[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v4 0/3] virtiofsd: Add support to enable/disable posix acls

From: Vivek Goyal
Subject: [PATCH v4 0/3] virtiofsd: Add support to enable/disable posix acls
Date: Wed, 24 Feb 2021 11:58:34 -0500


This is V4 of patches.

In V3 I enabled posix_acl by default. Then I tested with cache=none and
a simple "cat foo.txt" results in two extra GETXATTR(system.posix_acl)
calls. (Note, this happens only if caller is not owner of file). And
this happens on every call of "cat foo.txt" because cache=none does
not cache anything in guest.

So this make me rethink the idea of enabling posix_acl by default. I
prefer not to have any performance regressions in any of the mode
out of the box.

Hence proposing this V4 where posix_acls are disabled by default and
user needs to enable it explicitly if the want posix acls. This probably
can change down the line once somebody can prove enabling it by deafult
really does not impact us much.

Change since V3.

- Do not enable posix_acl by default.
- Error out if user wants to enable it but xattr are disabled.
- Modified help message and docs/tools/virtiofsd.rst to add
  documentation for this new knob (Luis Henriques).
- Captured Reviewed-by tags from Stefan from V3.


Vivek Goyal (3):
  virtiofsd: Add umask to seccom allow list
  virtiofsd: Add capability to change/restore umask
  virtiofsd: Add an option to enable/disable posix acls

 docs/tools/virtiofsd.rst              |   3 +
 tools/virtiofsd/helper.c              |   1 +
 tools/virtiofsd/passthrough_ll.c      | 125 ++++++++++++++++++++++++--
 tools/virtiofsd/passthrough_seccomp.c |   1 +
 4 files changed, 123 insertions(+), 7 deletions(-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]