This series adds basic support for parallel relabeling to the libselinux API and the setfiles/restorecon CLI tools. It turns out that doing the relabeling in parallel can significantly reduce the time even with a relatively simple approach. The first patch is a small cleanup that was found along the way and can be applied independently. Patches 2-4 are small incremental changes that make the internal selinux_restorecon functions more thread-safe (I kept them separate for ease of of review, but maybe they should be rather folded into the netx patch...). Patch 5 then completes the parallel relabeling implementation at libselinux level and adds a new function to the API that allows to make use of it. Finally, patch 6 adds parallel relabeling support to he setfiles/restorecon tools. The relevant man pages are also updated to reflect the new functionality. The patch descriptions contain more details, namely the last patch has also some benchmark numbers. Changes v2->v3: - add a patch to fix pre-exiting data race in label_file - wait for threads to complete using pthread_join(3) to prevent thread leaks Changes v1->v2: - make selinux_log() synchronized instead of introducing selinux_log_sync() - fix -Wcomma warning - update the swig files as well - bump new symbol version to LIBSELINUX_3.3 (this may need further update depending on when this gets merged) Ondrej Mosnacek (7): label_file: fix a data race selinux_restorecon: simplify fl_head allocation by using calloc() selinux_restorecon: protect file_spec list with a mutex libselinux: make selinux_log() thread-safe selinux_restorecon: add a global mutex to synchronize progress output selinux_restorecon: introduce selinux_restorecon_parallel(3) setfiles/restorecon: support parallel relabeling libselinux/include/selinux/restorecon.h | 14 + libselinux/man/man3/selinux_restorecon.3 | 29 ++ .../man/man3/selinux_restorecon_parallel.3 | 1 + libselinux/src/callbacks.c | 8 +- libselinux/src/callbacks.h | 13 +- libselinux/src/label_file.c | 15 +- libselinux/src/label_file.h | 2 +- libselinux/src/libselinux.map | 5 + libselinux/src/selinux_internal.h | 16 + libselinux/src/selinux_restorecon.c | 458 ++++++++++++------ libselinux/src/selinuxswig_python.i | 6 +- libselinux/src/selinuxswig_python_exception.i | 8 + policycoreutils/setfiles/Makefile | 2 +- policycoreutils/setfiles/restore.c | 7 +- policycoreutils/setfiles/restore.h | 2 +- policycoreutils/setfiles/restorecon.8 | 9 + policycoreutils/setfiles/setfiles.8 | 9 + policycoreutils/setfiles/setfiles.c | 28 +- 18 files changed, 458 insertions(+), 174 deletions(-) create mode 100644 libselinux/man/man3/selinux_restorecon_parallel.3 -- 2.31.1
