[Virtio-fs] multiple virtiofsd's + overlapping shared subtree -> enforced compatible xattr maps?

[Dr. David Alan Gilbert]

* Harry G. Coin (hgcoin at gmail.com) wrote:
> 
> On 7/1/21 3:33 AM, Dr. David Alan Gilbert wrote:
> > * Harry G. Coin (hgcoin at gmail.com) wrote:
> >> If two or more instances of virtiofsd have a common full or partially
> >> shared directory tree path -- how will those instances 'enforce' a
> >> 'compatible' xattr map lest the host+guest(s) have quite the selinux
> >> attribute salad?
> > Virtiofsd instances are independent; it's upto whatever runs the daemons
> > to pick the options in a sane way.
> 
> While that's the current case, because the intention was to rely on the
> underlying fs to manage contention among virtiofsds: the moment
> xattrmaps happened virtiofsd entered the layer all network file system
> daemons face.  Roughly speaking: a shift from one process per client to
> some IPC or threaded approach with a 'manager' process/thread that
> coordinates 'compatible' xattrmaps, acl maps, 'root squashing' etc. etc..

I really want to stick with one process per client; it makes the
security a lot easier; you never have to worry about accidentally
leaking data between clients within the process.
Now, that doesn't mean you can't have some coordination up a layer -
i.e. something that starts all the qemu's and virtiofsd's (like libvirt
etc) but that chose sane mappings.

> >>   How much does virtiofsd need to feel like nfsd...?
> > What does nfsd do for this?
> 
> A couple attempts over the last decade, the most landed in 5.9: 
> https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.9-NFS-Server-User-Xattr

So I saw that; but what I didn't see was a descriptionof what they
actually do with their xattr's; do the NFS servers just pass them
through or do they map?

Dave

> 
> 
> 
> 
> 
-- 
Dr. David Alan Gilbert / dgilbert at redhat.com / Manchester, UK