[v8,32/32] docs: Document the FAN_FS_ERROR event

Message ID	20211019000015.1666608-33-krisman@collabora.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-fsdevel-owner@kernel.org> sender: krisman) by bhuna.collabora.co.uk (Postfix) with ESMTPSA id E96D01F4321E; Tue, 19 Oct 2021 01:04:47 +0100 (BST) From: Gabriel Krisman Bertazi <krisman@collabora.com> To: jack@suse.com, amir73il@gmail.com Cc: djwong@kernel.org, tytso@mit.edu, david@fromorbit.com, dhowells@redhat.com, khazhy@google.com, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-api@vger.kernel.org, Gabriel Krisman Bertazi <krisman@collabora.com>, kernel@collabora.com Subject: [PATCH v8 32/32] docs: Document the FAN_FS_ERROR event Date: Mon, 18 Oct 2021 21:00:15 -0300 Message-Id: <20211019000015.1666608-33-krisman@collabora.com> In-Reply-To: <20211019000015.1666608-1-krisman@collabora.com> References: <20211019000015.1666608-1-krisman@collabora.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	file system-wide error monitoring \| expand [v8,00/32] file system-wide error monitoring [v8,01/32] fsnotify: pass data_type to fsnotify_name() [v8,02/32] fsnotify: pass dentry instead of inode data [v8,03/32] fsnotify: clarify contract for create event hooks [v8,04/32] fsnotify: Don't insert unmergeable events in hashtable [v8,05/32] fanotify: Fold event size calculation to its own function [v8,06/32] fanotify: Split fsid check from other fid mode checks [v8,07/32] inotify: Don't force FS_IN_IGNORED [v8,08/32] fsnotify: Add helper to detect overflow_event [v8,09/32] fsnotify: Add wrapper around fsnotify_add_event [v8,10/32] fsnotify: Retrieve super block from the data field [v8,11/32] fsnotify: Protect fsnotify_handle_inode_event from no-inode events [v8,12/32] fsnotify: Pass group argument to free_event [v8,13/32] fanotify: Support null inode event in fanotify_dfid_inode [v8,14/32] fanotify: Allow file handle encoding for unhashed events [v8,15/32] fanotify: Encode empty file handle when no inode is provided [v8,16/32] fanotify: Require fid_mode for any non-fd event [v8,17/32] fsnotify: Support FS_ERROR event type [v8,18/32] fanotify: Reserve UAPI bits for FAN_FS_ERROR [v8,19/32] fanotify: Pre-allocate pool of error events [v8,20/32] fanotify: Dynamically resize the FAN_FS_ERROR pool [v8,21/32] fanotify: Support enqueueing of error events [v8,22/32] fanotify: Support merging of error events [v8,23/32] fanotify: Wrap object_fh inline space in a creator macro [v8,24/32] fanotify: Add helpers to decide whether to report FID/DFID [v8,25/32] fanotify: Report fid entry even for zero-length file_handle [v8,26/32] fanotify: WARN_ON against too large file handles [v8,27/32] fanotify: Report fid info for file related file system errors [v8,28/32] fanotify: Emit generic error info for error event [v8,29/32] fanotify: Allow users to request FAN_FS_ERROR events [v8,30/32] ext4: Send notifications on error [v8,31/32] samples: Add fs error monitoring example [v8,32/32] docs: Document the FAN_FS_ERROR event

Message ID

20211019000015.1666608-33-krisman@collabora.com (mailing list archive)

State

New, archived

Headers

From: Gabriel Krisman Bertazi <krisman@collabora.com>
To: jack@suse.com, amir73il@gmail.com
Cc: djwong@kernel.org, tytso@mit.edu, david@fromorbit.com,
        dhowells@redhat.com, khazhy@google.com,
        linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
        linux-api@vger.kernel.org,
        Gabriel Krisman Bertazi <krisman@collabora.com>,
        kernel@collabora.com
Subject: [PATCH v8 32/32] docs: Document the FAN_FS_ERROR event
Date: Mon, 18 Oct 2021 21:00:15 -0300
Message-Id: <20211019000015.1666608-33-krisman@collabora.com>
In-Reply-To: <20211019000015.1666608-1-krisman@collabora.com>
References: <20211019000015.1666608-1-krisman@collabora.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

file system-wide error monitoring | expand

Commit Message

Gabriel Krisman Bertazi Oct. 19, 2021, midnight UTC

Document the FAN_FS_ERROR event for user administrators and user space
developers.

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.com>

---
Changes Since v7:
  - Update semantics
Changes Since v6:
  - English fixes (jan)
  - Proper document error field (jan)
Changes Since v4:
  - Update documentation about reporting non-file error.
Changes Since v3:
  - Move FAN_FS_ERROR notification into a subsection of the file.
Changes Since v2:
  - NTR
Changes since v1:
  - Drop references to location record
  - Explain that the inode field is optional
  - Explain we are reporting only the first error
---
 .../admin-guide/filesystem-monitoring.rst     | 76 +++++++++++++++++++
 Documentation/admin-guide/index.rst           |  1 +
 2 files changed, 77 insertions(+)
 create mode 100644 Documentation/admin-guide/filesystem-monitoring.rst

Comments

Jan Kara Oct. 19, 2021, 4:47 p.m. UTC | #1

On Mon 18-10-21 21:00:15, Gabriel Krisman Bertazi wrote:
> Document the FAN_FS_ERROR event for user administrators and user space
> developers.
> 
> Reviewed-by: Amir Goldstein <amir73il@gmail.com>
> Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.com>
> 
> ---
> Changes Since v7:
>   - Update semantics
> Changes Since v6:
>   - English fixes (jan)
>   - Proper document error field (jan)
> Changes Since v4:
>   - Update documentation about reporting non-file error.
> Changes Since v3:
>   - Move FAN_FS_ERROR notification into a subsection of the file.
> Changes Since v2:
>   - NTR
> Changes since v1:
>   - Drop references to location record
>   - Explain that the inode field is optional
>   - Explain we are reporting only the first error
> ---
>  .../admin-guide/filesystem-monitoring.rst     | 76 +++++++++++++++++++
>  Documentation/admin-guide/index.rst           |  1 +
>  2 files changed, 77 insertions(+)
>  create mode 100644 Documentation/admin-guide/filesystem-monitoring.rst
> 
> diff --git a/Documentation/admin-guide/filesystem-monitoring.rst b/Documentation/admin-guide/filesystem-monitoring.rst
> new file mode 100644
> index 000000000000..f1f6476fa4f3
> --- /dev/null
> +++ b/Documentation/admin-guide/filesystem-monitoring.rst
> @@ -0,0 +1,76 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +
> +====================================
> +File system Monitoring with fanotify
> +====================================
> +
> +File system Error Reporting
> +===========================
> +
> +Fanotify supports the FAN_FS_ERROR event type for file system-wide error
> +reporting.  It is meant to be used by file system health monitoring
> +daemons, which listen for these events and take actions (notify
> +sysadmin, start recovery) when a file system problem is detected.
> +
> +By design, A FAN_FS_ERROR notification exposes sufficient information
             ^^ a

> +for a monitoring tool to know a problem in the file system has happened.
> +It doesn't necessarily provide a user space application with semantics
> +to verify an IO operation was successfully executed.  That is out of
> +scope for this feature.  Instead, it is only meant as a framework for
> +early file system problem detection and reporting recovery tools.
> +
> +When a file system operation fails, it is common for dozens of kernel
> +errors to cascade after the initial failure, hiding the original failure
> +log, which is usually the most useful debug data to troubleshoot the
> +problem.  For this reason, FAN_FS_ERROR tries to report only the first
> +error that occurred for a process since the last notification, and it
                           ^^^^^^^^ rather for "a filesystem", no?

> +simply counts additional errors.  This ensures that the most important
> +pieces of information are never lost.
> +
> +FAN_FS_ERROR requires the fanotify group to be setup with the
> +FAN_REPORT_FID flag.
> +
> +At the time of this writing, the only file system that emits FAN_FS_ERROR
> +notifications is Ext4.
> +
> +A user space example code is provided at ``samples/fanotify/fs-monitor.c``.
> +
> +A FAN_FS_ERROR Notification has the following format::
> +
> +  [ Notification Metadata (Mandatory) ]
> +  [ Generic Error Record  (Mandatory) ]
> +  [ FID record            (Mandatory) ]
> +

I'd add a note here that the ordering of "Generic Error Record" and "FID
record" is not really guaranteed and refer to sample code for sample
parser.

> +Generic error record
> +--------------------
> +
> +The generic error record provides enough information for a file system
> +agnostic tool to learn about a problem in the file system, without
> +providing any additional details about the problem.  This record is
> +identified by ``struct fanotify_event_info_header.info_type`` being set
> +to FAN_EVENT_INFO_TYPE_ERROR.
> +
> +  struct fanotify_event_info_error {
> +	struct fanotify_event_info_header hdr;
> +	__s32 error;
> +	__u32 error_count;
> +  };
> +
> +The `error` field identifies the error in a file-system specific way.
> +Ext4, for instance, which is the only file system implementing this
> +interface at the time of this writing, exposes EXT4_ERR_ values in this
> +field.  Please refer to the file system documentation for the meaning of
> +specific error codes.

If 'error' is filesystem-specific number, then how does this work with
"filesystem agnostic" tool? All it can tell is "something happened"... If
the error was generic errno, I can see some value in the tool being able to
tell this is fs corruption (EFSCORRUPTED), hardware problem (EIO), thin
provisioning running out of space (ENOSPC) or something else. But yes, I do
realize it is going to be more painful to make all filesystem generate
these sensible error codes. Even within a filesystem it may be sometimes
difficult to propagate proper error code to fsnotify so maybe error codes
will not be usable for decisions like above... What do others think?

								Honza

diff --git a/Documentation/admin-guide/filesystem-monitoring.rst b/Documentation/admin-guide/filesystem-monitoring.rst
new file mode 100644
index 000000000000..f1f6476fa4f3
--- /dev/null
+++ b/Documentation/admin-guide/filesystem-monitoring.rst
@@ -0,0 +1,76 @@ 
+.. SPDX-License-Identifier: GPL-2.0
+
+====================================
+File system Monitoring with fanotify
+====================================
+
+File system Error Reporting
+===========================
+
+Fanotify supports the FAN_FS_ERROR event type for file system-wide error
+reporting.  It is meant to be used by file system health monitoring
+daemons, which listen for these events and take actions (notify
+sysadmin, start recovery) when a file system problem is detected.
+
+By design, A FAN_FS_ERROR notification exposes sufficient information
+for a monitoring tool to know a problem in the file system has happened.
+It doesn't necessarily provide a user space application with semantics
+to verify an IO operation was successfully executed.  That is out of
+scope for this feature.  Instead, it is only meant as a framework for
+early file system problem detection and reporting recovery tools.
+
+When a file system operation fails, it is common for dozens of kernel
+errors to cascade after the initial failure, hiding the original failure
+log, which is usually the most useful debug data to troubleshoot the
+problem.  For this reason, FAN_FS_ERROR tries to report only the first
+error that occurred for a process since the last notification, and it
+simply counts additional errors.  This ensures that the most important
+pieces of information are never lost.
+
+FAN_FS_ERROR requires the fanotify group to be setup with the
+FAN_REPORT_FID flag.
+
+At the time of this writing, the only file system that emits FAN_FS_ERROR
+notifications is Ext4.
+
+A user space example code is provided at ``samples/fanotify/fs-monitor.c``.
+
+A FAN_FS_ERROR Notification has the following format::
+
+  [ Notification Metadata (Mandatory) ]
+  [ Generic Error Record  (Mandatory) ]
+  [ FID record            (Mandatory) ]
+
+Generic error record
+--------------------
+
+The generic error record provides enough information for a file system
+agnostic tool to learn about a problem in the file system, without
+providing any additional details about the problem.  This record is
+identified by ``struct fanotify_event_info_header.info_type`` being set
+to FAN_EVENT_INFO_TYPE_ERROR.
+
+  struct fanotify_event_info_error {
+	struct fanotify_event_info_header hdr;
+	__s32 error;
+	__u32 error_count;
+  };
+
+The `error` field identifies the error in a file-system specific way.
+Ext4, for instance, which is the only file system implementing this
+interface at the time of this writing, exposes EXT4_ERR_ values in this
+field.  Please refer to the file system documentation for the meaning of
+specific error codes.
+
+`error_count` tracks the number of errors that occurred and were
+suppressed to preserve the original error information, since the last
+notification.
+
+FID record
+----------
+
+The FID record can be used to uniquely identify the inode that triggered
+the error through the combination of fsid and file handle.  A file system
+specific application can use that information to attempt a recovery
+procedure.  Errors that are not related to an inode are reported with an
+empty file handle of type FILEID_INVALID.
diff --git a/Documentation/admin-guide/index.rst b/Documentation/admin-guide/index.rst
index dc00afcabb95..1bedab498104 100644
--- a/Documentation/admin-guide/index.rst
+++ b/Documentation/admin-guide/index.rst
@@ -82,6 +82,7 @@  configure specific aspects of kernel behavior to your liking.
    edid
    efi-stub
    ext4
+   filesystem-monitoring
    nfs/index
    gpio/index
    highuid

[v8,32/32] docs: Document the FAN_FS_ERROR event

Commit Message

Comments

Patch