From 8d2b78738e5adce1d648996816c440d9824938a8 Mon Sep 17 00:00:00 2001 From: pd Date: Sun, 18 Feb 2018 01:00:25 +0000 Subject: [PATCH] vmd: fix vmctl pause for non existing vm ids (never returns) check if vm id is valid before sending to vmm for pausing. The 'lock' is caused by vmm sending back ENOENT for a non existent vm but vmd drops the message because it doesn't recogize the vmid vmm is talking about. This is an artifact of the 'policy' don't trust any imsg from a sibling priv sep process and do your own checking. reported by Abel Abraham Camarillo Ojeda ok mlarkin@ and ccardenas@ --- usr.sbin/vmd/vmd.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/usr.sbin/vmd/vmd.c b/usr.sbin/vmd/vmd.c index c0499e03813..b987b1bd92f 100644 --- a/usr.sbin/vmd/vmd.c +++ b/usr.sbin/vmd/vmd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmd.c,v 1.79 2018/01/10 14:59:59 sthen Exp $ */ +/* $OpenBSD: vmd.c,v 1.80 2018/02/18 01:00:25 pd Exp $ */ /* * Copyright (c) 2015 Reyk Floeter @@ -186,6 +186,10 @@ vmd_dispatch_control(int fd, struct privsep_proc *p, struct imsg *imsg) } else { vid.vid_id = vm->vm_vmid; } + } else if (vm_getbyid(vid.vid_id) == NULL) { + res = ENOENT; + cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE; + break; } proc_compose_imsg(ps, PROC_VMM, -1, imsg->hdr.type, imsg->hdr.peerid, -1, &vid, sizeof(vid)); -- 2.20.1