Conversation
3 tasks
JAORMX
reviewed
Apr 8, 2026
Contributor
JAORMX
left a comment
JAORMX
left a comment
There was a problem hiding this comment.
Looked at this for correctness and OS portability (Linux + macOS). The implementation is solid. The walker, symlink handling, build tags, and boundary checks all work correctly on both platforms.
Left a few inline comments... the only actionable one is the OverrideUID doc comment which is a bit misleading about why UID 0 can't be used. The other two are just confirming the portability story checks out.
On macOS, workspace directories mounted via virtiofs appear with the host user's UID inside the guest VM. This prevents the guest sandbox user from writing to files and nested directories. Add OverrideUID/OverrideGID fields to VirtioFSMount and a new SetOverrideStatTree function that walks the mount path and sets user.containers.override_stat xattrs on all files and directories before VM boot. This makes libkrun's virtiofs FUSE server report the desired UID/GID to the guest. Symlinks are skipped to prevent setting xattrs outside the mount boundary. Includes input validation for negative UIDs/GIDs and orphaned OverrideGID, build-tagged no-op stub for unsupported platforms, and performance optimization using DirEntry.Info() to avoid redundant Lstat syscalls during the tree walk. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
OverrideUID/OverrideGIDfields toVirtioFSMountthat setuser.containers.override_statxattrs on host directories before VM boot, making libkrun's virtiofs FUSE server report the desired UID/GID to the guest instead of the host user'sSetOverrideStatTreewalker ininternal/xattrthat resolves symlinks at the root, skips symlink entries during traversal, and enforces path boundary checks to prevent setting xattrs outside the mountDirEntry.Info()to avoid redundant Lstat syscallsFixes the issue where workspace directories mounted via virtiofs on macOS appear with the host user's UID inside the guest VM, preventing the guest sandbox user from writing to mounted files.
Test plan
task fmt— cleantask lint— 0 issuestask test— all tests pass with race detector🤖 Generated with Claude Code