is_proc_handl

experiment/selinux/Cargo.toml

@@ -12,4 +12,4 @@ autoexamples = true
 keywords = ["youki", "container", "selinux"]
 
 [dependencies]
-nix = { version = "0.29.0", features = ["process"] }
+nix = { version = "0.29.0", features = ["process", "fs"] }

experiment/selinux/src/selinux.rs

@@ -1,9 +1,12 @@
 use std::sync::Once;
 use crate::xattr::*;
 use nix::unistd::gettid;
+use nix::sys::statfs;
+use nix::errno::Errno;
 use std::path::PathBuf;
 use std::fs::File;
 use std::io::{self, Read};
+use std::os::fd::{AsFd, AsRawFd};
 
 const XATTR_NAME_SELINUX: &str = "security.selinux";
 const ERR_EMPTY_PATH: &str = "empty path";
@@ -203,8 +206,24 @@ pub fn write_con(fpath: &str, val: &str) -> Result<(), std::io::Error> {
     panic!("not implemented yet");
 }
 
-pub fn is_proc_handle(file: &File) -> Result<(), std::io::Error> {    
-    panic!("not implemented yet");
+pub fn is_proc_handle(file: &File) -> Result<(), std::io::Error> {
+    loop {
+        match statfs::fstatfs(file.as_fd()) {
+            Ok(stat) if stat.filesystem_type() == statfs::PROC_SUPER_MAGIC => break,
+            Ok(_) => {
+                return Err(std::io::Error::new(
+                    std::io::ErrorKind::Other, format!("file {} is not on procfs", file.as_raw_fd())
+                ));
+            },
+            Err(Errno::EINTR) => continue,
+            Err(err) => {
+                return Err(std::io::Error::new(
+                    std::io::ErrorKind::Other,
+                    format!("fstatfs failed: {}", err)))
+            }
+        }
+    }
+    Ok(())
 }
 
 pub fn read_con_fd(file: &mut File) -> Result<String, std::io::Error> {