containers/composefs

Composefs is a native Linux file system designed to help sharing filesystem contents, as well as ensuring said content is not modified. The initial target usecase are container images and ostree commits.

The basic idea is to have a single binary file that contains all the metadata of the filesystem, including the filenames, the permissions, the timestamps, etc. However, it doesn't contain the actual contents, but rather filenames to the real files that contain the contents. This is somewhat similar to overlayfs, which also doesn't store the file.

You pass the filename of the blob as well as the base directory for the content files when you mount the filesystem like this:

This by itself doesn't seem very useful. You could use a single squashfs image, or regular directory with the files instead. However, the advantage comes if you want to store many such images. By storing the files content-addressed (e.g. using the hash of the content to name the file) shared files need only be stored once, yet can appear in multiple mounts. Since these are normal files they will also only be stored once in the page cache, meaning that the duplication is avoided both on disk and in ram.

Composefs also supports fs-verity validation of the content files. When using this, the digest of the content files is stored in the image, and composefs will validate that the content file it uses has a matching enabled fs-verity digest. This means that the backing content cannot be changed in any way (by mistake or by malice) without this being detected when the file is used.

Leave a Comment