mirror of
https://gitlab.com/qemu-project/qemu
synced 2024-10-17 00:12:50 +00:00
6084633dff
Add an option to define mappings of xattr names so that the client and server filesystems see different views. This can be used to have different SELinux mappings as seen by the guest, to run the virtiofsd with less privileges (e.g. in a case where it can't set trusted/system/security xattrs but you want the guest to be able to), or to isolate multiple users of the same name; e.g. trusted attributes used by stacking overlayfs. A mapping engine is used with 3 simple rules; the rules can be combined to allow most useful mapping scenarios. The ruleset is defined by -o xattrmap='rules...'. This patch doesn't use the rule maps yet. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-Id: <20201023165812.36028-2-dgilbert@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> |
||
|---|---|---|
| .. | ||
| 50-qemu-virtiofsd.json.in | ||
| buffer.c | ||
| fuse_common.h | ||
| fuse_i.h | ||
| fuse_log.c | ||
| fuse_log.h | ||
| fuse_lowlevel.c | ||
| fuse_lowlevel.h | ||
| fuse_misc.h | ||
| fuse_opt.c | ||
| fuse_opt.h | ||
| fuse_signals.c | ||
| fuse_virtio.c | ||
| fuse_virtio.h | ||
| helper.c | ||
| meson.build | ||
| passthrough_helpers.h | ||
| passthrough_ll.c | ||
| passthrough_seccomp.c | ||
| passthrough_seccomp.h | ||