Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ext* Content Areas Inodes, Directories & Files. Review Recall …the file system metadata The superblock describes the file system The group descriptor.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Ext* Content Areas Inodes, Directories & Files. Review Recall …the file system metadata The superblock describes the file system The group descriptor."— Presentation transcript:

1 Ext* Content Areas Inodes, Directories & Files

2 Review Recall …the file system metadata The superblock describes the file system The group descriptor table describes the equally sized block groups The block bitmap tracks group block allocation

3 Overview Today: The data metadata and contents The inode bitmap tracks inode allocation The inode table is a block that contains the inodes –Inode 2 is the root directory Each inode contains metadata for, and points to, a file Directories are just special files that point to inode table entries File data is found in the content area blocks of the block group

4 Inode Contents (I) File size (32 or 64 bit) 1 st 12 content block addresses –1 single-indirect block address –1 double-indirect block pointer Group ID, user ID (not necessarily real) –chown, chgrp –User may not exist in /etc/password Last Access, modify, change, delete times

5 Inode Contents (II) Mode –File type File, directory, named pipe, Unix socket, block & raw devices –Permissions –Special properties (sticky, SUID, SGID) Link counter –0  unallocated inode (or orphaned file, will be unallocated when process ends) Many supported attributes –“don’t update the Access time for files” –Write-immediate –Append-only –Immutable –Don’t dump (backup) Extended attributes created by the user (custom attributes)

6 Inode Structure (I) BytesDescription 0-1File mode (type & permissions) 2-3UID lower 2 bytes 4-7Size lower 4 bytes 8-11Access Time 12-15Change Time 16-19Modification Time 20-23Delete Time 24-25GID lower 2 bytes 26-27Link count 28-31Sector count 32-35Flags 36-39unused

7 Inode Structure (II) BytesDescription 40-8712 direct block pointers 88-911 single-indirect pointer 92-951 double-indirect pointer 96-991 triple-indirect pointer 100-103Generation number 104-107Extended attribute block address 108-111Size upper 4 bytes OR Directory ACL 112-115Fragment block address 116-117Fragment size 118-119unused 120-121UID upper 2 bytes 122-123GID upper 2 bytes 124-124unused

8 Large Files – Indirect Pointers With only 12 block addresses, file size is limited (in the basic case) Single-indirection supports larger files by pointing to a block of addresses Addresses are 4 bytes, thus each block stores blocksize / 4 address pointers Double-indirection supports huge files by pointing to a block of single-indirection addresses Triple-indirection points to a block of double-indirection pointers This scheme provides efficiency for smaller files, but the ability to grow as large as space allows

9 Inode Usage Inodes 1 – 10 are reserved –Inode 2 – root directory –Inode 8 – lost+found –Allocated blocks without an inode are “lost files” –These are pointed to by the lost+found inode Inode 11 and after – content (files, directories, devices, links, mount points, etc.)

10 Typical Inode/File Relationship If the inode represents a Directory –The inode points to a directory block Each directory entry points back to an inode If the inode represents a File –The 12 inode block addresses point to the 1 st 12 blocks of the file –The single-indirect address points to a block of addresses that are the next m blocks of the file –Double-indirect address points to a block of single- indirect addresses that ultimately point to the next n blocks of the file –Triple-indirect address points to a block of double- indirect addresses

11 Indirection 1 2 3 Triple-indirect … 10 11 12 Single-Indirect Double-Indirect Blocks 4-9 Pointers to content blocks One Inode (shows pointers only) Blocks in the Group Single-Indirect Block

12 Directory Entries A directory is just a special type file –inode.file mode (type) = directory –Creating a directory allocates blocks of directory entries Each block stores dynamically sized directory entries (the directory “table”), each describing a file or directory Size of each entry is variable –Variable filename length –8 bytes of static information –Entry size is rounded-up to a multiple of 4 Four entry attributes –Name length (1 byte) –Filename (1-255 chars) –Inode address of the file content –Pointer to next directory entry Unused entries are “jumped over”

13 Directory Example The first two entries are always. and.. Directory table for new directory NameName lengthRecord length. 112..24084 Add a file NameName lengthRecord length. 112..212 File1.dat84072 Last entry always has the remaining length in the directory block

14 Directory Entries Each entry points to the next active entry Old.txt has been deleted  the entry for F1.txt now points to F2.txt F2.txt points to the end of the directory block  F2.txt is the last file in the directory. inode 75.. inode 26 F1.txt inode 95 Old.txt inode 35 F2.txt Inode 29

15 Links Links are special types of directory entries –They point to files that already have directory entries Hard Link –another name for the file, in same file system The directory entries for. and.. are hard links –OS creates a new directory entry pointing to the original inode Increments the inode link count Soft link –another name, points to another file system –OS creates a file of the type “symbolic link” Each “file’s” inode link count = 1 (or unchanged)

16 Mount Points Mount points are special types of directory entries that virtually replace the contents of a directory by redirecting the directory to another file system –FS1 has /dir1/ –FS2 mounts /dir1/ –User cd’s to /dir1 and sees the contents of FS2 Implication for CF investigations: know where file systems are mounted, or you’ll miss the real contents of /dir1/

17 Inode Time Changes Access (A-time) –File: read contents, copy, move to new volume (no change on same volume) –Dir: list contents, open file or subdirectory Modify (M-time) –File: copy (destination only), change contents When moving to network file system, might change (  new file) –Dir: file create/delete Change (C-time) inode metadata –Dir: content change, permissions/ownership change –File: same as Dir, plus when moved Delete (D-time) –Initially 0 –If D-time == C-time == M-time  likely a deleted file

18 Analysis Considerations Sparse blocks exist when the file allocated space, but never used it A-Time & M-time are easily set to any value using touch RAM slack space is typically 0’d –  the only valuable slack is in unallocated blocks De-allocated inodes are purged of size & allocation information –  must analyze the unallocated blocks directly using what is known of allocation algorithms and the file system structures

Download ppt "Ext* Content Areas Inodes, Directories & Files. Review Recall …the file system metadata The superblock describes the file system The group descriptor."

Similar presentations

Chapter 12: File System Implementation

Chapter 12: File System Implementation
2013-2014. 1. Concepts about the file system 2. The disk structure 3. Files in disk – The ext2 FS 4. The Virtual File System (c) 2013, Prof. Jordi Garcia.

Concepts about the file system 2. The disk structure 3. Files in disk – The ext2 FS 4. The Virtual File System (c) 2013, Prof. Jordi Garcia.
Chapter 4 : File Systems What is a file system?

Chapter 4 : File Systems What is a file system?
File Systems.

File Systems.
File Systems Examples.

File Systems Examples.
COS 318: Operating Systems File Layout and Directories

COS 318: Operating Systems File Layout and Directories
Ext2/Ext3 Linux File System Reporter: Po-Liang, Wu.

Ext2/Ext3 Linux File System Reporter: Po-Liang, Wu.
File System Analysis.

File System Analysis.
File System Basics Brandon Checketts. Some terminology Superblocks Inodes Journaling Hard links Symbolic links Directory entries.

File System Basics Brandon Checketts. Some terminology Superblocks Inodes Journaling Hard links Symbolic links Directory entries.
File System Interface CSCI 444/544 Operating Systems Fall 2008.

File System Interface CSCI 444/544 Operating Systems Fall 2008.
1 EXT4NTFS 6FAT32 Allocation method IndexedIndexed, by “runs”Linked File representation i-node (default size 256KB) MFT record (default size 1Kb) Chain.

1 EXT4NTFS 6FAT32 Allocation method IndexedIndexed, by “runs”Linked File representation i-node (default size 256KB) MFT record (default size 1Kb) Chain.
Day 27 File System. UNIX File Management Types of files Ordinary – stream of bytes Directory – list of names plus pointers to attributes of the entry.

Day 27 File System. UNIX File Management Types of files Ordinary – stream of bytes Directory – list of names plus pointers to attributes of the entry.
Operating Systems File Systems (in a Day) Ch 10 - 11.

Operating Systems File Systems (in a Day) Ch
File Systems Implementation

File Systems Implementation
Files. System Calls for File System Accessing files –Open, read, write, lseek, close Creating files –Create, mknod.

Files. System Calls for File System Accessing files –Open, read, write, lseek, close Creating files –Create, mknod.
File Systems Implementation. 2 Announcements Homework 4 available later today –Due Wednesday after spring break, March 28th. Project 4, file systems,

File Systems Implementation. 2 Announcements Homework 4 available later today –Due Wednesday after spring break, March 28th. Project 4, file systems,
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Ceng Operating Systems

Ceng Operating Systems
6/24/2015B.RamamurthyPage 1 File System B. Ramamurthy.

6/24/2015B.RamamurthyPage 1 File System B. Ramamurthy.
1 File Management in Representative Operating Systems.

1 File Management in Representative Operating Systems.

Similar presentations

Ads by Google