~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/Documentation/filesystems/caching/cachefiles.rst

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /Documentation/filesystems/caching/cachefiles.rst (Version linux-6.12-rc7) and /Documentation/filesystems/caching/cachefiles.rst (Version linux-5.11.22)


  1 .. SPDX-License-Identifier: GPL-2.0                 1 .. SPDX-License-Identifier: GPL-2.0
  2                                                     2 
  3 ===================================            !!   3 ===============================================
  4 Cache on Already Mounted Filesystem            !!   4 CacheFiles: CACHE ON ALREADY MOUNTED FILESYSTEM
  5 ===================================            !!   5 ===============================================
  6                                                     6 
  7 .. Contents:                                        7 .. Contents:
  8                                                     8 
  9  (*) Overview.                                      9  (*) Overview.
 10                                                    10 
 11  (*) Requirements.                                 11  (*) Requirements.
 12                                                    12 
 13  (*) Configuration.                                13  (*) Configuration.
 14                                                    14 
 15  (*) Starting the cache.                           15  (*) Starting the cache.
 16                                                    16 
 17  (*) Things to avoid.                              17  (*) Things to avoid.
 18                                                    18 
 19  (*) Cache culling.                                19  (*) Cache culling.
 20                                                    20 
 21  (*) Cache structure.                              21  (*) Cache structure.
 22                                                    22 
 23  (*) Security model and SELinux.                   23  (*) Security model and SELinux.
 24                                                    24 
 25  (*) A note on security.                           25  (*) A note on security.
 26                                                    26 
 27  (*) Statistical information.                      27  (*) Statistical information.
 28                                                    28 
 29  (*) Debugging.                                    29  (*) Debugging.
 30                                                    30 
 31  (*) On-demand Read.                           << 
 32                                                    31 
 33                                                    32 
 34 Overview                                           33 Overview
 35 ========                                           34 ========
 36                                                    35 
 37 CacheFiles is a caching backend that's meant t     36 CacheFiles is a caching backend that's meant to use as a cache a directory on
 38 an already mounted filesystem of a local type      37 an already mounted filesystem of a local type (such as Ext3).
 39                                                    38 
 40 CacheFiles uses a userspace daemon to do some      39 CacheFiles uses a userspace daemon to do some of the cache management - such as
 41 reaping stale nodes and culling.  This is call     40 reaping stale nodes and culling.  This is called cachefilesd and lives in
 42 /sbin.                                             41 /sbin.
 43                                                    42 
 44 The filesystem and data integrity of the cache     43 The filesystem and data integrity of the cache are only as good as those of the
 45 filesystem providing the backing services.  No     44 filesystem providing the backing services.  Note that CacheFiles does not
 46 attempt to journal anything since the journall     45 attempt to journal anything since the journalling interfaces of the various
 47 filesystems are very specific in nature.           46 filesystems are very specific in nature.
 48                                                    47 
 49 CacheFiles creates a misc character device - "     48 CacheFiles creates a misc character device - "/dev/cachefiles" - that is used
 50 to communication with the daemon.  Only one th     49 to communication with the daemon.  Only one thing may have this open at once,
 51 and while it is open, a cache is at least part     50 and while it is open, a cache is at least partially in existence.  The daemon
 52 opens this and sends commands down it to contr     51 opens this and sends commands down it to control the cache.
 53                                                    52 
 54 CacheFiles is currently limited to a single ca     53 CacheFiles is currently limited to a single cache.
 55                                                    54 
 56 CacheFiles attempts to maintain at least a cer     55 CacheFiles attempts to maintain at least a certain percentage of free space on
 57 the filesystem, shrinking the cache by culling     56 the filesystem, shrinking the cache by culling the objects it contains to make
 58 space if necessary - see the "Cache Culling" s     57 space if necessary - see the "Cache Culling" section.  This means it can be
 59 placed on the same medium as a live set of dat     58 placed on the same medium as a live set of data, and will expand to make use of
 60 spare space and automatically contract when th     59 spare space and automatically contract when the set of data requires more
 61 space.                                             60 space.
 62                                                    61 
 63                                                    62 
 64                                                    63 
 65 Requirements                                       64 Requirements
 66 ============                                       65 ============
 67                                                    66 
 68 The use of CacheFiles and its daemon requires      67 The use of CacheFiles and its daemon requires the following features to be
 69 available in the system and in the cache files     68 available in the system and in the cache filesystem:
 70                                                    69 
 71         - dnotify.                                 70         - dnotify.
 72                                                    71 
 73         - extended attributes (xattrs).            72         - extended attributes (xattrs).
 74                                                    73 
 75         - openat() and friends.                    74         - openat() and friends.
 76                                                    75 
 77         - bmap() support on files in the files     76         - bmap() support on files in the filesystem (FIBMAP ioctl).
 78                                                    77 
 79         - The use of bmap() to detect a partia     78         - The use of bmap() to detect a partial page at the end of the file.
 80                                                    79 
 81 It is strongly recommended that the "dir_index     80 It is strongly recommended that the "dir_index" option is enabled on Ext3
 82 filesystems being used as a cache.                 81 filesystems being used as a cache.
 83                                                    82 
 84                                                    83 
 85 Configuration                                      84 Configuration
 86 =============                                      85 =============
 87                                                    86 
 88 The cache is configured by a script in /etc/ca     87 The cache is configured by a script in /etc/cachefilesd.conf.  These commands
 89 set up cache ready for use.  The following scr     88 set up cache ready for use.  The following script commands are available:
 90                                                    89 
 91  brun <N>%, bcull <N>%, bstop <N>%, frun <N>%,     90  brun <N>%, bcull <N>%, bstop <N>%, frun <N>%, fcull <N>%, fstop <N>%
 92         Configure the culling limits.  Optiona     91         Configure the culling limits.  Optional.  See the section on culling
 93         The defaults are 7% (run), 5% (cull) a     92         The defaults are 7% (run), 5% (cull) and 1% (stop) respectively.
 94                                                    93 
 95         The commands beginning with a 'b' are      94         The commands beginning with a 'b' are file space (block) limits, those
 96         beginning with an 'f' are file count l     95         beginning with an 'f' are file count limits.
 97                                                    96 
 98  dir <path>                                        97  dir <path>
 99         Specify the directory containing the r     98         Specify the directory containing the root of the cache.  Mandatory.
100                                                    99 
101  tag <name>                                       100  tag <name>
102         Specify a tag to FS-Cache to use in di    101         Specify a tag to FS-Cache to use in distinguishing multiple caches.
103         Optional.  The default is "CacheFiles"    102         Optional.  The default is "CacheFiles".
104                                                   103 
105  debug <mask>                                     104  debug <mask>
106         Specify a numeric bitmask to control d    105         Specify a numeric bitmask to control debugging in the kernel module.
107         Optional.  The default is zero (all of    106         Optional.  The default is zero (all off).  The following values can be
108         OR'd into the mask to collect various     107         OR'd into the mask to collect various information:
109                                                   108 
110                 ==      ======================    109                 ==      =================================================
111                 1       Turn on trace of funct    110                 1       Turn on trace of function entry (_enter() macros)
112                 2       Turn on trace of funct    111                 2       Turn on trace of function exit (_leave() macros)
113                 4       Turn on trace of inter    112                 4       Turn on trace of internal debug points (_debug())
114                 ==      ======================    113                 ==      =================================================
115                                                   114 
116         This mask can also be set through sysf    115         This mask can also be set through sysfs, eg::
117                                                   116 
118                 echo 5 > /sys/module/cachefile !! 117                 echo 5 >/sys/modules/cachefiles/parameters/debug
119                                                   118 
120                                                   119 
121 Starting the Cache                                120 Starting the Cache
122 ==================                                121 ==================
123                                                   122 
124 The cache is started by running the daemon.  T    123 The cache is started by running the daemon.  The daemon opens the cache device,
125 configures the cache and tells it to begin cac    124 configures the cache and tells it to begin caching.  At that point the cache
126 binds to fscache and the cache becomes live.      125 binds to fscache and the cache becomes live.
127                                                   126 
128 The daemon is run as follows::                    127 The daemon is run as follows::
129                                                   128 
130         /sbin/cachefilesd [-d]* [-s] [-n] [-f     129         /sbin/cachefilesd [-d]* [-s] [-n] [-f <configfile>]
131                                                   130 
132 The flags are:                                    131 The flags are:
133                                                   132 
134  ``-d``                                           133  ``-d``
135         Increase the debugging level.  This ca    134         Increase the debugging level.  This can be specified multiple times and
136         is cumulative with itself.                135         is cumulative with itself.
137                                                   136 
138  ``-s``                                           137  ``-s``
139         Send messages to stderr instead of sys    138         Send messages to stderr instead of syslog.
140                                                   139 
141  ``-n``                                           140  ``-n``
142         Don't daemonise and go into background    141         Don't daemonise and go into background.
143                                                   142 
144  ``-f <configfile>``                              143  ``-f <configfile>``
145         Use an alternative configuration file     144         Use an alternative configuration file rather than the default one.
146                                                   145 
147                                                   146 
148 Things to Avoid                                   147 Things to Avoid
149 ===============                                   148 ===============
150                                                   149 
151 Do not mount other things within the cache as     150 Do not mount other things within the cache as this will cause problems.  The
152 kernel module contains its own very cut-down p    151 kernel module contains its own very cut-down path walking facility that ignores
153 mountpoints, but the daemon can't avoid them.     152 mountpoints, but the daemon can't avoid them.
154                                                   153 
155 Do not create, rename or unlink files and dire    154 Do not create, rename or unlink files and directories in the cache while the
156 cache is active, as this may cause the state t    155 cache is active, as this may cause the state to become uncertain.
157                                                   156 
158 Renaming files in the cache might make objects    157 Renaming files in the cache might make objects appear to be other objects (the
159 filename is part of the lookup key).              158 filename is part of the lookup key).
160                                                   159 
161 Do not change or remove the extended attribute    160 Do not change or remove the extended attributes attached to cache files by the
162 cache as this will cause the cache state manag    161 cache as this will cause the cache state management to get confused.
163                                                   162 
164 Do not create files or directories in the cach    163 Do not create files or directories in the cache, lest the cache get confused or
165 serve incorrect data.                             164 serve incorrect data.
166                                                   165 
167 Do not chmod files in the cache.  The module c    166 Do not chmod files in the cache.  The module creates things with minimal
168 permissions to prevent random users being able    167 permissions to prevent random users being able to access them directly.
169                                                   168 
170                                                   169 
171 Cache Culling                                     170 Cache Culling
172 =============                                     171 =============
173                                                   172 
174 The cache may need culling occasionally to mak    173 The cache may need culling occasionally to make space.  This involves
175 discarding objects from the cache that have be    174 discarding objects from the cache that have been used less recently than
176 anything else.  Culling is based on the access    175 anything else.  Culling is based on the access time of data objects.  Empty
177 directories are culled if not in use.             176 directories are culled if not in use.
178                                                   177 
179 Cache culling is done on the basis of the perc    178 Cache culling is done on the basis of the percentage of blocks and the
180 percentage of files available in the underlyin    179 percentage of files available in the underlying filesystem.  There are six
181 "limits":                                         180 "limits":
182                                                   181 
183  brun, frun                                       182  brun, frun
184      If the amount of free space and the numbe    183      If the amount of free space and the number of available files in the cache
185      rises above both these limits, then culli    184      rises above both these limits, then culling is turned off.
186                                                   185 
187  bcull, fcull                                     186  bcull, fcull
188      If the amount of available space or the n    187      If the amount of available space or the number of available files in the
189      cache falls below either of these limits,    188      cache falls below either of these limits, then culling is started.
190                                                   189 
191  bstop, fstop                                     190  bstop, fstop
192      If the amount of available space or the n    191      If the amount of available space or the number of available files in the
193      cache falls below either of these limits,    192      cache falls below either of these limits, then no further allocation of
194      disk space or files is permitted until cu    193      disk space or files is permitted until culling has raised things above
195      these limits again.                          194      these limits again.
196                                                   195 
197 These must be configured thusly::                 196 These must be configured thusly::
198                                                   197 
199         0 <= bstop < bcull < brun < 100           198         0 <= bstop < bcull < brun < 100
200         0 <= fstop < fcull < frun < 100           199         0 <= fstop < fcull < frun < 100
201                                                   200 
202 Note that these are percentages of available s    201 Note that these are percentages of available space and available files, and do
203 _not_ appear as 100 minus the percentage displ    202 _not_ appear as 100 minus the percentage displayed by the "df" program.
204                                                   203 
205 The userspace daemon scans the cache to build     204 The userspace daemon scans the cache to build up a table of cullable objects.
206 These are then culled in least recently used o    205 These are then culled in least recently used order.  A new scan of the cache is
207 started as soon as space is made in the table.    206 started as soon as space is made in the table.  Objects will be skipped if
208 their atimes have changed or if the kernel mod    207 their atimes have changed or if the kernel module says it is still using them.
209                                                   208 
210                                                   209 
211 Cache Structure                                   210 Cache Structure
212 ===============                                   211 ===============
213                                                   212 
214 The CacheFiles module will create two director    213 The CacheFiles module will create two directories in the directory it was
215 given:                                            214 given:
216                                                   215 
217  * cache/                                         216  * cache/
218  * graveyard/                                     217  * graveyard/
219                                                   218 
220 The active cache objects all reside in the fir    219 The active cache objects all reside in the first directory.  The CacheFiles
221 kernel module moves any retired or culled obje    220 kernel module moves any retired or culled objects that it can't simply unlink
222 to the graveyard from which the daemon will ac    221 to the graveyard from which the daemon will actually delete them.
223                                                   222 
224 The daemon uses dnotify to monitor the graveya    223 The daemon uses dnotify to monitor the graveyard directory, and will delete
225 anything that appears therein.                    224 anything that appears therein.
226                                                   225 
227                                                   226 
228 The module represents index objects as directo    227 The module represents index objects as directories with the filename "I..." or
229 "J...".  Note that the "cache/" directory is i    228 "J...".  Note that the "cache/" directory is itself a special index.
230                                                   229 
231 Data objects are represented as files if they     230 Data objects are represented as files if they have no children, or directories
232 if they do.  Their filenames all begin "D..."     231 if they do.  Their filenames all begin "D..." or "E...".  If represented as a
233 directory, data objects will have a file in th    232 directory, data objects will have a file in the directory called "data" that
234 actually holds the data.                          233 actually holds the data.
235                                                   234 
236 Special objects are similar to data objects, e    235 Special objects are similar to data objects, except their filenames begin
237 "S..." or "T...".                                 236 "S..." or "T...".
238                                                   237 
239                                                   238 
240 If an object has children, then it will be rep    239 If an object has children, then it will be represented as a directory.
241 Immediately in the representative directory ar    240 Immediately in the representative directory are a collection of directories
242 named for hash values of the child object keys    241 named for hash values of the child object keys with an '@' prepended.  Into
243 this directory, if possible, will be placed th    242 this directory, if possible, will be placed the representations of the child
244 objects::                                         243 objects::
245                                                   244 
246          /INDEX    /INDEX     /INDEX              245          /INDEX    /INDEX     /INDEX                            /DATA FILES
247         /=========/==========/================    246         /=========/==========/=================================/================
248         cache/@4a/I03nfs/@30/Ji000000000000000    247         cache/@4a/I03nfs/@30/Ji000000000000000--fHg8hi8400
249         cache/@4a/I03nfs/@30/Ji000000000000000    248         cache/@4a/I03nfs/@30/Ji000000000000000--fHg8hi8400/@75/Es0g000w...DB1ry
250         cache/@4a/I03nfs/@30/Ji000000000000000    249         cache/@4a/I03nfs/@30/Ji000000000000000--fHg8hi8400/@75/Es0g000w...N22ry
251         cache/@4a/I03nfs/@30/Ji000000000000000    250         cache/@4a/I03nfs/@30/Ji000000000000000--fHg8hi8400/@75/Es0g000w...FP1ry
252                                                   251 
253                                                   252 
254 If the key is so long that it exceeds NAME_MAX    253 If the key is so long that it exceeds NAME_MAX with the decorations added on to
255 it, then it will be cut into pieces, the first    254 it, then it will be cut into pieces, the first few of which will be used to
256 make a nest of directories, and the last one o    255 make a nest of directories, and the last one of which will be the objects
257 inside the last directory.  The names of the i    256 inside the last directory.  The names of the intermediate directories will have
258 '+' prepended::                                   257 '+' prepended::
259                                                   258 
260         J1223/@23/+xy...z/+kl...m/Epqr            259         J1223/@23/+xy...z/+kl...m/Epqr
261                                                   260 
262                                                   261 
263 Note that keys are raw data, and not only may     262 Note that keys are raw data, and not only may they exceed NAME_MAX in size,
264 they may also contain things like '/' and NUL     263 they may also contain things like '/' and NUL characters, and so they may not
265 be suitable for turning directly into a filena    264 be suitable for turning directly into a filename.
266                                                   265 
267 To handle this, CacheFiles will use a suitably    266 To handle this, CacheFiles will use a suitably printable filename directly and
268 "base-64" encode ones that aren't directly sui    267 "base-64" encode ones that aren't directly suitable.  The two versions of
269 object filenames indicate the encoding:           268 object filenames indicate the encoding:
270                                                   269 
271         =============== =============== ======    270         =============== =============== ===============
272         OBJECT TYPE     PRINTABLE       ENCODE    271         OBJECT TYPE     PRINTABLE       ENCODED
273         =============== =============== ======    272         =============== =============== ===============
274         Index           "I..."          "J..."    273         Index           "I..."          "J..."
275         Data            "D..."          "E..."    274         Data            "D..."          "E..."
276         Special         "S..."          "T..."    275         Special         "S..."          "T..."
277         =============== =============== ======    276         =============== =============== ===============
278                                                   277 
279 Intermediate directories are always "@" or "+"    278 Intermediate directories are always "@" or "+" as appropriate.
280                                                   279 
281                                                   280 
282 Each object in the cache has an extended attri    281 Each object in the cache has an extended attribute label that holds the object
283 type ID (required to distinguish special objec    282 type ID (required to distinguish special objects) and the auxiliary data from
284 the netfs.  The latter is used to detect stale    283 the netfs.  The latter is used to detect stale objects in the cache and update
285 or retire them.                                   284 or retire them.
286                                                   285 
287                                                   286 
288 Note that CacheFiles will erase from the cache    287 Note that CacheFiles will erase from the cache any file it doesn't recognise or
289 any file of an incorrect type (such as a FIFO     288 any file of an incorrect type (such as a FIFO file or a device file).
290                                                   289 
291                                                   290 
292 Security Model and SELinux                        291 Security Model and SELinux
293 ==========================                        292 ==========================
294                                                   293 
295 CacheFiles is implemented to deal properly wit    294 CacheFiles is implemented to deal properly with the LSM security features of
296 the Linux kernel and the SELinux facility.        295 the Linux kernel and the SELinux facility.
297                                                   296 
298 One of the problems that CacheFiles faces is t    297 One of the problems that CacheFiles faces is that it is generally acting on
299 behalf of a process, and running in that proce    298 behalf of a process, and running in that process's context, and that includes a
300 security context that is not appropriate for a    299 security context that is not appropriate for accessing the cache - either
301 because the files in the cache are inaccessibl    300 because the files in the cache are inaccessible to that process, or because if
302 the process creates a file in the cache, that     301 the process creates a file in the cache, that file may be inaccessible to other
303 processes.                                        302 processes.
304                                                   303 
305 The way CacheFiles works is to temporarily cha    304 The way CacheFiles works is to temporarily change the security context (fsuid,
306 fsgid and actor security label) that the proce    305 fsgid and actor security label) that the process acts as - without changing the
307 security context of the process when it the ta    306 security context of the process when it the target of an operation performed by
308 some other process (so signalling and suchlike    307 some other process (so signalling and suchlike still work correctly).
309                                                   308 
310                                                   309 
311 When the CacheFiles module is asked to bind to    310 When the CacheFiles module is asked to bind to its cache, it:
312                                                   311 
313  (1) Finds the security label attached to the     312  (1) Finds the security label attached to the root cache directory and uses
314      that as the security label with which it     313      that as the security label with which it will create files.  By default,
315      this is::                                    314      this is::
316                                                   315 
317         cachefiles_var_t                          316         cachefiles_var_t
318                                                   317 
319  (2) Finds the security label of the process w    318  (2) Finds the security label of the process which issued the bind request
320      (presumed to be the cachefilesd daemon),     319      (presumed to be the cachefilesd daemon), which by default will be::
321                                                   320 
322         cachefilesd_t                             321         cachefilesd_t
323                                                   322 
324      and asks LSM to supply a security ID as w    323      and asks LSM to supply a security ID as which it should act given the
325      daemon's label.  By default, this will be    324      daemon's label.  By default, this will be::
326                                                   325 
327         cachefiles_kernel_t                       326         cachefiles_kernel_t
328                                                   327 
329      SELinux transitions the daemon's security    328      SELinux transitions the daemon's security ID to the module's security ID
330      based on a rule of this form in the polic    329      based on a rule of this form in the policy::
331                                                   330 
332         type_transition <daemon's-ID> kernel_t    331         type_transition <daemon's-ID> kernel_t : process <module's-ID>;
333                                                   332 
334      For instance::                               333      For instance::
335                                                   334 
336         type_transition cachefilesd_t kernel_t    335         type_transition cachefilesd_t kernel_t : process cachefiles_kernel_t;
337                                                   336 
338                                                   337 
339 The module's security ID gives it permission t    338 The module's security ID gives it permission to create, move and remove files
340 and directories in the cache, to find and acce    339 and directories in the cache, to find and access directories and files in the
341 cache, to set and access extended attributes o    340 cache, to set and access extended attributes on cache objects, and to read and
342 write files in the cache.                         341 write files in the cache.
343                                                   342 
344 The daemon's security ID gives it only a very     343 The daemon's security ID gives it only a very restricted set of permissions: it
345 may scan directories, stat files and erase fil    344 may scan directories, stat files and erase files and directories.  It may
346 not read or write files in the cache, and so i    345 not read or write files in the cache, and so it is precluded from accessing the
347 data cached therein; nor is it permitted to cr    346 data cached therein; nor is it permitted to create new files in the cache.
348                                                   347 
349                                                   348 
350 There are policy source files available in:       349 There are policy source files available in:
351                                                   350 
352         https://people.redhat.com/~dhowells/fs    351         https://people.redhat.com/~dhowells/fscache/cachefilesd-0.8.tar.bz2
353                                                   352 
354 and later versions.  In that tarball, see the     353 and later versions.  In that tarball, see the files::
355                                                   354 
356         cachefilesd.te                            355         cachefilesd.te
357         cachefilesd.fc                            356         cachefilesd.fc
358         cachefilesd.if                            357         cachefilesd.if
359                                                   358 
360 They are built and installed directly by the R    359 They are built and installed directly by the RPM.
361                                                   360 
362 If a non-RPM based system is being used, then     361 If a non-RPM based system is being used, then copy the above files to their own
363 directory and run::                               362 directory and run::
364                                                   363 
365         make -f /usr/share/selinux/devel/Makef    364         make -f /usr/share/selinux/devel/Makefile
366         semodule -i cachefilesd.pp                365         semodule -i cachefilesd.pp
367                                                   366 
368 You will need checkpolicy and selinux-policy-d    367 You will need checkpolicy and selinux-policy-devel installed prior to the
369 build.                                            368 build.
370                                                   369 
371                                                   370 
372 By default, the cache is located in /var/fscac    371 By default, the cache is located in /var/fscache, but if it is desirable that
373 it should be elsewhere, than either the above     372 it should be elsewhere, than either the above policy files must be altered, or
374 an auxiliary policy must be installed to label    373 an auxiliary policy must be installed to label the alternate location of the
375 cache.                                            374 cache.
376                                                   375 
377 For instructions on how to add an auxiliary po    376 For instructions on how to add an auxiliary policy to enable the cache to be
378 located elsewhere when SELinux is in enforcing    377 located elsewhere when SELinux is in enforcing mode, please see::
379                                                   378 
380         /usr/share/doc/cachefilesd-*/move-cach    379         /usr/share/doc/cachefilesd-*/move-cache.txt
381                                                   380 
382 When the cachefilesd rpm is installed; alterna    381 When the cachefilesd rpm is installed; alternatively, the document can be found
383 in the sources.                                   382 in the sources.
384                                                   383 
385                                                   384 
386 A Note on Security                                385 A Note on Security
387 ==================                                386 ==================
388                                                   387 
389 CacheFiles makes use of the split security in     388 CacheFiles makes use of the split security in the task_struct.  It allocates
390 its own task_security structure, and redirects    389 its own task_security structure, and redirects current->cred to point to it
391 when it acts on behalf of another process, in     390 when it acts on behalf of another process, in that process's context.
392                                                   391 
393 The reason it does this is that it calls vfs_m    392 The reason it does this is that it calls vfs_mkdir() and suchlike rather than
394 bypassing security and calling inode ops direc    393 bypassing security and calling inode ops directly.  Therefore the VFS and LSM
395 may deny the CacheFiles access to the cache da    394 may deny the CacheFiles access to the cache data because under some
396 circumstances the caching code is running in t    395 circumstances the caching code is running in the security context of whatever
397 process issued the original syscall on the net    396 process issued the original syscall on the netfs.
398                                                   397 
399 Furthermore, should CacheFiles create a file o    398 Furthermore, should CacheFiles create a file or directory, the security
400 parameters with that object is created (UID, G    399 parameters with that object is created (UID, GID, security label) would be
401 derived from that process that issued the syst    400 derived from that process that issued the system call, thus potentially
402 preventing other processes from accessing the     401 preventing other processes from accessing the cache - including CacheFiles's
403 cache management daemon (cachefilesd).            402 cache management daemon (cachefilesd).
404                                                   403 
405 What is required is to temporarily override th    404 What is required is to temporarily override the security of the process that
406 issued the system call.  We can't, however, ju    405 issued the system call.  We can't, however, just do an in-place change of the
407 security data as that affects the process as a    406 security data as that affects the process as an object, not just as a subject.
408 This means it may lose signals or ptrace event    407 This means it may lose signals or ptrace events for example, and affects what
409 the process looks like in /proc.                  408 the process looks like in /proc.
410                                                   409 
411 So CacheFiles makes use of a logical split in     410 So CacheFiles makes use of a logical split in the security between the
412 objective security (task->real_cred) and the s    411 objective security (task->real_cred) and the subjective security (task->cred).
413 The objective security holds the intrinsic sec    412 The objective security holds the intrinsic security properties of a process and
414 is never overridden.  This is what appears in     413 is never overridden.  This is what appears in /proc, and is what is used when a
415 process is the target of an operation by some     414 process is the target of an operation by some other process (SIGKILL for
416 example).                                         415 example).
417                                                   416 
418 The subjective security holds the active secur    417 The subjective security holds the active security properties of a process, and
419 may be overridden.  This is not seen externall !! 418 may be overridden.  This is not seen externally, and is used whan a process
420 acts upon another object, for example SIGKILLi    419 acts upon another object, for example SIGKILLing another process or opening a
421 file.                                             420 file.
422                                                   421 
423 LSM hooks exist that allow SELinux (or Smack o    422 LSM hooks exist that allow SELinux (or Smack or whatever) to reject a request
424 for CacheFiles to run in a context of a specif    423 for CacheFiles to run in a context of a specific security label, or to create
425 files and directories with another security la    424 files and directories with another security label.
426                                                   425 
427                                                   426 
428 Statistical Information                           427 Statistical Information
429 =======================                           428 =======================
430                                                   429 
431 If FS-Cache is compiled with the following opt    430 If FS-Cache is compiled with the following option enabled::
432                                                   431 
433         CONFIG_CACHEFILES_HISTOGRAM=y             432         CONFIG_CACHEFILES_HISTOGRAM=y
434                                                   433 
435 then it will gather certain statistics and dis    434 then it will gather certain statistics and display them through a proc file.
436                                                   435 
437  /proc/fs/cachefiles/histogram                    436  /proc/fs/cachefiles/histogram
438                                                   437 
439      ::                                           438      ::
440                                                   439 
441         cat /proc/fs/cachefiles/histogram         440         cat /proc/fs/cachefiles/histogram
442         JIFS  SECS  LOOKUPS   MKDIRS    CREATE    441         JIFS  SECS  LOOKUPS   MKDIRS    CREATES
443         ===== ===== ========= ========= ======    442         ===== ===== ========= ========= =========
444                                                   443 
445      This shows the breakdown of the number of    444      This shows the breakdown of the number of times each amount of time
446      between 0 jiffies and HZ-1 jiffies a vari    445      between 0 jiffies and HZ-1 jiffies a variety of tasks took to run.  The
447      columns are as follows:                      446      columns are as follows:
448                                                   447 
449         =======         ======================    448         =======         =======================================================
450         COLUMN          TIME MEASUREMENT          449         COLUMN          TIME MEASUREMENT
451         =======         ======================    450         =======         =======================================================
452         LOOKUPS         Length of time to perf    451         LOOKUPS         Length of time to perform a lookup on the backing fs
453         MKDIRS          Length of time to perf    452         MKDIRS          Length of time to perform a mkdir on the backing fs
454         CREATES         Length of time to perf    453         CREATES         Length of time to perform a create on the backing fs
455         =======         ======================    454         =======         =======================================================
456                                                   455 
457      Each row shows the number of events that     456      Each row shows the number of events that took a particular range of times.
458      Each step is 1 jiffy in size.  The JIFS c    457      Each step is 1 jiffy in size.  The JIFS column indicates the particular
459      jiffy range covered, and the SECS field t    458      jiffy range covered, and the SECS field the equivalent number of seconds.
460                                                   459 
461                                                   460 
462 Debugging                                         461 Debugging
463 =========                                         462 =========
464                                                   463 
465 If CONFIG_CACHEFILES_DEBUG is enabled, the Cac    464 If CONFIG_CACHEFILES_DEBUG is enabled, the CacheFiles facility can have runtime
466 debugging enabled by adjusting the value in::     465 debugging enabled by adjusting the value in::
467                                                   466 
468         /sys/module/cachefiles/parameters/debu    467         /sys/module/cachefiles/parameters/debug
469                                                   468 
470 This is a bitmask of debugging streams to enab    469 This is a bitmask of debugging streams to enable:
471                                                   470 
472         ======= ======= ======================    471         ======= ======= =============================== =======================
473         BIT     VALUE   STREAM                    472         BIT     VALUE   STREAM                          POINT
474         ======= ======= ======================    473         ======= ======= =============================== =======================
475         0       1       General                   474         0       1       General                         Function entry trace
476         1       2                                 475         1       2                                       Function exit trace
477         2       4                                 476         2       4                                       General
478         ======= ======= ======================    477         ======= ======= =============================== =======================
479                                                   478 
480 The appropriate set of values should be OR'd t    479 The appropriate set of values should be OR'd together and the result written to
481 the control file.  For example::                  480 the control file.  For example::
482                                                   481 
483         echo $((1|4|8)) >/sys/module/cachefile    482         echo $((1|4|8)) >/sys/module/cachefiles/parameters/debug
484                                                   483 
485 will turn on all function entry debugging.        484 will turn on all function entry debugging.
486                                                << 
487                                                << 
488 On-demand Read                                 << 
489 ==============                                 << 
490                                                << 
491 When working in its original mode, CacheFiles  << 
492 remote networking fs - while in on-demand read << 
493 scenario where on-demand read semantics are ne << 
494 distribution.                                  << 
495                                                << 
496 The essential difference between these two mod << 
497 occurs: In the original mode, the netfs will f << 
498 server and then write it to the cache file; in << 
499 the data and writing it into the cache is dele << 
500                                                << 
501 ``CONFIG_CACHEFILES_ONDEMAND`` should be enabl << 
502                                                << 
503                                                << 
504 Protocol Communication                         << 
505 ----------------------                         << 
506                                                << 
507 The on-demand read mode uses a simple protocol << 
508 and user daemon. The protocol can be modeled a << 
509                                                << 
510         kernel --[request]--> user daemon --[r << 
511                                                << 
512 CacheFiles will send requests to the user daem << 
513 should poll the devnode ('/dev/cachefiles') to << 
514 request to be processed.  A POLLIN event will  << 
515 request.                                       << 
516                                                << 
517 The user daemon then reads the devnode to fetc << 
518 be noted that each read only gets one request. << 
519 the request, the user daemon should write the  << 
520                                                << 
521 Each request starts with a message header of t << 
522                                                << 
523         struct cachefiles_msg {                << 
524                 __u32 msg_id;                  << 
525                 __u32 opcode;                  << 
526                 __u32 len;                     << 
527                 __u32 object_id;               << 
528                 __u8  data[];                  << 
529         };                                     << 
530                                                << 
531 where:                                         << 
532                                                << 
533         * ``msg_id`` is a unique ID identifyin << 
534           requests.                            << 
535                                                << 
536         * ``opcode`` indicates the type of thi << 
537                                                << 
538         * ``object_id`` is a unique ID identif << 
539                                                << 
540         * ``data`` indicates the payload of th << 
541                                                << 
542         * ``len`` indicates the whole length o << 
543           header and following type-specific p << 
544                                                << 
545                                                << 
546 Turning on On-demand Mode                      << 
547 -------------------------                      << 
548                                                << 
549 An optional parameter becomes available to the << 
550                                                << 
551         bind [ondemand]                        << 
552                                                << 
553 When the "bind" command is given no argument,  << 
554 When it is given the "ondemand" argument, i.e. << 
555 mode will be enabled.                          << 
556                                                << 
557                                                << 
558 The OPEN Request                               << 
559 ----------------                               << 
560                                                << 
561 When the netfs opens a cache file for the firs << 
562 CACHEFILES_OP_OPEN opcode, a.k.a an OPEN reque << 
563 daemon.  The payload format is of the form::   << 
564                                                << 
565         struct cachefiles_open {               << 
566                 __u32 volume_key_size;         << 
567                 __u32 cookie_key_size;         << 
568                 __u32 fd;                      << 
569                 __u32 flags;                   << 
570                 __u8  data[];                  << 
571         };                                     << 
572                                                << 
573 where:                                         << 
574                                                << 
575         * ``data`` contains the volume_key fol << 
576           The volume key is a NUL-terminated s << 
577           data.                                << 
578                                                << 
579         * ``volume_key_size`` indicates the si << 
580                                                << 
581         * ``cookie_key_size`` indicates the si << 
582                                                << 
583         * ``fd`` indicates an anonymous fd ref << 
584           which the user daemon can perform wr << 
585           cache file.                          << 
586                                                << 
587                                                << 
588 The user daemon can use the given (volume_key, << 
589 the requested cache file.  With the given anon << 
590 fetch the data and write it to the cache file  << 
591 kernel has not triggered a cache miss yet.     << 
592                                                << 
593 Be noted that each cache file has a unique obj << 
594 anonymous fds.  The user daemon may duplicate  << 
595 anonymous fd indicated by the @fd field throug << 
596 be mapped to multiple anonymous fds, while the << 
597 maintain the mapping.                          << 
598                                                << 
599 When implementing a user daemon, please be car << 
600 ``/proc/sys/fs/nr_open`` and ``/proc/sys/fs/fi << 
601 be huge since they're related to the number of << 
602 open files of each individual filesystem.      << 
603                                                << 
604 The user daemon should reply the OPEN request  << 
605 open) command on the devnode::                 << 
606                                                << 
607         copen <msg_id>,<cache_size>            << 
608                                                << 
609 where:                                         << 
610                                                << 
611         * ``msg_id`` must match the msg_id fie << 
612                                                << 
613         * When >= 0, ``cache_size`` indicates  << 
614           when < 0, ``cache_size`` indicates a << 
615           user daemon.                         << 
616                                                << 
617                                                << 
618 The CLOSE Request                              << 
619 -----------------                              << 
620                                                << 
621 When a cookie withdrawn, a CLOSE request (opco << 
622 sent to the user daemon.  This tells the user  << 
623 associated with the given object_id.  The CLOS << 
624 and shouldn't be replied.                      << 
625                                                << 
626                                                << 
627 The READ Request                               << 
628 ----------------                               << 
629                                                << 
630 When a cache miss is encountered in on-demand  << 
631 READ request (opcode CACHEFILES_OP_READ) to th << 
632 daemon to fetch the contents of the requested  << 
633 form::                                         << 
634                                                << 
635         struct cachefiles_read {               << 
636                 __u64 off;                     << 
637                 __u64 len;                     << 
638         };                                     << 
639                                                << 
640 where:                                         << 
641                                                << 
642         * ``off`` indicates the starting offse << 
643                                                << 
644         * ``len`` indicates the length of the  << 
645                                                << 
646                                                << 
647 When it receives a READ request, the user daem << 
648 and write it to the cache file identified by o << 
649                                                << 
650 When it has finished processing the READ reque << 
651 by using the CACHEFILES_IOC_READ_COMPLETE ioct << 
652 associated with the object_id given in the REA << 
653 form::                                         << 
654                                                << 
655         ioctl(fd, CACHEFILES_IOC_READ_COMPLETE << 
656                                                << 
657 where:                                         << 
658                                                << 
659         * ``fd`` is one of the anonymous fds a << 
660           given.                               << 
661                                                << 
662         * ``msg_id`` must match the msg_id fie << 
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php