NFSD: Add a subsystem policy document · tjh.dev/kernel@3a1ce35

+547

Documentation/filesystems/nfs/nfsd-maintainer-entry-profile.rst

··· 1 + NFSD Maintainer Entry Profile 2 + ============================= 3 + 4 + A Maintainer Entry Profile supplements the top-level process 5 + documents (found in Documentation/process/) with customs that are 6 + specific to a subsystem and its maintainers. A contributor may use 7 + this document to set their expectations and avoid common mistakes. 8 + A maintainer may use these profiles to look across subsystems for 9 + opportunities to converge on best common practices. 10 + 11 + Overview 12 + -------- 13 + The Network File System (NFS) is a standardized family of network 14 + protocols that enable access to files across a set of network- 15 + connected peer hosts. Applications on NFS clients access files that 16 + reside on file systems that are shared by NFS servers. A single 17 + network peer can act as both an NFS client and an NFS server. 18 + 19 + NFSD refers to the NFS server implementation included in the Linux 20 + kernel. An in-kernel NFS server has fast access to files stored 21 + in file systems local to that server. NFSD can share files stored 22 + on most of the file system types native to Linux, including xfs, 23 + ext4, btrfs, and tmpfs. 24 + 25 + Mailing list 26 + ------------ 27 + The linux-nfs@vger.kernel.org mailing list is a public list. Its 28 + purpose is to enable collaboration among developers working on the 29 + Linux NFS stack, both client and server. It is not a place for 30 + conversations that are not related directly to the Linux NFS stack. 31 + 32 + The linux-nfs mailing list is archived on `lore.kernel.org <https://lore.kernel.org/linux-nfs/>`_. 33 + 34 + The Linux NFS community does not have any chat room. 35 + 36 + Reporting bugs 37 + -------------- 38 + If you experience an NFSD-related bug on a distribution-built 39 + kernel, please start by working with your Linux distributor. 40 + 41 + Bug reports against upstream Linux code bases are welcome on the 42 + linux-nfs@vger.kernel.org mailing list, where some active triage 43 + can be done. NFSD bugs may also be reported in the Linux kernel 44 + community's bugzilla at: 45 + 46 + https://bugzilla.kernel.org 47 + 48 + Please file NFSD-related bugs under the "Filesystems/NFSD" 49 + component. In general, including as much detail as possible is a 50 + good start, including pertinent system log messages from both 51 + the client and server. 52 + 53 + User space software related to NFSD, such as mountd or the exportfs 54 + command, is contained in the nfs-utils package. Report problems 55 + with those components to linux-nfs@vger.kernel.org. You might be 56 + directed to move the report to a specific bug tracker. 57 + 58 + Contributor's Guide 59 + ------------------- 60 + 61 + Standards compliance 62 + ~~~~~~~~~~~~~~~~~~~~ 63 + The priority is for NFSD to interoperate fully with the Linux NFS 64 + client. We also test against other popular NFS client implementa- 65 + tions regularly at NFS bake-a-thon events (also known as plug- 66 + fests). Non-Linux NFS clients are not part of upstream NFSD CI/CD. 67 + 68 + The NFSD community strives to provide an NFS server implementation 69 + that interoperates with all standards-compliant NFS client 70 + implementations. This is done by staying as close as is sensible to 71 + the normative mandates in the IETF's published NFS, RPC, and GSS-API 72 + standards. 73 + 74 + It is always useful to reference an RFC and section number in a code 75 + comment where behavior deviates from the standard (and even when the 76 + behavior is compliant but the implementation is obfuscatory). 77 + 78 + On the rare occasion when a deviation from standard-mandated 79 + behavior is needed, brief documentation of the use case or 80 + deficiencies in the standard is a required part of in-code 81 + documentation. 82 + 83 + Care must always be taken to avoid leaking local error codes (ie, 84 + errnos) to clients of NFSD. A proper NFS status code is always 85 + required in NFS protocol replies. 86 + 87 + NFSD administrative interfaces 88 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 89 + NFSD administrative interfaces include: 90 + 91 + - an NFSD or SUNRPC module parameter 92 + 93 + - export options in /etc/exports 94 + 95 + - files under /proc/fs/nfsd/ or /proc/sys/sunrpc/ 96 + 97 + - the NFSD netlink protocol 98 + 99 + Frequently, a request is made to introduce or modify one of NFSD's 100 + traditional administrative interfaces. Certainly it is technically 101 + easy to introduce a new administrative setting. However, there are 102 + good reasons why the NFSD maintainers prefer to leave that as a last 103 + resort: 104 + 105 + - As with any API, administrative interfaces are difficult to get 106 + right. 107 + 108 + - Once they are documented and have a legacy of use, administrative 109 + interfaces become difficult to modify or remove. 110 + 111 + - Every new administrative setting multiplies the NFSD test matrix. 112 + 113 + - The cost of one administrative interface is incremental, but costs 114 + add up across all of the existing interfaces. 115 + 116 + It is often better for everyone if effort is made up front to 117 + understanding the underlying requirement of the new setting, and 118 + then trying to make it tune itself (or to become otherwise 119 + unnecessary). 120 + 121 + If a new setting is indeed necessary, first consider adding it to 122 + the NFSD netlink protocol. Or if it doesn't need to be a reliable 123 + long term user space feature, it can be added to NFSD's menagerie of 124 + experimental settings which reside under /sys/kernel/debug/nfsd/ . 125 + 126 + Field observability 127 + ~~~~~~~~~~~~~~~~~~~ 128 + NFSD employs several different mechanisms for observing operation, 129 + including counters, printks, WARNings, and static trace points. Each 130 + have their strengths and weaknesses. Contributors should select the 131 + most appropriate tool for their task. 132 + 133 + - BUG must be avoided if at all possible, as it will frequently 134 + result in a full system crash. 135 + 136 + - WARN is appropriate only when a full stack trace is useful. 137 + 138 + - printk can show detailed information. These must not be used 139 + in code paths where they can be triggered repeatedly by remote 140 + users. 141 + 142 + - dprintk can show detailed information, but can be enabled only 143 + in pre-set groups. The overhead of emitting output makes dprintk 144 + inappropriate for frequent operations like I/O. 145 + 146 + - Counters are always on, but provide little information about 147 + individual events other than how frequently they occur. 148 + 149 + - static trace points can be enabled individually or in groups 150 + (via a glob). These are generally low overhead, and thus are 151 + favored for use in hot paths. 152 + 153 + - dynamic tracing, such as kprobes or eBPF, are quite flexible but 154 + cannot be used in certain environments (eg, full kernel lock- 155 + down). 156 + 157 + Testing 158 + ~~~~~~~ 159 + The kdevops project 160 + 161 + https://github.com/linux-kdevops/kdevops 162 + 163 + contains several NFS-specific workflows, as well as the community 164 + standard fstests suite. These workflows are based on open source 165 + testing tools such as ltp and fio. Contributors are encouraged to 166 + use these tools without kdevops, or contributors should install and 167 + use kdevops themselves to verify their patches before submission. 168 + 169 + Coding style 170 + ~~~~~~~~~~~~ 171 + Follow the coding style preferences described in 172 + 173 + Documentation/process/coding-style.rst 174 + 175 + with the following exceptions: 176 + 177 + - Add new local variables to a function in reverse Christmas tree 178 + order 179 + 180 + - Use the kdoc comment style for 181 + + non-static functions 182 + + static inline functions 183 + + static functions that are callbacks/virtual functions 184 + 185 + - All new function names start with "nfsd_" for non-NFS-version- 186 + specific functions. 187 + 188 + - New function names that are specific to NFSv2 or NFSv3, or are 189 + used by all minor versions of NFSv4, use "nfsdN_" where N is 190 + the version. 191 + 192 + - New function names specific to an NFSv4 minor version can be 193 + named with "nfsd4M_" where M is the minor version. 194 + 195 + Patch preparation 196 + ~~~~~~~~~~~~~~~~~ 197 + Read and follow all guidelines in 198 + 199 + Documentation/process/submitting-patches.rst 200 + 201 + Use tagging to identify all patch authors. However, reviewers and 202 + testers should be added by replying to the email patch submission. 203 + Email is extensively used in order to publicly archive review and 204 + testing attributions. These tags are automatically inserted into 205 + your patches when they are applied. 206 + 207 + The code in the body of the diff already shows /what/ is being 208 + changed. Thus it is not necessary to repeat that in the patch 209 + description. Instead, the description should contain one or more 210 + of: 211 + 212 + - A brief problem statement ("what is this patch trying to fix?") 213 + with a root-cause analysis. 214 + 215 + - End-user visible symptoms or items that a support engineer might 216 + use to search for the patch, like stack traces. 217 + 218 + - A brief explanation of why the patch is the best way to address 219 + the problem. 220 + 221 + - Any context that reviewers might need to understand the changes 222 + made by the patch. 223 + 224 + - Any relevant benchmarking results, and/or functional test results. 225 + 226 + As detailed in Documentation/process/submitting-patches.rst, 227 + identify the point in history that the issue being addressed was 228 + introduced by using a Fixes: tag. 229 + 230 + Mention in the patch description if that point in history cannot be 231 + determined -- that is, no Fixes: tag can be provided. In this case, 232 + please make it clear to maintainers whether an LTS backport is 233 + needed even though there is no Fixes: tag. 234 + 235 + The NFSD maintainers prefer to add stable tagging themselves, after 236 + public discussion in response to the patch submission. Contributors 237 + may suggest stable tagging, but be aware that many version 238 + management tools add such stable Cc's when you post your patches. 239 + Don't add "Cc: stable" unless you are absolutely sure the patch 240 + needs to go to stable during the initial submission process. 241 + 242 + Patch submission 243 + ~~~~~~~~~~~~~~~~ 244 + Patches to NFSD are submitted via the kernel's email-based review 245 + process that is common to most other kernel subsystems. 246 + 247 + Just before each submission, rebase your patch or series on the 248 + nfsd-testing branch at 249 + 250 + https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git 251 + 252 + The NFSD subsystem is maintained separately from the Linux in-kernel 253 + NFS client. The NFSD maintainers do not normally take submissions 254 + for client changes, nor can they respond authoritatively to bug 255 + reports or feature requests for NFS client code. 256 + 257 + This means that contributors might be asked to resubmit patches if 258 + they were emailed to the incorrect set of maintainers and reviewers. 259 + This is not a rejection, but simply a correction of the submission 260 + process. 261 + 262 + When in doubt, consult the NFSD entry in the MAINTAINERS file to 263 + see which files and directories fall under the NFSD subsystem. 264 + 265 + The proper set of email addresses for NFSD patches are: 266 + 267 + To: the NFSD maintainers and reviewers listed in MAINTAINERS 268 + Cc: linux-nfs@vger.kernel.org and optionally linux-kernel@ 269 + 270 + If there are other subsystems involved in the patches (for example 271 + MM or RDMA) their primary mailing list address can be included in 272 + the Cc: field. Other contributors and interested parties may be 273 + included there as well. 274 + 275 + In general we prefer that contributors use common patch email tools 276 + such as "git send-email" or "stg email format/send", which tend to 277 + get the details right without a lot of fuss. 278 + 279 + A series consisting of a single patch is not required to have a 280 + cover letter. However, a cover letter can be included if there is 281 + substantial context that is not appropriate to include in the 282 + patch description. 283 + 284 + Please note that, with an e-mail based submission process, series 285 + cover letters are not part of the work that is committed to the 286 + kernel source code base or its commit history. Therefore always try 287 + to keep pertinent information in the patch descriptions. 288 + 289 + Design documentation is welcome, but as cover letters are not 290 + preserved, a perhaps better option is to include a patch that adds 291 + such documentation under Documentation/filesystems/nfs/. 292 + 293 + Reviewers will ask about test coverage and what use cases the 294 + patches are expected to address. Please be prepared to answer these 295 + questions. 296 + 297 + Review comments from maintainers might be politely stated, but in 298 + general, these are not optional to address when they are actionable. 299 + If necessary, the maintainers retain the right to not apply patches 300 + when contributors refuse to address reasonable requests. 301 + 302 + Post changes to kernel source code and user space source code as 303 + separate series. You can connect the two series with comments in 304 + your cover letters. 305 + 306 + Generally the NFSD maintainers ask for a reposts even for simple 307 + modifications in order to publicly archive the request and the 308 + resulting repost before it is pulled into the NFSD trees. This 309 + also enables us to rebuild a patch series quickly without missing 310 + changes that might have been discussed via email. 311 + 312 + Avoid frequently reposting large series with only small changes. As 313 + a rule of thumb, posting substantial changes more than once a week 314 + will result in reviewer overload. 315 + 316 + Remember, there are only a handful of subsystem maintainers and 317 + reviewers, but potentially many sources of contributions. The 318 + maintainers and reviewers, therefore, are always the less scalable 319 + resource. Be kind to your friendly neighborhood maintainer. 320 + 321 + Patch Acceptance 322 + ~~~~~~~~~~~~~~~~ 323 + There isn't a formal review process for NFSD, but we like to see 324 + at least two Reviewed-by: notices for patches that are more than 325 + simple clean-ups. Reviews are done in public on 326 + linux-nfs@vger.kernel.org and are archived on lore.kernel.org. 327 + 328 + Currently the NFSD patch queues are maintained in branches here: 329 + 330 + https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git 331 + 332 + The NFSD maintainers apply patches initially to the nfsd-testing 333 + branch, which is always open to new submissions. Patches can be 334 + applied while review is ongoing. nfsd-testing is a topic branch, 335 + so it can change frequently, it will be rebased, and your patch 336 + might get dropped if there is a problem with it. 337 + 338 + Generally a script-generated "thank you" email will indicate when 339 + your patch has been added to the nfsd-testing branch. You can track 340 + the progress of your patch using the linux-nfs patchworks instance: 341 + 342 + https://patchwork.kernel.org/project/linux-nfs/list/ 343 + 344 + While your patch is in nfsd-testing, it is exposed to a variety of 345 + test environments, including community zero-day bots, static 346 + analysis tools, and NFSD continuous integration testing. The soak 347 + period is three to four weeks. 348 + 349 + Each patch that survives in nfsd-testing for the soak period without 350 + changes is moved to the nfsd-next branch. 351 + 352 + The nfsd-next branch is automatically merged into linux-next and 353 + fs-next on a nightly basis. 354 + 355 + Patches that survive in nfsd-next are included in the next NFSD 356 + merge window pull request. These windows typically occur once every 357 + 63 days (nine weeks). 358 + 359 + When the upstream merge window closes, the nfsd-next branch is 360 + renamed nfsd-fixes, and a new nfsd-next branch is created, based on 361 + the upstream -rc1 tag. 362 + 363 + Fixes that are destined for an upstream -rc release also run the 364 + nfsd-testing gauntlet, but are then applied to the nfsd-fixes 365 + branch. That branch is made available for Linus to pull after a 366 + short time. In order to limit the risk of introducing regressions, 367 + we limit such fixes to emergency situations or fixes to breakage 368 + that occurred during the most recent upstream merge. 369 + 370 + Please make it clear when submitting an emergency patch that 371 + immediate action (either application to -rc or LTS backport) is 372 + needed. 373 + 374 + Sensitive patch submissions and bug reports 375 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 376 + CVEs are generated by specific members of the Linux kernel community 377 + and several external entities. The Linux NFS community does not emit 378 + or assign CVEs. CVEs are assigned after an issue and its fix are 379 + known. 380 + 381 + However, the NFSD maintainers sometimes receive sensitive security 382 + reports, and at times these are significant enough to need to be 383 + embargoed. In such rare cases, fixes can be developed and reviewed 384 + out of the public eye. 385 + 386 + Please be aware that many version management tools add the stable 387 + Cc's when you post your patches. This is generally a nuisance, but 388 + it can result in outing an embargoed security issue accidentally. 389 + Don't add "Cc: stable" unless you are absolutely sure the patch 390 + needs to go to stable@ during the initial submission process. 391 + 392 + Patches that are merged without ever appearing on any list, and 393 + which carry a Reported-by: or Fixes: tag are detected as suspicious 394 + by security-focused people. We encourage that, after any private 395 + review, security-sensitive patches should be posted to linux-nfs@ 396 + for the usual public review, archiving, and test period. 397 + 398 + LLM-generated submissions 399 + ~~~~~~~~~~~~~~~~~~~~~~~~~ 400 + The Linux kernel community as a whole is still exploring the new 401 + world of LLM-generated code. The NFSD maintainers will entertain 402 + submission of patches that are partially or wholly generated by 403 + LLM-based development tools. Such submissions are held to the 404 + same standards as submissions created entirely by human authors: 405 + 406 + - The human contributor identifies themselves via a Signed-off-by: 407 + tag. This tag counts as a DoC. 408 + 409 + - The human contributor is solely responsible for code provenance 410 + and any contamination by inadvertently-included code with a 411 + conflicting license, as usual. 412 + 413 + - The human contributor must be able to answer and address review 414 + questions. A patch description such as "This fixed my problem 415 + but I don't know why" is not acceptable. 416 + 417 + - The contribution is subjected to the same test regimen as all 418 + other submissions. 419 + 420 + - An indication (via a Generated-by: tag or otherwise) that the 421 + contribution is LLM-generated is not required. 422 + 423 + It is easy to address review comments and fix requests in LLM 424 + generated code. So easy, in fact, that it becomes tempting to repost 425 + refreshed code immediately. Please resist that temptation. 426 + 427 + As always, please avoid reposting series revisions more than once 428 + every 24 hours. 429 + 430 + Clean-up patches 431 + ~~~~~~~~~~~~~~~~ 432 + The NFSD maintainers discourage patches which perform simple clean- 433 + ups, which are not in the context of other work. For example: 434 + 435 + * Addressing ``checkpatch.pl`` warnings after merge 436 + * Addressing :ref:`Local variable ordering<rcs>` issues 437 + * Addressing long-standing whitespace damage 438 + 439 + This is because it is felt that the churn that such changes produce 440 + comes at a greater cost than the value of such clean-ups. 441 + 442 + Conversely, spelling and grammar fixes are encouraged. 443 + 444 + Stable and LTS support 445 + ---------------------- 446 + Upstream NFSD continuous integration testing runs against LTS trees 447 + whenever they are updated. 448 + 449 + Please indicate when a patch containing a fix needs to be considered 450 + for LTS kernels, either via a Fixes: tag or explicit mention. 451 + 452 + Feature requests 453 + ---------------- 454 + There is no one way to make an official feature request, but 455 + discussion about the request should eventually make its way to 456 + the linux-nfs@vger.kernel.org mailing list for public review by 457 + the community. 458 + 459 + Subsystem boundaries 460 + ~~~~~~~~~~~~~~~~~~~~ 461 + NFSD itself is not much more than a protocol engine. This means its 462 + primary responsibility is to translate the NFS protocol into API 463 + calls in the Linux kernel. For example, NFSD is not responsible for 464 + knowing exactly how bytes or file attributes are managed on a block 465 + device. It relies on other kernel subsystems for that. 466 + 467 + If the subsystems on which NFSD relies do not implement a particular 468 + feature, even if the standard NFS protocols do support that feature, 469 + that usually means NFSD cannot provide that feature without 470 + substantial development work in other areas of the kernel. 471 + 472 + Specificity 473 + ~~~~~~~~~~~ 474 + Feature requests can come from anywhere, and thus can often be 475 + nebulous. A requester might not understand what a "use case" or 476 + "user story" is. These descriptive paradigms are often used by 477 + developers and architects to understand what is required of a 478 + design, but are terms of art in the software trade, not used in 479 + the everyday world. 480 + 481 + In order to prevent contributors and maintainers from becoming 482 + overwhelmed, we won't be afraid of saying "no" politely to 483 + underspecified requests. 484 + 485 + Community roles and their authority 486 + ----------------------------------- 487 + The purpose of Linux subsystem communities is to provide expertise 488 + and active stewardship of a narrow set of source files in the Linux 489 + kernel. This can include managing user space tooling as well. 490 + 491 + To contextualize the structure of the Linux NFS community that 492 + is responsible for stewardship of the NFS server code base, we 493 + define the community roles here. 494 + 495 + - **Contributor** : Anyone who submits a code change, bug fix, 496 + recommendation, documentation fix, and so on. A contributor can 497 + submit regularly or infrequently. 498 + 499 + - **Outside Contributor** : A contributor who is not a regular actor 500 + in the Linux NFS community. This can mean someone who contributes 501 + to other parts of the kernel, or someone who just noticed a 502 + misspelling in a comment and sent a patch. 503 + 504 + - **Reviewer** : Someone who is named in the MAINTAINERS file as a 505 + reviewer is an area expert who can request changes to contributed 506 + code, and expects that contributors will address the request. 507 + 508 + - **External Reviewer** : Someone who is not named in the 509 + MAINTAINERS file as a reviewer, but who is an area expert. 510 + Examples include Linux kernel contributors with networking, 511 + security, or persistent storage expertise, or developers who 512 + contribute primarily to other NFS implementations. 513 + 514 + One or more people will take on the following roles. These people 515 + are often generically referred to as "maintainers", and are 516 + identified in the MAINTAINERS file with the "M:" tag under the NFSD 517 + subsystem. 518 + 519 + - **Upstream Release Manager** : This role is responsible for 520 + curating contributions into a branch, reviewing test results, and 521 + then sending a pull request during merge windows. There is a 522 + trust relationship between the release manager and Linus. 523 + 524 + - **Bug Triager** : Someone who is a first responder to bug reports 525 + submitted to the linux-nfs mailing list or bug trackers, and helps 526 + troubleshoot and identify next steps. 527 + 528 + - **Security Lead** : The security lead handles contacts from the 529 + security community to resolve immediate issues, as well as dealing 530 + with long-term security issues such as supply chain concerns. For 531 + upstream, that's usually whether contributions violate licensing 532 + or other intellectual property agreements. 533 + 534 + - **Testing Lead** : The testing lead builds and runs the test 535 + infrastructure for the subsystem. The testing lead may ask for 536 + patches to be dropped because of ongoing high defect rates. 537 + 538 + - **LTS Maintainer** : The LTS maintainer is responsible for managing 539 + the Fixes: and Cc: stable annotations on patches, and seeing that 540 + patches that cannot be automatically applied to LTS kernels get 541 + proper manual backports as necessary. 542 + 543 + - **Community Manager** : This umpire role can be asked to call balls 544 + and strikes during conflicts, but is also responsible for ensuring 545 + the health of the relationships within the community and for 546 + facilitating discussions on long-term topics such as how to manage 547 + growing technical debt.

+1

Documentation/maintainer/maintainer-entry-profile.rst

··· 110 110 ../process/maintainer-netdev 111 111 ../driver-api/vfio-pci-device-specific-driver-acceptance 112 112 ../nvme/feature-and-quirk-policy 113 + ../filesystems/nfs/nfsd-maintainer-entry-profile 113 114 ../filesystems/xfs/xfs-maintainer-entry-profile 114 115 ../mm/damon/maintainer-profile

+1

MAINTAINERS

··· 13560 13560 R: Tom Talpey <tom@talpey.com> 13561 13561 L: linux-nfs@vger.kernel.org 13562 13562 S: Supported 13563 + P: Documentation/filesystems/nfs/nfsd-maintainer-entry-profile.rst 13563 13564 B: https://bugzilla.kernel.org 13564 13565 T: git git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git 13565 13566 F: Documentation/filesystems/nfs/