On Feb 28, 2008, at 10:15 PM, David Holland wrote:
I am still not convinced of this, for two reasons: first, I don't think layers are going to work unless locks are exported and shared; and second, if every fs does its own locking, it gives every fs the opportunity to do it wrong, and there'll furthermore tend to be a lot of cut&paste code with all the attendant problems.
The reason file systems can get it so wrong is because of the nutty rules that we currently have.
If vnodes are never locked when descending into a vnode op, and vnodes are never locked when returning from a vnode op, and vnodes are manipulated by accessors / mutators from within vnode ops, then there is no need to have a vnode locking protocol at all as part of the VFS<- >file system interface. It simply becomes the responsibility of underlying file systems to lock their own data structures as necessary and appropriate. As a transitional measure, file systems that are not marked as "thread-safe" can have a giant lock that gates entry at the vnode op boundary.
-- thorpej