Fine grained sync policy control (was: What I want in GNU OS)
Marshall Cline
cline at suntan.ece.clarkson.edu
Sat Jul 1 07:03:06 AEST 1989
Craig Jackson (drilex!dricej at bbn.com, drilex!dricejb at bbn.com) and
I (Marshall Cline, cline at sun.soe.clarkson.edu) have been having an
email discussion, some of the results of which I'd like to post.
The gist is a set of new system calls which allow "sync()" to occur on a
file-by-file basis. Right now "update()" sync's the entire filesystem
occasionally. But _some_ file (and only the user knows which) might need
to be kept up-to-date more often to avoid disaster in the event of a system
crash....
In article <CLINE.89Jun22135208 at suntan.ece.clarkson.edu> M.Cline writes:
> ...One of the philosophical issues upon which Un*x
>is built is the separation of policy and mechanism. The kernel takes
>care of mechanism, with as little policy as possible. (No one would
>claim Un*x does a perfect at this separation, but it tries)....
> Avoiding delayed-write would, in general, bring performance down
>pretty badly. Given an OS that _does_ have delayed-write, the only
>question is: how often should we "sync" the system? Personally, I
>think this _policy_ decision should be left _OUT_ of the kernel.
dricejb at drilex.UUCP (Craig Jackson) replies:
>Many Unixes do not offer me my policy preferences: force all directory writes,
>and *certain* file writes, directly to the disk. When forcing a file write,
>tell me when all previously-written data has actually reached the disk,
>so I can proceed with other writes.
I thought that sounded like a "neat enough" idea to post it and get other
ideas (and undoubtedly a few flames :-). I propose the following _mechanism_
(system calls) could be added to facilitate the _policy_. The default
situation (on file descriptors which haven't been changed via one of these
system calls) could be equivalent to the current delayed-write-and-
update-occasionally method.
__________________________ NEW SYSTEM CALLS ___________________________
int num_dirty_blocks(int fd);
/* "fd" is the file descriptor of an open file.
* Returns the number of dirty blocks associated with the file descriptor.
* If "update_policy()" has been set to IMMEDIATE_WRITE, always returns 0.
* Returns -1 on error (and sets errno, blah, blah, blah).
*/
int sync_fd(int fd, int wait_until_done);
/* Causes precisely one file to be "sync()"ed (see sync(3)).
* This gives users the fine-grained control over which files they
* consider critical in the event of a system crash.
* Thus the policy is in the hands of the users, not the kernel.
* If "wait_until_done" is non-zero, and if the "fd" has any dirty
* blocks (see "num_dirty_blocks()"), the calling process is blocked
* until all dirty blocks of the "fd" are successfully written to disk.
* Returns 0 on success, -1 on error (and sets errno, blah, blah, blah).
*/
typedef enum {DELAYED_WRITE, IMMEDIATE_WRITE, BAD_POLICY} sync_t;
sync_t update_policy(int fd, sync_t mechanism);
/* "fd" is the file descriptor of an open file.
* This directs the kernel regarding the desired update policy for "fd".
* If "mechanism" is DELAYED_WRITE, doesn't write dirty data blocks until
* a "sync()" or a "sync_fd()" call (which might happen due to "update(8)").
* If "mechanism" is IMMEDIATE_WRITE, any changed blocks are immediately
* written to disk. This option should be used only on files where the
* file's data is critical with respect to a system crash.
* Returns the update_policy that formerly was associated with the file.
* If "fd" is not an open file descriptor, or if "mechanism" isn't one of
* the above values, no action is performed, and BAD_POLICY is returned.
*/
The end result would of course be that you could, on a file-by-file basis,
specify what needs to be kept consistent. Those files which ABSOLUTELY
MUST be CONTINUALLY preserved intact could have their update policy set to
IMMEDIATE_WRITE. Those files which OCCASIONALLY need to have their contents
"flushed" to disk could use "sync_fd()", similarly to the way one fflushes
stdout so incomplete lines appear on the screen.
Anyway, the point is this: Keep the policy out of the kernel.
Any thoughts?
Marshall
--
________________________________________________________________
Marshall P. Cline ARPA: cline at sun.soe.clarkson.edu
ECE Department UseNet: uunet!sun.soe.clarkson.edu!cline
Clarkson University BitNet: BH0W at CLUTX
Potsdam, NY 13676 AT&T: 315-268-6591
More information about the Comp.unix.wizards
mailing list