Differential D54740

vmm: Add privilege checks to vmmctl operations
Needs ReviewPublic
Actions

Authored by markj on Fri, Jan 16, 4:29 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sat, Jan 17, 10:40 PM

	Unknown Object (File)
	Sat, Jan 17, 3:31 AM

	Unknown Object (File)
	Sat, Jan 17, 1:51 AM

	Unknown Object (File)
	Sat, Jan 17, 1:39 AM

	Unknown Object (File)
	Fri, Jan 16, 10:55 PM

	Unknown Object (File)
	Fri, Jan 16, 8:07 PM

	Unknown Object (File)
	Fri, Jan 16, 7:32 PM

Subscribers

Details

Reviewers

Group Reviewers

Summary

In preparation for supporting creation of VMs by unprivileged users, add
some restrictions:

Disallow creation of non-transient VMs by unprivileged users. That is, if an unprivileged user creates a VM, the VM must be destroyed automatically once the last fd referencing it is gone.
Disallow destroying VMs created by a different user, unless the caller has the PRIV_VMM_DESTROY privilege.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 69925
Build 66808: arc lint + arc unit

Event Timeline

markj created this revision.Fri, Jan 16, 4:29 PM

Herald added a subscriber: imp. · View Herald TranscriptFri, Jan 16, 4:29 PM

markj requested review of this revision.Fri, Jan 16, 4:29 PM

markj added a parent revision: D54739: bhyve: Don't log a warning when we fail to open /dev/pci.

markj added a child revision: D54741: vmm: Enable unprivileged bhyve.

Harbormaster completed remote builds in B69925: Diff 169856.Fri, Jan 16, 4:29 PM

Revision Contents
Changeset List

Path

Size

sys/

dev/

vmm/

21 lines

sys/

8 lines

Diff 169856

sys/dev/vmm/vmm_dev.c

Loading...

sys/sys/priv.h

Loading...