Virtualization of File System

EXECUTIVE SUMMARY

This enhancement was developed by Benison for a multicontext device running on a Nix system. A multicontext device is a device that can be partitioned into multiple virtual devices, known as contexts. Each context acts as an independent device. Multiple contexts are similar to having multiple standalone devices. These individual contexts did not have access to flash file system. Flash was accessible only through system context. To enable flash access for each context, file system of Nix system had to be virtualized to maintain abstraction between individual contexts. The virtualization was done at application layer.

SOLUTION

Before the enhancement, the multi-context device’s implementation allowed only the system context to access the internal compact flash for security and management reasons. As part of this enhancement, the flash file system was virtualized in a way to allow the system context full access to flash and user contexts to access only their respective private and shared storage, and continue to avoid security and management implications.

This was achieved by maintaining an abstraction layer over nix system’s FS. This abstraction layer maintains a FS_TABLE to maintain all the File System IDs and data associated to it. It also maintains FD_TABLE to maintain all the File Descriptors and data associated to it for an opened file. This abstraction layer was accessible only to the system context. Individual contexts had no access to this layer. To allow access for these contexts to the abstraction layer and in turn access to flash, a new layer was added above the abstraction layer for each context. This was achieved by associating a directory on the existing flash for the contexts, and limiting its view only to that directory. All file operations were defined for the new layer. Adding this new layer provided abstraction across contexts.

Following two storage’s were provided as part of this enhancement, by associating a directory for each storage for a context.

PRIVATE READ-WRITE STORAGE

A context is given access to the compact flash via configuration by the system context. The system context will be able to assign a folder or disk to be used by the context for read/write storage. This is accomplished by providing storage configuration CLIs associated to a context. The current multi-context implementation prevents non-system context access to the flash by not supporting file system commands (e.g. copy, dir, delete, etc) in user contexts. These commands are now supported in user contexts and can be executed if storage space has been configured for the context. In addition to this, the internal global prefix table in FS_TABLEis virtualized to allow FS prefix names to be defined per context. This will allow flash under the system context to reference the entire compact flash and flash under non-system contexts to point to the private storage only.

SHARED READ-ONLY STORAGE

To reduce duplication of common large files that can be shared among all contexts, the system context will be able to define a shared area on the flash. This shared area will be read-only access to all non-system contexts and will be mounted with the IFS prefix name of shared: or an optionally configured volume name. The system context will configure this option under the context configuration, similar to how the private storage is configured.

CHALLENGES
  • Understanding the existing implementation of flash filesystem.
  • Implementing/modifying new/existing CLIs as required for the enhancement.
  • The above changes being platform specific, the risk of introducing regressions were very high. Careful examination of all modules using flash access were done and required changes to support the enhancement in each module was also done.
  • Regression tests for all modules using flash access was done to ensure nothing was broken.