git: 097d8306bfba - stable/14 - bhyveload: enter capability mode after we setup the vcpu
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 22 Jan 2024 17:30:01 UTC
The branch stable/14 has been updated by kevans:
URL: https://cgit.FreeBSD.org/src/commit/?id=097d8306bfba66ef1ceb4e74ab7e0fbf30489c52
commit 097d8306bfba66ef1ceb4e74ab7e0fbf30489c52
Author: Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-01-03 22:18:00 +0000
Commit: Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-01-22 17:18:48 +0000
bhyveload: enter capability mode after we setup the vcpu
Reviewed by: allanjude (earlier version), emaste, markj
(cherry picked from commit 8bf0882e186effbd3d742ce17613cf9dfb81ce0c)
---
usr.sbin/bhyveload/bhyveload.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/usr.sbin/bhyveload/bhyveload.c b/usr.sbin/bhyveload/bhyveload.c
index 7503598ba94b..d4f930e8cc76 100644
--- a/usr.sbin/bhyveload/bhyveload.c
+++ b/usr.sbin/bhyveload/bhyveload.c
@@ -78,6 +78,7 @@
#include <termios.h>
#include <unistd.h>
+#include <capsicum_helpers.h>
#include <vmmapi.h>
#include "userboot.h"
@@ -868,6 +869,12 @@ main(int argc, char** argv)
vcpu = vm_vcpu_open(ctx, BSP);
+ caph_cache_catpages();
+ if (caph_enter() < 0) {
+ perror("caph_enter");
+ exit(1);
+ }
+
/*
* setjmp in the case the guest wants to swap out interpreter,
* cb_swap_interpreter will swap out loader as appropriate and set