git: d8c1d7b6526c - main - bhyve blockif: fix blockif_candelete with Capsicum
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 30 Nov 2021 21:50:07 UTC
The branch main has been updated by chuck:
URL: https://cgit.FreeBSD.org/src/commit/?id=d8c1d7b6526c7063304cd1e938d12dec137454e2
commit d8c1d7b6526c7063304cd1e938d12dec137454e2
Author: Chuck Tuffli <chuck@FreeBSD.org>
AuthorDate: 2021-12-01 05:07:32 +0000
Commit: Chuck Tuffli <chuck@FreeBSD.org>
CommitDate: 2021-12-01 05:49:34 +0000
bhyve blockif: fix blockif_candelete with Capsicum
NVMe conformance tests for the Format command failed if the
backing-storage for the bhyve device was a file instead of a Zvol. The
tests (and the specification) expect a Format to destroy all previously
written data. The bhyve NVMe emulation implements this by trimming /
deallocating all data from the backing-storage.
The blockif_candelete() function indicated the file did not support
deallocation (i.e. fpathconf(..., _PC_DEALLOC_PRESENT) returned FALSE)
even though the kernel supported file hole punching. This occurs on
builds with Capsicum enabled because blockif did not allow the
fpathconf(2) right.
Fix is to add CAP_FPATHCONF to the cap_rights_init(3) call.
PR: 260081
Reviewed by: allanjude, markj, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D33203
---
usr.sbin/bhyve/block_if.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/usr.sbin/bhyve/block_if.c b/usr.sbin/bhyve/block_if.c
index 9d7371bec50f..d9813f30037f 100644
--- a/usr.sbin/bhyve/block_if.c
+++ b/usr.sbin/bhyve/block_if.c
@@ -548,7 +548,7 @@ blockif_open(nvlist_t *nvl, const char *ident)
#ifndef WITHOUT_CAPSICUM
cap_rights_init(&rights, CAP_FSYNC, CAP_IOCTL, CAP_READ, CAP_SEEK,
- CAP_WRITE, CAP_FSTAT, CAP_EVENT);
+ CAP_WRITE, CAP_FSTAT, CAP_EVENT, CAP_FPATHCONF);
if (ro)
cap_rights_clear(&rights, CAP_FSYNC, CAP_WRITE);