Re: vmd: enable pause/unpause for vm owners

2018-04-17 Thread Pratik Vyas

* Mohamed Aslan  [2018-04-16 00:54:43 -0400]:


Hello tech@,

I noticed that vmd(8) only allows VM owners to start/stop their
VMs, but does not let them to pause/unpause those VMs.

I was just wondering if there are reasons behind that. If not, the
patch below enables pause/unpause commands for VM owners.

Regards,
Aslan


Hi Aslan,

No reason behind not letting owners pause / unpause.  vmctl send
/ receive is also missing this and it's on my list.

Thanks for the patch!  It looks ok and I will commit it.

--
Pratik



vmd: enable pause/unpause for vm owners

2018-04-15 Thread Mohamed Aslan
Hello tech@,

I noticed that vmd(8) only allows VM owners to start/stop their
VMs, but does not let them to pause/unpause those VMs.

I was just wondering if there are reasons behind that. If not, the
patch below enables pause/unpause commands for VM owners.

Regards,
Aslan
Index: control.c
===
RCS file: /cvs/src/usr.sbin/vmd/control.c,v
retrieving revision 1.22
diff -u -p -r1.22 control.c
--- control.c   8 Sep 2017 06:24:31 -   1.22
+++ control.c   16 Apr 2018 04:40:24 -
@@ -340,6 +340,8 @@ control_dispatch_imsg(int fd, short even
case IMSG_VMDOP_GET_INFO_VM_REQUEST:
case IMSG_VMDOP_TERMINATE_VM_REQUEST:
case IMSG_VMDOP_START_VM_REQUEST:
+   case IMSG_VMDOP_PAUSE_VM:
+   case IMSG_VMDOP_UNPAUSE_VM:
break;
default:
if (c->peercred.uid != 0) {
@@ -373,8 +375,6 @@ control_dispatch_imsg(int fd, short even
/* FALLTHROUGH */
case IMSG_VMDOP_RECEIVE_VM_REQUEST:
case IMSG_VMDOP_SEND_VM_REQUEST:
-   case IMSG_VMDOP_PAUSE_VM:
-   case IMSG_VMDOP_UNPAUSE_VM:
case IMSG_VMDOP_LOAD:
case IMSG_VMDOP_RELOAD:
case IMSG_CTL_RESET:
@@ -421,6 +421,21 @@ control_dispatch_imsg(int fd, short even
control_close(fd, cs);
return;
}
+   break;
+   case IMSG_VMDOP_PAUSE_VM:
+   case IMSG_VMDOP_UNPAUSE_VM:
+   if (IMSG_DATA_SIZE() < sizeof(vid))
+   goto fail;
+   memcpy(, imsg.data, sizeof(vid));
+   vid.vid_uid = c->peercred.uid;
+   log_debug("%s id: %d, name: %s, uid: %d",
+   __func__, vid.vid_id, vid.vid_name,
+   vid.vid_uid);
+
+   if (proc_compose_imsg(ps, PROC_PARENT, -1,
+   imsg.hdr.type, fd, imsg.fd,
+   , sizeof(vid)) == -1)
+   goto fail;
break;
default:
log_debug("%s: error handling imsg %d",
Index: vm.conf.5
===
RCS file: /cvs/src/usr.sbin/vmd/vm.conf.5,v
retrieving revision 1.27
diff -u -p -r1.27 vm.conf.5
--- vm.conf.5   3 Jan 2018 05:39:56 -   1.27
+++ vm.conf.5   16 Apr 2018 04:40:24 -
@@ -206,7 +206,8 @@ Memory size of the VM, in bytes, rounded
 The default is 512M.
 .It Cm owner Ar user Ns Op : Ns Ar group
 Set the owner of the VM to the specified user or group.
-The owner will be allowed to start or stop the VM and open the VM's console.
+The owner will be allowed to start or stop the VM, pause or unpause the VM,
+and open the VM's console.
 .It Cm owner Pf : Ar group
 Set the owner to the specified group.
 .El
Index: vmd.c
===
RCS file: /cvs/src/usr.sbin/vmd/vmd.c,v
retrieving revision 1.82
diff -u -p -r1.82 vmd.c
--- vmd.c   29 Mar 2018 18:29:24 -  1.82
+++ vmd.c   16 Apr 2018 04:40:25 -
@@ -186,8 +186,13 @@ vmd_dispatch_control(int fd, struct priv
} else {
vid.vid_id = vm->vm_vmid;
}
-   } else if (vm_getbyid(vid.vid_id) == NULL) {
+   } else if ((vm = vm_getbyid(vid.vid_id)) == NULL) {
res = ENOENT;
+   cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE;
+   break;
+   }
+   if (vm_checkperm(vm, vid.vid_uid) != 0) {
+   res = EPERM;
cmd = IMSG_VMDOP_PAUSE_VM_RESPONSE;
break;
}