Re: [libvirt] [PATCH] security: fix deadlock with prefork
On 07/19/2013 09:11 AM, Daniel P. Berrange wrote:
On Fri, Jul 19, 2013 at 09:09:40AM -0600, Eric Blake wrote:
> Attempts to start a domain with both SELinux and DAC security
> modules loaded will deadlock; latent problem introduced in commit
> fdb3bde and exposed in commit 29fe5d7. Basically, when recursing
> into the security manager for other driver's prefork, we have to
> undo the asymmetric lock taken at the manager level.
>
> Reported by Jiri Denemark, with diagnosis help from Dan Berrange.
>
> * src/security/security_stack.c (virSecurityStackPreFork): Undo
> extra lock grabbed during recursion.
ACK
Thanks, and sorry for the breakage (serves me right for not testing the
stack driver closely enough).
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 621 bytes)