From 4750a96f6baf8949cc04a0c5b7167606544a4401 Mon Sep 17 00:00:00 2001
From: "Venkateswararao Jujjuri (JV)" <jvrao@linux.vnet.ibm.com>
Date: Mon, 14 Jun 2010 13:34:45 -0700
Subject: virtio-9p: Security model for create/open2

In the mapped security model, VirtFS server intercepts and maps
the file object create and get/set attribute requests. Files on the fileserver
will be created with VirtFS servers (QEMU) user credentials and the
client-users credentials are stored in extended attributes. On the request
to get attributes, server extracts the client-users credentials
from extended attributes and sends them to the client.

On Host/Fileserver:
-rw-------. 2 virfsuid virtfsgid 0 2010-05-11 09:19 afile

On Guest/Client:
-rw-r--r-- 2 guestuser guestuser 0 2010-05-11 12:19 afile

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
 hw/file-op-9p.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'hw/file-op-9p.h')

diff --git a/hw/file-op-9p.h b/hw/file-op-9p.h
index a53cd35094..b345189336 100644
--- a/hw/file-op-9p.h
+++ b/hw/file-op-9p.h
@@ -62,7 +62,7 @@ typedef struct FileOperations
     int (*closedir)(FsContext *, DIR *);
     DIR *(*opendir)(FsContext *, const char *);
     int (*open)(FsContext *, const char *, int);
-    int (*open2)(FsContext *, const char *, int, mode_t);
+    int (*open2)(FsContext *, const char *, int, FsCred *);
     void (*rewinddir)(FsContext *, DIR *);
     off_t (*telldir)(FsContext *, DIR *);
     struct dirent *(*readdir)(FsContext *, DIR *);
-- 
cgit v1.2.3