yamt@mwd.biglobe.ne.jp wrote:

> > Modified Files:
> > 	src/sys/arch/news68k/news68k: disksubr.c
> > 	src/sys/arch/newsmips/newsmips: disksubr.c
> > 
> > Log Message:
> > XXX: use KAUTH_DEVICE_RAWIO_PASSTHRU for direct disk access here.
> > 
> > 
> > To generate a diff of this commit:
> > cvs rdiff -r1.25 -r1.26 src/sys/arch/news68k/news68k/disksubr.c
> > cvs rdiff -r1.22 -r1.23 src/sys/arch/newsmips/newsmips/disksubr.c
> > 
> > Please note that diffs are not public domain; they are subject to the
> > copyright notices on the relevant files.
> 
> as you know, it's purely an abuse.
> 
> i'm not sure why these ports are special.  tsutsui-san?

In short words, for installboot(8).

In long words:
On these NEWS machines, the firmware loads the first 16 sectors
from boot disk and jump there at boot, but the first sector
(which is LABELSECTOR) also contains struct disklabel at
LABELOFFSET (== 64), so installboot(8) has to write some jump
instructions at the top of the LABELSECTOR to skip disklabel.

If we try to installboot(8) against A partition, it fails
due to bounds_check_with_label(). We could still specify
RAW_PART for installboot(8), but some time ago sys/dev/scsipi/sd.c
was changed to call bounds_check_with_label() even for RAW_PART,
so I added the secure_level checks for workaround.

After some time, the bounds_check_with_label() check for
RAW_PART was replaced with bounds_check_wiht_mediasize(),
so installboot(8) against RAW_PART became safe again,
but it still failed on A (root) partition, so I didn't
revert the changes.

Hmm, now I check sbin/disklabel/main.c and sys/dev/scsipi/sd.c.
Is it enough to just call DIOCWLABEL ioctl in installboot(8)?


BTW, is it really worth to check about overwriting disklabel
in bounds_check_with_label()? I guess it's almost the only reason
why RAW_PART shall be 3 (D partition) on ports which support MBR,
and some ports (macppc etc.) don't have the check.
---
Izumi Tsutsi