Date: Mon, 29 Sep 2014 21:45:17 +0200 From: Luigi Rizzo <rizzo@iet.unipi.it> To: Brooks Davis <brooks@freebsd.org> Cc: current@freebsd.org Subject: Re: capsicum and netmap ? Message-ID: <20140929194517.GE78397@onelab2.iet.unipi.it> In-Reply-To: <20140929185308.GD99239@spindle.one-eyed-alien.net> References: <20140929153043.GA78397@onelab2.iet.unipi.it> <20140929172709.GC99239@spindle.one-eyed-alien.net> <20140929182008.GD78397@onelab2.iet.unipi.it> <20140929185308.GD99239@spindle.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 29, 2014 at 06:53:08PM +0000, Brooks Davis wrote:
> On Mon, Sep 29, 2014 at 08:20:08PM +0200, Luigi Rizzo wrote:
...
> > The nm_open() (which includes open and mmap) occurs before the
> > cap_enter() call, and poll() works fine until we do the
> > cap_enter()/cap_sandboxed() calls.
> >
> > I was wondering whether I should somewhat annotate the file descriptor
> > (in the netmap kernel module) indicating that it is right to access it
> > after cap_enter(). poll() returns 1 and errno=0
> > when polling for POLLIN on the netmap file descriptor,
> > while it should return 0 (there is no traffic queued).
> >
> > I haven't investigated in detail but it almost looks like the
> > underlying netmap_poll() in the device driver is not called.
>
> Ah, that's it. The problem is that we're limiting the pcap file
> descriptors to CAP_READ. It looks like you'd need to add CAP_EVENT to
> that list. Look for cap_rights_init and cap_rights_limit pairs to find
> the right place(s) to modify.
>
The following works for me with the netmap file descriptor,
but I am not sure if it is too tight or too loose.
Also I don't understand why regular bpf did not need CAP_EVENT
(I presume it worked correctly or people would have complained ?)
cheers
luigi
Index: ../../contrib/tcpdump/tcpdump.c
===================================================================
--- ../../contrib/tcpdump/tcpdump.c (revision 269180)
+++ ../../contrib/tcpdump/tcpdump.c (working copy)
@@ -1486,7 +1486,7 @@
if (RFileName == NULL && VFileName == NULL) {
static const unsigned long cmds[] = { BIOCGSTATS };
- cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
+ cap_rights_init(&rights, CAP_IOCTL, CAP_READ, CAP_EVENT);
if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 &&
errno != ENOSYS) {
error("unable to limit pcap descriptor");
@@ -1519,7 +1519,7 @@
if (p == NULL)
error("%s", pcap_geterr(pd));
#ifdef __FreeBSD__
- cap_rights_init(&rights, CAP_SEEK, CAP_WRITE);
+ cap_rights_init(&rights, CAP_SEEK, CAP_WRITE, CAP_EVENT);
if (cap_rights_limit(fileno(pcap_dump_file(p)), &rights) < 0 &&
errno != ENOSYS) {
error("unable to limit dump descriptor");
@@ -1662,7 +1662,7 @@
if (pd == NULL)
error("%s", ebuf);
#ifdef __FreeBSD__
- cap_rights_init(&rights, CAP_READ);
+ cap_rights_init(&rights, CAP_READ, CAP_EVENT);
if (cap_rights_limit(fileno(pcap_file(pd)),
&rights) < 0 && errno != ENOSYS) {
error("unable to limit pcap descriptor");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140929194517.GE78397>