Linux 6.3 Adds Support For Tmpfs IDMAPPED Mounts - Benefits systemd, Kubernetes & More
Introduced to the mainline kernel two years ago with Linux 5.12 was the IDMAPPED mounts functionality that is useful from systemd-homed to containers and other use-cases. Since then more Linux file-systems and software has added support for IDMAPPED mounts and it's being furthered along now with Linux 6.3.
The main change worth mentioning for the IDMAPPED code in Linux 6.3 is now supporting the Tmpfs file-system, which "fulfill[s] a longstanding request", according to IDMAPPED maintainer Christian Brauner at Microsoft. He explained of the Tmpfs support for IDMAPPED mounts addresses uses from Kubernetes to systemd:
"A long-standing request from users had been to make it possible to create idmapped mounts for tmpfs. For example, to share the host's tmpfs mount between multiple sandboxes. This is a prerequisite for some advanced Kubernetes cases. Systemd also has a range of use-cases to increase service isolation. And there are more users of this.
However, with all of the other work going on this was way down on the priority list but luckily someone other than ourselves picked this up.
As usual the patch is tiny as all the infrastructure work had been done multiple kernel releases ago. In addition to all the tests that we already have I requested that Rodrigo add a dedicated tmpfs testsuite for idmapped mounts to xfstests. It is to be included into xfstests during the v6.3 development cycle. This should add a slew of additional tests."
This IDMAPPED mounts support for Tmpfs depends upon SHMEM support and the work comes courtesy of Red Hat's Giuseppe Scrivano.
More details on the IDMAPPED improvements for Linux 6.3 via this pull request that already was mainlined earlier in the week.