git.proxmox.com Git - mirror

author	Vivek Goyal <vgoyal@redhat.com>
	Wed, 22 Sep 2021 19:02:01 +0000 (15:02 -0400)
committer	Dr. David Alan Gilbert <dgilbert@redhat.com>
	Mon, 25 Oct 2021 17:48:23 +0000 (18:48 +0100)
commit	5afc8df46cdf1a10fc44d43208cf449357009d2a
tree	adbfdc1ac3e6da7cf9bdb05756578c43973e5490	tree
parent	c5b2f559814104f4145f8bc310f4d33c7ead8f49	commit \| diff

virtiofsd: xattr mapping add a new type "unsupported"

Right now for xattr remapping, we support types of "prefix", "ok" or "bad".
Type "bad" returns -EPERM on setxattr and hides xattr in listxattr. For
getxattr, mapping code returns -EPERM but getxattr code converts it to -ENODATA.

I need a new semantics where if an xattr is unsupported, then
getxattr()/setxattr() return -ENOTSUP and listxattr() should hide the xattr.
This is needed to simulate that security.selinux is not supported by
virtiofs filesystem and in that case client falls back to some default
label specified by policy.

So add a new type "unsupported" which returns -ENOTSUP on getxattr() and
setxattr() and hides xattrs in listxattr().

For example, one can use following mapping rule to not support
security.selinux xattr and allow others.

"-o xattrmap=/unsupported/all/security.selinux/security.selinux//ok/all///"

Suggested-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Message-Id: <YUt9qbmgAfCFfg5t@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

docs/tools/virtiofsd.rst		diff \| blob \| blame \| history
tools/virtiofsd/passthrough_ll.c		diff \| blob \| blame \| history