Disable mlslabel support in Linux

The ZFS update to onnv_141 brought with it support for a
security label attribute called mlslabel.  This feature
depends on zones to work correctly and thus I am disabling
it under Linux.  Equivilant functionality could be added
at some point in the future.
This commit is contained in:
Brian Behlendorf 2010-07-22 16:55:50 -07:00
parent acd6237623
commit 66b2805477
4 changed files with 23 additions and 18 deletions

View File

@ -1,2 +1 @@
gcc-branch zfs-branch
fix-branch

21
.topmsg
View File

@ -1,19 +1,10 @@
From: Brian Behlendorf <behlendorf1@llnl.gov> From: Brian Behlendorf <behlendorf1@llnl.gov>
Subject: [PATCH] zfs branch Subject: [PATCH] linux have mlslabel
Merged result of all changes which are relevant to both Solaris The ZFS update to onnv_141 brought with it support for a
and Linux builds of the ZFS code. These are changes where there security label attribute called mlslabel. This feature
is a reasonable chance they will be accepted upstream. depends on zones to work correctly and thus I am disabling
it under Linux. Equivilant functionality could be added
Additionally, since this is effectively the root of the linux at some point in the future.
ZFS tree the core linux build system is added here. This
includes autogen.sh, configure.ac, m4 macros, some scripts/*,
and makefiles for all the core ZFS components. Linux-only
features which require tweaks to the build system should appear
on the relevant topic branches. All autotools products which
result from autogen.sh are commited to the linux-configure-branch.
This branch also contains the META, ChangeLog, AUTHORS, TODO,
and README, files.
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>

View File

@ -903,6 +903,7 @@ zfs_valid_proplist(libzfs_handle_t *hdl, zfs_type_t type, nvlist_t *nvl,
case ZFS_PROP_MLSLABEL: case ZFS_PROP_MLSLABEL:
{ {
#ifdef HAVE_MLSLABEL
/* /*
* Verify the mlslabel string and convert to * Verify the mlslabel string and convert to
* internal hex label string. * internal hex label string.
@ -952,7 +953,12 @@ badlabel:
(void) zfs_error(hdl, EZFS_BADPROP, errbuf); (void) zfs_error(hdl, EZFS_BADPROP, errbuf);
m_label_free(new_sl); /* OK if null */ m_label_free(new_sl); /* OK if null */
goto error; goto error;
#else
zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
"mlslabels are unsupported"));
(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
goto error;
#endif /* HAVE_MLSLABEL */
} }
case ZFS_PROP_MOUNTPOINT: case ZFS_PROP_MOUNTPOINT:
@ -2011,6 +2017,7 @@ zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,
case ZFS_PROP_MLSLABEL: case ZFS_PROP_MLSLABEL:
{ {
#ifdef HAVE_MLSLABEL
m_label_t *new_sl = NULL; m_label_t *new_sl = NULL;
char *ascii = NULL; /* human readable label */ char *ascii = NULL; /* human readable label */
@ -2044,6 +2051,10 @@ zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,
(void) strlcpy(propbuf, ascii, proplen); (void) strlcpy(propbuf, ascii, proplen);
free(ascii); free(ascii);
#else
(void) strlcpy(propbuf,
getprop_string(zhp, prop, &source), proplen);
#endif /* HAVE_MLSLABEL */
} }
break; break;

View File

@ -340,6 +340,7 @@ zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
static int static int
zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr) zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
{ {
#ifdef HAVE_MLSLABEL
char ds_hexsl[MAXNAMELEN]; char ds_hexsl[MAXNAMELEN];
bslabel_t ds_sl, new_sl; bslabel_t ds_sl, new_sl;
boolean_t new_default = FALSE; boolean_t new_default = FALSE;
@ -427,6 +428,9 @@ out_check:
if (needed_priv != -1) if (needed_priv != -1)
return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL)); return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
return (0); return (0);
#else
return ENOTSUP;
#endif /* HAVE_MLSLABEL */
} }
static int static int