Disable mlslabel support in Linux

The ZFS update to onnv_141 brought with it support for a security label attribute called mlslabel. This feature depends on zones to work correctly and thus I am disabling it under Linux. Equivilant functionality could be added at some point in the future.
2010-07-22 16:55:50 -07:00 · 2010-07-22 16:55:50 -07:00 · 66b2805477
parent acd6237623
commit 66b2805477
4 changed files with 23 additions and 18 deletions
--- a/.topdeps
+++ b/.topdeps
@ -1,2 +1 @@
-gcc-branch
-fix-branch
+zfs-branch
--- a/.topmsg
+++ b/.topmsg
@ -1,19 +1,10 @@
 From: Brian Behlendorf <behlendorf1@llnl.gov>
-Subject: [PATCH] zfs branch
+Subject: [PATCH] linux have mlslabel

-Merged result of all changes which are relevant to both Solaris
-and Linux builds of the ZFS code.  These are changes where there
-is a reasonable chance they will be accepted upstream.
-
-Additionally, since this is effectively the root of the linux
-ZFS tree the core linux build system is added here.  This
-includes autogen.sh, configure.ac, m4 macros, some scripts/*,
-and makefiles for all the core ZFS components.  Linux-only
-features which require tweaks to the build system should appear
-on the relevant topic branches.  All autotools products which
-result from autogen.sh are commited to the linux-configure-branch.
-
-This branch also contains the META, ChangeLog, AUTHORS, TODO,
-and README, files.
+The ZFS update to onnv_141 brought with it support for a
+security label attribute called mlslabel.  This feature
+depends on zones to work correctly and thus I am disabling
+it under Linux.  Equivilant functionality could be added
+at some point in the future.

 Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
--- a/lib/libzfs/libzfs_dataset.c
+++ b/lib/libzfs/libzfs_dataset.c
@ -903,6 +903,7 @@ zfs_valid_proplist(libzfs_handle_t *hdl, zfs_type_t type, nvlist_t *nvl,

 		case ZFS_PROP_MLSLABEL:
 		{
+#ifdef HAVE_MLSLABEL
 			/*
 			 * Verify the mlslabel string and convert to
 			 * internal hex label string.
@ -952,7 +953,12 @@ badlabel:
 			(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
 			m_label_free(new_sl);	/* OK if null */
 			goto error;
-
+#else
+			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
+			    "mlslabels are unsupported"));
+			(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
+			goto error;
+#endif /* HAVE_MLSLABEL */
 		}

 		case ZFS_PROP_MOUNTPOINT:
@ -2011,6 +2017,7 @@ zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,

 	case ZFS_PROP_MLSLABEL:
 		{
+#ifdef HAVE_MLSLABEL
 			m_label_t *new_sl = NULL;
 			char *ascii = NULL;	/* human readable label */

@ -2044,6 +2051,10 @@ zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,

 			(void) strlcpy(propbuf, ascii, proplen);
 			free(ascii);
+#else
+			(void) strlcpy(propbuf,
+			    getprop_string(zhp, prop, &source), proplen);
+#endif /* HAVE_MLSLABEL */
 		}
 		break;

--- a/module/zfs/zfs_ioctl.c
+++ b/module/zfs/zfs_ioctl.c
@ -340,6 +340,7 @@ zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
 static int
 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
 {
+#ifdef HAVE_MLSLABEL
 	char		ds_hexsl[MAXNAMELEN];
 	bslabel_t	ds_sl, new_sl;
 	boolean_t	new_default = FALSE;
@ -427,6 +428,9 @@ out_check:
 	if (needed_priv != -1)
 		return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
 	return (0);
+#else
+	return ENOTSUP;
+#endif /* HAVE_MLSLABEL */
 }

 static int