| cef5e56f | 09-Jan-2024 |
Kyle Evans <kevans@FreeBSD.org> |
bhyveload: add CAP_SEEK to our dirfd rights
In the case of hostbase_fd, this is infact a bug fix; we have a seek
callback that the host: filesystem may use in loader, and we really
don't have a good
bhyveload: add CAP_SEEK to our dirfd rights
In the case of hostbase_fd, this is infact a bug fix; we have a seek
callback that the host: filesystem may use in loader, and we really
don't have a good excuse to break it.
bootfd-derived fds will only be used with fdlopen(3) and rtld doesn't
seem to need pread / lseek at all for it today, but there's no reason to
break if it finds a good reason to later.
Suggested by: markj
show more ...
|
| 24cd5c26 | 05-Jan-2024 |
Kyle Evans <kevans@FreeBSD.org> |
bhyveload: support guest rebooting from the loader
userboot has a EXIT_REBOOT code that it uses when the 'reboot' loader
command is executed. Use that and longjmp back to reinit the VM
entirely wit
bhyveload: support guest rebooting from the loader
userboot has a EXIT_REBOOT code that it uses when the 'reboot' loader
command is executed. Use that and longjmp back to reinit the VM
entirely with a reboot request. This fixes the 'reboot' option in the
loader menu to actually reboot rather than shutdown the VM.
The JMP_* constants are introduced to keep track of why we're doing a
longjmp, though they aren't currently used. We'll notably still do a
complete reload of the interpreter to give the rebooted VM that new
loader smell. It just seemed forward thinking to just keep track of the
different setjmp points.
While we're here, we don't actually need to keep the fd we passed to
fdlopen(3), so let's avoid leaking it.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D43300
show more ...
|
| 67082f07 | 04-Jan-2024 |
Kyle Evans <kevans@FreeBSD.org> |
bhyveload: fix non -l use
explicit_loader_fd should have been initialized to -1, not 0, but my
last round of testing was only with -l...
Fixes: bf7c4fcbbb ("bhyveload: hold /boot and do relative [.
bhyveload: fix non -l use
explicit_loader_fd should have been initialized to -1, not 0, but my
last round of testing was only with -l...
Fixes: bf7c4fcbbb ("bhyveload: hold /boot and do relative [...]")
Pointy hat: kevans
show more ...
|
| 8bf0882e | 03-Jan-2024 |
Kyle Evans <kevans@FreeBSD.org> |
bhyveload: enter capability mode after we setup the vcpu
Reviewed by: allanjude (earlier version), emaste, markj
Differential Revision: https://reviews.freebsd.org/D43286 |
| bf7c4fcb | 03-Jan-2024 |
Kyle Evans <kevans@FreeBSD.org> |
bhyveload: hold /boot and do relative lookups for the loader
The next change will push bhyveload into capability mode right after we
allocate vcpu state, before we've setup or entered the loader, to
bhyveload: hold /boot and do relative lookups for the loader
The next change will push bhyveload into capability mode right after we
allocate vcpu state, before we've setup or entered the loader, to limit
the surface area that a rogue loader script can touch.
With an explicit -l loader, we don't need to preopen /boot because
changing interpreters isn't allowed. We'll just dlopen() entirely in
advance in that case to eliminate some complexity.
Reviewed by: allanjude (earlier version), markj
Differential Revision: https://reviews.freebsd.org/D43285
show more ...
|