Is there a "iofunc_devctl_verify"?

There’s an “iofunc_read_verify”, and an “iofunc_write_verify”
for use in resource managers, but there’s no “iofunc_devctl_verify”
to check permissions. Is there some standard way to check permissions
when processing a devctl request?

John Nagle
Animats

John Nagle <nagle@downside.com> wrote:

There’s an “iofunc_read_verify”, and an “iofunc_write_verify”
for use in resource managers, but there’s no “iofunc_devctl_verify”
to check permissions. Is there some standard way to check permissions
when processing a devctl request?

No. Since the devctl() is (almost by definition) an extension outside
of normal/defined access to the entity (device, filesystem, etc), then
there is no way to check permissions in any generic way. You’d do this
yourself (use the “ocb->ioflag” to see how it was opened, and/or
“iofunc_client_info(ctp, ocb->ioflag, &cred)” to see who the caller is).
Within the filesystem, for example, the checking is per-dcmd value
(some things need to be root, some need an fd for write, etc, but it
all depends on the individual dcmd). The few ‘standard’ ones handled
by “iofunc_devctl()” don’t need any particular permissions to process.