restore: add lsm-profile and lsm-mount-context options

[rst0git]

trafficstars

By default, CRIU restores containers with the same SELinux process labels used during checkpointing. However, when restoring multiple copies of a container, this results in all containers using identical SELinux labels, which is undesirable. In addition, all containers in a Pod share the SELinux label of the infrastructure container. To restore a new container into an existing Pod, we need to specify the SELinux label to be used during restore.

This pull request adds --lsm-profile and --lsm-mount-context options for the crun restore command to enable this functionality, similar to runc (https://github.com/opencontainers/runc/pull/3005)