Annotation of wikisrc/users/mbalmer/keylock.mdwn, revision 1.1

1.1     ! mbalmer     1: # A Keylock Security Model for kauth(9)
        !             2: 
        !             3: Recently, generic support for electro-mechanical multi-position keylocks
        !             4: in the kernel has been added to NetBSD.  Such locks can be turned into
        !             5: various positions, usually up to three or four position.  They come with
        !             6: a set of keys that are different in so far as not all positions can be
        !             7: reached with all keys (which key can go up to which position is called
        !             8: the "locking program").  With the new keylock support, such locks can be
        !             9: used to tinker with the kernel security, much like the traditional
        !            10: securelevel variable...
        !            11: 
        !            12: The number of keylock positions, the current keylock position, and the
        !            13: overall keylock state can be read within the kernel using a set of
        !            14: functions defined in {{src|keylock.h|sys/dev/keylock.h|}} and userland
        !            15: can access them through the '''hw.keylock''' sysctl hierarchy.
        !            16: 
        !            17: The following components have been added:
        !            18: 
        !            19: * '''{{manual page|gpiolock|4|}}''' a driver for GPIO attached keylocks.
        !            20:  The driver registers with the in-kernel keylock "subsystem". See
        !            21: {{src|gpiolock.c|sys/dev/gpio/gpiolock.c}}.
        !            22: 
        !            23: * '''secmodel_keylock''', a {{manual page|kauth|9}} security model that
        !            24: authorizes based on the keylock "closedness".  Wheter the rightmost
        !            25: (default) or leftmost position of the keylock means open can be
        !            26: controlled using the '''hw.keylock.order''' sysctl variable. This
        !            27: variable can only be changed if the keylock state is OPEN. See
        !            28: {{src|secmodel_keylock.c|sys/secmodel/keylock/secmodel_keylock.c}}.
        !            29: 
        !            30: The security model is started when a keylock driver registers and
        !            31: stopped when there is no more keylock driver.  The keylock security
        !            32: model is optional, keylock support can be used without the security
        !            33: model as well (e.g. to provide keylock state to a userland applications.
        !            34: Useful e.g. for POS applications).
        !            35: 
        !            36: The keylock state interpretation is done in
        !            37: {{src|keylock.c|sys/dev/keylock.c}} and not in the driver itself.  This
        !            38: allows for adding support for multiple keylocks in the future.  The
        !            39: hw.keylock.pos and hw.keylock.npos sysctl variable have debugging
        !            40: character, the hw.keylock.state variable reflects the state and should
        !            41: be used.
        !            42: 
        !            43: Currently, the keylock positions are interpreted as follows:  There are
        !            44: maximum four positions, OPEN, SEMIOPEN, SEMICLOSE, CLOSE.  What exactly
        !            45: that means leaves room for interpretation right now.... (experience will
        !            46: show what makes sense in the end).
        !            47: 
        !            48: To enable the keylock support, the keylock security model, and the
        !            49: {{manual page|gpiolock|4|}} driver, add the following lines to your
        !            50: kernel configuration file:
        !            51: 
        !            52:        options KEYLOCK
        !            53:        options secmodel_keylock
        !            54:        gpiolock* at gpio?
        !            55: 
        !            56: Of course you must have at least one GPIO device in your system for the
        !            57: {{manual page|gpiolock|4|}} driver to work and the lock must be
        !            58: connected properly.
        !            59: 
        !            60: Please keep in mind that this is an experimental feature...

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb