Date: Mon, 29 Sep 2014 18:53:08 +0000 From: Brooks Davis <brooks@freebsd.org> To: Luigi Rizzo <rizzo@iet.unipi.it> Cc: current@freebsd.org Subject: Re: capsicum and netmap ? Message-ID: <20140929185308.GD99239@spindle.one-eyed-alien.net> In-Reply-To: <20140929182008.GD78397@onelab2.iet.unipi.it> References: <20140929153043.GA78397@onelab2.iet.unipi.it> <20140929172709.GC99239@spindle.one-eyed-alien.net> <20140929182008.GD78397@onelab2.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
--zS7rBR6csb6tI2e1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Sep 29, 2014 at 08:20:08PM +0200, Luigi Rizzo wrote: > On Mon, Sep 29, 2014 at 05:27:09PM +0000, Brooks Davis wrote: > > On Mon, Sep 29, 2014 at 05:30:43PM +0200, Luigi Rizzo wrote: > > >=20 > > > Hi, > > > while trying the netmap-enabled libpcap library with tcpdump, i > > > noticed it fails to return data on a kernel with capsicum (the > > > string "capability mode sandbox enabled" made me suspicious, and > > > removing the cap_*() calls from tcpdump.c seems to make things > > > work again). > > >=20 > > > Would anyone be able to point me what should be done in the netmap > > > kernel module to make it work with capsicum ? > > >=20 > > > I am sure the cambridge folks are very interested in this :) > >=20 > > Without knowing what modifications have been made to libpcap, it's hard > > to say what you need to change, but the short version is that once > > cap_enter is called, you must not attempt to open any file handles as > > that's won't work. I can't think of any other likely cause. Are all > > the returns of all open(), socket(), etc calls checked? >=20 > Hi Brooks, > thanks for the feedback. >=20 > The change (attached, with some debugging code; it dates back to > december and i am trying to upstream it into FreeBSD now) is a set > of methods called to open, dispatch and inject packets. >=20 > > In practice that means that either opening files must come earlier, or > > a singling mechanism needs to be added to tcpdump and libpcap to tell > > tcpdump not to enter capability mode when using netmap. >=20 > The nm_open() (which includes open and mmap) occurs before the > cap_enter() call, and poll() works fine until we do the > cap_enter()/cap_sandboxed() calls. >=20 > I was wondering whether I should somewhat annotate the file descriptor > (in the netmap kernel module) indicating that it is right to access it > after cap_enter(). poll() returns 1 and errno=3D0 > when polling for POLLIN on the netmap file descriptor, > while it should return 0 (there is no traffic queued). >=20 > I haven't investigated in detail but it almost looks like the > underlying netmap_poll() in the device driver is not called. Ah, that's it. The problem is that we're limiting the pcap file descriptors to CAP_READ. It looks like you'd need to add CAP_EVENT to that list. Look for cap_rights_init and cap_rights_limit pairs to find the right place(s) to modify. -- Brooks --zS7rBR6csb6tI2e1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlQpqpMACgkQXY6L6fI4GtRYQQCfTLk0ftRawbsSx+yK4gXxHHAu R7QAn2WKpNoN6PEPCKDpYM/HDXSLXJkx =z6NE -----END PGP SIGNATURE----- --zS7rBR6csb6tI2e1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140929185308.GD99239>