mount-copybind: add rootcontext mountoption for overlayfs

If selinux is enabled, the context of the mountpoint for overlayfs
needs to be specified manually via the rootcontext option. To this
end, the required context is determined using matchpathcon(1) and
passed via the rootcontext mount option.

Additionally, if the mount source directory is created by mount-copybind
it also needs to take care that the context of the directory is correct

(From OE-Core rev: 57f51e8c73ab9f55f20815a9459c3afad2b281e6)

Signed-off-by: Tobias Kaufmann <Tobias.KA.Kaufmann@bmw.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-core/volatile-binds/files/mount-copybind

@@ -31,6 +31,13 @@ if [ -d "$mountpoint" ]; then
     else
         specdir_existed=no
         mkdir "$spec"
+        # If the $spec directory is created we need to take care that
+        # the selinux context is correct
+        if command -v selinuxenabled > /dev/null 2>&1; then
+            if selinuxenabled; then
+                restorecon "$spec"
+            fi
+        fi
     fi
 
     # Fast version of calculating `dirname ${spec}`/.`basename ${spec}`-work
@@ -39,7 +46,12 @@ if [ -d "$mountpoint" ]; then
 
     # Try to mount using overlay, which is must faster than copying files.
     # If that fails, fall back to slower copy.
-    if ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir" "$mountpoint" > /dev/null 2>&1; then
+    if command -v selinuxenabled > /dev/null 2>&1; then
+        if selinuxenabled; then
+            mountcontext=",rootcontext=$(matchpathcon -n $mountpoint)"
+        fi
+    fi
+    if ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir""$mountcontext" "$mountpoint" > /dev/null 2>&1; then
 
         if [ "$specdir_existed" != "yes" ]; then
             cp -aPR "$mountpoint"/. "$spec/"