* [RFC PATCH] virtfs: 9p: local: add default uid and gid options
@ 2025-12-01 18:00 Andrey Erokhin
2025-12-03 10:33 ` Christian Schoenebeck
2026-01-28 19:13 ` Andrey Erokhin
0 siblings, 2 replies; 12+ messages in thread
From: Andrey Erokhin @ 2025-12-01 18:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Christian Schoenebeck, Greg Kurz
I was trying to boot from a directory tree owned by an ordinary user,
and some daemons weren't happy about non-root ownership of some files
Example use:
-virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
Works with any security_model
Signed-off-by: Andrey Erokhin <language.lawyer@gmail.com>
---
fsdev/file-op-9p.h | 5 +++++
fsdev/qemu-fsdev-opts.c | 12 ++++++++++++
fsdev/qemu-fsdev.c | 2 ++
hw/9pfs/9p-local.c | 15 +++++++++++++++
hw/9pfs/9p.c | 2 ++
system/vl.c | 9 +++++++++
6 files changed, 45 insertions(+)
diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h
index b9dae8c84c..46fb88001e 100644
--- a/fsdev/file-op-9p.h
+++ b/fsdev/file-op-9p.h
@@ -15,6 +15,7 @@
#define FILE_OP_9P_H
#include <dirent.h>
+#include <sys/types.h>
#include <utime.h>
#include "qemu-fsdev-throttle.h"
#include "p9array.h"
@@ -94,6 +95,8 @@ typedef struct FsDriverEntry {
FsThrottle fst;
mode_t fmode;
mode_t dmode;
+ uid_t dflt_uid;
+ gid_t dflt_gid;
} FsDriverEntry;
struct FsContext {
@@ -107,6 +110,8 @@ struct FsContext {
void *private;
mode_t fmode;
mode_t dmode;
+ uid_t dflt_uid;
+ gid_t dflt_gid;
};
struct V9fsPath {
diff --git a/fsdev/qemu-fsdev-opts.c b/fsdev/qemu-fsdev-opts.c
index 07a18c6e48..c99abb3de6 100644
--- a/fsdev/qemu-fsdev-opts.c
+++ b/fsdev/qemu-fsdev-opts.c
@@ -46,6 +46,12 @@ static QemuOptsList qemu_fsdev_opts = {
}, {
.name = "dmode",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "uid",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "gid",
+ .type = QEMU_OPT_NUMBER,
},
THROTTLE_OPTS,
@@ -92,6 +98,12 @@ static QemuOptsList qemu_virtfs_opts = {
}, {
.name = "dmode",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "uid",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "gid",
+ .type = QEMU_OPT_NUMBER,
},
{ /*End of list */ }
diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c
index 57877dad0a..faa84dc033 100644
--- a/fsdev/qemu-fsdev.c
+++ b/fsdev/qemu-fsdev.c
@@ -58,6 +58,8 @@ static FsDriverTable FsDrivers[] = {
"writeout",
"fmode",
"dmode",
+ "uid",
+ "gid",
"multidevs",
"throttling.bps-total",
"throttling.bps-read",
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 5ce97b76a6..cecf4aa50c 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -198,6 +198,12 @@ static int local_lstat(FsContext *fs_ctx, V9fsPath *fs_path, struct stat *stbuf)
if (err) {
goto err_out;
}
+ if (fs_ctx->dflt_uid != -1) {
+ stbuf->st_uid = fs_ctx->dflt_uid;
+ }
+ if (fs_ctx->dflt_gid != -1) {
+ stbuf->st_gid = fs_ctx->dflt_gid;
+ }
if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
/* Actual credentials are part of extended attrs */
uid_t tmp_uid;
@@ -788,6 +794,12 @@ static int local_fstat(FsContext *fs_ctx, int fid_type,
if (err) {
return err;
}
+ if (fs_ctx->dflt_uid != -1) {
+ stbuf->st_uid = fs_ctx->dflt_uid;
+ }
+ if (fs_ctx->dflt_gid != -1) {
+ stbuf->st_gid = fs_ctx->dflt_gid;
+ }
if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
/* Actual credentials are part of extended attrs */
uid_t tmp_uid;
@@ -1570,6 +1582,9 @@ static int local_parse_opts(QemuOpts *opts, FsDriverEntry *fse, Error **errp)
return -1;
}
+ fse->dflt_uid = qemu_opt_get_number(opts, "uid", -1);
+ fse->dflt_gid = qemu_opt_get_number(opts, "gid", -1);
+
if (fse->export_flags & V9FS_SM_MAPPED ||
fse->export_flags & V9FS_SM_MAPPED_FILE) {
fse->fmode =
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index acfa7db4e1..492379d361 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -4317,6 +4317,8 @@ int v9fs_device_realize_common(V9fsState *s, const V9fsTransport *t,
s->ctx.fmode = fse->fmode;
s->ctx.dmode = fse->dmode;
+ s->ctx.dflt_uid = fse->dflt_uid;
+ s->ctx.dflt_gid = fse->dflt_gid;
s->fids = g_hash_table_new(NULL, NULL);
qemu_co_rwlock_init(&s->rename_lock);
diff --git a/system/vl.c b/system/vl.c
index 3b7057e6c6..d363b046a6 100644
--- a/system/vl.c
+++ b/system/vl.c
@@ -3253,6 +3253,7 @@ void qemu_init(int argc, char **argv)
QemuOpts *fsdev;
QemuOpts *device;
const char *writeout, *sock_fd, *socket, *path, *security_model,
+ *uid, *gid,
*multidevs;
olist = qemu_find_opts("virtfs");
@@ -3301,6 +3302,14 @@ void qemu_init(int argc, char **argv)
qemu_opt_set(fsdev, "security_model", security_model,
&error_abort);
}
+ uid = qemu_opt_get(opts, "uid");
+ if (uid) {
+ qemu_opt_set(fsdev, "uid", uid, &error_abort);
+ }
+ gid = qemu_opt_get(opts, "gid");
+ if (gid) {
+ qemu_opt_set(fsdev, "gid", gid, &error_abort);
+ }
socket = qemu_opt_get(opts, "socket");
if (socket) {
qemu_opt_set(fsdev, "socket", socket, &error_abort);
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-01 18:00 [RFC PATCH] virtfs: 9p: local: add default uid and gid options Andrey Erokhin
@ 2025-12-03 10:33 ` Christian Schoenebeck
2025-12-06 17:10 ` Andrey Erokhin
2026-01-28 19:13 ` Andrey Erokhin
1 sibling, 1 reply; 12+ messages in thread
From: Christian Schoenebeck @ 2025-12-03 10:33 UTC (permalink / raw)
To: Greg Kurz, Andrey Erokhin; +Cc: qemu-devel
On Monday, 1 December 2025 19:00:53 CET Andrey Erokhin wrote:
> I was trying to boot from a directory tree owned by an ordinary user,
> and some daemons weren't happy about non-root ownership of some files
>
> Example use:
> -virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
>
> Works with any security_model
First I thought do we really want to open that rabbit hole and add permission
management to the CLI options? However I get why this might be useful for
mapped[-*] security models.
But for passthrough it is not of any use, is it? Just saying, because you
write it "Works with any security_model".
Also while it is very handy to have a short option name like "uid" and "gid",
for the sake of long term progression and clarity an option name like
"default-uid" would be more appropriate.
The patch is also missing the required documentation changes for these new
options BTW.
/Christian
> Signed-off-by: Andrey Erokhin <language.lawyer@gmail.com>
> ---
> fsdev/file-op-9p.h | 5 +++++
> fsdev/qemu-fsdev-opts.c | 12 ++++++++++++
> fsdev/qemu-fsdev.c | 2 ++
> hw/9pfs/9p-local.c | 15 +++++++++++++++
> hw/9pfs/9p.c | 2 ++
> system/vl.c | 9 +++++++++
> 6 files changed, 45 insertions(+)
>
> diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h
> index b9dae8c84c..46fb88001e 100644
> --- a/fsdev/file-op-9p.h
> +++ b/fsdev/file-op-9p.h
> @@ -15,6 +15,7 @@
> #define FILE_OP_9P_H
>
> #include <dirent.h>
> +#include <sys/types.h>
> #include <utime.h>
> #include "qemu-fsdev-throttle.h"
> #include "p9array.h"
> @@ -94,6 +95,8 @@ typedef struct FsDriverEntry {
> FsThrottle fst;
> mode_t fmode;
> mode_t dmode;
> + uid_t dflt_uid;
> + gid_t dflt_gid;
> } FsDriverEntry;
>
> struct FsContext {
> @@ -107,6 +110,8 @@ struct FsContext {
> void *private;
> mode_t fmode;
> mode_t dmode;
> + uid_t dflt_uid;
> + gid_t dflt_gid;
> };
>
> struct V9fsPath {
> diff --git a/fsdev/qemu-fsdev-opts.c b/fsdev/qemu-fsdev-opts.c
> index 07a18c6e48..c99abb3de6 100644
> --- a/fsdev/qemu-fsdev-opts.c
> +++ b/fsdev/qemu-fsdev-opts.c
> @@ -46,6 +46,12 @@ static QemuOptsList qemu_fsdev_opts = {
> }, {
> .name = "dmode",
> .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "uid",
> + .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "gid",
> + .type = QEMU_OPT_NUMBER,
> },
>
> THROTTLE_OPTS,
> @@ -92,6 +98,12 @@ static QemuOptsList qemu_virtfs_opts = {
> }, {
> .name = "dmode",
> .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "uid",
> + .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "gid",
> + .type = QEMU_OPT_NUMBER,
> },
>
> { /*End of list */ }
> diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c
> index 57877dad0a..faa84dc033 100644
> --- a/fsdev/qemu-fsdev.c
> +++ b/fsdev/qemu-fsdev.c
> @@ -58,6 +58,8 @@ static FsDriverTable FsDrivers[] = {
> "writeout",
> "fmode",
> "dmode",
> + "uid",
> + "gid",
> "multidevs",
> "throttling.bps-total",
> "throttling.bps-read",
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index 5ce97b76a6..cecf4aa50c 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -198,6 +198,12 @@ static int local_lstat(FsContext *fs_ctx, V9fsPath
> *fs_path, struct stat *stbuf) if (err) {
> goto err_out;
> }
> + if (fs_ctx->dflt_uid != -1) {
> + stbuf->st_uid = fs_ctx->dflt_uid;
> + }
> + if (fs_ctx->dflt_gid != -1) {
> + stbuf->st_gid = fs_ctx->dflt_gid;
> + }
> if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
> /* Actual credentials are part of extended attrs */
> uid_t tmp_uid;
> @@ -788,6 +794,12 @@ static int local_fstat(FsContext *fs_ctx, int fid_type,
> if (err) {
> return err;
> }
> + if (fs_ctx->dflt_uid != -1) {
> + stbuf->st_uid = fs_ctx->dflt_uid;
> + }
> + if (fs_ctx->dflt_gid != -1) {
> + stbuf->st_gid = fs_ctx->dflt_gid;
> + }
> if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
> /* Actual credentials are part of extended attrs */
> uid_t tmp_uid;
> @@ -1570,6 +1582,9 @@ static int local_parse_opts(QemuOpts *opts,
> FsDriverEntry *fse, Error **errp) return -1;
> }
>
> + fse->dflt_uid = qemu_opt_get_number(opts, "uid", -1);
> + fse->dflt_gid = qemu_opt_get_number(opts, "gid", -1);
> +
> if (fse->export_flags & V9FS_SM_MAPPED ||
> fse->export_flags & V9FS_SM_MAPPED_FILE) {
> fse->fmode =
> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> index acfa7db4e1..492379d361 100644
> --- a/hw/9pfs/9p.c
> +++ b/hw/9pfs/9p.c
> @@ -4317,6 +4317,8 @@ int v9fs_device_realize_common(V9fsState *s, const
> V9fsTransport *t,
>
> s->ctx.fmode = fse->fmode;
> s->ctx.dmode = fse->dmode;
> + s->ctx.dflt_uid = fse->dflt_uid;
> + s->ctx.dflt_gid = fse->dflt_gid;
>
> s->fids = g_hash_table_new(NULL, NULL);
> qemu_co_rwlock_init(&s->rename_lock);
> diff --git a/system/vl.c b/system/vl.c
> index 3b7057e6c6..d363b046a6 100644
> --- a/system/vl.c
> +++ b/system/vl.c
> @@ -3253,6 +3253,7 @@ void qemu_init(int argc, char **argv)
> QemuOpts *fsdev;
> QemuOpts *device;
> const char *writeout, *sock_fd, *socket, *path,
> *security_model, + *uid, *gid,
> *multidevs;
>
> olist = qemu_find_opts("virtfs");
> @@ -3301,6 +3302,14 @@ void qemu_init(int argc, char **argv)
> qemu_opt_set(fsdev, "security_model", security_model,
> &error_abort);
> }
> + uid = qemu_opt_get(opts, "uid");
> + if (uid) {
> + qemu_opt_set(fsdev, "uid", uid, &error_abort);
> + }
> + gid = qemu_opt_get(opts, "gid");
> + if (gid) {
> + qemu_opt_set(fsdev, "gid", gid, &error_abort);
> + }
> socket = qemu_opt_get(opts, "socket");
> if (socket) {
> qemu_opt_set(fsdev, "socket", socket, &error_abort);
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-03 10:33 ` Christian Schoenebeck
@ 2025-12-06 17:10 ` Andrey Erokhin
2025-12-07 11:34 ` Warner Losh
0 siblings, 1 reply; 12+ messages in thread
From: Andrey Erokhin @ 2025-12-06 17:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Christian Schoenebeck
On 03/12/2025 15:33, Christian Schoenebeck wrote:
> On Monday, 1 December 2025 19:00:53 CET Andrey Erokhin wrote:
>> I was trying to boot from a directory tree owned by an ordinary user,
>> and some daemons weren't happy about non-root ownership of some files
>>
>> Example use:
>> -virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
>>
>> Works with any security_model
>
> First I thought do we really want to open that rabbit hole and add permission management to the CLI options? However I get why this might be useful for mapped[-*] security models.
> But for passthrough it is not of any use, is it?
Prolly none, just a side effect of how it's implemented.
Can either make it an error when used with passthrough, or ignore them (use default -1 value) when copying options to 9p fs context (with or without a warning)
> Also while it is very handy to have a short option name like "uid" and "gid", for the sake of long term progression and clarity an option name like "default-uid" would be more appropriate.
Or rather default_uid, to match other options style? But uid/gid also kinda match fmode/dmode :\
> The patch is also missing the required documentation changes for these new options BTW.
Haven’t added them yet, wasn’t sure there would be interest in this feature
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-06 17:10 ` Andrey Erokhin
@ 2025-12-07 11:34 ` Warner Losh
2025-12-09 10:21 ` Christian Schoenebeck
0 siblings, 1 reply; 12+ messages in thread
From: Warner Losh @ 2025-12-07 11:34 UTC (permalink / raw)
To: Andrey Erokhin; +Cc: QEMU Developers, Christian Schoenebeck
[-- Attachment #1: Type: text/plain, Size: 1982 bytes --]
On Sat, Dec 6, 2025, 10:12 AM Andrey Erokhin <language.lawyer@gmail.com>
wrote:
> On 03/12/2025 15:33, Christian Schoenebeck wrote:
> > On Monday, 1 December 2025 19:00:53 CET Andrey Erokhin wrote:
> >> I was trying to boot from a directory tree owned by an ordinary user,
> >> and some daemons weren't happy about non-root ownership of some files
> >>
> >> Example use:
> >> -virtfs
> local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
> >>
> >> Works with any security_model
> >
> > First I thought do we really want to open that rabbit hole and add
> permission management to the CLI options? However I get why this might be
> useful for mapped[-*] security models.
> > But for passthrough it is not of any use, is it?
>
> Prolly none, just a side effect of how it's implemented.
> Can either make it an error when used with passthrough, or ignore them
> (use default -1 value) when copying options to 9p fs context (with or
> without a warning)
>
> > Also while it is very handy to have a short option name like "uid" and
> "gid", for the sake of long term progression and clarity an option name
> like "default-uid" would be more appropriate.
>
> Or rather default_uid, to match other options style? But uid/gid also
> kinda match fmode/dmode :\
>
FreeBSD has a mode where you can build the image where the files in the
filesystem are owned by the user with random permission bits, but the
actual owners / modes are in an mtree formatted file. The nopriv imagers
combine the two when making images. It would be nice to have p9 do a
simular mapping for the guest so I can boot test these images more directly
w/o the copyout to the "bootable image". The set the uid feature would
help, true, but leaves me wanting more.
Warner
> The patch is also missing the required documentation changes for these
> new options BTW.
>
> Haven’t added them yet, wasn’t sure there would be interest in this feature
>
>
[-- Attachment #2: Type: text/html, Size: 2711 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-07 11:34 ` Warner Losh
@ 2025-12-09 10:21 ` Christian Schoenebeck
2025-12-09 10:38 ` Warner Losh
0 siblings, 1 reply; 12+ messages in thread
From: Christian Schoenebeck @ 2025-12-09 10:21 UTC (permalink / raw)
To: Andrey Erokhin, Warner Losh; +Cc: qemu-devel, QEMU Developers
On Sunday, 7 December 2025 12:34:24 CET Warner Losh wrote:
> On Sat, Dec 6, 2025, 10:12 AM Andrey Erokhin <language.lawyer@gmail.com>
> wrote:
> > On 03/12/2025 15:33, Christian Schoenebeck wrote:
> > > On Monday, 1 December 2025 19:00:53 CET Andrey Erokhin wrote:
[...]
> > > But for passthrough it is not of any use, is it?
> >
> > Prolly none, just a side effect of how it's implemented.
> > Can either make it an error when used with passthrough, or ignore them
> > (use default -1 value) when copying options to 9p fs context (with or
> > without a warning)
> >
> > > Also while it is very handy to have a short option name like "uid" and
> >
> > "gid", for the sake of long term progression and clarity an option name
> > like "default-uid" would be more appropriate.
> >
> > Or rather default_uid, to match other options style? But uid/gid also
> > kinda match fmode/dmode :\
Right, that would render it strange having default_uid/default_gid vs. fmod/
gmode when all of them actually mean default values.
OK, as fmode/dmode are already there, then let's stick to your initial
suggestion of just using uid/gid.
But similar to fmode/dmode it should be made clear on documentation level that
uid/gid are only useful for mapped security models.
> FreeBSD has a mode where you can build the image where the files in the
> filesystem are owned by the user with random permission bits, but the
> actual owners / modes are in an mtree formatted file. The nopriv imagers
> combine the two when making images. It would be nice to have p9 do a
> simular mapping for the guest so I can boot test these images more directly
> w/o the copyout to the "bootable image". The set the uid feature would
> help, true, but leaves me wanting more.
And a host level (not yet existing) tool like qemu-9p-chown, qemu-9p-chmod
would be less appropriate for your use case?
/Christian
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-09 10:21 ` Christian Schoenebeck
@ 2025-12-09 10:38 ` Warner Losh
0 siblings, 0 replies; 12+ messages in thread
From: Warner Losh @ 2025-12-09 10:38 UTC (permalink / raw)
To: Christian Schoenebeck; +Cc: Andrey Erokhin, QEMU Developers
[-- Attachment #1: Type: text/plain, Size: 2777 bytes --]
On Tue, Dec 9, 2025 at 3:21 AM Christian Schoenebeck <qemu_oss@crudebyte.com>
wrote:
> On Sunday, 7 December 2025 12:34:24 CET Warner Losh wrote:
> > On Sat, Dec 6, 2025, 10:12 AM Andrey Erokhin <language.lawyer@gmail.com>
>
> > wrote:
> > > On 03/12/2025 15:33, Christian Schoenebeck wrote:
> > > > On Monday, 1 December 2025 19:00:53 CET Andrey Erokhin wrote:
> [...]
> > > > But for passthrough it is not of any use, is it?
> > >
> > > Prolly none, just a side effect of how it's implemented.
> > > Can either make it an error when used with passthrough, or ignore them
> > > (use default -1 value) when copying options to 9p fs context (with or
> > > without a warning)
> > >
> > > > Also while it is very handy to have a short option name like "uid"
> and
> > >
> > > "gid", for the sake of long term progression and clarity an option name
> > > like "default-uid" would be more appropriate.
> > >
> > > Or rather default_uid, to match other options style? But uid/gid also
> > > kinda match fmode/dmode :\
>
> Right, that would render it strange having default_uid/default_gid vs.
> fmod/
> gmode when all of them actually mean default values.
>
> OK, as fmode/dmode are already there, then let's stick to your initial
> suggestion of just using uid/gid.
>
> But similar to fmode/dmode it should be made clear on documentation level
> that
> uid/gid are only useful for mapped security models.
>
> > FreeBSD has a mode where you can build the image where the files in the
> > filesystem are owned by the user with random permission bits, but the
> > actual owners / modes are in an mtree formatted file. The nopriv imagers
> > combine the two when making images. It would be nice to have p9 do a
> > simular mapping for the guest so I can boot test these images more
> directly
> > w/o the copyout to the "bootable image". The set the uid feature would
> > help, true, but leaves me wanting more.
>
> And a host level (not yet existing) tool like qemu-9p-chown, qemu-9p-chmod
> would be less appropriate for your use case?
>
I can't answer directly, since I can't look them up :)
But... I want to own all the files on the host, but I want them to conform
to a spec on
view p9 gives to the guest:
/etc/rc.d type=dir uname=root gname=wheel mode=755
./etc/rc.d/accounting type=file uname=root gname=wheel mode=555
./usr/bin type=dir uname=root gname=wheel mode=755
./usr type=dir uname=root gname=wheel mode=755
./usr/bin/last type=file uname=root gname=wheel mode=555
is a small excerpt of the file we happen to use (though I'm agnostic as to
the actual
format). But these files are long:
wc _.armv7.14.3.metalog
5316 26759 399552 _.armv7.14.3.metalog
which might pose problems...
Warner
[-- Attachment #2: Type: text/html, Size: 3595 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2025-12-01 18:00 [RFC PATCH] virtfs: 9p: local: add default uid and gid options Andrey Erokhin
2025-12-03 10:33 ` Christian Schoenebeck
@ 2026-01-28 19:13 ` Andrey Erokhin
2026-01-30 14:30 ` Christian Schoenebeck
1 sibling, 1 reply; 12+ messages in thread
From: Andrey Erokhin @ 2026-01-28 19:13 UTC (permalink / raw)
To: qemu-devel; +Cc: Christian Schoenebeck, Greg Kurz
> I was trying to boot from a directory tree owned by an ordinary user,
> and some daemons weren't happy about non-root ownership of some files
>
> Example use:
> -virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
I personally switched from fuse-overlayfs to user namespaces+kernel overlay fs (for writeable overlay for rootfs) long time ago, so I do not need uid=0,gid=0, I'm being mapped to 0:0 in the user namespace.
I wanted to publish this change to support users which can't use user namespaces, but yesterday I realized I could just run QEMU (with fuse-overlayfs) under fakeroot 🤦♂️
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2026-01-28 19:13 ` Andrey Erokhin
@ 2026-01-30 14:30 ` Christian Schoenebeck
2026-02-10 9:45 ` Andrey Erokhin
0 siblings, 1 reply; 12+ messages in thread
From: Christian Schoenebeck @ 2026-01-30 14:30 UTC (permalink / raw)
To: qemu-devel; +Cc: Greg Kurz, Andrey Erokhin
On Wednesday, 28 January 2026 20:13:45 CET Andrey Erokhin wrote:
> > I was trying to boot from a directory tree owned by an ordinary user,
> > and some daemons weren't happy about non-root ownership of some files
> >
> > Example use:
> > -virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
>
> I personally switched from fuse-overlayfs to user namespaces+kernel overlay
> fs (for writeable overlay for rootfs) long time ago, so I do not need
> uid=0,gid=0, I'm being mapped to 0:0 in the user namespace. I wanted to
> publish this change to support users which can't use user namespaces, but
> yesterday I realized I could just run QEMU (with fuse-overlayfs) under
> fakeroot 🤦♂️
Nevertheless you already came more than half way to finish this. All it would
take is adding some lines to the command line docs.
But if you don't have the chance to finish this, no problem either, then I'm
going to pin your current patch version to
https://wiki.qemu.org/Documentation/9p#Implementation_Plans in case somebody
else might be interested to finish this in future. Your call.
/Christian
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2026-01-30 14:30 ` Christian Schoenebeck
@ 2026-02-10 9:45 ` Andrey Erokhin
2026-02-11 14:07 ` Christian Schoenebeck
0 siblings, 1 reply; 12+ messages in thread
From: Andrey Erokhin @ 2026-02-10 9:45 UTC (permalink / raw)
To: Christian Schoenebeck, qemu-devel
On 30/01/2026 19:30, Christian Schoenebeck wrote:
> On Wednesday, 28 January 2026 20:13:45 CET Andrey Erokhin wrote:
>>> I was trying to boot from a directory tree owned by an ordinary user,
>>> and some daemons weren't happy about non-root ownership of some files
>>>
>>> Example use:
>>> -virtfs local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
>>
>> I personally switched from fuse-overlayfs to user namespaces+kernel overlay
>> fs (for writeable overlay for rootfs) long time ago, so I do not need
>> uid=0,gid=0, I'm being mapped to 0:0 in the user namespace. I wanted to
>> publish this change to support users which can't use user namespaces, but
>> yesterday I realized I could just run QEMU (with fuse-overlayfs) under
>> fakeroot 🤦♂️
>
> Nevertheless you already came more than half way to finish this. All it would take is adding some lines to the command line docs.
Do you mean smth. like this?
(BTW, is it OK that there is no fmode/dmode processing in system/vl.c?)
---
fsdev/file-op-9p.h | 4 ++++
fsdev/qemu-fsdev-opts.c | 12 ++++++++++++
fsdev/qemu-fsdev.c | 2 ++
hw/9pfs/9p-local.c | 25 +++++++++++++++++++++++++
hw/9pfs/9p.c | 2 ++
qemu-options.hx | 24 ++++++++++++++++++++----
system/vl.c | 9 +++++++++
7 files changed, 74 insertions(+), 4 deletions(-)
diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h
index b9dae8c84c..10f3a7270c 100644
--- a/fsdev/file-op-9p.h
+++ b/fsdev/file-op-9p.h
@@ -94,6 +94,8 @@ typedef struct FsDriverEntry {
FsThrottle fst;
mode_t fmode;
mode_t dmode;
+ uid_t dflt_uid;
+ gid_t dflt_gid;
} FsDriverEntry;
struct FsContext {
@@ -107,6 +109,8 @@ struct FsContext {
void *private;
mode_t fmode;
mode_t dmode;
+ uid_t dflt_uid;
+ gid_t dflt_gid;
};
struct V9fsPath {
diff --git a/fsdev/qemu-fsdev-opts.c b/fsdev/qemu-fsdev-opts.c
index 07a18c6e48..c99abb3de6 100644
--- a/fsdev/qemu-fsdev-opts.c
+++ b/fsdev/qemu-fsdev-opts.c
@@ -46,6 +46,12 @@ static QemuOptsList qemu_fsdev_opts = {
}, {
.name = "dmode",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "uid",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "gid",
+ .type = QEMU_OPT_NUMBER,
},
THROTTLE_OPTS,
@@ -92,6 +98,12 @@ static QemuOptsList qemu_virtfs_opts = {
}, {
.name = "dmode",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "uid",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "gid",
+ .type = QEMU_OPT_NUMBER,
},
{ /*End of list */ }
diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c
index 57877dad0a..faa84dc033 100644
--- a/fsdev/qemu-fsdev.c
+++ b/fsdev/qemu-fsdev.c
@@ -58,6 +58,8 @@ static FsDriverTable FsDrivers[] = {
"writeout",
"fmode",
"dmode",
+ "uid",
+ "gid",
"multidevs",
"throttling.bps-total",
"throttling.bps-read",
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 5ce97b76a6..f20b1c5d1a 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -198,6 +198,12 @@ static int local_lstat(FsContext *fs_ctx, V9fsPath *fs_path, struct stat *stbuf)
if (err) {
goto err_out;
}
+ if (fs_ctx->dflt_uid != -1) {
+ stbuf->st_uid = fs_ctx->dflt_uid;
+ }
+ if (fs_ctx->dflt_gid != -1) {
+ stbuf->st_gid = fs_ctx->dflt_gid;
+ }
if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
/* Actual credentials are part of extended attrs */
uid_t tmp_uid;
@@ -788,6 +794,12 @@ static int local_fstat(FsContext *fs_ctx, int fid_type,
if (err) {
return err;
}
+ if (fs_ctx->dflt_uid != -1) {
+ stbuf->st_uid = fs_ctx->dflt_uid;
+ }
+ if (fs_ctx->dflt_gid != -1) {
+ stbuf->st_gid = fs_ctx->dflt_gid;
+ }
if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
/* Actual credentials are part of extended attrs */
uid_t tmp_uid;
@@ -1587,6 +1599,19 @@ static int local_parse_opts(QemuOpts *opts, FsDriverEntry *fse, Error **errp)
}
}
+ if (fse->export_flags & V9FS_SM_PASSTHROUGH) {
+ if (qemu_opt_find(opts, "uid")) {
+ error_setg(errp, "uid is invalid in the passthrough security mode");
+ return -1;
+ }
+ if (qemu_opt_find(opts, "gid")) {
+ error_setg(errp, "gid is invalid in the passthrough security mode");
+ return -1;
+ }
+ }
+ fse->dflt_uid = qemu_opt_get_number(opts, "uid", -1);
+ fse->dflt_gid = qemu_opt_get_number(opts, "gid", -1);
+
fse->path = g_strdup(path);
return 0;
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index acfa7db4e1..492379d361 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -4317,6 +4317,8 @@ int v9fs_device_realize_common(V9fsState *s, const V9fsTransport *t,
s->ctx.fmode = fse->fmode;
s->ctx.dmode = fse->dmode;
+ s->ctx.dflt_uid = fse->dflt_uid;
+ s->ctx.dflt_gid = fse->dflt_gid;
s->fids = g_hash_table_new(NULL, NULL);
qemu_co_rwlock_init(&s->rename_lock);
diff --git a/qemu-options.hx b/qemu-options.hx
index ab23f14d21..84f108d9ad 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1806,7 +1806,7 @@ ERST
DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
"-fsdev local,id=id,path=path,security_model=mapped-xattr|mapped-file|passthrough|none\n"
- " [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode]\n"
+ " [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,uid=uid][,gid=gid]\n"
" [[,throttling.bps-total=b]|[[,throttling.bps-read=r][,throttling.bps-write=w]]]\n"
" [[,throttling.iops-total=i]|[[,throttling.iops-read=r][,throttling.iops-write=w]]]\n"
" [[,throttling.bps-total-max=bm]|[[,throttling.bps-read-max=rm][,throttling.bps-write-max=wm]]]\n"
@@ -1816,7 +1816,7 @@ DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
QEMU_ARCH_ALL)
SRST
-``-fsdev local,id=id,path=path,security_model=security_model [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode] [,throttling.option=value[,throttling.option=value[,...]]]``
+``-fsdev local,id=id,path=path,security_model=security_model [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode][,uid=uid][,gid=gid] [,throttling.option=value[,throttling.option=value[,...]]]``
\
``-fsdev synth,id=id[,readonly=on]``
Define a new file system device. Valid options are:
@@ -1870,6 +1870,14 @@ SRST
host. Works only with security models "mapped-xattr" and
"mapped-file".
+ ``uid=uid``
+ Specifies the default uid for files and directories. Works with
+ security models "mapped-xattr", "mapped-file" and "none".
+
+ ``gid=gid``
+ Specifies the default gid for files and directories. Works with
+ security models "mapped-xattr", "mapped-file" and "none".
+
``throttling.bps-total=b,throttling.bps-read=r,throttling.bps-write=w``
Specify bandwidth throttling limits in bytes per second, either
for all request types or for reads or writes only.
@@ -1911,12 +1919,12 @@ ERST
DEF("virtfs", HAS_ARG, QEMU_OPTION_virtfs,
"-virtfs local,path=path,mount_tag=tag,security_model=mapped-xattr|mapped-file|passthrough|none\n"
- " [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,multidevs=remap|forbid|warn]\n"
+ " [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,uid=uid][,gid=gid][,multidevs=remap|forbid|warn]\n"
"-virtfs synth,mount_tag=tag[,id=id][,readonly=on]\n",
QEMU_ARCH_ALL)
SRST
-``-virtfs local,path=path,mount_tag=mount_tag ,security_model=security_model[,writeout=writeout][,readonly=on] [,fmode=fmode][,dmode=dmode][,multidevs=multidevs]``
+``-virtfs local,path=path,mount_tag=mount_tag ,security_model=security_model[,writeout=writeout][,readonly=on] [,fmode=fmode][,dmode=dmode][,uid=uid][,gid=gid][,multidevs=multidevs]``
\
``-virtfs synth,mount_tag=mount_tag``
Define a new virtual filesystem device and expose it to the guest using
@@ -1980,6 +1988,14 @@ SRST
host. Works only with security models "mapped-xattr" and
"mapped-file".
+ ``uid=uid``
+ Specifies the default uid for files and directories. Works with
+ security models "mapped-xattr", "mapped-file" and "none".
+
+ ``gid=gid``
+ Specifies the default gid for files and directories. Works with
+ security models "mapped-xattr", "mapped-file" and "none".
+
``mount_tag=mount_tag``
Specifies the tag name to be used by the guest to mount this
export point.
diff --git a/system/vl.c b/system/vl.c
index 3b7057e6c6..d363b046a6 100644
--- a/system/vl.c
+++ b/system/vl.c
@@ -3253,6 +3253,7 @@ void qemu_init(int argc, char **argv)
QemuOpts *fsdev;
QemuOpts *device;
const char *writeout, *sock_fd, *socket, *path, *security_model,
+ *uid, *gid,
*multidevs;
olist = qemu_find_opts("virtfs");
@@ -3301,6 +3302,14 @@ void qemu_init(int argc, char **argv)
qemu_opt_set(fsdev, "security_model", security_model,
&error_abort);
}
+ uid = qemu_opt_get(opts, "uid");
+ if (uid) {
+ qemu_opt_set(fsdev, "uid", uid, &error_abort);
+ }
+ gid = qemu_opt_get(opts, "gid");
+ if (gid) {
+ qemu_opt_set(fsdev, "gid", gid, &error_abort);
+ }
socket = qemu_opt_get(opts, "socket");
if (socket) {
qemu_opt_set(fsdev, "socket", socket, &error_abort);
--
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2026-02-10 9:45 ` Andrey Erokhin
@ 2026-02-11 14:07 ` Christian Schoenebeck
2026-02-13 21:53 ` Andrey Erokhin
0 siblings, 1 reply; 12+ messages in thread
From: Christian Schoenebeck @ 2026-02-11 14:07 UTC (permalink / raw)
To: qemu-devel; +Cc: Andrey Erokhin, Greg Kurz
On Tuesday, 10 February 2026 10:45:09 CET Andrey Erokhin wrote:
> On 30/01/2026 19:30, Christian Schoenebeck wrote:
> > On Wednesday, 28 January 2026 20:13:45 CET Andrey Erokhin wrote:
> >>> I was trying to boot from a directory tree owned by an ordinary user,
> >>> and some daemons weren't happy about non-root ownership of some files
> >>>
> >>> Example use:
> >>> -virtfs
> >>> local,path=rootfs,mount_tag=root,security_model=mapped,uid=0,gid=0
> >>
> >> I personally switched from fuse-overlayfs to user namespaces+kernel
> >> overlay
> >> fs (for writeable overlay for rootfs) long time ago, so I do not need
> >> uid=0,gid=0, I'm being mapped to 0:0 in the user namespace. I wanted to
> >> publish this change to support users which can't use user namespaces, but
> >> yesterday I realized I could just run QEMU (with fuse-overlayfs) under
> >> fakeroot 🤦♂️
> >
> > Nevertheless you already came more than half way to finish this. All it
> > would take is adding some lines to the command line docs.
> Do you mean smth. like this?
Yes, but you know the drill: top post as v2, please.
> (BTW, is it OK that there is no fmode/dmode processing in system/vl.c?)
You mean error handling of these options. Well, earlier error handling on one
hand might be more desirable, but OTOH it might also be more complicated to be
handled in vl.c than either in 9p.c or 9p-local.c I guess.
/Christian
>
> ---
> fsdev/file-op-9p.h | 4 ++++
> fsdev/qemu-fsdev-opts.c | 12 ++++++++++++
> fsdev/qemu-fsdev.c | 2 ++
> hw/9pfs/9p-local.c | 25 +++++++++++++++++++++++++
> hw/9pfs/9p.c | 2 ++
> qemu-options.hx | 24 ++++++++++++++++++++----
> system/vl.c | 9 +++++++++
> 7 files changed, 74 insertions(+), 4 deletions(-)
>
> diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h
> index b9dae8c84c..10f3a7270c 100644
> --- a/fsdev/file-op-9p.h
> +++ b/fsdev/file-op-9p.h
> @@ -94,6 +94,8 @@ typedef struct FsDriverEntry {
> FsThrottle fst;
> mode_t fmode;
> mode_t dmode;
> + uid_t dflt_uid;
> + gid_t dflt_gid;
> } FsDriverEntry;
>
> struct FsContext {
> @@ -107,6 +109,8 @@ struct FsContext {
> void *private;
> mode_t fmode;
> mode_t dmode;
> + uid_t dflt_uid;
> + gid_t dflt_gid;
> };
>
> struct V9fsPath {
> diff --git a/fsdev/qemu-fsdev-opts.c b/fsdev/qemu-fsdev-opts.c
> index 07a18c6e48..c99abb3de6 100644
> --- a/fsdev/qemu-fsdev-opts.c
> +++ b/fsdev/qemu-fsdev-opts.c
> @@ -46,6 +46,12 @@ static QemuOptsList qemu_fsdev_opts = {
> }, {
> .name = "dmode",
> .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "uid",
> + .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "gid",
> + .type = QEMU_OPT_NUMBER,
> },
>
> THROTTLE_OPTS,
> @@ -92,6 +98,12 @@ static QemuOptsList qemu_virtfs_opts = {
> }, {
> .name = "dmode",
> .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "uid",
> + .type = QEMU_OPT_NUMBER,
> + }, {
> + .name = "gid",
> + .type = QEMU_OPT_NUMBER,
> },
>
> { /*End of list */ }
> diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c
> index 57877dad0a..faa84dc033 100644
> --- a/fsdev/qemu-fsdev.c
> +++ b/fsdev/qemu-fsdev.c
> @@ -58,6 +58,8 @@ static FsDriverTable FsDrivers[] = {
> "writeout",
> "fmode",
> "dmode",
> + "uid",
> + "gid",
> "multidevs",
> "throttling.bps-total",
> "throttling.bps-read",
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index 5ce97b76a6..f20b1c5d1a 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -198,6 +198,12 @@ static int local_lstat(FsContext *fs_ctx, V9fsPath
> *fs_path, struct stat *stbuf) if (err) {
> goto err_out;
> }
> + if (fs_ctx->dflt_uid != -1) {
> + stbuf->st_uid = fs_ctx->dflt_uid;
> + }
> + if (fs_ctx->dflt_gid != -1) {
> + stbuf->st_gid = fs_ctx->dflt_gid;
> + }
> if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
> /* Actual credentials are part of extended attrs */
> uid_t tmp_uid;
> @@ -788,6 +794,12 @@ static int local_fstat(FsContext *fs_ctx, int fid_type,
> if (err) {
> return err;
> }
> + if (fs_ctx->dflt_uid != -1) {
> + stbuf->st_uid = fs_ctx->dflt_uid;
> + }
> + if (fs_ctx->dflt_gid != -1) {
> + stbuf->st_gid = fs_ctx->dflt_gid;
> + }
> if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
> /* Actual credentials are part of extended attrs */
> uid_t tmp_uid;
> @@ -1587,6 +1599,19 @@ static int local_parse_opts(QemuOpts *opts,
> FsDriverEntry *fse, Error **errp) }
> }
>
> + if (fse->export_flags & V9FS_SM_PASSTHROUGH) {
> + if (qemu_opt_find(opts, "uid")) {
> + error_setg(errp, "uid is invalid in the passthrough security
> mode"); + return -1;
> + }
> + if (qemu_opt_find(opts, "gid")) {
> + error_setg(errp, "gid is invalid in the passthrough security
> mode"); + return -1;
> + }
> + }
> + fse->dflt_uid = qemu_opt_get_number(opts, "uid", -1);
> + fse->dflt_gid = qemu_opt_get_number(opts, "gid", -1);
> +
> fse->path = g_strdup(path);
>
> return 0;
> diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> index acfa7db4e1..492379d361 100644
> --- a/hw/9pfs/9p.c
> +++ b/hw/9pfs/9p.c
> @@ -4317,6 +4317,8 @@ int v9fs_device_realize_common(V9fsState *s, const
> V9fsTransport *t,
>
> s->ctx.fmode = fse->fmode;
> s->ctx.dmode = fse->dmode;
> + s->ctx.dflt_uid = fse->dflt_uid;
> + s->ctx.dflt_gid = fse->dflt_gid;
>
> s->fids = g_hash_table_new(NULL, NULL);
> qemu_co_rwlock_init(&s->rename_lock);
> diff --git a/qemu-options.hx b/qemu-options.hx
> index ab23f14d21..84f108d9ad 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -1806,7 +1806,7 @@ ERST
>
> DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
> "-fsdev
> local,id=id,path=path,security_model=mapped-xattr|mapped-file|passthrough|n
> one\n" - "
> [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode]\n" + "
> [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,uid=uid][,
> gid=gid]\n" "
> [[,throttling.bps-total=b]|[[,throttling.bps-read=r][,throttling.bps-write=
> w]]]\n" "
> [[,throttling.iops-total=i]|[[,throttling.iops-read=r][,throttling.iops-wri
> te=w]]]\n" "
> [[,throttling.bps-total-max=bm]|[[,throttling.bps-read-max=rm][,throttling.
> bps-write-max=wm]]]\n" @@ -1816,7 +1816,7 @@ DEF("fsdev", HAS_ARG,
> QEMU_OPTION_fsdev,
> QEMU_ARCH_ALL)
>
> SRST
> -``-fsdev local,id=id,path=path,security_model=security_model
> [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode]
> [,throttling.option=value[,throttling.option=value[,...]]]`` +``-fsdev
> local,id=id,path=path,security_model=security_model
> [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode][,uid=uid][,g
> id=gid] [,throttling.option=value[,throttling.option=value[,...]]]`` \
> ``-fsdev synth,id=id[,readonly=on]``
> Define a new file system device. Valid options are:
> @@ -1870,6 +1870,14 @@ SRST
> host. Works only with security models "mapped-xattr" and
> "mapped-file".
>
> + ``uid=uid``
> + Specifies the default uid for files and directories. Works with
> + security models "mapped-xattr", "mapped-file" and "none".
> +
> + ``gid=gid``
> + Specifies the default gid for files and directories. Works with
> + security models "mapped-xattr", "mapped-file" and "none".
> +
> ``throttling.bps-total=b,throttling.bps-read=r,throttling.bps-write=w``
> Specify bandwidth throttling limits in bytes per second, either for all
> request types or for reads or writes only.
> @@ -1911,12 +1919,12 @@ ERST
>
> DEF("virtfs", HAS_ARG, QEMU_OPTION_virtfs,
> "-virtfs
> local,path=path,mount_tag=tag,security_model=mapped-xattr|mapped-file|passt
> hrough|none\n" - "
> [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,mu
> ltidevs=remap|forbid|warn]\n" + "
> [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,ui
> d=uid][,gid=gid][,multidevs=remap|forbid|warn]\n" "-virtfs
> synth,mount_tag=tag[,id=id][,readonly=on]\n",
> QEMU_ARCH_ALL)
>
> SRST
> -``-virtfs local,path=path,mount_tag=mount_tag
> ,security_model=security_model[,writeout=writeout][,readonly=on]
> [,fmode=fmode][,dmode=dmode][,multidevs=multidevs]`` +``-virtfs
> local,path=path,mount_tag=mount_tag
> ,security_model=security_model[,writeout=writeout][,readonly=on]
> [,fmode=fmode][,dmode=dmode][,uid=uid][,gid=gid][,multidevs=multidevs]`` \
> ``-virtfs synth,mount_tag=mount_tag``
> Define a new virtual filesystem device and expose it to the guest using
> @@ -1980,6 +1988,14 @@ SRST
> host. Works only with security models "mapped-xattr" and
> "mapped-file".
>
> + ``uid=uid``
> + Specifies the default uid for files and directories. Works with
> + security models "mapped-xattr", "mapped-file" and "none".
> +
> + ``gid=gid``
> + Specifies the default gid for files and directories. Works with
> + security models "mapped-xattr", "mapped-file" and "none".
> +
> ``mount_tag=mount_tag``
> Specifies the tag name to be used by the guest to mount this
> export point.
> diff --git a/system/vl.c b/system/vl.c
> index 3b7057e6c6..d363b046a6 100644
> --- a/system/vl.c
> +++ b/system/vl.c
> @@ -3253,6 +3253,7 @@ void qemu_init(int argc, char **argv)
> QemuOpts *fsdev;
> QemuOpts *device;
> const char *writeout, *sock_fd, *socket, *path,
> *security_model, + *uid, *gid,
> *multidevs;
>
> olist = qemu_find_opts("virtfs");
> @@ -3301,6 +3302,14 @@ void qemu_init(int argc, char **argv)
> qemu_opt_set(fsdev, "security_model", security_model,
> &error_abort);
> }
> + uid = qemu_opt_get(opts, "uid");
> + if (uid) {
> + qemu_opt_set(fsdev, "uid", uid, &error_abort);
> + }
> + gid = qemu_opt_get(opts, "gid");
> + if (gid) {
> + qemu_opt_set(fsdev, "gid", gid, &error_abort);
> + }
> socket = qemu_opt_get(opts, "socket");
> if (socket) {
> qemu_opt_set(fsdev, "socket", socket, &error_abort);
> --
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2026-02-11 14:07 ` Christian Schoenebeck
@ 2026-02-13 21:53 ` Andrey Erokhin
2026-02-16 8:51 ` Christian Schoenebeck
0 siblings, 1 reply; 12+ messages in thread
From: Andrey Erokhin @ 2026-02-13 21:53 UTC (permalink / raw)
To: Christian Schoenebeck, qemu-devel
On 11/02/2026 19:07, Christian Schoenebeck wrote:
> On Tuesday, 10 February 2026 10:45:09 CET Andrey Erokhin wrote:
>> (BTW, is it OK that there is no fmode/dmode processing in system/vl.c?)
>
> You mean error handling of these options. Well, earlier error handling on one hand might be more desirable, but OTOH it might also be more complicated to be handled in vl.c than either in 9p.c or 9p-local.c I guess.
I mean dmode/fmode do not reach 9p-local.c, at least when used in `-virtfs local,...`
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH] virtfs: 9p: local: add default uid and gid options
2026-02-13 21:53 ` Andrey Erokhin
@ 2026-02-16 8:51 ` Christian Schoenebeck
0 siblings, 0 replies; 12+ messages in thread
From: Christian Schoenebeck @ 2026-02-16 8:51 UTC (permalink / raw)
To: qemu-devel; +Cc: Andrey Erokhin
On Friday, 13 February 2026 22:53:40 CET Andrey Erokhin wrote:
> On 11/02/2026 19:07, Christian Schoenebeck wrote:
> > On Tuesday, 10 February 2026 10:45:09 CET Andrey Erokhin wrote:
> >> (BTW, is it OK that there is no fmode/dmode processing in system/vl.c?)
> >
> > You mean error handling of these options. Well, earlier error handling on
> > one hand might be more desirable, but OTOH it might also be more
> > complicated to be handled in vl.c than either in 9p.c or 9p-local.c I
> > guess.
> I mean dmode/fmode do not reach 9p-local.c, at least when used in `-virtfs
> local,...`
Oh, didn't notice. All parameters in general are supposed to work both with
the long form -fsdev ... -device, as well as with short form -virtfs.
/Christian
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2026-02-16 8:52 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-12-01 18:00 [RFC PATCH] virtfs: 9p: local: add default uid and gid options Andrey Erokhin
2025-12-03 10:33 ` Christian Schoenebeck
2025-12-06 17:10 ` Andrey Erokhin
2025-12-07 11:34 ` Warner Losh
2025-12-09 10:21 ` Christian Schoenebeck
2025-12-09 10:38 ` Warner Losh
2026-01-28 19:13 ` Andrey Erokhin
2026-01-30 14:30 ` Christian Schoenebeck
2026-02-10 9:45 ` Andrey Erokhin
2026-02-11 14:07 ` Christian Schoenebeck
2026-02-13 21:53 ` Andrey Erokhin
2026-02-16 8:51 ` Christian Schoenebeck
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.