--- wikisrc/users/mbalmer/keylock.mdwn 2009/12/29 09:22:09 1.2 +++ wikisrc/users/mbalmer/keylock.mdwn 2020/09/09 15:47:01 1.7 @@ -14,20 +14,23 @@ overall keylock state can be read within functions defined in [keylock.h](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/keylock.h?rev=HEAD) and userland -can access them through the hw.keylock sysctl hierarchy. +can access them through the hw.keylock sysctl hierarchy. The following components have been added: -* '''{{manual page|gpiolock|4|}}''' a driver for GPIO attached keylocks. +* [[!template id=man name="gpiolock" section="4"]] +a driver for GPIO attached keylocks. The driver registers with the in-kernel keylock "subsystem". See -{{src|gpiolock.c|sys/dev/gpio/gpiolock.c}}. +[gpiolock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/gpio/gpiolock.c?rev=HEAD). -* '''secmodel_keylock''', a {{manual page|kauth|9}} security model that +* secmodel_keylock, a +[[!template id=man name="kauth" section="9"]] +security model that authorizes based on the keylock "closedness". Wheter the rightmost (default) or leftmost position of the keylock means open can be -controlled using the '''hw.keylock.order''' sysctl variable. This +controlled using the hw.keylock.order sysctl variable. This variable can only be changed if the keylock state is OPEN. See -{{src|secmodel_keylock.c|sys/secmodel/keylock/secmodel_keylock.c}}. +[secmodel_keylock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/secmodel/keylock/secmodel_keylock.c?rev=HEAD). The security model is started when a keylock driver registers and stopped when there is no more keylock driver. The keylock security @@ -36,7 +39,8 @@ model as well (e.g. to provide keylock s Useful e.g. for POS applications). The keylock state interpretation is done in -{{src|keylock.c|sys/dev/keylock.c}} and not in the driver itself. This +[keylock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/keylock.c?rev=HEAD) +and not in the driver itself. This allows for adding support for multiple keylocks in the future. The hw.keylock.pos and hw.keylock.npos sysctl variable have debugging character, the hw.keylock.state variable reflects the state and should @@ -48,7 +52,8 @@ that means leaves room for interpretatio show what makes sense in the end). To enable the keylock support, the keylock security model, and the -{{manual page|gpiolock|4|}} driver, add the following lines to your +[[!template id=man name="gpiolock" section="4"]] +driver, add the following lines to your kernel configuration file: options KEYLOCK @@ -56,7 +61,8 @@ kernel configuration file: gpiolock* at gpio? Of course you must have at least one GPIO device in your system for the -{{manual page|gpiolock|4|}} driver to work and the lock must be +[[!template id=man name="gpiolock" section="4"]] +driver to work and the lock must be connected properly. -Please keep in mind that this is an experimental feature... +Please keep in mind that this is an experimental feature...