Adding Extended Attribute Support to NFS

J
James MorrisLinux Kernel Developer
Adding Extended Attribute Support to NFS James Morris Red Hat, Inc. jmorris@redhat.com LinuxCon 2009 – Portland, OR
Introduction
Extended Attributes ● Arbitrary file metadata ● Two main types ● System ● User ● Non-standard, yet widely implemented
Types of Implementation ● Simple name / value pairs ● user.foo = “bar” ● Used by: IRIX, Linux, FreeBSD ● Subfiles / forks ● May: – have file semantics (open, seek etc.) – include subdirectories – be highly structured ● Used by Sun, Apple, Microsoft and others
Name/value model ● All name/value xattr implementations differ, have different APIs, and are generally incompatible ● Some OSs use flags for 'system', 'user' types ● Linux uses text namespaces ● user, system, security, trusted, os2
Linux Implementation ● Simple and effective userland API ● setxattr, getxattr, listxattr, removexattr ● Probably the most flexible such implementation ● System-level xattr use is common ● ACLs, SELinux, SMACK, ecryptfs ● User-level xattrs: beagle, ...
NFS Support ● Extended attributes are not supported in the NFS standards ● NFSv3 is closed wrt IETF activity ● NFSv4 includes Named Attributes, which are based on the Solaris subfile model and incompatible with name/value schemes ● Several non-standard implementations shipped
Proposal for Linux NFSv3 ● Implement simple name/value xattr side- protocol based on the GPL'd IRIX code ● ACL support was added to Linux NFSv3, and this is similar in scope and nature ● Rationale: all major filesystems have xattrs and we should be able to use them over the network!
Proposal for Linux NFSv3 (...) ● Side-protocol does not break existing protocol ● Possibility of interop and establishing a de-facto standard for BSD, legacy IRIX clients etc. ● NFS availability may encourage more xattr adoption (chicken & egg problem)
Linux NFSv3 Status ● Prototype code working! ● In upstream Linux community RFC process ● Initial code ● Limited to user namespace ● Not wire-compatible with IRIX due to differences in OS level implementation ● Interoperability certainly possible; need to consider usefulness vs. code complexity
NFSv4 ● NFSv4 needs xattr extension to properly support Linux/BSD etc. ● Thankfully, NFSv4 was designed for extensibility! ● NFSv3 work should be a useful model for this ● IETF process could be lengthy
Discussion
Resources ● http://namei.org/nfsxattr ● Code, documents ● http://www.linux-nfs.org/ ● Useful stepping off point ● Linux NFS mailing list information
1 of 13

Adding Extended Attribute Support to NFS

Download to read offline
Technology

Presentation given at LinuxCon 2009 in Portland, Oregon.

J
James MorrisLinux Kernel Developer

Recommended

Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ... by
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...James Morris
451 views18 slides
Directions in SELinux Networking by
Directions in SELinux NetworkingDirections in SELinux Networking
Directions in SELinux NetworkingJames Morris
529 views15 slides
Secure and Simple Sandboxing in SELinux by
Secure and Simple Sandboxing in SELinuxSecure and Simple Sandboxing in SELinux
Secure and Simple Sandboxing in SELinuxJames Morris
3K views22 slides
Linux Kernel Security Overview - KCA 2009 by
Linux Kernel Security Overview - KCA 2009Linux Kernel Security Overview - KCA 2009
Linux Kernel Security Overview - KCA 2009James Morris
2.5K views72 slides
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats by
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century ThreatsLinux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century ThreatsJames Morris
1.3K views35 slides
Kernel Recipes 2013 - Linux Security Modules: different formal concepts by
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
2.9K views51 slides

More Related Content

What's hot

Linux Security Overview by
Linux Security OverviewLinux Security Overview
Linux Security OverviewKernel TLV
3.3K views19 slides
Security and Linux Security by
Security and Linux SecuritySecurity and Linux Security
Security and Linux SecurityRizky Ariestiyansyah
7K views71 slides
Threats, Vulnerabilities & Security measures in Linux by
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxAmitesh Bharti
3.9K views51 slides
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview by
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security OverviewShawn Wells
617 views83 slides
Linux Security by
Linux SecurityLinux Security
Linux Securitynayakslideshare
2.2K views43 slides
Linux Operating System Vulnerabilities by
Linux Operating System VulnerabilitiesLinux Operating System Vulnerabilities
Linux Operating System VulnerabilitiesInformation Technology
7.5K views40 slides

What's hot(20)

Linux Security Overview by Kernel TLV
Linux Security OverviewLinux Security Overview
Linux Security Overview
Kernel TLV3.3K views
Security and Linux Security by Rizky Ariestiyansyah
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
Rizky Ariestiyansyah7K views
Threats, Vulnerabilities & Security measures in Linux by Amitesh Bharti
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti3.9K views
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview by Shawn Wells
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells617 views
Linux Security by nayakslideshare
Linux SecurityLinux Security
Linux Security
nayakslideshare2.2K views
Linux Operating System Vulnerabilities by Information Technology
Linux Operating System VulnerabilitiesLinux Operating System Vulnerabilities
Linux Operating System Vulnerabilities
Information Technology7.5K views
Basic Linux Security by pankaj009
Basic Linux SecurityBasic Linux Security
Basic Linux Security
pankaj0092.8K views
Bsd ppt by Muhammad Bilal
Bsd pptBsd ppt
Bsd ppt
Muhammad Bilal1.2K views
The FreeBSD - PRIMER by Muhammad Moinur Rahman
The FreeBSD - PRIMERThe FreeBSD - PRIMER
The FreeBSD - PRIMER
Muhammad Moinur Rahman465 views
Mandatory Access Control Networking Update - Netonf 2006 Tokyo by James Morris
Mandatory Access Control Networking Update - Netonf 2006 TokyoMandatory Access Control Networking Update - Netonf 2006 Tokyo
Mandatory Access Control Networking Update - Netonf 2006 Tokyo
James Morris411 views
File System Implementation & Linux Security by Geo Marian
File System Implementation & Linux SecurityFile System Implementation & Linux Security
File System Implementation & Linux Security
Geo Marian288 views
Security, Hack1ng and Hardening on Linux - an Overview by Kaiwan Billimoria
Security, Hack1ng and Hardening on Linux - an OverviewSecurity, Hack1ng and Hardening on Linux - an Overview
Security, Hack1ng and Hardening on Linux - an Overview
Kaiwan Billimoria1.2K views
Unix Security by replay21
Unix SecurityUnix Security
Unix Security
replay216.3K views
Futex Scaling for Multi-core Systems by Davidlohr Bueso
Futex Scaling for Multi-core SystemsFutex Scaling for Multi-core Systems
Futex Scaling for Multi-core Systems
Davidlohr Bueso2.4K views
Introduction To Linux Security by Michael Boman
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
Michael Boman1.5K views
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct... by The Linux Foundation
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
The Linux Foundation540 views
Linux Network Security by Amr Ali
Linux Network SecurityLinux Network Security
Linux Network Security
Amr Ali825 views
bsd by Jessica Chan
bsdbsd
bsd
Jessica Chan3K views
Bsd presentation by Majda Allani
Bsd presentationBsd presentation
Bsd presentation
Majda Allani1.9K views
Linux Security, from Concept to Tooling by Michael Boelen
Linux Security, from Concept to ToolingLinux Security, from Concept to Tooling
Linux Security, from Concept to Tooling
Michael Boelen1.9K views

Similar to Adding Extended Attribute Support to NFS

Network File System by
Network File SystemNetwork File System
Network File SystemDivyang Oza
171 views10 slides
Architecture Of The Linux Kernel by
Architecture Of The Linux KernelArchitecture Of The Linux Kernel
Architecture Of The Linux KernelDominique Cimafranca
26.7K views17 slides
Architecture Of The Linux Kernel by
Architecture Of The Linux KernelArchitecture Of The Linux Kernel
Architecture Of The Linux Kernelguest547d74
2.2K views17 slides
Chapter 8 distributed file systems by
Chapter 8 distributed file systemsChapter 8 distributed file systems
Chapter 8 distributed file systemsAbDul ThaYyal
7.3K views27 slides
Linux: Everyting-as-a-service by
Linux: Everyting-as-a-serviceLinux: Everyting-as-a-service
Linux: Everyting-as-a-serviceRohit Sansiya
155 views46 slides
RHCE (RED HAT CERTIFIED ENGINEERING) by
RHCE (RED HAT CERTIFIED ENGINEERING)RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)Sumant Garg
3.2K views44 slides

Similar to Adding Extended Attribute Support to NFS(20)

Network File System by Divyang Oza
Network File SystemNetwork File System
Network File System
Divyang Oza171 views
Architecture Of The Linux Kernel by Dominique Cimafranca
Architecture Of The Linux KernelArchitecture Of The Linux Kernel
Architecture Of The Linux Kernel
Dominique Cimafranca26.7K views
Architecture Of The Linux Kernel by guest547d74
Architecture Of The Linux KernelArchitecture Of The Linux Kernel
Architecture Of The Linux Kernel
guest547d742.2K views
Chapter 8 distributed file systems by AbDul ThaYyal
Chapter 8 distributed file systemsChapter 8 distributed file systems
Chapter 8 distributed file systems
AbDul ThaYyal7.3K views
Linux: Everyting-as-a-service by Rohit Sansiya
Linux: Everyting-as-a-serviceLinux: Everyting-as-a-service
Linux: Everyting-as-a-service
Rohit Sansiya155 views
RHCE (RED HAT CERTIFIED ENGINEERING) by Sumant Garg
RHCE (RED HAT CERTIFIED ENGINEERING)RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)
Sumant Garg3.2K views
OpenZFS - BSDcan 2014 by Matthew Ahrens
OpenZFS - BSDcan 2014OpenZFS - BSDcan 2014
OpenZFS - BSDcan 2014
Matthew Ahrens1.7K views
Module1 by shahilashahul
Module1Module1
Module1
shahilashahul60 views
Network File System in Distributed Computing by Chandan Padalkar
Network File System in Distributed ComputingNetwork File System in Distributed Computing
Network File System in Distributed Computing
Chandan Padalkar6K views
OpenZFS - AsiaBSDcon by Matthew Ahrens
OpenZFS - AsiaBSDconOpenZFS - AsiaBSDcon
OpenZFS - AsiaBSDcon
Matthew Ahrens2.3K views
Linux Internals - Part I by Emertxe Information Technologies Pvt Ltd
Linux Internals - Part ILinux Internals - Part I
Linux Internals - Part I
Emertxe Information Technologies Pvt Ltd4.6K views
Linux@assignment ppt by Rama .
Linux@assignment pptLinux@assignment ppt
Linux@assignment ppt
Rama .84 views
Part 03 File System Implementation in Linux by Tushar B Kute
Part 03 File System Implementation in LinuxPart 03 File System Implementation in Linux
Part 03 File System Implementation in Linux
Tushar B Kute3.4K views
Wheeler w 0450_linux_file_systems1 by sprdd
Wheeler w 0450_linux_file_systems1Wheeler w 0450_linux_file_systems1
Wheeler w 0450_linux_file_systems1
sprdd513 views
Wheeler w 0450_linux_file_systems1 by sprdd
Wheeler w 0450_linux_file_systems1Wheeler w 0450_linux_file_systems1
Wheeler w 0450_linux_file_systems1
sprdd734 views
linux-lecture1.ppt by jeronimored
linux-lecture1.pptlinux-lecture1.ppt
linux-lecture1.ppt
jeronimored10 views
Pnfs by Oded Rotter
PnfsPnfs
Pnfs
Oded Rotter793 views
Linux administration classes in mumbai by Vibrant Technologies & Computers
Linux administration classes in mumbaiLinux administration classes in mumbai
Linux administration classes in mumbai
Vibrant Technologies & Computers647 views
Linux by CIIT Wahcantt, Taxila distt. Rawalpindi Pakistan
LinuxLinux
Linux
CIIT Wahcantt, Taxila distt. Rawalpindi Pakistan218 views
Linux introduction (eng) by Anatoliy Okhotnikov
Linux introduction (eng)Linux introduction (eng)
Linux introduction (eng)
Anatoliy Okhotnikov853 views

More from James Morris

sVirt: Hardening Linux Virtualization with Mandatory Access Control by
sVirt: Hardening Linux Virtualization with Mandatory Access ControlsVirt: Hardening Linux Virtualization with Mandatory Access Control
sVirt: Hardening Linux Virtualization with Mandatory Access ControlJames Morris
2K views37 slides
OLPC Networking Overview by
OLPC Networking OverviewOLPC Networking Overview
OLPC Networking OverviewJames Morris
339 views8 slides
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004 by
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004James Morris
664 views12 slides
SELinux Project Overview - Linux Foundation Japan Symposium 2008 by
SELinux Project Overview - Linux Foundation Japan Symposium 2008SELinux Project Overview - Linux Foundation Japan Symposium 2008
SELinux Project Overview - Linux Foundation Japan Symposium 2008James Morris
866 views21 slides
Kernel Security for 2.8 - Kernel Summit 2004 by
Kernel Security for 2.8 - Kernel Summit 2004Kernel Security for 2.8 - Kernel Summit 2004
Kernel Security for 2.8 - Kernel Summit 2004James Morris
510 views3 slides
Better IPSec Security Association Resolution - Netconf 2006 Tokyo by
Better IPSec Security Association Resolution - Netconf 2006 TokyoBetter IPSec Security Association Resolution - Netconf 2006 Tokyo
Better IPSec Security Association Resolution - Netconf 2006 TokyoJames Morris
378 views9 slides

More from James Morris(11)

sVirt: Hardening Linux Virtualization with Mandatory Access Control by James Morris
sVirt: Hardening Linux Virtualization with Mandatory Access ControlsVirt: Hardening Linux Virtualization with Mandatory Access Control
sVirt: Hardening Linux Virtualization with Mandatory Access Control
James Morris2K views
OLPC Networking Overview by James Morris
OLPC Networking OverviewOLPC Networking Overview
OLPC Networking Overview
James Morris339 views
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004 by James Morris
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
James Morris664 views
SELinux Project Overview - Linux Foundation Japan Symposium 2008 by James Morris
SELinux Project Overview - Linux Foundation Japan Symposium 2008SELinux Project Overview - Linux Foundation Japan Symposium 2008
SELinux Project Overview - Linux Foundation Japan Symposium 2008
James Morris866 views
Kernel Security for 2.8 - Kernel Summit 2004 by James Morris
Kernel Security for 2.8 - Kernel Summit 2004Kernel Security for 2.8 - Kernel Summit 2004
Kernel Security for 2.8 - Kernel Summit 2004
James Morris510 views
Better IPSec Security Association Resolution - Netconf 2006 Tokyo by James Morris
Better IPSec Security Association Resolution - Netconf 2006 TokyoBetter IPSec Security Association Resolution - Netconf 2006 Tokyo
Better IPSec Security Association Resolution - Netconf 2006 Tokyo
James Morris378 views
The State of Security Enhanced Linux - FOSS.IN/2007 by James Morris
The State of Security Enhanced Linux - FOSS.IN/2007The State of Security Enhanced Linux - FOSS.IN/2007
The State of Security Enhanced Linux - FOSS.IN/2007
James Morris696 views
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007 by James Morris
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
James Morris485 views
Overview of NSA Security Enhanced Linux - FOSS.IN/2005 by James Morris
Overview of NSA Security Enhanced Linux - FOSS.IN/2005Overview of NSA Security Enhanced Linux - FOSS.IN/2005
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
James Morris441 views
SELinux Kernel Internals and Architecture - FOSS.IN/2005 by James Morris
SELinux Kernel Internals and Architecture - FOSS.IN/2005SELinux Kernel Internals and Architecture - FOSS.IN/2005
SELinux Kernel Internals and Architecture - FOSS.IN/2005
James Morris1.1K views
Anatomy of Fedora Kiosk Mode (FOSS.MY/2008) by James Morris
Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)
Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)
James Morris382 views

Recently uploaded

Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue by
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueMigrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueShapeBlue
176 views20 slides
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha... by
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...ShapeBlue
138 views18 slides
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...ShapeBlue
132 views15 slides
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...Bernd Ruecker
50 views69 slides
DRBD Deep Dive - Philipp Reisner - LINBIT by
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBITShapeBlue
140 views21 slides
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT by
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITShapeBlue
166 views8 slides

Recently uploaded(20)

Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue by ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueMigrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
ShapeBlue176 views
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha... by ShapeBlue
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...
ShapeBlue138 views
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by ShapeBlue
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
ShapeBlue132 views
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by Bernd Ruecker
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
Bernd Ruecker50 views
DRBD Deep Dive - Philipp Reisner - LINBIT by ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue140 views
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT by ShapeBlue
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
ShapeBlue166 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum52 views
Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely78 views
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ... by ShapeBlue
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
ShapeBlue123 views
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ by ShapeBlue
Confidence in CloudStack - Aron Wagner, Nathan Gleason - AmericConfidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
Confidence in CloudStack - Aron Wagner, Nathan Gleason - Americ
ShapeBlue88 views
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue146 views
Igniting Next Level Productivity with AI-Infused Data Integration Workflows by Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software385 views
Why and How CloudStack at weSystems - Stephan Bienek - weSystems by ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue197 views
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue98 views
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue by ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlueWhat’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
What’s New in CloudStack 4.19 - Abhishek Kumar - ShapeBlue
ShapeBlue222 views
Future of AR - Facebook Presentation by Rob McCarty
Future of AR - Facebook PresentationFuture of AR - Facebook Presentation
Future of AR - Facebook Presentation
Rob McCarty62 views
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by ShapeBlue
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
ShapeBlue85 views
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash153 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue93 views
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... by ShapeBlue
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
ShapeBlue79 views

Adding Extended Attribute Support to NFS

  • 1. Adding Extended Attribute Support to NFS James Morris Red Hat, Inc. jmorris@redhat.com LinuxCon 2009 – Portland, OR
  • 3. Extended Attributes ● Arbitrary file metadata ● Two main types ● System ● User ● Non-standard, yet widely implemented
  • 4. Types of Implementation ● Simple name / value pairs ● user.foo = “bar” ● Used by: IRIX, Linux, FreeBSD ● Subfiles / forks ● May: – have file semantics (open, seek etc.) – include subdirectories – be highly structured ● Used by Sun, Apple, Microsoft and others
  • 5. Name/value model ● All name/value xattr implementations differ, have different APIs, and are generally incompatible ● Some OSs use flags for 'system', 'user' types ● Linux uses text namespaces ● user, system, security, trusted, os2
  • 6. Linux Implementation ● Simple and effective userland API ● setxattr, getxattr, listxattr, removexattr ● Probably the most flexible such implementation ● System-level xattr use is common ● ACLs, SELinux, SMACK, ecryptfs ● User-level xattrs: beagle, ...
  • 7. NFS Support ● Extended attributes are not supported in the NFS standards ● NFSv3 is closed wrt IETF activity ● NFSv4 includes Named Attributes, which are based on the Solaris subfile model and incompatible with name/value schemes ● Several non-standard implementations shipped
  • 8. Proposal for Linux NFSv3 ● Implement simple name/value xattr side- protocol based on the GPL'd IRIX code ● ACL support was added to Linux NFSv3, and this is similar in scope and nature ● Rationale: all major filesystems have xattrs and we should be able to use them over the network!
  • 9. Proposal for Linux NFSv3 (...) ● Side-protocol does not break existing protocol ● Possibility of interop and establishing a de-facto standard for BSD, legacy IRIX clients etc. ● NFS availability may encourage more xattr adoption (chicken & egg problem)
  • 10. Linux NFSv3 Status ● Prototype code working! ● In upstream Linux community RFC process ● Initial code ● Limited to user namespace ● Not wire-compatible with IRIX due to differences in OS level implementation ● Interoperability certainly possible; need to consider usefulness vs. code complexity
  • 11. NFSv4 ● NFSv4 needs xattr extension to properly support Linux/BSD etc. ● Thankfully, NFSv4 was designed for extensibility! ● NFSv3 work should be a useful model for this ● IETF process could be lengthy
  • 13. Resources ● http://namei.org/nfsxattr ● Code, documents ● http://www.linux-nfs.org/ ● Useful stepping off point ● Linux NFS mailing list information