From 3538c82e367aad78e6d4a3460e0504649058f387 Mon Sep 17 00:00:00 2001 From: dv Date: Wed, 12 May 2021 20:13:00 +0000 Subject: [PATCH] vmctl(8): remove unveil from disk image creation routines James Cook reported an issue creating images from qcow2 disks that contained base images. Initial approach suggested was to replace the use of realpath(3), but since this is common code used in vmd(8) the better option is to just remove the use of unveil(1) in vmctl. (It was added very early in vmctl's development before support for disk conversion was added.) This does not change existing unveil usage in vmctl for things like the control socket or the serial console. There's no change to vmd either. Discussed with and OK from mlarkin@ --- usr.sbin/vmctl/main.c | 17 ++--------------- usr.sbin/vmctl/vmctl.c | 11 +---------- 2 files changed, 3 insertions(+), 25 deletions(-) diff --git a/usr.sbin/vmctl/main.c b/usr.sbin/vmctl/main.c index 1a8460a001a..8bfa3b7d342 100644 --- a/usr.sbin/vmctl/main.c +++ b/usr.sbin/vmctl/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.64 2021/04/02 19:07:18 dv Exp $ */ +/* $OpenBSD: main.c,v 1.65 2021/05/12 20:13:00 dv Exp $ */ /* * Copyright (c) 2015 Reyk Floeter @@ -569,13 +569,9 @@ ctl_create(struct parse_result *res, int argc, char *argv[]) switch (ch) { case 'b': base = optarg; - if (unveil(base, "r") == -1) - err(1, "unveil"); break; case 'i': input = optarg; - if (unveil(input, "r") == -1) - err(1, "unveil"); break; case 's': if (parse_size(res, optarg) != 0) @@ -594,10 +590,8 @@ ctl_create(struct parse_result *res, int argc, char *argv[]) type = parse_disktype(argv[0], &disk); - if (pledge("stdio rpath wpath cpath unveil", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) err(1, "pledge"); - if (unveil(disk, "rwc") == -1) - err(1, "unveil"); if (input) { if (base && input) @@ -605,9 +599,6 @@ ctl_create(struct parse_result *res, int argc, char *argv[]) return ctl_convert(input, disk, type, res->size); } - if (unveil(NULL, NULL)) - err(1, "unveil"); - if (base && type != VMDF_QCOW2) errx(1, "base images require qcow2 disk format"); if (res->size == 0 && !base) { @@ -655,10 +646,6 @@ ctl_convert(const char *srcfile, const char *dstfile, int dsttype, size_t dstsiz goto done; } - /* We can only lock unveil after opening the disk and all base images */ - if (unveil(NULL, NULL)) - err(1, "unveil"); - if (dstsize == 0) dstsize = src.size; else diff --git a/usr.sbin/vmctl/vmctl.c b/usr.sbin/vmctl/vmctl.c index 8a8d153460b..7871eacf6b0 100644 --- a/usr.sbin/vmctl/vmctl.c +++ b/usr.sbin/vmctl/vmctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmctl.c,v 1.77 2021/03/22 18:50:11 kn Exp $ */ +/* $OpenBSD: vmctl.c,v 1.78 2021/05/12 20:13:00 dv Exp $ */ /* * Copyright (c) 2014 Mike Larkin @@ -885,14 +885,6 @@ open_imagefile(int type, const char *imgfile_path, int flags, } else if (ret == 0) break; - /* - * This might be called after unveil is already - * locked but it is save to ignore the EPERM error - * here as the subsequent open would fail as well. - */ - if ((ret = unveil(path, "r")) != 0 && - (ret != EPERM)) - err(1, "unveil"); if ((basefd[i + 1] = open(path, O_RDONLY)) == -1) { log_warn("%s: failed to open base %s", __func__, path); @@ -951,4 +943,3 @@ create_imagefile(int type, const char *imgfile_path, const char *base_path, return (ret); } - -- 2.20.1