From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Jan 15 12:30:07 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DEEEA10657D1 for ; Thu, 15 Jan 2009 12:30:07 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B9AF08FC2A for ; Thu, 15 Jan 2009 12:30:07 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n0FCU44b065656 for ; Thu, 15 Jan 2009 12:30:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n0FCU4ix065654; Thu, 15 Jan 2009 12:30:04 GMT (envelope-from gnats) Resent-Date: Thu, 15 Jan 2009 12:30:04 GMT Resent-Message-Id: <200901151230.n0FCU4ix065654@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Lawrence Stewart Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0CB4F106571B for ; Thu, 15 Jan 2009 12:21:44 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id E3D248FC16 for ; Thu, 15 Jan 2009 12:21:43 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n0FCLhLC078722 for ; Thu, 15 Jan 2009 12:21:43 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n0FCLhrr078721; Thu, 15 Jan 2009 12:21:43 GMT (envelope-from nobody) Message-Id: <200901151221.n0FCLhrr078721@www.freebsd.org> Date: Thu, 15 Jan 2009 12:21:43 GMT From: Lawrence Stewart To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/130583: [patch] emulators/open-vm-tools does not compile on 8-CURRENT X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2009 12:30:09 -0000 >Number: 130583 >Category: ports >Synopsis: [patch] emulators/open-vm-tools does not compile on 8-CURRENT >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 15 12:30:04 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Lawrence Stewart >Release: 8-CURRENT >Organization: >Environment: FreeBSD freebsd8-i386-clean.loshell.home 8.0-CURRENT FreeBSD 8.0-CURRENT #0 r187214: Thu Jan 15 00:16:11 EST 2009 root@freebsd8-i386-clean.loshell.room52.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: The currently used suser(9) KPI was removed a while ago. The replacement is priv_check(9). The "a_mode" member of struct vop_access_args has been renamed to "a_accmode". Both of these issues stop the vmhgfs and vmblock FreeBSD kernel drivers from building as part of the port build on recent 8-CURRENT. >How-To-Repeat: cd /usr/ports/emulators/open-vm-tools && make (note the problem is also present with emulators/open-vm-tools-nox11) >Fix: Attached patch renames struct vop_access_args member "a_mode" to "a_accmode", and updates suser(9) calls to priv_check(9). Privs checked for are a guess based on code comments and the contents of sys/sys/priv.h and should be reviewed to make sure I picked the correct ones to check for. I've done no other validation than to check it compiles and the modules load correctly into the kernel. I don't use the functionality of either module as far as I'm aware so I can't vouch for the correctness of my changes. It may also be possible to indirect through a compat layer to avoid the patch altogether... not sure as I haven't investigated this at all. Probably best to go with some sort of patch though to future proof the fix. Patch attached with submission follows: --- modules/freebsd/vmhgfs/vfsops.c.orig 2009-01-15 22:29:18.000000000 +1100 +++ modules/freebsd/vmhgfs/vfsops.c 2009-01-15 22:29:43.000000000 +1100 @@ -139,7 +139,7 @@ * Since Hgfs requires the caller to be root, only allow mount attempts made * by the superuser. */ - if ((ret = suser(td)) != 0) { + if ((ret = priv_check(td, PRIV_VFS_MOUNT)) != 0) { return ret; } --- modules/freebsd/vmhgfs/vnops.c.orig 2009-01-15 22:28:42.000000000 +1100 +++ modules/freebsd/vmhgfs/vnops.c 2009-01-15 22:28:53.000000000 +1100 @@ -352,7 +352,7 @@ */ { struct vnode *vp = ap->a_vp; - int mode = ap->a_mode; + int mode = ap->a_accmode; return HgfsAccessInt(vp, mode); } --- modules/freebsd/vmblock/vnops.c.orig 2009-01-15 22:29:59.000000000 +1100 +++ modules/freebsd/vmblock/vnops.c 2009-01-15 22:30:29.000000000 +1100 @@ -723,7 +723,7 @@ * NB: Allowing only the superuser to open this directory breaks * readdir() of the filesystem root for non-privileged users. */ - if ((retval = suser(ap->a_td)) == 0) { + if ((retval = priv_check(ap->a_td, PRIV_VFS_GETFH)) == 0) { #if __FreeBSD_version >= 700000 fp = ap->a_fp; #else @@ -1007,7 +1007,7 @@ */ { struct vnode *vp = ap->a_vp; - mode_t mode = ap->a_mode; + mode_t mode = ap->a_accmode; /* * Disallow write attempts on read-only layers; unless the file is a >Release-Note: >Audit-Trail: >Unformatted: