cap_sysctlbyname for hw.vmm.destroy

Ionuț Mihalache ionut.mihalache1506 at gmail.com
Sat May 1 09:29:40 UTC 2021 

I did a clean buildworld with -DWITH_CASPER and -DHAVE_CASPER and now there
is a linking problem. Here [1] I have the includes to test the example and
here [2] I have the code. When trying to link there is a problem with
cap_sysctl_limit_init,
cap_sysctl_limit_name, cap_sysctl_limit, cap_sysctlbyname; the symbols are
not found. If I comment those lines though, cap_service_open fails(this
happens in bhyverun.c). When using the API here [3] there are no linking
problems and cap_service_open works, but cap_sysctlbyname returns EPERM(I
have here [4] the includes that I used).


[1] -
https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/usr.sbin/bhyve/bhyverun.c#L36
[2] -
https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/usr.sbin/bhyve/bhyverun.c#L1569
[3] -
https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/lib/libvmmapi/vmmapi.c#L141
[4] -
https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/lib/libvmmapi/vmmapi.h#L38

În mie., 28 apr. 2021 la 18:41, Mark Johnston <markj at freebsd.org> a scris:

> On Wed, Apr 28, 2021 at 06:19:09PM +0300, Ionuț Mihalache wrote:
> > Even with the fixes cap_sysctl still returns EPERM for that simple
> example.
>
> Are you sure that libcap_sysctl is actually being used?  In other words,
> are you compiling with -DWITH_CASPER?  If not, the program will call
> cap_enter() and then try to read the sysctl directly, since
> cap_sysctlbyname() will be a simple wrapper for sysctlbyname().
>
> >
> > În mie., 28 apr. 2021 la 17:41, Mark Johnston <markj at freebsd.org> a
> scris:
> >
> > > There are two bugs in the example, also present in your WIP.  I fixed
> > > them here:
> > >
> > >
> https://cgit.freebsd.org/src/commit/?id=44bbda649dc6c1cdc5a99641e14c77157967e140
> > >
> > > On Wed, Apr 28, 2021 at 05:22:22PM +0300, Ionuț Mihalache wrote:
> > > > I update the code now [1] but still the same error. Even without any
> > > limits
> > > > the cap_sysctlbyname fails after using cap_enter.
>

More information about the freebsd-hackers mailing list