Symbian3/PDK/Source/GUID-C579E24C-2B8E-5646-B307-7967F50A0B84.dita
author Dominic Pinkman <Dominic.Pinkman@Nokia.com>
Tue, 30 Mar 2010 11:56:28 +0100
changeset 5 f345bda72bc4
parent 3 46218c8b8afa
child 14 578be2adaf3e
permissions -rw-r--r--
Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE concept
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-C579E24C-2B8E-5646-B307-7967F50A0B84"><title>File locks</title><shortdesc>The backup and restore depends on copying files when required. During a normal phone usage, a range of servers and applications have files open to read or write. If a file is locked, it cannot be copied. This section describes file locks for public and private data, and for different applications. </shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody><section id="GUID-C03F0E4F-E192-591C-9606-611D77D8A2BB"><title>Introduction</title> <p>For platform security, directories are divided into public and private areas. Public files can be viewed and altered by any application (although file locks may still get in the way). However, processes can define private data areas where they store files that only they can operate on. The system also defines some areas as private to store executables and read-only data. </p> <p>Files locks are handled in applications when the Backup Engine <xref href="GUID-88A5F321-17BA-566B-B025-22DB11664E54.dita">signals the start or completion of a backup or restore</xref>. Different types of applications handle file locks differently. </p> </section> <example id="GUID-6AC946D8-ACEE-568C-A79A-B25266DAC42F"><title>File locks for public files</title> <p>Files in the public area of the filing system can be backed up and restored directly by the <xref href="GUID-0FE60A65-6CB6-50AB-B85F-2B60FE96ECFE.dita">Backup Engine</xref> but this requires all other processes to free up file locks when required. </p> <p>Ownership of public data files is more complex than private data files. Platform Security requires a process (application or server - basically a private data owner) to specify the private files to be backed up. There is a close association of private files with specific applications. It is possible to associate public files with specific applications, but more than one data owner may own a public file or a public data file may not have a data owner. </p> <p> <b>Note</b>: The Backup Engine can list the public files of a data owner, but does not back up or restore them. Backing up public files is handled in the Backup Server by a device creator. </p> <ul><li id="GUID-3B6D1B56-C236-5319-BF69-A00BD2BEC973"><p>A <i>backup</i> operation needs to read files so processes must hand over exclusive-locks on files but can retain read-locks. In practice, many processes release all locks for the sake of safety and simplicity. In order to perform a backup operation, applications and servers must flush any pending updates to files and allow all the files to be read. Cached data can be retained and backup does not alter data files. After the backup, servers and applications can re-take file locks and carry on. </p> </li> <li id="GUID-1E49BBB1-5742-5DFA-A6CC-7ECCA1D58F72"><p>A <i>restore</i> operation requires exclusive access to files so processes must release all locks on files. In order for a restore operation to take place, applications and servers must discard all cached data and allow files to be written or overwritten. When the restore has taken place, servers and applications must reload their data from files that can be expected to have changed. </p> </li> </ul> </example> <section><title>File locks for private files</title> <p>As a principle, the backup process attempts to protect private data in the following ways: </p> <ul><li id="GUID-890AB761-D823-5838-8952-185A3DEBF5BF"><p>Application executables are only backed up with the consent of the developer. This means that if a developer forgets about application backup, the application is not backed up. </p> </li> <li id="GUID-C654DA9A-E2B4-53EC-A2BE-A3D70702F7D2"><p>Private data is only backed up with the consent of the data owner. This means that if a developer does not enable a data owner to back up its private data, the data is not exposed. </p> </li> <li id="GUID-66D8CEB3-9378-5AD1-AC10-A25C872413B1"><p>Private data can be encrypted before delivery to the backup client (normally a PC). The backup process supports encryption, but a device creator must include a specific mechanism to provide the encryption key. Phone users are usually able to access the key, and this may not be a good way to protect the data. </p> </li> </ul> </section> <section id="GUID-B1F8E6E6-1C59-5DCD-821B-95F9AF9421C0"><title>File locks for GUI applications</title> <p>By default, all GUI applications are terminated when a backup or restore operation takes place. When applications exit, system servers release file locks. The server exit code is implemented within the <xref href="GUID-FC2F5CDE-D140-5893-894D-D9B93AF6BDC2.dita">Uikon subsystem</xref>. This mechanism avoids GUI application developers having to implement backup-aware code in most cases. </p> <p>A GUI application usually does not need to perform backup or restore. If a GUI application is not set as a system process, it will be terminated when file locks are required and will be re-started after the backup or restore. The terminate-restart behavior ensures that direct and (most) indirect file locks are free. A potential optimization for a GUI application is to store the current view and state when terminated and to adopt the same view when it restarts. This makes for a seamless restart after a backup. The application appears the same to the user, as if it had not terminated and restarted. </p> </section> <section id="GUID-B8FC3A51-683E-5D8D-88D6-39149926A9EE"><title>Servers that hold locks for clients</title> <p>Some servers access files only when they receive calls from clients. If clients terminate (GUI applications) or drop connections, their server then releases locks on files. Application developers do not need to take further actions. </p> <p>However, application developers must be aware of the sequence of actions during a backup or restore. Some behaviors, which appear to be performance optimizations, may prevent a successful backup: </p> <ul><li id="GUID-016529D5-2E55-569E-A5B8-229AE6E5D97C"><p>The backup and restore functionality is blocked if the file is not closed. For example, the server can keep a file open, even when all the clients have closed the file. This is done so as to improve the performance, wherein a client requires the file to be opened again. </p> </li> <li id="GUID-4AE7F55A-AD35-58D2-8B02-913F8D132A32"><p>Restore operation may be corrupted, if a server keeps the cached data of the same file that is re-opened. </p> </li> </ul> <p>If such optimizations are required, the server must become backup-aware and release file locks promptly and flush data caches on backup and restore. </p> </section> <section id="GUID-1B78B68A-4F69-58D8-9FD7-DA2EA0223790"><title>Servers and applications that hold other locks</title> <p>The servers and applications need to be backup-aware: </p> <ul><li id="GUID-316965D8-5E33-5613-A49A-CA854FA067A8"><p>If they do not terminate during a backup or restore operation. </p> </li> <li id="GUID-D93E33E2-D2B7-51BA-A4C2-C95F43FC7B34"><p>If they do not release file lock owing to the behavior of the client. </p> </li> </ul> <p>If a process is not liable to external events during backup and restore, it simply needs to react to backup and restore events and release file locks. If a process can receive external events during a backup or restore such as a telephone call, an incoming message or an external request for some action, the process needs to ensure that the event does not interfere with any files during the backup or restore. Examples of possible interference include: </p> <ul><li id="GUID-67BD56D4-C003-5B13-B7F5-C018BA84477D"><p>Writing to call log files when a telephone call is received </p> </li> <li id="GUID-AC3924A7-CCE1-5C75-A6E5-549B1A8438EC"><p>Storing an incoming message in the messaging store </p> </li> <li id="GUID-C33DEDEB-C13F-53EC-809A-C547F2DD146C"><p>Applying an incoming configuration message. </p> </li> </ul> <p>The process application developers handle the particular event and few of them are listed below: </p> <ul><li id="GUID-BACF5DC2-7328-5C2D-9963-7AE2F55F8AA9"><p>Ignoring incoming events (only acceptable if they will be automatically re-sent later) </p> </li> <li id="GUID-36332F9A-C238-5204-A3ED-433261B40F52"><p>Caching incoming events in memory or in a safe private file and then applying them after the backup or restore operation. </p> </li> </ul> </section> </conbody><related-links><link href="GUID-796916B2-8B23-5AD8-9DB8-8B0DA7868A62.dita"><linktext>Backup-aware Software (Data Owner)</linktext> </link> </related-links></concept>