git: 5f904cb1b05c - main - virtual_oss(8): Create loopback devices with GID_AUDIO

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Christos Margiolis <christos_at_FreeBSD.org>
Date: Thu, 21 May 2026 17:34:34 UTC
The branch main has been updated by christos:

URL: https://cgit.FreeBSD.org/src/commit/?id=5f904cb1b05c94453727abb606d6109fe504b10b

commit 5f904cb1b05c94453727abb606d6109fe504b10b
Author:     Christos Margiolis <christos@FreeBSD.org>
AuthorDate: 2026-05-06 16:19:27 +0000
Commit:     Christos Margiolis <christos@FreeBSD.org>
CommitDate: 2026-05-21 17:32:43 +0000

    virtual_oss(8): Create loopback devices with GID_AUDIO
    
    Make sure the user is part of the audio group to avoid unintended
    snooping of loopback audio by unprivileged users.
    
    While here, retire voss_dsp_perm, since we don't use the same value
    everywhere now.
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Reviewed by:    emaste
    Pull-Request:   https://ron-dev.freebsd.org/FreeBSD/src/pulls/26
---
 usr.sbin/virtual_oss/virtual_oss/main.c        | 27 +++++++++++++++++++++-----
 usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 |  4 +++-
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/virtual_oss/virtual_oss/main.c b/usr.sbin/virtual_oss/virtual_oss/main.c
index 6a56adbc6075..1d24be89f3da 100644
--- a/usr.sbin/virtual_oss/virtual_oss/main.c
+++ b/usr.sbin/virtual_oss/virtual_oss/main.c
@@ -37,6 +37,7 @@
 
 #include <dlfcn.h>
 #include <errno.h>
+#include <grp.h>
 #include <stdio.h>
 #include <stdint.h>
 #include <stdlib.h>
@@ -1620,7 +1621,6 @@ int	voss_is_recording = 1;
 int	voss_has_synchronization;
 volatile sig_atomic_t voss_exit = 0;
 
-static int voss_dsp_perm = 0666;
 static int voss_do_background;
 static int voss_baseclone = 0;
 static const char *voss_pid_path;
@@ -1864,7 +1864,24 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute,
 {
 	vprofile_t *ptr;
 	struct cuse_dev *pdev;
-	int x;
+	struct group *gr;
+	gid_t gid;
+	int x, perm;
+
+	if (!is_client) {
+		/*
+		 * Loopback devices can be used only by users who part of the
+		 * audio group, to avoid unintended snooping by unprivileged
+		 * users.
+		 */
+		if ((gr = getgrnam("audio")) == NULL)
+			return ("getgrnam() failed");
+		gid = gr->gr_gid;
+		perm = 0660;
+	} else {
+		gid = 0;
+		perm = 0666;
+	}
 
 	rx_mute = rx_mute ? 1 : 0;
 	tx_mute = tx_mute ? 1 : 0;
@@ -1918,7 +1935,7 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute,
 
 		/* create DSP character device */
 		pdev = cuse_dev_create(&vclient_oss_methods, ptr, NULL,
-		    0, 0, voss_dsp_perm, ptr->oss_name);
+		    0, gid, perm, ptr->oss_name);
 		if (pdev == NULL) {
 			free(ptr);
 			return ("Could not create CUSE DSP device");
@@ -1935,7 +1952,7 @@ dup_profile(vprofile_t *pvp, int *pamp, int pol, int rx_mute,
 	/* create WAV device */
 	if (ptr->wav_name[0] != 0) {
 		pdev = cuse_dev_create(&vclient_wav_methods, ptr, NULL,
-		    0, 0, voss_dsp_perm, ptr->wav_name);
+		    0, gid, perm, ptr->wav_name);
 		if (pdev == NULL) {
 			free(ptr);
 			return ("Could not create CUSE WAV device");
@@ -2612,7 +2629,7 @@ main(int argc, char **argv)
 
 	if (voss_ctl_device[0] != 0) {
 		pdev = cuse_dev_create(&vctl_methods, NULL, NULL,
-		    0, 0, voss_dsp_perm, voss_ctl_device);
+		    0, 0, 0666, voss_ctl_device);
 		if (pdev == NULL)
 			errx(EX_USAGE, "Could not create '/dev/%s'", voss_ctl_device);
 
diff --git a/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8 b/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8
index b607f45cd369..b9dc8fd86a3c 100644
--- a/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8
+++ b/usr.sbin/virtual_oss/virtual_oss/virtual_oss.8
@@ -23,7 +23,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"
-.Dd April 17, 2026
+.Dd May 7, 2026
 .Dt VIRTUAL_OSS 8
 .Os
 .Sh NAME
@@ -162,6 +162,8 @@ This option should be specified before the -d and -l options.
 Create an OSS device by given name.
 .It Fl l Ar name
 Create a loopback OSS device by given name.
+Users have to be part of the audio group to access this device.
+This is a security measure to avoid unintended snooping by unprivileged users.
 .It Fl L Ar name
 Create a loopback OSS device which acts as a master device.
 This option is used in conjunction with -f /dev/null .