From nobody Mon Oct 24 21:33:48 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Mx7cD71dMz4gq0f; Mon, 24 Oct 2022 21:33:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Mx7cD6YcPz3CV6; Mon, 24 Oct 2022 21:33:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666647228; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0kXMCW4BFAIFpszy2/CmxDJp5ClZZ6HotyamMICAtpI=; b=JvEMG5Ch+xk0/UqkR3laPU7IyUsXxHEUeQZkXF9bSxkUdIZWOgSBZsuaOd9ALnxazVQ5jI COd11j19wBQeXwuSHRDSbVt0P8gI04Wb7RqSnWZldV5TGn/pBpkKA3XMZVMPqrJPIUgry/ OyKApA179DT/pBN/40YRQi1CI4fP8zjRRLJgp2b9YUBAyRgpS9xxvm1gB+exmW6l65T7bc BtkK2uKYuWoB5a1zXqEZZs8e3HseQQbx4aB16jPdXvVcuJNzMaoVX1STDULDjhdl0baB/7 6G/qVOwMnKtk/vnme0VfL67CB2yBkydsHOb9ZbNCFVEVLUO0eP9Hqso583DCCg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Mx7cD5ZkrzMpd; Mon, 24 Oct 2022 21:33:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 29OLXmnF038631; Mon, 24 Oct 2022 21:33:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 29OLXmB5038630; Mon, 24 Oct 2022 21:33:48 GMT (envelope-from git) Date: Mon, 24 Oct 2022 21:33:48 GMT Message-Id: <202210242133.29OLXmB5038630@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: fb7ce0a95ef1 - main - bhyve: Use the new vm_limit_rights() interface List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: fb7ce0a95ef1e796c10def3ed660e487ffb77c75 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666647228; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0kXMCW4BFAIFpszy2/CmxDJp5ClZZ6HotyamMICAtpI=; b=pQt4vT+UH4XThuShphKHuBJ0O/ECDWSlIRkJd5XzLnBKa9J7LzeUrN8sc+gClYwOGhZ4kO byN8lZvWr8YzBVswCq1X6jvW3YJumy6kmXiCk/3engOMf6BugLNg8IvrnRl9JX9Ha7Kdzg v0S06pcrW37sEC6w9LQ3AqdwHutHDXdE8p0HDGzou7qfRDrnfJDLkDvYAp3kw1bVUaFX46 YzHF20XUQ6GVWiB6E6+h0ikKUC2fW7CVssTCYurghM6kPjmlBQ92zhLCgyZh+eIG2AaMhZ DDVA+qDpSq+tRC55DGGWXYsmIlUrSncuQEtpFp1mb9/FtMcqe+utSTI9j9K3IA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666647228; a=rsa-sha256; cv=none; b=B1ITt9+xeEjCoDQx/AX9+x9D9D7Nr8MoZ0C/HGPHvjmXExvmKnosGdjCte4c0/Xq4h3D+L 0CWFlYDnJ5et2xcGk7pAnwUSUHN/ZpFkcn89TNqSThXDWARlqqPF3o8GM/INb+twU9XzLP IlQcnD4OZJJ7zz57F0NgCS+1w3JYnLqCiefXH/ZEea0sqSx+2yHxdEvd8zbdT3o8bQFKKU Rpb8i5kM4V4RX23/3GDqyFouT2fWbuLmIS9ICwf3+mrkPPac8EqnxRY241Hk/NILpop+D0 aPj5znUxqIJ1kt/0kGrVV4XN1wiHI8mqsGpa0P0uO0eGQikyoAVHPrx8Y7Mnhw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fb7ce0a95ef1e796c10def3ed660e487ffb77c75 commit fb7ce0a95ef1e796c10def3ed660e487ffb77c75 Author: Mark Johnston AuthorDate: 2022-10-24 21:32:04 +0000 Commit: Mark Johnston CommitDate: 2022-10-24 21:33:13 +0000 bhyve: Use the new vm_limit_rights() interface This addresses a compiler warning arising from the fact that bhyve needs to cast away a const qualifier in order to call free(). No functional change intended. Reviewed by: jhb MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D37099 --- usr.sbin/bhyve/bhyverun.c | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/usr.sbin/bhyve/bhyverun.c b/usr.sbin/bhyve/bhyverun.c index 6e7eed747e97..a0261e755cfc 100644 --- a/usr.sbin/bhyve/bhyverun.c +++ b/usr.sbin/bhyve/bhyverun.c @@ -1103,11 +1103,6 @@ do_open(const char *vmname) struct vmctx *ctx; int error; bool reinit, romboot; -#ifndef WITHOUT_CAPSICUM - cap_rights_t rights; - const cap_ioctl_t *cmds; - size_t ncmds; -#endif reinit = romboot = false; @@ -1147,16 +1142,8 @@ do_open(const char *vmname) } #ifndef WITHOUT_CAPSICUM - cap_rights_init(&rights, CAP_IOCTL, CAP_MMAP_RW); - if (caph_rights_limit(vm_get_device_fd(ctx), &rights) == -1) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - vm_get_ioctls(&ncmds); - cmds = vm_get_ioctls(NULL); - if (cmds == NULL) - errx(EX_OSERR, "out of memory"); - if (caph_ioctls_limit(vm_get_device_fd(ctx), cmds, ncmds) == -1) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - free((cap_ioctl_t *)cmds); + if (vm_limit_rights(ctx) != 0) + err(EX_OSERR, "vm_limit_rights"); #endif if (reinit) {