* [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr
@ 2015-09-27 21:12 Daniel Haid
2015-09-27 22:57 ` [Qemu-devel] [Bug 1500265] " Daniel Haid
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Daniel Haid @ 2015-09-27 21:12 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host or
something like that, so that the guest can use arbitrary attributes.
In particular, this would allow nested virtual machines to use nested 9p
virtfs with security_model=mapped-xattr.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
New
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Qemu-devel] [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
@ 2015-09-27 22:57 ` Daniel Haid
2018-08-08 5:43 ` Enrico Weigelt, metux IT consult
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Daniel Haid @ 2015-09-27 22:57 UTC (permalink / raw)
To: qemu-devel
After looking at the code, it seems that disabling the user.virtfs
namespace was the intended behaviour. I have created a patch
implementing nesting instead of disabling.
I do not know if this is the right way to do it, but I did some limited
testing and it seemed ok.
** Patch added: "nested-virtfs-xattr.patch"
https://bugs.launchpad.net/qemu/+bug/1500265/+attachment/4476979/+files/nested-virtfs-xattr.patch
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
New
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Qemu-devel] [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
2015-09-27 22:57 ` [Qemu-devel] [Bug 1500265] " Daniel Haid
@ 2018-08-08 5:43 ` Enrico Weigelt, metux IT consult
2020-08-07 18:30 ` Thomas Huth
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Enrico Weigelt, metux IT consult @ 2018-08-08 5:43 UTC (permalink / raw)
To: qemu-devel
Interesting approach. But maybe it should be configurable (eg. specify
the mapping prefix).
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
New
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
2015-09-27 22:57 ` [Qemu-devel] [Bug 1500265] " Daniel Haid
2018-08-08 5:43 ` Enrico Weigelt, metux IT consult
@ 2020-08-07 18:30 ` Thomas Huth
2020-08-07 19:49 ` Christian Schoenebeck
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Thomas Huth @ 2020-08-07 18:30 UTC (permalink / raw)
To: qemu-devel
Looking through old bug tickets... is this still an issue with the
latest version of QEMU? Or could we close this ticket nowadays?
** Changed in: qemu
Status: New => Incomplete
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
Incomplete
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
` (2 preceding siblings ...)
2020-08-07 18:30 ` Thomas Huth
@ 2020-08-07 19:49 ` Christian Schoenebeck
2020-08-08 8:10 ` Thomas Huth
2021-05-04 7:23 ` Thomas Huth
5 siblings, 0 replies; 7+ messages in thread
From: Christian Schoenebeck @ 2020-08-07 19:49 UTC (permalink / raw)
To: qemu-devel
The status of this issue is unchanged in QEMU, i.e. user.virtfs.* is
still filtered out.
If someone wants to see this changed, please use the common way for sending the patch via ML:
https://wiki.qemu.org/Contribute/SubmitAPatch
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
Incomplete
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
` (3 preceding siblings ...)
2020-08-07 19:49 ` Christian Schoenebeck
@ 2020-08-08 8:10 ` Thomas Huth
2021-05-04 7:23 ` Thomas Huth
5 siblings, 0 replies; 7+ messages in thread
From: Thomas Huth @ 2020-08-08 8:10 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: Incomplete => Triaged
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
Triaged
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug 1500265] Re: nested 9p filesystem with security_model=mapped-xattr
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
` (4 preceding siblings ...)
2020-08-08 8:10 ` Thomas Huth
@ 2021-05-04 7:23 ` Thomas Huth
5 siblings, 0 replies; 7+ messages in thread
From: Thomas Huth @ 2021-05-04 7:23 UTC (permalink / raw)
To: qemu-devel
This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:
https://gitlab.com/qemu-project/qemu/-/issues/117
** Changed in: qemu
Status: Triaged => Expired
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #117
https://gitlab.com/qemu-project/qemu/-/issues/117
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1500265
Title:
nested 9p filesystem with security_model=mapped-xattr
Status in QEMU:
Expired
Bug description:
I do not know whether this is a bug or a feature request, but on a 9p
virtfs with security_model=mapped-xattr, access to extended attributes
starting with "user.virtfs" coming from the guest seem to be silently
ignored. Would it not be more correct to use some sort of "escaping",
say map to "user.virtfs.x" on guest to "user.virtfs.virtfs.x" on host
or something like that, so that the guest can use arbitrary
attributes.
In particular, this would allow nested virtual machines to use nested
9p virtfs with security_model=mapped-xattr.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1500265/+subscriptions
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-05-04 7:37 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-09-27 21:12 [Qemu-devel] [Bug 1500265] [NEW] nested 9p filesystem with security_model=mapped-xattr Daniel Haid
2015-09-27 22:57 ` [Qemu-devel] [Bug 1500265] " Daniel Haid
2018-08-08 5:43 ` Enrico Weigelt, metux IT consult
2020-08-07 18:30 ` Thomas Huth
2020-08-07 19:49 ` Christian Schoenebeck
2020-08-08 8:10 ` Thomas Huth
2021-05-04 7:23 ` Thomas Huth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).