Bill Studenmund wrote:

> As above, I do like the idea of shifting functionality into NetBSD-common 
> code. To be honest, I don't think the partition bounds checking on raw 
> access is a good justification for the change you want to make. However 
> part of our new auth methodology is that we give admins knobs that they 
> can adjust.
> 
> One other use for this, though, comes to my mind. It involves the 
> raw-access ioctl discussions we had. Unfortunately I do not remember the 
> outcome of this discussion, but what you're describing above strikes me as 
> a great basis for deciding if "command bypass" ioctls should be blocked. I 
> personally am much more likely to trust a driver to get the partition 
> bounds checking code right as opposed to getting every nuance of 
> pass-through ioctls right.

okay, so this becomes an implementation question.

do we prefer to add a variable to 'struct vnode', something like I
showed in this message:

http://mail-index.netbsd.org/tech-kern/2006/12/29/0033.html

or the sysdisk(9) interface, perhaps with some modifications/additions?

(I tend to prefer the latter, because it allows to, for example, mark
"system disk" even if we're dealing with an already-open vnode.)

-e.