Page MenuHomeFreeBSD
Differential D12985

bhyve: don't try to capsicumise after failed open
ClosedPublic
Actions

Authored by kaktus on Nov 7 2017, 11:22 PM.
Tags
Referenced Files
Unknown Object (File)
Sun, Feb 16, 3:23 AM
Unknown Object (File)
Sun, Feb 16, 3:05 AM
Unknown Object (File)
Sat, Feb 15, 3:56 AM
Unknown Object (File)
Thu, Feb 6, 2:31 PM
Unknown Object (File)
Fri, Jan 24, 5:05 PM
Unknown Object (File)
Jan 20 2025, 12:04 AM
Unknown Object (File)
Jan 20 2025, 12:02 AM
Unknown Object (File)
Jan 18 2025, 10:15 PM
View All 44 Files
Subscribers
imp
trasz

Details

Reviewers
grehan
robak
emaste
mjg
Commits
rS325727: bhyve: avoid applying capsicum capabilities to file that was not opened
Summary

When user specifies -l option and the target file can't be opened (ie. nmdm module isn't loaded and /dev/nmdm* is specified) bhyve tries to apply capabilities to not open file. Enclose that part in an if statement and only run it on correctly opened descriptor and in case of error provide meaningful message about the problem.

Test Plan

After applying this patch, specifying non existing file (or not loading nmdm) to -l option should effect in

Unable to initialize backend '/dev/asdf' for LPC device COM1

instead of

Unable to apply rights for sandbox

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kaktus created this revision.Nov 7 2017, 11:22 PM
Herald added a subscriber: imp. · View Herald TranscriptNov 7 2017, 11:22 PM
kaktus edited the summary of this revision. (Show Details)Nov 7 2017, 11:56 PM
trasz added a subscriber: trasz.Nov 8 2017, 1:59 PM
trasz added inline comments.
usr.sbin/bhyve/uart_emul.c
693 ↗(On Diff #34905)

Use err(), perhaps, to not hide the error string?

kaktus added inline comments.Nov 9 2017, 2:33 PM
usr.sbin/bhyve/uart_emul.c
693 ↗(On Diff #34905)

Although I'm not saying no to this, it'll not help much in this case.
If @grehan will be interested I can prepare separate patch and replace all occurrences of errx with err in the capsicum cases.

grehan accepted this revision.Nov 9 2017, 2:40 PM

Thanks for this patch.

The err vs errx can be a separate discussion.

This revision is now accepted and ready to land.Nov 9 2017, 2:40 PM
emaste accepted this revision.Nov 9 2017, 2:41 PM
emaste added inline comments.
usr.sbin/bhyve/uart_emul.c
693 ↗(On Diff #34905)

I agree that such a change ought to be a separate patch, but also agree it is probably not valuable to have the error.

robak added a comment.Nov 9 2017, 2:52 PM

@grehan @emaste thanks for review guys, will commit it asap!

Closed by commit rS325727: bhyve: avoid applying capsicum capabilities to file that was not opened (authored by robak). · Explain WhyNov 11 2017, 10:50 PM
This revision was automatically updated to reflect the committed changes.
robak mentioned this in rS325727: bhyve: avoid applying capsicum capabilities to file that was not opened.

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
bhyve/
24 lines

Diff 35130

View Options

head/usr.sbin/bhyve/uart_emul.c

Loading...