[Virtio-fs] [virtiofsd] MR opened: xattr mapping add a new type "unsupported"
virtiofs-bot at sinrega.org
virtiofs-bot at sinrega.org
Mon Jan 17 11:57:20 UTC 2022
This is ported from the C version.
Right now for xattr remapping, we support types of "prefix", "ok" or
"bad". Type "bad" returns -EPERM on getxattr()/setxattr() and hides xattr in
listxattr().
A new semantics is needed where if an xattr is unsupported, then
getxattr()/setxattr() return -ENOTSUP and listxattr() should hide
the xattr. And, for getxattr(), when the mapping code returns -EPERM,
for type "bad", getxattr() code converts it to -ENODATA.
This is needed to simulate that security.selinux is not
supported by virtiofs filesystem and in that case client falls back
to some default label specified by policy.
So add a new type "unsupported" which returns -ENOTSUP on getxattr()
and setxattr() and hides xattrs in listxattr().
For example, one can use following mapping rule to not support
security.selinux xattr and allow others.
"-o xattrmap=/unsupported/all/security.selinux/security.selinux//ok/all///"
---
https://gitlab.com/virtio-fs/virtiofsd/-/merge_requests/67
More information about the Virtio-fs
mailing list