From 02cebe45fca07e08503297dcade6f35135007547 Mon Sep 17 00:00:00 2001
From: Justus Winter <4winter@informatik.uni-hamburg.de>
Date: Fri, 7 Nov 2014 09:59:46 +0100
Subject: boot: disable device-pass-through if running unprivileged

* boot/boot.c (device_pass_through): New variable.
(main): Disable pass-through if the master device port is not
available to us.
---
 boot/boot.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/boot/boot.c b/boot/boot.c
index fb26a4b4..ec1ab6c1 100644
--- a/boot/boot.c
+++ b/boot/boot.c
@@ -80,6 +80,7 @@
 static struct termios orig_tty_state;
 static int isig;
 static char *kernel_command_line;
+static int device_pass_through;
 
 static void
 init_termstate ()
@@ -533,6 +534,7 @@ main (int argc, char **argv, char **envp)
     error (4, err, "%s", root_store_name);
 
   get_privileged_ports (&privileged_host_port, &master_device_port);
+  device_pass_through = MACH_PORT_VALID (master_device_port);
 
   strcat (bootstrap_args, "f");
 
@@ -541,7 +543,9 @@ main (int argc, char **argv, char **envp)
 
   if (root_store->class == &store_device_class && root_store->name
       && (root_store->flags & STORE_ENFORCED)
-      && root_store->num_runs == 1 && root_store->runs[0].start == 0)
+      && root_store->num_runs == 1
+      && root_store->runs[0].start == 0
+      && device_pass_through)
     /* Let known device nodes pass through directly.  */
     bootdevice = root_store->name;
   else
-- 
cgit v1.2.3