Subject: Re: kauth machdep actions (Re: CVS commit: src)
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <firstname.lastname@example.org>
Date: 12/26/2006 19:17:23
> attached is a diff that:
> - removes 'enum kauth_machdep_req' and any use of it
> - moves requests a level up, making them all actions:
> - converts sys/arch/* code to use the above.
> - adapts secmodel code to the changes, unifying the security policy
> for them:
> KAUTH_MACHDEP_IOPERM_GET - allow always
> KAUTH_MACHDEP_IOPERM_SET - superuser, securelevel < 1 only
> KAUTH_MACHDEP_IOPL - superuser, securelevel < 1 only
> KAUTH_MACHDEP_LDT_GET - allow always (new action)
> KAUTH_MACHDEP_LDT_SET - allow always (new action)
> KAUTH_MACHDEP_MTRR_GET - allow always (*)
> KAUTH_MACHDEP_MTRR_SET - superuser only
> KAUTH_MACHDEP_UNMANAGEDMEM - superuser, securelevel < 0 only (*)
> * amd64 code for netbsd32 emulation used to deny MTRR_GET for non-root
> users. I assumed this was a copy/paste error, so the new policy
> always allows MTRR_GET.
> * access to unmanaged memory was unified, to check both superuser and
> securelevel. some ports (sun3, hp300, see my original message about
> that) are still not checking either -- these are subject to future
> work, shall we decide to adapt them to the said policy.
> please review; if we'll be doing this, it should go to netbsd-4 too.
seems reasonable to me.