From: Ondrej Mosnacek <omosnace@redhat.com>
To: selinux@vger.kernel.org
Subject: [PATCH userspace v4 0/8] Parallel setfiles/restorecon
Date: Tue, 26 Oct 2021 13:52:31 +0200 [thread overview]
Message-ID: <20211026115239.267449-1-omosnace@redhat.com> (raw)
This series adds basic support for parallel relabeling to the libselinux
API and the setfiles/restorecon CLI tools. It turns out that doing the
relabeling in parallel can significantly reduce the time even with a
relatively simple approach.
The first patch fixes a data race around match tracking in label_file.
Second patch is a small cleanup found along the way. Patches 3-6 are
small incremental changes that various functions more thread-safe.
Patch 7 then completes the parallel relabeling implementation at
libselinux level and adds a new function to the API that allows to make
use of it. Finally, patch 8 adds parallel relabeling support to the
setfiles/restorecon tools.
The relevant man pages are also updated to reflect the new
functionality.
The patch descriptions contain more details, namely the last patch has
also some benchmark numbers.
Changes v3->v4:
- add a patch to fix a pre-existing data race in is_context_customizable()
Changes v2->v3:
- add a patch to fix a pre-existing data race in label_file
- wait for threads to complete using pthread_join(3) to prevent thread leaks
Changes v1->v2:
- make selinux_log() synchronized instead of introducing selinux_log_sync()
- fix -Wcomma warning
- update the swig files as well
- bump new symbol version to LIBSELINUX_3.3 (this may need further update
depending on when this gets merged)
Ondrej Mosnacek (8):
label_file: fix a data race
selinux_restorecon: simplify fl_head allocation by using calloc()
selinux_restorecon: protect file_spec list with a mutex
libselinux: make selinux_log() thread-safe
libselinux: make is_context_customizable() thread-safe
selinux_restorecon: add a global mutex to synchronize progress output
selinux_restorecon: introduce selinux_restorecon_parallel(3)
setfiles/restorecon: support parallel relabeling
libselinux/include/selinux/restorecon.h | 14 +
libselinux/man/man3/selinux_restorecon.3 | 29 ++
.../man/man3/selinux_restorecon_parallel.3 | 1 +
libselinux/src/callbacks.c | 8 +-
libselinux/src/callbacks.h | 13 +-
libselinux/src/is_customizable_type.c | 23 +-
libselinux/src/label_file.c | 15 +-
libselinux/src/label_file.h | 2 +-
libselinux/src/libselinux.map | 5 +
libselinux/src/selinux_internal.h | 16 +
libselinux/src/selinux_restorecon.c | 458 ++++++++++++------
libselinux/src/selinuxswig_python.i | 6 +-
libselinux/src/selinuxswig_python_exception.i | 8 +
policycoreutils/setfiles/Makefile | 2 +-
policycoreutils/setfiles/restore.c | 7 +-
policycoreutils/setfiles/restore.h | 2 +-
policycoreutils/setfiles/restorecon.8 | 9 +
policycoreutils/setfiles/setfiles.8 | 9 +
policycoreutils/setfiles/setfiles.c | 28 +-
19 files changed, 469 insertions(+), 186 deletions(-)
create mode 100644 libselinux/man/man3/selinux_restorecon_parallel.3
--
2.31.1
next reply other threads:[~2021-10-26 11:52 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-26 11:52 Ondrej Mosnacek [this message]
2021-10-26 11:52 ` [PATCH userspace v4 1/8] label_file: fix a data race Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 2/8] selinux_restorecon: simplify fl_head allocation by using calloc() Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 3/8] selinux_restorecon: protect file_spec list with a mutex Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 4/8] libselinux: make selinux_log() thread-safe Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe Ondrej Mosnacek
2021-11-05 15:32 ` Christian Göttsche
2021-10-26 11:52 ` [PATCH userspace v4 6/8] selinux_restorecon: add a global mutex to synchronize progress output Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 7/8] selinux_restorecon: introduce selinux_restorecon_parallel(3) Ondrej Mosnacek
2021-10-26 11:52 ` [PATCH userspace v4 8/8] setfiles/restorecon: support parallel relabeling Ondrej Mosnacek
2021-11-22 11:56 ` [PATCH userspace v4 0/8] Parallel setfiles/restorecon Ondrej Mosnacek
2021-11-23 9:26 ` Petr Lautrbach
2021-11-23 9:40 ` Petr Lautrbach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211026115239.267449-1-omosnace@redhat.com \
--to=omosnace@redhat.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.