qemu: virtiofs: support <sandbox mode='chroot'/>

This maps to `virtiofsd -o sandbox=chroot|namespace`, which was added
in qemu 5.2.0:

https://git.qemu.org/?p=qemu.git;a=commit;h=06844584b62a43384642f7243b0fc01c9fff0fc7

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 60befb22822d9f00d52f2262107ce72dcd2bc55c..255d653118efc5e1219e0726706ae66f48ffcd3d 100644 (file)
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4141,6 +4141,13 @@ qemuValidateDomainDeviceDefFS(virDomainFSDef *fs,
         }
     }
 
+    if (fs->fsdriver != VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS &&
+        fs->sandbox != VIR_DOMAIN_FS_SANDBOX_MODE_DEFAULT) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                       _("sandbox can only be used with driver=virtiofs"));
+        return -1;
+    }
+
     switch ((virDomainFSDriverType) fs->fsdriver) {
     case VIR_DOMAIN_FS_DRIVER_TYPE_DEFAULT:
     case VIR_DOMAIN_FS_DRIVER_TYPE_PATH:

diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c
index c37ac5b4eeaede14daddb3ef6c2bac1c29d06a8a..e310f2e7aa2ccc9b34804d9eeefe16aae55184aa 100644 (file)
--- a/src/qemu/qemu_virtiofs.c
+++ b/src/qemu/qemu_virtiofs.c
@@ -131,6 +131,8 @@ qemuVirtioFSBuildCommandLine(virQEMUDriverConfig *cfg,
     virQEMUBuildBufferEscapeComma(&opts, fs->src->path);
     if (fs->cache)
         virBufferAsprintf(&opts, ",cache=%s", virDomainFSCacheModeTypeToString(fs->cache));
+    if (fs->sandbox)
+        virBufferAsprintf(&opts, ",sandbox=%s", virDomainFSSandboxModeTypeToString(fs->sandbox));
 
     if (fs->xattr == VIR_TRISTATE_SWITCH_ON)
         virBufferAddLit(&opts, ",xattr");