lxcCapsInit: Allocate primary security driver unconditionally

Currently, if the primary security driver is 'none', we skip
initializing caps->host.secModels. This means, later, when LXC domain
XML is parsed and <seclabel type='none'/> is found (see
virSecurityLabelDefsParseXML), the model name is not copied to the
seclabel. This leads to subsequent crash in virSecurityManagerGenLabel
where we call STREQ() over the model (note, that we are expecting model
to be !NULL).
(cherry picked from commit 37d96498c6a9c3030bfad7dfbd273af5fbdd1845)

Conflicts:
	src/lxc/lxc_conf.c

diff --git a/src/lxc/lxc_conf.c b/src/lxc/lxc_conf.c
index 81a4a33a614b077f0e50be7095e84475da967265..5f7102ccf6b280685cddd5b0a5a732d2f2358bcb 100644 (file)
--- a/src/lxc/lxc_conf.c
+++ b/src/lxc/lxc_conf.c
@@ -114,16 +114,15 @@ virCapsPtr lxcCapsInit(virLXCDriverPtr driver)
 
         doi = virSecurityManagerGetDOI(driver->securityManager);
         model = virSecurityManagerGetModel(driver->securityManager);
-        if (STRNEQ(model, "none")) {
-            /* Allocate just the primary security driver for LXC. */
-            if (VIR_ALLOC(caps->host.secModels) < 0)
-                goto no_memory;
-            caps->host.nsecModels = 1;
-            if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
-                goto error;
-            if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
-                goto error;
-        }
+
+        /* Allocate just the primary security driver for LXC. */
+        if (VIR_ALLOC(caps->host.secModels) < 0)
+            goto no_memory;
+        caps->host.nsecModels = 1;
+        if (VIR_STRDUP(caps->host.secModels[0].model, model) < 0)
+            goto error;
+        if (VIR_STRDUP(caps->host.secModels[0].doi, doi) < 0)
+            goto error;
 
         VIR_DEBUG("Initialized caps for security driver \"%s\" with "
                   "DOI \"%s\"", model, doi);