hoakley November 21, 2023 Macs, Technology

iCloud Drive in Sonoma: FileProvider and eviction

Now the dust has settled on the major changes brought about in iCloud Drive by Sonoma, I’ve started to look deeper at how iCloud Drive now works, once you have upgraded to macOS 14. One immediate impact is that existing utilities which present log extracts for iCloud Drive, including my own Cirrus and Mints, no longer work as expected, and need to be revised to cover its extensive use of FileProvider.

FileProvider

Apple introduced its new FileProvider API over two years ago, at WWDC 2021, when Johannes Fortmann of the Cloud File Providers team gave a presentation on what was then being encouraged of those who support third-party cloud services in macOS. For those services, FileProvider extensions deliver the interface between macOS, particularly APFS and the Finder, and the cloud service. As Apple hasn’t documented the internals of iCloud Drive, it hasn’t explained how FileProvider affects iCloud Drive now that they have been integrated in Sonoma.

Prior to Sonoma, one of the features in iCloud Drive that hasn’t behaved as documented is Optimise Mac Storage. This has changed in Sonoma, as it now effectively switches between two different types of file provider: a replicated file provider, which syncs between local and remote copies of all files put in the cloud, and a nonreplicated file provider, which hosts and manages files that can be stored locally or whose data may only exist in the cloud. Because a replicated FileProvider is far simpler and isn’t managed locally, I here concentrate on the nonreplicated form.

It’s essential to remember that, in the new iCloud Drive, changing Optimise Mac Storage results in a major change in behaviour, and as far as FileProvider is concerned, it effectively switches between two different versions of iCloud Drive.

New subsystem

FileProvider makes copious use of the Unified log, and its entries are rich in content, structured, and even use emoji effectively. Trying to understand what is happening in iCloud Drive in Sonoma without seeing entries from com.apple.FileProvider isn’t possible, though.

Currently, both Cirrus and Mints use the following predicate to obtain log extracts:
subsystem == "com.apple.clouddocs" OR subsystem == "com.apple.cloudkit" OR subsystem == "com.apple.mmcs" OR processImagePath CONTAINS[c] "cloudd" OR processImagePath CONTAINS[c] "bird" OR processID = 0
which doesn’t gather any for com.apple.FileProvider, so loses much of the information written to the log. I intend changing that by adding entries made by the FileProvider subsystem.

Example messages written by com.apple.FileProvider are:
┏10e3 💡 trigger: itemEvicted(.main(docID(14584)), inParent: .main(fileID(501470))) ┗10e3
These use an initial bracketing character to indicate that they form one response in its series, they use an emoji, and give explicit identities such as as the docID and fileID rather than the all-too-common anonymisation of <private>.

Eviction

The simplest action to analyse is that of eviction, when the local copy of a file held in iCloud Drive is removed, leaving it dataless, an action only available in nonreplicated file providers. This schedules a file provider evict operation, which first has to be handled by File Coordination. When that gives the go-ahead, FileProvider works through a series of steps to fetch the file’s metadata, clean remote versions, update its file system ‘snapshot’ (not an APFS volume snapshot), and change the item’s content status.

These are shown in the diagram below, built from log records obtained from Sonoma 14.1.1 evicting a single file from iCloud Drive.

iCloudDriveFPevict1

Involvement of traditional iCloud subsystems such as CloudDocs is now minimal, and the overwhelming majority of significant log entries are made by com.apple.FileProvider. If that looks long-winded, downloading or materialising that file is far longer and more complicated, as is adding a new file to iCloud Drive. The irony in this particular case is that, no sooner is the file evicted, but as its QuickLook thumbnail has to be displayed in the Finder, it’s immediately materialised for that purpose.

Consequences

Sonoma’s changes to iCloud Drive run deep, and so far (on limited testing) appear to increase reliability and make the choking of actions far less likely. The FileProvider API in macOS 14.1.1 doesn’t appear complete: I have seen at least one log entry referring to a feature which hasn’t yet been implemented. Although FileProvider should make any problems or errors more visible, the sheer volume of its log entries isn’t going to make their identification any easier. Once we’re more familiar with how it should work, it may well make diagnosing iCloud Drive problems more feasible, but the absence of technical documentation beyond that for third-party file providers doesn’t help.

13Comments

Add yours

1

Enzo Vincenzo on November 21, 2023 at 9:07 am

Dear Howard, I admire your efforts to understand and help us understand the (mysterious) workings of iCloud.
So far I have read your posts on iCloud with interest, but distractedly and as if all this did not interest me.
In fact, almost always or perhaps always, I have used iCloud to save downloads from my iPhone and then find them on my Mac.
Yesterday, however, for the first time I had the need to transfer a folder with eight JPG photos (300 KB each) from my Mac with Sonoma 14.1.1 to iCloud, to then be able to view them on my iPhone.
Well – given that the Internet connection was stable, fast and also with Ethernet – after ten minutes, half an hour, an hour… the aforementioned folder, which I found in iCloud Drive/Documents, did not appear in the Files app my iPhone with iOS 17.1.1.
In the Finder, the eight JPG files all appeared with the drawing of a gray cloud, while next to iCloud Drive, in the sidebar of the Finder, a small pie chart with a small sector appeared which gave the idea of a hypothetical upload. but without ever making any progress.
As a user of a computer and an operating system which (perhaps) is still the best and (it is still thought…) the simplest and most intuitive, at this point I WAIT at least for a button and/or a command from the contextual menu with to start and/or force the loading. INSTEAD NOTHING, just confusion and anger at not having been able to transfer the folder with the eight small files to iCloud so I could use them today.
Having to leave my office job, in fact, yesterday I waited more than an hour for the files to be transferred to iCloud, but in the end I had to turn off the Mac and leave. This morning, therefore, I sadly see that the aforementioned folder is not present in the app “File” of my iPhone.
Did I do something wrong?… Any other behavior of the Apps that use the Cloud allows you to select a file and start uploading it; even WeTransfer displays transfers…
Of course I know that I could have used Google Drive, Creative Cloud Drive and even WhatsApp, but on principle I didn’t.
I would rather hate Apple ( just kidding 🙂 ) and wish them a big failure or receive heavy fines for various reasons I don’t know, from various States, hoping that Apple will “lower the bar”, provide complete information and allow us to have full CONTROL of Finder/iCloud in a simple and INTUITIVE way for both expert and novice users.
In all of this I keep blaming myself and wondering what I did wrong because… it can’t be that Apple is so blind that it doesn’t know how to start a small upload from the Finder to iCloud, while it enjoys showing gray clouds that are still there hours later, as if they were making fun of me. 😦

LikeLiked by 1 person
- 2
  
  Enzo Vincenzo on November 21, 2023 at 10:01 am
  
  I would like to point out that even in this circumstance, in addition to hypothesizing my possible inability to do what I wrote above, I absolutely do not want to be offensive, but I just want to be very sarcastic, hoping to positively stimulate the pride and self-love of likely Apple developers who read this excellent blog and I’m sure there are many… 😉 🙂
  
  LikeLiked by 1 person
  - 3
    
    hoakley on November 21, 2023 at 12:10 pm
    
    Don’t worry – I’m sure any message is getting through.
    Howard.
    
    LikeLike
- 4
  
  hoakley on November 21, 2023 at 12:05 pm
  
  Why don’t you use AirDrop instead of iCloud Drive for such transfers?
  One tip that may well help: if you can, set a Mac up as a Content Caching server. That seems to help with such problems. In this case, it may well be that your Mac wasn’t able to connect to iCloud, which could be for many reasons, including a problem with iCloud itself.
  Howard.
  
  LikeLike
  - 5
    
    Enzo Vincenzo on November 21, 2023 at 12:30 pm
    
    Sure, Howard 😉 But it’s a question of principle for someone like me who from Classic 9 up to “OSX Lion” and perhaps to Maverick appreciated the Mac stability in all fundamentals functions.
    I have always had similar problems, however, with all Windows, from version 3.1 (bad and whose ugly GUI was only useful for starting applications in DOS by clicking on ugly icons) up to the latest version of Windows 11 Pro. This, however, (I use with Parallels Desktop 19) is proving to me that it has achieved great coherence in its main functioning, unlike macOS which, by introducing secondary features (useful or not), is undermining the stability and perfect functioning of the main functions. 😦
    
    LikeLiked by 1 person
    - 6
      
      hoakley on November 21, 2023 at 6:09 pm
      
      When you transfer each file via iCloud Drive, it has to be uploaded to iCloud servers, which is run as a background task and can be delayed for hours. Once on the servers, your iPhone has to be notified of the change, and then sync with the server, another step run in the background that may be delayed.
      AirDrop connects both of them directly via Wi-Fi. There’s no server involved, no delays, and I often use it to transfer files of 14 GB between Macs.
      The best principle is to use the most efficient way, surely?
      Howard.
      
      LikeLiked by 1 person
7

Fernando on November 21, 2023 at 7:59 pm

The comments so far are even more interesting when considering the additional value added to the iCloud Drive service with the addition of Advanced Data Protection. Cloud services providing end to end encryption are few.

Poor reliability of iCloud Drive (or poor perceived reliability) might stop some from moving to an ADP-enabled iCloud Drive if they have good reliability elsewhere.

From a user’s perspective, I’d like to have some sort of simple macOS GUI putting at ease my need to know that my data has 1) confidentiality, 2) integrity, and 3) availability.

I might be missing something but right now macOS meets #1 when once ADP is enabled. #2 is currently hard for a user to ascertain and may not even align with Apple’s philosophy to data storage if their stance on APFS can be applied here. #3 is what’s discussed in today’s comments but I think it’d be nice to have a button to force immediate uploads with an accompanying confirmation icon to notify a user no uploads are pending.

LikeLiked by 1 person
- 8
  
  hoakley on November 21, 2023 at 9:19 pm
  
  Thank you. Although we’re straying well off topic:
  1. You don’t need ADP unless you have particularly sensitive data, or are specially vulnerable.
  2. As Macs and TM don’t have it, I don’t think there’s any chance of Apple providing integrity checks. You can always use my Dintch/Fintch/cintch. I have a long-term integrity monitoring test running in iCloud Drive using them.
  3. If you have a decent Internet connection, then it’s most unusual for iCloud Drive not to be available. Because of the way that synchronisation works using background processes, I don’t see us ever getting a ‘sync now’ control. The problem hasn’t been iCloud availability, but the unreliability of its syncing mechanism in the past. And that’s where FileProvider comes in, as that’s the same mechanism as used by other cloud services in macOS.
  Howard.
  
  LikeLike
9

Fernando on November 22, 2023 at 2:58 am

Thanks Howard for entertaining the off topic remarks.
To your point on not needing ADP unless one has sensitive data or is vulnerable, at issue is that one doesn’t know if in the near future circumstances will turn their data sensitive or their lifestyle vulnerable. In other words, by the time one realizes they’ve crossed that threshold they’re now sensitive (due to circumstances) data may have already been compromised or at risk. Just because we don’t have something we want to secure now doesn’t mean we won’t need to secure it in the future.

Lastly, ADP (namely end to end encryption) opens up some new use cases for everyday users, such as considering (for the first time perhaps) storing copies of sensitive documents in the cloud as backups to physical copies. For example, copies of wills/testaments, tax filings, birth certificates, etc. Without ADP (decryption keys in third party hands which can be silently accessed via not-so-narrow warrants), I’d have a hard time recommending anyone store those types of documents in the cloud.

LikeLiked by 1 person
- 10
  
  hoakley on November 22, 2023 at 9:20 am
  
  There’s a much less restrictive solution: put those documents into an encrypted disk image, and store that in iCloud Drive. Several of the document types you list, including birth certificates and tax filings, are already more readily accessible by other means, so almost any warrant can obtain them anyway, for what they’re worth.
  Howard.
  
  LikeLike
11

Michael Tsai - Blog - iCloud Drive in Sonoma: FileProvider and Eviction on December 14, 2023 at 9:20 pm

[…] Howard Oakley: […]

LikeLike
12

Michele Galvagno on February 16, 2024 at 6:38 pm

Do you happen to use Dropbox?
If so, do you know why it is listed (and active!) in the Apps Using iCloud Drive in System Settings > iCloud? Turning that off doesn’t seem to affect the app negatively.
If you use it, have you also noticed how annoyingly it asks to be converted to the new File Provider system? An unwary user may just accept, but reading users experiences I stayed my hand…

LikeLiked by 1 person
- 13
  
  hoakley on February 16, 2024 at 7:14 pm
  
  Sorry, no. And I have no idea why it’s listed there.
  I don’t know about Dropbox, but for iCloud Drive the file provider system has been a huge leap forward.
  Howard.
  
  LikeLiked by 1 person

·Comments are closed.

The Eclectic Light Company

iCloud Drive in Sonoma: FileProvider and eviction

FileProvider

New subsystem

Eviction

Consequences

Further reading

FileProvider

New subsystem

Eviction

Consequences

Further reading

Share this:

Related