diff options
| author | Ric Aleshire <Ric.Aleshire@Sun.COM> | 2009-02-25 20:53:30 -0800 |
|---|---|---|
| committer | Ric Aleshire <Ric.Aleshire@Sun.COM> | 2009-02-25 20:53:30 -0800 |
| commit | 9a5d73e03cd3312ddb571a748c40a63c58bd66e5 (patch) | |
| tree | f9934dea422d1ab33119284d98e9b18cd2cde6c7 /usr/src/cmd/zoneadmd | |
| parent | 2f8ec71967eea9b7dd13e4a224a56156ff9d3c4f (diff) | |
| download | illumos-joyent-9a5d73e03cd3312ddb571a748c40a63c58bd66e5.tar.gz | |
PSARC/2009/065 labeled brand zone
6717648 Labeled zones should have their own brand
6713821 lx branded zone warnings printed to console when booting tx
Diffstat (limited to 'usr/src/cmd/zoneadmd')
| -rw-r--r-- | usr/src/cmd/zoneadmd/vplat.c | 8 | ||||
| -rw-r--r-- | usr/src/cmd/zoneadmd/zoneadmd.c | 5 | ||||
| -rw-r--r-- | usr/src/cmd/zoneadmd/zoneadmd.h | 1 |
3 files changed, 13 insertions, 1 deletions
diff --git a/usr/src/cmd/zoneadmd/vplat.c b/usr/src/cmd/zoneadmd/vplat.c index b8ec982fb5..3ffb7611b8 100644 --- a/usr/src/cmd/zoneadmd/vplat.c +++ b/usr/src/cmd/zoneadmd/vplat.c @@ -4240,6 +4240,14 @@ vplat_create(zlog_t *zlogp, zone_mnt_t mount_cmd) goto error; } + if (!is_system_labeled() && + (strcmp(attr.ba_brandname, LABELED_BRAND_NAME) == 0)) { + brand_close(bh); + zerror(zlogp, B_FALSE, + "cannot boot labeled zone on unlabeled system"); + goto error; + } + /* * If this brand requires any kernel support, now is the time to * get it loaded and initialized. diff --git a/usr/src/cmd/zoneadmd/zoneadmd.c b/usr/src/cmd/zoneadmd/zoneadmd.c index 240985f427..961726f7f4 100644 --- a/usr/src/cmd/zoneadmd/zoneadmd.c +++ b/usr/src/cmd/zoneadmd/zoneadmd.c @@ -106,6 +106,7 @@ char *zone_name; /* zone which we are managing */ char brand_name[MAXNAMELEN]; boolean_t zone_isnative; boolean_t zone_iscluster; +boolean_t zone_islabeled; static zoneid_t zone_id; dladm_handle_t dld_handle = NULL; @@ -1175,7 +1176,8 @@ server(void *cookie, char *args, size_t alen, door_desc_t *dp, case Z_FORCEMOUNT: if (kernelcall) /* Invalid; can't happen */ abort(); - if (!zone_isnative && !zone_iscluster) { + if (!zone_isnative && !zone_iscluster && + !zone_islabeled) { /* * -U mounts the zone without lofs mounting * zone file systems back into the scratch @@ -1711,6 +1713,7 @@ main(int argc, char *argv[]) } zone_isnative = brand_is_native(bh); zone_iscluster = (strcmp(brand_name, CLUSTER_BRAND_NAME) == 0); + zone_islabeled = (strcmp(brand_name, LABELED_BRAND_NAME) == 0); /* Get state change brand hooks. */ if (brand_callback_init(bh, zone_name) == -1) { diff --git a/usr/src/cmd/zoneadmd/zoneadmd.h b/usr/src/cmd/zoneadmd/zoneadmd.h index 181f3c3c1b..c244852968 100644 --- a/usr/src/cmd/zoneadmd/zoneadmd.h +++ b/usr/src/cmd/zoneadmd/zoneadmd.h @@ -57,6 +57,7 @@ extern "C" { #define EXEC_LEN (strlen(EXEC_PREFIX)) #define CLUSTER_BRAND_NAME "cluster" +#define LABELED_BRAND_NAME "labeled" /* 0755 is the default directory mode. */ #define DEFAULT_DIR_MODE \ |