Xavier Hernandez db80efc8d5 cluster/ec: fix selinux issues with mmap()
EC uses mmap() to create a memory area for the dynamic code. Since
the code is created on the fly and executed when needed, this region
of memory needs to have write and execution privileges.

This combination is not allowed by default by selinux. To solve the
problem a file is used as a backend storage for the dynamic code and
it's mapped into two distinct memory regions, one with write access
and the other one with execution access. This approach is the
recommended way to create dynamic code by a program in a more secure
way, and selinux allows it.

Additionally selinux requires that the backend file be stored in a
directory marked with type bin_t to be able to map it in an executable
area. To satisfy this condition, GLUSTERFS_LIBEXECDIR has been used.

This fix also changes the error check for mmap(), that was done
incorrectly (it checked against NULL instead of MAP_FAILED), and it
also correctly propagates the error codes and makes sure they aren't
silently ignored.

Change-Id: I71c2f88be4e4d795b6cfff96ab3799c362c54291
BUG: 1402661
Signed-off-by: Xavier Hernandez <xhernandez@datalab.es>
Reviewed-on: https://review.gluster.org/16405
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
2017-02-02 07:02:28 -05:00
2014-04-16 06:38:06 -07:00
2010-03-12 04:09:34 -08:00
2011-07-18 17:24:14 +05:30
2016-09-12 01:33:12 -07:00
2014-09-16 02:30:36 -07:00

For information about contributing to GlusterFS, please follow Contributing to GlusterFS community.

GlusterFS does not follow the GitHub: Fork & pull workflow but use Gerrit for code review.

The development guidelines are detailed in Development Workflow.

The GlusterFS documentation can be found at our Read the Docs site.

For more info, please visit gluster.org.

Description
No description provided
Readme 86 MiB
Languages
C 86.6%
Shell 7.5%
Python 3.6%
Perl 0.7%
Makefile 0.4%
Other 0.9%