External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-10 14:57:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

lxcCapsInit: Allocate primary security driver unconditionally

Browse Source 
Currently, if the primary security driver is 'none', we skip
initializing caps->host.secModels. This means, later, when LXC domain
XML is parsed and <seclabel type='none'/> is found (see
virSecurityLabelDefsParseXML), the model name is not copied to the
seclabel. This leads to subsequent crash in virSecurityManagerGenLabel
where we call STREQ() over the model (note, that we are expecting model
to be !NULL).
(cherry picked from commit 37d96498c6)

Conflicts:
	src/lxc/lxc_conf.c
This commit is contained in:
Michal Privoznik 2013-07-15 15:36:04 +02:00 committed by Doug Goldstein
parent 7f72e6c37c
commit 06e612e9b1
1 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/lxc/lxc_conf.c
View File

@ -114,16 +114,15 @@ virCapsPtr lxcCapsInit(virLXCDriverPtr driver)
doi = virSecurityManagerGetDOI(driver->securityManager);
model = virSecurityManagerGetModel(driver->securityManager);
if (STRNEQ(model, "none")) {
/* Allocate just the primary security driver for LXC. */
if (VIR_ALLOC(caps->host.secModels) < 0)
goto no_memory;
caps->host.nsecModels = 1;
if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
goto error;
if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
goto error;
}
/* Allocate just the primary security driver for LXC. */
if (VIR_ALLOC(caps->host.secModels) < 0)
goto no_memory;
caps->host.nsecModels = 1;
if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
goto error;
if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
goto error;
VIR_DEBUG("Initialized caps for security driver \"%s\" with "
"DOI \"%s\"", model, doi);