virtio-9p: Introduces an option to specify the security model.

The new option is:

-fsdev fstype,id=myid,path=/share_path/,security_model=[mapped|passthrough]
-virtfs fstype,path=/share_path/,security_model=[mapped|passthrough],mnt_tag=tag

In the case of mapped security model, files are created with QEMU user
credentials and the client-user's credentials are saved in extended attributes.
Whereas in the case of passthrough security model, files on the
filesystem are directly created with client-user's credentials.

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

1 files changed, 9 insertions, 0 deletions

diff --git a/hw/virtio-9p.c b/hw/virtio-9p.c
index 038bb39cdd..253048833b 100644
--- a/hw/virtio-9p.c
+++ b/hw/virtio-9p.c
@@ -2253,6 +2253,15 @@ VirtIODevice *virtio_9p_init(DeviceState *dev, V9fsConf *conf)
         exit(1);
     }
 
+    if (!strcmp(fse->security_model, "passthrough") &&
+                !strcmp(fse->security_model, "mapped")) {
+        /* user haven't specified a correct security option */
+        fprintf(stderr, "one of the following must be specified as the"
+                "security option:\n\t security_model=passthrough \n\t "
+                "security_model=mapped\n");
+        return NULL;
+    }
+
     if (lstat(fse->path, &stat)) {
         fprintf(stderr, "share path %s does not exist\n", fse->path);
         exit(1);