Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6640066iob; Wed, 11 May 2022 02:00:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyCiqtZR8NTlv9AfszafEtS3jNH3NKfxq25OdtM2LXbNUz482rlayKg5XflM08nwEZqxVir X-Received: by 2002:a17:906:7313:b0:6f4:d9c1:5a3b with SMTP id di19-20020a170906731300b006f4d9c15a3bmr23918011ejc.382.1652259642898; Wed, 11 May 2022 02:00:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652259642; cv=none; d=google.com; s=arc-20160816; b=eoxpFfKx18o4BjqFV+L+5HAFKSmhsZT8nwWATz5mVTQtFkm/oxYzEGVr6jJr6UZOKV YDDu7qWiAgp9vweLlnHkiG0eWw5M9tgMbO2L2aMioLnd3jhJtTFSEQVt6DkSsLgoJFI/ dAxYD1wFEuyFNLCIUsOxN2McjpJY2EKa4DBDoXCAlwgqs50K/m9MoN99MTz90NcuRH/t hrAOrS3N+OWDk9tXtpn1s7uSTYD144kuU8vTaiQOrDKh6dXU1fNbJssgeBnxAfMXlDid ezq2h8d6aZtf89g9gSnTY2NNBGsE1aGDSpFGCRdR8LP/hdu1tUJ7eiis89l4rtB7ASoF Gmfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=63FjBHjtxOD7+zq2WxSMqzaWXq3394VbtVecYqpMTXI=; b=N3hDK6N9wZ26J41G+4kI0beI58vHdKFfSGlOqgyG0uzqmU+60qNKFlttZZFnns/Lu8 wWhz7hMNu8z2fkdBQY8xrkR0tmy0qqRyQ+1bQl5lQL6joAdtJIWHzGEoSOpz8RBrlbm+ 8fktgv+rUSGZJrRo2OmdmjkijyiWLvIB4w0r+whsVD4000Hj7nWhud/tm8lo3qProeDw zW6RALCoR3ISfK4++eOv7Io6X/FamNmWhAkrulgunAWxOOPjR+mSeiJgv9S6/a/eVm+p SHJb3N4mqsrpVS0v9OKz6g9vLwKlf/Puk5bTVeTS5959vyo8GVtEE1U+VbvU3lumwjY8 jqjQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f22-20020a170906561600b006e8da072889si1612716ejq.687.2022.05.11.02.00.16; Wed, 11 May 2022 02:00:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239847AbiEKAmJ (ORCPT + 99 others); Tue, 10 May 2022 20:42:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40162 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229795AbiEKAmH (ORCPT ); Tue, 10 May 2022 20:42:07 -0400 Received: from mail104.syd.optusnet.com.au (mail104.syd.optusnet.com.au [211.29.132.246]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 686591B57AA; Tue, 10 May 2022 17:42:06 -0700 (PDT) Received: from dread.disaster.area (pa49-181-2-147.pa.nsw.optusnet.com.au [49.181.2.147]) by mail104.syd.optusnet.com.au (Postfix) with ESMTPS id 2B7C25345BC; Wed, 11 May 2022 10:42:02 +1000 (AEST) Received: from dave by dread.disaster.area with local (Exim 4.92.3) (envelope-from ) id 1noaQS-00AUmR-E4; Wed, 11 May 2022 10:42:00 +1000 Date: Wed, 11 May 2022 10:42:00 +1000 From: Dave Chinner To: Christian Brauner Cc: Miklos Szeredi , linux-fsdevel@vger.kernel.org, Theodore Ts'o , Karel Zak , Greg KH , linux-kernel@vger.kernel.org, Linux API , linux-man , LSM , Ian Kent , David Howells , Linus Torvalds , Al Viro , Christian Brauner , Amir Goldstein , James Bottomley Subject: Re: [RFC PATCH] getting misc stats/attributes via xattr API Message-ID: <20220511004200.GE2306852@dread.disaster.area> References: <20220509124815.vb7d2xj5idhb2wq6@wittgenstein> <20220510005533.GA2306852@dread.disaster.area> <20220510124033.lobf33hxey4quza3@wittgenstein> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220510124033.lobf33hxey4quza3@wittgenstein> X-Optus-CM-Score: 0 X-Optus-CM-Analysis: v=2.4 cv=e9dl9Yl/ c=1 sm=1 tr=0 ts=627b065d a=ivVLWpVy4j68lT4lJFbQgw==:117 a=ivVLWpVy4j68lT4lJFbQgw==:17 a=kj9zAlcOel0A:10 a=oZkIemNP1mAA:10 a=7-415B0cAAAA:8 a=-VcIyIBGfY_eVRxBFnQA:9 a=CjuIK1q_8ugA:10 a=biEYGPWJfzWAr4FL6Ov7:22 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 10, 2022 at 02:40:33PM +0200, Christian Brauner wrote: > On Tue, May 10, 2022 at 10:55:33AM +1000, Dave Chinner wrote: > > On Mon, May 09, 2022 at 02:48:15PM +0200, Christian Brauner wrote: > > > On Tue, May 03, 2022 at 02:23:23PM +0200, Miklos Szeredi wrote: > > > I really think users would love to have an interfact where they can > > > get a struct with binary info back. > > > > No. Not for kernel informational interfaces. We have ioctls and > > That feels like semantics. statx is in all sensible readings of the > words a kernel informational interface. statx is an special purpose binary syscall interface for returning inode specific information, it's not an abstract, generic informational interface. > I'm really looking at this from the perspective of someone who uses > these interfaces regularly in userspace and a text-based interface for > very basic information such as detailed information about a mount is > cumbersome. I know people like to "counter" with "parsing strings is > easy" but it remains a giant pain for userspace; at least for basic > info. As I said last reply, you are making all the same arguements against text based information interfaces that were made against proc and sysfs a long long time again. they weren't convincing a couple of decades ago, and there aren't really convincing now. Text-based key/value data is hard to screw up in the long run, binary interfaces have a habit of biting hard whenever the contents of the binary structure needs to change... > > > Imho, xattrs are a bit like a wonky version of streams already (One of > > > the reasons I find them quite unpleasant.). Making mount and other > > > information retrievable directly through the getxattr() interface will > > > turn them into a full-on streams implementation imho. I'd prefer not > > > to do that (Which is another reason I'd prefer at least a separate > > > system call.). > > > > And that's a total misunderstanding of what xattrs are. > > > > Alternate data streams are just {file,offset} based data streams > > accessed via ithe same read/write() mechanisms as the primary data > > stream. > > That's why I said "wonky". But I'm not going to argue this point. I > think you by necessity have wider historical context on these things > that I lack. But I don't find it unreasonable to also see them as an > additional information channel. > > Sure, they are a generic key=value store for anything _in principle_. In > practice however xattrs are very much perceived and used as information > storage on files, a metadata side-channel if you will. That's how *you* perceive them, not how everyone perceives them. > All I'm claiming here is that it will confuse the living hell out of > users if the getxattr() api suddenly is used not to just set and get > information associated with inodes but to also provides filesystem or > mount information. Why would it confuse people? The xattr namespace is already well known to be heirarchical and context dependent based on the intial name prefix (user, security, btrfs, trusted, etc). i.e. if you don't know that the context the xattr acts on is determined by the initial name prefix, then you need to read the xattr(7) man page again: Extended attribute namespaces Attribute names are null-terminated strings. The attribute name is always specified in the fully qualified namespace.attribute form, for example, user.mime_type, trusted.md5sum, system.posix_acl_access, or security.selinux. The namespace mechanism is used to define different classes of extended attributes. These different classes exist for several reasons; for example, the permissions and capabilities required for manipulating extended attributes of one namespace may differ to another. Currently, the security, system, trusted, and user extended attribute classes are defined as described below. Additional classes may be added in the future. > That's a totally a totally differnet type of information. Sure, it may > fit well in the key=value scheme because the xattr key=value _interface_ > is generic but that's a very technical argument. Yet adding a new xattr namespace for a new class of information that is associated the mount that the path/inode/fd is associated with is exactly what the xattr namespaces are intended to allow. And it is clearly documented that new classes "may be added in the future". I just don't see where the confusion would come from... > > I'm looking at this from the experience of a user of the API for a > moment and in code they'd do in one place: > > getxattr('/super/special/binary', "security.capability", ...); > > and then in another place they do: > > getxattr('/path/to/some/mount', "mntns:info", ...); > > that is just flatout confusing. Why? Both are getting different classes of key/value information that is specific to the given path. Just because on is on-disk and the other is ephemeral doesn't make it in any way confusing. This is exactly what xattr namesapces are intended to support... > > Xattrs provide an *atomic key-value object store API*, not an offset > > based data stream API. They are completely different beasts, > > intended for completely different purposes. ADS are redundant when you > > have directories and files, whilst an atomic key-value store is > > something completely different. > > > > You do realise we have an independent, scalable, ACID compliant > > key-value object store in every inode in an XFS filesystem, right? > > So far this was a really mail with good background information but I'm > struggling to make sense of what that last sentence is trying to tell > me. :) That people in the past have built large scale data storage applications that use XFS inodes as key based object stores, not as a offset based data stream. Who needs atomic write() functionality when you have ACID set and replace operations for named objects? The reality is that modern filesystems are really just btree based object stores with high performance transaction engines overlaid with a POSIX wrapper. And in the case of xattrs, we effectively expose that btree based key-value database functionality directly to userspace.... Stop thinking like xattrs are some useless metadata side channel, and start thinking of them as an atomic object store that stores and retreives millions of small (< 1/2 the filesystem block size) named objects far space effciently than a directory structure full of small files indexed by object hash. Cheers, Dave. -- Dave Chinner david@fromorbit.com