On Fri, Aug 13, 2010 at 04:59:30PM -0500, Jamie Strandboge wrote:
Attached is 0002-apparmor-chardev.patch
-- Jamie Strandboge | http://www.canonical.com
Author: Jamie Strandboge <jamie@canonical.com> Description: fix serial ports, parallel ports and channels Forwarded: yes Bug-Ubuntu: LP: #578527, LP: #609055
Index: libvirt-0.8.3/src/security/virt-aa-helper.c =================================================================== --- libvirt-0.8.3.orig/src/security/virt-aa-helper.c 2010-08-12 12:00:04.000000000 -0500 +++ libvirt-0.8.3/src/security/virt-aa-helper.c 2010-08-12 12:00:04.000000000 -0500 @@ -877,13 +877,27 @@ for (i = 0; i < ctl->def->nserials; i++) if (ctl->def->serials[i] && ctl->def->serials[i]->data.file.path) if (vah_add_file(&buf, - ctl->def->serials[i]->data.file.path, "w") != 0) + ctl->def->serials[i]->data.file.path, "rw") != 0) goto clean;
if (ctl->def->console && ctl->def->console->data.file.path) - if (vah_add_file(&buf, ctl->def->console->data.file.path, "w") != 0) + if (vah_add_file(&buf, ctl->def->console->data.file.path, "rw") != 0) goto clean;
+ for (i = 0 ; i < ctl->def->nparallels; i++) + if (ctl->def->parallels[i] && ctl->def->parallels[i]->data.file.path) + if (vah_add_file(&buf, + ctl->def->parallels[i]->data.file.path, + "rw") != 0) + goto clean; + + for (i = 0 ; i < ctl->def->nchannels; i++) + if (ctl->def->channels[i] && ctl->def->channels[i]->data.file.path) + if (vah_add_file(&buf, + ctl->def->channels[i]->data.file.path, + "rw") != 0) + goto clean;
You can't blindly de-reference data.file.path - The 'file' struct is inside a union and is only valid for certain types of character device VIR_DOMAIN_CHR_TYPE_PTY, TYPE_DEV, TYPE_FILE and TYPE_PIPE. The existing code for serial devices is broken too & can crash due to this Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|