lxcCapsInit: Allocate primary security driver unconditionally

Currently, if the primary security driver is 'none', we skip
initializing caps->host.secModels. This means, later, when LXC domain
XML is parsed and <seclabel type='none'/> is found (see
virSecurityLabelDefsParseXML), the model name is not copied to the
seclabel. This leads to subsequent crash in virSecurityManagerGenLabel
where we call STREQ() over the model (note, that we are expecting model
to be !NULL).

diff --git a/src/lxc/lxc_conf.c b/src/lxc/lxc_conf.c
index 4e859c5f1f17c21342235a71a3b596808770db83..78b155993a840b48cb097606dec24661f87f4780 100644 (file)
--- a/src/lxc/lxc_conf.c
+++ b/src/lxc/lxc_conf.c
@@ -114,16 +114,14 @@ virCapsPtr lxcCapsInit(virLXCDriverPtr driver)
 
         doi = virSecurityManagerGetDOI(driver->securityManager);
         model = virSecurityManagerGetModel(driver->securityManager);
-        if (STRNEQ(model, "none")) {
-            /* Allocate just the primary security driver for LXC. */
-            if (VIR_ALLOC(caps->host.secModels) < 0)
-                goto error;
-            caps->host.nsecModels = 1;
-            if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
-                goto error;
-            if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
-                goto error;
-        }
+        /* Allocate the primary security driver for LXC. */
+        if (VIR_ALLOC(caps->host.secModels) < 0)
+            goto error;
+        caps->host.nsecModels = 1;
+        if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
+            goto error;
+        if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
+            goto error;
 
         VIR_DEBUG("Initialized caps for security driver \"%s\" with "
                   "DOI \"%s\"", model, doi);