git: e1ec48421287 - stable/13 - bhyve: Use the new vm_limit_rights() interface
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 31 Oct 2022 22:17:31 UTC
The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e1ec4842128773ba3342f9ae0fbd35ab671aea30 commit e1ec4842128773ba3342f9ae0fbd35ab671aea30 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2022-10-24 21:32:04 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2022-10-31 13:29:27 +0000 bhyve: Use the new vm_limit_rights() interface This addresses a compiler warning arising from the fact that bhyve needs to cast away a const qualifier in order to call free(). No functional change intended. Reviewed by: jhb (cherry picked from commit fb7ce0a95ef1e796c10def3ed660e487ffb77c75) --- usr.sbin/bhyve/bhyverun.c | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/usr.sbin/bhyve/bhyverun.c b/usr.sbin/bhyve/bhyverun.c index f01950a453d3..0915e833b19b 100644 --- a/usr.sbin/bhyve/bhyverun.c +++ b/usr.sbin/bhyve/bhyverun.c @@ -1068,11 +1068,6 @@ do_open(const char *vmname) struct vmctx *ctx; int error; bool reinit, romboot; -#ifndef WITHOUT_CAPSICUM - cap_rights_t rights; - const cap_ioctl_t *cmds; - size_t ncmds; -#endif reinit = romboot = false; @@ -1112,16 +1107,8 @@ do_open(const char *vmname) } #ifndef WITHOUT_CAPSICUM - cap_rights_init(&rights, CAP_IOCTL, CAP_MMAP_RW); - if (caph_rights_limit(vm_get_device_fd(ctx), &rights) == -1) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - vm_get_ioctls(&ncmds); - cmds = vm_get_ioctls(NULL); - if (cmds == NULL) - errx(EX_OSERR, "out of memory"); - if (caph_ioctls_limit(vm_get_device_fd(ctx), cmds, ncmds) == -1) - errx(EX_OSERR, "Unable to apply rights for sandbox"); - free((cap_ioctl_t *)cmds); + if (vm_limit_rights(ctx) != 0) + err(EX_OSERR, "vm_limit_rights"); #endif if (reinit) {