Mark Johnston 3e9b4532d1 libvmmapi: Provide an interface for limiting rights on the device fd
Currently libvmmapi provides a way to get a list of the allowed ioctls
on the vmm device file, so that bhyve can limit rights on the device
file fd.  The interface is rather strange: it allocates a copy of the
list but returns a const pointer, so the caller has to cast away the
const in order to free it without aggravating the compiler.

As far as I can see, there's no reason to make a copy of the array, but
changing vm_get_ioctls() to not do that would break compatibility.  So
this change just introduces a better interface: move all rights-limiting
logic into libvmmapi.

Any new operations on the fd should be wrapped by libvmmapi, so also
discourage use of vm_get_device_fd().  Currently bhyve uses it only when
limiting rights on the device fd.

No functional change intended.

Reviewed by:	jhb
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D37098
2022-10-24 17:33:13 -04:00
..
2021-01-07 09:31:03 +00:00
2020-04-19 02:20:39 +00:00
2020-07-19 23:56:19 +00:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2020-04-19 02:18:40 +00:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2021-10-15 15:10:24 -04:00
2022-03-01 08:06:41 -07:00
2020-08-04 21:09:36 +00:00
2019-12-11 17:37:53 +00:00
2021-10-22 19:57:57 -04:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2021-01-13 23:56:18 -06:00
2022-09-24 19:16:39 -07:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2022-07-22 00:23:08 +02:00
2020-09-11 13:28:37 +00:00
2020-06-17 10:42:20 +00:00
2022-10-02 03:37:29 +02:00
2019-12-21 21:01:03 +00:00
2022-10-05 17:52:27 +02:00
2019-12-11 17:37:53 +00:00
2019-12-11 17:37:53 +00:00
2022-07-19 08:59:53 -07:00
2022-10-02 03:37:29 +02:00
2020-09-11 13:28:37 +00:00
2020-05-21 01:55:35 +00:00
2019-12-11 17:37:53 +00:00
2022-08-07 16:30:24 +02:00
2019-12-11 17:37:53 +00:00
2022-09-19 21:40:07 +03:00
2022-10-02 03:37:29 +02:00