Commit 44cb540d2d for qemu.org
commit 44cb540d2d079ce2c785b130e163ab42b9e1a109
Author: Christian Schoenebeck <qemu_oss@crudebyte.com>
Date: Sat Jun 13 16:55:49 2026 +0200
qemu-options: document 9pfs max_xattr option
Add documentation for the new "max_xattr" command line option
of 9pfs server, introduced by the previous commit.
Link: https://lore.kernel.org/qemu-devel/b5a1a6ba299a49183d0032d9e4cd5e009d4aae47.1781361555.git.qemu_oss@crudebyte.com
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
diff --git a/qemu-options.hx b/qemu-options.hx
index f1874a0591..e44b47de68 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1940,19 +1940,19 @@ ERST
DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
"-fsdev local,id=id,path=path,security_model=mapped-xattr|mapped-file|passthrough|none\n"
- " [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode]\n"
+ " [,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,max_xattr=max]\n"
" [[,throttling.bps-total=b]|[[,throttling.bps-read=r][,throttling.bps-write=w]]]\n"
" [[,throttling.iops-total=i]|[[,throttling.iops-read=r][,throttling.iops-write=w]]]\n"
" [[,throttling.bps-total-max=bm]|[[,throttling.bps-read-max=rm][,throttling.bps-write-max=wm]]]\n"
" [[,throttling.iops-total-max=im]|[[,throttling.iops-read-max=irm][,throttling.iops-write-max=iwm]]]\n"
" [[,throttling.iops-size=is]]\n"
- "-fsdev synth,id=id\n",
+ "-fsdev synth,id=id[,max_xattr=max]\n",
QEMU_ARCH_ALL)
SRST
-``-fsdev local,id=id,path=path,security_model=security_model [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode] [,throttling.option=value[,throttling.option=value[,...]]]``
+``-fsdev local,id=id,path=path,security_model=security_model [,writeout=writeout][,readonly=on][,fmode=fmode][,dmode=dmode][,max_xattr=max] [,throttling.option=value[,throttling.option=value[,...]]]``
\
-``-fsdev synth,id=id[,readonly=on]``
+``-fsdev synth,id=id[,readonly=on][,max_xattr=max]``
Define a new file system device. Valid options are:
``local``
@@ -2026,6 +2026,12 @@ SRST
Let every is bytes of a request count as a new request for iops
throttling purposes.
+ ``max_xattr=max``
+ Specifies the maximum number of concurrent xattr FIDs allowed for
+ this export. The default is 1024. Set to 0 for allowing an infinite
+ number of xattr FIDs. This limit prevents host memory exhaustion
+ attacks by capping the number of simultaneous xattr FIDs.
+
-fsdev option is used along with -device driver "virtio-9p-...".
``-device virtio-9p-type,fsdev=id,mount_tag=mount_tag``
@@ -2045,14 +2051,14 @@ ERST
DEF("virtfs", HAS_ARG, QEMU_OPTION_virtfs,
"-virtfs local,path=path,mount_tag=tag,security_model=mapped-xattr|mapped-file|passthrough|none\n"
- " [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,multidevs=remap|forbid|warn]\n"
- "-virtfs synth,mount_tag=tag[,id=id][,readonly=on]\n",
+ " [,id=id][,writeout=immediate][,readonly=on][,fmode=fmode][,dmode=dmode][,multidevs=remap|forbid|warn][,max_xattr=max]\n"
+ "-virtfs synth,mount_tag=tag[,id=id][,readonly=on][,max_xattr=max]\n",
QEMU_ARCH_ALL)
SRST
-``-virtfs local,path=path,mount_tag=mount_tag ,security_model=security_model[,writeout=writeout][,readonly=on] [,fmode=fmode][,dmode=dmode][,multidevs=multidevs]``
+``-virtfs local,path=path,mount_tag=mount_tag ,security_model=security_model[,writeout=writeout][,readonly=on] [,fmode=fmode][,dmode=dmode][,multidevs=multidevs][,max_xattr=max]``
\
-``-virtfs synth,mount_tag=mount_tag``
+``-virtfs synth,mount_tag=mount_tag[,max_xattr=max]``
Define a new virtual filesystem device and expose it to the guest using
a virtio-9p-device (a.k.a. 9pfs), which essentially means that a certain
directory on host is made directly accessible by guest as a pass-through
@@ -2118,6 +2124,12 @@ SRST
Specifies the tag name to be used by the guest to mount this
export point.
+ ``max_xattr=max``
+ Specifies the maximum number of concurrent xattr FIDs allowed for
+ this export. The default is 1024. Set to 0 for allowing an infinite
+ number of xattr FIDs. This limit prevents host memory exhaustion
+ attacks by capping the number of simultaneous xattr FIDs.
+
``multidevs=remap|forbid|warn``
Specifies how to deal with multiple devices being shared with
the same 9p export in order to avoid file ID collisions on guest.