Date: Mon, 4 Dec 2000 21:50:13 -0700 From: "Kenneth D. Merry" <ken@kdm.org> To: Lyndon Nerenberg <lyndon@orthanc.ab.ca> Cc: hackers@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Re: PCIOCGETCONF/PCIOCREAD requires write permission? Message-ID: <20001204215013.B42689@panzer.kdm.org> In-Reply-To: <200012030438.eB34cJm00619@orthanc.ab.ca>; from lyndon@orthanc.ab.ca on Sat, Dec 02, 2000 at 09:38:19PM -0700 References: <20001201174408.A17122@panzer.kdm.org> <200012030438.eB34cJm00619@orthanc.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Dec 02, 2000 at 21:38:19 -0700, Lyndon Nerenberg wrote: > >>>>> "Kenneth" == Kenneth D Merry <ken@kdm.org> writes: > > >> Is there any reason why the FWRITE test cannot/should not be > >> moved down into the 'case PCIOCWRITE' part of the switch? This > >> would make both PCIOCGETCONF and PCIOCREAD work for readonly > >> access to /dev/pci (which seems to me to be saner behaviour). > > Kenneth> At least with the PCIOCGETCONF, you need write > Kenneth> permission, because it copies in patterns to match > Kenneth> against. > > Does that have to equate with write access? Since you aren't changing > anything (device-wise) it seems this should be a read-only thing (even > though you're actually writing into the kernel memory arena). From your comments below, you apparantly don't have to have write access to do a copyin. I would like to have pciconf -l available for normal users, but my only hesitation is that there could be security implications. If we can get someone (i.e. a security type person) to check the PCIOCGETCONF code carefully for any potential problems, then we can enable it for normal users. The code wasn't written with security in mind, so I don't want to open it up to regular users without a security evaluation. If we can get that, then I don't see a problem with allowing read only access for that ioctl. Ken -- Kenneth Merry ken@kdm.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001204215013.B42689>