Re: RFC: Solaris style extended attributes for FreeBSD

On Sun, Mar 9, 2025 at 8:24 AM Rick Macklem <rick.macklem@gmail.com> wrote:
>
> On Sun, Mar 9, 2025 at 5:46 AM Andrew Walker <awalker@ixsystems.com> wrote:
> >
> > Out of curiosity, how are you preventing users from creating / writing
> > xattrs with the `system?` name prefix. In ZFS on FreeBSD IIRC this
> > prefix is used to determine whether the corresponding attribute when
> > accessed via the extattr interface is in the user or system
> > namespaces.
> A couple of comments...
> 1 - My current thinking would be a ZFS fs would be configured for one
>      or the other (mixing them is weird as noted by the next comment),
>      There is currently the xattr property that can be set to "dir" or "sa".
> 2 - I haven't looked at system space FreeBSD attributes yet (I will),
>      but when mixing them, you can get two attributes with the same name
>      showing up in the named attribute directory (the open gets the named
>      attribute one). I haven't yet figured out how to get rid of the duplicate.
> 3 - I assume the patch could include code that excludes "system.xxx" names
>      from the directory. (I'll do some testing.)

This seems to be the NFS equivalent to SMB alternate data streams (or
MacOS resource forks).

In my opinion it's better to keep them cleanly separated from xattrs /
extattrs (minimally in a different namespace). Solaris IIRC did this
with its SMB server (there xattrs IIRC were written to an SA and
streams were written using the attributes directory). When ZFS got
ported to FreeBSD / Linux, the attr dir got repurposed for extattr /
xattr, and then when performance problems were found (and problems
with expectation of atomicity with ops) they were shifted to SA /
dnode bonus block.

I think it would be better (inside ZFS) to have a dedicated hard-coded
prefix for stuff written in the attr dir. For example: "stream.". This
can be used to delineate ones that should never be written to SA from
regular user namespace extattrs and regular user namespace ones. This
can correspond to adding a new extattr namespace in the FreeBSD VFS
(for examples "stream") that can be used to present these like we
separate out the prefix for system.

This gives a few advantages:
1. It prevents writing to restricted namespace
2. prevents weird combinations of SA and file

Unfortunately, this also means having to adjust userspace backup tools
(such as tar) and cp / mv to account for the new extattr namespace. If
the data gets replicated to a system that lacks this support, IIRC the
ZFS streams will appear in the user namespace with the string
"stream." prefixing the extattr.

It's somewhat awkward, but generally trying to treat two different
sorts of thing (streams and xattrs) as if they're the same thing is
awkward. I do think that this may need to be socialized with upstream
openzfs.

Andrew