From: Giuseppe Scrivano <gscrivan@redhat.com>
To: Christian Brauner <brauner@kernel.org>
Cc: Amir Goldstein <amir73il@gmail.com>,
Dave Chinner <david@fromorbit.com>,
Alexander Larsson <alexl@redhat.com>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
viro@zeniv.linux.org.uk, Vivek Goyal <vgoyal@redhat.com>,
Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem
Date: Wed, 25 Jan 2023 17:05:03 +0100 [thread overview]
Message-ID: <877cxabnww.fsf@redhat.com> (raw)
In-Reply-To: <20230125152449.s6sa2tl5sbtofw3t@wittgenstein> (Christian Brauner's message of "Wed, 25 Jan 2023 16:24:49 +0100")
Christian Brauner <brauner@kernel.org> writes:
> On Wed, Jan 25, 2023 at 02:46:59PM +0200, Amir Goldstein wrote:
>> > >
>> > > Based on Alexander's explanation about the differences between overlayfs
>> > > lookup vs. composefs lookup of a regular "metacopy" file, I just need to
>> > > point out that the same optimization (lazy lookup of the lower data
>> > > file on open)
>> > > can be done in overlayfs as well.
>> > > (*) currently, overlayfs needs to lookup the lower file also for st_blocks.
>> > >
>> > > I am not saying that it should be done or that Miklos will agree to make
>> > > this change in overlayfs, but that seems to be the major difference.
>> > > getxattr may have some extra cost depending on in-inode xattr format
>> > > of erofs, but specifically, the metacopy getxattr can be avoided if this
>> > > is a special overlayfs RO mount that is marked as EVERYTHING IS
>> > > METACOPY.
>> > >
>> > > I don't expect you guys to now try to hack overlayfs and explore
>> > > this path to completion.
>> > > My expectation is that this information will be clearly visible to anyone
>> > > reviewing future submission, e.g.:
>> > >
>> > > - This is the comparison we ran...
>> > > - This is the reason that composefs gives better results...
>> > > - It MAY be possible to optimize erofs/overlayfs to get to similar results,
>> > > but we did not try to do that
>> > >
>> > > It is especially important IMO to get the ACK of both Gao and Miklos
>> > > on your analysis, because remember than when this thread started,
>> > > you did not know about the metacopy option and your main argument
>> > > was saving the time it takes to create the overlayfs layer files in the
>> > > filesystem, because you were missing some technical background on overlayfs.
>> >
>> > we knew about metacopy, which we already use in our tools to create
>> > mapped image copies when idmapped mounts are not available, and also
>> > knew about the other new features in overlayfs. For example, the
>> > "volatile" feature which was mentioned in your
>> > Overlayfs-containers-lpc-2020 talk, was only submitted upstream after
>> > begging Miklos and Vivek for months. I had a PoC that I used and tested
>> > locally and asked for their help to get it integrated at the file
>> > system layer, using seccomp for the same purpose would have been more
>> > complex and prone to errors when dealing with external bind mounts
>> > containing persistent data.
>> >
>> > The only missing bit, at least from my side, was to consider an image
>> > that contains only overlay metadata as something we could distribute.
>> >
>>
>> I'm glad that I was able to point this out to you, because now the comparison
>> between the overlayfs and composefs options is more fair.
>>
>> > I previously mentioned my wish of using it from a user namespace, the
>> > goal seems more challenging with EROFS or any other block devices. I
>> > don't know about the difficulty of getting overlay metacopy working in a
>> > user namespace, even though it would be helpful for other use cases as
>> > well.
>>
>
> If you decide to try and make this work with overlayfs I can to cut out
> time and help with both review and patches. Because I can see this being
> beneficial for use-cases we have with systemd as well and actually being
> used by us as we do make heavy use of overlayfs already and probably
> will do even more so in the future on top of erofs.
>
> (As a sidenote, in the future, idmapped mounts can be made useable from
> userns and there's a todo and ideas for this on
> https://uapi-group.org/kernel-features.
we won't need metacopy to clone images once idmapped works in a userns,
but I think it is still good to have, if possible. Not only for the
interesting combination Amir suggested but also for speeding up a bunch
of other operations that currently end up in a complete copy-up.
> Additionally, I want users to have the ability to use them without any
> userns in the mix at all. Not just because there are legitimate users
> that don't need to allocate a userns at all but also because then we can
> do stuff like map down a range of ids to a single id (what probably nfs
> would call "squashing") and other stuff.)
next prev parent reply other threads:[~2023-01-25 16:06 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-20 15:23 [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem Alexander Larsson
2023-01-20 15:23 ` [PATCH v3 1/6] fsverity: Export fsverity_get_digest Alexander Larsson
2023-01-20 15:23 ` [PATCH v3 2/6] composefs: Add on-disk layout header Alexander Larsson
2023-01-20 15:23 ` [PATCH v3 3/6] composefs: Add descriptor parsing code Alexander Larsson
2023-01-20 15:23 ` [PATCH v3 4/6] composefs: Add filesystem implementation Alexander Larsson
2023-01-20 15:23 ` [PATCH v3 5/6] composefs: Add documentation Alexander Larsson
2023-01-21 2:19 ` Bagas Sanjaya
2023-01-20 15:23 ` [PATCH v3 6/6] composefs: Add kconfig and build support Alexander Larsson
2023-01-20 19:44 ` [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem Amir Goldstein
2023-01-20 22:18 ` Giuseppe Scrivano
2023-01-21 3:08 ` Gao Xiang
2023-01-21 16:19 ` Giuseppe Scrivano
2023-01-21 17:15 ` Gao Xiang
2023-01-21 22:34 ` Giuseppe Scrivano
2023-01-22 0:39 ` Gao Xiang
2023-01-22 9:01 ` Giuseppe Scrivano
2023-01-22 9:32 ` Giuseppe Scrivano
2023-01-24 0:08 ` Gao Xiang
2023-01-21 10:57 ` Amir Goldstein
2023-01-21 15:01 ` Giuseppe Scrivano
2023-01-21 15:54 ` Amir Goldstein
2023-01-21 16:26 ` Gao Xiang
2023-01-23 17:56 ` Alexander Larsson
2023-01-23 23:59 ` Gao Xiang
2023-01-24 3:24 ` Amir Goldstein
2023-01-24 13:10 ` Alexander Larsson
2023-01-24 14:40 ` Gao Xiang
2023-01-24 19:06 ` Amir Goldstein
2023-01-25 4:18 ` Dave Chinner
2023-01-25 8:32 ` Amir Goldstein
2023-01-25 10:08 ` Alexander Larsson
2023-01-25 10:43 ` Amir Goldstein
2023-01-25 10:39 ` Giuseppe Scrivano
2023-01-25 11:17 ` Amir Goldstein
2023-01-25 12:30 ` Giuseppe Scrivano
2023-01-25 12:46 ` Amir Goldstein
2023-01-25 13:10 ` Giuseppe Scrivano
2023-01-25 18:07 ` Amir Goldstein
2023-01-25 19:45 ` Giuseppe Scrivano
2023-01-25 20:23 ` Amir Goldstein
2023-01-25 20:29 ` Amir Goldstein
2023-01-26 5:26 ` userns mount and metacopy redirects (Was: Re: [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem) Amir Goldstein
2023-01-26 8:22 ` Christian Brauner
2023-01-27 15:57 ` [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem Vivek Goyal
2023-01-25 15:24 ` Christian Brauner
2023-01-25 16:05 ` Giuseppe Scrivano [this message]
2023-01-25 9:37 ` Alexander Larsson
2023-01-25 10:05 ` Gao Xiang
2023-01-25 10:15 ` Alexander Larsson
2023-01-27 10:24 ` Gao Xiang
2023-02-01 4:28 ` Jingbo Xu
2023-02-01 7:44 ` Amir Goldstein
2023-02-01 8:59 ` Jingbo Xu
2023-02-01 9:52 ` Alexander Larsson
2023-02-01 12:39 ` Jingbo Xu
2023-02-01 9:46 ` Alexander Larsson
2023-02-01 10:01 ` Gao Xiang
2023-02-01 11:22 ` Gao Xiang
2023-02-02 6:37 ` Amir Goldstein
2023-02-02 7:17 ` Gao Xiang
2023-02-02 7:37 ` Gao Xiang
2023-02-03 11:32 ` Alexander Larsson
2023-02-03 12:46 ` Amir Goldstein
2023-02-03 15:09 ` Gao Xiang
2023-02-05 19:06 ` Amir Goldstein
2023-02-06 7:59 ` Amir Goldstein
2023-02-06 10:35 ` Miklos Szeredi
2023-02-06 13:30 ` Amir Goldstein
2023-02-06 16:34 ` Miklos Szeredi
2023-02-06 17:16 ` Amir Goldstein
2023-02-06 18:17 ` Amir Goldstein
2023-02-06 19:32 ` Miklos Szeredi
2023-02-06 20:06 ` Amir Goldstein
2023-02-07 8:12 ` Alexander Larsson
2023-04-03 19:00 ` Lazy lowerdata lookup and data-only layers (Was: Re: Composefs:) Amir Goldstein
2023-04-11 15:50 ` Miklos Szeredi
2023-04-12 14:06 ` Amir Goldstein
2023-04-12 14:20 ` Miklos Szeredi
2023-04-12 15:41 ` Amir Goldstein
2023-02-06 12:51 ` [PATCH v3 0/6] Composefs: an opportunistically sharing verified image filesystem Alexander Larsson
2023-02-07 8:12 ` Jingbo Xu
2023-02-06 12:43 ` Alexander Larsson
2023-02-06 13:27 ` Gao Xiang
2023-02-06 15:31 ` Alexander Larsson
2023-02-01 12:06 ` Jingbo Xu
2023-02-02 4:57 ` Jingbo Xu
2023-02-02 4:59 ` Jingbo Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877cxabnww.fsf@redhat.com \
--to=gscrivan@redhat.com \
--cc=alexl@redhat.com \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=david@fromorbit.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=vgoyal@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.