On Thu, Jan 25, 2018, at 2:11 PM, Theodore Ts'o wrote: > I'd like to talk about a proposal to implement and upstream something > that we've been calling fs-verity, I am very excited by this! > ... read-only files in a general way for all file systems Hi, it's me again! I was summoned by this mention of read-only files. You may recall our previous conversation: https://www.spinics.net/lists/linux-fsdevel/msg75086.html (I also cleverly tried to work it in to a tangentially related DAX discussion in https://marc.info/?l=linux-fsdevel&m=150152316817001&w=2 ) So given this proposal will require read-only files, can we do the interface bikeshedding soon around what the userspace API will look like, and have it be orthogonal to (but a prerequisite for) fs-verity? My thought is that it's some sort of fcntl on O_TMPFILE fds, and the link() seals it. Also, I really hope it'll be possible to make hardlinks to "read-only files", as that's how https://github.com/ostreedev/ostree works.
