[Qemu-devel] [PATCH] hw/9pfs: Handle Security model parsing

["M. Mohan Kumar" <mohan@in.ibm.com>]

Except local fs driver other fs drivers (handle) don't need
security model. Update fsdev parameter parsing accordingly.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
---
 fsdev/qemu-fsdev.c |   26 +++++++++++++++++---------
 qemu-options.hx    |   12 ++++++++----
 vl.c               |    6 ++----
 3 files changed, 27 insertions(+), 17 deletions(-)

diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c
index ce920d6..5977bcc 100644
--- a/fsdev/qemu-fsdev.c
+++ b/fsdev/qemu-fsdev.c
@@ -58,8 +58,15 @@ int qemu_fsdev_add(QemuOpts *opts)
         return -1;
     }
 
-    if (!sec_model) {
-        fprintf(stderr, "fsdev: No security_model specified.\n");
+    if (!strcmp(fsdriver, "local") && !sec_model) {
+        fprintf(stderr, "security model not specified, "
+                "local fs needs security model\nvalid options are:"
+                "\tsecurity_model=[passthrough|mapped|none]\n");
+        return -1;
+    }
+
+    if (strcmp(fsdriver, "local") && sec_model) {
+        fprintf(stderr, "only local fs driver needs security model\n");
         return -1;
     }
 
@@ -80,6 +87,10 @@ int qemu_fsdev_add(QemuOpts *opts)
         }
     }
 
+    if (strcmp(fsdriver, "local")) {
+        goto done;
+    }
+
     if (!strcmp(sec_model, "passthrough")) {
         fsle->fse.export_flags |= V9FS_SM_PASSTHROUGH;
     } else if (!strcmp(sec_model, "mapped")) {
@@ -87,14 +98,11 @@ int qemu_fsdev_add(QemuOpts *opts)
     } else if (!strcmp(sec_model, "none")) {
         fsle->fse.export_flags |= V9FS_SM_NONE;
     } else {
-        fprintf(stderr, "Default to security_model=none. You may want"
-                " enable advanced security model using "
-                "security option:\n\t security_model=passthrough\n\t "
-                "security_model=mapped\n");
-
-        fsle->fse.export_flags |= V9FS_SM_NONE;
+        fprintf(stderr, "Invalid security model %s specified, valid options are"
+                "\n\t [passthrough|mapped|none]\n", sec_model);
+        return -1;
     }
-
+done:
     QTAILQ_INSERT_TAIL(&fsdriver_entries, fsle, next);
     return 0;
 }
diff --git a/qemu-options.hx b/qemu-options.hx
index 518a1f1..f05be30 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -527,13 +527,13 @@ DEFHEADING()
 DEFHEADING(File system options:)
 
 DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
-    "-fsdev fsdriver,id=id,path=path,security_model=[mapped|passthrough|none]\n"
+    "-fsdev fsdriver,id=id,path=path,[security_model={mapped|passthrough|none}]\n"
     "       [,writeout=immediate]\n",
     QEMU_ARCH_ALL)
 
 STEXI
 
-@item -fsdev @var{fsdriver},id=@var{id},path=@var{path},security_model=@var{security_model}[,writeout=@var{writeout}]
+@item -fsdev @var{fsdriver},id=@var{id},path=@var{path},[security_model=@var{security_model}][,writeout=@var{writeout}]
 @findex -fsdev
 Define a new file system device. Valid options are:
 @table @option
@@ -555,7 +555,9 @@ attributes like uid, gid, mode bits and link target are stored as
 file attributes. Directories exported by this security model cannot
 interact with other unix tools. "none" security model is same as
 passthrough except the sever won't report failures if it fails to
-set file attributes like ownership.
+set file attributes like ownership. Security model is mandatory
+only for local fsdriver. Other fsdrivers (like handle) don't take
+security model as a parameter.
 @item writeout=@var{writeout}
 This is an optional argument. The only supported value is "immediate".
 This means that host page cache will be used to read and write data but
@@ -609,7 +611,9 @@ attributes like uid, gid, mode bits and link target are stored as
 file attributes. Directories exported by this security model cannot
 interact with other unix tools. "none" security model is same as
 passthrough except the sever won't report failures if it fails to
-set file attributes like ownership.
+set file attributes like ownership. Security model is mandatory only
+for local fsdriver. Other fsdrivers (like handle) don't take security
+model as a parameter.
 @item writeout=@var{writeout}
 This is an optional argument. The only supported value is "immediate".
 This means that host page cache will be used to read and write data but
diff --git a/vl.c b/vl.c
index 3b8199f..d672268 100644
--- a/vl.c
+++ b/vl.c
@@ -2800,14 +2800,12 @@ int main(int argc, char **argv, char **envp)
 
                 if (qemu_opt_get(opts, "fsdriver") == NULL ||
                         qemu_opt_get(opts, "mount_tag") == NULL ||
-                        qemu_opt_get(opts, "path") == NULL ||
-                        qemu_opt_get(opts, "security_model") == NULL) {
+                        qemu_opt_get(opts, "path") == NULL) {
                     fprintf(stderr, "Usage: -virtfs fsdriver,path=/share_path/,"
-                            "security_model=[mapped|passthrough|none],"
+                            "[security_model={mapped|passthrough|none}],"
                             "mount_tag=tag.\n");
                     exit(1);
                 }
-
                 fsdev = qemu_opts_create(qemu_find_opts("fsdev"),
                                          qemu_opt_get(opts, "mount_tag"), 1);
                 if (!fsdev) {
-- 
1.7.6