On Tue, Jan 20, 2026 at 07:52:42AM +0100, Christoph Hellwig wrote: > On Tue, Jan 20, 2026 at 11:07:48AM +0800, Gao Xiang wrote: > > > > Hi Christoph, > > > > Sorry I didn't phrase things clearly earlier, but I'd still > > like to explain the whole idea, as this feature is clearly > > useful for containerization. I hope we can reach agreement > > on the page cache sharing feature: Christian agreed on this > > feature (and I hope still): > > > > https://lore.kernel.org/linux-fsdevel/20260112-begreifbar-hasten-da396ac2759b@brauner > > He has to ultimatively decide. I do have an uneasy feeling about this. > It's not super informed as I can keep up, and I'm not the one in charge, > but I hope it is helpful to share my perspective.
It always is helpful, Christoph! I appreciate your input. I'm fine with this feature. But as I've said in person: I still oppose making any block-based filesystem mountable in unprivileged containers without any sort of trust mechanism. I am however open in the future for block devices protected by dm-verity with the root hash signed by a sufficiently trusted key to be mountable in unprivileged containers.
