kata-types: Support disabled sharefs with config of shared_fs = "none"

For CoCo, shared_fs is prohibited as we cannot guarantee the security of guest/host sharing. Therefore, this PR enables administrators to configure shared_fs = "none" via the configuration.toml file, thereby enforcing the disablement of sharing. Fixes #10677 Signed-off-by: alex.lyn <alex.lyn@antgroup.com>
2025-09-17 23:07:55 +00:00 · 2025-05-30 16:06:55 +08:00
parent 9488ce822d
commit f3c8ef9200
1 changed files with 7 additions and 0 deletions
--- a/src/libs/kata-types/src/config/hypervisor/mod.rs
+++ b/src/libs/kata-types/src/config/hypervisor/mod.rs
@@ -65,6 +65,7 @@ pub const VIRTIO_PMEM: &str = "virtio-pmem";
 mod firecracker;
 pub use self::firecracker::{FirecrackerConfig, HYPERVISOR_NAME_FIRECRACKER};

+const NO_VIRTIO_FS: &str = "none";
 const VIRTIO_9P: &str = "virtio-9p";
 const VIRTIO_FS: &str = "virtio-fs";
 const VIRTIO_FS_INLINE: &str = "inline-virtio-fs";
@@ -932,6 +933,7 @@ pub struct SharedFsInfo {
    /// Shared file system type:
    /// - virtio-fs (default)
    /// - virtio-9p`
+    /// - none
    pub shared_fs: Option<String>,

    /// Path to vhost-user-fs daemon.
@@ -981,6 +983,11 @@ pub struct SharedFsInfo {
 impl SharedFsInfo {
    /// Adjust the configuration information after loading from configuration file.
    pub fn adjust_config(&mut self) -> Result<()> {
+        if self.shared_fs.as_deref() == Some(NO_VIRTIO_FS) {
+            self.shared_fs = None;
+            return Ok(());
+        }
+
        if self.shared_fs.as_deref() == Some("") {
            self.shared_fs = Some(default::DEFAULT_SHARED_FS_TYPE.to_string());
        }