
  Athena TM 4                 D R A F T                          31

  777 TTThhheee nnnaaammmeeessspppaaaccceee ppprrroootttooocccooolll

    Two  different  kinds  of interchanges take place in locating a
  file and establishing a connection to the file.  The requests  to
  the namespace-name server and to the namespace manager are small,
  and require only a single message of request and a single message
  of  reply.    If  a  reply is not forthcoming, the request can be
  repeated.  The exchanges between a user program and an open  file
  however,  may  require  multiple  packets  which must be reliably
  delivered, and must be delivered in order.


    I think this division indicates the underlying protocols to  be
  used for the exchanges: requests to the namespace-name server and
  replies  from  the  namespace-name server are UDP datagrams.  The
  initial pathname  request  to  the  namespace  manager,  and  the
  manager's  reply  are  also  carried by UDP datagrams.  A file is
  opened by opening a full-duplex TCP connection to the agent  (the
  channel structure is a specification for the TCP connection), and
  descriptor-oriented requests and their replies travel through the
  TCP connection.


    Thus,  pathname-oriented  system  calls  happen by means of UDP
  datagrams, descriptor-oriented system calls happen by means of  a
  TCP  connection.    In the context of remote access, a descriptor
  and a TCP connection may be considered synonymous.


    Recall that when looking for an object, the  namespace  manager
  may  return a descriptor for accessing the file, or it may return
  another file name to use in continuing the search for the object.
  As an optimization for those cases where  the  namespace  manager
  would return a remote access descriptor, which would then be used
  to  perform  an  operation (e.g., aaacccccceeessssss,,, ccchhhmmmoooddd) we piggyback the
  operation request on top of the initial  request  to  locate  the
  object,  so only one message to a namespace manager is necessary.
  In that case the namespace manager returns a positive result or a
  negative result.  In fact, ooopppeeennn is the  only  system  call  which
  does  not  follow  this pattern, and is thus the only system call
  which may actually return a remote access  descriptor.    Another
  way  of  saying  this  is that ooopppeeennn is the only system call which
  turns a pathname into a descriptor.


  777...000...111 DDDaaatttaaagggrrraaammm uuunnniiiqqquuueeennneeessssss aaannnddd ooorrrdddeeerrriiinnnggg

    It is important that datagram-based requests  arrive  in  order
  (imagine  the consequences of an uuunnnllliiinnnkkk requested before a cccrrreeeaaattteee
  arriving after the cccrrreeeaaattteee is performed) and that repeated packets
  be ignored.  To allow the proper sequencing of requests, the user
  sends a request, then waits for a reply  to  the  request  before
  sending  another  request.   To allow requests repeated because a
  reply was not forthcoming to be discarded,  each  request  packet
  contains a process-ID and a sequence number.  The only thing that
  is  guaranteed  about  the  sequence  number  is  that during any
  particular five minute period the sequence  number  for  a  given


                            27 April 1984
  Athena TM 4                 D R A F T                          32

                                                  32
  process-ID  increases  monotonically  (modulo  2  ),  not that it
  increases by increments of one.  This allows the user program  to
  use  a  single  sequence  number for all the datagram requests it
  sends to all the hosts with which it corresponds.


    After five minutes the server  may  forget  the  last  sequence
  number  it  received  from  a  particular  process-ID.    This is
  probably sufficient to allow a host  to  crash  and  restart  and
  allow  new processes (coincidentally using process-IDs which were
  in use before the crash) to  communicate  with  old  servers  who
  might  otherwise  remember the old process-ID's sequence numbers.
  Therefore, no provision need be made to remember  process-IDs  or
  sequence  numbers  across  crashes--the sequence number knowledge
                                 18
  will time-out and be forgotten.  


  777...111 DDDaaatttaaa ssstttrrruuuccctttuuurrreeesss aaannnddd pppaaaccckkkeeettt fffooorrrmmmaaatttsss


  777...111...111 GGGeeennneeerrraaalll rrreeeqqquuueeesssttt pppaaaccckkkeeettt fffooorrrmmmaaattt

    A request from a user to an object manager (or to the namespace
  name server) is a packet encapsulated in a UDP datagram  (or  may
  be  transmitted  across  a  TCP  connection  to  the server).  It
  consists of a header and data.  The packet format is:


  _______________

    18
      There is a  slight  problem  with  this  scheme:  it  assumes
  processes  whose active lives are short relative to the amount of
  time a host is up.  Many daemons are started as soon as the  host
  comes  up  and are active throughout a host's lifetime.  In UNIX,
  since daemon processes are all started up in the  same  order  by
  /etc/rc  every  time, they also always come up with the same UNIX
  process-ID.  Therefore using UNIX process IDs as process-IDs will
  have some problems (which I think are solvable, but the means  of
  solving  this  problem  which come to mind are too ugly for me to
  want to describe them here).


                            27 April 1984
  Athena TM 4                 D R A F T                          33

      struct request_packet {
          char protocol_version;
          char reserved;
          short request_type;
          long uid;
          long nonce;
          long hint;
          long process_id;
          long sequence_number;
          union {
              struct {
                  short name_length;
                  char  name[ARBITRARY_LENGTH];
              } namespace_name;
              struct argstruct request_arguments;
          } requ;
      };


  The structure elements are:


     - ppprrroootttooocccooolll___vvveeerrrsssiiiooonnn  --  The  protocol  version  number is
       included to allow us to  change  the  protocol  in  the
       future,  and  to  detect attempts to use older versions
       (if  not  to  actually  remain  compatible  with  older
       versions).

     - rrreeeqqquuueeesssttt___tttyyypppeee -- The request type is a constant defining
       which  system  call  this  packet represents, or if the
       packet is a request to a namespace manager.

     - uuuiiiddd -- A 32-bit quantity which identifies the  user  on
       whose  behalf  the  request  is  being  made  (see  the
       sections on authentication).

     - nnnooonnnccceee -- A nnnooonnnccceee is a number which is interpreted  only
       by the user machine, and is ignored by the server.  The
       server  simply returns the nonce unchanged in its reply
       packet.

     - hhhiiinnnttt -- The hhhiiinnnttt is a number interpreted  only  by  the
       server  end.    It  may  be  0  (and  will  be  in  all
       pathname-oriented requests), or it is the number  which
       the namespace manager returned in the rpc_channel reply
       when returning a descriptor for the file.  The user end
       of the exchange puts no interpretation on the hhhiiinnnttt, and
                                           19
       simply passes it back to the server.  

     - ppprrroooccceeessssss___iiiddd   and   ssseeeqqquuueeennnccceee___nnnuuummmbbbeeerrr  --  These  elements

  _______________

    19
      I owe the idea  of  the  nnnooonnnccceee  and  the  hhhiiinnnttt  to  Mike
  Greenwald's  description  of the MIT-LCS Remote Virtual Disk
  protocol (Greenwald, personal communication).


                            27 April 1984
  Athena TM 4                 D R A F T                          34

       provide  a  means of detecting and discarding duplicate
       packets.  For a description of the mechanism used,  see
       the section "Datagram uniqueness and ordering".

     - rrreeeqqquuueeesssttt___aaarrrggguuummmeeennntttsss are the arguments to the system call.
       Their  format varies from request type to request type,
       and is described below.

     - nnnaaammmeeessspppaaaccceee___nnnaaammmeee The namespace name is passed as a string
       length followed by a string of bytes  (in  VAX,  PDP11,
       and NS16032 ordering of bytes in words).


  777...111...222 GGGeeennneeerrraaalll rrreeeppplllyyy pppaaaccckkkeeettt fffooorrrmmmaaattt

    The server's reply to a user's request may also be encapsulated
  in a datagram or shipped across a TCP connection.  The packet has
  the following structure:


      struct reply_packet {
          char protocol_version;
          char reserved;
          short request_type;
          long nonce;
          long hint;
          long process_id;
          long sequence_number;
          struct rpc_reply rpc_reply;
      };


  The elements of this structure are:


     - ppprrroootttooocccooolll  vvveeerrrsssiiiooonnn  --  Means  the  same thing as in the
       request header.

     - rrreeeqqquuueeesssttt___tttyyypppeee,,, nnnooonnnccceee,,, ppprrroooccceeessssss___iiiddd,,, ssseeeqqquuueeennnccceee___nnnuuummmbbbeeerrr -- are
       all copied from the header of the request to which this
       is a reply.

     - hhhiiinnnttt -- The user end will save this  hint  for  use  in
       future requests.


  777...111...333 TTThhheee ssstttrrruuuccctttuuurrreee aaa pppaaattthhhnnnaaammmeee rrreeemmmooottteee ppprrroooccceeeddduuurrreee cccaaallllll rrreeetttuuurrrnnnsss

    The ppprrrpppccc routine, which implements the PATHNAME object, and the
  dddrrrpppccc  routine,  which implements the DESCRIPTOR object, return an
  rrrpppccc___rrreeeppplllyyy structure embedded in a rrreeeppplllyyy___pppaaaccckkkeeettt  structure.    The
  rrrpppccc___rrreeeppplllyyy structure looks like this:


                            27 April 1984
  Athena TM 4                 D R A F T                          35

      struct rpc_reply {
          char reply_type;
          char reserved;
          short length_of_data;
          union {
              short result;
              long long_result;
              short errno;
              char string[ARBITRARY_LENGTH];
              struct rpc_channel channel;
          } data;
      }


    This is composed of the following parts:


     - tttyyypppeee   is   one   of   RPC_CHANNEL,   PATHNAME,   DATA,
       POSITIVE_RESULT, or NEGATIVE_RESULT,  and  is  used  to
       tell  the  calling  routine how to interpret the union.
       [dddrrrpppccc will never return RPC_CHANNEL or PATHNAME,  since
       they  are  only  involved  in locating the file given a
       pathname.]

     - llleeennngggttthhh___ooofff___dddaaatttaaa is the length of the structure contained
       in the following union.  For example, if  the  type  of
       reply is PATHNAME, then llleeennngggttthhh___ooofff___dddaaatttaaa is the length of
       the  pathname  in  bytes,  if  the type of the reply is
       IPADDR, then llleeennngggttthhh___ooofff___dddaaatttaaa is sssiiizzzeeeooofff(((rrrpppccc___ccchhhaaannnnnneeelll))).

     - rrreeesssuuulllttt is the  integer  result  that  the  system  call
       returns  (most system calls return integers of one sort
       or another).

     - lllooonnnggg___rrreeesssuuulllttt is provided for those system calls  (lllssseeeeeekkk)
       which  return  a  lllooonnnggg  rather  than an iiinnnttt, and is not

            tl       stric20y  necessary  in  a  32-bit  implementation   of
       UNIX.  

     - eeerrrrrrnnnooo  is  the  error  number  to stick into the global
       variable eeerrrrrrnnnooo.  This interpretation is used only  when
       the type of the reply is NEGATIVE_REPLY.

     - ssstttrrriiinnnggg  is  used  for  PATHNAME returns, and can be any
       length, up to the maximum length of a  pathname,  which
       is  currently  1024 characters.  ssstttrrriiinnnggg is also used to

  _______________

    20
      As a former PDP-11 UNIX programmer I view all the hidden
  "an iiinnnttt is 32 bits long"  assumptions  that  appear  in  the
  4.2BSD  sources  with  extreme  distaste.    These  are  _b_a_d
  programming practices, and the  people  at  Berkeley  should
  know  better,  especially  since  they  had to _r_e_m_o_v_e things
  which made the assumptions explicit that were present in the
  original Version 7 sources.  Shame, shame, shame.


                            27 April 1984
  Athena TM 4                 D R A F T                          36

       provide  a buffer in which to return the results of any
       system call (e.g., rrreeeaaaddd,,, ssstttaaattt) which returns  a  buffer
       full of data.

     - ccchhhaaannnnnneeelll  is  a  channel  description used to access the
       file (currently, ooopppeeennn is  the  only  system  call  that
       returns  one  of  these).  The rrrcccppp___ccchhhaaannnnnneeelll structure is
       described elsewhere.


  777...111...444 SSSuuubbbrrrooouuutttiiinnneee aaarrrggguuummmeeennntttsss

    Each argument is passed in the argument buffer as a byte-stream
  containing the data that forms the argument preceded by a  16-bit
  length-of-data  field.    Argument  lengths  always  begin  on an
  even-byte boundary.  For example, the arguments "Chris" and "Joe"
  are passed as:


       05   "Ch"   "ri"   "s"-  03   "Jo"   "e"-
      0x5 0x4368 0x7269 0x7300 0x3 0x4a6f 0x6500


  (this is VAX, PDP11, and NS16032 order).  A number of unions make
  it easier to access most system calls from C  routines  (although
  note  that  the order of the arguments here is _n_o_t the same as if
  these were real remote procedure calls).


      struct argstruct {
          union {
              struct mode_struct{
                  short mode_len;
                  short mode;
                  short name_len;
                  char  name[filename_len];
              } modes;
              struct open_struct{
                  short flag_len;
                  short flags;
                  short mode_len;
                  short modes;
                  short name_len;
                  char  name[filename_len];
              } open;
              struct name_struct {
                  short name_len;
                  char  name[filename_len];
              } name;
          } argu;
      }


  Each of the structures defined in the aaarrrggguuu union are  appropriate
  forms  for  the arguments of different system calls to take.  For
  an example of the details of one of  these  structures,  see  the
  definition of the ppprrrpppccc routine.


                            27 April 1984
  Athena TM 4                 D R A F T                          37

  777...111...555 RRReeemmmooottteee aaacccccceeessssss dddeeessscccrrriiippptttooorrrsss

    Analogous  to  file  descriptors,  each  process has a table of
  remote access descriptors.  A remote access descriptor is a small
  integer (it fits the same description as a file descriptor) which
  serves as an index into a table of remote access file structures:


      struct ral_file {
          char  type;
          char  reserved;
          short refct;
          short real_fd;
          struct rpc_channel channel;
      } *ralfd_tab[NOFILES];


  tttyyypppeee is one of LOCAL or REMOTE.    rrreeefffcccttt  is  a  reference  count
  (since  multiple  virtual  file descriptors can point to a single
  remote access descriptor, by grace of ddduuuppp and ddduuuppp222).


    There are a couple of routines  provided  for  allocating,  and
  freeing remote access descriptors.


      /* find an unallocated ralfd_tab entry */
      ral_file_alloc()
      {
          register int i;
          for(i = 0; i < NOFILES; i++)
              if(ralfd_tab[i] == NULL) {
                  if((ralfd_tab[i] =
                          malloc(sizeof(struct ral_file)))
                                  == NULL)
                      return(-1);
                  ralfd_tab[i]->refct = 0;
                  return(i);
              }
          /* too many files are already open */
          return(-1);
      }

      /* free an ralfd_tab entry */
      ral_file_free(fd)
      {
          if(ralfd_tab[fd]->refct-- <= 0)
              free(ralfd_tab[i]);
      }


  777...111...666 TTThhheee rrreeemmmooottteee aaacccccceeessssss ccchhhaaannnnnneeelll ssstttrrruuuccctttuuurrreee

    The namespace manager returns one of an error, another pathname
  to  use,  or  a  channel  for  communicating  with the file.  The
  channel is a structure which looks like:


                            27 April 1984
  Athena TM 4                 D R A F T                          38

      struct rpc_channel {
          long  ip_addr;
          short port;
          short hint;
      };


  The  iiipppaaaddddddrrr  field  is  the  IP  address of the host on which the
  manager for this particular object resides.  The pppooorrrttt is the  UDP
  port  to which to send requests for operations, and the hhhiiinnnttt is a
  16-bit field which must be included with all operation  requests,
  and is interpreted solely by the object manager.


  777...222 RRReeemmmooottteee ppprrroooccceeeddduuurrreee cccaaallllllsss


  777...222...111 TTThhheee pppaaattthhhnnnaaammmeee rrreeemmmooottteee ppprrroooccceeeddduuurrreee cccaaallllll rrrooouuutttiiinnneee

    The ppprrrpppccc routine takes a varying number of arguments, depending
  on  which  system  call is being invoked remotely, and packages a
  remote procedure call request for the remote system.


    If the namespace manager returns a new  pathname  to  use  ppprrrpppccc
  checks  the  name  to  see if it is local, if the new pathname _i_s
  local, then ppprrrpppccc returns the new pathname to the calling routine,
  otherwise it locates the new namespace manager, and  invokes  the
  operation on the new pathname.


    The ppprrrpppccc routine looks something like this:


                            27 April 1984
  Athena TM 4                 D R A F T                          39

      struct rpc_reply
      prpc(system_call, arg1, arg2, arg3, arg4, arg5,
          arg6, arg7)
      {
          struct rpc_request request;

          /*
           * Construct a request packet for this call.
           * First, the invariant part.
           */
          request.protocol_version = PROTOCOL_VERSION;
          request.request_type = system_call;
          request.nonce = make_nonce();
          request.uid = getuid();
          request.hint = 0;
          request.process_id = ral_pid;
          request.sequence_number = make_sequence_number();
          /*
           * Now the variable part.
           */
          switch(system_call) {
          case ACCESS:
          case CHMOD:
          case CHOWN:
          case MKDIR:
              return
                  prpc_path_mode(&request, arg1, arg2);
          case LINK:
          case SYMLINK:
              return
                  prpc_opath_npath(&request, arg1, arg2);
          case OPEN:
              return
                  prpc_open(&request, arg1, arg2, arg3);
          case RMDIR:
          case UNLINK:
              return
                  prpc_path(&request, arg1);
          case READLINK:
              return
                  prpc_path_buf_buflen
                      (&request, arg1, arg2, arg3);
          case STAT:
              return
                  prpc_path_buf_buflen
                      (&request, arg1, arg2,
                          sizeof(struct statbuf));
          }
      }


  Here  is  a  sketch  of  a possible implementation of the routine
  which implements aaacccccceeessssss,,, ccchhhmmmoooddd,,, ccchhhooowwwnnn, and mmmkkkdddiiirrr.


                            27 April 1984
  Athena TM 4                 D R A F T                          40

      struct rpc_reply
      prpc_path_mode(request, pathname, mode)
      {
          char *filename;
          char *namespace_name;
          struct rpc_reply namespace_reply;
          request->args.mode.mode_len = sizeof(int);
          request->args.mode.modes = mode;

      path_and_mode_name_loop:
          namespace_name = get_namespace_name(pathname);
          filename = get_filename((char *) pathname);
          namespace_reply =
                      namespace_nameserver(namespace_name);

          switch(namespace_reply->type) {
          case NEGATIVE_REPLY:
              garbage collect all allocated structures;
              return an error indicating a
                      non-existent file;
          case IPADDR:
              break;
          default:
              garbage collect allocated structures;
              return an indication of an illegal reply
                  from the namespace server.
          }
          /*
           * Now we know how to get in touch with the namespace
           * manager.
           */
          channel = reply->data.channel;
          request->args.pathname_length = strlen(filename);
          copy the string at filename into
              request->args.pathname.  (this probably involves
              allocating a buffer for it).
          reply = send_to_channel(&channel, request);
          if(reply->type == PATHNAME) {
              if(is_local_filename(reply->data.string)) {
                  garbage collect allocated structures;
                  return(reply);
              } else {
                  namespace_name =
                      get_namespace_name(reply->data.string);
                  filename =
                      get_filename(reply->data.string);
                  goto path_and_mode_name_loop;
              }
          } else {
              garbage collect allocated structures;
              return(reply);
          }
      }


  The  ppprrrpppccc  routine  returns  a  pointer to an allocated rpc_reply
  structure.  The calling routine must explicitly  garbage  collect
  the structure when it is done with it.


                            27 April 1984
  Athena TM 4                 D R A F T                          41

  777...222...222 DDDeeessscccrrriiippptttooorrr rrreeemmmooottteee ppprrroooccceeeddduuurrreee cccaaallllllsss

    The  DESCRIPTOR  object  is implemented by the dddrrrpppccc (descriptor
  remote procedure call) routine, which is largely analogous to the
  ppprrrpppccc routine.


    The dddrrrpppccc  routine  also  returns  a  pointer  to  an  rrrpppccc___rrreeeppplllyyy
  structure, and it looks like this:


                            27 April 1984
  Athena TM 4                 D R A F T                          42

      struct rpc_reply *
      drpc(system_call, descriptor, arg1, arg2,
                       arg3, arg4, arg5)
      {
          struct rpc_request request;
          /*
           * Set up the request packet for this call.
           */
          request.protocol_version = PROTOCOL_VERSION;
          request.request_type = system_call;
          request.nonce = make_nonce();
          request.uid = getuid();
          request.hint =
              ralfd_tab[descriptor]->channel.hint;
          request.process_id = ral_pid;
          request.sequence_number =
              make_sequence_number();

          switch(operation){
          case FCHMOD:
          case FCHOWN:
          case FTRUNCATE:
              return
                  drpc_long(&request,
                      ralfd_tab[descriptor], arg1);
          case CLOSE:
          case FSYNC:
              return
                  drpc_none(&request,
                      ralfd_tab[descriptor]);
          case LSEEK:
              return
                  drpc_long_long(&request,
                      ralfd_tab[descriptor], arg1, arg2);
          case READ:
              return
                  drpc_read(&request,
                      ralfd_tab[descriptor], arg1, arg2);
          case WRITE:
              return
                  drpc_write(&request,
                      ralfd_tab[descriptor], arg1, arg2);
          case FSTAT:
              return
                  drpc_fstat(&request,
                      ralfd_tab[descriptor], arg1);
          }
      }


  Note  that  the  dddrrrpppccc routine will never return a PATHNAME, since
  the location of the object has already been determined.


                            27 April 1984
  Athena TM 4                 D R A F T                           I

                          TTTaaabbbllleee ooofff CCCooonnnttteeennntttsss

  7 The namespace protocol                                       31
            7.0.1 Datagram uniqueness and ordering               31
       7.1 Data structures and packet formats                    32
            7.1.1 General request packet format                  32
            7.1.2 General reply packet format                    34
            7.1.3 The  structure  a  pathname remote procedure   34
                  call returns
            7.1.4 Subroutine arguments                           36
            7.1.5 Remote access descriptors                      37
            7.1.6 The remote access channel structure            37
       7.2 Remote procedure calls                                38
            7.2.1 The pathname remote procedure call routine     38
            7.2.2 Descriptor remote procedure calls              41


                            27 April 1984