blob: 9d23d20cf1bab7641e42e52bf2e05a4dcee3b080 [file] [log] [blame]
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
]>
<chapter id="xfs-xattr">
<title>XFS Extended Attributes</title>
<section>
<title>Extended Attributes</title>
<para>Extended Attributes (EA) are a set of &lt;name,value&gt; pairs associated with an inode</para>
<para>Who uses them?</para>
<itemizedlist>
<listitem><para>Access Control Lists (ACL)</para></listitem>
<listitem><para>SELinux</para></listitem>
<listitem><para>Beagle indexer</para></listitem>
</itemizedlist>
<para>Name is a null terminated string &lt;= 255 chars</para>
<para>Value is binary data &lt;= 64K</para>
</section>
<section>
<title>EA Namespaces</title>
<para>The EA set is typically divided into namespaces</para>
<para>For Linux the namespace is the prefix of the EA name:</para>
<itemizedlist>
<listitem><para>user</para></listitem>
<listitem><para>trusted</para></listitem>
<listitem><para>security</para></listitem>
<listitem><para>System</para></listitem>
</itemizedlist>
<para>For XFS, the namespace is encoded in bits in a flags field with these values:</para>
<itemizedlist>
<listitem><para>“user” has value of 0x0000 – by default an attribute is in the user namespace</para></listitem>
</itemizedlist>
<para><programlisting>
#define ATTR_ROOT 0x0002 /* use attrs in root (trusted) namespace */
#define ATTR_SECURE 0x0008 /* use attrs in security namespace */
#define ATTR_SYSTEM 0x0100 /* use attrs in system (pseudo) namespace */</programlisting></para>
<para>So for XFS, EAs are really a triple &lt;name, value, flags&gt;</para>
</section>
<section>
<title>EA Command Line Interface</title>
<para>attr package maintained by Andreas Gruenbacher and SGI</para>
<itemizedlist>
<listitem><para>getfattr(1) for getting/listing EAs</para></listitem>
<listitem><para>setfattr(1) for setting and removing EAs,</para></listitem>
<listitem><para>Names are prefixed with the namespace</para></listitem>
</itemizedlist>
<para>attr command sets/removes/gets/lists EAs</para>
<itemizedlist>
<listitem><para>Based on IRIX command, provides common interface for XFS EAs</para></listitem>
<listitem><para>Namespace specified with options</para></listitem>
<listitem><para>More closely models what XFS actually stores since names are the actual names</para></listitem>
</itemizedlist>
<para><programlisting>
# getfattr -e hex -dm '.*' file1
system.posix_acl_access=0x0200000001000600ffffffff040006...
trusted.SGI_ACL_FILE=0x0000000400000001ffffffff0006...
# attr -Rl file1
Attribute "SGI_ACL_FILE" has a 52 byte value for file1</programlisting></para>
</section>
<section>
<title>EA Ondisk Format</title>
<para>The name can actually be binary data since it has a length field on disk</para>
<itemizedlist>
<listitem><para>XFS kernel functions have been changed to handle binary names
(used for future parent pointer EA's)</para></listitem>
</itemizedlist>
<para>XFS EA's are stored in a variety of forms according to how big they are</para>
<itemizedlist>
<listitem><para>Local or short form
<itemizedlist>
<listitem><para>within the inode</para></listitem>
</itemizedlist>
</para></listitem>
<listitem><para>Attribute-fork extents in either
<itemizedlist>
<listitem><para>a filesystem leaf block</para></listitem>
<listitem><para>btree form with node blocks and leaf blocks</para></listitem>
</itemizedlist>
</para></listitem>
<listitem><para>Extent form
<itemizedlist>
<listitem><para>the EA value can be in a remote filesystem block if it's large</para></listitem>
</itemizedlist>
</para></listitem>
</itemizedlist>
</section>
<section>
<title>EA Tuning</title>
<para>If using ACLs, every file access will require an EA lookup</para>
<para>For performance, it is important to keep the EA's within the inode in shortform</para>
<itemizedlist>
<listitem><para>Only a single filesystem block needs to be read in.</para></listitem>
<listitem><para>ACLs are a good example where the access checks occur frequently</para></listitem>
</itemizedlist>
<para>To increase the chance of being in shortform</para>
<itemizedlist>
<listitem><para>increase the inode size, and/or</para></listitem>
<listitem><para>enable attr2</para></listitem>
</itemizedlist>
<para><programlisting>mkfs.xfs –i size=512,attr=2 device</programlisting></para>
<para>The short-form EA resides at the end of the inode and competes for space with the data extents.</para>
</section>
<section>
<title>EA and Attr2</title>
<para>Attr2 overcomes a restriction in the initial EA implementation that divided up the
literal area at a fixed location (fork offset)</para>
<para>With attr2 the fork offset is variable</para>
<para>XXX Insert image</para>
</section>
<section>
<title>EA and Backup</title>
<para>Cpio and tar do not backup and restore extended attributes</para>
<para>If using extended attributes, an EA backup tool like xfsdump and xfsrestore must be used</para>
</section>
</chapter>