YAMAMOTO Takashi wrote:
>>> kauth_authorize_device(cred, KAUTH_DEVICE_RAWIO, r/w/passthru, vp, some_data);
>>>
>>> i wonder what's the status of devvp branch.
>> we can only do the above if we can gurantee the vp at all times... for
>> now I think we should pass dev:
>>
>> kauth_authorize_device(cred, KAUTH_DEVICE_RAWIO, r/w/passthru, dev,
>>     some_data);
>>
>> (and we note in the man-page listeners for that request should use
>> iskmemdev())
> 
> seems fine to me.

okay, I'll do that.

>> and, that allows us to make kauth_authorize_device_tty() a wrapper
>> around that one, and not directly call kauth_authorize_action() if we
>> want.
> 
> i'm not sure if it is counted as a benefit.

call overhead? :)

-e.

-- 
Elad Efrat