|
|
404507 |
From 5bb56c9849bdef1f7108895a20a9f348107dbfb2 Mon Sep 17 00:00:00 2001
|
|
|
404507 |
Message-Id: <5bb56c9849bdef1f7108895a20a9f348107dbfb2@dist-git>
|
|
|
404507 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
404507 |
Date: Wed, 6 Dec 2017 12:11:17 -0500
|
|
|
404507 |
Subject: [PATCH] nwfilter: don't crash listing filters in unprivileged daemon
|
|
|
404507 |
|
|
|
404507 |
https://bugzilla.redhat.com/show_bug.cgi?id=1522879
|
|
|
404507 |
|
|
|
404507 |
The unprivileged libvirtd does not support nwfilter config, by leaves the
|
|
|
404507 |
driver active. It is supposed to result in all APIs being an effective
|
|
|
404507 |
no-op, but several APIs rely on driver->nwfilters being non-NULL, or they
|
|
|
404507 |
will reference a NULL pointer. Rather than adding checks for NULL in many
|
|
|
404507 |
places, just make sure driver->nwfilters is always initialized.
|
|
|
404507 |
|
|
|
404507 |
Reviewed-by: John Ferlan <jferlan@redhat.com>
|
|
|
404507 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
404507 |
(cherry picked from commit 7993554f70fd8d512dfde484490bcd1601b60b33)
|
|
|
404507 |
Signed-off-by: John Ferlan <jferlan@redhat.com>
|
|
|
404507 |
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
404507 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
404507 |
---
|
|
|
404507 |
src/nwfilter/nwfilter_driver.c | 12 ++++++------
|
|
|
404507 |
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
|
404507 |
|
|
|
404507 |
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
|
|
|
404507 |
index 2f9a51c405..885dbcc282 100644
|
|
|
404507 |
--- a/src/nwfilter/nwfilter_driver.c
|
|
|
404507 |
+++ b/src/nwfilter/nwfilter_driver.c
|
|
|
404507 |
@@ -189,6 +189,8 @@ nwfilterStateInitialize(bool privileged,
|
|
|
404507 |
/* remember that we are going to use firewalld */
|
|
|
404507 |
driver->watchingFirewallD = (sysbus != NULL);
|
|
|
404507 |
driver->privileged = privileged;
|
|
|
404507 |
+ if (!(driver->nwfilters = virNWFilterObjListNew()))
|
|
|
404507 |
+ goto error;
|
|
|
404507 |
|
|
|
404507 |
if (!privileged)
|
|
|
404507 |
return 0;
|
|
|
404507 |
@@ -244,9 +246,6 @@ nwfilterStateInitialize(bool privileged,
|
|
|
404507 |
goto error;
|
|
|
404507 |
}
|
|
|
404507 |
|
|
|
404507 |
- if (!(driver->nwfilters = virNWFilterObjListNew()))
|
|
|
404507 |
- goto error;
|
|
|
404507 |
-
|
|
|
404507 |
if (virNWFilterObjListLoadAllConfigs(driver->nwfilters, driver->configDir) < 0)
|
|
|
404507 |
goto error;
|
|
|
404507 |
|
|
|
404507 |
@@ -271,6 +270,7 @@ nwfilterStateInitialize(bool privileged,
|
|
|
404507 |
virNWFilterIPAddrMapShutdown();
|
|
|
404507 |
|
|
|
404507 |
err_free_driverstate:
|
|
|
404507 |
+ virNWFilterObjListFree(driver->nwfilters);
|
|
|
404507 |
VIR_FREE(driver);
|
|
|
404507 |
|
|
|
404507 |
return -1;
|
|
|
404507 |
@@ -349,13 +349,13 @@ nwfilterStateCleanup(void)
|
|
|
404507 |
|
|
|
404507 |
nwfilterDriverRemoveDBusMatches();
|
|
|
404507 |
|
|
|
404507 |
- /* free inactive nwfilters */
|
|
|
404507 |
- virNWFilterObjListFree(driver->nwfilters);
|
|
|
404507 |
-
|
|
|
404507 |
VIR_FREE(driver->configDir);
|
|
|
404507 |
nwfilterDriverUnlock();
|
|
|
404507 |
}
|
|
|
404507 |
|
|
|
404507 |
+ /* free inactive nwfilters */
|
|
|
404507 |
+ virNWFilterObjListFree(driver->nwfilters);
|
|
|
404507 |
+
|
|
|
404507 |
virMutexDestroy(&driver->lock);
|
|
|
404507 |
VIR_FREE(driver);
|
|
|
404507 |
|
|
|
404507 |
--
|
|
|
404507 |
2.15.1
|
|
|
404507 |
|