Date: Fri, 3 May 2019 00:20:03 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r347036 - stable/11/usr.sbin/bhyve Message-ID: <201905030020.x430K3Hb016053@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Fri May 3 00:20:02 2019 New Revision: 347036 URL: https://svnweb.freebsd.org/changeset/base/347036 Log: MFC 325727: bhyve: avoid applying capsicum capabilities to file that was not opened When using -l option targeting file that can't be opened (ie. nmdm module is not loaded and /dev/nmdm* is specified) bhyve tries to apply capsicum capabilities to a file that was not opened. Enclose that code in an if statement and only run it on correctly opened descriptor also providing meaningful message in case of an error. Modified: stable/11/usr.sbin/bhyve/uart_emul.c Directory Properties: stable/11/ (props changed) Modified: stable/11/usr.sbin/bhyve/uart_emul.c ============================================================================== --- stable/11/usr.sbin/bhyve/uart_emul.c Fri May 3 00:02:07 2019 (r347035) +++ stable/11/usr.sbin/bhyve/uart_emul.c Fri May 3 00:20:02 2019 (r347036) @@ -680,25 +680,35 @@ uart_set_backend(struct uart_softc *sc, const char *op if (retval == 0) retval = fcntl(sc->tty.fd, F_SETFL, O_NONBLOCK); + if (retval == 0) { #ifndef WITHOUT_CAPSICUM - cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, CAP_WRITE); - if (cap_rights_limit(sc->tty.fd, &rights) == -1 && errno != ENOSYS) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 && errno != ENOSYS) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - if (!uart_stdio) { - cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, CAP_IOCTL, CAP_READ); - if (cap_rights_limit(STDIN_FILENO, &rights) == -1 && errno != ENOSYS) + cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, + CAP_WRITE); + if (cap_rights_limit(sc->tty.fd, &rights) == -1 && + errno != ENOSYS) errx(EX_OSERR, "Unable to apply rights for sandbox"); - if (cap_ioctls_limit(STDIN_FILENO, sicmds, nitems(sicmds)) == -1 && errno != ENOSYS) + if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 && + errno != ENOSYS) errx(EX_OSERR, "Unable to apply rights for sandbox"); - if (cap_fcntls_limit(STDIN_FILENO, CAP_FCNTL_GETFL) == -1 && errno != ENOSYS) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - } + if (!uart_stdio) { + cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, + CAP_IOCTL, CAP_READ); + if (cap_rights_limit(STDIN_FILENO, &rights) == -1 && + errno != ENOSYS) + errx(EX_OSERR, + "Unable to apply rights for sandbox"); + if (cap_ioctls_limit(STDIN_FILENO, sicmds, + nitems(sicmds)) == -1 && errno != ENOSYS) + errx(EX_OSERR, + "Unable to apply rights for sandbox"); + if (cap_fcntls_limit(STDIN_FILENO, CAP_FCNTL_GETFL) == + -1 && errno != ENOSYS) + errx(EX_OSERR, + "Unable to apply rights for sandbox"); + } #endif - - if (retval == 0) uart_opentty(sc); + } return (retval); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905030020.x430K3Hb016053>