|
| 1 | +.. SPDX-License-Identifier: GPL-2.0 |
| 2 | +
|
| 3 | +==================================== |
| 4 | +File system Monitoring with fanotify |
| 5 | +==================================== |
| 6 | + |
| 7 | +File system Error Reporting |
| 8 | +=========================== |
| 9 | + |
| 10 | +Fanotify supports the FAN_FS_ERROR event type for file system-wide error |
| 11 | +reporting. It is meant to be used by file system health monitoring |
| 12 | +daemons, which listen for these events and take actions (notify |
| 13 | +sysadmin, start recovery) when a file system problem is detected. |
| 14 | + |
| 15 | +By design, a FAN_FS_ERROR notification exposes sufficient information |
| 16 | +for a monitoring tool to know a problem in the file system has happened. |
| 17 | +It doesn't necessarily provide a user space application with semantics |
| 18 | +to verify an IO operation was successfully executed. That is out of |
| 19 | +scope for this feature. Instead, it is only meant as a framework for |
| 20 | +early file system problem detection and reporting recovery tools. |
| 21 | + |
| 22 | +When a file system operation fails, it is common for dozens of kernel |
| 23 | +errors to cascade after the initial failure, hiding the original failure |
| 24 | +log, which is usually the most useful debug data to troubleshoot the |
| 25 | +problem. For this reason, FAN_FS_ERROR tries to report only the first |
| 26 | +error that occurred for a file system since the last notification, and |
| 27 | +it simply counts additional errors. This ensures that the most |
| 28 | +important pieces of information are never lost. |
| 29 | + |
| 30 | +FAN_FS_ERROR requires the fanotify group to be setup with the |
| 31 | +FAN_REPORT_FID flag. |
| 32 | + |
| 33 | +At the time of this writing, the only file system that emits FAN_FS_ERROR |
| 34 | +notifications is Ext4. |
| 35 | + |
| 36 | +A FAN_FS_ERROR Notification has the following format:: |
| 37 | + |
| 38 | + [ Notification Metadata (Mandatory) ] |
| 39 | + [ Generic Error Record (Mandatory) ] |
| 40 | + [ FID record (Mandatory) ] |
| 41 | + |
| 42 | +The order of records is not guaranteed, and new records might be added |
| 43 | +in the future. Therefore, applications must not rely on the order and |
| 44 | +must be prepared to skip over unknown records. Please refer to |
| 45 | +``samples/fanotify/fs-monitor.c`` for an example parser. |
| 46 | + |
| 47 | +Generic error record |
| 48 | +-------------------- |
| 49 | + |
| 50 | +The generic error record provides enough information for a file system |
| 51 | +agnostic tool to learn about a problem in the file system, without |
| 52 | +providing any additional details about the problem. This record is |
| 53 | +identified by ``struct fanotify_event_info_header.info_type`` being set |
| 54 | +to FAN_EVENT_INFO_TYPE_ERROR. |
| 55 | + |
| 56 | + struct fanotify_event_info_error { |
| 57 | + struct fanotify_event_info_header hdr; |
| 58 | + __s32 error; |
| 59 | + __u32 error_count; |
| 60 | + }; |
| 61 | + |
| 62 | +The `error` field identifies the type of error using errno values. |
| 63 | +`error_count` tracks the number of errors that occurred and were |
| 64 | +suppressed to preserve the original error information, since the last |
| 65 | +notification. |
| 66 | + |
| 67 | +FID record |
| 68 | +---------- |
| 69 | + |
| 70 | +The FID record can be used to uniquely identify the inode that triggered |
| 71 | +the error through the combination of fsid and file handle. A file system |
| 72 | +specific application can use that information to attempt a recovery |
| 73 | +procedure. Errors that are not related to an inode are reported with an |
| 74 | +empty file handle of type FILEID_INVALID. |
0 commit comments