Re: [PATCH] virtiofsd: Show submounts

From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: virtio-fs@redhat.com, Stefan Hajnoczi <stefanha@redhat.com>,
	qemu-devel@nongnu.org, Vivek Goyal <vgoyal@redhat.com>,
	Max Reitz <mreitz@redhat.com>
Subject: Re: [PATCH] virtiofsd: Show submounts
Date: Thu, 30 Apr 2020 15:34:25 +0100	[thread overview]
Message-ID: <20200430143425.GD2184629@redhat.com> (raw)
In-Reply-To: <20200430142013.GI2874@work-vm>

On Thu, Apr 30, 2020 at 03:20:13PM +0100, Dr. David Alan Gilbert wrote:
> * Vivek Goyal (vgoyal@redhat.com) wrote:
> > On Thu, Apr 30, 2020 at 09:58:12AM +0100, Dr. David Alan Gilbert wrote:
> > [..]
> > > > > Even without this patch, the SLAVE stuff worked so if you start the
> > > > > daemon and *then* mount under the shared directory, the guest sees it
> > > > > with or without this patch.
> > > > 
> > > > Hm, I don’t.  Do you really?
> > > 
> > > Yes! With your patch reverted:
> > > 
> > > Start virtiofsd, mount in the guest:
> > > 
> > > host:
> > > # ./virtiofsd --socket-path=/tmp/vhostqemu -o source=/home/dgilbert/virtio-fs/fs  -o log_level=warn -o no_writeback
> > > 
> > > guest:
> > > # mount -t virtiofs myfs /sysroot
> > > 
> > > host:
> > > # findmnt -o +PROPAGATION -N 6100
> > > TARGET SOURCE                                                              FSTYPE OPTIONS                                                      PROPAGATION
> > > /      /dev/mapper/fedora_dgilbert--t580-root[/home/dgilbert/virtio-fs/fs] xfs    rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,no private,slave
> > > # mount -t tmpfs /dev/null /home/dgilbert/virtio-fs/fs/tmp
> > > # findmnt -o +PROPAGATION -N 6100
> > > TARGET SOURCE                                                              FSTYPE OPTIONS                                                      PROPAGATION
> > > /      /dev/mapper/fedora_dgilbert--t580-root[/home/dgilbert/virtio-fs/fs] xfs    rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,no private,slave
> > > └─/tmp /dev/null                                                           tmpfs  rw,relatime,seclabel                                         private,slave
> > 
> > Why is it showing a mount point at "/tmp". If mount point propagated, then
> > inside guest we should see a mount point at /sysroot/tmp?
> 
> That findmnt is on the host.
> 
> > So there are two things.
> > 
> > A. Propagation of mount from host to virtiofsd.
> > B. Visibility of that mount inside guest over fuse protocol (submount
> >   functionality).
> > 
> > I think A works for me without any patches. But don't think B is working
> > for me. I don't see the submount inside guest. 
> > 
> > > # touch /home/dgilbert/virtio-fs/fs/tmp/hello
> > > 
> > > guest:
> > > # ls -l /sysroot/tmp
> > > total 0
> > > -rw-r--r-- 1 root root 0 Apr 30 08:50 hello
> > 
> > Do a "findmnt /sysroot/tmp" inside guest and see what do you see.
> > 
> > You will be able to see "hello" as long as virtiofsd sees the new
> > mount point, I think. And guest does not have to see that mount point
> > for this simple test to work.
> 
> Right, the guest just sees:
> 
> `-/sysroot                            myfs       virtiof rw,relatime

That is a good thing surely ? If I'm exporting "/sysroot" from the host,
I want the content in "/sysroot/some/sub/mount" to be visible to the
guest, but I don't want the guest to see "/sysroot/some/sub/mount"
as an actual mount point. That would be leaking information about the
host storage setup into the guest. The host admin should be free to
re-arrange submounts in the host OS, to bring more storage space online,
and have this be transparent to the guest OS.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|