[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Remove re-entrant API call in SELinux/AppArmor security managers



On 02/11/2013 07:50 AM, Richard W.M. Jones wrote:
> On Mon, Feb 11, 2013 at 02:26:15PM +0000, Daniel P. Berrange wrote:
>> From: "Daniel P. Berrange" <berrange redhat com>
>>
>> The security manager drivers are not allowed to call back
>> out to top level security manager APIs, since that results
>> in recursive mutex acquisition and thus deadlock. Remove
>> calls to virSecurityManagerGetModel from SELinux / AppArmor
>> drivers
>>

> 
> The patch causes the following warning:
> 
> security/security_selinux.c: In function 'virSecuritySELinuxSetSecurityProcessLabel':
> security/security_selinux.c:1826:65: error: unused parameter 'mgr' [-Werror=unused-parameter]

These can be fixed by adding ATTRIBUTE_UNUSED in the function signature.

> I switched off warnings and compiled libvirt with the patch anyway,
> and it fixed the problem for me (both libvirtd not being able to be
> killed, and libvirtd not starting up the libguestfs appliance).

I concur with the patch; ACK with the warnings addressed.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]