composefs icon indicating copy to clipboard operation
composefs copied to clipboard

Published 20 hours ago verified publisher icon containers

Upstream dependencies

Open alexlarsson opened this issue 2 years ago • 3 comments

To make it easier to track things, lets use this issue to track the current state (and to have discussions about this).

Current state:

  • The use of data-only lower layers (to hide all possible files in the basedir) we need the lazy-lower-data support which was added in 6.5.

  • To use the LCFS_MOUNT_FLAGS_REQUIRE_VERITY (or -o verity) options you need the overlay verity patches, which was added in 6.6rc1.

  • Overlayfs also requires erofs support for chunked files. This was added in linux 5.15.

  • To be able to store overlayfs lower directories (nested overlayfs) some overlay patches will be needed, these are being discussed on the list.

alexlarsson avatar Jun 12 '23 11:06 alexlarsson

With this merge: https://github.com/torvalds/linux/commit/63580f669d7ff5aa5a1fa2e3994114770a491722 (will be in 6.6) we now support the LCFS_MOUNT_FLAGS_REQUIRE_VERITY flag upstream.

alexlarsson avatar Aug 31 '23 08:08 alexlarsson

  • Overlayfs also requires erofs support for chunked files. This was added in linux 5.15.

Why is support for chunked files needed? Perhaps I'm mistaken, but I'd expect the erofs image to have no actual data, so chunks would not be needed.

jluebbe avatar Aug 31 '23 11:08 jluebbe

@jluebbe All the files on the erofs need to be the same size as the backing file (typically using some form of hole). To do that size-effectively in erofs we use chunked files with a null backing block.

alexlarsson avatar Sep 01 '23 07:09 alexlarsson