15. NFSv4.2 Operations
15.1. Operation 59: ALLOCATE - Reserve space in a region of a file
15.1.1. ARGUMENT
<CODE BEGINS> struct ALLOCATE4args { /* CURRENT_FH: file */ stateid4 aa_stateid; offset4 aa_offset; length4 aa_length; }; <CODE ENDS>15.1.2. RESULT
<CODE BEGINS> struct ALLOCATE4res { nfsstat4 ar_status; }; <CODE ENDS>15.1.3. DESCRIPTION
Whenever a client wishes to reserve space for a region in a file, it calls the ALLOCATE operation with the current filehandle set to the filehandle of the file in question, and with the start offset and length in bytes of the region set in aa_offset and aa_length, respectively. CURRENT_FH must be a regular file. If CURRENT_FH is not a regular file, the operation MUST fail and return NFS4ERR_WRONG_TYPE.
The aa_stateid MUST refer to a stateid that is valid for a WRITE operation and follows the rules for stateids in Sections 8.2.5 and 18.32.3 of [RFC5661]. The server will ensure that backing blocks are reserved to the region specified by aa_offset and aa_length, and that no future writes into this region will return NFS4ERR_NOSPC. If the region lies partially or fully outside the current file size, the file size will be set to aa_offset + aa_length implicitly. If the server cannot guarantee this, it must return NFS4ERR_NOSPC. The ALLOCATE operation can also be used to extend the size of a file if the region specified by aa_offset and aa_length extends beyond the current file size. In that case, any data outside of the previous file size will return zeros when read before data is written to it. It is not required that the server allocate the space to the file before returning success. The allocation can be deferred; however, it must be guaranteed that it will not fail for lack of space. The deferral does not result in an asynchronous reply. The ALLOCATE operation will result in the space_used and space_freed attributes being increased by the number of bytes reserved, unless they were previously reserved or written and not shared.15.2. Operation 60: COPY - Initiate a server-side copy
15.2.1. ARGUMENT
<CODE BEGINS> struct COPY4args { /* SAVED_FH: source file */ /* CURRENT_FH: destination file */ stateid4 ca_src_stateid; stateid4 ca_dst_stateid; offset4 ca_src_offset; offset4 ca_dst_offset; length4 ca_count; bool ca_consecutive; bool ca_synchronous; netloc4 ca_source_server<>; }; <CODE ENDS>
15.2.2. RESULT
<CODE BEGINS> struct write_response4 { stateid4 wr_callback_id<1>; length4 wr_count; stable_how4 wr_committed; verifier4 wr_writeverf; }; struct copy_requirements4 { bool cr_consecutive; bool cr_synchronous; }; struct COPY4resok { write_response4 cr_response; copy_requirements4 cr_requirements; }; union COPY4res switch (nfsstat4 cr_status) { case NFS4_OK: COPY4resok cr_resok4; case NFS4ERR_OFFLOAD_NO_REQS: copy_requirements4 cr_requirements; default: void; }; <CODE ENDS>15.2.3. DESCRIPTION
The COPY operation is used for both intra-server and inter-server copies. In both cases, the COPY is always sent from the client to the destination server of the file copy. The COPY operation requests that a range in the file specified by SAVED_FH be copied to a range in the file specified by CURRENT_FH. Both SAVED_FH and CURRENT_FH must be regular files. If either SAVED_FH or CURRENT_FH is not a regular file, the operation MUST fail and return NFS4ERR_WRONG_TYPE. SAVED_FH and CURRENT_FH must be different files. If SAVED_FH and CURRENT_FH refer to the same file, the operation MUST fail with NFS4ERR_INVAL.
If the request is for an inter-server copy, the source-fh is a filehandle from the source server and the COMPOUND procedure is being executed on the destination server. In this case, the source-fh is a foreign filehandle on the server receiving the COPY request. If either PUTFH or SAVEFH checked the validity of the filehandle, the operation would likely fail and return NFS4ERR_STALE. If a server supports the inter-server copy feature, a PUTFH followed by a SAVEFH MUST NOT return NFS4ERR_STALE for either operation. These restrictions do not pose substantial difficulties for servers. CURRENT_FH and SAVED_FH may be validated in the context of the operation referencing them and an NFS4ERR_STALE error returned for an invalid filehandle at that point. The ca_dst_stateid MUST refer to a stateid that is valid for a WRITE operation and follows the rules for stateids in Sections 8.2.5 and 18.32.3 of [RFC5661]. For an inter-server copy, the ca_src_stateid MUST be the cnr_stateid returned from the earlier COPY_NOTIFY operation, while for an intra-server copy ca_src_stateid MUST refer to a stateid that is valid for a READ operation and follows the rules for stateids in Sections 8.2.5 and 18.22.3 of [RFC5661]. If either stateid is invalid, then the operation MUST fail. The ca_src_offset is the offset within the source file from which the data will be read, the ca_dst_offset is the offset within the destination file to which the data will be written, and the ca_count is the number of bytes that will be copied. An offset of 0 (zero) specifies the start of the file. A count of 0 (zero) requests that all bytes from ca_src_offset through EOF be copied to the destination. If concurrent modifications to the source file overlap with the source file region being copied, the data copied may include all, some, or none of the modifications. The client can use standard NFS operations (e.g., OPEN with OPEN4_SHARE_DENY_WRITE or mandatory byte-range locks) to protect against concurrent modifications if the client is concerned about this. If the source file's EOF is being modified in parallel with a COPY that specifies a count of 0 (zero) bytes, the amount of data copied is implementation dependent (clients may guard against this case by specifying a non-zero count value or preventing modification of the source file as mentioned above).
If the source offset or the source offset plus count is greater than the size of the source file, the operation MUST fail with NFS4ERR_INVAL. The destination offset or destination offset plus count may be greater than the size of the destination file. This allows the client to issue parallel copies to implement operations such as <CODE BEGINS> % cat file1 file2 file3 file4 > dest <CODE ENDS> If the ca_source_server list is specified, then this is an inter-server COPY operation and the source file is on a remote server. The client is expected to have previously issued a successful COPY_NOTIFY request to the remote source server. The ca_source_server list MUST be the same as the COPY_NOTIFY response's cnr_source_server list. If the client includes the entries from the COPY_NOTIFY response's cnr_source_server list in the ca_source_server list, the source server can indicate a specific copy protocol for the destination server to use by returning a URL that specifies both a protocol service and server name. Server-to-server copy protocol considerations are described in Sections 4.6 and 4.9.1. If ca_consecutive is set, then the client has specified that the copy protocol selected MUST copy bytes in consecutive order from ca_src_offset to ca_count. If the destination server cannot meet this requirement, then it MUST return an error of NFS4ERR_OFFLOAD_NO_REQS and set cr_consecutive to be FALSE. Likewise, if ca_synchronous is set, then the client has required that the copy protocol selected MUST perform a synchronous copy. If the destination server cannot meet this requirement, then it MUST return an error of NFS4ERR_OFFLOAD_NO_REQS and set cr_synchronous to be FALSE. If both are set by the client, then the destination SHOULD try to determine if it can respond to both requirements at the same time. If it cannot make that determination, it must set to TRUE the one it can and set to FALSE the other. The client, upon getting an NFS4ERR_OFFLOAD_NO_REQS error, has to examine both cr_consecutive and cr_synchronous against the respective values of ca_consecutive and ca_synchronous to determine the possible requirement not met. It MUST be prepared for the destination server not being able to determine both requirements at the same time.
Upon receiving the NFS4ERR_OFFLOAD_NO_REQS error, the client has to determine whether it wants to re-request the copy with a relaxed set of requirements or revert to manually copying the data. If it decides to manually copy the data and this is a remote copy, then the client is responsible for informing the source that the earlier COPY_NOTIFY is no longer valid by sending it an OFFLOAD_CANCEL. If the operation does not result in an immediate failure, the server will return NFS4_OK. If the wr_callback_id is returned, this indicates that an asynchronous COPY operation was initiated and a CB_OFFLOAD callback will deliver the final results of the operation. The wr_callback_id stateid is termed a "copy stateid" in this context. The server is given the option of returning the results in a callback because the data may require a relatively long period of time to copy. If no wr_callback_id is returned, the operation completed synchronously and no callback will be issued by the server. The completion status of the operation is indicated by cr_status. If the copy completes successfully, either synchronously or asynchronously, the data copied from the source file to the destination file MUST appear identical to the NFS client. However, the NFS server's on-disk representation of the data in the source file and destination file MAY differ. For example, the NFS server might encrypt, compress, deduplicate, or otherwise represent the on-disk data in the source and destination files differently. If a failure does occur for a synchronous copy, wr_count will be set to the number of bytes copied to the destination file before the error occurred. If cr_consecutive is TRUE, then the bytes were copied in order. If the failure occurred for an asynchronous copy, then the client will have gotten the notification of the consecutive copy order when it got the copy stateid. It will be able to determine the bytes copied from the coa_bytes_copied in the CB_OFFLOAD argument. In either case, if cr_consecutive was not TRUE, there is no assurance as to exactly which bytes in the range were copied. The client MUST assume that there exists a mixture of the original contents of the range and the new bytes. If the COPY wrote past the end of the file on the destination, then the last byte written to will determine the new file size. The contents of any block not written to and past the original size of the file will be as if a normal WRITE extended the file.
15.3. Operation 61: COPY_NOTIFY - Notify a source server of a future copy
15.3.1. ARGUMENT
<CODE BEGINS> struct COPY_NOTIFY4args { /* CURRENT_FH: source file */ stateid4 cna_src_stateid; netloc4 cna_destination_server; }; <CODE ENDS>15.3.2. RESULT
<CODE BEGINS> struct COPY_NOTIFY4resok { nfstime4 cnr_lease_time; stateid4 cnr_stateid; netloc4 cnr_source_server<>; }; union COPY_NOTIFY4res switch (nfsstat4 cnr_status) { case NFS4_OK: COPY_NOTIFY4resok resok4; default: void; }; <CODE ENDS>15.3.3. DESCRIPTION
This operation is used for an inter-server copy. A client sends this operation in a COMPOUND request to the source server to authorize a destination server identified by cna_destination_server to read the file specified by CURRENT_FH on behalf of the given user. The cna_src_stateid MUST refer to either open or locking states provided earlier by the server. If it is invalid, then the operation MUST fail. The cna_destination_server MUST be specified using the netloc4 network location format. The server is not required to resolve the cna_destination_server address before completing this operation.
If this operation succeeds, the source server will allow the cna_destination_server to copy the specified file on behalf of the given user as long as both of the following conditions are met: o The destination server begins reading the source file before the cnr_lease_time expires. If the cnr_lease_time expires while the destination server is still reading the source file, the destination server is allowed to finish reading the file. If the cnr_lease_time expires before the destination server uses READ or READ_PLUS to begin the transfer, the source server can use NFS4ERR_PARTNER_NO_AUTH to inform the destination server that the cnr_lease_time has expired. o The client has not issued an OFFLOAD_CANCEL for the same combination of user, filehandle, and destination server. The cnr_lease_time is chosen by the source server. A cnr_lease_time of 0 (zero) indicates an infinite lease. To avoid the need for synchronized clocks, copy lease times are granted by the server as a time delta. To renew the copy lease time, the client should resend the same copy notification request to the source server. The cnr_stateid is a copy stateid that uniquely describes the state needed on the source server to track the proposed COPY. As defined in Section 8.2 of [RFC5661], a stateid is tied to the current filehandle, and if the same stateid is presented by two different clients, it may refer to different states. As the source does not know which netloc4 network location the destination might use to establish the COPY operation, it can use the cnr_stateid to identify that the destination is operating on behalf of the client. Thus, the source server MUST construct copy stateids such that they are distinct from all other stateids handed out to clients. These copy stateids MUST denote the same set of locks as each of the earlier delegation, locking, and open states for the client on the given file (see Section 4.3.1). A successful response will also contain a list of netloc4 network location formats called cnr_source_server, on which the source is willing to accept connections from the destination. These might not be reachable from the client and might be located on networks to which the client has no connection. This operation is unnecessary for an intra-server copy.
15.4. Operation 62: DEALLOCATE - Unreserve space in a region of a file
15.4.1. ARGUMENT
<CODE BEGINS> struct DEALLOCATE4args { /* CURRENT_FH: file */ stateid4 da_stateid; offset4 da_offset; length4 da_length; }; <CODE ENDS>15.4.2. RESULT
<CODE BEGINS> struct DEALLOCATE4res { nfsstat4 dr_status; }; <CODE ENDS>15.4.3. DESCRIPTION
Whenever a client wishes to unreserve space for a region in a file, it calls the DEALLOCATE operation with the current filehandle set to the filehandle of the file in question, and with the start offset and length in bytes of the region set in da_offset and da_length, respectively. If no space was allocated or reserved for all or parts of the region, the DEALLOCATE operation will have no effect for the region that already is in unreserved state. All further READs from the region passed to DEALLOCATE MUST return zeros until overwritten. CURRENT_FH must be a regular file. If CURRENT_FH is not a regular file, the operation MUST fail and return NFS4ERR_WRONG_TYPE. The da_stateid MUST refer to a stateid that is valid for a WRITE operation and follows the rules for stateids in Sections 8.2.5 and 18.32.3 of [RFC5661].
Situations may arise where da_offset and/or da_offset + da_length will not be aligned to a boundary for which the server does allocations or deallocations. For most file systems, this is the block size of the file system. In such a case, the server can deallocate as many bytes as it can in the region. The blocks that cannot be deallocated MUST be zeroed. DEALLOCATE will result in the space_used attribute being decreased by the number of bytes that were deallocated. The space_freed attribute may or may not decrease, depending on the support and whether the blocks backing the specified range were shared or not. The size attribute will remain unchanged.15.5. Operation 63: IO_ADVISE - Send client I/O access pattern hints to the server
15.5.1. ARGUMENT
<CODE BEGINS> enum IO_ADVISE_type4 { IO_ADVISE4_NORMAL = 0, IO_ADVISE4_SEQUENTIAL = 1, IO_ADVISE4_SEQUENTIAL_BACKWARDS = 2, IO_ADVISE4_RANDOM = 3, IO_ADVISE4_WILLNEED = 4, IO_ADVISE4_WILLNEED_OPPORTUNISTIC = 5, IO_ADVISE4_DONTNEED = 6, IO_ADVISE4_NOREUSE = 7, IO_ADVISE4_READ = 8, IO_ADVISE4_WRITE = 9, IO_ADVISE4_INIT_PROXIMITY = 10 }; struct IO_ADVISE4args { /* CURRENT_FH: file */ stateid4 iaa_stateid; offset4 iaa_offset; length4 iaa_count; bitmap4 iaa_hints; }; <CODE ENDS>
15.5.2. RESULT
<CODE BEGINS> struct IO_ADVISE4resok { bitmap4 ior_hints; }; union IO_ADVISE4res switch (nfsstat4 ior_status) { case NFS4_OK: IO_ADVISE4resok resok4; default: void; }; <CODE ENDS>15.5.3. DESCRIPTION
The IO_ADVISE operation sends an I/O access pattern hint to the server for the owner of the stateid for a given byte range specified by iar_offset and iar_count. The byte range specified by iaa_offset and iaa_count need not currently exist in the file, but the iaa_hints will apply to the byte range when it does exist. If iaa_count is 0, all data following iaa_offset is specified. The server MAY ignore the advice. The following are the allowed hints for a stateid holder: IO_ADVISE4_NORMAL There is no advice to give. This is the default behavior. IO_ADVISE4_SEQUENTIAL Expects to access the specified data sequentially from lower offsets to higher offsets. IO_ADVISE4_SEQUENTIAL_BACKWARDS Expects to access the specified data sequentially from higher offsets to lower offsets. IO_ADVISE4_RANDOM Expects to access the specified data in a random order. IO_ADVISE4_WILLNEED Expects to access the specified data in the near future. IO_ADVISE4_WILLNEED_OPPORTUNISTIC Expects to possibly access the data in the near future. This is a speculative hint, and therefore the server should prefetch data or indirect blocks only if it can be done at a marginal cost.
IO_ADVISE_DONTNEED Expects that it will not access the specified data in the near future. IO_ADVISE_NOREUSE Expects to access the specified data once and then not reuse it thereafter. IO_ADVISE4_READ Expects to read the specified data in the near future. IO_ADVISE4_WRITE Expects to write the specified data in the near future. IO_ADVISE4_INIT_PROXIMITY Informs the server that the data in the byte range remains important to the client. Since IO_ADVISE is a hint, a server SHOULD NOT return an error and invalidate an entire COMPOUND request if one of the sent hints in iar_hints is not supported by the server. Also, the server MUST NOT return an error if the client sends contradictory hints to the server, e.g., IO_ADVISE4_SEQUENTIAL and IO_ADVISE4_RANDOM in a single IO_ADVISE operation. In these cases, the server MUST return success and an ior_hints value that indicates the hint it intends to implement. This may mean simply returning IO_ADVISE4_NORMAL. The ior_hints returned by the server is primarily for debugging purposes, since the server is under no obligation to carry out the hints that it describes in the ior_hints result. In addition, while the server may have intended to implement the hints returned in ior_hints, the server may need to change its handling of a given file -- for example, because of memory pressure, additional IO_ADVISE hints sent by other clients, or heuristically detected file access patterns. The server MAY return different advice than what the client requested. Some examples include another client advising of a different I/O access pattern, another client employing a different I/O access pattern, or inability of the server to support the requested I/O access pattern. Each issuance of the IO_ADVISE operation overrides all previous issuances of IO_ADVISE for a given byte range. This effectively follows a strategy of "last hint wins" for a given stateid and byte range. Clients should assume that hints included in an IO_ADVISE operation will be forgotten once the file is closed.
15.5.4. IMPLEMENTATION
The NFS client may choose to issue an IO_ADVISE operation to the server in several different instances. The most obvious is in direct response to an application's execution of posix_fadvise(). In this case, IO_ADVISE4_WRITE and IO_ADVISE4_READ may be set, based upon the type of file access specified when the file was opened.15.5.5. IO_ADVISE4_INIT_PROXIMITY
The IO_ADVISE4_INIT_PROXIMITY hint is non-POSIX in origin and can be used to convey that the client has recently accessed the byte range in its own cache. That is, it has not accessed it on the server but has accessed it locally. When the server reaches resource exhaustion, knowing which data is more important allows the server to make better choices about which data to, for example, purge from a cache or move to secondary storage. It also informs the server as to which delegations are more important, because if delegations are working correctly, once delegated to a client and the client has read the content for that byte range, a server might never receive another READ request for that byte range. The IO_ADVISE4_INIT_PROXIMITY hint can also be used in a pNFS setting to let the client inform the metadata server as to the I/O statistics between the client and the storage devices. The metadata server is then free to use this information about client I/O to optimize the data storage location. This hint is also useful in the case of NFS clients that are network- booting from a server. If the first client to be booted sends this hint, then it keeps the cache warm for the remaining clients.15.5.6. pNFS File Layout Data Type Considerations
The IO_ADVISE considerations for pNFS are very similar to the COMMIT considerations for pNFS (see Section 13.7 of [RFC5661]). That is, as with COMMIT, some NFS server implementations prefer that IO_ADVISE be done on the storage device, and some prefer that it be done on the metadata server. For the file's layout type, NFSv4.2 includes an additional hint, NFL42_CARE_IO_ADVISE_THRU_MDS, which is valid only on metadata servers running NFSv4.2 or higher. ("NFL" stands for "NFS File Layout".) Any file's layout obtained from an NFSv4.1 metadata server MUST NOT have NFL42_UFLG_IO_ADVISE_THRU_MDS set. Any file's layout
obtained with an NFSv4.2 metadata server MAY have NFL42_UFLG_IO_ADVISE_THRU_MDS set. However, if the layout utilizes NFSv4.1 storage devices, the IO_ADVISE operation cannot be sent to them. If NFL42_UFLG_IO_ADVISE_THRU_MDS is set, the client MUST send the IO_ADVISE operation to the metadata server in order for it to be honored by the storage device. Once the metadata server receives the IO_ADVISE operation, it will communicate the advice to each storage device. If NFL42_UFLG_IO_ADVISE_THRU_MDS is not set, then the client SHOULD send an IO_ADVISE operation to the appropriate storage device for the specified byte range. While the client MAY always send IO_ADVISE to the metadata server, if the server has not set NFL42_UFLG_IO_ADVISE_THRU_MDS, the client should expect that such an IO_ADVISE is futile. Note that a client SHOULD use the same set of arguments on each IO_ADVISE sent to a storage device for the same open file reference. The server is not required to support different advice for different storage devices with the same open file reference.15.5.6.1. Dense and Sparse Packing Considerations
The IO_ADVISE operation MUST use the iar_offset and byte range as dictated by the presence or absence of NFL4_UFLG_DENSE (see Section 13.4.4 of [RFC5661]). For example, if NFL4_UFLG_DENSE is present, then (1) a READ or WRITE to the storage device for iaa_offset 0 really means iaa_offset 10000 in the logical file and (2) an IO_ADVISE for iaa_offset 0 means iaa_offset 10000 in the logical file. For example, if NFL4_UFLG_DENSE is absent, then (1) a READ or WRITE to the storage device for iaa_offset 0 really means iaa_offset 0 in the logical file and (2) an IO_ADVISE for iaa_offset 0 means iaa_offset 0 in the logical file.
For example, if NFL4_UFLG_DENSE is present, the stripe unit is 1000 bytes and the stripe count is 10, and the dense storage device file is serving iar_offset 0. A READ or WRITE to the storage device for iaa_offsets 0, 1000, 2000, and 3000 really means iaa_offsets 10000, 20000, 30000, and 40000 (implying a stripe count of 10 and a stripe unit of 1000), and then an IO_ADVISE sent to the same storage device with an iaa_offset of 500 and an iaa_count of 3000 means that the IO_ADVISE applies to these byte ranges of the dense storage device file: - 500 to 999 - 1000 to 1999 - 2000 to 2999 - 3000 to 3499 That is, the contiguous range 500 to 3499, as specified in IO_ADVISE. It also applies to these byte ranges of the logical file: - 10500 to 10999 (500 bytes) - 20000 to 20999 (1000 bytes) - 30000 to 30999 (1000 bytes) - 40000 to 40499 (500 bytes) (total 3000 bytes) For example, if NFL4_UFLG_DENSE is absent, the stripe unit is 250 bytes, the stripe count is 4, and the sparse storage device file is serving iaa_offset 0. Then, a READ or WRITE to the storage device for iaa_offsets 0, 1000, 2000, and 3000 really means iaa_offsets 0, 1000, 2000, and 3000 in the logical file, keeping in mind that in the storage device file byte ranges 250 to 999, 1250 to 1999, 2250 to 2999, and 3250 to 3999 are not accessible. Then, an IO_ADVISE sent to the same storage device with an iaa_offset of 500 and an iaa_count of 3000 means that the IO_ADVISE applies to these byte ranges of the logical file and the sparse storage device file: - 500 to 999 (500 bytes) - no effect - 1000 to 1249 (250 bytes) - effective - 1250 to 1999 (750 bytes) - no effect - 2000 to 2249 (250 bytes) - effective - 2250 to 2999 (750 bytes) - no effect - 3000 to 3249 (250 bytes) - effective - 3250 to 3499 (250 bytes) - no effect (subtotal 2250 bytes) - no effect (subtotal 750 bytes) - effective (grand total 3000 bytes) - no effect + effective
If neither the NFL42_UFLG_IO_ADVISE_THRU_MDS flag nor the NFL4_UFLG_DENSE flag is set in the layout, then any IO_ADVISE request sent to the data server with a byte range that overlaps stripe units that the data server does not serve MUST NOT result in the status NFS4ERR_PNFS_IO_HOLE. Instead, the response SHOULD be successful, and if the server applies IO_ADVISE hints on any stripe units that overlap with the specified range, those hints SHOULD be indicated in the response.15.6. Operation 64: LAYOUTERROR - Provide errors for the layout
15.6.1. ARGUMENT
<CODE BEGINS> struct device_error4 { deviceid4 de_deviceid; nfsstat4 de_status; nfs_opnum4 de_opnum; }; struct LAYOUTERROR4args { /* CURRENT_FH: file */ offset4 lea_offset; length4 lea_length; stateid4 lea_stateid; device_error4 lea_errors<>; }; <CODE ENDS>15.6.2. RESULT
<CODE BEGINS> struct LAYOUTERROR4res { nfsstat4 ler_status; }; <CODE ENDS>15.6.3. DESCRIPTION
The client can use LAYOUTERROR to inform the metadata server about errors in its interaction with the layout (see Section 12 of [RFC5661]) represented by the current filehandle, client ID (derived from the session ID in the preceding SEQUENCE operation), byte range (lea_offset + lea_length), and lea_stateid.
Each individual device_error4 describes a single error associated with a storage device, which is identified via de_deviceid. If the layout type (see Section 12.2.7 of [RFC5661]) supports NFSv4 operations, then the operation that returned the error is identified via de_opnum. If the layout type does not support NFSv4 operations, then either (1) it MAY choose to map the operation onto one of the allowed operations that can be sent to a storage device with the file layout type (see Section 3.3) or (2) it can signal no support for operations by marking de_opnum with the ILLEGAL operation. Finally, the NFS error value (nfsstat4) encountered is provided via de_status and may consist of the following error codes: NFS4ERR_NXIO: The client was unable to establish any communication with the storage device. NFS4ERR_*: The client was able to establish communication with the storage device and is returning one of the allowed error codes for the operation denoted by de_opnum. Note that while the metadata server may return an error associated with the layout stateid or the open file, it MUST NOT return an error in the processing of the errors. If LAYOUTERROR is in a COMPOUND before LAYOUTRETURN, it MUST NOT introduce an error other than what LAYOUTRETURN would already encounter.15.6.4. IMPLEMENTATION
There are two broad classes of errors: transient and persistent. The client SHOULD strive to only use this new mechanism to report persistent errors. It MUST be able to deal with transient issues by itself. Also, while the client might consider an issue to be persistent, it MUST be prepared for the metadata server to consider such issues to be transient. A prime example of this is if the metadata server fences off a client from either a stateid or a filehandle. The client will get an error from the storage device and might relay either NFS4ERR_ACCESS or NFS4ERR_BAD_STATEID back to the metadata server, with the belief that this is a hard error. If the metadata server is informed by the client that there is an error, it can safely ignore that. For the metadata server, the mission is accomplished in that the client has returned a layout that the metadata server had most likely recalled.
The client might also need to inform the metadata server that it cannot reach one or more of the storage devices. While the metadata server can detect the connectivity of both of these paths: o metadata server to storage device o metadata server to client it cannot determine if the client and storage device path is working. As with the case of the storage device passing errors to the client, it must be prepared for the metadata server to consider such outages as being transitory. Clients are expected to tolerate transient storage device errors, and hence clients SHOULD NOT use the LAYOUTERROR error handling for device access problems that may be transient. The methods by which a client decides whether a device access problem is transient or persistent are implementation specific but may include retrying I/Os to a data server under appropriate conditions. When an I/O to a storage device fails, the client SHOULD retry the failed I/O via the metadata server. In this situation, before retrying the I/O, the client SHOULD return the layout, or the affected portion thereof, and SHOULD indicate which storage device or devices was problematic. The client needs to do this when the storage device is being unresponsive in order to fence off any failed write attempts and ensure that they do not end up overwriting any later data being written through the metadata server. If the client does not do this, the metadata server MAY issue a layout recall callback in order to perform the retried I/O. The client needs to be cognizant that since this error handling is optional in the metadata server, the metadata server may silently ignore this functionality. Also, as the metadata server may consider some issues the client reports to be expected, the client might find it difficult to detect a metadata server that has not implemented error handling via LAYOUTERROR. If a metadata server is aware that a storage device is proving problematic to a client, the metadata server SHOULD NOT include that storage device in any pNFS layouts sent to that client. If the metadata server is aware that a storage device is affecting many clients, then the metadata server SHOULD NOT include that storage device in any pNFS layouts sent out. If a client asks for a new layout for the file from the metadata server, it MUST be prepared for the metadata server to return that storage device in the layout. The metadata server might not have any choice in using the storage device, i.e., there might only be one possible layout for the system.
Also, in the case of existing files, the metadata server might have no choice regarding which storage devices to hand out to clients. The metadata server is not required to indefinitely retain per-client storage device error information. The metadata server is also not required to automatically reinstate the use of a previously problematic storage device; administrative intervention may be required instead.15.7. Operation 65: LAYOUTSTATS - Provide statistics for the layout
15.7.1. ARGUMENT
<CODE BEGINS> struct layoutupdate4 { layouttype4 lou_type; opaque lou_body<>; }; struct io_info4 { uint64_t ii_count; uint64_t ii_bytes; }; struct LAYOUTSTATS4args { /* CURRENT_FH: file */ offset4 lsa_offset; length4 lsa_length; stateid4 lsa_stateid; io_info4 lsa_read; io_info4 lsa_write; deviceid4 lsa_deviceid; layoutupdate4 lsa_layoutupdate; }; <CODE ENDS>15.7.2. RESULT
<CODE BEGINS> struct LAYOUTSTATS4res { nfsstat4 lsr_status; }; <CODE ENDS>
15.7.3. DESCRIPTION
The client can use LAYOUTSTATS to inform the metadata server about its interaction with the layout (see Section 12 of [RFC5661]) represented by the current filehandle, client ID (derived from the session ID in the preceding SEQUENCE operation), byte range (lsa_offset and lsa_length), and lsa_stateid. lsa_read and lsa_write allow non-layout-type-specific statistics to be reported. lsa_deviceid allows the client to specify to which storage device the statistics apply. The remaining information the client is presenting is specific to the layout type and presented in the lsa_layoutupdate field. Each layout type MUST define the contents of lsa_layoutupdate in their respective specifications. LAYOUTSTATS can be combined with IO_ADVISE (see Section 15.5) to augment the decision-making process of how the metadata server handles a file. That is, IO_ADVISE lets the server know that a byte range has a certain characteristic, but not necessarily the intensity of that characteristic. The statistics are cumulative, i.e., multiple LAYOUTSTATS updates can be in flight at the same time. The metadata server can examine the packet's timestamp to order the different calls. The first LAYOUTSTATS sent by the client SHOULD be from the opening of the file. The choice of how often to update the metadata server is made by the client. Note that while the metadata server may return an error associated with the layout stateid or the open file, it MUST NOT return an error in the processing of the statistics.
15.8. Operation 66: OFFLOAD_CANCEL - Stop an offloaded operation
15.8.1. ARGUMENT
<CODE BEGINS> struct OFFLOAD_CANCEL4args { /* CURRENT_FH: file to cancel */ stateid4 oca_stateid; }; <CODE ENDS>15.8.2. RESULT
<CODE BEGINS> struct OFFLOAD_CANCEL4res { nfsstat4 ocr_status; }; <CODE ENDS>15.8.3. DESCRIPTION
OFFLOAD_CANCEL is used by the client to terminate an asynchronous operation, which is identified by both CURRENT_FH and the oca_stateid. That is, there can be multiple OFFLOAD_CANCEL operations acting on the file, and the stateid will identify to the server exactly which one is to be stopped. Currently, there are only two operations that can decide to be asynchronous: COPY and WRITE_SAME. In the context of server-to-server copy, the client can send OFFLOAD_CANCEL to either the source or destination server, albeit with a different stateid. The client uses OFFLOAD_CANCEL to inform the destination to stop the active transfer and uses the stateid it got back from the COPY operation. The client uses OFFLOAD_CANCEL and the stateid it used in the COPY_NOTIFY to inform the source to not allow any more copying from the destination. OFFLOAD_CANCEL is also useful in situations in which the source server granted a very long or infinite lease on the destination server's ability to read the source file and all COPY operations on the source file have been completed.
15.9. Operation 67: OFFLOAD_STATUS - Poll for the status of an asynchronous operation
15.9.1. ARGUMENT
<CODE BEGINS> struct OFFLOAD_STATUS4args { /* CURRENT_FH: destination file */ stateid4 osa_stateid; }; <CODE ENDS>15.9.2. RESULT
<CODE BEGINS> struct OFFLOAD_STATUS4resok { length4 osr_count; nfsstat4 osr_complete<1>; }; union OFFLOAD_STATUS4res switch (nfsstat4 osr_status) { case NFS4_OK: OFFLOAD_STATUS4resok osr_resok4; default: void; }; <CODE ENDS>15.9.3. DESCRIPTION
OFFLOAD_STATUS can be used by the client to query the progress of an asynchronous operation, which is identified by both CURRENT_FH and the osa_stateid. If this operation is successful, the number of bytes processed is returned to the client in the osr_count field. If the optional osr_complete field is present, the asynchronous operation has completed. In this case, the status value indicates the result of the asynchronous operation. In all cases, the server will also deliver the final results of the asynchronous operation in a CB_OFFLOAD operation. The failure of this operation does not indicate the result of the asynchronous operation in any way.
15.10. Operation 68: READ_PLUS - READ data or holes from a file
15.10.1. ARGUMENT
<CODE BEGINS> struct READ_PLUS4args { /* CURRENT_FH: file */ stateid4 rpa_stateid; offset4 rpa_offset; count4 rpa_count; }; <CODE ENDS>15.10.2. RESULT
<CODE BEGINS> enum data_content4 { NFS4_CONTENT_DATA = 0, NFS4_CONTENT_HOLE = 1 }; struct data_info4 { offset4 di_offset; length4 di_length; }; struct data4 { offset4 d_offset; opaque d_data<>; }; union read_plus_content switch (data_content4 rpc_content) { case NFS4_CONTENT_DATA: data4 rpc_data; case NFS4_CONTENT_HOLE: data_info4 rpc_hole; default: void; };
/* * Allow a return of an array of contents. */ struct read_plus_res4 { bool rpr_eof; read_plus_content rpr_contents<>; }; union READ_PLUS4res switch (nfsstat4 rp_status) { case NFS4_OK: read_plus_res4 rp_resok4; default: void; }; <CODE ENDS>15.10.3. DESCRIPTION
The READ_PLUS operation is based upon the NFSv4.1 READ operation (see Section 18.22 of [RFC5661]) and similarly reads data from the regular file identified by the current filehandle. The client provides an rpa_offset of where the READ_PLUS is to start and an rpa_count of how many bytes are to be read. An rpa_offset of zero means that data will be read starting at the beginning of the file. If rpa_offset is greater than or equal to the size of the file, the status NFS4_OK is returned with di_length (the data length) set to zero and eof set to TRUE. The READ_PLUS result is comprised of an array of rpr_contents, each of which describes a data_content4 type of data. For NFSv4.2, the allowed values are data and hole. A server MUST support both the data type and the hole if it uses READ_PLUS. If it does not want to support a hole, it MUST use READ. The array contents MUST be contiguous in the file. Holes SHOULD be returned in their entirety -- clients must be prepared to get more information than they requested. Both the start and the end of the hole may exceed what was requested. If data to be returned is comprised entirely of zeros, then the server SHOULD return that data as a hole instead. The server may elect to return adjacent elements of the same type. For example, if the server has a range of data comprised entirely of zeros and then a hole, it might want to return two adjacent holes to the client.
If the client specifies an rpa_count value of zero, the READ_PLUS succeeds and returns zero bytes of data. In all situations, the server may choose to return fewer bytes than specified by the client. The client needs to check for this condition and handle the condition appropriately. If the client specifies data that is entirely contained within a hole of the file (i.e., both rpa_offset and rpa_offset + rpa_count are within the hole), then the di_offset and di_length returned MAY be for the entire hole. If the owner has a locked byte range covering rpa_offset and rpa_count entirely, the di_offset and di_length MUST NOT be extended outside the locked byte range. This result is considered valid until the file is changed (detected via the change attribute). The server MUST provide the same semantics for the hole as if the client read the region and received zeros; the implied hole's contents lifetime MUST be exactly the same as any other read data. If the client specifies data by an rpa_offset that begins in a non-hole of the file but extends into a hole (the rpa_offset + rpa_count is in the hole), the server should return an array comprised of both data and a hole. The client MUST be prepared for the server to return a short read describing just the data. The client will then issue another READ_PLUS for the remaining bytes, to which the server will respond with information about the hole in the file. Except when special stateids are used, the stateid value for a READ_PLUS request represents a value returned from a previous byte-range lock or share reservation request or the stateid associated with a delegation. The stateid identifies the associated owners, if any, and is used by the server to verify that the associated locks are still valid (e.g., have not been revoked). If the read ended at the end of the file (formally, in a correctly formed READ_PLUS operation, if rpa_offset + rpa_count is equal to the size of the file) or the READ_PLUS operation extends beyond the size of the file (if rpa_offset + rpa_count is greater than the size of the file), eof is returned as TRUE; otherwise, it is FALSE. A successful READ_PLUS of an empty file will always return eof as TRUE. If the current filehandle is not an ordinary file, an error will be returned to the client. In the case that the current filehandle represents an object of type NF4DIR, NFS4ERR_ISDIR is returned. If the current filehandle designates a symbolic link, NFS4ERR_SYMLINK is returned. In all other cases, NFS4ERR_WRONG_TYPE is returned.
For a READ_PLUS with a stateid value of all bits equal to zero, the server MAY allow the READ_PLUS to be serviced subject to mandatory byte-range locks or the current share deny modes for the file. For a READ_PLUS with a stateid value of all bits equal to one, the server MAY allow READ_PLUS operations to bypass locking checks at the server. On success, the current filehandle retains its value.15.10.3.1. Note on Client Support of Arms of the Union
It was decided not to add a means for the client to inform the server as to which arms of READ_PLUS it would support. In a later minor version, it may become necessary for the introduction of a new operation that would allow the client to inform the server as to whether it supported the new arms of the union of data types available in READ_PLUS.15.10.4. IMPLEMENTATION
In general, the IMPLEMENTATION notes for READ in Section 18.22.4 of [RFC5661] also apply to READ_PLUS.15.10.4.1. Additional pNFS Implementation Information
With pNFS, the semantics of using READ_PLUS remains the same. Any data server MAY return a hole result for a READ_PLUS request that it receives. When a data server chooses to return such a result, it has the option of returning information for the data stored on that data server (as defined by the data layout), but it MUST NOT return results for a byte range that includes data managed by another data server. If mandatory locking is enforced, then the data server must also ensure that only information that is within the owner's locked byte range is returned.
15.10.5. READ_PLUS with Sparse Files: Example
The following table describes a sparse file. For each byte range, the file contains either non-zero data or a hole. In addition, the server in this example will only create a hole if it is greater than 32K. +-------------+----------+ | Byte Range | Contents | +-------------+----------+ | 0-15999 | Hole | | 16K-31999 | Non-Zero | | 32K-255999 | Hole | | 256K-287999 | Non-Zero | | 288K-353999 | Hole | | 354K-417999 | Non-Zero | +-------------+----------+ Table 7: Sparse File Under the given circumstances, if a client was to read from the file with a maximum read size of 64K, the following will be the results for the given READ_PLUS calls. This assumes that the client has already opened the file, acquired a valid stateid ("s" in the example), and just needs to issue READ_PLUS requests. 1. READ_PLUS(s, 0, 64K) --> NFS_OK, eof = FALSE, <data[0,32K], hole[32K,224K]>. Since the first hole is less than the server's minimum hole size, the first 32K of the file is returned as data and the remaining 32K is returned as a hole that actually extends to 256K. 2. READ_PLUS(s, 32K, 64K) --> NFS_OK, eof = FALSE, <hole[32K,224K]>. The requested range was all zeros, and the current hole begins at offset 32K and is 224K in length. Note that the client should not have followed up the previous READ_PLUS request with this one, as the hole information from the previous call extended past what the client was requesting. 3. READ_PLUS(s, 256K, 64K) --> NFS_OK, eof = FALSE, <data[256K, 288K], hole[288K, 354K]>. Returns an array of the 32K data and the hole, which extends to 354K. 4. READ_PLUS(s, 354K, 64K) --> NFS_OK, eof = TRUE, <data[354K, 418K]>. Returns the final 64K of data and informs the client that there is no more data in the file.
15.11. Operation 69: SEEK - Find the next data or hole
15.11.1. ARGUMENT
<CODE BEGINS> enum data_content4 { NFS4_CONTENT_DATA = 0, NFS4_CONTENT_HOLE = 1 }; struct SEEK4args { /* CURRENT_FH: file */ stateid4 sa_stateid; offset4 sa_offset; data_content4 sa_what; }; <CODE ENDS>15.11.2. RESULT
<CODE BEGINS> struct seek_res4 { bool sr_eof; offset4 sr_offset; }; union SEEK4res switch (nfsstat4 sa_status) { case NFS4_OK: seek_res4 resok4; default: void; }; <CODE ENDS>15.11.3. DESCRIPTION
SEEK is an operation that allows a client to determine the location of the next data_content4 in a file. It allows an implementation of the emerging extension to the lseek(2) function to allow clients to determine the next hole whilst in data or the next data whilst in a hole.
From the given sa_offset, find the next data_content4 of type sa_what in the file. If the server cannot find a corresponding sa_what, then the status will still be NFS4_OK, but sr_eof would be TRUE. If the server can find the sa_what, then the sr_offset is the start of that content. If the sa_offset is beyond the end of the file, then SEEK MUST return NFS4ERR_NXIO. All files MUST have a virtual hole at the end of the file. That is, if a file system does not support sparse files, then a COMPOUND with {SEEK 0 NFS4_CONTENT_HOLE;} would return a result of {SEEK 1 X;}, where "X" was the size of the file. SEEK must follow the same rules for stateids as READ_PLUS (Section 15.10.3).15.12. Operation 70: WRITE_SAME - WRITE an ADB multiple times to a file
15.12.1. ARGUMENT
<CODE BEGINS> enum stable_how4 { UNSTABLE4 = 0, DATA_SYNC4 = 1, FILE_SYNC4 = 2 }; struct app_data_block4 { offset4 adb_offset; length4 adb_block_size; length4 adb_block_count; length4 adb_reloff_blocknum; count4 adb_block_num; length4 adb_reloff_pattern; opaque adb_pattern<>; }; struct WRITE_SAME4args { /* CURRENT_FH: file */ stateid4 wsa_stateid; stable_how4 wsa_stable; app_data_block4 wsa_adb; }; <CODE ENDS>
15.12.2. RESULT
<CODE BEGINS> struct write_response4 { stateid4 wr_callback_id<1>; length4 wr_count; stable_how4 wr_committed; verifier4 wr_writeverf; }; union WRITE_SAME4res switch (nfsstat4 wsr_status) { case NFS4_OK: write_response4 resok4; default: void; }; <CODE ENDS>15.12.3. DESCRIPTION
The WRITE_SAME operation writes an application data block to the regular file identified by the current filehandle (see WRITE SAME (10) in [T10-SBC2]). The target file is specified by the current filehandle. The data to be written is specified by an app_data_block4 structure (Section 8.1.1). The client specifies with the wsa_stable parameter the method of how the data is to be processed by the server. It is treated like the stable parameter in the NFSv4.1 WRITE operation (see Section 18.32.3 of [RFC5661]). A successful WRITE_SAME will construct a reply for wr_count, wr_committed, and wr_writeverf as per the NFSv4.1 WRITE operation results. If wr_callback_id is set, it indicates an asynchronous reply (see Section 15.12.3.1). As it is an OPTIONAL operation, WRITE_SAME has to support NFS4ERR_NOTSUPP. As it is an extension of WRITE, it has to support all of the errors returned by WRITE. If the client supports WRITE_SAME, it MUST support CB_OFFLOAD. If the server supports ADBs, then it MUST support the WRITE_SAME operation. The server has no concept of the structure imposed by the application. It is only when the application writes to a section of the file does order get imposed. In order to detect corruption even before the application utilizes the file, the application will want to initialize a range of ADBs using WRITE_SAME.
When the client invokes the WRITE_SAME operation, it wants to record the block structure described by the app_data_block4 into the file. When the server receives the WRITE_SAME operation, it MUST populate adb_block_count ADBs in the file, starting at adb_offset. The block size will be given by adb_block_size. The ADBN (if provided) will start at adb_reloff_blocknum, and each block will be monotonically numbered, starting from adb_block_num in the first block. The pattern (if provided) will be at adb_reloff_pattern of each block and will be provided in adb_pattern. The server SHOULD return an asynchronous result if it can determine that the operation will be long-running (see Section 15.12.3.1). Once either the WRITE_SAME finishes synchronously or the server uses CB_OFFLOAD to inform the client of the asynchronous completion of the WRITE_SAME, the server MUST return the ADBs to clients as data.15.12.3.1. Asynchronous Transactions
ADB initialization may cause a server to decide to service the operation asynchronously. If it decides to do so, it sets the stateid in wr_callback_id to be that of the wsa_stateid. If it does not set the wr_callback_id, then the result is synchronous. When the client determines that the reply will be given asynchronously, it should not assume anything about the contents of what it wrote until it is informed by the server that the operation is complete. It can use OFFLOAD_STATUS (Section 15.9) to monitor the operation and OFFLOAD_CANCEL (Section 15.8) to cancel the operation. An example of an asynchronous WRITE_SAME is shown in Figure 6. Note that, as with the COPY operation, WRITE_SAME must provide a stateid for tracking the asynchronous operation.
Client Server + + | | |--- OPEN ---------------------------->| Client opens |<------------------------------------/| the file | | |--- WRITE_SAME ---------------------->| Client initializes |<------------------------------------/| an ADB | | | | |--- OFFLOAD_STATUS ------------------>| Client may poll |<------------------------------------/| for status | | | . | Multiple OFFLOAD_STATUS | . | operations may be sent. | . | | | |<-- CB_OFFLOAD -----------------------| Server reports results |\------------------------------------>| | | |--- CLOSE --------------------------->| Client closes |<------------------------------------/| the file | | | | Figure 6: An Asynchronous WRITE_SAME When CB_OFFLOAD informs the client of the successful WRITE_SAME, the write_response4 embedded in the operation will provide the necessary information that a synchronous WRITE_SAME would have provided. Regardless of whether the operation is asynchronous or synchronous, it MUST still support the COMMIT operation semantics as outlined in Section 18.3 of [RFC5661]. That is, COMMIT works on one or more WRITE operations, and the WRITE_SAME operation can appear as several WRITE operations to the server. The client can use locking operations to control the behavior on the server with respect to long-running asynchronous WRITE_SAME operations.15.12.3.2. Error Handling of a Partially Complete WRITE_SAME
WRITE_SAME will clone adb_block_count copies of the given ADB in consecutive order in the file, starting at adb_offset. An error can occur after writing the Nth ADB to the file. WRITE_SAME MUST appear to populate the range of the file as if the client used WRITE to transfer the instantiated ADBs. That is, the contents of the range will be easy for the client to determine in the case of a partially complete WRITE_SAME.
15.13. Operation 71: CLONE - Clone a range of a file into another file
15.13.1. ARGUMENT
<CODE BEGINS> struct CLONE4args { /* SAVED_FH: source file */ /* CURRENT_FH: destination file */ stateid4 cl_src_stateid; stateid4 cl_dst_stateid; offset4 cl_src_offset; offset4 cl_dst_offset; length4 cl_count; }; <CODE ENDS>15.13.2. RESULT
<CODE BEGINS> struct CLONE4res { nfsstat4 cl_status; }; <CODE ENDS>15.13.3. DESCRIPTION
The CLONE operation is used to clone file content from a source file specified by the SAVED_FH value into a destination file specified by CURRENT_FH without actually copying the data, e.g., by using a copy-on-write mechanism. Both SAVED_FH and CURRENT_FH must be regular files. If either SAVED_FH or CURRENT_FH is not a regular file, the operation MUST fail and return NFS4ERR_WRONG_TYPE. The ca_dst_stateid MUST refer to a stateid that is valid for a WRITE operation and follows the rules for stateids in Sections 8.2.5 and 18.32.3 of [RFC5661]. The ca_src_stateid MUST refer to a stateid that is valid for a READ operation and follows the rules for stateids in Sections 8.2.5 and 18.22.3 of [RFC5661]. If either stateid is invalid, then the operation MUST fail.
The cl_src_offset is the starting offset within the source file from which the data to be cloned will be obtained, and the cl_dst_offset is the starting offset of the target region into which the cloned data will be placed. An offset of 0 (zero) indicates the start of the respective file. The number of bytes to be cloned is obtained from cl_count, except that a cl_count of 0 (zero) indicates that the number of bytes to be cloned is the count of bytes between cl_src_offset and the EOF of the source file. Both cl_src_offset and cl_dst_offset must be aligned to the clone block size (Section 12.2.1). The number of bytes to be cloned must be a multiple of the clone block size, except in the case in which cl_src_offset plus the number of bytes to be cloned is equal to the source file size. If the source offset or the source offset plus count is greater than the size of the source file, the operation MUST fail with NFS4ERR_INVAL. The destination offset or destination offset plus count may be greater than the size of the destination file. If SAVED_FH and CURRENT_FH refer to the same file and the source and target ranges overlap, the operation MUST fail with NFS4ERR_INVAL. If the target area of the CLONE operation ends beyond the end of the destination file, the offset at the end of the target area will determine the new size of the destination file. The contents of any block not part of the target area will be the same as if the file size were extended by a WRITE. If the area to be cloned is not a multiple of the clone block size and the size of the destination file is past the end of the target area, the area between the end of the target area and the next multiple of the clone block size will be zeroed. The CLONE operation is atomic in that other operations may not see any intermediate states between the state of the two files before the operation and after the operation. READs of the destination file will never see some blocks of the target area cloned without all of them being cloned. WRITEs of the source area will either have no effect on the data of the target file or be fully reflected in the target area of the destination file. The completion status of the operation is indicated by cr_status.