"These patches add local caching for network filesystems such as NFS," began David Howells describing an updated set of thirty-seven patches to introduce FS-Cache. When asked how the patches affect performance, he noted that this was dependent on the use case, highlighting issues when dealing with lots of metadata, "getting metadata from the local disk fs is slower than pulling it across an unshared gigabit ethernet from a server that already has it in memory."
David continued "these points don't mean that fscache is no use, just that you have to consider carefully whether it's of use to *you* given your particular situation, and that depends on various factors," adding, "note that currently FS-Caching is disabled for individual NFS files opened for writing as there's no way to handle the coherency problems thereby introduced." He concluded with a number of simple performance benchmarks.
"Here's a set of patches that remove all calls to iget() and all read_inode() functions," began David Howells describing a collection of 32 patches posted to the lkml. He went on to explain the reason for removing these functions, "they should be removed for two reasons: firstly they don't lend themselves to good error handling, and secondly their presence is a temptation for code outside a filesystem to call iget() to access inodes within that filesystem." He then suggested three benefits:
"(1) Error handling gets simpler as you can return an error code rather than having to call is_bad_inode(). (2) You can now tell the difference between ENOMEM and EIO occurring in the read_inode() path. (3) The code should get smaller. iget() is an inline function that is typically called 2-3 times per filesystem that uses it. By folding the iget code into the read_inode code for each filesystem, it eliminates some duplication."
"The attached patch adds a generic intermediary (FS-Cache) by which filesystems may call on local caching capabilities, and by which local caching backends may make caches available," explained David Howells describing his "generic filesystem caching facility" patch. In his patchset he also provided a patch to make NFS utilize the generic caching facility. David went on to detail thirteen facilities provided by the patch, including:
"(1) Caches can be added / removed at any time, even whilst in use; (2) Adds a facility by which tags can be used to refer to caches, even if they're not mounted yet; (3) More than one cache can be used at once. Caches can be selected explicitly by use of tags; (4) The netfs is provided with an interface that allows either party to withdraw caching facilities from a file (required for (1)); (5) A netfs may annotate cache objects that belongs to it; (6) Cache objects can be pinned and reservations made; (7) The interface to the netfs returns as few errors as possible, preferring rather to let the netfs remain oblivious."
"Here's a new version of my credentials patch. It's still very basic, with only Ext3, (V)FAT, NFS, AFS, SELinux and keyrings compiled in on an x86_64 arch kernel," stated David Howells. He described the patch as, "introduce a copy on write credentials record (struct cred). The fsuid, fsgid, supplementary groups list move into it (DAC security). The session, process and thread keyrings are reflected in it, but don't primarily reside there as they aren't per-thread and occasionally need to be instantiated or replaced by other threads or processes."
Casey Schaufler asked, "what I don't really understand is what value is gained by this exercise. Are the savings sufficiently significant to justify the effort?" Trond Myklebust explained, "it is not about savings, but about new functionality. Basically, the existence of reference-counted credentials will allow AFS and NFS to cache that information and use it for deferred writes etc." David added, "and also make it easier for cachefiles and hopefully NFSd to override the active security. There's a comment somewhere in, I think, the SunRPC code in the Linux kernel bemoaning the lack of this very feature:-)"