From owner-freebsd-current@FreeBSD.ORG Mon Sep 29 19:40:18 2014 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1D298D26; Mon, 29 Sep 2014 19:40:18 +0000 (UTC) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id D35F8C44; Mon, 29 Sep 2014 19:40:17 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id E2F0773027; Mon, 29 Sep 2014 21:45:17 +0200 (CEST) Date: Mon, 29 Sep 2014 21:45:17 +0200 From: Luigi Rizzo To: Brooks Davis Subject: Re: capsicum and netmap ? Message-ID: <20140929194517.GE78397@onelab2.iet.unipi.it> References: <20140929153043.GA78397@onelab2.iet.unipi.it> <20140929172709.GC99239@spindle.one-eyed-alien.net> <20140929182008.GD78397@onelab2.iet.unipi.it> <20140929185308.GD99239@spindle.one-eyed-alien.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140929185308.GD99239@spindle.one-eyed-alien.net> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Sep 2014 19:40:18 -0000 On Mon, Sep 29, 2014 at 06:53:08PM +0000, Brooks Davis wrote: > On Mon, Sep 29, 2014 at 08:20:08PM +0200, Luigi Rizzo wrote: ... > > The nm_open() (which includes open and mmap) occurs before the > > cap_enter() call, and poll() works fine until we do the > > cap_enter()/cap_sandboxed() calls. > > > > I was wondering whether I should somewhat annotate the file descriptor > > (in the netmap kernel module) indicating that it is right to access it > > after cap_enter(). poll() returns 1 and errno=0 > > when polling for POLLIN on the netmap file descriptor, > > while it should return 0 (there is no traffic queued). > > > > I haven't investigated in detail but it almost looks like the > > underlying netmap_poll() in the device driver is not called. > > Ah, that's it. The problem is that we're limiting the pcap file > descriptors to CAP_READ. It looks like you'd need to add CAP_EVENT to > that list. Look for cap_rights_init and cap_rights_limit pairs to find > the right place(s) to modify. > The following works for me with the netmap file descriptor, but I am not sure if it is too tight or too loose. Also I don't understand why regular bpf did not need CAP_EVENT (I presume it worked correctly or people would have complained ?) cheers luigi Index: ../../contrib/tcpdump/tcpdump.c =================================================================== --- ../../contrib/tcpdump/tcpdump.c (revision 269180) +++ ../../contrib/tcpdump/tcpdump.c (working copy) @@ -1486,7 +1486,7 @@ if (RFileName == NULL && VFileName == NULL) { static const unsigned long cmds[] = { BIOCGSTATS }; - cap_rights_init(&rights, CAP_IOCTL, CAP_READ); + cap_rights_init(&rights, CAP_IOCTL, CAP_READ, CAP_EVENT); if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor"); @@ -1519,7 +1519,7 @@ if (p == NULL) error("%s", pcap_geterr(pd)); #ifdef __FreeBSD__ - cap_rights_init(&rights, CAP_SEEK, CAP_WRITE); + cap_rights_init(&rights, CAP_SEEK, CAP_WRITE, CAP_EVENT); if (cap_rights_limit(fileno(pcap_dump_file(p)), &rights) < 0 && errno != ENOSYS) { error("unable to limit dump descriptor"); @@ -1662,7 +1662,7 @@ if (pd == NULL) error("%s", ebuf); #ifdef __FreeBSD__ - cap_rights_init(&rights, CAP_READ); + cap_rights_init(&rights, CAP_READ, CAP_EVENT); if (cap_rights_limit(fileno(pcap_file(pd)), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor");