Add a filesystem service #390
Conversation
There was a problem hiding this comment.
Just did a quick review. Two things:
-
The use of
repr(packed)needs to be thoroughly justified.repr(packed)is yet another landmine. Taking a pointer to anrepr(packed)field is UB (since we might end up creating an unaligned reference, which is illegal). If possible at all, please userepr(C)instead. I think in most cases presented here,repr(C)would work. -
I see a lot of duplicate code (and - most importantly - duplicate unsafe code) between fs and disk-initializer. In general, it'd be nice if the amount of unsafe code could go down, and especially if we could get safe interfaces in the common crate so we could entirely eliminate the duplicated unsafe code.
|
@roblabla Removing the code duplication entirely isn't possible at all as most of the type needed by this code depends on libuser that cannot be used in the host std context. I can still move th gpt part but that's it. |
marysaka
force-pushed
the
feature/filesystem
branch
from
68d6b34 to
ecab471
Compare
marysaka
force-pushed
the
feature/filesystem
branch
2 times, most recently
from
8788131 to
ac4406a
Compare
marysaka
force-pushed
the
feature/filesystem
branch
from
050ec3a to
ca23cd8
Compare
Also make cat use cwd
Co-Authored-By: Orycterope <Orycterope@users.noreply.github.com> Co-Authored-By: Robin Lambertz <github@roblab.la>
| } | ||
|
|
||
| impl<B> StorageDevice for StorageCachedBlockDevice<B> where B: BlockDevice + Sync + Send { | ||
| fn read(&mut self, offset: u64, buf: &mut [u8]) -> StorageDeviceResult<()> { |
There was a problem hiding this comment.
Ok, multiple things are wrong with this function.
Misaligned read
First, you cannot possibly write to an unaligned buffer without a shifting memcpy for the middle part.
The simple case
To demonstrate that, let's consider only the middle part to make things simple, i.e. we're simply reading a multiple of Block size to an unaligned buffer. What we're trying to accomplish is something like this:
block 0 bytes block 1 block 2
disk: [ 0 | 1 | 2 | 3 | ...][ ... ][ ... ]
/
V
buffer: [ 0 | 1 | 2 | 3 | ... ]
You can see that the buffer and the disk are horizontally misaligned, to represent their misalignment in memory.
What you're currently doing is is reading the first byte on its own, and then fill the rest of the buffer directly from the disk, effectively doing this:
disk: [ 0 | 1 | 2 | 3 | ...][ ... ][ ... ]
|
V
buffer: [ 0 | 0 | 1 | 2 | 3 | ... ]
You can see that the first byte of the block is present twice. This is wrong, but unfortunately I see no way to simply read the block and expect it to work.
We always have to first read from the disk in an aligned fashion, and then shift everything in place to misalign it to our buffer misalignment:
disk: [ 0 | 1 | 2 | 3 | ...][ ... ][ ... ]
|
V
buffer: [ | 0 | 1 | 2 | 3 | ... ]
memcpy: V---┘
buffer: [ 0 | 1 | 2 | 3 | ... ... ]
But for us to read and then shift in place, our buffer must be big enough to hold all the blocks, plus some padding for the shift. In practice this means that often a read of 3 blocks would only read 2 into the buffer so it has enough room, do the shift, read the 3rd block into a tmp aligned block, and copy from that aligned tmp to the end of the misaligned buffer.
The real life case
Until now we've only considered the simple case of reading multiples of Block size. But most of the time we're not. To do that we still split the problem into a "before, middle, after" three time read. For the before and after parts, reading to an aligned tmp buffer and memcpy to misaligned buffer is not a problem. However the middle still needs to be shifted. But we can potentially harvest the "after" part in the buffer as extra free space for our shift, and save one read. This can only happer if there's an "after" part however, if the buffer ends on a multiple of block size we can't :/
Nothing to do with fs
Finally, this is a lot more related to storage_device than it is to fs, so it should live in storage_device. I was thinking of making storage_device a public crate on crates.io. Blocks of size 512 and aligned to 2 is very specific to ahci, but we could define a whole family of different blocks and let the user define its own, with its own alignement, and be generic over that.
Time constraint
Even though the current implementation is broken af, because we're short on time, if you can guarantee me that it seems to be working for now (maybe we're lucky and we're never reading to unaligned buffers, thanks rustc), I will let it pass and be merged for now.
One of the first things I'll do will be to work on a rewrite of all of this in storage_device, and make storage_device publishable.
Also I'll write lots of unit tests for my storage_device impl, as we seem to have a hard time getting it right.
This was used during IPC sucessive rewrite to simplify portability. We can now remove this layer.
| let mut path = [0x0; PATH_LEN]; | ||
|
|
||
| let path_str_slice = path_str.as_bytes(); | ||
| path[..path_str_slice.len()].copy_from_slice(path_str_slice); |
There was a problem hiding this comment.
we should PR a ToOwned for ArrayString.
| "pwd" => { | ||
| let _ = writeln!(&mut terminal, "{}", CURRENT_WORK_DIRECTORY.lock().as_str()); | ||
| }, | ||
| "cd" => { |
There was a problem hiding this comment.
a small ls command that takes no argument and displays child directory entries of the cwd, one per line, should be equally easy to implement, no ?
Minimalist, but with this we can navigate the hierarchy.
Call it dir if you feel like trolling.
This PR adds a filesystem service and changes AHCI to use IPC buffers.