Incompatible PERFILE_DAX flag. I only noticed about this project as Vivek Goyal pointed me to it on the fsdevel list and I checked used flags because of this patch https://marc.info/?l=linux-fsdevel&m=165002361802294&w=2
And then noticed that PERFILE_DAX flag is conflicting with FUSE_INIT_EXT

Looks like you are on a non-upstream kernel with patches?

linux master include/uapi/linux/fuse.h

...
#define FUSE_INIT_EXT (1 << 30)
#define FUSE_INIT_RESERVED (1 << 31)
/* bits 32..63 get shifted down 32 bits into the flags2 field */
#define FUSE_SECURITY_CTX (1ULL << 32)
#define FUSE_HAS_INODE_DAX (1ULL << 33)

Btw, any reason you are not using 1 << number for the flags? In my personal opinion so much easier to read...

We recently came across the xfstest suite used by the Linux kernel to test and verify filesystem patches.

https://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git/tree/

This suite supports various filesystem types including fuse and virtiofs, and supports a wide range of tests to validate a number of conditions. We think it would be beneficial for this crate to integrate it as part of the testing regime, as another step to try and avoid regressions and bugs that could make it into releases.

For example, we have run this set of tests in a containerised environment making use of nydus 2.2.0 (which is using fuse-backend-rs version 1.10.0) provisioned with Kata 3.0.2. In total 18 out of 589 tests failed:

Failures: generic/007 generic/013 generic/088 generic/245 generic/257 generic/258 generic/263 generic/430 generic/431 generic/432 generic/433 generic/434 generic/504 generic/564 generic/571 generic/632 generic/637 generic/639
Failed 18 of 589 tests

Nydus 2.1.0 (fuse-backend-rs 0.9) fails 21 out of 589 tests:

Failures: generic/007 generic/013 generic/088 generic/131 generic/245 generic/247 generic/257 generic/258 generic/263 generic/430 generic/431 generic/432 generic/433 generic/434 generic/478 generic/504 generic/564 generic/571 generic/632 generic/637 generic/639
Failed 21 of 589 tests

Provisioning this is fairly straightforward and can be repeated with the following steps:

• Start a new VM with a virtiofs device attached, one which uses this crate for its functionality
• Log in to the VM and clone the above repo and build it
• Mount the virtiofs device into the VM
  • fe mount -t virtiofs sharedFS /mnt
• In the source directory start the tests against the virtiofs device
  • TEST_DIR=/mnt TEST_DEV=sharedFS ./check -virtiofs
• The tests should run and output the failure results, you can check the test contents and expected output by checking the files under ./tests/**
  • The results after running the tests can be found under ./results/**

For context we found that the golang fuse library has run these tests in order to verify its functionality:

https://github.com/hanwen/go-fuse/issues?q=is%3Aissue+xfstest

On a side note, we have noticed with more recent versions of nydus that there have been some problems with stateful workloads, for example, MySQL and Minio have issues starting which look to be filesystem related. We are hoping that these tests will pick up any potential edges cases as understandably filesystems are very complex.

Hi my friend, are there plans for extending the project to support Windows ?

like: FsOptions::ASYNC_READ, FsOptions::BIG_WRITES, FsOptions::AUTO_INVAL_DATA ...

the current permissions of the root directory are a default value, this cannot be customized.

    fn get_entry(&self, ino: u64) -> Entry {
        let mut attr = Attr {
            ..Default::default()
        };
        attr.ino = ino;
        #[cfg(target_os = "linux")]
        {
            attr.mode = libc::S_IFDIR | libc::S_IRWXU | libc::S_IRWXG | libc::S_IRWXO;
        }
        #[cfg(target_os = "macos")]
        {
            attr.mode = (libc::S_IFDIR | libc::S_IRWXU | libc::S_IRWXG | libc::S_IRWXO) as u32;
        }

The root inode of VFS is a pseudo-inode, and its current implementation always returns a default permission that cannot be customized. we want VFS to expose an interface to set the default ATTR

The macos-ci reports an error in macos_session.rs which blocks all pull requests.

Should we fix the disk type in the FuseSession struct?

error: usage of an `Arc` that is not `Send` or `Sync`
   --> src/transport/fusedev/macos_session.rs:117:19
    |
117 |             disk: Arc::new(Mutex::new(None)),
    |                   ^^^^^^^^^^^^^^^^^^^^^^^^^^
    |
    = note: the trait `Send` is not implemented for `Mutex<Option<*const __DADisk>>`
    = note: the trait `Sync` is not implemented for `Mutex<Option<*const __DADisk>>`
    = note: required for `Arc<Mutex<Option<*const __DADisk>>>` to implement `Send` and `Sync`
    = help: consider using an `Rc` instead or wrapping the inner type with a `Mutex`
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#arc_with_non_send_sync
    = note: `-D clippy::arc-with-non-send-sync` implied by `-D warnings`

From my understanding, it seems that splicing is not supported yet, will this be supported? Thanks!

currently supported fuse feature is not customizable, can we provide a FsOptions parameter or a new builder style init method

Hey team,

I'm trying to compile the project with async-io feature enabled on an M2 (macOS) and am getting the following error

/registry/src/index.crates.io-6f17d22bba15001f/io-uring-0.5.13/src/util.rs:19:42

19   |                 libc::MAP_SHARED | libc::MAP_POPULATE,
     |                                          ^^^^^^^^^^^^ help: a constant with a similar name exists: `MAP_PRIVATE`
     |
    ::: /Users/phristov/.cargo/registry/src/index.crates.io-6f17d22bba15001f/libc-0.2.154/src/unix/bsd/apple/mod.rs:3334:1
     |
3334 | pub const MAP_PRIVATE: ::c_int = 0x0002;

Cargo.toml

[package]
name = "my-project"
version = "0.1.0"
edition = "2021"
build = "build.rs"

[dependencies]
fuse-backend-rs = { version = "0.12.0", features = ["async-io", "fuse-t"] }
futures = "0.3.30"
libc = "0.2.68"
signal-hook = "0.3.17"
async-trait = "0.1.80"

main.rs

use std::io::{Result as StdResult};
use fuse_backend_rs::api::filesystem::{AsyncFileSystem};

#[tokio::main]
async fn main() -> StdResult<()> {
  println!("hello wordl!");

    Ok(())
}

Any ideas on the best way to workaround the issue?

First off, I am really enjoying this library, so thank you. I've noticed an issue using asyncio on linux, where the code is conditional on a feature that doesn't exist (notice the _ instead of -)

currently fuse-backend-rs is using epoll to polling event from fuse device, and epoll is platform specific, in order to support macfuse, we need to use kqueue when poll event from underlying fd, mio is a sophisticated option to support cross platform.

Defining a drop file system as a read only pass through file system that silently ignores write operations.

My plan is for open read, we'd do the open and forward the reads. For create / write we open behave like /dev/null
For read directory, if the directory exists read it normally
Otherwise treat it like an empty directory.

Reading and writing to a file descriptor that doesn't exist is undefined thinking that it does not throw an error, instead behaves like /dev/null unless it's faster to throw an error.

Getting information for files the don't exist Acts like /dev/null

Would be a lot easier if pass through was a trait with default imitation that actually does pass through.

I was thinking I would be to have a pass through in my struct and forward valid operations and mask failures. Also always disable write caching. My understanding is that their is only one trait I need to implement and that's BackendFileSystem or FileSystem

I was looking at the pass through file system defined here, as well as https://github.com/libfuse/libfuse/blob/master/example/passthrough_hp.cc My understanding is that passthrough_hp.cc doesn't do any unnecessary copies.

1. Does the pass through do unnecessary copies?
2. Do I always need synchronous io?
3. Is there anything like memory mapping that I have to worry about? I really don't want the user to be able to write to the underlying FS under any circumstance.
4. Should I disable write cashing?
5. Would it be more performant to implement a black hole (acts acts like an empty directory and ignores all write and creation) and then set up an overlay?
6. BackendFileSystem vs FileSystem

Hello, I am working on a virtual filesystem using fuse-backend-rs for tvix, a Rust implementation of Nix. Most of the underlying filesystem is built on top of async Rust + tokio, so it would be great to be able to use the AsyncFileSystem trait. I've tried doing this but I've hit some issues figuring out how to drive the filesystem with both FUSE and virtiofs.

For FUSE it looks like there is some code to support driving async FUSE tasks:

However, this code is behind the async_io feature flag, even though the real feature flag is async-io. The code here also seems to refer to things that have been deleted like use crate::async_util::{AsyncDriver, AsyncExecutor}.

I was wondering if async is something that is supported or if its currently in a broken state and needs some more help to become functional again?

We have a number of issues caused by the number of files that this crate opens in the context of running in Nydus.

The first issue is with workloads that perform a large number of filesystem operations, the longer the pod runs the more file descriptors that get collected. Nydus sets the rlimit on the host, but for some systems, this is capped at 2^20 (1048576) and can't go above this value. We have seen this cause issues with a workload where it enters a state in which it is in a constant crash loop and is unable to recover unless the pod is deleted and recreated. The pod constantly complains about OSError: [Errno 24] Too many open files yet the actual workload inside the VM is not reaching the descriptor limit.

When inspecting the nr-open count and comparing this to the ulimit within the Linux namespace for the pod on the host node, we see that nr-open is maxed out at the ulimit value. The majority of these files are currently in an open state under the Nydus process.

Having so many files in a constant open state also causes the kubelet CPU usage to increase drastically. This is because the kubelet runs cadvisor which collects metrics on the open file descriptors and the type of file descriptor (eg if it's a socket or a file). We recently opened an issue with cadvisor about this metric stat collection, which can be found here (google/cadvisor#3233), but it would be good to try and solve the issue at the source.

I assume the reason the open file descriptor is “cached” is so that the overhead of executing the open syscall is reduced? If this is the case, is there a way to automatically close a file descriptor if it's not used often? Something like a timeout on the descriptor so if it's not been accessed after x amount of time it gets closed, this allows it to be reopened when it's needed again.

Any thoughts or ideas would be greatly appreciated.

Thank you for providing fuse-backend-rs!

I'm currently transitioning from fuse_mt to fuse-backend-rs and ran into a really annoying issue. fuse_mt makes use of libfuse, which allows it to mount fuse file systems without being root. This, unfortunately, is not the case for fuse-backend-rs (the root part, not depending on libfuse is actually great as pure Rust code simplifies compilation a lot).

The secret sauce behind not requiring root permission is a set-uid program called fusermount which mounts the fuse FS on behalves of the user.

I have a working prototype of fuse-backend-rs using the fusermount mechanism for mounting in https://github.com/fzgregor/fuse-backend-rs. Though, it's still very messy, and I wanted to touch base with you before going forward. It entirely replaces the mount system call with fusermount at the moment, which might not be great in certain environments... I thought one could check whether the appropriate permissions are available and then use either mechanism.

So, what are your thoughts about this?

The prototype currently requires polachok/passfd#10 to land.