On 12/13/23 15:47, Ján Tomko wrote:
> Allow the user to manually tweak the ID mapping that will allow
> virtiofsd to run unprivileged.
>
> Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx>
> ---
> docs/formatdomain.rst | 8 +++
> src/conf/domain_conf.c | 50 +++++++++++++++++++
> src/conf/domain_conf.h | 1 +
> src/conf/schemas/domaincommon.rng | 3 ++
> .../vhost-user-fs-fd-memory.xml | 4 ++
> 5 files changed, 66 insertions(+)
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index 310d2bc427..96e03a3807 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -3548,6 +3548,10 @@ A directory on the host that can be accessed directly from the guest.
> </binary>
> <source dir='/path'/>
> <target dir='mount_tag'/>
> + <idmap>
> + <uid start='0' target='100000' count='65535'/>
> + <gid start='0' target='100000' count='65535'/>
> + </idmap>
> </filesystem>
> <filesystem type='mount'>
> <driver type='virtiofs' queue='1024'/>
> @@ -3697,6 +3701,10 @@ A directory on the host that can be accessed directly from the guest.
> Where the ``source`` can be accessed in the guest. For most drivers this is
> an automatic mount point, but for QEMU/KVM this is merely an arbitrary string
> tag that is exported to the guest as a hint for where to mount.
> +``idmap``
> + For ``virtiofs``, an ``idmap`` element can be specified to map IDs in the user
> + namespace. See the `Container boot`_ section for the syntax of the element.
> + :since:`Since 10.0.0`
Not a show stopper, but that section does not mention the uid/gid
elements can be repeated multiple times. Might be worth of a follow up
patch.
> ``readonly``
> Enables exporting filesystem as a readonly mount for guest, by default
> read-write access is given (currently only works for QEMU/KVM driver; not
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index a70a1f29f2..58a985fc5d 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -2588,6 +2588,8 @@ void virDomainFSDefFree(virDomainFSDef *def)
> virObjectUnref(def->privateData);
> g_free(def->binary);
> g_free(def->sock);
> + g_free(def->idmap.uidmap);
> + g_free(def->idmap.gidmap);
>
> g_free(def);
> }
> @@ -8771,6 +8773,9 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
> xmlNodePtr binary_lock_node = virXPathNode("./binary/lock", ctxt);
> xmlNodePtr binary_cache_node = virXPathNode("./binary/cache", ctxt);
> xmlNodePtr binary_sandbox_node = virXPathNode("./binary/sandbox", ctxt);
> + ssize_t n;
> + g_autofree xmlNodePtr *uid_nodes = NULL;
> + g_autofree xmlNodePtr *gid_nodes = NULL;
>
> if (queue_size && virStrToLong_ull(queue_size, NULL, 10, &def->queue_size) < 0) {
> virReportError(VIR_ERR_XML_ERROR,
> @@ -8816,6 +8821,28 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
> VIR_XML_PROP_NONZERO,
> &def->sandbox) < 0)
> goto error;
> +
> + if ((n = virXPathNodeSet("./idmap/uid", ctxt, &uid_nodes)) < 0)
> + return NULL;
> +
> + if (n) {
> + def->idmap.uidmap = virDomainIdmapDefParseXML(ctxt, uid_nodes, n);
> + if (!def->idmap.uidmap)
> + return NULL;
> +
> + def->idmap.nuidmap = n;
> + }
> +
> + if ((n = virXPathNodeSet("./idmap/gid", ctxt, &gid_nodes)) < 0)
> + return NULL;
> +
> + if (n) {
> + def->idmap.gidmap = virDomainIdmapDefParseXML(ctxt, gid_nodes, n);
> + if (!def->idmap.gidmap)
> + return NULL;
> +
> + def->idmap.ngidmap = n;
> + }
Another area for improvement: this pattern is repeated now 4 times.
virXPathNodeset() could be moved to virDomainIdmapDefParseXML. But
that's something for future.
> }
>
> if (source == NULL && def->type != VIR_DOMAIN_FS_TYPE_RAM
Michal
_______________________________________________
Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
