Re: [libvirt] [PATCH v3] Added new attribute mount_security to filesystem element

On 10/13/2010 09:22 PM, Matthias Bolte wrote: >2010/10/11 Harsh Prateek Bora&lt;harsh(a)linux.vnet.ibm.com&gt;: >>This patch introduces new attribute to filesystem element >>to support customizable security for mount type. >>Valid mount_security are: passthrough and mapped. >> >>Usage: >> <filesystem type='mount' mount_security='passthrough'> >> <source dir='/export/to/guest'/> >> <target dir='mount_tag'/> >> </filesystem> >> >>Here is the detailed explanation on these security models: >> >>Security model: mapped >>---------------------- >> >>Fileserver intercepts and maps all the file object create requests. >>Files on the fileserver will be created with Fileserver's user credentials >>and the >>client-user's credentials are stored in extended attributes. >>During getattr() server extracts the client-user's credentials from >>extended >>attributes and sends to the client. >> >>This adds a great deal of security in the cloud environments where the >>guest's(client) user space is kept completely isolated from host's user >>space. >> >> >>Security model : passthrough >>---------------------------- >> >>In this security model, Fileserver passes down all requests to the >>underlying filesystem. File system objects on the fileserver will be >>created >>with client-user's credentials. This is done by setting setuid()/setgid() >>during creation or chmod/chown after file creation. At the end of create >>protocol >>request, files on the fileserver will be owned by cleint-user's uid/gid. >>This model mimic's current NFSv3 level of security. >> >>Note: This patch is based on Daniel's patch to support 9pfs. >>It shall be applied after applying Daniel's patch to support 9pfs. >> >>v3: >>- QEMU cmdline still uses security_model, changes done by mistake >>reverted. >> >>Signed-off-by: Harsh Prateek Bora&lt;harsh(a)linux.vnet.ibm.com&gt; >>--- >> docs/schemas/domain.rng | 6 ++++++ >> src/conf/domain_conf.c | 29 +++++++++++++++++++++++++++-- >> src/conf/domain_conf.h | 10 ++++++++++ >> src/qemu/qemu_conf.c | 9 +++++++-- >> 4 files changed, 50 insertions(+), 4 deletions(-) >> > >This patch lacks documentation about the new domain XML attributes in >docs/formatdomain.html.in. > Hi Matthias, I wanted to put the documentation for the new attributes in the formatdomain.html.in, however, found that we are actually missing the documentation for the <filesystem> element itself there. I discussed about the same with DV and he suggested to put the documentation text in the patch itself, so that once the documentation for <filesystem> element is in place, this text can be added to it for the new attributes.