virSecurityManagerTransactionCommit: Accept pid == -1

It will be desirable to run transactions more often than we currently do. Even if the domain we're relabeling the paths for does not run in a namespace. If that's the case, there is no need to fork() as we are already running in the right namespace. To differentiate whether transaction code should fork() or not the @pid argument now accepts -1 (which means do not fork). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
2025-01-21 20:15:17 +00:00 · 2018-09-05 13:27:50 +02:00 · 2018-09-05 13:27:50 +02:00 · d41c162177
commit d41c162177
parent ccafaacd61
3 changed files with 38 additions and 21 deletions
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@ -485,11 +485,14 @@ virSecurityDACTransactionStart(virSecurityManagerPtr mgr)
 * @mgr: security manager
 * @pid: domain's PID
 *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the chown()-s on the list. Note that the transaction is
- * also freed, therefore new one has to be started after successful
- * return from this function. Also it is considered as error if there's
- * no transaction set and this function is called.
+ * If @pid is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the chown()-s on the list. If @pid is -1
+ * then the transaction is performed in the namespace of the caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
 *
 * Returns: 0 on success,
 *         -1 otherwise.
@ -514,9 +517,12 @@ virSecurityDACTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
        goto cleanup;
    }

-    if (virProcessRunInMountNamespace(pid,
-                                      virSecurityDACTransactionRun,
-                                      list) < 0)
+    if ((pid == -1 &&
+         virSecurityDACTransactionRun(pid, list) < 0) ||
+        (pid != -1 &&
+         virProcessRunInMountNamespace(pid,
+                                       virSecurityDACTransactionRun,
+                                       list) < 0))
        goto cleanup;

    ret = 0;
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@ -267,11 +267,15 @@ virSecurityManagerTransactionStart(virSecurityManagerPtr mgr)
 * @mgr: security manager
 * @pid: domain's PID
 *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the operations on the transaction list. Note that the
- * transaction is also freed, therefore new one has to be started after
- * successful return from this function. Also it is considered as error
- * if there's no transaction set and this function is called.
+ * If @pid is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the operations on the transaction list.
+ * If @pid is -1 then the transaction is performed in the namespace of
+ * the caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
 *
 * Returns: 0 on success,
 *         -1 otherwise.
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@ -1040,11 +1040,15 @@ virSecuritySELinuxTransactionStart(virSecurityManagerPtr mgr)
 * @mgr: security manager
 * @pid: domain's PID
 *
- * Enters the @pid namespace (usually @pid refers to a domain) and
- * performs all the sefilecon()-s on the list. Note that the
- * transaction is also freed, therefore new one has to be started after
- * successful return from this function. Also it is considered as error
- * if there's no transaction set and this function is called.
+ * If @pis is not -1 then enter the @pid namespace (usually @pid refers
+ * to a domain) and perform all the sefilecon()-s on the list. If @pid
+ * is -1 then the transaction is performed in the namespace of the
+ * caller.
+ *
+ * Note that the transaction is also freed, therefore new one has to be
+ * started after successful return from this function. Also it is
+ * considered as error if there's no transaction set and this function
+ * is called.
 *
 * Returns: 0 on success,
 *         -1 otherwise.
@ -1066,9 +1070,12 @@ virSecuritySELinuxTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
        goto cleanup;
    }

-    if (virProcessRunInMountNamespace(pid,
-                                      virSecuritySELinuxTransactionRun,
-                                      list) < 0)
+    if ((pid == -1 &&
+         virSecuritySELinuxTransactionRun(pid, list) < 0) ||
+        (pid != -1 &&
+         virProcessRunInMountNamespace(pid,
+                                       virSecuritySELinuxTransactionRun,
+                                       list) < 0))
        goto cleanup;

    ret = 0;