From owner-freebsd-hackers@FreeBSD.ORG  Wed Dec 31 11:24:35 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 987F616A4CF; Wed, 31 Dec 2003 11:24:35 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 44C8243D39; Wed, 31 Dec 2003 11:24:27 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.10/8.12.10) with ESMTP id hBVJNNUd072046;
	Wed, 31 Dec 2003 14:23:23 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)hBVJNM6s072043;
	Wed, 31 Dec 2003 14:23:23 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Wed, 31 Dec 2003 14:23:22 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: John Baldwin <jhb@FreeBSD.org>
In-Reply-To: <XFMail.20031231140204.jhb@FreeBSD.org>
Message-ID: <Pine.NEB.3.96L.1031231141605.54208B-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: hackers@FreeBSD.org
cc: William Michael Grim <wgrim@siue.edu>
Subject: Re: pciconf -lv - /dev/pci error
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Dec 2003 19:24:35 -0000


On Wed, 31 Dec 2003, John Baldwin wrote:

> History is in PR 32677.  I do think your patch might be ok if it only
> applies to the -l case.  If so, then it should probably be committed and
> MFC'd (along with the kernel pci_user.c change) so the PR can be closed. 

Well, this patch changes only the user code for pciconf, which doesn't run
with privilege, not the kernel code implementing the protections.  pciconf
appears only to require the PCIOCGETCONF ioctl to implement -l[v], and all
this patch does is make it so pciconf ask for a read-only file descriptor
for -l[v].  This patch doesn't fix pciconf with securelevels, since we
still prevent acquiring an open file descriptor when the securelevel is >
0.  I think a better answer would be to expose the PCI stuff using a
sysctl mib rather than an ioctl, since file descriptors to /dev/pci are
multi-purpose, and imply the ability to read/write the register space,
etc.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Senior Research Scientist, McAfee Research