From c4953075571ed2d3710f248eb4fe08fd17f90360 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Mon, 9 Dec 2019 23:17:37 +0100
Subject: [PATCH] fix: has_vmm: ignore kernel threads when looking for a
 hypervisor (fixes #278)

---
 spectre-meltdown-checker.sh | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 57ab332..0a9d125 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -3051,10 +3051,22 @@ check_has_vmm()
 		if command -v pgrep >/dev/null 2>&1; then
 			# remove xenbus and xenwatch, also present inside domU
 			# remove libvirtd as it can also be used to manage containers and not VMs
-			if pgrep qemu >/dev/null || pgrep kvm >/dev/null || \
-				pgrep xenstored >/dev/null || pgrep xenconsoled >/dev/null; then
-				has_vmm=1
-			fi
+			# for each binary we want to grep, get the pids
+			for _binary in qemu kvm xenstored xenconsoled
+			do
+				for _pid in $(pgrep $_binary)
+				do
+					# resolve the exe symlink, if it doesn't resolve with -m,
+					# which doesn't even need the dest to exist, it means the symlink
+					# is null, which is the case for kernel threads: ignore those to
+					# avoid false positives (such as [kvm-irqfd-clean] under at least RHEL 7.6/7.7)
+					if ! [ "$(readlink -m "/proc/$_pid/exe")" = "/proc/$_pid/exe" ]; then
+						_debug "has_vmm: found PID $_pid"
+						has_vmm=1
+					fi
+				done
+			done
+			unset _binary _pid
 		else
 			# ignore SC2009 as `ps ax` is actually used as a fallback if `pgrep` isn't installed
 			# shellcheck disable=SC2009