Subject: Re: CVS commit: src/sys/secmodel/bsd44
To: Andrew Doran <ad@netbsd.org>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 10/17/2006 15:40:13
Andrew Doran wrote:
> I'm not sure what the issue at hand is, but: the SCSI/RAID pass through
> interfaces that I had involvement with allow I/O directly to disks. Also
> since we can't trust either the firmware or the user-space consumers, we
> can't rule out the possibility that the interfaces could be used to access
> physical memory.
I think the questions are:
- In the relevant code (the "passthru" ioctls), should we issue a
request to check if raw disk IO is allowed, or if a user-command is
allowed?
- What "passthru" commands imply raw disk IO? what commands may also
imply raw memory IO? are they easily distinguishable?
-e.
--
Elad Efrat