Subject: Re: CVS commit: src/sys/secmodel/bsd44
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <email@example.com>
Date: 10/12/2006 18:48:58
> YAMAMOTO Takashi wrote:
> >>> what's the semantics of it? "can access any disks"?
> >> Well, I was thinking the semantics should be the "worse case" because we
> >> don't really know anything more than that raw disk access was required
> >> and the access modes -- we can't tell if it's mounted or not, etc.
> > i agree.
> > and it's why i don't think it's a good idea.
> > it's better to require caller to specify a device.
> The thing is, a device/vnode may not always be available from the
> calling context, especially if the direct disk/memory access is indirect
> and may happen later. When I added that generic policy, what I had in
> mind are some drivers that allow that sort of access, but don't have
> any specific disk associated with the call itself.
> Try 'grep -r securelevel src/sys/dev/'...
are you talking about "passthru" type ioctls?
it's better to distinguish them from normal specfs operations.
ie. another REQ_xxx, rather than using NULL/NODEV.