Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C947CC54E94 for ; Tue, 24 Jan 2023 00:08:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231872AbjAXAIY (ORCPT ); Mon, 23 Jan 2023 19:08:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43132 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231559AbjAXAIR (ORCPT ); Mon, 23 Jan 2023 19:08:17 -0500 Received: from out30-57.freemail.mail.aliyun.com (out30-57.freemail.mail.aliyun.com [115.124.30.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1408E045; Mon, 23 Jan 2023 16:08:15 -0800 (PST) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R241e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018045192;MF=hsiangkao@linux.alibaba.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---0Va6AQFk_1674518890; Received: from 30.32.80.196(mailfrom:hsiangkao@linux.alibaba.com fp:SMTPD_---0Va6AQFk_1674518890) by smtp.aliyun-inc.com; Tue, 24 Jan 2023 08:08:11 +0800 Message-ID: <339d2a18-1c5b-998b-29f5-830d8904bcb3@linux.alibaba.com> Date: Tue, 24 Jan 2023 08:08:09 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem To: Giuseppe Scrivano , Amir Goldstein Cc: Alexander Larsson , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, david@fromorbit.com, brauner@kernel.org, viro@zeniv.linux.org.uk, Vivek Goyal , Miklos Szeredi , Linus Torvalds References: <87ilh0g88n.fsf@redhat.com> <321dfdb1-3771-b16d-604f-224ce8aa22cf@linux.alibaba.com> <878rhvg8ru.fsf@redhat.com> <3ae1205a-b666-3211-e649-ad402c69e724@linux.alibaba.com> <87sfg3ecv5.fsf@redhat.com> <31fc4be5-0e53-b1fb-9a2c-f34d598c0fe7@linux.alibaba.com> <87cz77djte.fsf@redhat.com> <878rhuewy0.fsf@redhat.com> From: Gao Xiang In-Reply-To: <878rhuewy0.fsf@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2023/1/22 17:32, Giuseppe Scrivano wrote: > Giuseppe Scrivano writes: > ... >> >> How does validation work in EROFS for files served from fscache and that >> are on a remote file system? > > nevermind my last question, I guess it would still go through the block > device in EROFS. > This is clearly a point in favor of a block device approach that a > stacking file system like overlay or composefs cannot achieve without > support from the underlying file system. nevermind my last answer, I was thinking with Amir's advice, you could just use FUSE+overlayfs option for this. I wonder if such option can meet all your requirements (including unprivileged mounts) without increasing on-disk formats in kernel to do unprivileged mounts. If there are still missing features, you could enhance FUSE or overlayfs. Thanks, Gao Xiang