From owner-dev-commits-src-main@freebsd.org Mon Jul 26 20:10:23 2021 Return-Path: Delivered-To: dev-commits-src-main@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8AF19673ED0; Mon, 26 Jul 2021 20:10:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GYWHz2yvXz3vD8; Mon, 26 Jul 2021 20:10:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 315091D3D4; Mon, 26 Jul 2021 20:10:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 16QKANUk022929; Mon, 26 Jul 2021 20:10:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 16QKAN02022928; Mon, 26 Jul 2021 20:10:23 GMT (envelope-from git) Date: Mon, 26 Jul 2021 20:10:23 GMT Message-Id: <202107262010.16QKAN02022928@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Bryan Drewery Subject: git: 372557d8c3d3 - main - dumpon: Fix -v causing error when configuring an encrypted dump MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bdrewery X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 372557d8c3d37dd0c1d9be56513a436393963848 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-main@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for the main branch of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Jul 2021 20:10:23 -0000 The branch main has been updated by bdrewery: URL: https://cgit.FreeBSD.org/src/commit/?id=372557d8c3d37dd0c1d9be56513a436393963848 commit 372557d8c3d37dd0c1d9be56513a436393963848 Author: Bryan Drewery AuthorDate: 2021-07-22 00:37:03 +0000 Commit: Bryan Drewery CommitDate: 2021-07-26 20:08:59 +0000 dumpon: Fix -v causing error when configuring an encrypted dump If -v is specified when adding a new device then a full listing of configured devices is displayed. This requires sysctl access which genkey()'s use of capability mode was blocking permission to access. This leads to both confusing console spam but also incorrectly returning an error status even if no other had been encountered. dumpon: Sysctl get 'kern.shutdown.dumpdevname': Operation not permitted Fix this by generating the key in a child process. Reviewed by: markj Sponsored by: Dell EMC Differential Revision: https://reviews.freebsd.org/D31266 --- sbin/dumpon/dumpon.c | 47 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/sbin/dumpon/dumpon.c b/sbin/dumpon/dumpon.c index 183ce5f08cb3..ef1eb3defc98 100644 --- a/sbin/dumpon/dumpon.c +++ b/sbin/dumpon/dumpon.c @@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -210,7 +211,7 @@ check_size(int fd, const char *fn) #ifdef HAVE_CRYPTO static void -genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) +_genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) { FILE *fp; RSA *pubkey; @@ -305,6 +306,50 @@ genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) } RSA_free(pubkey); } + +/* + * Run genkey() in a child so it can use capability mode without affecting + * the rest of the runtime. + */ +static void +genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) +{ + pid_t pid; + int error, filedes[2], status; + ssize_t bytes; + + if (pipe2(filedes, O_CLOEXEC) != 0) + err(1, "pipe"); + pid = fork(); + switch (pid) { + case -1: + err(1, "fork"); + break; + case 0: + close(filedes[0]); + _genkey(pubkeyfile, kdap); + /* Write the new kdap back to the parent. */ + bytes = write(filedes[1], kdap, sizeof(*kdap)); + if (bytes != sizeof(*kdap)) + err(1, "genkey pipe write"); + _exit(0); + } + close(filedes[1]); + /* Read in the child's genkey() result into kdap. */ + bytes = read(filedes[0], kdap, sizeof(*kdap)); + if (bytes != sizeof(*kdap)) + errx(1, "genkey pipe read"); + error = waitpid(pid, &status, WEXITED); + if (error == -1) + err(1, "waitpid"); + if (WIFEXITED(status) && WEXITSTATUS(status) != 0) + errx(1, "genkey child exited with status %d", + WEXITSTATUS(status)); + else if (WIFSIGNALED(status)) + errx(1, "genkey child exited with signal %d", + WTERMSIG(status)); + close(filedes[0]); +} #endif static void