Re: [PATCH] hw/9pfs: Follow native symlinks when security-model=mapped

[Christian Schoenebeck <qemu_oss@crudebyte.com>]

On Thursday, 20 November 2025 14:01:36 CET Andrey Erokhin wrote:
> A directory mounted via virtfs with security-model=mapped[-xattr|-file] can
> contain "native" symlinks
> 
> This can happen e.g. when booting from a rootfs directory tree (usually with
> writable overlay set up on the host side)
> 
> Currently, with security-model=mapped, QEMU expects that all host "symlinks"
> are in "mapped" format, i.e. are files containing the linked path, so it
> tries to open with O_NOFOLLOW and fails with ELOOP in case of a native
> symlink
> 
> This patch gives such cases a second chance: trying to open as a native
> symlink, by reusing security-model=[none|passthrough] else if branch

Hi Greg,

I would like to ask you to look at this patch as well.

As I already wrote on Gitlab, technically I think this patch is fine/harmless, 
as the resolved native symlink would solely be passed to guest for its own 
interpretation. AFAICS it would not be used by 9p server (host).

Andrey, just some minor issues from my side below:

Git commit log message should not exceed 76 characters per line.

> QEMU issues:
> https://gitlab.com/qemu-project/qemu/-/issues/173 (from
> https://bugs.launchpad.net/qemu/+bug/1831354)
> https://gitlab.com/qemu-project/qemu/-/issues/3088 (dup of the first one)

This should be:

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/173

The other links can be dropped. They are already linked by #173.

> Signed-off-by: Andrey Erokhin <language.lawyer@gmail.com>
> 
> 
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index 31e216227c..b4f8be2c81 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -468,12 +468,14 @@ static ssize_t local_readlink(FsContext *fs_ctx,
> V9fsPath *fs_path,
> 
>           fd = local_open_nofollow(fs_ctx, fs_path->data, O_RDONLY, 0);
>           if (fd == -1) {
> +            if (errno == ELOOP) goto native_symlink;
>               return -1;
>           }

scripts/checkpatch.pl complaints:

ERROR: trailing statements should be on next line
#33: FILE: hw/9pfs/9p-local.c:471:
+            if (errno == ELOOP) goto native_symlink;

ERROR: braces {} are necessary for all arms of this statement
#33: FILE: hw/9pfs/9p-local.c:471:
+            if (errno == ELOOP) goto native_symlink;
[...]

>           tsize = RETRY_ON_EINTR(read(fd, (void *)buf, bufsz));
>           close_preserve_errno(fd);
>       } else if ((fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
>                  (fs_ctx->export_flags & V9FS_SM_NONE)) {
> +native_symlink:;

Semicolon is unnecessary here, isn't it?

>           char *dirpath = g_path_get_dirname(fs_path->data);
>           char *name = g_path_get_basename(fs_path->data);
>           int dirfd;