summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fs
diff options
context:
space:
mode:
authorAyush Ranjan <ayushranjan@google.com>2021-10-08 14:46:16 -0700
committergVisor bot <gvisor-bot@google.com>2021-10-08 14:48:35 -0700
commitda41ecc5be8a25d116b520da2c3d424ef488b159 (patch)
tree52166d53f4474cf834c3408e06bdf85194ccf7fe /pkg/sentry/fs
parente44b100654ca639d11221e547384f699e461296d (diff)
Disallow "trusted" namespace xattr in VFS2 gofer client.
Allowing this namespace makes way for a lot of GetXattr RPCs to the gofer process when the gofer filesystem is the lower layer of an overlay. The overlay filesystem aggressively queries for "trusted.overlay.opaque" which in practice is never found in the lower layer gofer. But leads to a lot of wasted work. A consequence is that mutable gofer upper layer is not supported anymore but that is still consistent with VFS1. We can revisit when need arises. PiperOrigin-RevId: 401860585
Diffstat (limited to 'pkg/sentry/fs')
0 files changed, 0 insertions, 0 deletions