vmm: Add PRIV_DRIVER checks for passthru ioctls
In preparation for allowing non-root users to create and access bhyve VMs, add privilege checks for ioctls which operate on passthru devices. Reviewed by: corvink MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D53144
This commit is contained in:
@@ -124,12 +124,16 @@ const struct vmmdev_ioctl vmmdev_machdep_ioctls[] = {
|
||||
VMMDEV_IOCTL(VM_SET_KERNEMU_DEV, VMMDEV_IOCTL_LOCK_ONE_VCPU),
|
||||
|
||||
VMMDEV_IOCTL(VM_BIND_PPTDEV,
|
||||
VMMDEV_IOCTL_XLOCK_MEMSEGS | VMMDEV_IOCTL_LOCK_ALL_VCPUS),
|
||||
VMMDEV_IOCTL_XLOCK_MEMSEGS | VMMDEV_IOCTL_LOCK_ALL_VCPUS |
|
||||
VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
VMMDEV_IOCTL(VM_UNBIND_PPTDEV,
|
||||
VMMDEV_IOCTL_XLOCK_MEMSEGS | VMMDEV_IOCTL_LOCK_ALL_VCPUS),
|
||||
VMMDEV_IOCTL_XLOCK_MEMSEGS | VMMDEV_IOCTL_LOCK_ALL_VCPUS |
|
||||
VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
|
||||
VMMDEV_IOCTL(VM_MAP_PPTDEV_MMIO, VMMDEV_IOCTL_LOCK_ALL_VCPUS),
|
||||
VMMDEV_IOCTL(VM_UNMAP_PPTDEV_MMIO, VMMDEV_IOCTL_LOCK_ALL_VCPUS),
|
||||
VMMDEV_IOCTL(VM_MAP_PPTDEV_MMIO, VMMDEV_IOCTL_LOCK_ALL_VCPUS |
|
||||
VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
VMMDEV_IOCTL(VM_UNMAP_PPTDEV_MMIO, VMMDEV_IOCTL_LOCK_ALL_VCPUS |
|
||||
VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
#ifdef BHYVE_SNAPSHOT
|
||||
#ifdef COMPAT_FREEBSD13
|
||||
VMMDEV_IOCTL(VM_SNAPSHOT_REQ_13, VMMDEV_IOCTL_LOCK_ALL_VCPUS),
|
||||
@@ -147,9 +151,9 @@ const struct vmmdev_ioctl vmmdev_machdep_ioctls[] = {
|
||||
|
||||
VMMDEV_IOCTL(VM_LAPIC_LOCAL_IRQ, VMMDEV_IOCTL_MAYBE_ALLOC_VCPU),
|
||||
|
||||
VMMDEV_IOCTL(VM_PPTDEV_MSI, 0),
|
||||
VMMDEV_IOCTL(VM_PPTDEV_MSIX, 0),
|
||||
VMMDEV_IOCTL(VM_PPTDEV_DISABLE_MSIX, 0),
|
||||
VMMDEV_IOCTL(VM_PPTDEV_MSI, VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
VMMDEV_IOCTL(VM_PPTDEV_MSIX, VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
VMMDEV_IOCTL(VM_PPTDEV_DISABLE_MSIX, VMMDEV_IOCTL_PRIV_CHECK_DRIVER),
|
||||
VMMDEV_IOCTL(VM_LAPIC_MSI, 0),
|
||||
VMMDEV_IOCTL(VM_IOAPIC_ASSERT_IRQ, 0),
|
||||
VMMDEV_IOCTL(VM_IOAPIC_DEASSERT_IRQ, 0),
|
||||
|
||||
@@ -14,6 +14,7 @@
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/malloc.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/priv.h>
|
||||
#include <sys/proc.h>
|
||||
#include <sys/queue.h>
|
||||
#include <sys/sx.h>
|
||||
@@ -470,6 +471,12 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
|
||||
if (ioctl == NULL)
|
||||
return (ENOTTY);
|
||||
|
||||
if ((ioctl->flags & VMMDEV_IOCTL_PRIV_CHECK_DRIVER) != 0) {
|
||||
error = priv_check(td, PRIV_DRIVER);
|
||||
if (error != 0)
|
||||
return (error);
|
||||
}
|
||||
|
||||
if ((ioctl->flags & VMMDEV_IOCTL_XLOCK_MEMSEGS) != 0)
|
||||
vm_xlock_memsegs(sc->vm);
|
||||
else if ((ioctl->flags & VMMDEV_IOCTL_SLOCK_MEMSEGS) != 0)
|
||||
|
||||
@@ -44,6 +44,7 @@ struct vmmdev_ioctl {
|
||||
#define VMMDEV_IOCTL_LOCK_ALL_VCPUS 0x08
|
||||
#define VMMDEV_IOCTL_ALLOC_VCPU 0x10
|
||||
#define VMMDEV_IOCTL_MAYBE_ALLOC_VCPU 0x20
|
||||
#define VMMDEV_IOCTL_PRIV_CHECK_DRIVER 0x40
|
||||
int flags;
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user