Alexander Larsson, the creator of Flatpak at Red Hat, has released a preview of patches implementing the Composefs file system for the Linux kernel. The proposed file system resembles Squashfs and is also suitable for mounting read-only images. The differences boil down to Composefs' ability to efficiently share the contents of multiple mounted disk images and support for readable data authentication. As areas of application in which the Composefs FS may be in demand, the mounting of container images and the use of a Git-like OSTree repository are called.
Composefs uses a content-based addressing storage model, i.e. the primary identifier is not the filename, but a hash of the file's contents. This model provides deduplication and allows you to actually store only one copy of the same files that occur in different mounted partitions. For example, container images contain many common system files, and with Composefs, each of these files will be shared by all mounted images, without the use of tricks such as forwarding with hard links. At the same time, shared files are not only stored as a single copy on disk, but are also managed by one entry in the page cache, which makes it possible to save both disk and RAM.
To save disk space, data and metadata are separated in mounted images. When mounted, specify:
- A binary index that contains all file system metadata, file names, permissions, and other information, except for the actual contents of the files.
- The base directory where the contents of all mounted image files are stored. Files are stored in relation to the hash of their content.
A binary index is created for each FS image, and the base directory is the same for all images. To verify the content of individual files and the entire image under shared storage conditions, the fs-verity mechanism can be used, which, when accessing files, checks that the hashes specified in the binary index correspond to the actual content (i.e. if an attacker makes a change to a file in the base directory or data damaged as a result of a failure, such a reconciliation will reveal a discrepancy).
Source: opennet.ru