kvm 9p 文件系统映射配置

原文链接：https://wiki.qemu.org/Documentation/9psetup

1.kernel 配置

    CONFIG_NET_9P=y
    CONFIG_NET_9P_VIRTIO=y
    CONFIG_NET_9P_DEBUG=y (Optional)
    CONFIG_9P_FS=y
    CONFIG_9P_FS_POSIX_ACL=y
    CONFIG_PCI=y
    CONFIG_VIRTIO_PCI=y

2.virtio配置

    CONFIG_PCI=y
    CONFIG_VIRTIO_PCI=y
    CONFIG_PCI_HOST_GENERIC=y (only needed for the QEMU Arm 'virt' board)

3.安全参数说明

To start the guest add the following options to enable 9P sharing in QEMU

    -fsdev fsdriver,passthrough|none][,writeout=writeout][,readonly]
     [,socket=socket|sock_fd=sock_fd] -device virtio-9p-pci,fsdev=[id],mount_tag=[mount tag]
     

You can instead use the following also, which is just a short-cut of the above command.

    -virtfs fsdriver,passthrough|none][,writeout=writeout][,readonly]
     [,socket=socket|sock_fd=sock_fd],mount_tag=[mount tag]

Options:

• fsdriver: This option specifies the fs driver backend to use. Currently only "local","handle" and "proxy" file system drivers are supported. In future we plan on adding various types of network and cluster filesystems here.

• id: Identifier used to refer to this fsdev.

• path: The path on the host that is identified by this fsdev.

• security_model: Valid options are mapped, passthrough & none.No need to specify security_model with "proxy" file system drivers.
• writeout=writeout: This is an optional argument. The only supported value is "immediate".
• readonly: Enables exporting 9p share as a readonly mount for guests. By default read-write access is given.
• socket=socket: Enables proxy filesystem driver to use passed socket file for communicating with virtfs-proxy-helper
• sock_fd=sock_fd: Enables proxy filesystem driver to use passed socket descriptor for communicating with virtfs-proxy-helper. Usually a helper like libvirt will create socketpair and pass one of the fds as sock_fd

1. mapped: Files are created with Qemu user credentials and the client-user's credentials are saved in extended attributes.
2. passthrough: Files on the filesystem are directly created with client-user's credentials.
3. none: It is equivalent to passthrough security model; the only exception is, failure of priviliged operation like chown are ignored. This makes a passthrough like security model usable for people who run kvm as non root.

• fsdev option is used along with -device driver "virtio-9p-pci".
• Options for virtio-9p-pci driver are:
• fsdev=id: Specifies the id value specified along with -fsdev option
• mount_tag: A tag which acts as a hint to the guest OS and is used to mount this exported path.

4.libvirt xml 配置

 <filesystem type='mount' accessmode='$security_model'>
   <source dir='$hostpath'/>
   <target dir='$mount_tag'/>
 </filesystem>

5.客户端挂载

mount -t 9p -o trans=virtio [mount tag] [mount point] -oversion=9p2000.L

• mount tag: As specified in Qemu commandline.
• mount point: Path to mount point.
• trans: Transport method (here virtio for using 9P over virtio)
• version: Protocol version. By default it is 9p2000.u .

Other options that can be used include:

• msize: Maximum packet size including any headers. By default it is 8KB.
• access: Following are the access modes

1. access=user : If a user tries to access a file on v9fs filesystem for the first time, v9fs sends an attach command (Tattach) for that user. This is the default mode.
2. access=<uid> : It only allows the user with uid=<uid> to access the files on the mounted filesystem
3. access=any : v9fs does single attach and performs all operations as one user
4. access=client : Fetches access control list values from the server and does an access check on the client.