
On Wed, Jan 17, 2024 at 04:13:30PM +0100, Peter Krempa wrote:
Locks in following text: A: virNetServer B: virNetServerClient C: daemonClientPrivate
'virNetServerSetClientAuthenticated' locks A then B
'remoteDispatchAuthPolkit' calls 'virNetServerSetClientAuthenticated' while holding C.
If a client closes its connection 'virNetServerProcessClients' with the lock A and B locked will call 'virNetServerClientCloseLocked' which will try to dispose of the 'client' private data by:
ref(b); unlock(b); remoteClientFreePrivateCallbacks(); lock(b); unref(b);
Unfortunately remoteClientFreePrivateCallbacks() tries lock C.
Thus the locks are held in the following order:
polkit auth: C -> A connection close: A -> C
causing a textbook-example deadlock. To resolve it we can simply drop lock 'C' before calling 'virNetServerSetClientAuthenticated' as the lock is not needed any more.
Resolves: https://issues.redhat.com/browse/RHEL-20337 Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>