bhyve blockif: fix blockif_candelete with Capsicum

NVMe conformance tests for the Format command failed if the backing-storage for the bhyve device was a file instead of a Zvol. The tests (and the specification) expect a Format to destroy all previously written data. The bhyve NVMe emulation implements this by trimming / deallocating all data from the backing-storage. The blockif_candelete() function indicated the file did not support deallocation (i.e. fpathconf(..., _PC_DEALLOC_PRESENT) returned FALSE) even though the kernel supported file hole punching. This occurs on builds with Capsicum enabled because blockif did not allow the fpathconf(2) right. Fix is to add CAP_FPATHCONF to the cap_rights_init(3) call. PR: 260081 Reviewed by: allanjude, markj, jhb MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D33203
2021-11-30 21:07:32 -08:00 · 2021-11-30 21:07:32 -08:00 · d8c1d7b652
commit d8c1d7b652
parent 3846662dab
1 changed files with 1 additions and 1 deletions
--- a/usr.sbin/bhyve/block_if.c
+++ b/usr.sbin/bhyve/block_if.c
@ -548,7 +548,7 @@ blockif_open(nvlist_t *nvl, const char *ident)

 #ifndef WITHOUT_CAPSICUM
 	cap_rights_init(&rights, CAP_FSYNC, CAP_IOCTL, CAP_READ, CAP_SEEK,
-	    CAP_WRITE, CAP_FSTAT, CAP_EVENT);
+	    CAP_WRITE, CAP_FSTAT, CAP_EVENT, CAP_FPATHCONF);
 	if (ro)
 		cap_rights_clear(&rights, CAP_FSYNC, CAP_WRITE);