!31 Add udsproxy, add whitelist to qtfs and rexec, fix errors.

From: @anar 
Reviewed-by: @minknov 
Signed-off-by: @minknov

0005-Add-whitelist-of-qtfs.patch

@@ -0,0 +1,896 @@
+From 2052c2d81abe204e557b7b7d15be623caf26d7f7 Mon Sep 17 00:00:00 2001
+From: yangxin <245051644@qq.com>
+Date: Fri, 10 Feb 2023 16:37:27 +0800
+Subject: [PATCH 1/5] Add whitelist of qtfs.
+
+Signed-off-by: yangxin <245051644@qq.com>
+---
+ qtfs/comm.h                                   |  31 ++++
+ qtfs/misc.c                                   |   2 -
+ qtfs/qtfs/Makefile                            |   2 +-
+ qtfs/qtfs/qtfs-mod.h                          |   1 -
+ qtfs/qtfs/sb.c                                |  17 +-
+ qtfs/qtfs/syscall.c                           |   3 +-
+ qtfs/qtfs_server/Makefile                     |   4 +-
+ qtfs/qtfs_server/fsops.c                      | 145 ++++++++++++++----
+ qtfs/qtfs_server/qtfs-server.c                |  35 ++++-
+ qtfs/qtfs_server/qtfs-server.h                |   1 +
+ qtfs/qtfs_server/user_engine.c                |  51 +++++-
+ qtfs/req.h                                    |  36 ++---
+ .../whitelist/libvirt/qtfs_whitelist          |  35 +++++
+ 13 files changed, 286 insertions(+), 77 deletions(-)
+ create mode 100644 usecases/transparent-offload/whitelist/libvirt/qtfs_whitelist
+
+diff --git a/qtfs/comm.h b/qtfs/comm.h
+index d639c19..901552c 100644
+--- a/qtfs/comm.h
++++ b/qtfs/comm.h
+@@ -13,6 +13,7 @@ enum {
+ 	_QTFS_IOCTL_EXIT,
+ 
+ 	_QTFS_IOCTL_ALLINFO,
++	_QTFS_IOCTL_WHITELIST,
+ 	_QTFS_IOCTL_CLEARALL,
+ 
+ 	_QTFS_IOCTL_LOG_LEVEL,
+@@ -26,6 +27,7 @@ enum {
+ #define QTFS_IOCTL_EPOLL_THREAD_RUN		_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_EPOLL_THREAD_RUN)
+ #define QTFS_IOCTL_EXIT					_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_EXIT)
+ #define QTFS_IOCTL_ALLINFO				_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_ALLINFO)
++#define QTFS_IOCTL_WHITELIST				_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_WHITELIST)
+ #define QTFS_IOCTL_CLEARALL				_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_CLEARALL)
+ #define QTFS_IOCTL_LOGLEVEL				_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_LOG_LEVEL)
+ #define QTFS_IOCTL_EPOLL_SUPPORT		_IO(QTFS_IOCTL_MAGIC, _QTFS_IOCTL_EPOLL_SUPPORT)
+@@ -42,6 +44,35 @@ struct qtfs_server_userp_s {
+ 	void *userp2;
+ };
+ 
++
++enum {
++	QTFS_WHITELIST_OPEN,
++	QTFS_WHITELIST_WRITE,
++	QTFS_WHITELIST_READ,
++	QTFS_WHITELIST_READDIR,
++	QTFS_WHITELIST_MKDIR,
++	QTFS_WHITELIST_RMDIR,
++	QTFS_WHITELIST_CREATE,
++	QTFS_WHITELIST_UNLINK,
++	QTFS_WHITELIST_RENAME,
++	QTFS_WHITELIST_SETATTR,
++	QTFS_WHITELIST_SETXATTR,
++	QTFS_WHITELIST_MOUNT,
++	QTFS_WHITELIST_MAX,
++};
++
++
++struct wl_item {
++	int len;
++	char path[4096];
++};
++
++struct whitelist {
++	int len;
++	int type;
++	struct wl_item wl[0];
++};
++
+ struct qtfs_thread_init_s {
+ 	int thread_nums;
+ 	struct qtfs_server_userp_s *userp;
+diff --git a/qtfs/misc.c b/qtfs/misc.c
+index 90c8d36..98222bd 100644
+--- a/qtfs/misc.c
++++ b/qtfs/misc.c
+@@ -61,7 +61,6 @@ void qtfs_req_size(void)
+ 	qtfs_diag_info->req_size[QTFS_REQ_MOUNT] = sizeof(struct qtreq_mount);
+ 	qtfs_diag_info->req_size[QTFS_REQ_OPEN] = sizeof(struct qtreq_open);
+ 	qtfs_diag_info->req_size[QTFS_REQ_CLOSE] = sizeof(struct qtreq_close);
+-	qtfs_diag_info->req_size[QTFS_REQ_READ] = sizeof(struct qtreq_read);
+ 	qtfs_diag_info->req_size[QTFS_REQ_READITER] = sizeof(struct qtreq_readiter);
+ 	qtfs_diag_info->req_size[QTFS_REQ_WRITE] = sizeof(struct qtreq_write);
+ 	qtfs_diag_info->req_size[QTFS_REQ_LOOKUP] = sizeof(struct qtreq_lookup);
+@@ -92,7 +91,6 @@ void qtfs_req_size(void)
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_MOUNT] = sizeof(struct qtrsp_mount);
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_OPEN] = sizeof(struct qtrsp_open);
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_CLOSE] = sizeof(struct qtrsp_close);
+-	qtfs_diag_info->rsp_size[QTFS_REQ_READ] = sizeof(struct qtrsp_read);
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_READITER] = sizeof(struct qtrsp_readiter);
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_WRITE] = sizeof(struct qtrsp_write);
+ 	qtfs_diag_info->rsp_size[QTFS_REQ_LOOKUP] = sizeof(struct qtrsp_lookup);
+diff --git a/qtfs/qtfs/Makefile b/qtfs/qtfs/Makefile
+index f3c6014..f03ec52 100644
+--- a/qtfs/qtfs/Makefile
++++ b/qtfs/qtfs/Makefile
+@@ -11,4 +11,4 @@ qtfs:
+ 
+ clean:
+ 	make -C $(KBUILD) M=$(PWD) clean
+-	rm -rf ../*.o
++	rm -rf ../*.o ../.*.o.cmd
+diff --git a/qtfs/qtfs/qtfs-mod.h b/qtfs/qtfs/qtfs-mod.h
+index 5a30868..6ba7a4d 100644
+--- a/qtfs/qtfs/qtfs-mod.h
++++ b/qtfs/qtfs/qtfs-mod.h
+@@ -35,7 +35,6 @@ extern struct kmem_cache *qtfs_inode_priv_cache;
+ 
+ struct private_data {
+ 	int fd;
+-	unsigned long long file;
+ };
+ 
+ struct qtfs_inode_priv {
+diff --git a/qtfs/qtfs/sb.c b/qtfs/qtfs/sb.c
+index 06ce402..9374cfb 100644
+--- a/qtfs/qtfs/sb.c
++++ b/qtfs/qtfs/sb.c
+@@ -196,7 +196,6 @@ int qtfs_open(struct inode *inode, struct file *file)
+ 		return err;
+ 	}
+ 	qtfs_info("qtfs open:%s success, f_mode:%o flag:%x, fd:%d", req->path, file->f_mode, file->f_flags, rsp->fd);
+-	data->file = rsp->file;
+ 	data->fd = rsp->fd;
+ 	WARN_ON(file->private_data);
+ 	file->private_data = data;
+@@ -287,9 +286,9 @@ ssize_t qtfs_readiter(struct kiocb *kio, struct iov_iter *iov)
+ 		return -ENOMEM;
+ 	}
+ 
+-	req->file = private->file;
+-	if (req->file <= 0) {
+-		qtfs_err("qtfs_readiter: invalid file(0x%llx)", req->file);
++	req->fd = private->fd;
++	if (req->fd <= 0) {
++		qtfs_err("qtfs_readiter: invalid file(0x%llx)", req->fd);
+ 		qtfs_conn_put_param(pvar);
+ 		return -EINVAL;
+ 	}
+@@ -359,9 +358,9 @@ ssize_t qtfs_writeiter(struct kiocb *kio, struct iov_iter *iov)
+ 		return -ENOMEM;
+ 	}
+ 	
+-	req->d.file = private->file;
+-	if (req->d.file < 0) {
+-		qtfs_err("qtfs_write: invalid file(0x%llx)", req->d.file);
++	req->d.fd = private->fd;
++	if (req->d.fd < 0) {
++		qtfs_err("qtfs_write: invalid file(0x%llx)", req->d.fd);
+ 		qtfs_conn_put_param(pvar);
+ 		return -EINVAL;
+ 	}
+@@ -617,7 +616,7 @@ qtfsfifo_poll(struct file *filp, poll_table *wait)
+ 
+ 	p = &priv->readq.head;
+ 
+-	if (IS_ERR((void *)fpriv->file) || (void *)fpriv->file == NULL) {
++	if (fpriv->fd < 0) {
+ 		qtfs_err("fifo poll priv file invalid.");
+ 		return 0;
+ 	}
+@@ -627,7 +626,7 @@ qtfsfifo_poll(struct file *filp, poll_table *wait)
+ 		return 0;
+ 	}
+ 	req = qtfs_sock_msg_buf(pvar, QTFS_SEND);
+-	req->file = fpriv->file;
++	req->fd = fpriv->fd;
+ 	rsp = qtfs_remote_run(pvar, QTFS_REQ_FIFOPOLL, sizeof(struct qtreq_poll));
+ 	if (IS_ERR(rsp) || rsp == NULL) {
+ 		qtfs_conn_put_param(pvar);
+diff --git a/qtfs/qtfs/syscall.c b/qtfs/qtfs/syscall.c
+index 85cfbbe..2912f48 100644
+--- a/qtfs/qtfs/syscall.c
++++ b/qtfs/qtfs/syscall.c
+@@ -110,7 +110,6 @@ static void do_epoll_ctl_remote(int op, struct epoll_event __user *event, struct
+ 	}
+ 	req = qtfs_sock_msg_buf(pvar, QTFS_SEND);
+ 	req->fd = priv->fd;
+-	req->file = priv->file;
+ 	req->op = op;
+ 	if (ep_op_has_event(op) && copy_from_user(&tmp, event, sizeof(struct epoll_event))) {
+ 		qtfs_err("qtfs do epoll ctl remote copy from user failed.");
+@@ -131,7 +130,7 @@ static void do_epoll_ctl_remote(int op, struct epoll_event __user *event, struct
+ 	} else {
+ 		qtinfo_cntinc(QTINF_EPOLL_DELFDS);
+ 	}
+-	qtfs_info("qtfs do epoll ctl remote success, fd:%d file:%lx.", req->fd, (unsigned long)req->file);
++	qtfs_info("qtfs do epoll ctl remote success, fd:%d.", req->fd);
+ 	qtfs_conn_put_param(pvar);
+ 	return;
+ }
+diff --git a/qtfs/qtfs_server/Makefile b/qtfs/qtfs_server/Makefile
+index c1c5ef6..9c6bcd5 100644
+--- a/qtfs/qtfs_server/Makefile
++++ b/qtfs/qtfs_server/Makefile
+@@ -10,9 +10,9 @@ qtfs_server:
+ 	make -C $(KBUILD) M=$(PWD) modules
+ 
+ engine:
+-	gcc -O2 -o engine user_engine.c -lpthread -I../ -DQTFS_SERVER
++	gcc -O2 -o engine user_engine.c -lpthread -lglib-2.0 -I../ -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -DQTFS_SERVER
+ 
+ clean:
+ 	make -C $(KBUILD) M=$(PWD) clean
+ 	rm -rf engine
+-	rm -rf ../*.o
++	rm -rf ../*.o ../.*.o.cmd
+diff --git a/qtfs/qtfs_server/fsops.c b/qtfs/qtfs_server/fsops.c
+index 48ec7ab..d00db6d 100644
+--- a/qtfs/qtfs_server/fsops.c
++++ b/qtfs/qtfs_server/fsops.c
+@@ -23,6 +23,21 @@
+ #define RSP(arg) (arg->out)
+ #define USERP(arg) (arg->userp)
+ 
++bool in_white_list(char *path, int type)
++{
++	if (!whitelist[type]) {
++		return true;
++	}
++	int i, in_wl = -1;
++	for (i = 0; i < whitelist[type]->len; i++) {
++		if (!strncmp(path, whitelist[type]->wl[i].path, whitelist[type]->wl[i].len)){
++			in_wl = i;
++			break;
++		}
++	}
++	return in_wl != -1;
++}
++
+ static inline void qtfs_inode_info_fill(struct inode_info *ii, struct inode *inode)
+ {
+ 	ii->mode = inode->i_mode;
+@@ -55,7 +70,6 @@ static int handle_ioctl(struct qtserver_arg *arg)
+ 	struct qtreq_ioctl *req = (struct qtreq_ioctl *)REQ(arg);
+ 	struct qtrsp_ioctl *rsp = (struct qtrsp_ioctl *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
+-
+ 	file = filp_open(req->path, O_RDONLY, 0);
+ 	if (err_ptr(file)) {
+ 		qtfs_err("handle ioctl error, path:<%s> failed.\n", req->path);
+@@ -188,9 +202,13 @@ static int handle_statfs(struct qtserver_arg *arg)
+ static int handle_mount(struct qtserver_arg *arg)
+ {
+ 	struct path path;
+-	int ret;
++	int ret, i, in_wl = -1;
+ 	struct qtreq_mount *req = (struct qtreq_mount *)REQ(arg);
+ 	struct qtrsp_mount *rsp = (struct qtrsp_mount *)RSP(arg);
++	if (!in_white_list(req->path, QTFS_WHITELIST_MOUNT)) {
++		rsp->ret = QTFS_ERR;
++		return sizeof(rsp->ret);
++	}
+ 
+ 	ret = kern_path(req->path, LOOKUP_DIRECTORY, &path);
+ 	if (ret) {
+@@ -208,11 +226,15 @@ int handle_open(struct qtserver_arg *arg)
+ {
+ 	int fd;
+ 	int ret;
+-	struct fd f;
+-	struct file *file = NULL;
+ 	struct qtreq_open *req = (struct qtreq_open *)REQ(arg);
+ 	struct qtrsp_open *rsp = (struct qtrsp_open *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
++	if (!in_white_list(req->path, QTFS_WHITELIST_OPEN)) {
++		qtfs_err("handle open path:%s not permited", req->path);
++		rsp->ret = QTFS_ERR;
++		rsp->fd = -EACCES;
++		return sizeof(struct qtrsp_open);
++	}
+ 
+ 	ret = copy_to_user(userp->userp, req->path, strlen(req->path)+1);
+ 	if (ret) {
+@@ -235,26 +257,11 @@ int handle_open(struct qtserver_arg *arg)
+ 		}
+ 		rsp->ret = QTFS_ERR;
+ 		rsp->fd = fd;
+-		rsp->file = 0;
+ 		return sizeof(struct qtrsp_open);
+ 	}
+ 
+-	f = fdget(fd);
+-	file = f.file;
+-	if (err_ptr(file)) {
+-		rsp->ret = QTFS_ERR;
+-		rsp->fd = PTR_ERR(file);
+-		// must close_fd(fd)?
+-		WARN_ON(1);
+-		qtfs_err("handle open get file pointer of <<%s>> error, fd:%d file err:%d.", req->path, fd, rsp->fd);
+-		// XXX: fileclose here?
+-	} else {
+-		rsp->ret = QTFS_OK;
+-		rsp->file = (__u64)file;
+-		rsp->fd = fd;
+-	}
+-	qtfs_info("handle open file :%s fd:%d filep:%lx.", req->path, fd, (unsigned long)rsp->file);
+-	fdput(f);
++	rsp->ret = QTFS_OK;
++	rsp->fd = fd;
+ 	return sizeof(struct qtrsp_open);
+ }
+ 
+@@ -279,18 +286,30 @@ int handle_close(struct qtserver_arg *arg)
+ static int handle_readiter(struct qtserver_arg *arg)
+ {
+ 	struct file *file = NULL;
++    char *pathbuf, *fullname;
+ 	struct qtreq_readiter *req = (struct qtreq_readiter *)REQ(arg);
+ 	struct qtrsp_readiter *rsp = (struct qtrsp_readiter *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
+ 	size_t maxlen = (req->len >= sizeof(rsp->readbuf)) ? (sizeof(rsp->readbuf) - 1) : req->len;
+ 
+-	file = (struct file *)req->file;
++	file = fget(req->fd);
++	pathbuf = __getname();
++    fullname = file_path(file, pathbuf, PATH_MAX);
++	if (!in_white_list(fullname, QTFS_WHITELIST_READ)) {
++		qtfs_err("%s not in whitelist.\n", fullname);
++		__putname(pathbuf);
++		rsp->d.ret = QTFS_ERR;
++		rsp->d.len = 0;
++		rsp->d.errno = -ENOENT;
++		goto end;
++	}
++	__putname(pathbuf);
+ 	if (err_ptr(file)) {
+ 		qtfs_err("handle readiter error, open failed, file:%p.\n", file);
+ 		rsp->d.ret = QTFS_ERR;
+ 		rsp->d.len = 0;
+ 		rsp->d.errno = -ENOENT;
+-		return sizeof(struct qtrsp_readiter) - sizeof(rsp->readbuf) + rsp->d.len;
++		goto end;
+ 	}
+ 	if (file->f_op->read) {
+ 		int idx = 0;
+@@ -326,23 +345,35 @@ static int handle_readiter(struct qtserver_arg *arg)
+ 
+ 	qtfs_info("handle readiter file:<%s>, len:%lu, rsplen:%ld, pos:%lld, ret:%d errno:%d.\n",
+ 			file->f_path.dentry->d_iname, req->len, rsp->d.len, req->pos, rsp->d.ret, rsp->d.errno);
++end:
++	fput(file);
+ 	return sizeof(struct qtrsp_readiter) - sizeof(rsp->readbuf) + rsp->d.len;
+ }
+ 
+ static int handle_write(struct qtserver_arg *arg)
+ {
+ 	struct file *file = NULL;
++    char *pathbuf, *fullname;
+ 	struct qtreq_write *req = (struct qtreq_write *)REQ(arg);
+ 	struct qtrsp_write *rsp = (struct qtrsp_write *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
+ 	int idx = 0, leftlen = 0, ret = 0, len = 0;
+ 
+-	file = (struct file *)req->d.file;
++	file = fget(req->d.fd);
++	pathbuf = __getname();
++	fullname = file_path(file, pathbuf, PATH_MAX);
++	if (!in_white_list(fullname, QTFS_WHITELIST_WRITE)) {
++		kfree(pathbuf);
++		rsp->ret = QTFS_ERR;
++		rsp->len = 0;
++		goto end;
++	}
++	__putname(pathbuf);
+ 	if (err_ptr(file)) {
+ 		qtfs_err("qtfs handle write error, filp:<%p> open failed.\n", file);
+ 		rsp->ret = QTFS_ERR;
+ 		rsp->len = 0;
+-		return sizeof(struct qtrsp_write);
++		goto end;
+ 	}
+ 
+ 	file->f_mode = req->d.mode;
+@@ -372,6 +403,8 @@ static int handle_write(struct qtserver_arg *arg)
+ 	rsp->ret = (rsp->len <= 0) ? QTFS_ERR : QTFS_OK;
+ 	qtfs_info("handle write file<%s> %s, write len:%ld pos:%lld mode:%o flags:%x.", file->f_path.dentry->d_iname,
+ 			(rsp->ret == QTFS_ERR) ? "failed" : "succeded", rsp->len, req->d.pos, file->f_mode, file->f_flags);
++end:
++	fput(file);
+ 	return sizeof(struct qtrsp_write);
+ }
+ 
+@@ -438,6 +471,12 @@ static int handle_readdir(struct qtserver_arg *arg)
+ 		.dir = (struct qtfs_dirent64 *)rsp->dirent,
+ 		.vldcnt = 0,
+ 	};
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_READDIR)) {
++		rsp->d.ret = QTFS_ERR;
++		rsp->d.vldcnt = 0;
++		return sizeof(struct qtrsp_readdir) - sizeof(rsp->dirent);
++	}
+ 	file = filp_open(req->path, O_RDONLY|O_NONBLOCK|O_DIRECTORY, 0);
+ 	if (err_ptr(file)) {
+ 		qtfs_err("handle readdir error, filp:<%s> open failed.\n", req->path);
+@@ -466,7 +505,11 @@ static int handle_mkdir(struct qtserver_arg *arg)
+ 	struct inode *inode;
+ 	struct path path;
+ 	int ret;
+-
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_MKDIR)) {
++		rsp->errno = -EFAULT;
++		goto err;
++	}
+ 	if (copy_to_user(userp->userp, req->path, strlen(req->path) + 1)) {
+ 		qtfs_err("handle mkdir copy to userp failed.\n");
+ 		rsp->errno = -EFAULT;
+@@ -499,7 +542,11 @@ static int handle_rmdir(struct qtserver_arg *arg)
+ 	struct qtreq_rmdir *req = (struct qtreq_rmdir *)REQ(arg);
+ 	struct qtrsp_rmdir *rsp = (struct qtrsp_rmdir *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
+-
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_RMDIR)) {
++		rsp->errno = -EFAULT;
++		goto err;
++	}
+ 	if (copy_to_user(userp->userp, req->path, strlen(req->path) + 1)) {
+ 		qtfs_err("handle rmdir copy to userp failed.\n");
+ 		rsp->errno = -EFAULT;
+@@ -558,6 +605,12 @@ static int handle_setattr(struct qtserver_arg *arg)
+ 	struct inode *inode = NULL;
+ 	struct path path;
+ 	int ret;
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_SETATTR)) {
++		rsp->ret = QTFS_ERR;
++		rsp->errno = -ENOENT;
++		return sizeof(struct qtrsp_setattr);
++	}
+ 
+ 	ret = kern_path(req->path, 0, &path);
+ 	if (ret) {
+@@ -610,6 +663,12 @@ int handle_icreate(struct qtserver_arg *arg)
+ 	struct inode *inode;
+ 	struct qtreq_icreate *req = (struct qtreq_icreate *)REQ(arg);
+ 	struct qtrsp_icreate *rsp = (struct qtrsp_icreate *)RSP(arg);
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_CREATE)) {
++		rsp->ret = QTFS_ERR;
++		rsp->errno = -ENOENT;
++		return sizeof(struct qtrsp_icreate);
++	}
+ 
+ 	file = filp_open(req->path, O_CREAT, req->mode);
+ 	if (err_ptr(file)) {
+@@ -635,6 +694,12 @@ static int handle_mknod(struct qtserver_arg *arg)
+ 	struct path path;
+ 	int error;
+ 	unsigned int flags = LOOKUP_DIRECTORY;
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_CREATE)) {
++		rsp->ret = QTFS_ERR;
++		rsp->errno = -ENOENT;
++		return sizeof(struct qtrsp_mknod);
++	}
+ 
+ retry:
+ 	dent = kern_path_create(AT_FDCWD, req->path, &path, flags);
+@@ -668,6 +733,11 @@ int handle_unlink(struct qtserver_arg *arg)
+ {
+ 	struct qtreq_unlink *req = (struct qtreq_unlink *)REQ(arg);
+ 	struct qtrsp_unlink *rsp = (struct qtrsp_unlink *)RSP(arg);
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_UNLINK)) {
++		rsp->errno = -ENOENT;
++		return sizeof(struct qtrsp_unlink);
++	}
+ 
+ 	rsp->errno = qtfs_kern_syms.do_unlinkat(AT_FDCWD, qtfs_kern_syms.getname_kernel(req->path));
+ 	if (rsp->errno < 0) {
+@@ -770,7 +840,11 @@ int handle_rename(struct qtserver_arg *arg)
+ 	struct qtreq_rename *req = (struct qtreq_rename *)REQ(arg);
+ 	struct qtrsp_rename *rsp = (struct qtrsp_rename *)RSP(arg);
+ 	struct qtfs_server_userp_s *userp = (struct qtfs_server_userp_s *)USERP(arg);
+-
++	
++	if (!in_white_list(req->path, QTFS_WHITELIST_RENAME)) {
++		rsp->errno = -ENOENT;
++		goto err_handle;
++	}
+ 	if (copy_to_user(userp->userp, req->path, strlen(req->path) + 1) ||
+ 		copy_to_user(userp->userp2, &req->path[req->d.oldlen], strlen(&req->path[req->d.oldlen]) + 1)) {
+ 		qtfs_err("handle rename copy to userp failed.\n");
+@@ -831,6 +905,12 @@ int handle_xattrset(struct qtserver_arg *arg)
+ 	struct path path;
+ 	int ret = 0;
+ 
++	if (!in_white_list(req->buf, QTFS_WHITELIST_SETXATTR)) {
++		rsp->errno = -ENOENT;
++		rsp->ret = QTFS_ERR;
++		goto err_handle;
++	}
++
+ 	ret = kern_path(req->buf, 0, &path);
+ 	if (ret) {
+ 		qtfs_err("handle xattrset path error, file:%s.\n", req->buf);
+@@ -997,7 +1077,7 @@ int handle_fifopoll(struct qtserver_arg *arg)
+ 	struct poll_wqueues table;
+ 	poll_table *pt;
+ 
+-	filp = (struct file *)req->file;
++	filp = fget(req->fd);
+ 	inode = filp->f_inode;
+ 	if (!S_ISFIFO(inode->i_mode)) {
+ 		msleep(1);
+@@ -1011,6 +1091,7 @@ int handle_fifopoll(struct qtserver_arg *arg)
+ 	if (pipe == NULL) {
+ 		qtfs_err("file :%s pipe data is NULL.", filp->f_path.dentry->d_iname);
+ 		rsp->ret = QTFS_ERR;
++		fput(filp);
+ 		return sizeof(struct qtrsp_poll);
+ 	}
+ 	head = READ_ONCE(pipe->head);
+@@ -1035,6 +1116,7 @@ end:
+ 
+ 	qtfs_info("handle fifo poll f_mode:%o: %s get poll mask 0x%x poll:%lx\n",
+ 			filp->f_mode, filp->f_path.dentry->d_iname, rsp->mask, (unsigned long)filp->f_op->poll);
++	fput(filp);
+ 	return sizeof(struct qtrsp_poll);
+ }
+ 
+@@ -1055,8 +1137,8 @@ int handle_epollctl(struct qtserver_arg *arg)
+ 	}
+ 	qtinfo_cntinc((req->op == EPOLL_CTL_ADD) ? QTINF_EPOLL_ADDFDS : QTINF_EPOLL_DELFDS);
+ 	rsp->ret = QTFS_OK;
+-	qtfs_info("handle do epoll ctl success, fd:%d file:%lx op:%x data:%lx poll_t:%x.",
+-			req->fd, (unsigned long)req->file, req->op, req->event.data, (unsigned)req->event.events);
++	qtfs_info("handle do epoll ctl success, fd:%d op:%x data:%lx poll_t:%x.",
++			req->fd, req->op, req->event.data, (unsigned)req->event.events);
+ 
+ 	return sizeof(struct qtrsp_epollctl);
+ }
+@@ -1197,3 +1279,4 @@ int qtfs_sock_server_run(struct qtfs_sock_var_s *pvar)
+ 	qtfs_sock_msg_clear(pvar);
+ 	return (ret < 0) ? QTERROR : QTOK;
+ }
++
+diff --git a/qtfs/qtfs_server/qtfs-server.c b/qtfs/qtfs_server/qtfs-server.c
+index bcd60b7..b0b8ab0 100644
+--- a/qtfs/qtfs_server/qtfs-server.c
++++ b/qtfs/qtfs_server/qtfs-server.c
+@@ -28,6 +28,8 @@ struct qtfs_server_epoll_s qtfs_epoll = {
+ 	.events = NULL,
+ };
+ 
++struct whitelist* whitelist[QTFS_WHITELIST_MAX];
++
+ long qtfs_server_epoll_thread(struct qtfs_sock_var_s *pvar)
+ {
+ 	int n;
+@@ -140,9 +142,10 @@ long qtfs_server_epoll_init(void)
+ 
+ long qtfs_server_misc_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+ {
+-	int i;
++	int i, len;
+ 	long ret = 0;
+ 	struct qtfs_sock_var_s *pvar;
++	struct whitelist *tmp;
+ 	struct qtfs_thread_init_s init_userp;
+ 	switch (cmd) {
+ 		case QTFS_IOCTL_THREAD_INIT:
+@@ -216,6 +219,26 @@ long qtfs_server_misc_ioctl(struct file *file, unsigned int cmd, unsigned long a
+ 		case QTFS_IOCTL_LOGLEVEL:
+ 			ret = qtfs_misc_ioctl(file, cmd, arg);
+ 			break;
++		case QTFS_IOCTL_WHITELIST:
++			if (copy_from_user(&len, (void __user *)arg, sizeof(int))) {
++				qtfs_err("qtfs ioctl white init copy from user failed.");
++				return QTERROR;
++			}
++			tmp = (struct whitelist *)kmalloc(sizeof(struct whitelist) + sizeof(struct wl_item) * len, GFP_KERNEL);
++			
++			if (copy_from_user(tmp, (void __user *)arg, sizeof(struct whitelist) + sizeof(struct wl_item) * len)) {
++				qtfs_err("qtfs ioctl white init copy from user failed.");
++				return QTERROR;
++			}
++			
++			if (whitelist[tmp->type] != NULL) {
++				kfree(whitelist[tmp->type]);
++			}
++			whitelist[tmp->type] = tmp;
++			for (i = 0; i < whitelist[tmp->type]->len; i++) {
++				qtfs_err("init %d list:%d %s", tmp->type, i, whitelist[tmp->type]->wl[i].path);
++			}
++			break;
+ 		default:
+ 			qtfs_err("qtfs misc ioctl unknown cmd:%u.", cmd);
+ 			break;
+@@ -226,7 +249,11 @@ long qtfs_server_misc_ioctl(struct file *file, unsigned int cmd, unsigned long a
+ 
+ static int __init qtfs_server_init(void)
+ {
++	int i;
+ 	qtfs_log_init(qtfs_log_level);
++	for (i = 0; i < QTFS_WHITELIST_MAX; i++) {
++		whitelist[i] = NULL;
++	}
+ 	qtfs_diag_info = (struct qtinfo *)kmalloc(sizeof(struct qtinfo), GFP_KERNEL);
+ 	if (qtfs_diag_info == NULL) 
+ 		qtfs_err("kmalloc qtfs diag info failed.");
+@@ -246,6 +273,7 @@ static int __init qtfs_server_init(void)
+ 
+ static void __exit qtfs_server_exit(void)
+ {
++	int i;
+ 	qtfs_mod_exiting = true;
+ 	qtfs_server_thread_run = 0;
+ 
+@@ -269,6 +297,11 @@ static void __exit qtfs_server_exit(void)
+ 		kfree(qtfs_userps);
+ 		qtfs_userps = NULL;
+ 	}
++	for (i = 0; i < QTFS_WHITELIST_MAX; i++) {
++		if (whitelist[i] != NULL) {
++			kfree(whitelist[i]);
++		}
++	}
+ 	qtfs_misc_destroy();
+ 	qtfs_info("qtfs server exit done.\n");
+ 	return;
+diff --git a/qtfs/qtfs_server/qtfs-server.h b/qtfs/qtfs_server/qtfs-server.h
+index 8bcadf6..d10742a 100644
+--- a/qtfs/qtfs_server/qtfs-server.h
++++ b/qtfs/qtfs_server/qtfs-server.h
+@@ -4,6 +4,7 @@
+ extern int qtfs_server_thread_run;
+ extern struct qtfs_server_epoll_s qtfs_epoll;
+ extern int qtfs_mod_exiting;
++extern struct whitelist* whitelist[QTFS_WHITELIST_MAX];
+ 
+ struct qtserver_arg {
+ 	char *data;
+diff --git a/qtfs/qtfs_server/user_engine.c b/qtfs/qtfs_server/user_engine.c
+index a062b63..547935c 100644
+--- a/qtfs/qtfs_server/user_engine.c
++++ b/qtfs/qtfs_server/user_engine.c
+@@ -9,11 +9,14 @@
+ #include <string.h>
+ #include <pthread.h>
+ #include <signal.h>
++#include <glib.h>
+ 
+ #include <sys/epoll.h>
+ 
+ #include "comm.h"
+ 
++char wl_type_str[QTFS_WHITELIST_MAX][10] = {"Open", "Write", "Read", "Readdir", "Mkdir", "Rmdir", "Create", "Unlink", "Rename", "Setattr", "Setxattr", "Mount"};
++
+ #define engine_out(info, ...) \
+ 	do {\
+ 		printf("[Engine::%s:%3d]"info"\n", __func__, __LINE__, ##__VA_ARGS__);\
+@@ -29,6 +32,10 @@
+ 		printf("[ERROR:Engine::%s:%3d]"info"\n", __func__, __LINE__, ##__VA_ARGS__);\
+ 	} while (0);
+ 
++#define WHITELIST_FILE "/etc/qtfs/whitelist"
++
++struct whitelist *whitelist[QTFS_WHITELIST_MAX];
++
+ struct engine_arg {
+ 	int psize;
+ 	int fd;
+@@ -171,6 +178,46 @@ int qtfs_epoll_init(int fd)
+ 	return epfd;
+ }
+ 
++static int qtfs_whitelist_transfer(int fd, GKeyFile *config, int type)
++{
++	int64_t i, len;
++	char **items = g_key_file_get_string_list(config,wl_type_str[type],"Path",&len,NULL);
++	if (len == 0) {
++		engine_out("Can't find whitelist item %s", wl_type_str[type]);
++		return 0;
++	}
++	whitelist[type] = (struct whitelist *)malloc(sizeof(struct whitelist) + sizeof(struct wl_item) * len);
++	g_print("%s:\n", wl_type_str[type]);
++	whitelist[type]->len = len;
++	whitelist[type]->type = type;
++	for(i = 0; i < len;i++){
++		printf("%s\n", items[i]);
++		whitelist[type]->wl[i].len = strlen(items[i]);
++        strcpy(whitelist[type]->wl[i].path, items[i]);
++    }
++	int ret = ioctl(fd, QTFS_IOCTL_WHITELIST, whitelist[type]);
++	free(items);
++	return ret;
++}
++
++int qtfs_whitelist_init(int fd)
++{
++	int ret, i;
++	GKeyFile *config = g_key_file_new();
++	g_key_file_load_from_file(config, WHITELIST_FILE, G_KEY_FILE_KEEP_COMMENTS|G_KEY_FILE_KEEP_TRANSLATIONS, NULL);
++	for (i = 0; i < QTFS_WHITELIST_MAX; i++) {
++		ret = qtfs_whitelist_transfer(fd, config, i);
++		if (ret != 0) {
++			return ret;
++		}
++	}
++	g_key_file_free(config);
++	for (i = 0; i < QTFS_WHITELIST_MAX; i++) {
++		free(whitelist[i]);
++	}
++	return 0;
++}
++
+ int main(int argc, char *argv[])
+ {
+ 	if (argc != 3) {
+@@ -192,6 +239,9 @@ int main(int argc, char *argv[])
+ 		close(fd);
+ 		return -1;
+ 	}
++	if (qtfs_whitelist_init(fd)) {
++		goto end;
++	}
+ 
+ 	umask(0);
+ 
+@@ -212,7 +262,6 @@ int main(int argc, char *argv[])
+ 		engine_out("qtfs engine userp init failed.");
+ 		goto end;
+ 	}
+-
+ 	struct engine_arg arg[QTFS_MAX_THREADS];
+ 	for (int i = 0; i < thread_nums; i++) {
+ 		arg[i].psize = psize;
+diff --git a/qtfs/req.h b/qtfs/req.h
+index 0208667..3bcfa77 100644
+--- a/qtfs/req.h
++++ b/qtfs/req.h
+@@ -12,29 +12,29 @@ enum qtreq_type {
+ 	QTFS_REQ_OPEN,
+ 	QTFS_REQ_CLOSE,
+ 	QTFS_REQ_READ,
+-	QTFS_REQ_READITER, //5
++	QTFS_REQ_READITER, // 5
+ 	QTFS_REQ_WRITE,
+ 	QTFS_REQ_LOOKUP,
+ 	QTFS_REQ_READDIR,
+ 	QTFS_REQ_MKDIR,
+-	QTFS_REQ_RMDIR, //10
++	QTFS_REQ_RMDIR, // 10
+ 	QTFS_REQ_GETATTR,
+ 	QTFS_REQ_SETATTR,
+ 	QTFS_REQ_ICREATE,
+ 	QTFS_REQ_MKNOD,
+-	QTFS_REQ_UNLINK, //15
++	QTFS_REQ_UNLINK, // 15
+ 	QTFS_REQ_SYMLINK,
+ 	QTFS_REQ_LINK,
+ 	QTFS_REQ_GETLINK,
+ 	QTFS_REQ_READLINK,
+-	QTFS_REQ_RENAME, //20
++	QTFS_REQ_RENAME, // 20
+ 
+ 	QTFS_REQ_XATTRLIST,
+ 	QTFS_REQ_XATTRGET,
+ 	QTFS_REQ_XATTRSET,
+ 
+ 	QTFS_REQ_SYSMOUNT,
+-	QTFS_REQ_SYSUMOUNT, //25
++	QTFS_REQ_SYSUMOUNT, // 25
+ 	QTFS_REQ_FIFOPOLL,
+ 
+ 	QTFS_REQ_STATFS,
+@@ -117,11 +117,11 @@ static inline void qtfs_nbytes_print(unsigned char *buf, int bytes)
+ #define QTFS_SEND_SIZE(stru, tailstr) sizeof(stru) - sizeof(tailstr) + strlen(tailstr) + 1
+ 
+ struct qtreq {
+-	unsigned int type;	// operation type
++	unsigned int type; // operation type
+ 	unsigned int err;
+ 	unsigned long seq_num; // check code
+ 	size_t len;
+-	char data[QTFS_REQ_MAX_LEN];	// operation's private data
++	char data[QTFS_REQ_MAX_LEN]; // operation's private data
+ };
+ 
+ #define QTFS_MSG_LEN sizeof(struct qtreq)
+@@ -169,7 +169,6 @@ struct qtreq_open {
+ };
+ 
+ struct qtrsp_open {
+-	__u64 file;
+ 	int fd;
+ 	int ret;
+ };
+@@ -182,25 +181,10 @@ struct qtrsp_close {
+ 	int ret;
+ };
+ 
+-struct qtreq_read {
+-	size_t len;
+-	long long pos;
+-	__u64 file;
+-};
+-
+-struct qtrsp_read {
+-	struct qtrsp_read_len {
+-		int ret;
+-		ssize_t len;
+-		int errno;
+-	} d;
+-	char readbuf[QTFS_TAIL_LEN(struct qtrsp_read_len)];
+-};
+-
+ struct qtreq_readiter {
+ 	size_t len;
+ 	long long pos;
+-	__u64 file;
++	int fd;
+ };
+ 
+ struct qtrsp_readiter {
+@@ -216,7 +200,7 @@ struct qtreq_write {
+ 	struct qtreq_write_len {
+ 		int buflen;
+ 		long long pos;
+-		__u64 file;
++		int fd;
+ 		long long flags;
+ 		long long mode;
+ 	} d;
+@@ -505,7 +489,6 @@ struct qtrsp_sysumount {
+ 
+ struct qtreq_poll {
+ 	int fd;
+-	__u64 file;
+ 	int qproc;
+ };
+ 
+@@ -516,7 +499,6 @@ struct qtrsp_poll {
+ 
+ 
+ struct qtreq_epollctl {
+-	__u64 file;
+ 	int fd;
+ 	int op;
+ 	struct qtreq_epoll_event event;
+diff --git a/usecases/transparent-offload/whitelist/libvirt/qtfs_whitelist b/usecases/transparent-offload/whitelist/libvirt/qtfs_whitelist
+new file mode 100644
+index 0000000..d6e14ae
+--- /dev/null
++++ b/usecases/transparent-offload/whitelist/libvirt/qtfs_whitelist
+@@ -0,0 +1,35 @@
++[Open]
++Path=/proc/sys/kernel/sched_autogroup_enabled;/proc/sys/vm;/sys/bus/pci;/sys/devices/pic;/sys/devices/system/node;/sys/kernel/mm;/sys/fs/cgroup;/home/VMs;/sys/fs/cgroup;/var/lib/libvirt/qemu;/sys/devices/system/cpu/online;/sys/module/kvm;/proc;/sys
++
++[Write]
++Path=/proc/sys/kernel/sched_autogroup_enabled;/proc/sys/vm;/sys/bus/pci;/sys/devices/pic;/sys/devices/system/node;/sys/kernel/mm;/sys/fs/cgroup;/home/VMs;/sys/fs/cgroup;/var/lib/libvirt/qemu
++
++[Readiter]
++Path=/sys/module/kvm;/proc;/home/VMs;/sys/kernel/mm/transparent_hugepage;/sys/devices/system/cpu/online;/sys/devices/system/node;/sys/devices;/sys/firmware;/var/lib/libvirt/qemu;/sys/fs/cgroup
++
++[Readdir]
++Path=/proc;/sys/bus;/sys/kernel/iommu_groups;/sys/kernel/mm/hugepages;/sys/class;/sys/bus;/sys/class;/sys/devices/system;/var/lib/libvirt;/sys/fs/cgroup;/root/test;/sys/devices/system/node;/dev/pts;/home/VMs
++
++[Mkdir]
++Path=/var/lib/libvirt/qemu;/home/VMs;/sys/fs/cgroup
++
++[Rmdir]
++Path=/var/lib/libvirt/qemu;/home/VMs;/sys/fs/cgroup
++
++[Create]
++Path=/var/lib/libvirt/qemu;/home/VMs;/sys/fs/cgroup
++
++[Unlink]
++Path=/var/lib/libvirt/qemu;/home/VMs;/sys/fs/cgroup
++
++[Rename]
++Path=/var/lib/libvirt/qemu;/home/VMs;/sys/fs/cgroup
++
++[Setattr]
++Path=/sys/bus/pci/drivers/pcieport/unbind;/sys/bus/pci/drivers_probe;/sys/devices/pci0000:00/0000:00:08.0/driver_override;/root/test;/var/lib/libvirt/qemu;/sys/fs/cgroup;/home/VMs
++
++[Setxattr]
++Path=/sys/bus/pci/drivers/pcieport/unbind;/sys/bus/pci/drivers_probe;/sys/devices/pci0000:00/0000:00:08.0/driver_override;/root/test;/var/lib/libvirt/qemu;/sys/fs/cgroup;/home/VMs
++
++[Mount]
++Path=/home/VMs;/var/lib/libvirt;/proc;/sys;/dev/pts;/dev/vfio
+\ No newline at end of file
+-- 
+2.33.0
+

0006-Fix-error-of-getxattr-and-listxattr.patch

@@ -0,0 +1,354 @@
+From e9615d46a09a5dc92bf1d2ee408f0c7efd717503 Mon Sep 17 00:00:00 2001
+From: yangxin <245051644@qq.com>
+Date: Fri, 10 Feb 2023 16:39:20 +0800
+Subject: [PATCH 2/5] Fix-error-of-getxattr-and-listxattr
+
+Signed-off-by: yangxin <245051644@qq.com>
+---
+ qtfs/conn.c              |  4 ---
+ qtfs/qtfs/qtfs-mod.c     |  2 +-
+ qtfs/qtfs/sb.c           |  6 ++---
+ qtfs/qtfs/xattr.c        | 55 ++++++++++------------------------------
+ qtfs/qtfs_server/fsops.c | 16 +++++++-----
+ qtfs/qtinfo/qtinfo.h     | 10 ++++----
+ qtfs/req.h               |  4 +--
+ 7 files changed, 34 insertions(+), 63 deletions(-)
+
+diff --git a/qtfs/conn.c b/qtfs/conn.c
+index af11fbe..26930b1 100644
+--- a/qtfs/conn.c
++++ b/qtfs/conn.c
+@@ -76,10 +76,6 @@ static int qtfs_conn_sockserver_init(struct qtfs_sock_var_s *pvar)
+ {
+ 	struct socket *sock;
+ 	int ret;
+-	struct sockaddr_in saddr;
+-	saddr.sin_family = AF_INET;
+-	saddr.sin_port = htons(pvar->port);
+-	saddr.sin_addr.s_addr = in_aton(pvar->addr);
+ 	
+ 	if (!QTCONN_IS_EPOLL_CONN(pvar) && qtfs_server_main_sock != NULL) {
+ 		qtfs_info("qtfs server main sock is %lx, valid or out-of-date?", (unsigned long)qtfs_server_main_sock);
+diff --git a/qtfs/qtfs/qtfs-mod.c b/qtfs/qtfs/qtfs-mod.c
+index 9ccf0ee..abd9443 100644
+--- a/qtfs/qtfs/qtfs-mod.c
++++ b/qtfs/qtfs/qtfs-mod.c
+@@ -9,7 +9,7 @@ static struct file_system_type qtfs_fs_type = {
+ 	.owner		= THIS_MODULE,
+ 	.name		= QTFS_FSTYPE_NAME,
+ 	.mount		= qtfs_fs_mount,
+-	.kill_sb	= qtfs_kill_sb,//qtfs_kill_sb,
++	.kill_sb	= qtfs_kill_sb,
+ };
+ MODULE_ALIAS_FS("qtfs");
+ 
+diff --git a/qtfs/qtfs/sb.c b/qtfs/qtfs/sb.c
+index 9374cfb..7445fad 100644
+--- a/qtfs/qtfs/sb.c
++++ b/qtfs/qtfs/sb.c
+@@ -18,7 +18,7 @@
+ static struct inode_operations qtfs_inode_ops;
+ static struct inode_operations qtfs_symlink_inode_ops;
+ struct inode *qtfs_iget(struct super_block *sb, struct inode_info *ii);
+-
++extern ssize_t qtfs_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size);
+ int qtfs_statfs(struct dentry *dentry, struct kstatfs *buf)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+@@ -396,7 +396,6 @@ ssize_t qtfs_writeiter(struct kiocb *kio, struct iov_iter *iov)
+ 		leftlen -= wrbuflen;
+ 	} while (leftlen);
+ 
+-	//if (qtfs_support_epoll(kio->ki_filp->f_inode->i_mode) || ) {
+ 	do {
+ 		struct inode *inode = kio->ki_filp->f_inode;
+ 		struct qtfs_inode_priv *priv = inode->i_private;
+@@ -406,7 +405,6 @@ ssize_t qtfs_writeiter(struct kiocb *kio, struct iov_iter *iov)
+ 			wake_up_interruptible_poll(&priv->readq, EPOLLIN);
+ 			qtfs_err("writeiter file:%s char:<%s> wakup poll.", filp->f_path.dentry->d_iname, req->path_buf);
+ 		}
+-		//qtfs_info("qtfs write iter fifo %s sync poll.", filp->f_path.dentry->d_iname);
+ 	} while (0);
+ 	qtfs_info("qtfs write %s over, leftlen:%lu.", filp->f_path.dentry->d_iname, leftlen);
+ 	qtfs_conn_put_param(pvar);
+@@ -1338,12 +1336,14 @@ static struct inode_operations qtfs_inode_ops = {
+ 	.getattr = qtfs_getattr,
+ 	.setattr = qtfs_setattr,
+ 	.rename = qtfs_rename,
++	.listxattr = qtfs_xattr_list,
+ };
+ 
+ static struct inode_operations qtfs_symlink_inode_ops = {
+ 	.get_link = qtfs_getlink,
+ 	.getattr = qtfs_getattr,
+ 	.setattr = qtfs_setattr,
++	.listxattr = qtfs_xattr_list,
+ };
+ 
+ const struct xattr_handler *qtfs_xattr_handlers[] = {
+diff --git a/qtfs/qtfs/xattr.c b/qtfs/qtfs/xattr.c
+index a0d394a..a2a605d 100644
+--- a/qtfs/qtfs/xattr.c
++++ b/qtfs/qtfs/xattr.c
+@@ -6,69 +6,52 @@
+ #include "req.h"
+ #include "log.h"
+ 
+-static bool qtfs_xattr_list(struct dentry *dentry)
++ssize_t qtfs_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size)
+ {
+ 	struct qtreq_xattrlist *req;
+ 	struct qtrsp_xattrlist *rsp;
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+-	bool ret;
++	ssize_t ret;
+ 
+ 	if (!pvar) {
+ 		qtfs_err("qtfs_xattr_list Failed to get qtfs sock var");
+-		return -EINVAL;
++		return 0;
+ 	}
+ 
+ 	if (dentry == NULL) {
+ 		qtfs_err("qtfs_xattr_list dentry is NULL.");
+ 		qtfs_conn_put_param(pvar);
+-		return false;
++		return 0;
+ 	}
+ 
+ 	req = qtfs_sock_msg_buf(pvar, QTFS_SEND);
+ 	if (qtfs_fullname(req->path, dentry) < 0) {
+ 		qtfs_err("qtfs fullname failed");
+ 		qtfs_conn_put_param(pvar);
+-		return false;
++		return 0;
+ 	}
+-
+-	rsp = qtfs_remote_run(pvar, QTFS_REQ_XATTRLIST, strlen(req->path) + 1);
++	req->buffer_size = buffer_size;
++	rsp = qtfs_remote_run(pvar, QTFS_REQ_XATTRLIST, QTFS_SEND_SIZE(struct qtreq_xattrlist, req->path));
+ 	if (IS_ERR(rsp) || rsp == NULL) {
+ 		qtfs_err("qtfs_xattr_list remote run failed.");
+ 		qtfs_conn_put_param(pvar);
+-		return false;
++		return 0;
+ 	}
+ 	
+ 	if (rsp->d.ret == QTFS_ERR) {
+ 		qtfs_err("qtfs_xattr_list failed with ret:%d.", rsp->d.ret);
+-		ret = rsp->d.result;
++		ret = rsp->d.size;
+ 		qtfs_conn_put_param(pvar);
+ 		return ret;
+ 	}
+-	ret = rsp->d.result;
++	ret = rsp->d.size;
++	if (buffer != NULL) {
++		memcpy(buffer, rsp->name, buffer_size);
++	}
+ 	qtfs_conn_put_param(pvar);
+ 	return ret;
+ }
+ 
+-static bool qtfs_xattr_user_list(struct dentry *dentry)
+-{
+-	return qtfs_xattr_list(dentry);
+-}
+-
+-static bool qtfs_xattr_trusted_list(struct dentry *dentry)
+-{
+-	return qtfs_xattr_list(dentry);
+-}
+-
+-static bool qtfs_xattr_security_list(struct dentry *dentry)
+-{
+-	return qtfs_xattr_list(dentry);
+-}
+-
+-static bool qtfs_xattr_hurd_list(struct dentry *dentry)
+-{
+-	return qtfs_xattr_list(dentry);
+-}
+-
+ static int qtfs_xattr_set(const struct xattr_handler *handler,
+ 		    struct dentry *dentry, struct inode *inode,
+ 		    const char *name, const void *value,
+@@ -177,12 +160,6 @@ static int qtfs_xattr_get(const struct xattr_handler *handler,
+ 		qtfs_err("Failed to get qtfs sock var");
+ 		return 0;
+ 	}
+-	/*if (buf == NULL || size <= 0) {
+-		qtfs_err("xattr get failed, buf:%lx size:%d name:%s dentry:%lx",
+-				(unsigned long)buf, size, (name == NULL) ? "NULL" : name, (unsigned long)dentry);
+-		qtfs_conn_put_param(pvar);
+-		return 0;
+-	}*/
+ 
+ 	if (dentry == NULL) {
+ 		qtfs_err("xattr get dentry is NULL.");
+@@ -216,7 +193,7 @@ static int qtfs_xattr_get(const struct xattr_handler *handler,
+ 			qtfs_conn_put_param(pvar);
+ 			return PTR_ERR(rsp);
+ 		}
+-		if (rsp->d.ret == QTFS_ERR || rsp->d.size > req->d.size || leftlen < rsp->d.size) {
++		if (rsp->d.ret == QTFS_ERR || (size !=0 && (rsp->d.size > req->d.size || leftlen < rsp->d.size))) {
+ 			qtfs_err("ret:%d rsp size:%ld req size:%d leftlen:%lu", rsp->d.ret, rsp->d.size,
+ 					req->d.size, leftlen);
+ 			goto err_end;
+@@ -239,28 +216,24 @@ err_end:
+ 
+ const struct xattr_handler qtfs_xattr_user_handler = {
+ 	.prefix	= XATTR_USER_PREFIX,
+-	.list	= qtfs_xattr_user_list,
+ 	.get	= qtfs_xattr_get,
+ 	.set	= qtfs_xattr_user_set,
+ };
+ 
+ const struct xattr_handler qtfs_xattr_trusted_handler = {
+ 	.prefix	= XATTR_TRUSTED_PREFIX,
+-	.list	= qtfs_xattr_trusted_list,
+ 	.get	= qtfs_xattr_get,
+ 	.set	= qtfs_xattr_trusted_set,
+ };
+ 
+ const struct xattr_handler qtfs_xattr_security_handler = {
+ 	.prefix	= XATTR_SECURITY_PREFIX,
+-	.list	= qtfs_xattr_security_list,
+ 	.get	= qtfs_xattr_get,
+ 	.set	= qtfs_xattr_security_set,
+ };
+ 
+ const struct xattr_handler qtfs_xattr_hurd_handler = {
+ 	.prefix	= XATTR_HURD_PREFIX,
+-	.list	= qtfs_xattr_hurd_list,
+ 	.get	= qtfs_xattr_get,
+ 	.set	= qtfs_xattr_hurd_set,
+ };
+diff --git a/qtfs/qtfs_server/fsops.c b/qtfs/qtfs_server/fsops.c
+index d00db6d..61e8895 100644
+--- a/qtfs/qtfs_server/fsops.c
++++ b/qtfs/qtfs_server/fsops.c
+@@ -576,6 +576,7 @@ static int handle_getattr(struct qtserver_arg *arg)
+ 	qtfs_debug("handle getattr path:%s\n", req->path);
+ 	ret = kern_path(req->path, 0, &path);
+ 	if (ret) {
++		rsp->errno = ret;
+ 		qtfs_err("handle getattr path:%s failed, ret:%d %s\n", req->path, ret, (ret != -ENOENT) ? "." : "file not exist");
+ 		goto failed;
+ 	}
+@@ -866,26 +867,27 @@ int handle_xattrlist(struct qtserver_arg *arg)
+ 	struct qtrsp_xattrlist *rsp = (struct qtrsp_xattrlist *)RSP(arg);
+ 	struct path path;
+ 	int ret;
+-	ssize_t size;
++	ssize_t size, buffer_size;
+ 	int i;
+ 
++	buffer_size = req->buffer_size;
+ 	ret = kern_path(req->path, 0, &path);
+ 	if (ret) {
+ 		qtfs_err("handle xattr list path error.\n");
+-		rsp->d.errno = -ENOENT;
++		rsp->d.size = -ENOENT;
+ 		goto err_handle;
+ 	}
+-	size = generic_listxattr(path.dentry, rsp->name, sizeof(rsp->name));
++	size = vfs_listxattr(path.dentry, buffer_size == 0 ? NULL : rsp->name, buffer_size);
+ 	path_put(&path);
+ 	if (size < 0) {
+ 		qtfs_err("handle list xattr failed, errno:%ld.\n", size);
+-		rsp->d.errno = size;
++		rsp->d.size = size;
+ 		goto err_handle;
+ 	}
+ 	if (size == 0)
+ 		goto err_handle;
+ 	rsp->d.ret = QTFS_OK;
+-	rsp->d.result = true;
++	rsp->d.size = size;
+ 	while (i < size) {
+ 		qtfs_info("handle list xattr result:%s\n", &rsp->name[i]);
+ 		i += strlen(&rsp->name[i]) + 1;
+@@ -894,7 +896,7 @@ int handle_xattrlist(struct qtserver_arg *arg)
+ 
+ err_handle:
+ 	rsp->d.ret = QTFS_ERR;
+-	rsp->d.result = false;
++	rsp->d.size = size;
+ 	return sizeof(struct qtrsp_xattrlist);
+ }
+ 
+@@ -970,9 +972,9 @@ int handle_xattrget(struct qtserver_arg *arg)
+ 		}
+ 		qtfs_info("handle getxattr: path:%s prefix name:%s : (%s - 0x%llx), size:%ld, reqpos:%d\n", req->path, req->d.prefix_name, kvalue, (__u64)kvalue, error, req->d.pos);
+ 		len = (error - req->d.pos)>sizeof(rsp->buf)? sizeof(rsp->buf):(error - req->d.pos);
++		rsp->d.size = len;
+ 		if (req->d.size > 0) {
+ 			memcpy(rsp->buf, &kvalue[req->d.pos], len);
+-			rsp->d.size = len;
+ 		}
+ 		rsp->d.pos = req->d.pos + len;
+ 	} else {
+diff --git a/qtfs/qtinfo/qtinfo.h b/qtfs/qtinfo/qtinfo.h
+index 0244a6e..eb7e8be 100644
+--- a/qtfs/qtinfo/qtinfo.h
++++ b/qtfs/qtinfo/qtinfo.h
+@@ -9,29 +9,29 @@ enum qtfs_req_type
+ 	QTFS_REQ_OPEN,
+ 	QTFS_REQ_CLOSE,
+ 	QTFS_REQ_READ,
+-	QTFS_REQ_READITER, //5
++	QTFS_REQ_READITER, // 5
+ 	QTFS_REQ_WRITE,
+ 	QTFS_REQ_LOOKUP,
+ 	QTFS_REQ_READDIR,
+ 	QTFS_REQ_MKDIR,
+-	QTFS_REQ_RMDIR, //10
++	QTFS_REQ_RMDIR, // 10
+ 	QTFS_REQ_GETATTR,
+ 	QTFS_REQ_SETATTR,
+ 	QTFS_REQ_ICREATE,
+ 	QTFS_REQ_MKNOD,
+-	QTFS_REQ_UNLINK, //15
++	QTFS_REQ_UNLINK, // 15
+ 	QTFS_REQ_SYMLINK,
+ 	QTFS_REQ_LINK,
+ 	QTFS_REQ_GETLINK,
+ 	QTFS_REQ_READLINK,
+-	QTFS_REQ_RENAME, //20
++	QTFS_REQ_RENAME, // 20
+ 
+ 	QTFS_REQ_XATTRLIST,
+ 	QTFS_REQ_XATTRGET,
+ 	QTFS_REQ_XATTRSET,
+ 
+ 	QTFS_REQ_SYSMOUNT,
+-	QTFS_REQ_SYSUMOUNT, //25
++	QTFS_REQ_SYSUMOUNT, // 25
+ 	QTFS_REQ_FIFOPOLL,
+ 
+ 	QTFS_REQ_STATFS,
+diff --git a/qtfs/req.h b/qtfs/req.h
+index 3bcfa77..29f8964 100644
+--- a/qtfs/req.h
++++ b/qtfs/req.h
+@@ -414,14 +414,14 @@ struct qtrsp_rename {
+ // xattr def
+ #define QTFS_XATTR_LEN 64
+ struct qtreq_xattrlist {
++	size_t buffer_size;
+ 	char path[MAX_PATH_LEN];
+ };
+ 
+ struct qtrsp_xattrlist {
+ 	struct qtrsp_xattrlist_len {
+ 		int ret;
+-		int errno;
+-		bool result;
++		ssize_t size;
+ 	}d;
+ 	char name[QTFS_TAIL_LEN(struct qtrsp_xattrlist_len)];
+ };
+-- 
+2.33.0
+

0007-Add-whitelist-of-rexec.patch

@@ -0,0 +1,197 @@
+From 92d4368180a81bc4220449f5be6123a1aa32417b Mon Sep 17 00:00:00 2001
+From: yangxin <245051644@qq.com>
+Date: Fri, 10 Feb 2023 16:56:58 +0800
+Subject: [PATCH 3/5] Add whitelist of rexec
+
+Signed-off-by: yangxin <245051644@qq.com>
+---
+ qtfs/rexec/client.go                          |  4 +-
+ qtfs/rexec/common.go                          | 29 ++++++++++++++
+ qtfs/rexec/server.go                          | 38 ++++++++++++++++++-
+ .../whitelist/libvirt/rexec_whitelist         |  4 ++
+ 4 files changed, 72 insertions(+), 3 deletions(-)
+ create mode 100644 usecases/transparent-offload/whitelist/libvirt/rexec_whitelist
+
+diff --git a/qtfs/rexec/client.go b/qtfs/rexec/client.go
+index 13b63f5..dc1af8b 100644
+--- a/qtfs/rexec/client.go
++++ b/qtfs/rexec/client.go
+@@ -156,7 +156,6 @@ func main() {
+ 
+ 	retryCnt := 3
+ 	// 1. get pid from response
+-	time.Sleep(5 * time.Millisecond)
+ 	response := &CommandResponse{}
+ retry:
+ 	err = receiver.Receive(response)
+@@ -168,6 +167,9 @@ retry:
+ 		}
+ 		log.Fatal(err)
+ 	}
++	if (response.WhiteList == 0) {
++		log.Fatalf("%s command in White List of rexec server\n", command.Cmd)
++	}
+ 	pid := response.Pid
+ 	lpid := os.Getpid()
+ 	log.Printf("create pidFile for %d:%d\n", pid, lpid)
+diff --git a/qtfs/rexec/common.go b/qtfs/rexec/common.go
+index 9ce21c4..b59b12b 100644
+--- a/qtfs/rexec/common.go
++++ b/qtfs/rexec/common.go
+@@ -8,6 +8,7 @@ import (
+ 	"os"
+ 	"strconv"
+ 	"strings"
++	"syscall"
+ 	"io/ioutil"
+ 	"encoding/json"
+ 
+@@ -30,10 +31,34 @@ type RemoteCommand struct {
+ 	Cgroups    map[string]string
+ }
+ 
++func CheckRight(fileName string) error {
++	var uid int
++	var gid int
++	var mode int
++	var stat syscall.Stat_t
++	if err := syscall.Stat(fileName, &stat); err != nil {
++		return fmt.Errorf("Can't get status of %s: %s\n", fileName, err)
++	}
++	uid = int(stat.Uid)
++	gid = int(stat.Gid)
++	mode = int(stat.Mode)
++
++	if (uid != 0 || gid != 0) {
++		return fmt.Errorf("Owner of %s must be root\n", fileName)
++	}
++
++	if (mode & 0777 != 0400) {
++		return fmt.Errorf("Mode of %s must be 0400\n", fileName)
++	}
++
++	return nil
++}
++
+ // CommandResponse is the returned response object from the remote execution
+ type CommandResponse struct {
+ 	Pid	   int
+ 	Status int
++	WhiteList int
+ }
+ 
+ // NetAddr is struct to describe net proto and addr
+@@ -90,6 +115,10 @@ func parseUnixAddr(inAddr string) (NetAddr, error) {
+ 
+ func readAddrFromFile(role string) (string) {
+ 	fileName := fmt.Sprintf("%s/%s.json", configDir, role)
++	if err := CheckRight(fileName); err != nil {
++		fmt.Printf("Check right of %s failed: %s", fileName, err)
++		return ""
++	}
+ 	file, err := ioutil.ReadFile(fileName)
+ 	if err != nil {
+ 		fmt.Printf("read %s failed: %s", fileName, err)
+diff --git a/qtfs/rexec/server.go b/qtfs/rexec/server.go
+index 4559b79..de3f6cf 100644
+--- a/qtfs/rexec/server.go
++++ b/qtfs/rexec/server.go
+@@ -4,6 +4,7 @@ import (
+ 	"crypto/tls"
+ 	"fmt"
+ 	"io"
++	"io/ioutil"
+ 	"log"
+ 	"net"
+ 	"os"
+@@ -17,13 +18,33 @@ import (
+ 
+ const (
+ 	role = "server"
++	whiteList = "whitelist"
+ )
++var WhiteLists map[string] int
++func getWhitelist() error {
++	fileName := fmt.Sprintf("%s/%s", configDir, whiteList)
++	if err := CheckRight(fileName); err != nil {
++		log.Fatal(err)
++	}
++	file, err := ioutil.ReadFile(fileName)
++	if err != nil {
++		fmt.Printf("read %s failed: %s", fileName, err)
++		return err
++	}
++	fileContent := string(file)
++	lines := strings.Split(fileContent, "\n")
++	for i, v := range lines {
++		WhiteLists[v] = i
++	}
++	return nil
++}
+ 
+ func getHost(addr string) string {
+ 	return strings.Split(addr, ":")[0]
+ }
+ 
+ func main() {
++	WhiteLists = make(map[string]int, 10)
+ 	cert := os.Getenv("TLS_CERT")
+ 	key := os.Getenv("TLS_KEY")
+ 
+@@ -32,6 +53,10 @@ func main() {
+ 	if err != nil {
+ 		log.Fatal(err)
+ 	}
++	if err := getWhitelist(); err != nil {
++		log.Println("Get Whitelist failed")
++		return
++	}
+ 	if cert != "" && key != "" {
+ 		tlsCert, err := tls.LoadX509KeyPair(cert, key)
+ 		if err != nil {
+@@ -86,13 +111,23 @@ func main() {
+ 			}
+ 
+ 			command := &RemoteCommand{}
++			returnResult := &CommandResponse{}
++			returnResult.WhiteList = 1
+ 			err = receiver.Receive(command)
+ 			if err != nil {
+ 				log.Print(err)
+ 				return
+ 			}
+ 			log.Printf("cmd(%s), args(%v)\n", command.Cmd, command.Args)
+-
++			if _, ok := WhiteLists[command.Cmd]; !ok {
++				log.Printf("%s not in WhiteLists", command.Cmd)
++				returnResult.WhiteList = 0
++				err = command.StatusChan.Send(returnResult)
++				if err != nil {
++					log.Print(err)
++				}
++				return
++			}
+ 			cmd := exec.Command(command.Cmd, command.Args...)
+ 			cmd.Stdout = command.Stdout
+ 			cmd.Stderr = command.Stderr
+@@ -111,7 +146,6 @@ func main() {
+ 			defer command.Stdout.Close()
+ 			defer command.Stderr.Close()
+ 
+-			returnResult := &CommandResponse{}
+ 			err = cmd.Start()
+ 			if err != nil {
+ 				// send return status back
+diff --git a/usecases/transparent-offload/whitelist/libvirt/rexec_whitelist b/usecases/transparent-offload/whitelist/libvirt/rexec_whitelist
+new file mode 100644
+index 0000000..275a3e5
+--- /dev/null
++++ b/usecases/transparent-offload/whitelist/libvirt/rexec_whitelist
+@@ -0,0 +1,4 @@
++/usr/bin/qemu-kvm
++taskset
++kill
++/usr/bin/kill
+-- 
+2.33.0
+

0010-Adapt-to-kernel-6.1-file-system-interface-changes.patch

@@ -0,0 +1,344 @@
+From e9f4fc2f658958a37f859a37084560c592c162ec Mon Sep 17 00:00:00 2001
+From: YangXin <245051644@qq.com>
+Date: Fri, 10 Feb 2023 13:55:57 +0000
+Subject: [PATCH] Adapt to kernel 6.1 file system interface changes.
+
+Signed-off-by: YangXin <245051644@qq.com>
+---
+ qtfs/qtfs/ops.h          |  2 +-
+ qtfs/qtfs/proc.c         |  6 +++---
+ qtfs/qtfs/qtfs-mod.c     |  5 +++--
+ qtfs/qtfs/sb.c           | 43 ++++++++++++++++++++++------------------
+ qtfs/qtfs/xattr.c        |  4 ++++
+ qtfs/qtfs_server/fsops.c | 16 +++++++--------
+ 6 files changed, 43 insertions(+), 33 deletions(-)
+
+diff --git a/qtfs/qtfs/ops.h b/qtfs/qtfs/ops.h
+index 5cab367..a18f4da 100644
+--- a/qtfs/qtfs/ops.h
++++ b/qtfs/qtfs/ops.h
+@@ -15,7 +15,7 @@ bool is_sb_proc(struct super_block *sb);
+ struct inode *qtfs_iget(struct super_block *sb, struct inode_info *ii);
+ const char *qtfs_getlink(struct dentry *dentry,
+ 					struct inode *inode, struct delayed_call *done);
+-int qtfs_getattr(const struct path *, struct kstat *, u32, unsigned int);
++int qtfs_getattr(struct user_namespace *mnt_userns, const struct path *, struct kstat *, u32, unsigned int);
+ struct dentry * qtfs_lookup(struct inode *, struct dentry *, unsigned int);
+ 
+ #endif
+diff --git a/qtfs/qtfs/proc.c b/qtfs/qtfs/proc.c
+index 60401d9..e37303e 100644
+--- a/qtfs/qtfs/proc.c
++++ b/qtfs/qtfs/proc.c
+@@ -9,7 +9,7 @@
+ 
+ struct dentry *qtfs_proc_lookup(struct inode *parent_inode, struct dentry *child_dentry, unsigned int flags);
+ const char *qtfs_proc_getlink(struct dentry *dentry, struct inode *inode, struct delayed_call *done);
+-int qtfs_proc_getattr(const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags);
++int qtfs_proc_getattr(struct user_namespace *mnt_userns, const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags);
+ 
+ enum qtfs_type qtfs_get_type(char *str)
+ {
+@@ -187,7 +187,7 @@ remote:
+ 	return qtfs_getlink(dentry, inode, done);
+ }
+ 
+-int qtfs_proc_getattr(const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags)
++int qtfs_proc_getattr(struct user_namespace *mnt_userns, const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags)
+ {
+ 	char cpath[NAME_MAX] = {0};
+ 	char tmp[NAME_MAX] = {0};
+@@ -223,5 +223,5 @@ int qtfs_proc_getattr(const struct path *path, struct kstat *stat, u32 req_mask,
+ 	}
+ 
+ remote:
+-	return qtfs_getattr(path, stat, req_mask, flags);
++	return qtfs_getattr(NULL, path, stat, req_mask, flags);
+ }
+diff --git a/qtfs/qtfs/qtfs-mod.c b/qtfs/qtfs/qtfs-mod.c
+index abd9443..eb8d21a 100644
+--- a/qtfs/qtfs/qtfs-mod.c
++++ b/qtfs/qtfs/qtfs-mod.c
+@@ -1,5 +1,6 @@
+ // SPDX-License-Identifier: GPL-2.0
+ #include <linux/ktime.h>
++#include <linux/sched/task.h>
+ #include "conn.h"
+ 
+ #include "qtfs-mod.h"
+@@ -114,7 +115,7 @@ connecting:
+ 		msleep(500);
+ 	}
+ 	if (pvar == NULL) {
+-		do_exit(0);
++		return 0;
+ 	}
+ 	qtfs_info("qtfs epoll thread establish a new connection.");
+ 	req = qtfs_sock_msg_buf(pvar, QTFS_RECV);
+@@ -170,7 +171,7 @@ connecting:
+ 			qtfs_err("conn send failed, ret:%d\n", ret);
+ 	}
+ 	qtfs_epoll_cut_conn(pvar);
+-	do_exit(0);
++	return 0;
+ }
+ 
+ struct file_operations qtfs_misc_fops = {
+diff --git a/qtfs/qtfs/sb.c b/qtfs/qtfs/sb.c
+index 104d137..38cac43 100644
+--- a/qtfs/qtfs/sb.c
++++ b/qtfs/qtfs/sb.c
+@@ -461,13 +461,12 @@ static vm_fault_t qtfs_vm_fault(struct vm_fault *vmf)
+ 	return ret;
+ }
+ 
+-static void qtfs_map_pages(struct vm_fault *vmf,
++static vm_fault_t qtfs_map_pages(struct vm_fault *vmf,
+ 		pgoff_t start_pgoff, pgoff_t end_pgoff)
+ {
+ 	qtfs_info("qtfs map pages enter, pgoff:%lu start:%lu end:%lu.", vmf->pgoff, start_pgoff, end_pgoff);
+ 
+-	filemap_map_pages(vmf, start_pgoff, end_pgoff);
+-	return;
++	return filemap_map_pages(vmf, start_pgoff, end_pgoff);
+ }
+ 
+ static vm_fault_t qtfs_page_mkwrite(struct vm_fault *vmf)
+@@ -665,7 +664,6 @@ static struct file_operations qtfs_file_ops = {
+ 	.poll = qtfsfifo_poll,
+ };
+ 
+-
+ static int qtfs_readpage(struct file *file, struct page *page)
+ {
+ 	void *kaddr = NULL;
+@@ -682,6 +680,14 @@ static int qtfs_readpage(struct file *file, struct page *page)
+ 	return 0;
+ }
+ 
++static int qtfs_read_folio(struct file *file, struct folio *folio)
++{
++	struct page *page = &folio->page;
++	qtfs_readpage(file, page);
++
++	return 0;
++}
++
+ static struct page **qtfs_alloc_pages(unsigned int nr)
+ {
+ 	struct page **pages = kzalloc(nr * (sizeof(struct page *)), GFP_KERNEL);
+@@ -726,19 +732,18 @@ static int qtfs_writepages(struct address_space *mapping,
+ 	return 0;
+ }
+ 
+-static int qtfs_setpagedirty(struct page *page)
++static bool qtfs_dirty_folio(struct address_space *mapping, struct folio *folio)
+ {
+ 	qtfs_info("qtfs set page dirty.");
+-	__set_page_dirty_nobuffers(page);
+-	return 0;
++	return filemap_dirty_folio(mapping, folio);
+ }
+ 
+ static const struct address_space_operations qtfs_aops = {
+-	.readpage = qtfs_readpage,
++	.read_folio = qtfs_read_folio,
+ 	.readahead = qtfs_readahead,
+ 	.writepage = qtfs_writepage,
+ 	.writepages = qtfs_writepages,
+-	.set_page_dirty = qtfs_setpagedirty,
++	.dirty_folio = qtfs_dirty_folio,
+ };
+ 
+ int qtfs_new_entry(struct inode *inode, struct dentry *dentry)
+@@ -758,7 +763,7 @@ int qtfs_new_entry(struct inode *inode, struct dentry *dentry)
+ 	return 0;
+ }
+ 
+-int qtfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
++int qtfs_mkdir(struct user_namespace *mnt_userns, struct inode *dir, struct dentry *dentry, umode_t mode)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_mkdir *req = NULL;
+@@ -793,7 +798,7 @@ int qtfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
+ 	return ret;
+ }
+ 
+-int qtfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, bool excl)
++int qtfs_create(struct user_namespace *mnt_userns, struct inode *dir, struct dentry *dentry, umode_t mode, bool excl)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_icreate *req;
+@@ -833,7 +838,7 @@ int qtfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, bool exc
+ 	return ret ? ret : ret2;
+ }
+ 
+-int qtfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
++int qtfs_mknod(struct user_namespace *mnt_userns, struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_mknod *req;
+@@ -1093,7 +1098,7 @@ err_end:
+ 	return error;
+ }
+ 
+-int qtfs_symlink(struct inode *dir, struct dentry *dentry, const char *symname)
++int qtfs_symlink(struct user_namespace *mnt_userns, struct inode *dir, struct dentry *dentry, const char *symname)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_symlink *req;
+@@ -1138,7 +1143,7 @@ err_end:
+ 	return error;
+ }
+ 
+-int qtfs_getattr(const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags)
++int qtfs_getattr(struct user_namespace *mnt_userns, const struct path *path, struct kstat *stat, u32 req_mask, unsigned int flags)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_getattr *req;
+@@ -1182,7 +1187,7 @@ int qtfs_getattr(const struct path *path, struct kstat *stat, u32 req_mask, unsi
+ 	return 0;
+ }
+ 
+-int qtfs_setattr(struct dentry *dentry, struct iattr *attr)
++int qtfs_setattr(struct user_namespace *mnt_userns, struct dentry *dentry, struct iattr *attr)
+ {
+ 	struct qtfs_sock_var_s *pvar = qtfs_conn_get_param();
+ 	struct qtreq_setattr *req;
+@@ -1277,9 +1282,9 @@ const char *qtfs_getlink(struct dentry *dentry,
+ 	return link;
+ }
+ 
+-int qtfs_rename(struct inode *old_dir, struct dentry *old_dentry,
+-					struct inode *new_dir, struct dentry *new_dentry,
+-					unsigned int flags)
++int qtfs_rename(struct user_namespace *mnt_userns, struct inode *old_dir,
++					struct dentry *old_dentry, struct inode *new_dir,
++					struct dentry *new_dentry, unsigned int flags)
+ {
+ 	struct qtreq_rename *req;
+ 	struct qtrsp_rename *rsp;
+@@ -1364,7 +1369,7 @@ static int qtfs_fill_super(struct super_block *sb, void *priv_data, int silent)
+ 	root_inode = new_inode(sb);
+ 	root_inode->i_ino = 1;
+ 
+-	inode_init_owner(root_inode, NULL, mode);
++	inode_init_owner(&init_user_ns, root_inode, NULL, mode);
+ 	root_inode->i_sb = sb;
+ 	if (priv->type == QTFS_PROC) {
+ 		qtfs_info("qtfs type: proc\n");
+diff --git a/qtfs/qtfs/xattr.c b/qtfs/qtfs/xattr.c
+index a2a605d..61153c0 100644
+--- a/qtfs/qtfs/xattr.c
++++ b/qtfs/qtfs/xattr.c
+@@ -59,6 +59,7 @@ static int qtfs_xattr_set(const struct xattr_handler *handler,
+ 
+ static int
+ qtfs_xattr_user_set(const struct xattr_handler *handler,
++			struct user_namespace *mnt_userns,
+ 		    struct dentry *unused, struct inode *inode,
+ 		    const char *name, const void *value,
+ 		    size_t size, int flags)
+@@ -69,6 +70,7 @@ qtfs_xattr_user_set(const struct xattr_handler *handler,
+ 
+ static int
+ qtfs_xattr_trusted_set(const struct xattr_handler *handler,
++			struct user_namespace *mnt_userns,
+ 		    struct dentry *unused, struct inode *inode,
+ 		    const char *name, const void *value,
+ 		    size_t size, int flags)
+@@ -78,6 +80,7 @@ qtfs_xattr_trusted_set(const struct xattr_handler *handler,
+ 
+ static int
+ qtfs_xattr_security_set(const struct xattr_handler *handler,
++			struct user_namespace *mnt_userns,
+ 		    struct dentry *unused, struct inode *inode,
+ 		    const char *name, const void *value,
+ 		    size_t size, int flags)
+@@ -87,6 +90,7 @@ qtfs_xattr_security_set(const struct xattr_handler *handler,
+ 
+ static int
+ qtfs_xattr_hurd_set(const struct xattr_handler *handler,
++			struct user_namespace *mnt_userns,
+ 		    struct dentry *unused, struct inode *inode,
+ 		    const char *name, const void *value,
+ 		    size_t size, int flags)
+diff --git a/qtfs/qtfs_server/fsops.c b/qtfs/qtfs_server/fsops.c
+index 6c3e201..87caf90 100644
+--- a/qtfs/qtfs_server/fsops.c
++++ b/qtfs/qtfs_server/fsops.c
+@@ -431,7 +431,7 @@ static int handle_lookup(struct qtserver_arg *arg)
+ 	return sizeof(struct qtrsp_lookup);
+ }
+ 
+-static int qtfs_filldir(struct dir_context *ctx, const char *name, int namelen,
++static bool qtfs_filldir(struct dir_context *ctx, const char *name, int namelen,
+ 		loff_t offset, u64 ino, unsigned int d_type)
+ {
+ 	struct qtfs_dirent64 *dirent, *prev;
+@@ -440,7 +440,7 @@ static int qtfs_filldir(struct dir_context *ctx, const char *name, int namelen,
+ 	int prev_reclen;
+ 
+ 	if (reclen > buf->count)
+-		return -EINVAL;
++		return false;
+ 
+ 	prev_reclen = buf->prev_reclen;
+ 	dirent = buf->dir;
+@@ -455,7 +455,7 @@ static int qtfs_filldir(struct dir_context *ctx, const char *name, int namelen,
+ 	buf->dir = (void *)dirent + reclen;
+ 	buf->count -= reclen;
+ 	buf->vldcnt++;
+-	return 0;
++	return true;
+ }
+ 
+ static int handle_readdir(struct qtserver_arg *arg)
+@@ -642,7 +642,7 @@ static int handle_setattr(struct qtserver_arg *arg)
+ 	}
+ 
+ 	inode_lock(inode);
+-	rsp->errno = notify_change(path.dentry, &req->attr, NULL);
++	rsp->errno = notify_change(&init_user_ns, path.dentry, &req->attr, NULL);
+ 	if (rsp->errno < 0) {
+ 		rsp->ret = QTFS_ERR;
+ 		qtfs_err("handle setattr, path:<%s> failed with %d.\n", req->path, ret);
+@@ -716,7 +716,7 @@ retry:
+ 		req->mode &= ~current_umask();
+ 	error = security_path_mknod(&path, dent, req->mode, req->dev);
+ 	if (!error)
+-		error = vfs_mknod(path.dentry->d_inode, dent, req->mode, req->dev);
++		error = vfs_mknod(&init_user_ns, path.dentry->d_inode, dent, req->mode, req->dev);
+ 	done_path_create(&path, dent);
+ 	if (error == -ESTALE && !(flags & LOOKUP_REVAL)) {
+ 		flags |= LOOKUP_REVAL;
+@@ -794,7 +794,7 @@ retry:
+ 		return sizeof(struct qtrsp_symlink);
+ 	}
+ 
+-	rsp->errno = vfs_symlink(path.dentry->d_inode, dentry, oldname);
++	rsp->errno = vfs_symlink(&init_user_ns, path.dentry->d_inode, dentry, oldname);
+ 	done_path_create(&path, dentry);
+ 	if (rsp->errno == -ESTALE && !(lookup_flags & LOOKUP_REVAL)) {
+ 		lookup_flags |= LOOKUP_REVAL;
+@@ -922,7 +922,7 @@ int handle_xattrset(struct qtserver_arg *arg)
+ 		goto err_handle;
+ 	}
+ 
+-	rsp->errno = vfs_setxattr(path.dentry, &req->buf[req->d.pathlen], &req->buf[req->d.pathlen + req->d.namelen], req->d.size, req->d.flags);
++	rsp->errno = vfs_setxattr(&init_user_ns, path.dentry, &req->buf[req->d.pathlen], &req->buf[req->d.pathlen + req->d.namelen], req->d.size, req->d.flags);
+ 	qtfs_info("handle xattrset path:%s name:%s value:%s ret:%d size:%lu flags:%d", req->buf,
+ 					&req->buf[req->d.pathlen], &req->buf[req->d.pathlen + req->d.namelen], rsp->errno,
+ 					req->d.size, req->d.flags);
+@@ -963,7 +963,7 @@ int handle_xattrget(struct qtserver_arg *arg)
+ 		}
+ 	}
+ 
+-	error = vfs_getxattr(path.dentry, req->d.prefix_name, kvalue, req->d.size);
++	error = vfs_getxattr(&init_user_ns, path.dentry, req->d.prefix_name, kvalue, req->d.size);
+ 	path_put(&path);
+ 	if (error > 0) {
+ 		if (req->d.pos >= error) {
+-- 
+2.33.0
+

dpu-utilities.spec

@@ -1,7 +1,7 @@
 Name:          dpu-utilities 
 Summary:       openEuler dpu utilities
 Version:       1.1
-Release:       3
+Release:       4
 License:       GPL-2.0
 Source:        https://gitee.com/openeuler/dpu-utilities/repository/archive/v%{version}.tar.gz
 ExclusiveOS:   linux
@@ -10,12 +10,18 @@ BuildRoot:     %{_tmppath}/%{name}-%{version}-root
 Conflicts:     %{name} < %{version}-%{release}
 Provides:      %{name} = %{version}-%{release}
 %define kernel_version %(ver=`rpm -qa|grep kernel-devel`;echo ${ver#*kernel-devel-})
-BuildRequires: kernel-devel >= 5.10, gcc, make
+BuildRequires: kernel-devel >= 5.10, gcc, make, glib2-devel, glib2
 BuildRequires: golang
 Patch0:        0001-add-path-put-in-xattr-set.patch
 Patch1:        0002-Add-drop-link-and-dentry-invalid-in-unlink-and-rmdir.patch
 Patch2:        0003-enable-rexec-read-net-addr-from-config-file.patch
 Patch3:        0004-Fix-inode-sync-error-between-client-and-server.patch
+Patch4:        0005-Add-whitelist-of-qtfs.patch
+Patch5:        0006-Fix-error-of-getxattr-and-listxattr.patch
+Patch6:        0007-Add-whitelist-of-rexec.patch
+Patch7:        0008-Add-udsproxy.patch
+Patch8:        0009-Add-rexec-shim.patch
+Patch9:        0010-Adapt-to-kernel-6.1-file-system-interface-changes.patch
 %description
 This package contains the software utilities on dpu.
 
@@ -50,15 +56,20 @@ cd %_builddir/%{name}-v%{version}/qtfs/qtfs_server
 make
 cd %_builddir/%{name}-v%{version}/qtfs/rexec
 make
+cd %_builddir/%{name}-v%{version}/qtfs/ipc
+make
 
 %install
-mkdir -p $RPM_BUILD_ROOT/lib/modules/%{kernel_version}//extra
+mkdir -p $RPM_BUILD_ROOT/lib/modules/%{kernel_version}/extra
 mkdir -p $RPM_BUILD_ROOT/usr/bin/
+mkdir -p ${RPM_BUILD_ROOT}/usr/lib64/
 install %_builddir/%{name}-v%{version}/qtfs/qtfs/qtfs.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_version}/extra
 install %_builddir/%{name}-v%{version}/qtfs/qtfs_server/qtfs_server.ko $RPM_BUILD_ROOT/lib/modules/%{kernel_version}/extra
 install -m 0700 %_builddir/%{name}-v%{version}/qtfs/qtfs_server/engine $RPM_BUILD_ROOT/usr/bin/
 install -m 0700 %_builddir/%{name}-v%{version}/qtfs/rexec/rexec ${RPM_BUILD_ROOT}/usr/bin/
 install -m 0700 %_builddir/%{name}-v%{version}/qtfs/rexec/rexec_server ${RPM_BUILD_ROOT}/usr/bin/
+install -m 0700 %_builddir/%{name}-v%{version}/qtfs/ipc/udsproxyd ${RPM_BUILD_ROOT}/usr/bin/
+install -m 0700 %_builddir/%{name}-v%{version}/qtfs/ipc/libudsproxy.so ${RPM_BUILD_ROOT}/usr/lib64/
 mkdir -p $RPM_BUILD_ROOT/opt/imageTailor
 cp -rf %_builddir/%{name}-v%{version}/dpuos/image_tailor_cfg/custom $RPM_BUILD_ROOT/opt/imageTailor
 cp -rf %_builddir/%{name}-v%{version}/dpuos/image_tailor_cfg/kiwi $RPM_BUILD_ROOT/opt/imageTailor
@@ -91,6 +102,8 @@ fi
 /lib/modules/%{kernel_version}/extra/qtfs.ko
 %attr(0700, root, root) /usr/bin/rexec_server
 %attr(0700, root, root) /usr/bin/rexec
+%attr(0700, root, root) /usr/bin/udsproxyd
+%attr(0700, root, root) /usr/lib64/libudsproxy.so
 
 %files -n qtfs-server
 /lib/modules/%{kernel_version}/extra/qtfs_server.ko
@@ -108,6 +121,8 @@ sed -i '/# product cut_conf/a\dpuos      kiwi/minios/cfg_dpuos  yes' /opt/imageT
 sed -i '/<repository_rule>/a\dpuos          1           rpm-dir     euler_base' /opt/imageTailor/repos/RepositoryRule.conf
 
 %changelog
+* Thu Feb 09 2023 YangXin <245051644@qq.com> 1.1-4
+- Add whitelist to qtfs and rexec, fix errors, add udsproxy.
 * Thu Dec 15 2022 YangXin <245051644@qq.com> 1.1-3
 - Fix inode sync error between client and server.
 * Thu Dec 08 2022 YangXin <245051644@qq.com> 1.1-2