Re: [libvirt] [PATCH] Remove re-entrant API call in SELinux/AppArmor security managers
On 02/11/2013 07:50 AM, Richard W.M. Jones wrote:
On Mon, Feb 11, 2013 at 02:26:15PM +0000, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange(a)redhat.com>
>
> The security manager drivers are not allowed to call back
> out to top level security manager APIs, since that results
> in recursive mutex acquisition and thus deadlock. Remove
> calls to virSecurityManagerGetModel from SELinux / AppArmor
> drivers
>
The patch causes the following warning:
security/security_selinux.c: In function
'virSecuritySELinuxSetSecurityProcessLabel':
security/security_selinux.c:1826:65: error: unused parameter 'mgr'
[-Werror=unused-parameter]
These can be fixed by adding ATTRIBUTE_UNUSED in the function signature.
I switched off warnings and compiled libvirt with the patch anyway,
and it fixed the problem for me (both libvirtd not being able to be
killed, and libvirtd not starting up the libguestfs appliance).
I concur with the patch; ACK with the warnings addressed.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 621 bytes)