Page MenuHomeFreeBSD
Files F157454359

D54740.diff
No OneTemporary
Actions

D54740.diff
View Options

diff --git a/sys/dev/vmm/vmm_dev.c b/sys/dev/vmm/vmm_dev.c
--- a/sys/dev/vmm/vmm_dev.c
+++ b/sys/dev/vmm/vmm_dev.c
@@ -898,6 +898,7 @@
{
struct cdev *cdev;
struct vmmdev_softc *sc;
+ int error;
sx_xlock(&vmmdev_mtx);
sc = vmmdev_lookup(name, cred);
@@ -906,6 +907,16 @@
return (EINVAL);
}
+ /*
+ * Only the creator of a VM or a privileged user can destroy it.
+ */
+ if ((cred->cr_uid != sc->ucred->cr_uid ||
+ cred->cr_prison != sc->ucred->cr_prison) &&
+ (error = priv_check_cred(cred, PRIV_VMM_DESTROY)) != 0) {
+ sx_xunlock(&vmmdev_mtx);
+ return (error);
+ }
+
/*
* Setting 'sc->cdev' to NULL is used to indicate that the VM
* is scheduled for destruction.
@@ -992,6 +1003,16 @@
return (EEXIST);
}
+ /*
+ * Unprivileged users can only create VMs that will be automatically
+ * destroyed when the creating descriptor is closed.
+ */
+ if ((flags & VMMCTL_CREATE_DESTROY_ON_CLOSE) == 0 &&
+ (error = priv_check_cred(cred, PRIV_VMM_CREATE)) != 0) {
+ sx_xunlock(&vmmdev_mtx);
+ return (error);
+ }
+
if (!chgvmmcnt(cred->cr_ruidinfo, 1, vm_maxvmms)) {
sx_xunlock(&vmmdev_mtx);
return (ENOMEM);
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -539,11 +539,13 @@
* vmm privileges.
*/
#define PRIV_VMM_PPTDEV 710 /* Can manipulate ppt devices. */
+#define PRIV_VMM_CREATE 711 /* Can create non-temporal VMs. */
+#define PRIV_VMM_DESTROY 712 /* Can destroy other users' VMs. */
/*
* Track end of privilege list.
*/
-#define _PRIV_HIGHEST 711
+#define _PRIV_HIGHEST 713
/*
* Validate that a named privilege is known by the privilege system. Invalid

File Metadata

Mime Type
text/plain
Expires
Fri, May 22, 3:31 PM (16 h, 44 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
33424035
Default Alt Text
D54740.diff (1 KB)

Event Timeline