Bug 997818
Summary: | [LXC] crash of libvirtd with 'none' type security label | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Alex Jia <ajia> |
Component: | libvirt | Assignee: | Michal Privoznik <mprivozn> |
Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.6 | CC: | acathrow, cwei, dyuan, lsu, weizhan |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libvirt-0.10.2-23.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-21 09:08:46 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Alex Jia
2013-08-16 09:07:44 UTC
Fixed upstream: commit ba44dd2453d486e9eb8c6204f8d7c31d07007d8f Author: Michal Privoznik <mprivozn> AuthorDate: Mon Jul 15 15:50:29 2013 +0200 Commit: Michal Privoznik <mprivozn> CommitDate: Wed Jul 17 12:36:47 2013 +0200 virSecurityManagerGenLabel: Skip seclabels without model While generating seclabels, we check the seclabel stack if required driver is in the stack. If not, an error is returned. However, it is possible for a seclabel to not have any model set (happens with LXC domains that have just <seclabel type='none'>). If that's the case, we should just skip the iteration instead of calling STREQ(NULL, ...) and SIGSEGV-ing subsequently. Backported: http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-August/msg01142.html Hence moving to POST. Verified this one with libvirt-0.10.2-23.el6.x86_64 kernel-2.6.32-358.20.1.el6.x86_64 1.Reproduced with libvirt -22 version 2.Because of Bug 984597 , i used 6.4.z's kernel 3.Because of Bug 904951 , the lxc start too slow if setenforce 1. Same steps with comment 0 , libvirtd not crashed and no error log in libvirtd.log with the latest build , so set VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1581.html |