From f4d7ca62a4d05868f5e0c551fde9b2122f2fe424 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 20 Sep 2018 14:22:13 +0200
Subject: [PATCH] security: Grab a reference to virSecurityManager for
 transactions

This shouldn't be needed per-se. Security manager shouldn't
disappear during transactions - it's immutable. However, it
doesn't hurt to grab a reference either - transaction code uses
it after all.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/security/security_dac.c     | 5 +++--
 src/security/security_selinux.c | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 2dbaf29ff5..5aea386e7c 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -141,6 +141,7 @@ virSecurityDACChownListFree(void *opaque)
         VIR_FREE(list->items[i]);
     }
     VIR_FREE(list->items);
+    virObjectUnref(list->manager);
     VIR_FREE(list);
 }
 
@@ -511,12 +512,12 @@ virSecurityDACTransactionStart(virSecurityManagerPtr mgr)
     if (VIR_ALLOC(list) < 0)
         return -1;
 
-    list->manager = mgr;
+    list->manager = virObjectRef(mgr);
 
     if (virThreadLocalSet(&chownList, list) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to set thread local variable"));
-        VIR_FREE(list);
+        virSecurityDACChownListFree(list);
         return -1;
     }
 
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 015abc29f5..467d1e6bfe 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -157,6 +157,7 @@ virSecuritySELinuxContextListFree(void *opaque)
         virSecuritySELinuxContextItemFree(list->items[i]);
 
     VIR_FREE(list->items);
+    virObjectUnref(list->manager);
     VIR_FREE(list);
 }
 
@@ -1055,12 +1056,12 @@ virSecuritySELinuxTransactionStart(virSecurityManagerPtr mgr)
     if (VIR_ALLOC(list) < 0)
         return -1;
 
-    list->manager = mgr;
+    list->manager = virObjectRef(mgr);
 
     if (virThreadLocalSet(&contextList, list) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to set thread local variable"));
-        VIR_FREE(list);
+        virSecuritySELinuxContextListFree(list);
         return -1;
     }
 
-- 
GitLab