[Virtio-fs] [PATCH v4 1/5] tools/virtiofsd: xattr name mappings: Add option
Stefan Hajnoczi
stefanha at redhat.com
Mon Oct 26 14:59:04 UTC 2020
On Fri, Oct 23, 2020 at 05:58:08PM +0100, Dr. David Alan Gilbert (git) wrote:
> From: "Dr. David Alan Gilbert" <dgilbert at redhat.com>
>
> Add an option to define mappings of xattr names so that
> the client and server filesystems see different views.
> This can be used to have different SELinux mappings as
> seen by the guest, to run the virtiofsd with less privileges
> (e.g. in a case where it can't set trusted/system/security
> xattrs but you want the guest to be able to), or to isolate
> multiple users of the same name; e.g. trusted attributes
> used by stacking overlayfs.
>
> A mapping engine is used with 3 simple rules; the rules can
> be combined to allow most useful mapping scenarios.
> The ruleset is defined by -o xattrmap='rules...'.
>
> This patch doesn't use the rule maps yet.
>
> Signed-off-by: Dr. David Alan Gilbert <dgilbert at redhat.com>
> ---
> docs/tools/virtiofsd.rst | 92 ++++++++++++++++
> tools/virtiofsd/passthrough_ll.c | 173 +++++++++++++++++++++++++++++++
> 2 files changed, 265 insertions(+)
Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virtio-fs/attachments/20201026/5292852d/attachment.sig>
More information about the Virtio-fs
mailing list