summaryrefslogtreecommitdiff
path: root/Documentation/filesystems/nfs/Exporting
blob: c8f036a9b13fcf5d1c87761de5a97ba1248d2fee (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

Making Filesystems Exportable
=============================

Overview
--------

All filesystem operations require a dentry (or two) as a starting
point.  Local applications have a reference-counted hold on suitable
dentries via open file descriptors or cwd/root.  However remote
applications that access a filesystem via a remote filesystem protocol
such as NFS may not be able to hold such a reference, and so need a
different way to refer to a particular dentry.  As the alternative
form of reference needs to be stable across renames, truncates, and
server-reboot (among other things, though these tend to be the most
problematic), there is no simple answer like 'filename'.

The mechanism discussed here allows each filesystem implementation to
specify how to generate an opaque (outside of the filesystem) byte
string for any dentry, and how to find an appropriate dentry for any
given opaque byte string.
This byte string will be called a "filehandle fragment" as it
corresponds to part of an NFS filehandle.

A filesystem which supports the mapping between filehandle fragments
and dentries will be termed "exportable".



Dcache Issues
-------------

The dcache normally contains a proper prefix of any given filesystem
tree.  This means that if any filesystem object is in the dcache, then
all of the ancestors of that filesystem object are also in the dcache.
As normal access is by filename this prefix is created naturally and
maintained easily (by each object maintaining a reference count on
its parent).

However when objects are included into the dcache by interpreting a
filehandle fragment, there is no automatic creation of a path prefix
for the object.  This leads to two related but distinct features of
the dcache that are not needed for normal filesystem access.

1/ The dcache must sometimes contain objects that are not part of the
   proper prefix. i.e that are not connected to the root.
2/ The dcache must be prepared for a newly found (via ->lookup) directory
   to already have a (non-connected) dentry, and must be able to move
   that dentry into place (based on the parent and name in the
   ->lookup).   This is particularly needed for directories as
   it is a dcache invariant that directories only have one dentry.

To implement these features, the dcache has:

a/ A dentry flag DCACHE_DISCONNECTED which is set on
   any dentry that might not be part of the proper prefix.
   This is set when anonymous dentries are created, and cleared when a
   dentry is noticed to be a child of a dentry which is in the proper
   prefix. 

b/ A per-superblock list "s_anon" of dentries which are the roots of
   subtrees that are not in the proper prefix.  These dentries, as
   well as the proper prefix, need to be released at unmount time.  As
   these dentries will not be hashed, they are linked together on the
   d_hash list_head.

c/ Helper routines to allocate anonymous dentries, and to help attach
   loose directory dentries at lookup time. They are:
    d_obtain_alias(inode) will return a dentry for the given inode.
      If the inode already has a dentry, one of those is returned.
      If it doesn't, a new anonymous (IS_ROOT and
        DCACHE_DISCONNECTED) dentry is allocated and attached.
      In the case of a directory, care is taken that only one dentry
      can ever be attached.
    d_splice_alias(inode, dentry) or d_materialise_unique(dentry, inode)
      will introduce a new dentry into the tree; either the passed-in
      dentry or a preexisting alias for the given inode (such as an
      anonymous one created by d_obtain_alias), if appropriate.  The two
      functions differ in their handling of directories with preexisting
      aliases:
        d_splice_alias will use any existing IS_ROOT dentry, but it will
	  return -EIO rather than try to move a dentry with a different
	  parent.  This is appropriate for local filesystems, which
	  should never see such an alias unless the filesystem is
	  corrupted somehow (for example, if two on-disk directory
	  entries refer to the same directory.)
	d_materialise_unique will attempt to move any dentry.  This is
	  appropriate for distributed filesystems, where finding a
	  directory other than where we last cached it may be a normal
	  consequence of concurrent operations on other hosts.
      Both functions return NULL when the passed-in dentry is used,
      following the calling convention of ->lookup.

 
Filesystem Issues
-----------------

For a filesystem to be exportable it must:
 
   1/ provide the filehandle fragment routines described below.
   2/ make sure that d_splice_alias is used rather than d_add
      when ->lookup finds an inode for a given parent and name.

      If inode is NULL, d_splice_alias(inode, dentry) is equivalent to

		d_add(dentry, inode), NULL

      Similarly, d_splice_alias(ERR_PTR(err), dentry) = ERR_PTR(err)

      Typically the ->lookup routine will simply end with a:

		return d_splice_alias(inode, dentry);
	}



  A file system implementation declares that instances of the filesystem
are exportable by setting the s_export_op field in the struct
super_block.  This field must point to a "struct export_operations"
struct which has the following members:

 encode_fh  (optional)
    Takes a dentry and creates a filehandle fragment which can later be used
    to find or create a dentry for the same object.  The default
    implementation creates a filehandle fragment that encodes a 32bit inode
    and generation number for the inode encoded, and if necessary the
    same information for the parent.

  fh_to_dentry (mandatory)
    Given a filehandle fragment, this should find the implied object and
    create a dentry for it (possibly with d_obtain_alias).

  fh_to_parent (optional but strongly recommended)
    Given a filehandle fragment, this should find the parent of the
    implied object and create a dentry for it (possibly with
    d_obtain_alias).  May fail if the filehandle fragment is too small.

  get_parent (optional but strongly recommended)
    When given a dentry for a directory, this should return  a dentry for
    the parent.  Quite possibly the parent dentry will have been allocated
    by d_alloc_anon.  The default get_parent function just returns an error
    so any filehandle lookup that requires finding a parent will fail.
    ->lookup("..") is *not* used as a default as it can leave ".." entries
    in the dcache which are too messy to work with.

  get_name (optional)
    When given a parent dentry and a child dentry, this should find a name
    in the directory identified by the parent dentry, which leads to the
    object identified by the child dentry.  If no get_name function is
    supplied, a default implementation is provided which uses vfs_readdir
    to find potential names, and matches inode numbers to find the correct
    match.


A filehandle fragment consists of an array of 1 or more 4byte words,
together with a one byte "type".
The decode_fh routine should not depend on the stated size that is
passed to it.  This size may be larger than the original filehandle
generated by encode_fh, in which case it will have been padded with
nuls.  Rather, the encode_fh routine should choose a "type" which
indicates the decode_fh how much of the filehandle is valid, and how
it should be interpreted.