mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-03-04 17:14:40 -07:00
a21ba54dd5
We are having bunch of issues with killpriv_v2 enabled by default. First of all it relies on clearing suid/sgid bits as needed by dropping capability CAP_FSETID. This does not work for remote filesystems like NFS (and possibly others). Secondly, we are noticing other issues related to clearing of SGID which leads to failures for xfstests generic/355 and generic/193. Thirdly, there are other issues w.r.t caching of metadata (suid/sgid) bits in fuse client with killpriv_v2 enabled. Guest can cache that data for sometime even if cleared on server. Second and Third issue are fixable. Just that it might take a little while to get it fixed in kernel. First one will probably not see any movement for a long time. Given these issues, killpriv_v2 does not seem to be a good candidate for enabling by default. We have already disabled it by default in rust version of virtiofsd. Hence this patch disabled killpriv_v2 by default. User can choose to enable it by passing option "-o killpriv_v2". Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Message-Id: <YuPd0itNIAz4tQRt@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> |
||
|---|---|---|
| .. | ||
| 50-qemu-virtiofsd.json.in | ||
| buffer.c | ||
| fuse_common.h | ||
| fuse_i.h | ||
| fuse_log.c | ||
| fuse_log.h | ||
| fuse_lowlevel.c | ||
| fuse_lowlevel.h | ||
| fuse_misc.h | ||
| fuse_opt.c | ||
| fuse_opt.h | ||
| fuse_signals.c | ||
| fuse_virtio.c | ||
| fuse_virtio.h | ||
| helper.c | ||
| meson.build | ||
| passthrough_helpers.h | ||
| passthrough_ll.c | ||
| passthrough_seccomp.c | ||
| passthrough_seccomp.h | ||