The device scope, “org.netbsd.kauth.device”, manages authorization requests related to devices on the system. Devices can be, for example, terminals, tape drives, Bluetooth accessories, and any other hardware. Network devices specifically are handled by the
network scope.
In addition to the standard authorization wrapper:
int kauth_authorize_device(
kauth_cred_t cred,
kauth_action_t op,
void *arg0,
void *arg1,
void *arg2,
void *arg3)
this scope provides authorization wrappers for various device types.
int kauth_authorize_device_tty(
kauth_cred_t cred,
kauth_action_t op,
struct tty *tty)
Authorizes requests for
terminal devices on the system. The third argument,
tty, is the terminal device in question. It is passed to the listener as
arg0. The second argument,
op, is the action and can be one of the following:
KAUTH_DEVICE_TTY_OPEN
Open the terminal device pointed to by tty.
KAUTH_DEVICE_TTY_PRIVSET
Set privileged settings on the terminal device pointed to by tty.
KAUTH_DEVICE_TTY_STI
Use the “TIOCSTI” device
ioctl(2), allowing to inject characters into the terminal buffer, simulating terminal input.
int kauth_authorize_device_spec(
kauth_cred_t cred,
enum kauth_device_req req,
struct vnode *vp)
Authorizes requests for
special files, usually disk devices, but also direct memory access, on the system.
It passes
KAUTH_DEVICE_RAWIO_SPEC as the action to the listener, and accepts two arguments.
req, passed to the listener as
arg0, is access requested, and can be one of
KAUTH_REQ_DEVICE_RAWIO_SPEC_READ,
KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE, or
KAUTH_REQ_DEVICE_RAWIO_SPEC_RW, representing read, write, or both read/write access respectively.
vp is the vnode of the special file in question, and is passed to the listener as
arg1.
Keep in mind that it is the responsibility of the security model developer to check whether the underlying device is a disk or the system memory, using
iskmemdev():
if ((vp->v_type == VCHR) &&
iskmemdev(vp->v_un.vu_specinfo->si_rdev))
/* system memory access */
int kauth_authorize_device_passthru(
kauth_cred_t cred,
dev_t dev,
u_long mode,
void *data)
Authorizes hardware
passthru requests, or user commands passed directly to the hardware. These have the potential of resulting in direct disk and/or memory access.
It passes
KAUTH_DEVICE_RAWIO_PASSTHRU as the action to the listener, and accepts three arguments.
dev, passed as
arg1 to the listener, is the device for which the request is made.
mode, passed as
arg0 to the listener, is a generic representation of the access mode requested. It can be one or more (binary-OR'd) of the following:
KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READ
KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READCONF
KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITE
KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITECONF
data, passed as
arg2 to the listener, is device-specific data that may be associated with the request.