rtsold: Extend casper to support various interface operations
AcceptedPublic
Actions

Authored by markj on Apr 18 2021, 6:36 PM.

Details

Reviewers

oshogbo
bz

Group Reviewers

capsicum

Summary

I recently changed the kernel to disallow network interface ioctls when
in capability mode. I overlooked the fact that rtsold may periodically
attempt to bring up an interface and fetch link info. This change
extends the cap_llflags service to support the required operations, and
renames the service to cap_if.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 38683
Build 35572: arc lint + arc unit

Event Timeline

markj created this revision.Apr 18 2021, 6:36 PM

Herald added a subscriber: imp. · View Herald TranscriptApr 18 2021, 6:36 PM

markj requested review of this revision.Apr 18 2021, 6:36 PM

Harbormaster completed remote builds in B38671: Diff 87666.Apr 18 2021, 6:36 PM

I plan to rename cap_llflags.c to cap_if.c, but didn't do that in this review since otherwise git diff shows cap_if.c as a newly added file.

Fix command name.

Harbormaster completed remote builds in B38672: Diff 87667.Apr 18 2021, 6:40 PM

after this change rtsold does not complain anymore on an ioctl now allowed in capmode, but now rtsol is stuck on kread blocking the netif service I had to ctrl-c it to have it working

Correct the casper command name used in cap_llflags_get().

Harbormaster completed remote builds in B38683: Diff 87709.Apr 19 2021, 1:58 PM

In D29824#669436, @bapt wrote:

after this change rtsold does not complain anymore on an ioctl now allowed in capmode, but now rtsol is stuck on kread blocking the netif service I had to ctrl-c it to have it working

Thanks, the latest update should fix it.

I have not reviewed; I can only say the error is gone when I apply the latest change and rtsol seems to be running fine.

In general it's a great work.
Minor requests.

usr.sbin/rtsold/cap_llflags.c
72	New line?
321	Maybe to simplify code we can do: return (return_errno(ifmedia_get(ifname, ifmr))); And in the` if_command`: error = fflags_get(ifname, &flags); if (error != 0) nvlist_add_number(nvlout, "flags", flags); or I'm not sure if this actually would simplify it.
342	I like this pattern.
376	New line?
usr.sbin/rtsold/rtsold.c
259	Can't you pass argc and just do nvlist_add_string_array ? This would limit memory shuffling.

This revision is now accepted and ready to land.May 19 2021, 9:44 PM

emaste added a subscriber: emaste.May 20 2021, 2:51 AM

emaste added inline comments.

usr.sbin/rtsold/cap_llflags.c
72	style(9) doesn't demand it anymore

oshogbo added inline comments.May 20 2021, 9:03 AM

usr.sbin/rtsold/cap_llflags.c
72	Oh I didn't notice that this has changed. Thanks!

What's the status on this? Is it currently needed in HEAD? If the other bits might be fixed in HEAD (for now) will this still go in? I have it in a dev-tree and just wonder if I should keep it or ditch it?

In D29824#683732, @bz wrote:

What's the status on this? Is it currently needed in HEAD? If the other bits might be fixed in HEAD (for now) will this still go in? I have it in a dev-tree and just wonder if I should keep it or ditch it?

It is not needed anymore, as I reverted part of the kernel commit which necessitates this change. So it should be ok to drop it.

I am not sure whether to go ahead with this patch. It's probably still a good idea to move network configuration into a casper process.