File system layers (cont.)

• layering: useful for reducing complexity & redundancy
  • yet: adding overhead & decreasing performance
• many file systems in use: most OSs support multiple file systems

File system implementation

• several on-disk / in-memory structures are used to implemented a file system
• on-disk structure: "may" contain
• in-memory structure

On-disk file-system structure

• boot control block (per volume): contains info needed by system
  • to boot OS from that volume
  • if: disk not containing an OS: this block can be empty
  • typically: first block of a volume
    • UFS: calls is boot block
    • NTFS: calls is partition block

• typical file control block

  FCB
  file permissions
  file dates (create, access, write)
  file owner, group, ACL
  file size
  file data blocks / pointers to data blocks

• s

In-memory file-system structure

• information: used for both file-system management & performance improvement
  • by: caching
• data: loaded at mount time
  • updated during file-system operations
  • discarded at dismount
• system-wide open-file table
• per-process open-file table
• buffers: hold file-system blocks
  • when being read from disk / written to disk
• opening file: works as follows
  • open() operation: passes a file name to logical file system
  • if: file already in use by another process
    • per-process open-file table entry created
      • points to: corresponding entry of the file
        • in system-wide open-file table
    • else: searches directory structure (might be cached)
      • once file found:
        • create entry in system-wide & per-process open-file table
        • FCB; copy to the system-wide open0file table in memory
          • for subsequent access
      • system-wide open -ile table: not only stores the FCB
        • yet, also tracking no. of processes that opened = using the file
        • aka file count
    • other field in per-process open-file table: may include a pointer to current location
  • 👨‍🏫 reason for having per-user table: as
    1. allow multiple users sharing a file
    2. per-user access right control
  • open() returns pointer to appropriate entry in the per-process open-file table.
• 
• 

Directory implementation

• selection of directory allocation & management: significantly affecting efficiency
  • as well as efficiency, performance,and reliability of the system
• linear list
• hash table
• 

Allocation implementation - contiguous

• disadvantage: memory cannot continue to grow
  • like dynamic allocation
  • fragmentation, or something, might happen

Allocation implementation - linked

• each file : consists of linked-lists of blocks
  • benefit: file: can arbitrarily grow
• disadvantage:
  • only sequential access is reasonable
    • inefficient for direct access of the file
  • extra disk space: required for pointers
    • let pointer: 4 bytes, out of 512-byte block
    • then: 0.78% is use for pointers!
  • reliability: another problem
    • upon the pointer damage, etc.
• 

Allocation methods: FAT

• File Allocation Table (FAT): important variation on linked allocation
• simple & efficient
• idea: create a separate table for indicating "next" block to fetch
• 👨‍🏫: earlier, yet interesting technology
  • small table can be brought to memory / cache, and improving performance
• 

Allocation methods: indexed

• indexed allocation: brings all pointers together into one location
  • aka index blocks
• obviously, overhead exists
• supports: both random & sequential access
• disadvantage: like page table, hierarchical might be needed
  • w/ block size 512 bytes, and pointer of 4 bytes,
    • single index block can only contain 128 pointers
    • = 64 KiB
  • w/ 2 level: $(128{)}^2=2^{14}=16K$ blocks
    • = 8 GiB
• furthermore: as data blocks may be spread oal over a volume
  • physical overhead
• 
• 

Combined scheme: UNIX UFS

• 4K bytes / block
• 32-bit addresses
• 4KB / 4 = 1024 blocks
  • => 4 MB w/ single index
• two-level: $2^{20}$ blocks
  • => 4 GiB w/ single index
• triple level: 4 TiB
• 

Free-space management

• file system: maintains free-space list to track free disk space
  • used: term "block" for simplicity
• bit vector / map: $n$ blocks
  • 
• main advantage: simplicity & efficiency
  • in finding first free blocks / $n$ consecutive free blocks
• bit vector: inefficient unless entire vector can be kept in memory
  • yet: it requires extra space
  • block size: 4 KB
  • disk size: $2^{40}$ bytes
  • $n=2^{40}/2^{12}=2^{28}$ bits = 32 MB

Linked Free-space list on disk

Free-space management: extra techniques

• grouping: modify linked-list
  • to store addresses of: $n$ free blocks in first free block
  • first $n-1$
• counting: several contig. blocks: may be allocated & freed simultaneously
  • particularly: when contig-allocation algorithm / extents is used

Goals of protection

• in protection model: computer system: made of a collection of objects (HW / SW)
  • examples
• each object: w/ unique name & can be accessed w/ well-defined set of operations
• protection problem: ensure each object: accessed correctly & only by those processes allowed to do so
• mechanism: shall be distinct from policies
  • mechanism: how it will be dome
  • policies: what will be done
  • separation: important for flexibility
  • separation: ensures not every change in poly would require a change in mechanism

Principles of protection

• guiding principle: principle of least privilege
  • programs / users / systems: shall be given "just enough" privileges
  • to perform their task
  • mitigating the attack
• file permissions: principle dictates that:
  • user: have read access but not write / execute access to a file
  • the principle: require the OS to provide mechanism to only allow read access, but not write / execute access
• properly setting permissions (i.e. access rights to an object)
  • can limit damage if entity: has a bug / gets abused