Sprockets: Safe Extensions for Distributed File Systems

Sprockets are a lightweight method for extending the functionality of distributed file systems. They specifically target file systems implemented at user level and small extensions that can be expressed with up to several hundred lines of code. Each sprocket is akin to a procedure call that runs inside a transaction that is always rolled back on completion, even if sprocket execution succeeds. Sprockets therefore make no persistent changes to file system state; instead, they communicate their result back to the core file system through a restricted format using a shared memory buffer. The file system validates the result and makes any necessary changes if the validations pass. Sprockets use binary instrumentation to ensure that a sprocket can safely execute file system code without making changes to persistent state. We have implemented sprockets that perform type-specific handling within file systems such as querying application metadata, application-specific conflict resolution, and handling custom devices such as digital cameras. Our evaluation shows that sprockets can be up to an order of magnitude faster to execute than extensions that utilize operating system services such as fork. We also show that sprockets allow fine-grained isolation and, thus, can catch some bugs that a fork-based implementation cannot.

[1]  David Mazières,et al.  A Toolkit for User-Level File Systems , 2001, USENIX Annual Technical Conference, General Track.

[2]  Junfeng Yang,et al.  Using model checking to find serious file system errors , 2004, TOCS.

[3]  Robert Wahbe,et al.  Efficient software-based fault isolation , 1994, SOSP '93.

[4]  Brian N. Bershad,et al.  Watchdogs - Extending the UNIX File System , 1988, Comput. Syst..

[5]  Garth A. Gibson,et al.  Automatic I/O hint generation through speculative execution , 1999, OSDI '99.

[6]  Jason Flinn,et al.  Energy-Efficiency and Storage Flexibility in the Blue File System , 2004, OSDI.

[7]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[8]  Margo I. Seltzer,et al.  Dealing with disaster: surviving misbehaved kernel extensions , 1996, OSDI '96.

[9]  David A. Wood,et al.  LogTM: log-based transactional memory , 2006, The Twelfth International Symposium on High-Performance Computer Architecture, 2006..

[10]  Michael N. Nelson,et al.  Extensible file systems in spring , 1994, SOSP '93.

[11]  Dawson R. Engler,et al.  Exokernel: an operating system architecture for application-level resource management , 1995, SOSP.

[12]  Brian N. Bershad,et al.  Scheduler activations: effective kernel support for the user-level management of parallelism , 1991, TOCS.

[13]  Pierre Jouvelot,et al.  Semantic file systems , 1991, SOSP '91.

[14]  Brian N. Bershad,et al.  Improving the reliability of commodity operating systems , 2005, TOCS.

[15]  Sorin Lerner,et al.  Automated soundness proofs for dataflow analyses and transformations via local rules , 2005, POPL '05.

[16]  Jason Flinn,et al.  EnsemBlue: integrating distributed storage and consumer electronics , 2006, OSDI '06.

[17]  Mahadev Satyanarayanan,et al.  Flexible and Safe Resolution of File Conflicts , 1995, USENIX.

[18]  Samuel T. King,et al.  Detecting past and present intrusions through vulnerability-specific predicates , 2005, SOSP '05.

[19]  Nir Shavit,et al.  Software transactional memory , 1995, PODC '95.

[20]  Maurice Herlihy,et al.  Transactional Memory: Architectural Support For Lock-free Data Structures , 1993, Proceedings of the 20th Annual International Symposium on Computer Architecture.

[21]  J. Howard Et El,et al.  Scale and performance in a distributed file system , 1988 .

[22]  Brian N. Bershad,et al.  Extensibility safety and performance in the SPIN operating system , 1995, SOSP.

[23]  Kevin E. Moore,et al.  Log-based transactional memory , 2007 .

[24]  John S. Heidemann,et al.  File-system development with stackable layers , 1994, TOCS.

[25]  Mahadev Satyanarayanan,et al.  Disconnected Operation in the Coda File System , 1999, Mobidata.