From owner-freebsd-current  Sat Feb  3 12:23:54 2001
Delivered-To: freebsd-current@freebsd.org
Received: from harmony.village.org (rover.village.org [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP id C371D37B4EC
	for <freebsd-current@FreeBSD.ORG>; Sat,  3 Feb 2001 12:23:36 -0800 (PST)
Received: from harmony.village.org (localhost.village.org [127.0.0.1])
	by harmony.village.org (8.11.1/8.11.1) with ESMTP id f13KLQ962051;
	Sat, 3 Feb 2001 13:21:26 -0700 (MST)
	(envelope-from imp@harmony.village.org)
Message-Id: <200102032021.f13KLQ962051@harmony.village.org>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Subject: Re: DEVFS newbie... 
Cc: Peter Wemm <peter@netplex.com.au>, freebsd-current@FreeBSD.ORG
In-reply-to: Your message of "Sat, 03 Feb 2001 21:03:42 +0100."
		<14918.981230622@critter> 
References: <14918.981230622@critter>  
Date: Sat, 03 Feb 2001 13:21:26 -0700
From: Warner Losh <imp@harmony.village.org>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <14918.981230622@critter> Poul-Henning Kamp writes:
: Doing straight symlinks would not work.

OK.

The other idea that I had was a cpdev.  It would be like a templated
mknod.  It would stat the first argument and do a mknod with the
st_rdev from the stat, eg:

#include <err.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>

int
main(char *argv[], int argc)
{
	struct stat sbuf;

	if (argc != 3)
		errx(1, "usage: cpdev src dst");
	if (stat(argv[1], &sbuf))
		err(1, "stat");
	if (!S_ISCHR(sbuf.st_mode))
		errx(1, "source must be a character device");
	if (mknod(argv[2], sbuf.st_mode, sbuf.st_rdev))
		err(1, "mknod");
	exit(0);
}

This would mean we could export whatever we wanted from the kernel and 
something like this would preserve it.  It would mean allowing mknodo
n non-readonly devfs mounts.  If there was a cheap way to determine
if the rdev was legitimate, it would be the best way to go.  However,
that's the rub with this solution: we need to keep a table of devices
(like major numbers today and export them as major numbers) or we need 
to know with certainty that a pointer is good, which traditionally has 
had its share of security problems.  Well, I suppose that the major
number thing could be a special case of returning a hash as well, but
that still requires a kernel table of some flavor.

Notice I don't bother with major/minor numbers at all, but just use
the raw rdev (which I hope is the right dev to use, since I think
st_dev is the device the filesystem is mounted on) so it doesn't
matter what we export as long as we can swallow what we export.

Of course this does assume that all devfs instances export the same
cookies for the same device.

Warner

P.S.  I do hope someone will tell me if this is becoming too
bikeshedish.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message