qemu: Check if unpriv_sgio is already set before trying to set it

In case when libvirt runs inside a restricted container it may
not have enough permissions to modify unpriv_sgio. However, it
may have been set beforehand by sysadmin or an orchestration
tool. Therefore, let's check whether the currently set value is
the one we want and if it is refrain from writing to the file.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2010306
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 916a3d36ee5ccab1f1c65e544e5c7065bec4186a..0451bc70acb972cd1888d201b06723944211eeb5 100644 (file)
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -1878,9 +1878,17 @@ qemuSetUnprivSGIO(virDomainDeviceDef *dev)
      * whitelist is enabled.  But if requesting unfiltered access, always call
      * virSetDeviceUnprivSGIO, to report an error for unsupported unpriv_sgio.
      */
-    if ((virFileExists(sysfs_path) || val == 1) &&
-        virSetDeviceUnprivSGIO(path, NULL, val) < 0)
-        return -1;
+    if (virFileExists(sysfs_path) || val == 1) {
+        int curr_val;
+
+        if (virGetDeviceUnprivSGIO(path, NULL, &curr_val) < 0)
+            return -1;
+
+        if (curr_val != val &&
+            virSetDeviceUnprivSGIO(path, NULL, val) < 0) {
+            return -1;
+        }
+    }
 
     return 0;
 }