From: Chris Down <chris@chrisdown.name>
To: Dave Chinner <david@fromorbit.com>
Cc: Petr Mladek <pmladek@suse.com>, Jonathan Lassoff <jof@thejof.com>,
linux-xfs@vger.kernel.org, "Darrick J. Wong" <djwong@kernel.org>,
Sergey Senozhatsky <senozhatsky@chromium.org>,
Steven Rostedt <rostedt@goodmis.org>,
John Ogness <john.ogness@linutronix.de>
Subject: Re: [PATCH v3 2/2] Add XFS messages to printk index
Date: Wed, 30 Mar 2022 12:52:58 +0100 [thread overview]
Message-ID: <YkREmrfoTcqOYbma@chrisdown.name> (raw)
In-Reply-To: <20220330003457.GB1544202@dread.disaster.area>
Hi Dave,
Dave Chinner writes:
>I ask, because user/kernel ABIs are usually fixed and we are not
>allowed to change them in a way that might break userspace. What
>happens when one of these format messages gets moved? What if the
>file, function and line of code all change, but the format string
>stays the same? What about duplicate format strings in different
>files/functions?
printk indexing is exposed in debugfs, and we have a long standing
understanding that debugfs APIs are not stable, and there are no ABI
guarantees. The statement in the initial patch that the API is "semi-stable" is
simply wrong.
>Exactly how is this supposed to be used by userspace? Given that you
>are exposing both the file and the line of the file that the format
>string belongs to, does this mean we can no longer actually move
>this format string to any other location in the source code?
>
>IOWs, I cannot find anything that documents the implications of
>directly exposing the *raw source code* to userspace though a sysfs
>file on either developers or userspace applications. Exposing
>anything through a sysfs file usually comes with constraints and
>guarantees and just because it is in /sys/kernel/debug means we can
>waive ABI constraints: I'll refer you to the canonical example of
>tracepoints vs powertop.
>
>With tracepoints in mind, XFS has an explicit policy that
>tracepoints do not form part of the user ABI because they expose the
>internal implementation directly to userspace. Hence if you use XFS
>tracepoints for any purpose, you get to keep all the broken bits
>when we change/add/remove tracepoints as part of our normal
>development.
>
>However, for information we explicitly expose via files in proc and
>sysfs (and via ioctls, for that matter), we have to provide explicit
>ABI guarantees, and that means we cannot remove or change the format
>or content of those files in ways that would cause userspace parsers
>and applications to break. If we are removing a proc/sysfs file, we
>have an explicit deprecation process that takes years to run so that
>userspace has time to notice that removal will be occurring and be
>updated not to depend on it by the time we remove it.
debugfs has no stability guarantees whatsoever and exists outside of the
userspace ABI guarantees.[0]
Even if there was some guarantee (which there isn't), the guarantee would be on
the format of the file, not the data contained within. The point of printk
indexing is to indicate when things change, not preclude that change. Just as a
map appearing, changing, or disappearing in /proc/pid/smaps isn't an ABI break,
this wouldn't be either. It would just be a change in the backing data. For
example, if a file or line changes, printk indexing helps indicate to a
userspace tool that the printk may have gone away, or changed location.
Anyone using printk indexing has to accept that both the format and the file
contents are not stable between kernel releases, and must accommodate for that
during development. That's the main reason that this was put in debugfs rather
than (for example) /proc or /sys.
>I see no statement anywhere about what this printk index ABI
>requires in terms of code stablility, format string maintenance and
>modification, etc. I've seen it referred to as "semi-stable" but
>there is no clear, easily accessible definition as to what that
>means for either kernel developers or userspace app developers that
>might want to use this information. There's zero information
>available about how userspace will use this information, too, so at
>this point I can't even guess what the policy for this new ABI
>actually is.
I don't know why Jonathan referred to it as "semi-stable". It is simply not so.
printk indexing is a completely unstable debugfs API with no guarantees about
either format or contents to userspace at all over kernel releases.
>If this was discussed and a policy was created, then great. But it
>*hasn't been documented* for the rest of the world to be able to
>read and understand so they know how to deal safely with the
>information this ABI now provides. So, can you please explain what
>the rules are, and then please write some documentation for the
>kernel admin guide defining the user ABI for application writers and
>what guarantees the kernel provides them with about the contents of
>this ABI.
The policy, as with all debugfs APIs by default, is that it's completely
unstable and there are no API stability guarantees whatsoever. That's why
there's no extensive documentation for users: because this is a feature for
kernel developers.
0: https://lwn.net/Articles/309298/
Thanks,
Chris
next prev parent reply other threads:[~2022-03-30 11:55 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-25 17:19 [PATCH v3 1/2] Simplify XFS logging methods Jonathan Lassoff
2022-03-25 17:19 ` [PATCH v3 2/2] Add XFS messages to printk index Jonathan Lassoff
2022-03-29 13:34 ` Petr Mladek
2022-03-30 0:34 ` Dave Chinner
2022-03-30 0:46 ` Darrick J. Wong
2022-03-30 1:26 ` Dave Chinner
2022-03-30 14:59 ` Petr Mladek
2022-03-30 15:07 ` Chris Down
2022-03-31 15:06 ` Darrick J. Wong
2022-04-05 12:55 ` Petr Mladek
2022-03-31 9:14 ` Sergey Senozhatsky
2022-03-30 11:52 ` Chris Down [this message]
2022-03-30 16:47 ` Steven Rostedt
2022-03-30 17:09 ` Chris Down
2022-03-30 17:25 ` Chris Down
2022-03-30 17:39 ` Steven Rostedt
2022-03-30 17:44 ` Chris Down
2022-03-30 21:02 ` Dave Chinner
2022-03-31 14:09 ` Petr Mladek
2022-04-01 21:50 ` Dave Chinner
2022-03-30 12:05 ` Chris Down
2022-03-30 0:05 ` Dave Chinner
2022-03-30 12:07 ` Chris Down
2022-03-31 1:38 ` Jonathan Lassoff
2022-03-29 13:03 ` [PATCH v3 1/2] Simplify XFS logging methods Petr Mladek
2022-03-29 23:54 ` Dave Chinner
2022-03-30 11:40 ` Petr Mladek
2022-03-30 11:55 ` Chris Down
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YkREmrfoTcqOYbma@chrisdown.name \
--to=chris@chrisdown.name \
--cc=david@fromorbit.com \
--cc=djwong@kernel.org \
--cc=jof@thejof.com \
--cc=john.ogness@linutronix.de \
--cc=linux-xfs@vger.kernel.org \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=senozhatsky@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).