Re: Adding KAUTH_DEVICE_TTY_ATTACH_<TYPE>

[Elad Efrat <elad%NetBSD.org@localhost>]

On Tue, Apr 28, 2009 at 10:23 PM, Iain Hibbert 
<plunky%rya-online.net@localhost> wrote:
> On Tue, 28 Apr 2009, Elad Efrat wrote:
>
>> We have several pieces of code that support attaching a tty. I would
>> like to move them away from KAUTH_GENERIC_ISSUSER, and propose
>> KAUTH_DEVICE_TTY_ATTACH_ as a replacement, with extensions such as
>> SLIP (net/if_sl.c), STRIP (net/if_strip.c), PPP (net/ppp_tty.c),
>> BTUART (dev/bluetooth/btuart.c), and BCSP (dev/bluetooth/bcsp.c).
>
> I'm not sure that this really comes under 'attaching a tty'?
>
> All of those are more accurately described as attaching a line discipline
> but that is somewhat vague as to the permissions needed so perhaps a
> better category is 'create a pseudo device' with sub-categories of NETWORK
> for sl(4), strip(4), ppp(4) plus tap(4) and gif(4) etc, BlUETOOTH for
> btuart(4) and bcsp(4) plus perhaps DISK for vnd(4) and raid(4) and any
> other such that I don't know about..?

The comments at the top of each function state that they're "attaching
a tty to the first available <type unit>". Looking at the code, most
just iterate through a list, looking for an entry with a NULL tty
pointer, and use it to attach the passed tty.
Why should we call it "create a pseudo device"?

> (I guess that there are some scopes in place already covering this, but
> for example I'm not sure that KAUTH_REQ_NETWORK_INTERFACE_SETPRIV
> obviously covers creating a software interface as per SIOCIFCREATE)

It doesn't. There are some more "create" requests that are either not
yet converted or need to be fixed. Since I'm doing this fun work by
myself, I allow myself to divide them to categories that will later
make it easier to grep through and fix. ;)

Thanks,

-e.