system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-08 20:26:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

bhyveload: add CAP_SEEK to our dirfd rights

Browse Source 
In the case of hostbase_fd, this is infact a bug fix; we have a seek
callback that the host: filesystem may use in loader, and we really
don't have a good excuse to break it.

bootfd-derived fds will only be used with fdlopen(3) and rtld doesn't
seem to need pread / lseek at all for it today, but there's no reason to
break if it finds a good reason to later.

Suggested by:	markj
This commit is contained in:
Kyle Evans 2024-01-08 21:08:16 -06:00
parent 59ce044a78
commit cef5e56f3f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
usr.sbin/bhyveload/bhyveload.c
View File

@ -755,7 +755,7 @@ hostbase_open(const char *base)
err(EX_OSERR, "open");
if (caph_rights_limit(hostbase_fd, cap_rights_init(&rights, CAP_FSTATAT,
CAP_LOOKUP, CAP_READ)) < 0)
CAP_LOOKUP, CAP_PREAD)) < 0)
err(EX_OSERR, "caph_rights_limit");
}
@ -887,7 +887,7 @@ main(int argc, char** argv)
* to the more usual lookup rights.
*/
if (caph_rights_limit(bootfd, cap_rights_init(&rights,
CAP_FSTATAT, CAP_LOOKUP, CAP_MMAP_RX, CAP_READ)) < 0)
CAP_FSTATAT, CAP_LOOKUP, CAP_MMAP_RX, CAP_PREAD)) < 0)
err(1, "caph_rights_limit");
}