VirtFS mapped symlinks resolved wrong

Why not using simple symlinks on the host with xattr like on normal files instead of those hacks which either don't work on client or don't work on the host?

And maybe you should use lsetxattr and lgetxattr instead of the symlink resolving versions setxattr and getxattr

Responding to multiple issues raised above.

- Let us track this bug for the security/symlink issue and open a different defect for the mount issue.
- I tried to reproduce this defect with the QEMU mainline. I don't see the problem. More description on
  the environment (Host OS/Guest OS/ QEMU command line etc) and how to reproduce the problem will
  be helpful.
  [root@localhost mmnt]# cat file1
  omg it is important
  [root@localhost mmnt]# ln -sf file1 sym1
  [root@localhost mmnt]# ls -l
  total 16
  -rw-r--r-- 1 root root 20 2010-09-24 01:24 file1
  lrwxrwxrwx 1 root root 6 2010-09-24 01:24 sym1 -> file1
  [root@localhost mmnt]# logout
- Moshroom:
  - There are multiple security models here, if you use 'passthrough' same type of files are created on the
     host/guest. But if you use 'mapped' security model this is how we do it.
     This security model is for cloud use case scenarios. Please read more in this post
     http://<email address hidden>/msg31452.html
  - No need to use lsetattr/lgetattr here because we always create regular files in this model.

Host OS is Debian sid/experimental amd64 with 2.6.32-5-amd64 (2.6.32-23). qemu-kvm version can be found above. As said before the symlink were created outside the vm and then tried to access inside the vm.

So I have to use passthrough in host/client shared folders... which means I have to run kvm as root. :(

But mapped is also really confusing. Everything inside the vm:

$ id
uid=0(root) gid=0(root) groups=0(root)
$ touch newfile
$ -rw-r--r-- 1 root 1000 0 Sep 24 20:39 newfile

So the gid is not set correctly. On thhe host:

% xattr newfile
user.virtfs.uid
user.virtfs.mode

I started it using:
% /usr/local/kvm/bin/qemu-system-x86_64 -m 1024 -kernel linux-2.6.35.5.qemu -drive file=root.cow1,if=virtio -net nic,macaddr=02:ca:ff:ee:ba:be,model=virtio,vlan=1 -net tap,ifname=tap1,vlan=1,script=no -virtfs local,path=/shared,security_model=mapped,mount_tag=host -nographic

Passthrough model needs to be used if you want the compatibility on/off the virtfs mount.
The mapped model virtfs-izes the filesystem. For mapped model, one need to start a fresh share and continue
to use it only from the guest.

Regarding gid is not being correct, please use 9P2000.L protocol, on the mount specify -o version=9p2000.L.
The default is 9P2000.U which doesn't support gid.

Ex mount command:

mount -t 9p -o trans=virtio -o version=9p2000.L -o debug=0xFFFF v_map_virtfs /mmnt

We recently added some info the the external wiki. (http://wiki.qemu.org/Documentation/9psetup)

- JV

Fixed by the mentioned documentation