[PATCH v3 3/3] qemu: gpu: Get pid without binary validation

Vasiliy Ulyanov vulyanov at suse.de
Wed Feb 2 16:28:17 UTC 2022


The binary validation in virPidFileReadPathIfAlive may fail with EACCES
if the calling process does not have CAP_SYS_PTRACE capability.
Therefore instead do only the check that the pidfile is locked by the
correct process.

Fixes the same issue as with swtpm.

Signed-off-by: Vasiliy Ulyanov <vulyanov at suse.de>
---
 src/qemu/qemu_vhost_user_gpu.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/qemu/qemu_vhost_user_gpu.c b/src/qemu/qemu_vhost_user_gpu.c
index ef198a4820..94e758f78d 100644
--- a/src/qemu/qemu_vhost_user_gpu.c
+++ b/src/qemu/qemu_vhost_user_gpu.c
@@ -20,6 +20,8 @@
 
 #include <config.h>
 
+#include <fcntl.h>
+
 #include "qemu_vhost_user_gpu.h"
 #include "qemu_vhost_user.h"
 #include "qemu_extdevice.h"
@@ -54,7 +56,6 @@ qemuVhostUserGPUCreatePidFilename(const char *stateDir,
 
 /*
  * qemuVhostUserGPUGetPid:
- * @binpath: path of executable associated with the pidfile
  * @stateDir: the directory where vhost-user-gpu writes the pidfile into
  * @shortName: short name of the domain
  * @alias: video device alias
@@ -65,8 +66,7 @@ qemuVhostUserGPUCreatePidFilename(const char *stateDir,
  * set to -1;
  */
 static int
-qemuVhostUserGPUGetPid(const char *binPath,
-                       const char *stateDir,
+qemuVhostUserGPUGetPid(const char *stateDir,
                        const char *shortName,
                        const char *alias,
                        pid_t *pid)
@@ -76,7 +76,7 @@ qemuVhostUserGPUGetPid(const char *binPath,
     if (!(pidfile = qemuVhostUserGPUCreatePidFilename(stateDir, shortName, alias)))
         return -1;
 
-    if (virPidFileReadPathIfAlive(pidfile, pid, binPath) < 0)
+    if (virPidFileReadPathIfLocked(pidfile, pid) < 0)
         return -1;
 
     return 0;
@@ -253,8 +253,7 @@ qemuExtVhostUserGPUSetupCgroup(virQEMUDriver *driver,
     if (!shortname)
         return -1;
 
-    rc = qemuVhostUserGPUGetPid(video->driver->vhost_user_binary,
-                                cfg->stateDir, shortname, video->info.alias, &pid);
+    rc = qemuVhostUserGPUGetPid(cfg->stateDir, shortname, video->info.alias, &pid);
     if (rc < 0 || (rc == 0 && pid == (pid_t)-1)) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("Could not get process id of vhost-user-gpu"));
-- 
2.34.1





More information about the libvir-list mailing list