| Message ID | 20200526110318.69006-1-eesposit@redhat.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Statsfs: a new ram-based file system for Linux kernel statistics | expand |
On Tue, 26 May 2020 13:03:10 +0200 Emanuele Giuseppe Esposito wrote: > There is currently no common way for Linux kernel subsystems to expose > statistics to userspace shared throughout the Linux kernel; subsystems have > to take care of gathering and displaying statistics by themselves, for > example in the form of files in debugfs. For example KVM has its own code > section that takes care of this in virt/kvm/kvm_main.c, where it sets up > debugfs handlers for displaying values and aggregating them from various > subfolders to obtain information about the system state (i.e. displaying > the total number of exits, calculated by summing all exits of all cpus of > all running virtual machines). > > Allowing each section of the kernel to do so has two disadvantages. First, > it will introduce redundant code. Second, debugfs is anyway not the right > place for statistics (for example it is affected by lockdown) > > In this patch series I introduce statsfs, a synthetic ram-based virtual > filesystem that takes care of gathering and displaying statistics for the > Linux kernel subsystems. > > The file system is mounted on /sys/kernel/stats and would be already used > by kvm. Statsfs was initially introduced by Paolo Bonzini [1]. What's the direct motivation for this work? Moving KVM stats out of debugfs? In my experience stats belong in the API used for creating/enumerating objects, statsfs sounds like going in the exact opposite direction - creating a parallel structure / hierarchy for exposing stats. I know nothing about KVM but are you sure all the info that has to be exposed will be stats? In case of networking we have the basic stats in sysfs, under the netdevice's kobject. But since we're not using sysfs much any more for config, new stats are added in netlink APIs. Again - same APIs used for enumeration and config.
>> >> The file system is mounted on /sys/kernel/stats and would be already used >> by kvm. Statsfs was initially introduced by Paolo Bonzini [1]. > > What's the direct motivation for this work? Moving KVM stats out of > debugfs? There's many reasons: one of these is not using debugfs for statistics, but also (and mainly) to try and have a single tool that automatically takes care and displays them, instead of leaving each subsystem "on its own". Sure, everyone gathers and processes stats in different ways, and the aim of this tool is to hopefully be extensible enough to cover all needs. > In my experience stats belong in the API used for creating/enumerating > objects, statsfs sounds like going in the exact opposite direction - > creating a parallel structure / hierarchy for exposing stats. I know > nothing about KVM but are you sure all the info that has to be exposed > will be stats?I don't understand, what do you mean here? > > In case of networking we have the basic stats in sysfs, under the > netdevice's kobject. But since we're not using sysfs much any more > for config, new stats are added in netlink APIs. Again - same APIs > used for enumeration and config. I don't really know a lot about the networking subsystem, and as it was pointed out in another email on patch 7 by Andrew, networking needs to atomically gather and display statistics in order to make them consistent, and currently this is not supported by stats_fs but could be added in future. In addition, right now it won't work properly if the networking namespaces are enabled. That is another issue to take into consideration. That's also why I marked patch 7 as "not for merge" Regarding the config, as I said the idea is to gather multiple subsystems' statistics, therefore there wouldn't be a single configuration method like in netlink. For example in kvm there are file descriptors for configuration, and creating them requires no privilege, contrary to the network interfaces. Thank you, Emanuele
> I don't really know a lot about the networking subsystem, and as it was > pointed out in another email on patch 7 by Andrew, networking needs to > atomically gather and display statistics in order to make them consistent, > and currently this is not supported by stats_fs but could be added in > future. Hi Emanuele Do you have any idea how you will support atomic access? It does not seem easy to implement in a filesystem based model. Andrew
On 27/05/20 15:33, Andrew Lunn wrote: >> I don't really know a lot about the networking subsystem, and as it was >> pointed out in another email on patch 7 by Andrew, networking needs to >> atomically gather and display statistics in order to make them consistent, >> and currently this is not supported by stats_fs but could be added in >> future. > > Do you have any idea how you will support atomic access? It does not > seem easy to implement in a filesystem based model. Hi Andrew, there are plans to support binary access. Emanuele and I don't really have a plan for how to implement it, but there are developers from Google that have ideas (because Google has a similar "metricfs" thing in-house). I think atomic access would use some kind of "source_ops" struct containing create_snapshot and release_snapshot function pointers. Paolo
On Wed, 27 May 2020 15:14:41 +0200 Emanuele Giuseppe Esposito wrote: > Regarding the config, as I said the idea is to gather multiple > subsystems' statistics, therefore there wouldn't be a single > configuration method like in netlink. > For example in kvm there are file descriptors for configuration, and > creating them requires no privilege, contrary to the network interfaces. Enumerating networking interfaces, addresses, and almost all of the configuration requires no extra privilege. In fact I'd hope that whatever daemon collects network stats doesn't run as root :) I think enumerating objects is of primary importance, and statistics of those objects are subordinate. Again, I have little KVM knowledge, but BPF also uses a fd-based API, and carries stats over the same syscall interface.
On 27/05/20 22:23, Jakub Kicinski wrote: > On Wed, 27 May 2020 15:14:41 +0200 Emanuele Giuseppe Esposito wrote: >> Regarding the config, as I said the idea is to gather multiple >> subsystems' statistics, therefore there wouldn't be a single >> configuration method like in netlink. >> For example in kvm there are file descriptors for configuration, and >> creating them requires no privilege, contrary to the network interfaces. > > Enumerating networking interfaces, addresses, and almost all of the > configuration requires no extra privilege. In fact I'd hope that > whatever daemon collects network stats doesn't run as root :) > > I think enumerating objects is of primary importance, and statistics > of those objects are subordinate. I see what you meant now. statsfs can also be used to enumerate objects if one is so inclined (with the prototype in patch 7, for example, each network interface becomes a directory). > Again, I have little KVM knowledge, but BPF also uses a fd-based API, > and carries stats over the same syscall interface. Can BPF stats (for BPF scripts created by whatever process is running in the system) be collected by an external daemon that does not have access to the file descriptor? For KVM it's of secondary importance to gather stats in the program; it can be nice to have and we are thinking of a way to export the stats over the fd-based API, but it's less useful than system-wide monitoring. Perhaps this is a difference between the two. Another case where stats and configuration are separate is CPUs, where CPU enumeration is done in sysfs but statistics are exposed in various procfs files such as /proc/interrupts and /proc/stats. Thanks, Paolo
On Tue, May 26, 2020 at 01:03:10PM +0200, Emanuele Giuseppe Esposito wrote: > There is currently no common way for Linux kernel subsystems to expose > statistics to userspace shared throughout the Linux kernel; subsystems have > to take care of gathering and displaying statistics by themselves, for > example in the form of files in debugfs. For example KVM has its own code > section that takes care of this in virt/kvm/kvm_main.c, where it sets up > debugfs handlers for displaying values and aggregating them from various > subfolders to obtain information about the system state (i.e. displaying > the total number of exits, calculated by summing all exits of all cpus of > all running virtual machines). > > Allowing each section of the kernel to do so has two disadvantages. First, > it will introduce redundant code. Second, debugfs is anyway not the right > place for statistics (for example it is affected by lockdown) > > In this patch series I introduce statsfs, a synthetic ram-based virtual > filesystem that takes care of gathering and displaying statistics for the > Linux kernel subsystems. > > The file system is mounted on /sys/kernel/stats and would be already used > by kvm. Statsfs was initially introduced by Paolo Bonzini [1]. > > Statsfs offers a generic and stable API, allowing any kind of > directory/file organization and supporting multiple kind of aggregations > (not only sum, but also average, max, min and count_zero) and data types > (boolean, unsigned/signed and custom types). The implementation, which is > a generalization of KVM’s debugfs statistics code, takes care of gathering > and displaying information at run time; users only need to specify the > values to be included in each source. > > Statsfs would also be a different mountpoint from debugfs, and would not > suffer from limited access due to the security lock down patches. Its main > function is to display each statistics as a file in the desired folder > hierarchy defined through the API. Statsfs files can be read, and possibly > cleared if their file mode allows it. > > Statsfs has two main components: the public API defined by > include/linux/statsfs.h, and the virtual file system which should end up in > /sys/kernel/stats. > Hi Emanuele > The API has two main elements, values and sources. Kernel subsystems like > KVM can use the API to create a source, add child sources/values/aggregates > and register it to the root source (that on the virtual fs would be > /sys/kernel/statsfs). Another issue i see with networking is that statistic counters can be dynamic. They can come and go. One of the drivers i work on has extra statistics available when a fibre interface is used, compared to a copper interface. And this happens at run time. The netlink API has no problems with this. It is a snapshot of what counters are currently available. There is no state in the API. In my humble opinion, networking is unlikely to adopt your approach. You probably want to look around for other subsystems which have statistics, and see if you can cover their requirements, and get them on board. Andrew
On Wed, 27 May 2020 23:07:53 +0200 Paolo Bonzini wrote: > > Again, I have little KVM knowledge, but BPF also uses a fd-based API, > > and carries stats over the same syscall interface. > > Can BPF stats (for BPF scripts created by whatever process is running in > the system) be collected by an external daemon that does not have access > to the file descriptor? For KVM it's of secondary importance to gather > stats in the program; it can be nice to have and we are thinking of a > way to export the stats over the fd-based API, but it's less useful than > system-wide monitoring. Perhaps this is a difference between the two. Yes, check out bpftool prog list (bpftool code is under tools/bpf/ in the kernel tree). BPF statistics are under a static key, so you may not see any on your system. My system shows e.g.: 81: kprobe name abc tag cefaa9376bdaae75 gpl run_time_ns 80941 run_cnt 152 loaded_at 2020-05-26T13:00:24-0700 uid 0 xlated 512B jited 307B memlock 4096B map_ids 66,64 btf_id 16 In this example run_time_ns and run_cnt are stats. The first number on the left is the program ID. BPF has an IDA, and each object gets an integer id. So admin (or CAP_BPF, I think) can iterate over the ids and open fds to objects of interest. > Another case where stats and configuration are separate is CPUs, where > CPU enumeration is done in sysfs but statistics are exposed in various > procfs files such as /proc/interrupts and /proc/stats. True, but I'm guessing everyone is just okay living with the legacy procfs format there. Otherwise I'd guess the stats would had been added to sysfs. I'd be curious to hear the full story there.
On 27/05/20 23:27, Jakub Kicinski wrote: > On Wed, 27 May 2020 23:07:53 +0200 Paolo Bonzini wrote: >>> Again, I have little KVM knowledge, but BPF also uses a fd-based API, >>> and carries stats over the same syscall interface. >> >> Can BPF stats (for BPF scripts created by whatever process is running in >> the system) be collected by an external daemon that does not have access >> to the file descriptor? For KVM it's of secondary importance to gather >> stats in the program; it can be nice to have and we are thinking of a >> way to export the stats over the fd-based API, but it's less useful than >> system-wide monitoring. Perhaps this is a difference between the two. > > Yes, check out bpftool prog list (bpftool code is under tools/bpf/ in > the kernel tree). BPF statistics are under a static key, so you may not > see any on your system. My system shows e.g.: > > 81: kprobe name abc tag cefaa9376bdaae75 gpl run_time_ns 80941 run_cnt 152 > loaded_at 2020-05-26T13:00:24-0700 uid 0 > xlated 512B jited 307B memlock 4096B map_ids 66,64 > btf_id 16 > > In this example run_time_ns and run_cnt are stats. > > The first number on the left is the program ID. BPF has an IDA, and > each object gets an integer id. So admin (or CAP_BPF, I think) can > iterate over the ids and open fds to objects of interest. Got it, thanks. But then "I'd hope that whatever daemon collects [BPF] stats doesn't run as root". :) >> Another case where stats and configuration are separate is CPUs, where >> CPU enumeration is done in sysfs but statistics are exposed in various >> procfs files such as /proc/interrupts and /proc/stats. > > True, but I'm guessing everyone is just okay living with the legacy > procfs format there. Otherwise I'd guess the stats would had been added > to sysfs. I'd be curious to hear the full story there. Yeah, it's a chicken-and-egg problem in that there's no good place in sysfs to put statistics right now, which is part of what this filesystem is trying to solve (the other part is the API). You can read more about Google's usecase at http://lkml.iu.edu/hypermail/linux/kernel/2005.0/08056.html, it does include both network and interrupt stats and it's something that they've been using in production for quite some time. We'd like the statsfs API to be the basis for including something akin to that in Linux. To be honest, it's unlikely that Emanuele (who has just finished his internship at Red Hat) and I will pursue the networking stats further than the demo patch at the end of this series. However, we're trying to make sure that the API is at least ready for that, and to probe whether any developers from other subsystems would be interested in using statsfs. So thanks for bringing your point of view! Thanks, Paolo
On 5/27/20 3:07 PM, Paolo Bonzini wrote: > I see what you meant now. statsfs can also be used to enumerate objects > if one is so inclined (with the prototype in patch 7, for example, each > network interface becomes a directory). there are many use cases that have 100's to 1000's have network devices. Having a sysfs entry per device already bloats memory usage for these use cases; another filesystem with an entry per device makes that worse. Really the wrong direction for large scale systems.
On 28/05/20 00:21, David Ahern wrote: > On 5/27/20 3:07 PM, Paolo Bonzini wrote: >> I see what you meant now. statsfs can also be used to enumerate objects >> if one is so inclined (with the prototype in patch 7, for example, each >> network interface becomes a directory). > > there are many use cases that have 100's to 1000's have network devices. > Having a sysfs entry per device already bloats memory usage for these > use cases; another filesystem with an entry per device makes that worse. > Really the wrong direction for large scale systems. Hi David, IMO the important part for now is having a flexible kernel API for exposing statistics across multiple subsystems, so that they can be harvested in an efficient way. The userspace API is secondary, and multiple APIs can be added to cater for different usecases. For example, as of the first five patches the memory usage is the same as what is now in the mainline kernel, since all the patchset does is take existing debugfs inodes and move them to statsfs. I agree that, if the concept is extended to the whole kernel, scalability and memory usage becomes an issue; and indeed, the long-term plan is to support a binary format that is actually _more_ efficient than the status quo for large scale systems. In the meanwhile, the new filesystem can be disabled (see the difference between "STATS_FS" and "STATS_FS_API") if it imposes undesirable overhead. Thanks, Paolo
There is currently no common way for Linux kernel subsystems to expose statistics to userspace shared throughout the Linux kernel; subsystems have to take care of gathering and displaying statistics by themselves, for example in the form of files in debugfs. For example KVM has its own code section that takes care of this in virt/kvm/kvm_main.c, where it sets up debugfs handlers for displaying values and aggregating them from various subfolders to obtain information about the system state (i.e. displaying the total number of exits, calculated by summing all exits of all cpus of all running virtual machines). Allowing each section of the kernel to do so has two disadvantages. First, it will introduce redundant code. Second, debugfs is anyway not the right place for statistics (for example it is affected by lockdown) In this patch series I introduce statsfs, a synthetic ram-based virtual filesystem that takes care of gathering and displaying statistics for the Linux kernel subsystems. The file system is mounted on /sys/kernel/stats and would be already used by kvm. Statsfs was initially introduced by Paolo Bonzini [1]. Statsfs offers a generic and stable API, allowing any kind of directory/file organization and supporting multiple kind of aggregations (not only sum, but also average, max, min and count_zero) and data types (boolean, unsigned/signed and custom types). The implementation, which is a generalization of KVM’s debugfs statistics code, takes care of gathering and displaying information at run time; users only need to specify the values to be included in each source. Statsfs would also be a different mountpoint from debugfs, and would not suffer from limited access due to the security lock down patches. Its main function is to display each statistics as a file in the desired folder hierarchy defined through the API. Statsfs files can be read, and possibly cleared if their file mode allows it. Statsfs has two main components: the public API defined by include/linux/statsfs.h, and the virtual file system which should end up in /sys/kernel/stats. The API has two main elements, values and sources. Kernel subsystems like KVM can use the API to create a source, add child sources/values/aggregates and register it to the root source (that on the virtual fs would be /sys/kernel/statsfs). Sources are created via statsfs_source_create(), and each source becomes a directory in the file system. Sources form a parent-child relationship; root sources are added to the file system via statsfs_source_register(). Every other source is added to or removed from a parent through the statsfs_source_add_subordinate and statsfs_source_remote_subordinate APIs. Once a source is created and added to the tree (via add_subordinate), it will be used to compute aggregate values in the parent source. A source can optionally be hidden from the filesystem but still considered in the aggregation operations if the corresponding flag is set during initialization. Values represent quantites that are gathered by the statsfs user. Examples of values include the number of vm exits of a given kind, the amount of memory used by some data structure, the length of the longest hash table chain, or anything like that. Values are defined with the statsfs_source_add_values function. Each value is defined by a struct statsfs_value; the same statsfs_value can be added to many different sources. A value can be considered "simple" if it fetches data from a user-provided location, or "aggregate" if it groups all values in the subordinates sources that include the same statsfs_value. Each value has a stats_fs_type pointer in order to allow the user to provide custom get and clear functions. The library, however, also exports default stats_fs_type structs for the standard types (all unsigned and signed types plus boolean). A value can also provide a show function, that takes care of displaying the value in a custom string format. This can be especially useful when displaying enums. For more information, please consult the kerneldoc documentation in patch 2 and the sample uses in the kunit tests, KVM and networking. This series of patches is based on my previous series "libfs: group and simplify linux fs code" and the single patch sent to kvm "kvm_host: unify VM_STAT and VCPU_STAT definitions in a single place". The former simplifies code duplicated in debugfs and tracefs (from which statsfs is based on), the latter groups all macros definition for statistics in kvm in a single common file shared by all architectures. Patch 1 adds a new refcount and kref destructor wrappers that take a semaphore, as those are used later by statsfs. Patch 2 introduces the statsfs API, patch 3 provides extensive tests that can also be used as example on how to use the API and patch 4 adds the file system support. Finally, patch 5 provides a real-life example of statsfs usage in KVM, with patch 6 providing a concrete example of the show function and patch 7 another real-life example in the networking subsystem. [1] https://lore.kernel.org/kvm/5d6cdcb1-d8ad-7ae6-7351-3544e2fa366d@redhat.com/?fbclid=IwAR18LHJ0PBcXcDaLzILFhHsl3qpT3z2vlG60RnqgbpGYhDv7L43n0ZXJY8M Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> v2 -> v3 move kconfig entry in the pseudo filesystem menu, add documentation, get/clear function for value types, show function, floating/cumulative and hidden flags. Also added the netstat example Emanuele Giuseppe Esposito (7): stats_fs API: create, add and remove stats_fs sources and values documentation for stats_fs kunit: tests for stats_fs API stats_fs fs: virtual fs to show stats to the end-user kvm_main: replace debugfs with stats_fs [not for merge] kvm: example of stats_fs_value show function [not for merge] netstats: example use of stats_fs API Documentation/filesystems/index.rst | 1 + Documentation/filesystems/stats_fs.rst | 222 +++++ MAINTAINERS | 7 + arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/guest.c | 2 +- arch/mips/kvm/Kconfig | 1 + arch/mips/kvm/mips.c | 2 +- arch/powerpc/kvm/Kconfig | 1 + arch/powerpc/kvm/book3s.c | 12 +- arch/powerpc/kvm/booke.c | 8 +- arch/s390/kvm/Kconfig | 1 + arch/s390/kvm/kvm-s390.c | 16 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/Makefile | 2 +- arch/x86/kvm/debugfs.c | 64 -- arch/x86/kvm/stats_fs.c | 114 +++ arch/x86/kvm/x86.c | 11 +- fs/Kconfig | 20 + fs/Makefile | 1 + fs/stats_fs/Makefile | 7 + fs/stats_fs/inode.c | 461 ++++++++++ fs/stats_fs/internal.h | 34 + fs/stats_fs/stats_fs-tests.c | 1097 ++++++++++++++++++++++++ fs/stats_fs/stats_fs.c | 642 ++++++++++++++ fs/stats_fs/stub.c | 13 + include/linux/kvm_host.h | 45 +- include/linux/netdevice.h | 2 + include/linux/stats_fs.h | 381 ++++++++ include/uapi/linux/magic.h | 1 + net/Kconfig | 1 + net/core/dev.c | 68 ++ tools/lib/api/fs/fs.c | 21 + virt/kvm/arm/arm.c | 2 +- virt/kvm/kvm_main.c | 317 +------ 35 files changed, 3193 insertions(+), 388 deletions(-) create mode 100644 Documentation/filesystems/stats_fs.rst delete mode 100644 arch/x86/kvm/debugfs.c create mode 100644 arch/x86/kvm/stats_fs.c create mode 100644 fs/stats_fs/Makefile create mode 100644 fs/stats_fs/inode.c create mode 100644 fs/stats_fs/internal.h create mode 100644 fs/stats_fs/stats_fs-tests.c create mode 100644 fs/stats_fs/stats_fs.c create mode 100644 fs/stats_fs/stub.c create mode 100644 include/linux/stats_fs.h