Subject: Re: CVS commit: src/sys/secmodel/bsd44
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <email@example.com>
Date: 10/27/2006 00:23:46
> Andrew Doran wrote:
> > I'm not sure what the issue at hand is, but: the SCSI/RAID pass through
> > interfaces that I had involvement with allow I/O directly to disks. Also
> > since we can't trust either the firmware or the user-space consumers, we
> > can't rule out the possibility that the interfaces could be used to access
> > physical memory.
> I think the questions are:
> - In the relevant code (the "passthru" ioctls), should we issue a
> request to check if raw disk IO is allowed, or if a user-command is
> - What "passthru" commands imply raw disk IO? what commands may also
> imply raw memory IO? are they easily distinguishable?
i'd vote to have a separate "passthru" kauth request.
it's different enough from normal raw device i/o, IMO.