algorithm such as a
      stream cipher (e.g. RC4, Blowfish in CFB64 mode). A chaining block
      cipher would also define encoding_type as "stream" and set the
      appropriate encoding_blocksize value.

    - "block" means that you're using a block encoding algorithm such as the
      Blowfish block cipher. You may also want to set encoding_blocksize to
      the proper size (say, 8 bytes). In this mode, each block is
      independent from any other block; see above for "stream" if you are
      using a chaining block cipher.

Linux fixes only:

- filesystem holes don't work with cryptfs: encode them as zero-filled pages
  and write them out. Fixes one corruption case when compiling code on
  cryptfs.

- clear out the end of an incomplete page. Fixes another corruption case
  when compiling code on cryptfs.

- 2.4.12 and recent 2.4-ac kernels verified to work correctly.

*** Notes specific to fistgen 0.0.5.1:

Linux fixes only:

- template Makefile uses correct TOPINC and allows for override through
  custom fistdev.mk file

- support kgcc (Red Hat) and gcc272 (Debian), using new kwhich script

- return ENOTTY if unknown ioctl is used (was returning 0).  Fixes visible
  errors such as "tar -z" failing.

- don't interpose if the hidden dentry is negative.  Fixes symlink stacking
  on top of NFSv2.

- support MODVERSIONS kernels

- support 64-bit non-SCA file systems in 2.4 templates.  Untested.

- do not allow chdir() into non-directories to succeed

*** Notes specific to fistgen 0.0.5:

Changes to Linux only:

- 2.4.x KERNELS NO LONGER NEED ANY KERNEL PATCHES TO SUPPORT FiST STACKING!
  (Verified on 2.4.10 and several others, but not all 2.4 kernels)

- port to Linux 2.2.19 and 2.4.10.  Some support for Red Hat 2.4 kernels.

- a new licensing for Linux templates that follows the Bison licensing model
  (see COPYING file)

- change default module debugging (if DEBUG is on) to highest level.  This
  way, we can see early debug messages before the ioctl code that can run to
  turn them off.  The ioctl can turn debugging off right after the mount, at
  which point about 30-40 lines of debugging code will have already
  printed.

- Linux bug fixes in 2.2 and 2.4:

	running binaries greater than 1 page inside 2.2 segfaults
	s_maxbytes set correctly, which some 2.4 kernels needed
	"cat DIR" shouldn't be allowed (now returns EISDIR)
	char/block devices correctly seen inside stacked f/s
	getting ESTALE when stacking on top of NFS
	check for possible corruption of cryptfs files (useful esp. if you
		mount cryptfs on top of a non-crypted directory)
	SCA file systems work in 2.4.x (gzipfs, uuencodefs, copyfs)
	fixed the fist-2.2.19 patch (was a 2.2.18 in disguise)
	OOPS in trying to deref a dentry w/o private data in ->d_delete

*** Notes specific to fistgen 0.0.4.1:

- cryptfs ioctl fixes

*** Notes specific to fistgen 0.0.3:

- bug fixes for all templates

*** Notes specific to fistgen 0.0.2:

- better README files
- patches for linux-2.2.15
- fixed patch for linux-2.2.14
- templates for FreeBSD-5.0 (untested)
- assorted bug fixes

*** Notes specific to fistgen 0.0.1:

- first public (limited) alpha release

- can build a few simple file systems from FiST descriptions for
	Linux 2.2 and 2.3
	Solaris 2.6 and 2.7
	FreeBSD 3.3

- the Linux-2.3 templates support Size Changing Algorithms (SCA).  We
  include a few sample file systems:

(1) gzipfs (compression using the Deflate algorithm)
(2) uuencodefs (uuencode the file)
(3) copyfs (just copy the data verbatim, useful for evaluating the
    performance of the SCA code)