1 .. SPDX-License-Identifier: GPL-2.0
3 ===========================
4 Coda Kernel-Venus Interface
5 ===========================
9 This is one of the technical documents describing a component of
10 Coda -- this document describes the client kernel-Venus interface.
14 http://www.coda.cs.cmu.edu
16 For user level software needed to run Coda:
18 ftp://ftp.coda.cs.cmu.edu
20 To run Coda you need to get a user level cache manager for the client,
21 named Venus, as well as tools to manipulate ACLs, to log in, etc. The
22 client needs to have the Coda filesystem selected in the kernel
25 The server needs a user level server and at present does not depend on
28 The Venus kernel interface
34 This document describes the communication between Venus and kernel
35 level filesystem code needed for the operation of the Coda file sys-
36 tem. This document version is meant to describe the current interface
37 (version 1.0) as well as improvements we envisage.
43 2. Servicing Coda filesystem calls
47 3.1 Implementation details
49 4. The interface at the call level
51 4.1 Data structures shared by the kernel and Venus
52 4.2 The pioctl interface
80 5. The minicache and downcalls
91 6. Initialization and cleanup
98 A key component in the Coda Distributed File System is the cache
101 When processes on a Coda enabled system access files in the Coda
102 filesystem, requests are directed at the filesystem layer in the
103 operating system. The operating system will communicate with Venus to
104 service the request for the process. Venus manages a persistent
105 client cache and makes remote procedure calls to Coda file servers and
106 related servers (such as authentication servers) to service these
107 requests it receives from the operating system. When Venus has
108 serviced a request it replies to the operating system with appropriate
109 return codes, and other data related to the request. Optionally the
110 kernel support for Coda may maintain a minicache of recently processed
111 requests to limit the number of interactions with Venus. Venus
112 possesses the facility to inform the kernel when elements from its
113 minicache are no longer valid.
115 This document describes precisely this communication between the
116 kernel and Venus. The definitions of so called upcalls and downcalls
117 will be given with the format of the data they handle. We shall also
118 describe the semantic invariants resulting from the calls.
120 Historically Coda was implemented in a BSD file system in Mach 2.6.
121 The interface between the kernel and Venus is very similar to the BSD
122 VFS interface. Similar functionality is provided, and the format of
123 the parameters and returned data is very similar to the BSD VFS. This
124 leads to an almost natural environment for implementing a kernel-level
125 filesystem driver for Coda in a BSD system. However, other operating
126 systems such as Linux and Windows 95 and NT have virtual filesystem
127 with different interfaces.
129 To implement Coda on these systems some reverse engineering of the
130 Venus/Kernel protocol is necessary. Also it came to light that other
131 systems could profit significantly from certain small optimizations
132 and modifications to the protocol. To facilitate this work as well as
133 to make future ports easier, communication between Venus and the
134 kernel should be documented in great detail. This is the aim of this
137 2. Servicing Coda filesystem calls
138 ===================================
140 The service of a request for a Coda file system service originates in
141 a process P which accessing a Coda file. It makes a system call which
142 traps to the OS kernel. Examples of such calls trapping to the kernel
143 are ``read``, ``write``, ``open``, ``close``, ``create``, ``mkdir``,
144 ``rmdir``, ``chmod`` in a Unix ontext. Similar calls exist in the Win32
145 environment, and are named ``CreateFile``.
147 Generally the operating system handles the request in a virtual
148 filesystem (VFS) layer, which is named I/O Manager in NT and IFS
149 manager in Windows 95. The VFS is responsible for partial processing
150 of the request and for locating the specific filesystem(s) which will
151 service parts of the request. Usually the information in the path
152 assists in locating the correct FS drivers. Sometimes after extensive
153 pre-processing, the VFS starts invoking exported routines in the FS
154 driver. This is the point where the FS specific processing of the
155 request starts, and here the Coda specific kernel code comes into
158 The FS layer for Coda must expose and implement several interfaces.
159 First and foremost the VFS must be able to make all necessary calls to
160 the Coda FS layer, so the Coda FS driver must expose the VFS interface
161 as applicable in the operating system. These differ very significantly
162 among operating systems, but share features such as facilities to
163 read/write and create and remove objects. The Coda FS layer services
164 such VFS requests by invoking one or more well defined services
165 offered by the cache manager Venus. When the replies from Venus have
166 come back to the FS driver, servicing of the VFS call continues and
167 finishes with a reply to the kernel's VFS. Finally the VFS layer
168 returns to the process.
170 As a result of this design a basic interface exposed by the FS driver
171 must allow Venus to manage message traffic. In particular Venus must
172 be able to retrieve and place messages and to be notified of the
173 arrival of a new message. The notification must be through a mechanism
174 which does not block Venus since Venus must attend to other tasks even
175 when no messages are waiting or being processed.
177 **Interfaces of the Coda FS Driver**
179 Furthermore the FS layer provides for a special path of communication
180 between a user process and Venus, called the pioctl interface. The
181 pioctl interface is used for Coda specific services, such as
182 requesting detailed information about the persistent cache managed by
183 Venus. Here the involvement of the kernel is minimal. It identifies
184 the calling process and passes the information on to Venus. When
185 Venus replies the response is passed back to the caller in unmodified
188 Finally Venus allows the kernel FS driver to cache the results from
189 certain services. This is done to avoid excessive context switches
190 and results in an efficient system. However, Venus may acquire
191 information, for example from the network which implies that cached
192 information must be flushed or replaced. Venus then makes a downcall
193 to the Coda FS layer to request flushes or updates in the cache. The
194 kernel FS driver handles such requests synchronously.
196 Among these interfaces the VFS interface and the facility to place,
197 receive and be notified of messages are platform specific. We will
198 not go into the calls exported to the VFS layer but we will state the
199 requirements of the message exchange mechanism.
203 =====================
205 At the lowest level the communication between Venus and the FS driver
206 proceeds through messages. The synchronization between processes
207 requesting Coda file service and Venus relies on blocking and waking
208 up processes. The Coda FS driver processes VFS- and pioctl-requests
209 on behalf of a process P, creates messages for Venus, awaits replies
210 and finally returns to the caller. The implementation of the exchange
211 of messages is platform specific, but the semantics have (so far)
212 appeared to be generally applicable. Data buffers are created by the
213 FS Driver in kernel memory on behalf of P and copied to user memory in
216 The FS Driver while servicing P makes upcalls to Venus. Such an
217 upcall is dispatched to Venus by creating a message structure. The
218 structure contains the identification of P, the message sequence
219 number, the size of the request and a pointer to the data in kernel
220 memory for the request. Since the data buffer is re-used to hold the
221 reply from Venus, there is a field for the size of the reply. A flags
222 field is used in the message to precisely record the status of the
223 message. Additional platform dependent structures involve pointers to
224 determine the position of the message on queues and pointers to
225 synchronization objects. In the upcall routine the message structure
226 is filled in, flags are set to 0, and it is placed on the *pending*
227 queue. The routine calling upcall is responsible for allocating the
228 data buffer; its structure will be described in the next section.
230 A facility must exist to notify Venus that the message has been
231 created, and implemented using available synchronization objects in
232 the OS. This notification is done in the upcall context of the process
233 P. When the message is on the pending queue, process P cannot proceed
234 in upcall. The (kernel mode) processing of P in the filesystem
235 request routine must be suspended until Venus has replied. Therefore
236 the calling thread in P is blocked in upcall. A pointer in the
237 message structure will locate the synchronization object on which P is
240 Venus detects the notification that a message has arrived, and the FS
241 driver allow Venus to retrieve the message with a getmsg_from_kernel
242 call. This action finishes in the kernel by putting the message on the
243 queue of processing messages and setting flags to READ. Venus is
244 passed the contents of the data buffer. The getmsg_from_kernel call
245 now returns and Venus processes the request.
247 At some later point the FS driver receives a message from Venus,
248 namely when Venus calls sendmsg_to_kernel. At this moment the Coda FS
249 driver looks at the contents of the message and decides if:
252 * the message is a reply for a suspended thread P. If so it removes
253 the message from the processing queue and marks the message as
254 WRITTEN. Finally, the FS driver unblocks P (still in the kernel
255 mode context of Venus) and the sendmsg_to_kernel call returns to
256 Venus. The process P will be scheduled at some point and continues
257 processing its upcall with the data buffer replaced with the reply
260 * The message is a ``downcall``. A downcall is a request from Venus to
261 the FS Driver. The FS driver processes the request immediately
262 (usually a cache eviction or replacement) and when it finishes
263 sendmsg_to_kernel returns.
265 Now P awakes and continues processing upcall. There are some
266 subtleties to take account of. First P will determine if it was woken
267 up in upcall by a signal from some other source (for example an
268 attempt to terminate P) or as is normally the case by Venus in its
269 sendmsg_to_kernel call. In the normal case, the upcall routine will
270 deallocate the message structure and return. The FS routine can proceed
274 **Sleeping and IPC arrangements**
276 In case P is woken up by a signal and not by Venus, it will first look
277 at the flags field. If the message is not yet READ, the process P can
278 handle its signal without notifying Venus. If Venus has READ, and
279 the request should not be processed, P can send Venus a signal message
280 to indicate that it should disregard the previous message. Such
281 signals are put in the queue at the head, and read first by Venus. If
282 the message is already marked as WRITTEN it is too late to stop the
283 processing. The VFS routine will now continue. (-- If a VFS request
284 involves more than one upcall, this can lead to complicated state, an
285 extra field "handle_signals" could be added in the message structure
286 to indicate points of no return have been passed.--)
290 3.1. Implementation details
291 ----------------------------
293 The Unix implementation of this mechanism has been through the
294 implementation of a character device associated with Coda. Venus
295 retrieves messages by doing a read on the device, replies are sent
296 with a write and notification is through the select system call on the
297 file descriptor for the device. The process P is kept waiting on an
298 interruptible wait queue object.
300 In Windows NT and the DPMI Windows 95 implementation a DeviceIoControl
301 call is used. The DeviceIoControl call is designed to copy buffers
302 from user memory to kernel memory with OPCODES. The sendmsg_to_kernel
303 is issued as a synchronous call, while the getmsg_from_kernel call is
304 asynchronous. Windows EventObjects are used for notification of
305 message arrival. The process P is kept waiting on a KernelEvent
306 object in NT and a semaphore in Windows 95.
309 4. The interface at the call level
310 ===================================
313 This section describes the upcalls a Coda FS driver can make to Venus.
314 Each of these upcalls make use of two structures: inputArgs and
315 outputArgs. In pseudo BNF form the structures take the following
321 u_long unique; /* Keep multiple outstanding msgs distinct */
322 u_short pid; /* Common to all */
323 u_short pgid; /* Common to all */
324 struct CodaCred cred; /* Common to all */
326 <union "in" of call dependent parts of inputArgs>
331 u_long unique; /* Keep multiple outstanding msgs distinct */
334 <union "out" of call dependent parts of inputArgs>
339 Before going on let us elucidate the role of the various fields. The
340 inputArgs start with the opcode which defines the type of service
341 requested from Venus. There are approximately 30 upcalls at present
342 which we will discuss. The unique field labels the inputArg with a
343 unique number which will identify the message uniquely. A process and
344 process group id are passed. Finally the credentials of the caller
347 Before delving into the specific calls we need to discuss a variety of
348 data structures shared by the kernel and Venus.
353 4.1. Data structures shared by the kernel and Venus
354 ----------------------------------------------------
357 The CodaCred structure defines a variety of user and group ids as
358 they are set for the calling process. The vuid_t and vgid_t are 32 bit
359 unsigned integers. It also defines group membership in an array. On
360 Unix the CodaCred has proven sufficient to implement good security
361 semantics for Coda but the structure may have to undergo modification
362 for the Windows environment when these mature::
365 vuid_t cr_uid, cr_euid, cr_suid, cr_fsuid; /* Real, effective, set, fs uid */
366 vgid_t cr_gid, cr_egid, cr_sgid, cr_fsgid; /* same for groups */
367 vgid_t cr_groups[NGROUPS]; /* Group membership for caller */
373 It is questionable if we need CodaCreds in Venus. Finally Venus
374 doesn't know about groups, although it does create files with the
375 default uid/gid. Perhaps the list of group membership is superfluous.
378 The next item is the fundamental identifier used to identify Coda
379 files, the ViceFid. A fid of a file uniquely defines a file or
380 directory in the Coda filesystem within a cell [1]_::
382 typedef struct ViceFid {
388 .. [1] A cell is agroup of Coda servers acting under the aegis of a single
389 system control machine or SCM. See the Coda Administration manual
390 for a detailed description of the role of the SCM.
392 Each of the constituent fields: VolumeId, VnodeId and Unique_t are
393 unsigned 32 bit integers. We envisage that a further field will need
394 to be prefixed to identify the Coda cell; this will probably take the
395 form of a Ipv6 size IP address naming the Coda cell through DNS.
397 The next important structure shared between Venus and the kernel is
398 the attributes of the file. The following structure is used to
399 exchange information. It has room for future extensions such as
400 support for device files (currently not present in Coda)::
403 struct coda_timespec {
404 int64_t tv_sec; /* seconds */
405 long tv_nsec; /* nanoseconds */
409 enum coda_vtype va_type; /* vnode type (for create) */
410 u_short va_mode; /* files access mode and type */
411 short va_nlink; /* number of references to file */
412 vuid_t va_uid; /* owner user id */
413 vgid_t va_gid; /* owner group id */
414 long va_fsid; /* file system id (dev for now) */
415 long va_fileid; /* file id */
416 u_quad_t va_size; /* file size in bytes */
417 long va_blocksize; /* blocksize preferred for i/o */
418 struct coda_timespec va_atime; /* time of last access */
419 struct coda_timespec va_mtime; /* time of last modification */
420 struct coda_timespec va_ctime; /* time file changed */
421 u_long va_gen; /* generation number of file */
422 u_long va_flags; /* flags defined for file */
423 dev_t va_rdev; /* device special file represents */
424 u_quad_t va_bytes; /* bytes of disk space held by file */
425 u_quad_t va_filerev; /* file modification number */
426 u_int va_vaflags; /* operations flags, see below */
427 long va_spare; /* remain quad aligned */
431 4.2. The pioctl interface
432 --------------------------
435 Coda specific requests can be made by application through the pioctl
436 interface. The pioctl is implemented as an ordinary ioctl on a
437 fictitious file /coda/.CONTROL. The pioctl call opens this file, gets
438 a file handle and makes the ioctl call. Finally it closes the file.
440 The kernel involvement in this is limited to providing the facility to
441 open and close and pass the ioctl message and to verify that a path in
442 the pioctl data buffers is a file in a Coda filesystem.
444 The kernel is handed a data packet of the form::
448 struct ViceIoctl vidata;
458 caddr_t in, out; /* Data to be transferred in, or out */
459 short in_size; /* Size of input buffer <= 2K */
460 short out_size; /* Maximum size of output buffer, <= 2K */
465 The path must be a Coda file, otherwise the ioctl upcall will not be
468 .. Note:: The data structures and code are a mess. We need to clean this up.
471 **We now proceed to document the individual calls**:
485 struct cfs_root_out {
492 This call is made to Venus during the initialization of
493 the Coda filesystem. If the result is zero, the cfs_root structure
494 contains the ViceFid of the root of the Coda filesystem. If a non-zero
495 result is generated, its value is a platform dependent error code
496 indicating the difficulty Venus encountered in locating the root of
504 Find the ViceFid and type of an object in a directory if it exists.
509 struct cfs_lookup_in {
511 char *name; /* Place holder for data. */
518 struct cfs_lookup_out {
526 This call is made to determine the ViceFid and filetype of
527 a directory entry. The directory entry requested carries name 'name'
528 and Venus will search the directory identified by cfs_lookup_in.VFid.
529 The result may indicate that the name does not exist, or that
530 difficulty was encountered in finding it (e.g. due to disconnection).
531 If the result is zero, the field cfs_lookup_out.VFid contains the
532 targets ViceFid and cfs_lookup_out.vtype the coda_vtype giving the
533 type of object the name designates.
535 The name of the object is an 8 bit character string of maximum length
536 CFS_MAXNAMLEN, currently set to 256 (including a 0 terminator.)
538 It is extremely important to realize that Venus bitwise ors the field
539 cfs_lookup.vtype with CFS_NOCACHE to indicate that the object should
540 not be put in the kernel name cache.
544 The type of the vtype is currently wrong. It should be
545 coda_vtype. Linux does not take note of CFS_NOCACHE. It should.
552 Summary Get the attributes of a file.
557 struct cfs_getattr_in {
559 struct coda_vattr attr; /* XXXXX */
566 struct cfs_getattr_out {
567 struct coda_vattr attr;
573 This call returns the attributes of the file identified by fid.
576 Errors can occur if the object with fid does not exist, is
577 unaccessible or if the caller does not have permission to fetch
582 Many kernel FS drivers (Linux, NT and Windows 95) need to acquire
583 the attributes as well as the Fid for the instantiation of an internal
584 "inode" or "FileHandle". A significant improvement in performance on
585 such systems could be made by combining the lookup and getattr calls
586 both at the Venus/kernel interaction level and at the RPC level.
588 The vattr structure included in the input arguments is superfluous and
597 Set the attributes of a file.
602 struct cfs_setattr_in {
604 struct coda_vattr attr;
615 The structure attr is filled with attributes to be changed
616 in BSD style. Attributes not to be changed are set to -1, apart from
617 vtype which is set to VNON. Other are set to the value to be assigned.
618 The only attributes which the FS driver may request to change are the
619 mode, owner, groupid, atime, mtime and ctime. The return value
620 indicates success or failure.
623 A variety of errors can occur. The object may not exist, may
624 be inaccessible, or permission may not be granted by Venus.
634 struct cfs_access_in {
646 Verify if access to the object identified by VFid for
647 operations described by flags is permitted. The result indicates if
648 access will be granted. It is important to remember that Coda uses
649 ACLs to enforce protection and that ultimately the servers, not the
650 clients enforce the security of the system. The result of this call
651 will depend on whether a token is held by the user.
654 The object may not exist, or the ACL describing the protection
655 may not be accessible.
663 Invoked to create a file
668 struct cfs_create_in {
670 struct coda_vattr attr;
673 char *name; /* Place holder for data. */
681 struct cfs_create_out {
683 struct coda_vattr attr;
689 This upcall is invoked to request creation of a file.
690 The file will be created in the directory identified by VFid, its name
691 will be name, and the mode will be mode. If excl is set an error will
692 be returned if the file already exists. If the size field in attr is
693 set to zero the file will be truncated. The uid and gid of the file
694 are set by converting the CodaCred to a uid using a macro CRTOUID
695 (this macro is platform dependent). Upon success the VFid and
696 attributes of the file are returned. The Coda FS Driver will normally
697 instantiate a vnode, inode or file handle at kernel level for the new
702 A variety of errors can occur. Permissions may be insufficient.
703 If the object exists and is not a file the error EISDIR is returned
708 The packing of parameters is very inefficient and appears to
709 indicate confusion between the system call creat and the VFS operation
710 create. The VFS operation create is only called to create new objects.
711 This create call differs from the Unix one in that it is not invoked
712 to return a file descriptor. The truncate and exclusive options,
713 together with the mode, could simply be part of the mode as it is
714 under Unix. There should be no flags argument; this is used in open
715 (2) to return a file descriptor for READ or WRITE mode.
717 The attributes of the directory should be returned too, since the size
726 Create a new directory.
731 struct cfs_mkdir_in {
733 struct coda_vattr attr;
734 char *name; /* Place holder for data. */
741 struct cfs_mkdir_out {
743 struct coda_vattr attr;
750 This call is similar to create but creates a directory.
751 Only the mode field in the input parameters is used for creation.
752 Upon successful creation, the attr returned contains the attributes of
760 The input parameter should be changed to mode instead of
763 The attributes of the parent should be returned since the size and
772 Create a link to an existing file.
778 ViceFid sourceFid; /* cnode to link *to* */
779 ViceFid destFid; /* Directory in which to place link */
780 char *tname; /* Place holder for data. */
790 This call creates a link to the sourceFid in the directory
791 identified by destFid with name tname. The source must reside in the
792 target's parent, i.e. the source must be have parent destFid, i.e. Coda
793 does not support cross directory hard links. Only the return value is
794 relevant. It indicates success or the type of failure.
797 The usual errors can occur.
805 create a symbolic link
810 struct cfs_symlink_in {
811 ViceFid VFid; /* Directory to put symlink in */
813 struct coda_vattr attr;
824 Create a symbolic link. The link is to be placed in the
825 directory identified by VFid and named tname. It should point to the
826 pathname srcname. The attributes of the newly created object are to
831 The attributes of the target directory should be returned since
845 struct cfs_remove_in {
847 char *name; /* Place holder for data. */
857 Remove file named cfs_remove_in.name in directory
863 The attributes of the directory should be returned since its
864 mtime and size may change.
877 struct cfs_rmdir_in {
879 char *name; /* Place holder for data. */
889 Remove the directory with name 'name' from the directory
892 .. Note:: The attributes of the parent directory should be returned since
893 its mtime and size may change.
901 Read the value of a symbolic link.
906 struct cfs_readlink_in {
914 struct cfs_readlink_out {
916 caddr_t data; /* Place holder for data. */
922 This routine reads the contents of symbolic link
923 identified by VFid into the buffer data. The buffer data must be able
924 to hold any name up to CFS_MAXNAMLEN (PATH or NAM??).
949 struct cfs_open_out {
957 This request asks Venus to place the file identified by
958 VFid in its cache and to note that the calling process wishes to open
959 it with flags as in open(2). The return value to the kernel differs
960 for Unix and Windows systems. For Unix systems the Coda FS Driver is
961 informed of the device and inode number of the container file in the
962 fields dev and inode. For Windows the path of the container file is
963 returned to the kernel.
968 Currently the cfs_open_out structure is not properly adapted to
969 deal with the Windows case. It might be best to implement two
970 upcalls, one to open aiming at a container file name, the other at a
971 container file inode.
979 Close a file, update it on the servers.
984 struct cfs_close_in {
996 Close the file identified by VFid.
1000 The flags argument is bogus and not used. However, Venus' code
1001 has room to deal with an execp input field, probably this field should
1002 be used to inform Venus that the file was closed but is still memory
1003 mapped for execution. There are comments about fetching versus not
1004 fetching the data in Venus vproc_vfscalls. This seems silly. If a
1005 file is being closed, the data in the container file is to be the new
1006 data. Here again the execp flag might be in play to create confusion:
1007 currently Venus might think a file can be flushed from the cache when
1008 it is still memory mapped. This needs to be understood.
1016 Do an ioctl on a file. This includes the pioctl interface.
1021 struct cfs_ioctl_in {
1026 char *data; /* Place holder for data. */
1034 struct cfs_ioctl_out {
1036 caddr_t data; /* Place holder for data. */
1042 Do an ioctl operation on a file. The command, len and
1043 data arguments are filled as usual. flags is not used by Venus.
1047 Another bogus parameter. flags is not used. What is the
1048 business about PREFETCHING in the Venus code?
1062 struct cfs_rename_in {
1076 Rename the object with name srcname in directory
1077 sourceFid to destname in destFid. It is important that the names
1078 srcname and destname are 0 terminated strings. Strings in Unix
1079 kernels are not always null terminated.
1087 Read directory entries.
1092 struct cfs_readdir_in {
1103 struct cfs_readdir_out {
1105 caddr_t data; /* Place holder for data. */
1111 Read directory entries from VFid starting at offset and
1112 read at most count bytes. Returns the data in data and returns
1118 This call is not used. Readdir operations exploit container
1119 files. We will re-evaluate this during the directory revamp which is
1120 about to take place.
1128 instructs Venus to do an FSDB->Get.
1133 struct cfs_vget_in {
1141 struct cfs_vget_out {
1149 This upcall asks Venus to do a get operation on an fsobj
1154 This operation is not used. However, it is extremely useful
1155 since it can be used to deal with read/write memory mapped files.
1156 These can be "pinned" in the Venus cache using vget and released with
1165 Tell Venus to update the RVM attributes of a file.
1170 struct cfs_fsync_in {
1181 Ask Venus to update RVM attributes of object VFid. This
1182 should be called as part of kernel level fsync type calls. The
1183 result indicates if the syncing was successful.
1185 .. Note:: Linux does not implement this call. It should.
1193 Tell Venus a vnode is no longer in use.
1198 struct cfs_inactive_in {
1209 This operation returns EOPNOTSUPP.
1211 .. Note:: This should perhaps be removed.
1219 Read or write from a file
1224 struct cfs_rdwr_in {
1230 caddr_t data; /* Place holder for data. */
1238 struct cfs_rdwr_out {
1241 caddr_t data; /* Place holder for data. */
1247 This upcall asks Venus to read or write from a file.
1252 It should be removed since it is against the Coda philosophy that
1253 read/write operations never reach Venus. I have been told the
1254 operation does not work. It is not currently used.
1263 Allows mounting multiple Coda "filesystems" on one Unix mount point.
1268 struct ody_mount_in {
1269 char *name; /* Place holder for data. */
1276 struct ody_mount_out {
1283 Asks Venus to return the rootfid of a Coda system named
1284 name. The fid is returned in VFid.
1288 This call was used by David for dynamic sets. It should be
1289 removed since it causes a jungle of pointers in the VFS mounting area.
1290 It is not used by Coda proper. Call is not implemented by Venus.
1311 .. Note:: Gut it. Call is not implemented by Venus.
1319 expands something in a dynamic set.
1330 .. Note:: Gut it. Call is not implemented by Venus.
1338 Prefetch a dynamic set.
1351 Venus worker.cc has support for this call, although it is
1352 noted that it doesn't work. Not surprising, since the kernel does not
1353 have support for it. (ODY_PREFETCH is not a defined operation).
1356 .. Note:: Gut it. It isn't working and isn't used by Coda.
1365 Send Venus a signal about an upcall.
1377 This is an out-of-band upcall to Venus to inform Venus
1378 that the calling process received a signal after Venus read the
1379 message from the input queue. Venus is supposed to clean up the
1387 We need to better understand what Venus needs to clean up and if
1388 it is doing this correctly. Also we need to handle multiple upcall
1389 per system call situations correctly. It would be important to know
1390 what state changes in Venus take place after an upcall for which the
1391 kernel is responsible for notifying Venus to clean up (e.g. open
1392 definitely is such a state change, but many others are maybe not).
1395 5. The minicache and downcalls
1396 ===============================
1399 The Coda FS Driver can cache results of lookup and access upcalls, to
1400 limit the frequency of upcalls. Upcalls carry a price since a process
1401 context switch needs to take place. The counterpart of caching the
1402 information is that Venus will notify the FS Driver that cached
1403 entries must be flushed or renamed.
1405 The kernel code generally has to maintain a structure which links the
1406 internal file handles (called vnodes in BSD, inodes in Linux and
1407 FileHandles in Windows) with the ViceFid's which Venus maintains. The
1408 reason is that frequent translations back and forth are needed in
1409 order to make upcalls and use the results of upcalls. Such linking
1410 objects are called cnodes.
1412 The current minicache implementations have cache entries which record
1415 1. the name of the file
1417 2. the cnode of the directory containing the object
1419 3. a list of CodaCred's for which the lookup is permitted.
1421 4. the cnode of the object
1423 The lookup call in the Coda FS Driver may request the cnode of the
1424 desired object from the cache, by passing its name, directory and the
1425 CodaCred's of the caller. The cache will return the cnode or indicate
1426 that it cannot be found. The Coda FS Driver must be careful to
1427 invalidate cache entries when it modifies or removes objects.
1429 When Venus obtains information that indicates that cache entries are
1430 no longer valid, it will make a downcall to the kernel. Downcalls are
1431 intercepted by the Coda FS Driver and lead to cache invalidations of
1432 the kind described below. The Coda FS Driver does not return an error
1433 unless the downcall data could not be read into kernel memory.
1440 No information is available on this call.
1452 Flush the name cache entirely.
1455 Venus issues this call upon startup and when it dies. This
1456 is to prevent stale cache information being held. Some operating
1457 systems allow the kernel name cache to be switched off dynamically.
1458 When this is done, this downcall is made.
1468 struct cfs_purgeuser_out {/* CFS_PURGEUSER is a venus->kernel call */
1469 struct CodaCred cred;
1475 Remove all entries in the cache carrying the Cred. This
1476 call is issued when tokens for a user expire or are flushed.
1486 struct cfs_zapfile_out { /* CFS_ZAPFILE is a venus->kernel call */
1493 Remove all entries which have the (dir vnode, name) pair.
1494 This is issued as a result of an invalidation of cached attributes of
1499 Call is not named correctly in NetBSD and Mach. The minicache
1500 zapfile routine takes different arguments. Linux does not implement
1501 the invalidation of attributes correctly.
1512 struct cfs_zapdir_out { /* CFS_ZAPDIR is a venus->kernel call */
1519 Remove all entries in the cache lying in a directory
1520 CodaFid, and all children of this directory. This call is issued when
1521 Venus receives a callback on the directory.
1532 struct cfs_zapvnode_out { /* CFS_ZAPVNODE is a venus->kernel call */
1533 struct CodaCred cred;
1540 Remove all entries in the cache carrying the cred and VFid
1541 as in the arguments. This downcall is probably never issued.
1551 struct cfs_purgefid_out { /* CFS_PURGEFID is a venus->kernel call */
1558 Flush the attribute for the file. If it is a dir (odd
1559 vnode), purge its children from the namecache and remove the file from the
1569 Replace the Fid's for a collection of names.
1574 struct cfs_replace_out { /* cfs_replace is a venus->kernel call */
1582 This routine replaces a ViceFid in the name cache with
1583 another. It is added to allow Venus during reintegration to replace
1584 locally allocated temp fids while disconnected with global fids even
1585 when the reference counts on those fids are not zero.
1588 6. Initialization and cleanup
1589 ==============================
1592 This section gives brief hints as to desirable features for the Coda
1593 FS Driver at startup and upon shutdown or Venus failures. Before
1594 entering the discussion it is useful to repeat that the Coda FS Driver
1595 maintains the following data:
1602 3. name cache entries
1604 The name cache entries are entirely private to the driver, so they
1605 can easily be manipulated. The message queues will generally have
1606 clear points of initialization and destruction. The cnodes are
1607 much more delicate. User processes hold reference counts in Coda
1608 filesystems and it can be difficult to clean up the cnodes.
1610 It can expect requests through:
1612 1. the message subsystem
1618 Currently the pioctl passes through the VFS for Coda so we can
1619 treat these similarly.
1626 The following requirements should be accommodated:
1628 1. The message queues should have open and close routines. On Unix
1629 the opening of the character devices are such routines.
1631 - Before opening, no messages can be placed.
1633 - Opening will remove any old messages still pending.
1635 - Close will notify any sleeping processes that their upcall cannot
1638 - Close will free all memory allocated by the message queues.
1641 2. At open the namecache shall be initialized to empty state.
1643 3. Before the message queues are open, all VFS operations will fail.
1644 Fortunately this can be achieved by making sure than mounting the
1645 Coda filesystem cannot succeed before opening.
1647 4. After closing of the queues, no VFS operations can succeed. Here
1648 one needs to be careful, since a few operations (lookup,
1649 read/write, readdir) can proceed without upcalls. These must be
1652 5. Upon closing the namecache shall be flushed and disabled.
1654 6. All memory held by cnodes can be freed without relying on upcalls.
1656 7. Unmounting the file system can be done without relying on upcalls.
1658 8. Mounting the Coda filesystem should fail gracefully if Venus cannot
1659 get the rootfid or the attributes of the rootfid. The latter is
1660 best implemented by Venus fetching these objects before attempting
1665 NetBSD in particular but also Linux have not implemented the
1666 above requirements fully. For smooth operation this needs to be
projects / linux-2.6-microblaze.git / blob