Subject: Re: new kpi proposal, sysdisk(9)
To: Bill Studenmund <>
From: Elad Efrat <>
List: tech-kern
Date: 12/31/2006 13:26:13
Bill Studenmund wrote:

> As above, I do like the idea of shifting functionality into NetBSD-common 
> code. To be honest, I don't think the partition bounds checking on raw 
> access is a good justification for the change you want to make. However 
> part of our new auth methodology is that we give admins knobs that they 
> can adjust.
> One other use for this, though, comes to my mind. It involves the 
> raw-access ioctl discussions we had. Unfortunately I do not remember the 
> outcome of this discussion, but what you're describing above strikes me as 
> a great basis for deciding if "command bypass" ioctls should be blocked. I 
> personally am much more likely to trust a driver to get the partition 
> bounds checking code right as opposed to getting every nuance of 
> pass-through ioctls right.

okay, so this becomes an implementation question.

do we prefer to add a variable to 'struct vnode', something like I
showed in this message:

or the sysdisk(9) interface, perhaps with some modifications/additions?

(I tend to prefer the latter, because it allows to, for example, mark
"system disk" even if we're dealing with an already-open vnode.)