Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Jan 2009 12:21:43 GMT
From:      Lawrence Stewart <lstewart@FreeBSD.org>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/130583: [patch] emulators/open-vm-tools does not compile on 8-CURRENT
Message-ID:  <200901151221.n0FCLhrr078721@www.freebsd.org>
Resent-Message-ID: <200901151230.n0FCU4ix065654@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         130583
>Category:       ports
>Synopsis:       [patch] emulators/open-vm-tools does not compile on 8-CURRENT
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 15 12:30:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Lawrence Stewart
>Release:        8-CURRENT
>Organization:
>Environment:
FreeBSD freebsd8-i386-clean.loshell.home 8.0-CURRENT FreeBSD 8.0-CURRENT #0 r187214: Thu Jan 15 00:16:11 EST 2009     root@freebsd8-i386-clean.loshell.room52.net:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
The currently used suser(9) KPI was removed a while ago. The replacement is priv_check(9).

The "a_mode" member of struct vop_access_args has been renamed to "a_accmode".

Both of these issues stop the vmhgfs and vmblock FreeBSD kernel drivers from building as part of the port build on recent 8-CURRENT.
>How-To-Repeat:
cd /usr/ports/emulators/open-vm-tools && make

(note the problem is also present with emulators/open-vm-tools-nox11)
>Fix:
Attached patch renames struct vop_access_args member "a_mode" to "a_accmode", and updates suser(9) calls to priv_check(9). Privs checked for are a guess based on code comments and the contents of sys/sys/priv.h and should be reviewed to make sure I picked the correct ones to check for.

I've done no other validation than to check it compiles and the modules load correctly into the kernel. I don't use the functionality of either module as far as I'm aware so I can't vouch for the correctness of my changes.

It may also be possible to indirect through a compat layer to avoid the patch altogether... not sure as I haven't investigated this at all. Probably best to go with some sort of patch though to future proof the fix.

Patch attached with submission follows:

--- modules/freebsd/vmhgfs/vfsops.c.orig	2009-01-15 22:29:18.000000000 +1100
+++ modules/freebsd/vmhgfs/vfsops.c	2009-01-15 22:29:43.000000000 +1100
@@ -139,7 +139,7 @@
     * Since Hgfs requires the caller to be root, only allow mount attempts made
     * by the superuser.
     */
-   if ((ret = suser(td)) != 0) {
+   if ((ret = priv_check(td, PRIV_VFS_MOUNT)) != 0) {
       return ret;
    }
 
--- modules/freebsd/vmhgfs/vnops.c.orig	2009-01-15 22:28:42.000000000 +1100
+++ modules/freebsd/vmhgfs/vnops.c	2009-01-15 22:28:53.000000000 +1100
@@ -352,7 +352,7 @@
 */
 {
    struct vnode *vp = ap->a_vp;
-   int mode = ap->a_mode;
+   int mode = ap->a_accmode;
 
    return HgfsAccessInt(vp, mode);
 }
--- modules/freebsd/vmblock/vnops.c.orig	2009-01-15 22:29:59.000000000 +1100
+++ modules/freebsd/vmblock/vnops.c	2009-01-15 22:30:29.000000000 +1100
@@ -723,7 +723,7 @@
        * NB:  Allowing only the superuser to open this directory breaks
        *      readdir() of the filesystem root for non-privileged users.
        */
-      if ((retval = suser(ap->a_td)) == 0) {
+      if ((retval = priv_check(ap->a_td, PRIV_VFS_GETFH)) == 0) {
 #if __FreeBSD_version >= 700000
          fp = ap->a_fp;
 #else
@@ -1007,7 +1007,7 @@
 */
 {
    struct vnode *vp = ap->a_vp;
-   mode_t mode = ap->a_mode;
+   mode_t mode = ap->a_accmode;
 
    /*
     * Disallow write attempts on read-only layers; unless the file is a


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901151221.n0FCLhrr078721>