Diffusion FreeBSD src repository 2d4c599e7d6a

vmm: Add credential to cdev object
2d4c599e7d6a
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

vmm: Add credential to cdev object

Add a credential to the cdev object in sysctl_vmm_create(), then check
that we have the correct credentials in sysctl_vmm_destroy(). This
prevents a process in one jail from opening or destroying the /dev/vmm
file corresponding to a VM in a sibling jail.

Add regression tests.

Reviewed by: jhb, markj
Sponsored by: The FreeBSD Foundation

(cherry picked from commit a85404906bc8f402318524b4ccd196712fc09fbd)

Details

Provenance

cyril_freebsdfoundation.org	Authored on Aug 18 2021, 5:41 PM
markj	Committed on Sep 1 2021, 1:07 PM

Parents

rG32d4139b3eb8: fsetown: Avoid process group lock recursion

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rG2d4c599e7d6a: vmm: Add credential to cdev object (authored by cyril_freebsdfoundation.org).Sep 1 2021, 1:07 PM

Changes (7)

Path

Size

etc/

mtree/

sys/

amd64/

vmm/

tests/

sys/

vmm_cred_jail.sh

rG2d4c599e7d6a

etc/mtree/BSD.tests.dist

Loading...

sys/amd64/vmm/vmm_dev.c

Loading...

tests/sys/Makefile

Loading...

tests/sys/vmm/Makefile

Loading...

tests/sys/vmm/utils.subr

Loading...

tests/sys/vmm/vmm_cred_jail.sh

Loading...