Bruce Evans wrote: > > % Index: aac.c > % =================================================================== > % RCS file: /home/ncvs/src/sys/dev/aac/aac.c,v > % retrieving revision 1.85 > % diff -u -r1.85 aac.c > % --- aac.c 7 Feb 2004 17:40:37 -0000 1.85 > % +++ aac.c 8 Feb 2004 08:09:48 -0000 > % _at__at_ -51,6 +51,7 _at__at_ > % #include <sys/signalvar.h> > % #include <sys/time.h> > % #include <sys/eventhandler.h> > % +#include <sys/stat.h> > % > % #include <machine/bus_memio.h> > % #include <machine/bus.h> > % _at__at_ -271,7 +272,7 _at__at_ > % */ > % unit = device_get_unit(sc->aac_dev); > % sc->aac_dev_t = make_dev(&aac_cdevsw, unit, UID_ROOT, GID_OPERATOR, > % - 0640, "aac%d", unit); > % + S_IRUSR | S_IWUSR, "aac%d", unit); > % (void)make_dev_alias(sc->aac_dev_t, "afa%d", unit); > % (void)make_dev_alias(sc->aac_dev_t, "hpn%d", unit); > % sc->aac_dev_t->si_drv1 = sc; > > This is the control device. The change closes the security hole but leaves > a bogus group. Correct attributes may be found in any (?) version of > MAKEDEV that supports aac: > > %%% > aac*) > unit=`expr $i : 'aac\(.*\)'` > mknod aac$unit c 150 `unit2minor $unit` > ln -fs aac$unit afa$unit > ln -fs aac$unit hpn$unit > ;; > %%% > > The default for MAKEDEV is mode 0600 ownership root:wheel, so secure > permissions and ownerships are automatic. make_dev() should have > similar defaults, or macros for secure and other classes of attributes > should be used (corresponding to $secure_umask and $disk_umask in > MAKEDEV). disk_umask=037 corresponds to mode 0640. The reasons for /dev/aacX being 0640 are historical and dubious. It was expected that a member of the operator group should be able to use the 'aaccli' tool in Read-Only mode to check the status of the hardware. I'm happy to change this. > > The change preserves style bugs (-ce instead of -ci4 indentation). > > % Index: asr.c > % =================================================================== > % RCS file: /home/ncvs/src/sys/dev/asr/asr.c,v > % retrieving revision 1.38 > % diff -u -r1.38 asr.c > % --- asr.c 26 Sep 2003 15:56:42 -0000 1.38 > % +++ asr.c 8 Feb 2004 07:59:18 -0000 > % _at__at_ -3127,8 +3127,8 _at__at_ > % /* > % * Generate the device node information > % */ > % - (void)make_dev(&asr_cdevsw, unit, UID_ROOT, GID_OPERATOR, 0640, > % - "rasr%d", unit); > % + (void)make_dev(&asr_cdevsw, unit, UID_ROOT, GID_OPERATOR, > % + S_IRUSR | S_IWUSR, "rasr%d", unit); > % ATTACH_RETURN(0); > % } /* asr_attach */ > % > > Similarly, except asr is not in RELENG_4's MAKEDEV, the device is not so > clearly a control device 9aac.c has an explicit comment about this but aar.c > only mentions control devices in its in-file history, and asr still hasn't > caught up with the removal of the 'r' devices which occurred about 2 > months before asr was imported. asr seems to be a normal SCSI disk driver > so its disks are named da*. Apparently its control devices is so little > used that is not missed. asr is much more wrong than you might want to believe. The original intent of the author was to create his own dynamic major allocation scheme for the control device. The driver would manually look through the cdevsw for an unused slot, populate it, then print a line to console that advertised what major had been stolen. Then a userland app would run, look for that line on the console, and manually create the device nodes in /dev. In 5.x, Poul-Henning made the cdevsw symbol non-public, so a minimal amount of work was done to make the asr driver cope. That work is not done, though it might resume in the near future. In any case, the control device is in fact used my many people who also appear to miss it being operational in 5.x. ScottReceived on Sun Feb 08 2004 - 07:36:26 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:42 UTC