automatic import of libguestfsopeneuler24.03_LTS

1 files changed, 78 insertions, 0 deletions

diff --git a/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch b/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch
new file mode 100644
index 0000000..b5bb385
--- /dev/null
+++ b/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch
@@ -0,0 +1,78 @@
+From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001
+From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
+Date: Wed, 26 Apr 2023 15:59:46 +0300
+Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if
+ supported
+
+Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads"
+option, which allows parallel execution.  "-T 0" allows using as many
+threads as there're available CPU cores.  This might speed up the process
+of filesystem relabeling in case the appliance is being run with multiple
+vCPUs.  The latter is true for at least v2v starting from d2b64ecc67
+("v2v: Set the number of vCPUs to same as host number of pCPUs.").
+
+For instance, when running virt-v2v-in-place on my 12-core Xeon host
+with SSD, with appliance being run with 8 vCPUs (the upper limit specified
+in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host),
+I get the following results:
+
+./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x
+
+Without this patch:
+...
+commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
+libguestfs: trace: v2v: selinux_relabel = 0
+libguestfs: trace: v2v: rm_f "/.autorelabel"
+guestfsd: => selinux_relabel (0x1d3) took 17.94 secs
+...
+
+With this patch:
+...
+commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
+libguestfs: trace: v2v: selinux_relabel = 0
+libguestfs: trace: v2v: rm_f "/.autorelabel"
+guestfsd: => selinux_relabel (0x1d3) took 5.88 secs
+...
+
+So in my scenario it's getting 3 times faster.
+
+[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4
+
+Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
+Reviewed-by: Laszlo Ersek <lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f)
+---
+ daemon/selinux-relabel.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
+index 60a6f48a..cfc5a31d 100644
+--- a/daemon/selinux-relabel.c
++++ b/daemon/selinux-relabel.c
+@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path,
+ {
+   static int flag_m = -1;
+   static int flag_C = -1;
++  static int flag_T = -1;
+   const char *argv[MAX_ARGS];
+   CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL,
+     *s_sys = NULL, *s_specfile = NULL, *s_path = NULL;
+@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path,
+   if (setfiles_has_option (&flag_C, 'C'))
+     ADD_ARG (argv, i, "-C");
+ 
++  /* If the appliance is being run with multiple vCPUs, running setfiles
++   * in multithreading mode might speeds up the process.  Option "-T" was
++   * introduced in SELinux userspace v3.4, and we need to check whether it's
++   * supported.  Passing "-T 0" creates as many threads as there're available
++   * vCPU cores.
++   * https://github.com/SELinuxProject/selinux/releases/tag/3.4
++   */
++  if (setfiles_has_option (&flag_T, 'T')) {
++    ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0");
++  }
++
+   /* Relabelling in a chroot. */
+   if (STRNEQ (sysroot, "/")) {
+     ADD_ARG (argv, i, "-r");