virSecuritySELinuxTransactionRun: Implement rollback

When iterating over list of paths/disk sources to relabel it may
happen that the process fails at some point. In that case, for
the sake of keeping seclabel refcount (stored in XATTRs) in sync
with reality we have to perform rollback. However, if that fails
too the only thing we can do is warn user.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index f7f90cd6560f480a7984343121a74e6d16f9da5c..05efdbc9bfaee5d8c572ba5ba4c964dc454b6c58 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -272,7 +272,6 @@ virSecuritySELinuxTransactionRun(pid_t pid ATTRIBUTE_UNUSED,
     for (i = 0; i < list->nItems; i++) {
         virSecuritySELinuxContextItemPtr item = list->items[i];
 
-        /* TODO Implement rollback */
         if (!item->restore) {
             rv = virSecuritySELinuxSetFileconHelper(list->manager,
                                                     item->path,
@@ -289,6 +288,18 @@ virSecuritySELinuxTransactionRun(pid_t pid ATTRIBUTE_UNUSED,
             break;
     }
 
+    for (; rv < 0 && i > 0; i--) {
+        virSecuritySELinuxContextItemPtr item = list->items[i - 1];
+
+        if (!item->restore) {
+            virSecuritySELinuxRestoreFileLabel(list->manager,
+                                               item->path,
+                                               list->lock);
+        } else {
+            VIR_WARN("Ignoring failed restore attempt on %s", item->path);
+        }
+    }
+
     if (list->lock)
         virSecurityManagerMetadataUnlock(list->manager, &state);