Re: [Virtio-fs] [PATCH 07/24] DAX: virtio-fs: Add vhost-user slave commands for mapping

2021-02-15 Thread Chirantan Ekbote
On Wed, Feb 10, 2021 at 4:04 AM Dr. David Alan Gilbert (git) wrote: > > From: "Dr. David Alan Gilbert" > + > +typedef struct { > +/* Offsets within the file being mapped */ > +uint64_t fd_offset[VHOST_USER_FS_SLAVE_ENTRIES]; > +/* Offsets within the cache */ > +uint64_t c_offset[V

Re: [Virtio-fs] [PATCH v3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-05 Thread Chirantan Ekbote
On Tue, Feb 2, 2021 at 3:22 AM Stefan Hajnoczi wrote: > Hi Chirantan, > I wanted to bring this CVE to your attention because the discussion has > revealed a number of other issues (not necessarily security issues) in > virtiofsd that may also be present in other virtio-fs daemon > implementations.

Re: [Virtio-fs] [PATCH v3] virtiofsd: add container-friendly -o sandbox=chroot option

2020-10-19 Thread Chirantan Ekbote
On Thu, Oct 8, 2020 at 5:55 PM Stefan Hajnoczi wrote: > > virtiofsd cannot run in a container because CAP_SYS_ADMIN is required to > create namespaces. > In crosvm we deal with this by also creating a user namespace, which then allows us to create the mount, net, and pid namespaces as well. Could

Re: [Virtio-fs] tools/virtiofs: Multi threading seems to hurt performance

2020-09-23 Thread Chirantan Ekbote
On Sat, Sep 19, 2020 at 6:36 AM Vivek Goyal wrote: > > Hi All, > > virtiofsd default thread pool size is 64. To me it feels that in most of > the cases thread pool size 1 performs better than thread pool size 64. > > I ran virtiofs-tests. > > https://github.com/rhvgoyal/virtiofs-tests > > And here

Re: [Virtio-fs] [PATCH 0/2] virtiofsd: drop Linux capabilities(7)

2020-07-13 Thread Chirantan Ekbote
On Thu, Jun 25, 2020 at 9:55 PM Vivek Goyal wrote: > > On Thu, Jun 25, 2020 at 12:19:39PM +0900, Chirantan Ekbote wrote: > [..] > > > Chirantan, > > > > > > So you ended up renaming all "trusted", "security" and "system" xattrs? &

Re: [Virtio-fs] [PATCH 0/2] virtiofsd: drop Linux capabilities(7)

2020-06-24 Thread Chirantan Ekbote
On Sat, Jun 20, 2020 at 4:15 AM Vivek Goyal wrote: > > On Fri, Jun 19, 2020 at 01:46:20PM +0900, Chirantan Ekbote wrote: > > On Fri, Jun 19, 2020 at 4:27 AM Vivek Goyal wrote: > > > > > > On Thu, Jun 18, 2020 at 08:16:55PM +0100, Dr. David Alan Gilbert wro

Re: [Virtio-fs] [PATCH 0/2] virtiofsd: drop Linux capabilities(7)

2020-06-19 Thread Chirantan Ekbote
On Fri, Jun 19, 2020 at 4:27 AM Vivek Goyal wrote: > > On Thu, Jun 18, 2020 at 08:16:55PM +0100, Dr. David Alan Gilbert wrote: > > * Vivek Goyal (vgo...@redhat.com) wrote: > > > On Thu, Apr 16, 2020 at 05:49:05PM +0100, Stefan Hajnoczi wrote: > > > > virtiofsd doesn't need of all Linux capabilitie

Re: [Virtio-fs] [PATCH 0/2] virtiofsd: drop Linux capabilities(7)

2020-06-19 Thread Chirantan Ekbote
On Fri, Jun 19, 2020 at 5:40 PM Dr. David Alan Gilbert wrote: > > * Chirantan Ekbote (chiran...@chromium.org) wrote: > > > We ended up working around it by prefixing "user.virtiofs." to the > > xattr name[2], which has its own problems but there was pretty much no &