diff options
| author | Mike Larkin <mlarkin@cvs.openbsd.org> | 2017-08-31 06:23:38 +0000 |
|---|---|---|
| committer | Mike Larkin <mlarkin@cvs.openbsd.org> | 2017-08-31 06:23:38 +0000 |
| commit | f1471c317695454d15fe00f0aca9ce372c286701 (patch) | |
| tree | 75eea8bfe9dfc70b7f20d7740f40a16f3cf8a794 /usr.sbin/vmd | |
| parent | 872c10ab659090c9a9d2b3493d579e7757b41584 (diff) | |
vmd/vmctl: disallow use of block or character devices as disks in VMs.
These don't work today and present the user with a confusing error
message if an attempt is made to use them. This commit detects attempts
to use block or character devices and if detected, presents the user with
a better message.
ok jasper
From Carlos Cardenas, thanks!
Diffstat (limited to 'usr.sbin/vmd')
| -rw-r--r-- | usr.sbin/vmd/config.c | 17 | ||||
| -rw-r--r-- | usr.sbin/vmd/vmd.h | 3 |
2 files changed, 18 insertions, 2 deletions
diff --git a/usr.sbin/vmd/config.c b/usr.sbin/vmd/config.c index 1e1166f8263..9ea87eb86e8 100644 --- a/usr.sbin/vmd/config.c +++ b/usr.sbin/vmd/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.33 2017/08/18 07:01:29 mlarkin Exp $ */ +/* $OpenBSD: config.c,v 1.34 2017/08/31 06:23:37 mlarkin Exp $ */ /* * Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org> @@ -20,6 +20,7 @@ #include <sys/queue.h> #include <sys/time.h> #include <sys/uio.h> +#include <sys/stat.h> #include <sys/socket.h> #include <net/if.h> @@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, uint32_t peerid, uid_t uid) struct vmd_if *vif; struct vmop_create_params *vmc = &vm->vm_params; struct vm_create_params *vcp = &vmc->vmc_params; + struct stat stat_buf; unsigned int i; int fd = -1, vmboot = 0; int kernfd = -1, *diskfds = NULL, *tapfds = NULL; @@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, uint32_t peerid, uid_t uid) /* Open disk images for child */ for (i = 0 ; i < vcp->vcp_ndisks; i++) { + /* Stat disk[i] to ensure it is a regular file */ + if (stat(vcp->vcp_disks[i], &stat_buf) == -1) { + log_warn("%s: can't open disk %s", __func__, + vcp->vcp_disks[i]); + errno = VMD_DISK_MISSING; + goto fail; + } + if (S_ISREG(stat_buf.st_mode) == 0) { + log_warn("%s: disk %s is not a regular file", __func__, + vcp->vcp_disks[i]); + errno = VMD_DISK_INVALID; + goto fail; + } if ((diskfds[i] = open(vcp->vcp_disks[i], O_RDWR)) == -1) { log_warn("%s: can't open disk %s", __func__, diff --git a/usr.sbin/vmd/vmd.h b/usr.sbin/vmd/vmd.h index 57bdb71cd5f..22da6d58a7b 100644 --- a/usr.sbin/vmd/vmd.h +++ b/usr.sbin/vmd/vmd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: vmd.h,v 1.60 2017/08/20 21:15:32 pd Exp $ */ +/* $OpenBSD: vmd.h,v 1.61 2017/08/31 06:23:37 mlarkin Exp $ */ /* * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org> @@ -53,6 +53,7 @@ /* vmd -> vmctl error codes */ #define VMD_BIOS_MISSING 1001 #define VMD_DISK_MISSING 1002 +#define VMD_DISK_INVALID 1003 /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */ #define VMD_DHCP_PREFIX "100.64.0.0/10" |