Re: [PATCH v2 1/4] erofs: add file-backed mount support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

On Tue 24-09-24 11:21:59, Geert Uytterhoeven wrote:
> On Fri, Aug 30, 2024 at 5:29 AM Gao Xiang <hsiangkao@xxxxxxxxxxxxxxxxx> wrote:
> > It actually has been around for years: For containers and other sandbox
> > use cases, there will be thousands (and even more) of authenticated
> > (sub)images running on the same host, unlike OS images.
> >
> > Of course, all scenarios can use the same EROFS on-disk format, but
> > bdev-backed mounts just work well for OS images since golden data is
> > dumped into real block devices.  However, it's somewhat hard for
> > container runtimes to manage and isolate so many unnecessary virtual
> > block devices safely and efficiently [1]: they just look like a burden
> > to orchestrators and file-backed mounts are preferred indeed.  There
> > were already enough attempts such as Incremental FS, the original
> > ComposeFS and PuzzleFS acting in the same way for immutable fses.  As
> > for current EROFS users, ComposeFS, containerd and Android APEXs will
> > be directly benefited from it.
> >
> > On the other hand, previous experimental feature "erofs over fscache"
> > was once also intended to provide a similar solution (inspired by
> > Incremental FS discussion [2]), but the following facts show file-backed
> > mounts will be a better approach:
> >  - Fscache infrastructure has recently been moved into new Netfslib
> >    which is an unexpected dependency to EROFS really, although it
> >    originally claims "it could be used for caching other things such as
> >    ISO9660 filesystems too." [3]
> >
> >  - It takes an unexpectedly long time to upstream Fscache/Cachefiles
> >    enhancements.  For example, the failover feature took more than
> >    one year, and the deamonless feature is still far behind now;
> >
> >  - Ongoing HSM "fanotify pre-content hooks" [4] together with this will
> >    perfectly supersede "erofs over fscache" in a simpler way since
> >    developers (mainly containerd folks) could leverage their existing
> >    caching mechanism entirely in userspace instead of strictly following
> >    the predefined in-kernel caching tree hierarchy.
> >
> > After "fanotify pre-content hooks" lands upstream to provide the same
> > functionality, "erofs over fscache" will be removed then (as an EROFS
> > internal improvement and EROFS will not have to bother with on-demand
> > fetching and/or caching improvements anymore.)
> >
> > [1] https://github.com/containers/storage/pull/2039
> > [2] https://lore.kernel.org/r/CAOQ4uxjbVxnubaPjVaGYiSwoGDTdpWbB=w_AeM6YM=zVixsUfQ@xxxxxxxxxxxxxx
> > [3] https://docs.kernel.org/filesystems/caching/fscache.html
> > [4] https://lore.kernel.org/r/cover.1723670362.git.josef@xxxxxxxxxxxxxx
> >
> > Closes: https://github.com/containers/composefs/issues/144
> > Signed-off-by: Gao Xiang <hsiangkao@xxxxxxxxxxxxxxxxx>
> 
> Thanks for your patch, which is now commit fb176750266a3d7f
> ("erofs: add file-backed mount support").
> 
> > ---
> > v2:
> >  - should use kill_anon_super();
> >  - add O_LARGEFILE to support large files.
> >
> >  fs/erofs/Kconfig    | 17 ++++++++++
> >  fs/erofs/data.c     | 35 ++++++++++++---------
> >  fs/erofs/inode.c    |  5 ++-
> >  fs/erofs/internal.h | 11 +++++--
> >  fs/erofs/super.c    | 76 +++++++++++++++++++++++++++++----------------
> >  5 files changed, 100 insertions(+), 44 deletions(-)
> >
> > diff --git a/fs/erofs/Kconfig b/fs/erofs/Kconfig
> > index 7dcdce660cac..1428d0530e1c 100644
> > --- a/fs/erofs/Kconfig
> > +++ b/fs/erofs/Kconfig
> > @@ -74,6 +74,23 @@ config EROFS_FS_SECURITY
> >
> >           If you are not using a security module, say N.
> >
> > +config EROFS_FS_BACKED_BY_FILE
> > +       bool "File-backed EROFS filesystem support"
> > +       depends on EROFS_FS
> > +       default y
> 
> I am a bit reluctant to have this default to y, without an ack from
> the VFS maintainers.

Well, we generally let filesystems do whatever they decide to do unless it
is a affecting stability / security / maintainability of the whole system.
In this case I don't see anything that would be substantially different
than if we go through a loop device. So although the feature looks somewhat
unusual I don't see a reason to nack it or otherwise interfere with
whatever the fs maintainer wants to do. Are you concerned about a
particular problem?

								Honza
-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux