On Sat, Apr 07, 2007 at 06:00:14PM +0200, Manuel Bouyer wrote:
> 
> I want this for mfi(4), for which I have no alternatives to get RAID status
> (if a drive fail you don't know, unless you go in front of the box and look
> at the LEDs). I will also add support to amr(4) as I have the hardware
> for this.

Anywhere this can _change_ RAID set or controller state, it needs very
careful attention to not break the security model.  Of course OpenBSD
didn't bother to deal with this because they're all about security.

Elad added the necessary hooks for this for this to kauth and I was
going to add an appropriate implementation for amr's management interface
(basically, you have to parse the command being sent by the user to the
controller firmware to decide if it's permissible or not) but unfortunately
I've been tremendously distracted.  But if we're going to rip out the old
device-specific management interfaces that let users bang directly on the
device firmware, and filter these accesses through bio instead, it's an
ideal opportunity to get the security stuff right.

Thor