Re: [libvirt] [PATCH] Fix crash in DAC driver with no seclabels
On 05/19/2014 02:59 PM, Ján Tomko wrote:
With dynamic_ownership = 1 but no seclabels, RestoreChardevLabel
dereferences the NULL seclabel when checking if norelabel is set.
Uh, ACK :-) (Since this patch allows a newly rebuilt libvirtd to once
again startup without an immediate crash)
Remove this check, since it is already done in RestoreSecurityAllLabel
and if norelabel is set, RestoreChardevLabel is never called.
---
src/security/security_dac.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 05303e7..00f47cb 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -768,22 +768,19 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
static int
virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
- virDomainDefPtr def,
+ virDomainDefPtr def ATTRIBUTE_UNUSED,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
- virSecurityLabelDefPtr seclabel;
virSecurityDeviceLabelDefPtr chr_seclabel = NULL;
char *in = NULL, *out = NULL;
int ret = -1;
- seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
-
if (dev)
chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
SECURITY_DAC_NAME);
- if (seclabel->norelabel || (chr_seclabel && chr_seclabel->norelabel))
+ if (chr_seclabel && chr_seclabel->norelabel)
return 0;
switch ((enum virDomainChrType) dev_source->type) {