2010/12/1 Eric Blake <eblake@xxxxxxxxxx>: > * src/security/security_selinux.c > (SELinuxRestoreSecurityFileLabel): Use selabel_lookup instead of > matchpathcon. > Suggested by Daniel Walsh. > --- > > Makes the huge difference that I originally thought I'd get with patch > 5/n earlier in the series. ÂBeforehand, when trying to start a single > kvm guest then stopping libvirtd, valgrind reports: > > ==5584== LEAK SUMMARY: > ==5584== Â Âdefinitely lost: 372 bytes in 13 blocks > ==5584== Â Âindirectly lost: 0 bytes in 0 blocks > ==5584== Â Â Âpossibly lost: 349 bytes in 18 blocks > > after, it reports: > > ==7803== LEAK SUMMARY: > ==7803== Â Âdefinitely lost: 412 bytes in 14 blocks > ==7803== Â Âindirectly lost: 839,126 bytes in 11,265 blocks > ==7803== Â Â Âpossibly lost: 349 bytes in 18 blocks > > Obviously, I still haven't plugged everything, but this works > around the fact that libselinux used __thread incorrectly for > matchpathcon() caching. > > Âsrc/security/security_selinux.c | Â 12 ++++++++---- > Â1 files changed, 8 insertions(+), 4 deletions(-) > ACK. Matthias -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list