[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 2/2] virSecurityManagerGenLabel: Skip seclabels without model

On 07/20/2013 07:40 AM, Doug Goldstein wrote:
> On Wed, Jul 17, 2013 at 5:10 AM, Daniel P. Berrange <berrange redhat com> wrote:
>> On Mon, Jul 15, 2013 at 03:58:28PM +0200, Michal Privoznik wrote:
>>> While generating seclabels, we check the seclabel stack if required
>>> driver is in the stack. If not, an error is returned. However, it is
>>> possible for a seclabel to not have any model set (happens with LXC
>>> domains that have just <seclabel type='none'>). If that's the case,
>>> we should just skip the iteration instead of calling STREQ(NULL, ...)
>>> and SIGSEGV-ing subsequently.
>>> ---
>>>  src/security/security_manager.c | 3 +++

>> ACK to this one too. Even though we can fix the LXC driver in your
>> first patch, adding this second patch is useful crash protection.
>> Regards,
>> Daniel
>> --
>> |: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
>> |: http://libvirt.org              -o-             http://virt-manager.org :|
>> |: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
>> |: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|
> Ok to push this into v1.1.0-maint as this fixes a crasher for users
> with this configuration? Should we also push the 1/2 patch?

Yes, go ahead and push both into v1.1.0-maint.

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]