coda.txt

ARM 嵌入式 系统 设计与实例开发 实验教材 二源码

  44..11..  DDaattaa ssttrruuccttuurreess sshhaarreedd bbyy tthhee kkeerrnneell aanndd VVeennuuss


  The CodaCred structure defines a variety of user and group ids as
  they are set for the calling process. The vuid_t and guid_t are 32 bit
  unsigned integers.  It also defines group membership in an array.  On
  Unix the CodaCred has proven sufficient to implement good security
  semantics for Coda but the structure may have to undergo modification
  for the Windows environment when these mature.

  struct CodaCred {
      vuid_t cr_uid, cr_euid, cr_suid, cr_fsuid; /* Real, effective, set, fs uid*/
      vgid_t cr_gid, cr_egid, cr_sgid, cr_fsgid; /* same for groups */
      vgid_t cr_groups[NGROUPS];        /* Group membership for caller */
  };



  NNOOTTEE It is questionable if we need CodaCreds in Venus. Finally Venus
  doesn't know about groups, although it does create files with the
  default uid/gid.  Perhaps the list of group membership is superfluous.


  The next item is the fundamental identifier used to identify Coda
  files, the ViceFid.  A fid of a file uniquely defines a file or
  directory in the Coda filesystem within a _c_e_l_l.   (-- A _c_e_l_l is a
  group of Coda servers acting under the aegis of a single system
  control machine or SCM. See the Coda Administration manual for a
  detailed description of the role of the SCM.--)


  typedef struct ViceFid {
      VolumeId Volume;
      VnodeId Vnode;
      Unique_t Unique;
  } ViceFid;



  Each of the constituent fields: VolumeId, VnodeId and Unique_t are
  unsigned 32 bit integers.  We envisage that a further field will need
  to be prefixed to identify the Coda cell; this will probably take the
  form of a Ipv6 size IP address naming the Coda cell through DNS.

  The next important structure shared between Venus and the kernel is
  the attributes of the file.  The following structure is used to
  exchange information.  It has room for future extensions such as
  support for device files (currently not present in Coda).


















  struct coda_vattr {
          enum coda_vtype va_type;        /* vnode type (for create) */
          u_short         va_mode;        /* files access mode and type */
          short           va_nlink;       /* number of references to file */
          vuid_t          va_uid;         /* owner user id */
          vgid_t          va_gid;         /* owner group id */
          long            va_fsid;        /* file system id (dev for now) */
          long            va_fileid;      /* file id */
          u_quad_t        va_size;        /* file size in bytes */
          long            va_blocksize;   /* blocksize preferred for i/o */
          struct timespec va_atime;       /* time of last access */
          struct timespec va_mtime;       /* time of last modification */
          struct timespec va_ctime;       /* time file changed */
          u_long          va_gen;         /* generation number of file */
          u_long          va_flags;       /* flags defined for file */
          dev_t           va_rdev;        /* device special file represents */
          u_quad_t        va_bytes;       /* bytes of disk space held by file */
          u_quad_t        va_filerev;     /* file modification number */
          u_int           va_vaflags;     /* operations flags, see below */
          long            va_spare;       /* remain quad aligned */
  };




  44..22..  TThhee ppiiooccttll iinntteerrffaaccee


  Coda specific requests can be made by application through the pioctl
  interface. The pioctl is implemented as an ordinary ioctl on a
  fictitious file /coda/.CONTROL.  The pioctl call opens this file, gets
  a file handle and makes the ioctl call. Finally it closes the file.

  The kernel involvement in this is limited to providing the facility to
  open and close and pass the ioctl message _a_n_d to verify that a path in
  the pioctl data buffers is a file in a Coda filesystem.

  The kernel is handed a data packet of the form:

      struct {
          const char *path;
          struct ViceIoctl vidata;
          int follow;
      } data;



  where


  struct ViceIoctl {
          caddr_t in, out;        /* Data to be transferred in, or out */
          short in_size;          /* Size of input buffer <= 2K */
          short out_size;         /* Maximum size of output buffer, <= 2K */
  };



  The path must be a Coda file, otherwise the ioctl upcall will not be
  made.

  NNOOTTEE  The data structures and code are a mess.  We need to clean this
  up.

  We now proceed to document the individual calls:

  0wpage

  44..33..  rroooott


  AArrgguummeennttss

     iinn empty

     oouutt

                struct cfs_root_out {
                    ViceFid VFid;
                } cfs_root;



  DDeessccrriippttiioonn This call is made to Venus during the initialization of
  the Coda filesystem. If the result is zero, the cfs_root structure
  contains the ViceFid of the root of the Coda filesystem. If a non-zero
  result is generated, its value is a platform dependent error code
  indicating the difficulty Venus encountered in locating the root of
  the Coda filesystem.

  0wpage

  44..44..  llooookkuupp


  SSuummmmaarryy Find the ViceFid and type of an object in a directory if it
  exists.

  AArrgguummeennttss

     iinn

                struct  cfs_lookup_in {
                    ViceFid     VFid;
                    char        *name;          /* Place holder for data. */
                } cfs_lookup;



     oouutt

                struct cfs_lookup_out {
                    ViceFid VFid;
                    int vtype;
                } cfs_lookup;



  DDeessccrriippttiioonn This call is made to determine the ViceFid and filetype of
  a directory entry.  The directory entry requested carries name name
  and Venus will search the directory identified by cfs_lookup_in.VFid.
  The result may indicate that the name does not exist, or that
  difficulty was encountered in finding it (e.g. due to disconnection).
  If the result is zero, the field cfs_lookup_out.VFid contains the
  targets ViceFid and cfs_lookup_out.vtype the coda_vtype giving the
  type of object the name designates.

  The name of the object is an 8 bit character string of maximum length
  CFS_MAXNAMLEN, currently set to 256 (including a 0 terminator.)

  It is extremely important to realize that Venus bitwise ors the field
  cfs_lookup.vtype with CFS_NOCACHE to indicate that the object should
  not be put in the kernel name cache.

  NNOOTTEE The type of the vtype is currently wrong.  It should be
  coda_vtype. Linux does not take note of CFS_NOCACHE.  It should.

  0wpage

  44..55..  ggeettaattttrr


  SSuummmmaarryy Get the attributes of a file.

  AArrgguummeennttss

     iinn

                struct cfs_getattr_in {
                    ViceFid VFid;
                    struct coda_vattr attr; /* XXXXX */
                } cfs_getattr;



     oouutt

                struct cfs_getattr_out {
                    struct coda_vattr attr;
                } cfs_getattr;



  DDeessccrriippttiioonn This call returns the attributes of the file identified by
  fid.

  EErrrroorrss Errors can occur if the object with fid does not exist, is
  unaccessible or if the caller does not have permission to fetch
  attributes.

  NNoottee Many kernel FS drivers (Linux, NT and Windows 95) need to acquire
  the attributes as well as the Fid for the instantiation of an internal
  "inode" or "FileHandle".  A significant improvement in performance on
  such systems could be made by combining the _l_o_o_k_u_p and _g_e_t_a_t_t_r calls
  both at the Venus/kernel interaction level and at the RPC level.

  The vattr structure included in the input arguments is superfluous and
  should be removed.

  0wpage

  44..66..  sseettaattttrr


  SSuummmmaarryy Set the attributes of a file.

  AArrgguummeennttss

     iinn

                struct cfs_setattr_in {
                    ViceFid VFid;
                    struct coda_vattr attr;
                } cfs_setattr;




     oouutt
        empty

  DDeessccrriippttiioonn The structure attr is filled with attributes to be changed
  in BSD style.  Attributes not to be changed are set to -1, apart from
  vtype which is set to VNON. Other are set to the value to be assigned.
  The only attributes which the FS driver may request to change are the
  mode, owner, groupid, atime, mtime and ctime.  The return value
  indicates success or failure.

  EErrrroorrss A variety of errors can occur.  The object may not exist, may
  be inaccessible, or permission may not be granted by Venus.

  0wpage

  44..77..  aacccceessss


  SSuummmmaarryy

  AArrgguummeennttss

     iinn

                struct cfs_access_in {
                    ViceFid     VFid;
                    int flags;
                } cfs_access;



     oouutt
        empty

  DDeessccrriippttiioonn Verify if access to the object identified by VFid for
  operations described by flags is permitted.  The result indicates if
  access will be granted.  It is important to remember that Coda uses
  ACLs to enforce protection and that ultimately the servers, not the
  clients enforce the security of the system.  The result of this call
  will depend on whether a _t_o_k_e_n is held by the user.

  EErrrroorrss The object may not exist, or the ACL describing the protection
  may not be accessible.

  0wpage

  44..88..  ccrreeaattee


  SSuummmmaarryy Invoked to create a file

  AArrgguummeennttss

     iinn

                struct cfs_create_in {
                    ViceFid VFid;
                    struct coda_vattr attr;
                    int excl;
                    int mode;
                    char        *name;          /* Place holder for data. */
                } cfs_create;




     oouutt

                struct cfs_create_out {
                    ViceFid VFid;
                    struct coda_vattr attr;
                } cfs_create;



  DDeessccrriippttiioonn  This upcall is invoked to request creation of a file.
  The file will be created in the directory identified by VFid, its name
  will be name, and the mode will be mode.  If excl is set an error will
  be returned if the file already exists.  If the size field in attr is
  set to zero the file will be truncated.  The uid and gid of the file
  are set by converting the CodaCred to a uid using a macro CRTOUID
  (this macro is platform dependent).  Upon success the VFid and
  attributes of the file are returned.  The Coda FS Driver will normally
  instantiate a vnode, inode or file handle at kernel level for the new
  object.


  EErrrroorrss A variety of errors can occur. Permissions may be insufficient.
  If the object exists and is not a file the error EISDIR is returned
  under Unix.

  NNOOTTEE The packing of parameters is very inefficient and appears to
  indicate confusion between the system call creat and the VFS operation
  create. The VFS operation create is only called to create new objects.
  This create call differs from the Unix one in that it is not invoked
  to return a file descriptor. The truncate and exclusive options,
  together with the mode, could simply be part of the mode as it is
  under Unix.  There should be no flags argument; this is used in open
  (2) to return a file descriptor for READ or WRITE mode.

  The attributes of the directory should be returned too, since the size
  and mtime changed.

  0wpage

  44..99..  mmkkddiirr


  SSuummmmaarryy Create a new directory.

  AArrgguummeennttss

     iinn

                struct cfs_mkdir_in {
                    ViceFid     VFid;
                    struct coda_vattr attr;
                    char        *name;          /* Place holder for data. */
                } cfs_mkdir;



     oouutt

                struct cfs_mkdir_out {
                    ViceFid VFid;
                    struct coda_vattr attr;
                } cfs_mkdir;




  DDeessccrriippttiioonn This call is similar to create but creates a directory.
  Only the mode field in the input parameters is used for creation.
  Upon successful creation, the attr returned contains the attributes of
  the new directory.

  EErrrroorrss As for create.

  NNOOTTEE The input parameter should be changed to mode instead of
  attributes.

  The attributes of the parent should be returned since the size and
  mtime changes.

  0wpage

  44..1100..  lliinnkk


  SSuummmmaarryy Create a link to an existing file.

  AArrgguummeennttss

     iinn