From owner-svn-src-head@freebsd.org  Sat Nov 11 22:50:15 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 89CE7E4E6B3;
 Sat, 11 Nov 2017 22:50:15 +0000 (UTC)
 (envelope-from robak@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 56AEA717CA;
 Sat, 11 Nov 2017 22:50:15 +0000 (UTC)
 (envelope-from robak@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vABMoEJx058041;
 Sat, 11 Nov 2017 22:50:14 GMT (envelope-from robak@FreeBSD.org)
Received: (from robak@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id vABMoEOo058040;
 Sat, 11 Nov 2017 22:50:14 GMT (envelope-from robak@FreeBSD.org)
Message-Id: <201711112250.vABMoEOo058040@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: robak set sender to
 robak@FreeBSD.org using -f
From: Bartek Rutkowski <robak@FreeBSD.org>
Date: Sat, 11 Nov 2017 22:50:14 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r325727 - head/usr.sbin/bhyve
X-SVN-Group: head
X-SVN-Commit-Author: robak
X-SVN-Commit-Paths: head/usr.sbin/bhyve
X-SVN-Commit-Revision: 325727
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Nov 2017 22:50:15 -0000

Author: robak (ports committer)
Date: Sat Nov 11 22:50:14 2017
New Revision: 325727
URL: https://svnweb.freebsd.org/changeset/base/325727

Log:
  bhyve: avoid applying capsicum capabilities to file that was not opened
  
  When using -l option targeting file that can't be opened (ie. nmdm module
  is not loaded and /dev/nmdm* is specified) bhyve tries to apply capsicum
  capabilities to a file that was not opened.
  
  Enclose that code in an if statement and only run it on correctly opened
  descriptor also providing meaningful message in case of an error.
  
  Submitted by:	Pawel Biernacki <pawel.biernacki@gmail.com>
  Reviewed by:	grehan, emaste
  Sponsoied by:	Mysterious Code Ltd.
  Differential Revision:	D12985

Modified:
  head/usr.sbin/bhyve/uart_emul.c

Modified: head/usr.sbin/bhyve/uart_emul.c
==============================================================================
--- head/usr.sbin/bhyve/uart_emul.c	Sat Nov 11 22:39:33 2017	(r325726)
+++ head/usr.sbin/bhyve/uart_emul.c	Sat Nov 11 22:50:14 2017	(r325727)
@@ -678,20 +678,24 @@ uart_set_backend(struct uart_softc *sc, const char *op
 	if (retval == 0)
 		retval = fcntl(sc->tty.fd, F_SETFL, O_NONBLOCK);
 
+	if (retval == 0) {
 #ifndef WITHOUT_CAPSICUM
-	cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, CAP_WRITE);
-	if (cap_rights_limit(sc->tty.fd, &rights) == -1 && errno != ENOSYS)
-		errx(EX_OSERR, "Unable to apply rights for sandbox");
-	if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 && errno != ENOSYS)
-		errx(EX_OSERR, "Unable to apply rights for sandbox");
-	if (!uart_stdio) {
-		if (caph_limit_stdin() == -1 && errno != ENOSYS)
+		cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ,
+		    CAP_WRITE);
+		if (cap_rights_limit(sc->tty.fd, &rights) == -1 &&
+		    errno != ENOSYS)
 			errx(EX_OSERR, "Unable to apply rights for sandbox");
-	}
+		if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 &&
+		    errno != ENOSYS)
+			errx(EX_OSERR, "Unable to apply rights for sandbox");
+		if (!uart_stdio) {
+			if (caph_limit_stdin() == -1 && errno != ENOSYS)
+				errx(EX_OSERR,
+				    "Unable to apply rights for sandbox");
+		}
 #endif
-
-	if (retval == 0)
 		uart_opentty(sc);
+	}
 
 	return (retval);
 }