[systemd-devel] [PATCH] selinux: fix SEGV during switch-root if SELinux policy loaded
Will Woods
wwoods at redhat.com
Fri Mar 13 14:24:46 PDT 2015
If you've got SELinux policy loaded, label_hnd is your labeling handle.
When systemd is shutting down, we free that handle via mac_selinux_finish().
But: switch_root() calls mkdir_p_label(), which tries to look up a label
using that freed handle, and so we get a bunch of garbage and eventually
SEGV in libselinux.
(This doesn't happen in the switch-root from initramfs to real root because
there's no SELinux policy loaded in initramfs, so label_hnd is NULL and we
never attempt any lookups.)
So: make sure that mac_selinux_finish() actually sets label_hnd to NULL, so
nobody tries to use it after it becomes invalid.
Resolves: RHBZ#1185604
---
src/shared/selinux-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c
index a8d5fc4..7c58985 100644
--- a/src/shared/selinux-util.c
+++ b/src/shared/selinux-util.c
@@ -116,6 +116,7 @@ void mac_selinux_finish(void) {
return;
selabel_close(label_hnd);
+ label_hnd = NULL;
#endif
}
--
2.1.0
More information about the systemd-devel
mailing list