-
Notifications
You must be signed in to change notification settings - Fork 240
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
overlay, composefs: use mkcomposefs to generate composefs #1727
Conversation
@alexlarsson PTAL |
1bfe620
to
9beb89f
Compare
d01ce8b
to
aa7a442
Compare
marked as a draft for now, I'll try to move the fsverity logic into the chunked package so we don't need to carry the digests around |
looked into it, we will still need to propagate the digests anyway since composefs lives in the overlay driver. Moving the fsverity measurement in the chunked package can be done later. |
pkg/chunked/dump/dump.go
Outdated
ESCAPE_STANDARD | ||
) | ||
|
||
func escaped(val string, length int, escape int) string { |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
pkg/chunked/dump/dump.go
Outdated
length = len(val) | ||
} | ||
|
||
if escapeLoneDash && length == 1 && val[0] == '-' { |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
pkg/chunked/dump/dump.go
Outdated
NOESCAPE_SPACE = 1 << iota | ||
ESCAPE_EQUAL | ||
ESCAPE_LONE_DASH | ||
ESCAPE_STANDARD |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
pkg/chunked/dump/dump.go
Outdated
path = "/" + path | ||
} | ||
|
||
if _, err := fmt.Fprint(out, escaped(path, len(path), ESCAPE_STANDARD)); err != nil { |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
@@ -71,24 +87,42 @@ func enableVerityRecursive(path string) error { | |||
if err := enableVerity(path, int(f.Fd())); err != nil { | |||
return err | |||
} | |||
|
|||
verity, err := measureVerity(path, int(f.Fd())) |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
@@ -109,10 +143,10 @@ func generateComposeFsBlob(toc []byte, composefsDir string) error { | |||
// a scope to close outFd before setting fsverity on the read-only fd. | |||
defer outFd.Close() | |||
|
|||
cmd := exec.Command(writerJson, "--format=erofs", "--out=/proc/self/fd/3", "/proc/self/fd/0") | |||
cmd := exec.Command(writerJson, "--from-file", "/proc/self/fd/0", "/proc/self/fd/3") |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
I just released composefs 1.0.1 with the required dependencies for this. @smooge is packaging it up for fedora. |
aa7a442
to
c78e858
Compare
thanks for the review. I've addressed the comments and pushed a new version |
536aa21
to
195c208
Compare
if the file doesn't have a digest but its size is 0, we can hard code the known sha256 digest. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
so the differ can export arbitrary data that is not written as a big file. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
so that the users of the function can get access to the already unmarshalled TOC instead of having to unmarshal it again. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
195c208
to
870bb43
Compare
@alexlarsson I've encountered a small issue (still investigating): something like the following doesn't seem to preserve the st_nlink:
anything obviously wrong? EDIT: overseen the nlink is part of the dump itself, going to fix it. |
870bb43
to
b4e200c
Compare
b4e200c
to
ac15fd2
Compare
addressed the new comments and pushed a new version |
provide a way to format the TOC in the same format that is generated by composefs-info, this is a preparation patch for the next commit. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
use mkcomposefs to generate composefs, instead of using the custom composefs-from-json. As part of the integration, retrieve the verity fs measurement after the files are written so that they can be embedded in the composefs image and their payload is validated each time the files are accessed. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
ac15fd2
to
4f1bf01
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexlarsson, giuseppe The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@flouthoc PTAL |
LGTM |
Please let the bot handle merges. |
I know this question isn't related to this PR, just reusing it as a handy discussion forum...it looks like right now enabling this logic requires a build tag. And once the build tag is set, we unconditionally use composefs? Is there any reason not to switch to having this be an option in |
I agree, it is better to drop the build tag. I've used it when it was just a PoC and that required some custom binary to be present, but now there is no need to hide the feature |
use mkcomposefs to generate composefs, instead of using the custom composefs-from-json.
As part of the integration, retrieve the verity fs measurement after the files are written so that they can be embedded in the composefs image and their payload is validated each time the files are accessed.