On Tue 27-04-21 07:11:49, Amir Goldstein wrote: > The ring buffer functionality for fsnotify is interesting and it may be > useful on its own, but IMO, its too big of a hammer for the problem > at hand. > > The question that you should be asking yourself is what is the > expected behavior in case of a flood of filesystem corruption errors. > I think it has already been expressed by filesystem maintainers on > one your previous postings, that a flood of filesystem corruption > errors is often noise and the only interesting information is the first error. > > For this reason, I think that FS_ERROR could be implemented > by attaching an fsnotify_error_info object to an fsnotify_sb_mark: > > struct fsnotify_sb_mark { > struct fsnotify_mark fsn_mark; > struct fsnotify_error_info info; > } > > Similar to fd sampled errseq, there can be only one error report > per sb-group pair (i.e. fsnotify_sb_mark) and the memory needed to store > the error report can be allocated at the time of setting the filesystem mark. > > With this, you will not need the added complexity of the ring buffer > and you will not need to limit FAN_ERROR reporting to a group that > is only listening for FAN_ERROR, which is an unneeded limitation IMO. Seeing that this 'single error per mark' idea is gathering some support I'd like to add my 2c: Probably we don't want fsnotify_error_info attached to every fsnotify_mark, I guess we can have: struct fanotify_mark { struct fsnotify_mark fsn_mark; struct fanotify_error_event *event; }; and 'event' will be normally NULL and if we add FAN_ERROR to mark's mask, we will allocate event (also containing error info) to use when generating error event. And then the handling will be somewhat similar to how we handle overflow events. Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR