Michal Privoznik <mprivozn@redhat.com> [2018-09-10, 11:36AM +0200]:
Technically, this is v4 of:
https://www.redhat.com/archives/libvir-list/2018-August/msg01627.html
However, this is implementing different approach than any of the previous versions.
One of the problems with previous version was that it was too complicated. The main reason for that was that we could not close the connection whilst there was a file locked. So we had to invent a mechanism that would prevent that (on the client side).
These patches implement different approach. They rely on secdriver's transactions which bring all the paths we want to label into one place so that they can be relabelled within different namespace. I'm extending this idea so that transactions run all the time (regardless of domain namespacing) and only at the very last moment is decided which namespace would the relabeling run in.
Metadata locking is then as easy as putting lock/unlock calls around one function.
You can find the patches at my github too:
https://github.com/zippy2/libvirt/tree/disk_metadata_lock_v4_alt
Hey Michal, is was running a quick test with this patch series with two domains sharing a disk image without <shareable/> and SELinux enabled. When starting the second domain, the whole libvirtd daemon hangs for almost a minute until giving the error that the image is locked. I haven't debugged it yet to figure out what happens. Otherwise it's looking good, relabeling is prevented as expected. Bjoern