[libvirt] [PATCH] security: selinux: Fix crash when releasing non-existent label

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This can be triggered by the qemuStartVMDaemon cleanup path if a
VM references a non-existent USB device (by product) in the XML.

Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx>
---
 src/security/security_selinux.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 975b315..6680e2d 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -632,7 +632,8 @@ SELinuxReleaseSecurityLabel(virDomainObjPtr vm)
 {
     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
 
-    if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC)
+    if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC ||
+        secdef->label == NULL)
         return 0;
 
     context_t con = context_new(secdef->label);
-- 
1.6.6.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]