On Fri, Oct 23, 2020 at 05:58:08PM +0100, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" <dgilb...@redhat.com> > > Add an option to define mappings of xattr names so that > the client and server filesystems see different views. > This can be used to have different SELinux mappings as > seen by the guest, to run the virtiofsd with less privileges > (e.g. in a case where it can't set trusted/system/security > xattrs but you want the guest to be able to), or to isolate > multiple users of the same name; e.g. trusted attributes > used by stacking overlayfs. > > A mapping engine is used with 3 simple rules; the rules can > be combined to allow most useful mapping scenarios. > The ruleset is defined by -o xattrmap='rules...'. > > This patch doesn't use the rule maps yet. > > Signed-off-by: Dr. David Alan Gilbert <dgilb...@redhat.com> > --- > docs/tools/virtiofsd.rst | 92 ++++++++++++++++ > tools/virtiofsd/passthrough_ll.c | 173 +++++++++++++++++++++++++++++++ > 2 files changed, 265 insertions(+)
Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
signature.asc
Description: PGP signature
