Re: [libvirt PATCHv2 3/9] conf: add idmap element to filesystem
On 12/13/23 15:47, Ján Tomko wrote:
Allow the user to manually tweak the ID mapping that will allow
virtiofsd to run unprivileged.
Signed-off-by: Ján Tomko <jtomko(a)redhat.com>
---
docs/formatdomain.rst | 8 +++
src/conf/domain_conf.c | 50 +++++++++++++++++++
src/conf/domain_conf.h | 1 +
src/conf/schemas/domaincommon.rng | 3 ++
.../vhost-user-fs-fd-memory.xml | 4 ++
5 files changed, 66 insertions(+)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 310d2bc427..96e03a3807 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -3548,6 +3548,10 @@ A directory on the host that can be accessed directly from the
guest.
</binary>
<source dir='/path'/>
<target dir='mount_tag'/>
+ <idmap>
+ <uid start='0' target='100000'
count='65535'/>
+ <gid start='0' target='100000'
count='65535'/>
+ </idmap>
</filesystem>
<filesystem type='mount'>
<driver type='virtiofs' queue='1024'/>
@@ -3697,6 +3701,10 @@ A directory on the host that can be accessed directly from the
guest.
Where the ``source`` can be accessed in the guest. For most drivers this is
an automatic mount point, but for QEMU/KVM this is merely an arbitrary string
tag that is exported to the guest as a hint for where to mount.
+``idmap``
+ For ``virtiofs``, an ``idmap`` element can be specified to map IDs in the user
+ namespace. See the `Container boot`_ section for the syntax of the element.
+ :since:`Since 10.0.0`
Not a show stopper, but that section does not mention the uid/gid
elements can be repeated multiple times. Might be worth of a follow up
patch.
``readonly``
Enables exporting filesystem as a readonly mount for guest, by default
read-write access is given (currently only works for QEMU/KVM driver; not
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a70a1f29f2..58a985fc5d 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2588,6 +2588,8 @@ void virDomainFSDefFree(virDomainFSDef *def)
virObjectUnref(def->privateData);
g_free(def->binary);
g_free(def->sock);
+ g_free(def->idmap.uidmap);
+ g_free(def->idmap.gidmap);
g_free(def);
}
@@ -8771,6 +8773,9 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
xmlNodePtr binary_lock_node = virXPathNode("./binary/lock", ctxt);
xmlNodePtr binary_cache_node = virXPathNode("./binary/cache", ctxt);
xmlNodePtr binary_sandbox_node = virXPathNode("./binary/sandbox",
ctxt);
+ ssize_t n;
+ g_autofree xmlNodePtr *uid_nodes = NULL;
+ g_autofree xmlNodePtr *gid_nodes = NULL;
if (queue_size && virStrToLong_ull(queue_size, NULL, 10,
&def->queue_size) < 0) {
virReportError(VIR_ERR_XML_ERROR,
@@ -8816,6 +8821,28 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
VIR_XML_PROP_NONZERO,
&def->sandbox) < 0)
goto error;
+
+ if ((n = virXPathNodeSet("./idmap/uid", ctxt, &uid_nodes)) <
0)
+ return NULL;
+
+ if (n) {
+ def->idmap.uidmap = virDomainIdmapDefParseXML(ctxt, uid_nodes, n);
+ if (!def->idmap.uidmap)
+ return NULL;
+
+ def->idmap.nuidmap = n;
+ }
+
+ if ((n = virXPathNodeSet("./idmap/gid", ctxt, &gid_nodes)) <
0)
+ return NULL;
+
+ if (n) {
+ def->idmap.gidmap = virDomainIdmapDefParseXML(ctxt, gid_nodes, n);
+ if (!def->idmap.gidmap)
+ return NULL;
+
+ def->idmap.ngidmap = n;
+ }
Another area for improvement: this pattern is repeated now 4 times.
virXPathNodeset() could be moved to virDomainIdmapDefParseXML. But
that's something for future.
}
if (source == NULL && def->type != VIR_DOMAIN_FS_TYPE_RAM
Michal