Only open /dev/vmm once in vmd(8).

Have the parent process open /dev/vmm and send the fd to the vmm
child process. Only the vmm process and its resulting children
(guest vms) need it for ioctl calls.

ok kn@

diff --git a/usr.sbin/vmd/vmd.c b/usr.sbin/vmd/vmd.c
index 6bffb25..0557a31 100644 (file)
--- a/usr.sbin/vmd/vmd.c
+++ b/usr.sbin/vmd/vmd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vmd.c,v 1.135 2022/12/28 21:30:19 jmc Exp $   */
+/*     $OpenBSD: vmd.c,v 1.136 2023/01/14 20:55:55 dv Exp $    */
 
 /*
  * Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@@ -847,8 +847,8 @@ main(int argc, char **argv)
        proc_priv->p_pw = &proc_privpw; /* initialized to all 0 */
        proc_priv->p_chroot = ps->ps_pw->pw_dir; /* from VMD_USER */
 
-       /* Open /dev/vmm */
-       if (env->vmd_noaction == 0) {
+       /* Open /dev/vmm early. */
+       if (env->vmd_noaction == 0 && proc_id == PROC_PARENT) {
                env->vmd_fd = open(VMM_NODE, O_RDWR);
                if (env->vmd_fd == -1)
                        fatal("%s", VMM_NODE);
@@ -971,6 +971,10 @@ vmd_configure(void)
                exit(0);
        }
 
+       /* Send VMM device fd to vmm proc. */
+       proc_compose_imsg(&env->vmd_ps, PROC_VMM, -1,
+           IMSG_VMDOP_RECEIVE_VMM_FD, -1, env->vmd_fd, NULL, 0);
+
        /* Send shared global configuration to all children */
        if (config_setconfig(env) == -1)
                return (-1);

diff --git a/usr.sbin/vmd/vmd.h b/usr.sbin/vmd/vmd.h
index f1ccfea..3e7f1d1 100644 (file)
--- a/usr.sbin/vmd/vmd.h
+++ b/usr.sbin/vmd/vmd.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vmd.h,v 1.112 2022/12/23 19:25:22 dv Exp $    */
+/*     $OpenBSD: vmd.h,v 1.113 2023/01/14 20:55:55 dv Exp $    */
 
 /*
  * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@@ -108,6 +108,7 @@ enum imsg_type {
        IMSG_VMDOP_GET_INFO_VM_DATA,
        IMSG_VMDOP_GET_INFO_VM_END_DATA,
        IMSG_VMDOP_LOAD,
+       IMSG_VMDOP_RECEIVE_VMM_FD,
        IMSG_VMDOP_RELOAD,
        IMSG_VMDOP_PRIV_IFDESCR,
        IMSG_VMDOP_PRIV_IFADD,

diff --git a/usr.sbin/vmd/vmm.c b/usr.sbin/vmd/vmm.c
index 6c2bdbd..d9eff3c 100644 (file)
--- a/usr.sbin/vmd/vmm.c
+++ b/usr.sbin/vmd/vmm.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vmm.c,v 1.106 2022/11/06 11:54:08 dv Exp $    */
+/*     $OpenBSD: vmm.c,v 1.107 2023/01/14 20:55:55 dv Exp $    */
 
 /*
  * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@@ -94,9 +94,6 @@ vmm_run(struct privsep *ps, struct privsep_proc *p, void *arg)
         */
        if (pledge("stdio vmm sendfd recvfd proc", NULL) == -1)
                fatal("pledge");
-
-       /* Get and terminate all running VMs */
-       get_info_vm(ps, NULL, 1);
 }
 
 int
@@ -315,6 +312,14 @@ vmm_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
                    imsg->hdr.type, imsg->hdr.peerid, imsg->hdr.pid,
                    imsg->fd, &var, sizeof(var));
                break;
+       case IMSG_VMDOP_RECEIVE_VMM_FD:
+               if (env->vmd_fd > -1)
+                       fatalx("already received vmm fd");
+               env->vmd_fd = imsg->fd;
+
+               /* Get and terminate all running VMs */
+               get_info_vm(ps, NULL, 1);
+               break;
        default:
                return (-1);
        }