summaryrefslogtreecommitdiff
path: root/usr/src
diff options
context:
space:
mode:
authorMichael Zeller <mike@mikezeller.net>2020-04-30 12:30:00 -0400
committerGitHub <noreply@github.com>2020-04-30 12:30:00 -0400
commit54a7e5761a35624975c2f384a98b3235bf625094 (patch)
tree450ea4b694961d00606485aa323234bb2ad69851 /usr/src
parent0f8413a98e7949bf0a6a2c24153f2928c7eb5cfb (diff)
downloadillumos-joyent-54a7e5761a35624975c2f384a98b3235bf625094.tar.gz
OS-8165 dockerinit should be able to start lx_lockd (#297)
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com> Reviewed by: Max Bruning <max@joyent.com> Approved by: Jerry Jelinek <jerry.jelinek@joyent.com>
Diffstat (limited to 'usr/src')
-rw-r--r--usr/src/uts/common/brand/lx/os/lx_brand.c13
-rw-r--r--usr/src/uts/common/brand/lx/sys/lx_brand.h1
2 files changed, 11 insertions, 3 deletions
diff --git a/usr/src/uts/common/brand/lx/os/lx_brand.c b/usr/src/uts/common/brand/lx/os/lx_brand.c
index fed6be37cf..c7e5351778 100644
--- a/usr/src/uts/common/brand/lx/os/lx_brand.c
+++ b/usr/src/uts/common/brand/lx/os/lx_brand.c
@@ -25,7 +25,7 @@
*/
/*
- * Copyright 2019 Joyent, Inc.
+ * Copyright 2020 Joyent, Inc.
*/
/*
@@ -1402,8 +1402,15 @@ lx_brandsys(int cmd, int64_t *rval, uintptr_t arg1, uintptr_t arg2,
if (p->p_brand == NULL)
return (ENOSYS);
- VERIFY(p->p_brand == &lx_brand);
- VERIFY(p->p_brand_data != NULL);
+ /*
+ * Certain native applications may wish to start the lx_lockd process.
+ * Every other process that's not branded should be denied.
+ */
+ if (p->p_brand != &lx_brand && cmd != B_START_NFS_LOCKD)
+ return (ENOSYS);
+
+ if (cmd != B_START_NFS_LOCKD)
+ VERIFY(p->p_brand_data != NULL);
switch (cmd) {
case B_REGISTER:
diff --git a/usr/src/uts/common/brand/lx/sys/lx_brand.h b/usr/src/uts/common/brand/lx/sys/lx_brand.h
index 90d87d78a8..85aa5e34bd 100644
--- a/usr/src/uts/common/brand/lx/sys/lx_brand.h
+++ b/usr/src/uts/common/brand/lx/sys/lx_brand.h
@@ -94,6 +94,7 @@ extern "C" {
#define B_LPID_TO_SPAIR 128
#define B_GET_CURRENT_CONTEXT 129
#define B_EMULATION_DONE 130
+/* Some native programs use B_START_NFS_LOCKD, so don't change this. */
#define B_START_NFS_LOCKD 131
#define B_BLOCK_ALL_SIGS 132
#define B_UNBLOCK_ALL_SIGS 133