packages/criu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lsm: use the user provided lsm label

Browse Source 
Signed-off-by: MaSkingx <maxin@xfusion.com>
This commit is contained in:
MaSkingx 2025-04-21 01:53:54 +00:00 committed by Gitee
parent ab5032a5a0
commit d0637ffca8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
0005-lsm-use-the-user-provided-lsm-label.patch Normal file
View File

@ -0,0 +1,30 @@
From ed6374b48c5923bca53d760ac6f04a2817236407 Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Thu, 6 Feb 2025 11:07:17 +0100
Subject: [PATCH] lsm: use the user provided lsm label
Currently CRIU has the possibility to specify a LSM label during
restore. Unfortunately the information is completely ignored in the case
of SELinux.
This change selects the lsm label from the user if it is provided and
else the label from the checkpoint image is used.
Signed-off-by: Adrian Reber <areber@redhat.com>
---
criu/lsm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/criu/lsm.c b/criu/lsm.c
index d1b73cc79e..70b66d42ee 100644
--- a/criu/lsm.c
+++ b/criu/lsm.c
@@ -370,7 +370,7 @@ int render_lsm_profile(char *profile, char **val)
case LSMTYPE__APPARMOR:
return render_aa_profile(val, profile);
case LSMTYPE__SELINUX:
- if (asprintf(val, "%s", profile) < 0) {
+ if (asprintf(val, "%s", opts.lsm_supplied ? opts.lsm_profile : profile) < 0) {
*val = NULL;
return -1;
}

6
criu.spec
View File

@ -1,6 +1,6 @@
Name: criu
Version: 3.19
Release: 5
Release: 6
Provides: crtools = %{version}-%{release}
Obsoletes: crtools <= 1.0-2
Summary: A tool of Checkpoint/Restore in User-space
@ -20,6 +20,7 @@ Patch1: 0001-criu-dump-and-restore-cpu-affinity-of-each-thread.patch
Patch2: 0002-Add-sys_sched_setaffinity-define-for-loongarch64.patch
Patch3: 0003-chore-support-building-without-network.patch
Patch4: 0004-criu-fix-log_keep_err-signal-deadlock.patch
Patch5: 0005-lsm-use-the-user-provided-lsm-label.patch
%description
Checkpoint/Restore in Userspace(CRIU),is a software tool for the linux operating system.
@ -105,6 +106,9 @@ chmod 0755 %{buildroot}/run/%{name}/
%doc %{_mandir}/man1/{compel.1*,crit.1*,criu-ns.1*,criu-amdgpu-plugin.1*}
%changelog
* Mon Apr 21 2025 maxin <maxin@xfusion.com> - 3.19-6
- lsm: use the user provided lsm label
* Fri Apr 18 2025 maxin <maxin@xfusion.com> - 3.19-5
- fix log_keep_err signal deadlock