virtiofs: Allow read only mode

Resolves: https://issues.redhat.com/browse/RHEL-72192
Signed-off-by: Adam Julis <ajulis@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

docs/formatdomain.rst

@@ -3824,8 +3824,8 @@ A directory on the host that can be accessed directly from the guest.
    :since:`Since 10.0.0`
 ``readonly``
    Enables exporting filesystem as a readonly mount for guest, by default
-   read-write access is given (currently only works for QEMU/KVM driver; not
-   with virtiofs).
+   read-write access is given (works for QEMU/KVM driver, :since:`Since 11.0.0,
+   requires virtiofs 1.13.0` ).
 ``space_hard_limit``
    Maximum space available to this guest's filesystem. :since:`Since 0.9.13`
    Only supported by the OpenVZ driver.

src/qemu/qemu_validate.c

@@ -4540,11 +4540,6 @@ qemuValidateDomainDeviceDefFS(virDomainFSDef *fs,
 
     case VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS:
         if (!fs->sock) {
-            if (fs->readonly) {
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                               _("virtiofs does not yet support read-only mode"));
-                return -1;
-            }
             if (fs->accessmode != VIR_DOMAIN_FS_ACCESSMODE_PASSTHROUGH) {
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                                _("virtiofs only supports passthrough accessmode"));
@@ -4557,12 +4552,6 @@ qemuValidateDomainDeviceDefFS(virDomainFSDef *fs,
             }
         }
 
-        if (fs->readonly) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("virtiofs does not support read-only access"));
-            return -1;
-        }
-
         if (fs->model != VIR_DOMAIN_FS_MODEL_DEFAULT) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                            _("virtiofs does not support model"));

src/qemu/qemu_virtiofs.c

@@ -228,6 +228,9 @@ qemuVirtioFSBuildCommandLine(virQEMUDriverConfig *cfg,
                                fs->idmap.gidmap[i].count);
     }
 
+    if (fs->readonly)
+        virCommandAddArg(cmd, "--readonly");
+
     return g_steal_pointer(&cmd);
 }
 

tests/qemuxmlconfdata/vhost-user-fs-readonly.x86_64-latest.args

@@ -0,0 +1,34 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/var/lib/libvirt/qemu/domain--1-guest \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \
+XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \
+XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=guest,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \
+-machine pc,usb=off,dump-guest-core=off,acpi=off \
+-accel kvm \
+-cpu qemu64 \
+-m size=14680064k \
+-overcommit mem-lock=off \
+-smp 2,sockets=2,cores=1,threads=1 \
+-object '{"qom-type":"memory-backend-file","id":"ram-node0","mem-path":"/var/lib/libvirt/qemu/ram/-1-guest/ram-node0","share":true,"size":15032385536}' \
+-numa node,nodeid=0,cpus=0-1,memdev=ram-node0 \
+-uuid 126f2720-6f8e-45ab-a886-ec9277079a67 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-boot strict=on \
+-chardev socket,id=chr-vu-fs0,path=/var/lib/libvirt/qemu/domain--1-guest/fs0-fs.sock \
+-device '{"driver":"vhost-user-fs-pci","id":"fs0","chardev":"chr-vu-fs0","queue-size":1024,"tag":"mount_tag","bus":"pci.0","addr":"0x2"}' \
+-audiodev '{"id":"audio1","driver":"none"}' \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on

tests/qemuxmlconfdata/vhost-user-fs-readonly.x86_64-latest.err

@@ -1 +0,0 @@
-unsupported configuration: virtiofs does not yet support read-only mode

tests/qemuxmlconfdata/vhost-user-fs-readonly.x86_64-latest.xml

@@ -0,0 +1 @@
+vhost-user-fs-readonly.xml

tests/qemuxmlconfdata/vhost-user-fs-readonly.xml

@@ -39,6 +39,7 @@
     </filesystem>
     <input type='mouse' bus='ps2'/>
     <input type='keyboard' bus='ps2'/>
+    <audio id='1' type='none'/>
     <memballoon model='none'/>
   </devices>
 </domain>

tests/qemuxmlconftest.c

@@ -2880,7 +2880,7 @@ mymain(void)
     DO_TEST_CAPS_LATEST("vhost-user-fs-fd-memory");
     DO_TEST_CAPS_LATEST("vhost-user-fs-fd-openfiles");
     DO_TEST_CAPS_LATEST("vhost-user-fs-hugepages");
-    DO_TEST_CAPS_LATEST_PARSE_ERROR("vhost-user-fs-readonly");
+    DO_TEST_CAPS_LATEST("vhost-user-fs-readonly");
 
     DO_TEST_CAPS_ARCH_LATEST("vhost-user-fs-ccw", "s390x");
     DO_TEST_CAPS_ARCH_LATEST_PARSE_ERROR("vhost-user-fs-ccw-bootindex", "s390x");