| Summary: | Badly formated selinux policy file causes libvirtd to segfault | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Daniel Walsh <dwalsh> |
| Component: | libvirt | Assignee: | Libvirt Maintainers <libvirt-maint> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | berrange, clalancette, crobinso, itamar, jforbes, jyang, laine, libvirt-maint, veillard, virt-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-12-04 16:30:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Daniel Walsh
2013-10-29 17:41:13 UTC
2013-10-29 17:41:27.564+0000: 3490: info : lxcSecurityInit:1342 : lxcSecurityInit (null)
2013-10-29 17:41:27.564+0000: 3490: debug : virSecurityDriverLookup:58 : name=(null)
2013-10-29 17:41:27.564+0000: 3490: debug : virSecurityDriverLookup:69 : Probed name=selinux
2013-10-29 17:41:27.564+0000: 3490: debug : virSecurityManagerNewDriver:81 : drv=0x7fdcdfadfa80 (selinux) virtDriver=LXC allowDiskFormatProbing=0 defaultConfined=0 requireConfined=0
2013-10-29 17:41:27.564+0000: 3490: debug : virObjectNew:199 : OBJECT_NEW: obj=0x7fdcc01972a0 classname=virSecurityManagerClass
2013-10-29 17:41:27.564+0000: 3490: debug : virSecuritySELinuxInitialize:563 : SELinuxInitialize LXC
2013-10-29 17:41:27.565+0000: 3490: debug : virConfReadFile:748 : filename=/etc/selinux/targeted/contexts/lxc_contexts
2013-10-29 17:41:27.565+0000: 3490: debug : virFileClose:90 : Closed fd 20
2013-10-29 17:41:27.565+0000: 3490: error : virConfParseValue:524 : configuration file syntax error: /etc/selinux/targeted/contexts/lxc_contexts:1: expecting a value
2013-10-29 17:41:27.565+0000: 3490: error : virSecuritySELinuxLXCInitialize:421 : cannot open SELinux lxc contexts file '/etc/selinux/targeted/contexts/lxc_contexts': No such file or directory
2013-10-29 17:41:27.566+0000: 3490: debug : virObjectUnref:256 : OBJECT_UNREF: obj=0x7fdcc01972a0
2013-10-29 17:41:27.566+0000: 3490: debug : virObjectUnref:258 : OBJECT_DISPOSE: obj=0x7fdcc01972a0
====== end of log =====
Aborted (core dumped)
#0 0x00007f68e67f2199 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007f68e67f38a8 in __GI_abort () at abort.c:89
#2 0x00007f68e6833d84 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7f68e693f2f8 "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007f68e683b794 in malloc_printerr (ptr=<optimized out>, str=0x7f68e693b492 "free(): invalid pointer", action=3) at malloc.c:4956
#4 _int_free (av=0x7f68e6b7c760 <main_arena>, p=<optimized out>, have_lock=0) at malloc.c:3788
#5 0x00007f68e71b20c7 in selabel_close () from /lib64/libselinux.so.1
#6 0x00007f68e9eb4967 in virSecuritySELinuxSecurityDriverClose (mgr=<optimized out>) at security/security_selinux.c:811
#7 0x00007f68e9eb1263 in virSecurityManagerDispose (obj=0x7f68c8197460) at security/security_manager.c:236
#8 0x00007f68e9d1dbeb in virObjectUnref (anyobj=anyobj@entry=0x7f68c8197460) at util/virobject.c:262
#9 0x00007f68e9eb13df in virSecurityManagerNewDriver (drv=0x7f68ea1aba80 <virSecurityDriverSELinux>,
virtDriver=virtDriver@entry=0x7f68d1092871 "LXC", allowDiskFormatProbing=<optimized out>, defaultConfined=<optimized out>,
requireConfined=<optimized out>) at security/security_manager.c:99
#10 0x00007f68e9eb15a5 in virSecurityManagerNew (name=<optimized out>, virtDriver=virtDriver@entry=0x7f68d1092871 "LXC",
allowDiskFormatProbing=allowDiskFormatProbing@entry=false, defaultConfined=<optimized out>, requireConfined=<optimized out>)
at security/security_manager.c:186
#11 0x00007f68d108092c in lxcSecurityInit (cfg=0x7f68c8196320) at lxc/lxc_driver.c:1343
#12 lxcStateInitialize (privileged=<optimized out>, callback=<optimized out>, opaque=<optimized out>) at lxc/lxc_driver.c:1417
#13 0x00007f68e9daf0ba in virStateInitialize (privileged=true, callback=callback@entry=0x7f68ea7ed300 <daemonInhibitCallback>,
opaque=opaque@entry=0x7f68eada0540) at libvirt.c:834
#14 0x00007f68ea7ed35b in daemonRunStateInit (opaque=opaque@entry=0x7f68eada0540) at libvirtd.c:906
#15 0x00007f68e9d2e58e in virThreadHelper (data=<optimized out>) at util/virthreadpthread.c:161
#16 0x00007f68e6f920f3 in start_thread (arg=0x7f68cfa28700) at pthread_create.c:309
#17 0x00007f68e68b625d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
libvirt-daemon-1.1.3-2.fc21.x86_64 Libvirt obviously shouldn't crash, it should exit with a clear error message. At the same time though, SELinux policy must *not* change the config file format in this way. It has historically always used "..." in this file and must continue todo so. We don't support loading data without the "..." quotes. Right, we are shipping with quotes. I just had hand edited the file and left the quotes out. The crash was fixed upstream with this change, so is in 1.2.0 release now in rawhide
commit f1bdcb2be92b5545d5c33485431d7129a8098cd9
Author: Ján Tomko <jtomko>
Date: Tue Oct 1 13:15:12 2013 +0200
selinux: Only close the selabel_handle once
On selinux driver initialization failure (missing/incorrectly
formatted contexts file), selabel_handle was closed twice.
Introduced by 6159710.
|