summaryrefslogtreecommitdiffstats
path: root/usr.sbin/vmd/vmd.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix error path of config_setvm() and its callers. This unbreaksreyk2016-11-221-28/+10
| | | | | | | loading of invalid kernel files. Reported by mlarkin@ OK mlarkin@
* There is no need for res when there is already ret.reyk2016-11-221-5/+4
|
* Insert disabled VMs into vmd(8)'s queues and allow vmctl(8) to display them.edd2016-11-221-1/+38
| | | | | | | | Tested by Jon Bernard and reyk@. OK reyk@, no objections mlarkin@. Thanks
* Pass the internal vmid or 0 to vm_register() instead of changing itreyk2016-11-041-4/+7
| | | | | | once again after setting the next available id. Suggested by edd@
* Update the config/register/get VM methods to match the config_set/getreyk2016-11-041-5/+62
| | | | | | style that is used in other places. Also keep the vmid from the parent. OK edd@
* Separate parsing vms and switches from starting them in vmd(8).edd2016-10-291-7/+70
| | | | | | | Brings us one step closer to having disabled by default vms is vm.conf(5), which can be started with vmctl(8). Input, testing and OK reyk@. Thanks.
* Add the option to specify an interface group per virtual switch as well;reyk2016-10-171-1/+2
| | | | | | this group will be added to all VM tap(4) interfaces in the switch. Tested by martijn@
* Allow to add an interface to an interface group; with the group keyword.reyk2016-10-151-1/+2
| | | | Requested and tested by martijn@
* Fix functionality and semantics of vmctl load/reload/reset.reyk2016-10-121-16/+25
| | | | OK rzalamena@
* Terminate VMs on shutdown of vmd instead of leaving them running asreyk2016-10-061-3/+2
| | | | | | undead VM processes. OK mlarkin@
* Add support for enhanced networking configuration and virtual switches.reyk2016-10-051-8/+47
| | | | | | See vm.conf(5) for more details. OK mlarkin@
* Add a new "priv" process that is responsible for ioctls and restrictedreyk2016-10-041-8/+31
| | | | | | | | | | | operations that aren't allowed under pledge. This is a companion to the "vmd" process that runs as root but with pledge. With the "priv" process, each new tap(4) interface now gets a description to indicate the vm, eg. "vm1-if0-myvm". For network configuration will be done by vmd/priv later. OK mlarkin@
* Implement fork+exec for vmd, using the same framework from httpd etc.reyk2016-09-291-63/+39
| | | | No objections from mlarkin@ sunil@
* small bits of header cleanup; ok mlarkinderaadt2016-08-171-2/+2
|
* Allow starting a VM again after it was terminatedstefan2016-07-291-2/+18
| | | | | | | | | | | If a VM exits, terminate it and remove it from the list of available VMs. That allows a VM with name `foo' to be restarted after it has exited. This changes structures shared between vmd and vmctl. You need to rebuild vmctl also. ok mlarkin@
* Fix a possible use-after-free in vmd, forward the result to thereyk2016-02-051-16/+23
| | | | | | control socket before free'ing the vm. Found by and OK jsg@
* Remove setproctitle() for the parent process. Because rc.d(8) uses processsthen2016-02-021-2/+1
| | | | | | titles (including flags) to distinguish between daemons, this makes it possible to manage multiple copies of a daemon using the normal infrastructure by symlinking rc.d scripts to a new name. ok jung@ ajacoutot@, smtpd ok gilles@
* The vmctl "id" argument can now be a number of or a vm name, eg.reyk2015-12-111-9/+45
| | | | | vmctl stop 3 vmctl stop "openbsd.vm"
* when checking the config file with -n don't open /dev/vmm or require rootjsg2015-12-081-6/+10
| | | | ok reyk@
* make the -f option work as intendedjsg2015-12-081-2/+2
| | | | ok reyk@
* tweak initial error loggingreyk2015-12-071-4/+4
|
* Prevent running a VM with the same name multiple times - multiplereyk2015-12-061-1/+14
| | | | | | | | instances of the same configuration will be handled in a different way later. It is also not a good idea to use the same writeable disk with multiple VMs at the same time. As discussed with mlarkin@
* Print the TTY in the vmctl status output.reyk2015-12-061-4/+16
|
* When a new vm is created with VMM_IOC_CREATE, the kernel assigns areyk2015-12-061-13/+35
| | | | | | | unique id to it. This happens in the vm child process and has to be communicated to the parent processes to track the vm. Knowing the vm id in the parent and vmm processes also allows to remove vm from the daemons list on terminate requests later.
* Check errno from config_getvm() correctlyreyk2015-12-061-2/+2
|
* Print shorter error message if opening /dev/vmm failed.reyk2015-12-051-2/+2
| | | | Pointed out by deraadt@
* Re-add the "load" and "reload" commands to vmctl: Instead of parsingreyk2015-12-031-3/+50
| | | | | | | | the configuration in vmctl directly, it now sends a (re)load request to vmd. The reload also resets the existing configuration status - this doesn't do much difference yet but a future change will compare if a specified VM is already running. "load" will allow to add configuration, while "reload" resets the state before loading.
* Add and document -D and -f flags to vmd.reyk2015-12-031-3/+9
|
* mlarkin's code has been moved to vmm.c, so it is ok to claim the copyright.reyk2015-12-031-2/+2
|
* Add support for an optional vm.conf(5) file in vmd. This will replacereyk2015-12-031-19/+47
| | | | | | | vmm.conf(5) in vmmctl. For a short time, both vmd and vmmctl will support a configuration file, but vmmctl will be changed to send "load" requests to vmd instead of loading and parsing the file directly.
* prepare config_getvm() for parse.yreyk2015-12-031-4/+7
|
* send the tty name to vmmctl and print it as a result.reyk2015-12-021-6/+14
|
* Split the fully privileged parent into two processes "parent" andreyk2015-12-021-9/+129
| | | | | | | | | | | | | | "vmm" with reduced privileges: - the "parent" opens fds (disks, ifs, etc.) but runs as root but pledged as "stdio rpath wpath proc tty sendfd". - the "vmm" process handles the creation and supervision of vm processes, and the primary communication with the vmm(4) subsystem. It runs as _vmd in the chroot but does not use pledge, as the vmm ioctls are not allowed by any pledge model yet. With this change, vmd starts to track the configuration state of VMs in vmd and will allow other things later (like terminating a vm by name, moving the configuration parser to vmd, ...). More incremental changes will follow.
* Start tweaking vmd's privsep and daemon model by splitting the mainreyk2015-12-021-1539/+142
| | | | | | | | process into multiple parts and adopting the "proc.c"-style from other daemons. This allows to further reduce the privileges, to give better pledge(2), and to add some upcoming changes. "please do" mlarkin@, deraadt@
* Automatically start vmm(4) when the first VM is created and after thereyk2015-11-261-51/+1
| | | | | | | | | last VM is terminated. This allows to remove the explicit "vmm enable" / "vmm disable" (VMM_IOC_START / VMM_IOC_STOP) ioctls. You'll have to update kernel and userland for this change, as the kernel ABI changes. OK mpi@ mlarkin@
* typo: should be looking pid == -1tedu2015-11-251-2/+2
|
* accept4() is restarted after signals which prevents vmd from exitingreyk2015-11-231-3/+25
| | | | | | | | | in the current control socket loop. Add a poll before the accept that is not restarted and allows to escape the loop. This code is kind of temporary, as we're planning to replace the event handling, but it allows to kill (or Ctrl+c) vmd for now. OK tedu@, discussed with many
* I accidentally removed a newline in usage() when converting the logreyk2015-11-231-2/+2
| | | | | | messages to log_*. From Cesare Gargano
* Add support for logging to stderr or syslog, and to run vmd inreyk2015-11-231-80/+100
| | | | | | foreground with -d. OK mlarkin@ jung@
* use PATH_MAX where neededderaadt2015-11-221-6/+3
|
* Add $ Idsreyk2015-11-221-0/+2
|
* vmd(8) - virtual machine daemon.mlarkin2015-11-221-0/+1648
There is still a lot to be done, and fixed, in these userland components but I have received enough "it works, commit it" emails that it's time to finish those things in tree. discussed with many, tested by many.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.