[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 17/19] vircgroupv2: detech BPF program before removing cgroup



This function simply removes program from guest cgroup before we remove
the cgroup.  This is required step because there is a bug [1] in kernel
where the program might not be properly freed if you remove cgroup with
attached program.

[1] <https://bugzilla.redhat.com/show_bug.cgi?id=1656432>

Signed-off-by: Pavel Hrdina <phrdina redhat com>
---
 src/util/vircgroupv2.c | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/src/util/vircgroupv2.c b/src/util/vircgroupv2.c
index e28703df89..0a4aa15d0b 100644
--- a/src/util/vircgroupv2.c
+++ b/src/util/vircgroupv2.c
@@ -1954,19 +1954,44 @@ virCgroupV2DevicePrepareProg(virCgroupPtr group)
 static int
 virCgroupV2DeviceRemoveProg(virCgroupPtr group)
 {
+    int ret = -1;
+    int cgroupfd = -1;
+    VIR_AUTOFREE(char *) path = NULL;
+
     if (virCgroupV2DeviceDetectProg(group) < 0)
         return -1;
 
     if (group->unified.devices.progfd <= 0 && group->unified.devices.mapfd <= 0)
         return 0;
 
+    if (virCgroupV2PathOfController(group, VIR_CGROUP_CONTROLLER_DEVICES,
+                                    NULL, &path) < 0) {
+        return -1;
+    }
+
+    cgroupfd = open(path, O_RDONLY);
+    if (cgroupfd < 0) {
+        virReportSystemError(errno, _("unable to open '%s'"), path);
+        goto cleanup;
+    }
+
+    if (virBPFDetachProg(group->unified.devices.progfd,
+                         cgroupfd, BPF_CGROUP_DEVICE) < 0) {
+        virReportSystemError(errno, "%s", _("failed to detach cgroup BPF prog"));
+        goto cleanup;
+    }
+
     if (group->unified.devices.mapfd >= 0)
         VIR_FORCE_CLOSE(group->unified.devices.mapfd);
 
     if (group->unified.devices.progfd >= 0)
         VIR_FORCE_CLOSE(group->unified.devices.progfd);
 
-    return 0;
+    ret = 0;
+
+ cleanup:
+    VIR_FORCE_CLOSE(cgroupfd);
+    return ret;
 }
 
 
-- 
2.20.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]