bhyve: avoid applying capsicum capabilities to file that was not opened

When using -l option targeting file that can't be opened (ie. nmdm module is not loaded and /dev/nmdm* is specified) bhyve tries to apply capsicum capabilities to a file that was not opened. Enclose that code in an if statement and only run it on correctly opened descriptor also providing meaningful message in case of an error. Submitted by: Pawel Biernacki <pawel.biernacki@gmail.com> Reviewed by: grehan, emaste Sponsoied by: Mysterious Code Ltd. Differential Revision: D12985
2017-11-11 22:50:14 +00:00 · 2017-11-11 22:50:14 +00:00 · 569aaa3b97
commit 569aaa3b97
parent baaa6ec7ed
1 changed files with 14 additions and 10 deletions
--- a/usr.sbin/bhyve/uart_emul.c
+++ b/usr.sbin/bhyve/uart_emul.c
@ -678,20 +678,24 @@ uart_set_backend(struct uart_softc *sc, const char *opts)
 	if (retval == 0)
 		retval = fcntl(sc->tty.fd, F_SETFL, O_NONBLOCK);

+	if (retval == 0) {
 #ifndef WITHOUT_CAPSICUM
-	cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, CAP_WRITE);
-	if (cap_rights_limit(sc->tty.fd, &rights) == -1 && errno != ENOSYS)
-		errx(EX_OSERR, "Unable to apply rights for sandbox");
-	if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 && errno != ENOSYS)
-		errx(EX_OSERR, "Unable to apply rights for sandbox");
-	if (!uart_stdio) {
-		if (caph_limit_stdin() == -1 && errno != ENOSYS)
+		cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ,
+		    CAP_WRITE);
+		if (cap_rights_limit(sc->tty.fd, &rights) == -1 &&
+		    errno != ENOSYS)
 			errx(EX_OSERR, "Unable to apply rights for sandbox");
-	}
+		if (cap_ioctls_limit(sc->tty.fd, cmds, nitems(cmds)) == -1 &&
+		    errno != ENOSYS)
+			errx(EX_OSERR, "Unable to apply rights for sandbox");
+		if (!uart_stdio) {
+			if (caph_limit_stdin() == -1 && errno != ENOSYS)
+				errx(EX_OSERR,
+				    "Unable to apply rights for sandbox");
+		}
 #endif
-
-	if (retval == 0)
 		uart_opentty(sc);
+	}

 	return (retval);
 }