From 72ea8f41e19d3e028dd4ab3f9102240e215dbc6d Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Wed, 28 Aug 2024 18:57:38 +0000 Subject: [PATCH] vmm: Let devmem devices reference the VM credential Otherwise they are globally visible (in jails with allow.vmm set), instead of being restricted to the jail to which the VM belongs. Reviewed by: corvink, jhb Differential Revision: https://reviews.freebsd.org/D46448 --- sys/dev/vmm/vmm_dev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/vmm/vmm_dev.c b/sys/dev/vmm/vmm_dev.c index 53b4dc8cda91..fa9357b3b566 100644 --- a/sys/dev/vmm/vmm_dev.c +++ b/sys/dev/vmm/vmm_dev.c @@ -997,7 +997,7 @@ devmem_create_cdev(struct vmmdev_softc *sc, int segid, char *devname) vmname = vm_name(sc->vm); - error = make_dev_p(MAKEDEV_CHECKNAME, &cdev, &devmemsw, NULL, + error = make_dev_p(MAKEDEV_CHECKNAME, &cdev, &devmemsw, sc->ucred, UID_ROOT, GID_WHEEL, 0600, "vmm.io/%s.%s", vmname, devname); if (error) return (error);