fuse-overlayfs icon indicating copy to clipboard operation
fuse-overlayfs copied to clipboard
verified publisher icon containers

FUSE Passthrough?

Open RushingAlien opened this issue 1 year ago • 3 comments

Linux 6.9 introduced FUSE passthrough, which will allow better performance for fuse-based filesystems. https://source.android.com/docs/core/storage/fuse-passthrough

gambar

I don't know if there is work that needs to be done on the fuse-overlayfs side to utliize it, but seeing the android documentation, it seems to be a yes.

When the FUSE daemon receives a request to open a file, it decides whether FUSE passthrough should be available for that particular file. If it's available, the daemon:

  • Notifies the FUSE driver about this request.
  • Enables FUSE passthrough for the file using the FUSE_DEV_IOC_PASSTHROUGH_OPEN ioctl, which must be performed on the file descriptor of the opened /dev/fuse.

RushingAlien avatar May 19 '24 07:05 RushingAlien

yes, we need to use the new interface provided by libfuse.

Unfortunately, it will work only for the root user, which is not a common use case for fuse-overlayfs

giuseppe avatar Jun 10 '24 11:06 giuseppe

Unfortunately, it will work only for the root user, which is not a common use case for fuse-overlayfs

Why is that the case? I see the check here, but I don't understand the TODO.

colinmarc avatar Oct 06 '24 14:10 colinmarc

I think the reason is the one highlighted in the inline comment:

/* TODO: relax CAP_SYS_ADMIN once backing files are visible to lsof */

The interface could be used by an unprivileged user to hide open files, since they are not visible under /proc.

giuseppe avatar Oct 07 '24 08:10 giuseppe