Subject: Re: new kpi proposal, sysdisk(9)
To: Bill Studenmund <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 12/31/2006 13:26:13
Bill Studenmund wrote:
> As above, I do like the idea of shifting functionality into NetBSD-common
> code. To be honest, I don't think the partition bounds checking on raw
> access is a good justification for the change you want to make. However
> part of our new auth methodology is that we give admins knobs that they
> can adjust.
> One other use for this, though, comes to my mind. It involves the
> raw-access ioctl discussions we had. Unfortunately I do not remember the
> outcome of this discussion, but what you're describing above strikes me as
> a great basis for deciding if "command bypass" ioctls should be blocked. I
> personally am much more likely to trust a driver to get the partition
> bounds checking code right as opposed to getting every nuance of
> pass-through ioctls right.
okay, so this becomes an implementation question.
do we prefer to add a variable to 'struct vnode', something like I
showed in this message:
or the sysdisk(9) interface, perhaps with some modifications/additions?
(I tend to prefer the latter, because it allows to, for example, mark
"system disk" even if we're dealing with an already-open vnode.)