- Add the ability to run bhyve(8) within a jail(8).
This patch adds a new sysctl(8) knob "security.jail.vmm_allowed", by default this option is disable. Submitted by: Shawn Webb <shawn.webb____hardenedbsd.org> Reviewed by: jamie@ and myself. Relnotes: Yes. Sponsored by: HardenedBSD and G2, Inc. Differential Revision: https://reviews.freebsd.org/D16057
This commit is contained in:
parent
a5c4d9335b
commit
be963beee6
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=337023
@ -33,6 +33,7 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/jail.h>
|
||||
#include <sys/queue.h>
|
||||
#include <sys/lock.h>
|
||||
#include <sys/mutex.h>
|
||||
@ -43,6 +44,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/ioccom.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/uio.h>
|
||||
#include <sys/proc.h>
|
||||
|
||||
#include <vm/vm.h>
|
||||
#include <vm/pmap.h>
|
||||
@ -82,15 +84,28 @@ struct vmmdev_softc {
|
||||
|
||||
static SLIST_HEAD(, vmmdev_softc) head;
|
||||
|
||||
static unsigned pr_allow_flag;
|
||||
static struct mtx vmmdev_mtx;
|
||||
|
||||
static MALLOC_DEFINE(M_VMMDEV, "vmmdev", "vmmdev");
|
||||
|
||||
SYSCTL_DECL(_hw_vmm);
|
||||
|
||||
static int vmm_priv_check(struct ucred *ucred);
|
||||
static int devmem_create_cdev(const char *vmname, int id, char *devmem);
|
||||
static void devmem_destroy(void *arg);
|
||||
|
||||
static int
|
||||
vmm_priv_check(struct ucred *ucred)
|
||||
{
|
||||
|
||||
if (jailed(ucred) &&
|
||||
!(ucred->cr_prison->pr_allow & pr_allow_flag))
|
||||
return (EPERM);
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
static int
|
||||
vcpu_lock_one(struct vmmdev_softc *sc, int vcpu)
|
||||
{
|
||||
@ -177,6 +192,10 @@ vmmdev_rw(struct cdev *cdev, struct uio *uio, int flags)
|
||||
void *hpa, *cookie;
|
||||
struct vmmdev_softc *sc;
|
||||
|
||||
error = vmm_priv_check(curthread->td_ucred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sc = vmmdev_lookup2(cdev);
|
||||
if (sc == NULL)
|
||||
return (ENXIO);
|
||||
@ -351,11 +370,14 @@ vmmdev_ioctl(struct cdev *cdev, u_long cmd, caddr_t data, int fflag,
|
||||
uint64_t *regvals;
|
||||
int *regnums;
|
||||
|
||||
error = vmm_priv_check(curthread->td_ucred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
sc = vmmdev_lookup2(cdev);
|
||||
if (sc == NULL)
|
||||
return (ENXIO);
|
||||
|
||||
error = 0;
|
||||
vcpu = -1;
|
||||
state_changed = 0;
|
||||
|
||||
@ -777,6 +799,10 @@ vmmdev_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t mapsize,
|
||||
int error, found, segid;
|
||||
bool sysmem;
|
||||
|
||||
error = vmm_priv_check(curthread->td_ucred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
first = *offset;
|
||||
last = first + mapsize;
|
||||
if ((nprot & PROT_EXEC) || first < 0 || first >= last)
|
||||
@ -865,6 +891,10 @@ sysctl_vmm_destroy(SYSCTL_HANDLER_ARGS)
|
||||
struct vmmdev_softc *sc;
|
||||
struct cdev *cdev;
|
||||
|
||||
error = vmm_priv_check(req->td->td_ucred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
strlcpy(buf, "beavis", sizeof(buf));
|
||||
error = sysctl_handle_string(oidp, buf, sizeof(buf), req);
|
||||
if (error != 0 || req->newptr == NULL)
|
||||
@ -906,7 +936,8 @@ sysctl_vmm_destroy(SYSCTL_HANDLER_ARGS)
|
||||
destroy_dev_sched_cb(cdev, vmmdev_destroy, sc);
|
||||
return (0);
|
||||
}
|
||||
SYSCTL_PROC(_hw_vmm, OID_AUTO, destroy, CTLTYPE_STRING | CTLFLAG_RW,
|
||||
SYSCTL_PROC(_hw_vmm, OID_AUTO, destroy,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON,
|
||||
NULL, 0, sysctl_vmm_destroy, "A", NULL);
|
||||
|
||||
static struct cdevsw vmmdevsw = {
|
||||
@ -927,6 +958,10 @@ sysctl_vmm_create(SYSCTL_HANDLER_ARGS)
|
||||
struct vmmdev_softc *sc, *sc2;
|
||||
char buf[VM_MAX_NAMELEN];
|
||||
|
||||
error = vmm_priv_check(req->td->td_ucred);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
strlcpy(buf, "beavis", sizeof(buf));
|
||||
error = sysctl_handle_string(oidp, buf, sizeof(buf), req);
|
||||
if (error != 0 || req->newptr == NULL)
|
||||
@ -977,13 +1012,16 @@ sysctl_vmm_create(SYSCTL_HANDLER_ARGS)
|
||||
|
||||
return (0);
|
||||
}
|
||||
SYSCTL_PROC(_hw_vmm, OID_AUTO, create, CTLTYPE_STRING | CTLFLAG_RW,
|
||||
SYSCTL_PROC(_hw_vmm, OID_AUTO, create,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON,
|
||||
NULL, 0, sysctl_vmm_create, "A", NULL);
|
||||
|
||||
void
|
||||
vmmdev_init(void)
|
||||
{
|
||||
mtx_init(&vmmdev_mtx, "vmm device mutex", NULL, MTX_DEF);
|
||||
pr_allow_flag = prison_add_allow(NULL, "vmm", NULL,
|
||||
"Allow use of vmm in a jail.");
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -25,7 +25,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd July 29, 2018
|
||||
.Dd July 30, 2018
|
||||
.Dt JAIL 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -650,6 +650,12 @@ See
|
||||
.Xr zfs 8
|
||||
for information on how to configure the ZFS filesystem to operate from
|
||||
within a jail.
|
||||
.It Va allow.vmm
|
||||
The jail may access
|
||||
.Xr vmm 4 .
|
||||
This flag is only available when the
|
||||
.Xr vmm 4
|
||||
kernel module is loaded.
|
||||
.It Va linux
|
||||
Determine how a jail's Linux emulation environment appears.
|
||||
A value of
|
||||
@ -1294,6 +1300,7 @@ environment of the first jail.
|
||||
.Xr ps 1 ,
|
||||
.Xr quota 1 ,
|
||||
.Xr jail_set 2 ,
|
||||
.Xr vmm 4 ,
|
||||
.Xr devfs 5 ,
|
||||
.Xr fdescfs 5 ,
|
||||
.Xr jail.conf 5 ,
|
||||
|
Loading…
Reference in New Issue
Block a user