Date: Thu, 15 Jan 2009 12:21:43 GMT From: Lawrence Stewart <lstewart@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/130583: [patch] emulators/open-vm-tools does not compile on 8-CURRENT Message-ID: <200901151221.n0FCLhrr078721@www.freebsd.org> Resent-Message-ID: <200901151230.n0FCU4ix065654@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 130583
>Category: ports
>Synopsis: [patch] emulators/open-vm-tools does not compile on 8-CURRENT
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 15 12:30:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Lawrence Stewart
>Release: 8-CURRENT
>Organization:
>Environment:
FreeBSD freebsd8-i386-clean.loshell.home 8.0-CURRENT FreeBSD 8.0-CURRENT #0 r187214: Thu Jan 15 00:16:11 EST 2009 root@freebsd8-i386-clean.loshell.room52.net:/usr/obj/usr/src/sys/GENERIC i386
>Description:
The currently used suser(9) KPI was removed a while ago. The replacement is priv_check(9).
The "a_mode" member of struct vop_access_args has been renamed to "a_accmode".
Both of these issues stop the vmhgfs and vmblock FreeBSD kernel drivers from building as part of the port build on recent 8-CURRENT.
>How-To-Repeat:
cd /usr/ports/emulators/open-vm-tools && make
(note the problem is also present with emulators/open-vm-tools-nox11)
>Fix:
Attached patch renames struct vop_access_args member "a_mode" to "a_accmode", and updates suser(9) calls to priv_check(9). Privs checked for are a guess based on code comments and the contents of sys/sys/priv.h and should be reviewed to make sure I picked the correct ones to check for.
I've done no other validation than to check it compiles and the modules load correctly into the kernel. I don't use the functionality of either module as far as I'm aware so I can't vouch for the correctness of my changes.
It may also be possible to indirect through a compat layer to avoid the patch altogether... not sure as I haven't investigated this at all. Probably best to go with some sort of patch though to future proof the fix.
Patch attached with submission follows:
--- modules/freebsd/vmhgfs/vfsops.c.orig 2009-01-15 22:29:18.000000000 +1100
+++ modules/freebsd/vmhgfs/vfsops.c 2009-01-15 22:29:43.000000000 +1100
@@ -139,7 +139,7 @@
* Since Hgfs requires the caller to be root, only allow mount attempts made
* by the superuser.
*/
- if ((ret = suser(td)) != 0) {
+ if ((ret = priv_check(td, PRIV_VFS_MOUNT)) != 0) {
return ret;
}
--- modules/freebsd/vmhgfs/vnops.c.orig 2009-01-15 22:28:42.000000000 +1100
+++ modules/freebsd/vmhgfs/vnops.c 2009-01-15 22:28:53.000000000 +1100
@@ -352,7 +352,7 @@
*/
{
struct vnode *vp = ap->a_vp;
- int mode = ap->a_mode;
+ int mode = ap->a_accmode;
return HgfsAccessInt(vp, mode);
}
--- modules/freebsd/vmblock/vnops.c.orig 2009-01-15 22:29:59.000000000 +1100
+++ modules/freebsd/vmblock/vnops.c 2009-01-15 22:30:29.000000000 +1100
@@ -723,7 +723,7 @@
* NB: Allowing only the superuser to open this directory breaks
* readdir() of the filesystem root for non-privileged users.
*/
- if ((retval = suser(ap->a_td)) == 0) {
+ if ((retval = priv_check(ap->a_td, PRIV_VFS_GETFH)) == 0) {
#if __FreeBSD_version >= 700000
fp = ap->a_fp;
#else
@@ -1007,7 +1007,7 @@
*/
{
struct vnode *vp = ap->a_vp;
- mode_t mode = ap->a_mode;
+ mode_t mode = ap->a_accmode;
/*
* Disallow write attempts on read-only layers; unless the file is a
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901151221.n0FCLhrr078721>