upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-19 16:35:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/lib/libvmmapi
History
Mark Johnston f5e18a7c3c libvmmapi: Provide an interface for limiting rights on the device fd 
Currently libvmmapi provides a way to get a list of the allowed ioctls
on the vmm device file, so that bhyve can limit rights on the device
file fd.  The interface is rather strange: it allocates a copy of the
list but returns a const pointer, so the caller has to cast away the
const in order to free it without aggravating the compiler.

As far as I can see, there's no reason to make a copy of the array, but
changing vm_get_ioctls() to not do that would break compatibility.  So
this change just introduces a better interface: move all rights-limiting
logic into libvmmapi.

Any new operations on the fd should be wrapped by libvmmapi, so also
discourage use of vm_get_device_fd().  Currently bhyve uses it only when
limiting rights on the device fd.

No functional change intended.

Reviewed by:	jhb

(cherry picked from commit 3e9b4532d1)
2022-10-31 09:26:49 -04:00
..
Makefile libvmmapi: Fix warnings and stop overridding WARNS 2021-08-02 15:01:02 -04:00
Makefile.depend Update Makefile.depend files 2019-12-11 17:37:53 +00:00
vmmapi.c libvmmapi: Provide an interface for limiting rights on the device fd 2022-10-31 09:26:49 -04:00
vmmapi.h libvmmapi: Provide an interface for limiting rights on the device fd 2022-10-31 09:26:49 -04:00
vmmapi_freebsd.c