I recently changed the kernel to disallow network interface ioctls when
in capability mode. I overlooked the fact that rtsold may periodically
attempt to bring up an interface and fetch link info. This change
extends the cap_llflags service to support the required operations, and
renames the service to cap_if.
Details
Diff Detail
- Repository
- rS FreeBSD src repository - subversion
- Lint
Lint Passed - Unit
No Test Coverage - Build Status
Buildable 38683 Build 35572: arc lint + arc unit
Event Timeline
I plan to rename cap_llflags.c to cap_if.c, but didn't do that in this review since otherwise git diff shows cap_if.c as a newly added file.
after this change rtsold does not complain anymore on an ioctl now allowed in capmode, but now rtsol is stuck on kread blocking the netif service I had to ctrl-c it to have it working
I have not reviewed; I can only say the error is gone when I apply the latest change and rtsol seems to be running fine.
In general it's a great work.
Minor requests.
usr.sbin/rtsold/cap_llflags.c | ||
---|---|---|
72 | New line? | |
321 | Maybe to simplify code we can do: return (return_errno(ifmedia_get(ifname, ifmr))); And in the` if_command`: error = fflags_get(ifname, &flags); if (error != 0) nvlist_add_number(nvlout, "flags", flags); or I'm not sure if this actually would simplify it. | |
342 | I like this pattern. | |
376 | New line? | |
usr.sbin/rtsold/rtsold.c | ||
259 | Can't you pass argc and just do nvlist_add_string_array ? This would limit memory shuffling. |
usr.sbin/rtsold/cap_llflags.c | ||
---|---|---|
72 | style(9) doesn't demand it anymore |
usr.sbin/rtsold/cap_llflags.c | ||
---|---|---|
72 | Oh I didn't notice that this has changed. Thanks! |
What's the status on this? Is it currently needed in HEAD? If the other bits might be fixed in HEAD (for now) will this still go in? I have it in a dev-tree and just wonder if I should keep it or ditch it?
It is not needed anymore, as I reverted part of the kernel commit which necessitates this change. So it should be ok to drop it.
I am not sure whether to go ahead with this patch. It's probably still a good idea to move network configuration into a casper process.