[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 1/5] tools/virtiofsd: xattr name mappings: Add option

From: Stefan Hajnoczi
Subject: Re: [PATCH v4 1/5] tools/virtiofsd: xattr name mappings: Add option
Date: Mon, 26 Oct 2020 14:59:04 +0000

On Fri, Oct 23, 2020 at 05:58:08PM +0100, Dr. David Alan Gilbert (git) wrote:
> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> Add an option to define mappings of xattr names so that
> the client and server filesystems see different views.
> This can be used to have different SELinux mappings as
> seen by the guest, to run the virtiofsd with less privileges
> (e.g. in a case where it can't set trusted/system/security
> xattrs but you want the guest to be able to), or to isolate
> multiple users of the same name; e.g. trusted attributes
> used by stacking overlayfs.
> A mapping engine is used with 3 simple rules; the rules can
> be combined to allow most useful mapping scenarios.
> The ruleset is defined by -o xattrmap='rules...'.
> This patch doesn't use the rule maps yet.
> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
>  docs/tools/virtiofsd.rst         |  92 ++++++++++++++++
>  tools/virtiofsd/passthrough_ll.c | 173 +++++++++++++++++++++++++++++++
>  2 files changed, 265 insertions(+)

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]