Annotation of wikisrc/users/mbalmer/keylock.mdwn, revision 1.1
1.1 ! mbalmer 1: # A Keylock Security Model for kauth(9)
! 2:
! 3: Recently, generic support for electro-mechanical multi-position keylocks
! 4: in the kernel has been added to NetBSD. Such locks can be turned into
! 5: various positions, usually up to three or four position. They come with
! 6: a set of keys that are different in so far as not all positions can be
! 7: reached with all keys (which key can go up to which position is called
! 8: the "locking program"). With the new keylock support, such locks can be
! 9: used to tinker with the kernel security, much like the traditional
! 10: securelevel variable...
! 11:
! 12: The number of keylock positions, the current keylock position, and the
! 13: overall keylock state can be read within the kernel using a set of
! 14: functions defined in {{src|keylock.h|sys/dev/keylock.h|}} and userland
! 15: can access them through the '''hw.keylock''' sysctl hierarchy.
! 16:
! 17: The following components have been added:
! 18:
! 19: * '''{{manual page|gpiolock|4|}}''' a driver for GPIO attached keylocks.
! 20: The driver registers with the in-kernel keylock "subsystem". See
! 21: {{src|gpiolock.c|sys/dev/gpio/gpiolock.c}}.
! 22:
! 23: * '''secmodel_keylock''', a {{manual page|kauth|9}} security model that
! 24: authorizes based on the keylock "closedness". Wheter the rightmost
! 25: (default) or leftmost position of the keylock means open can be
! 26: controlled using the '''hw.keylock.order''' sysctl variable. This
! 27: variable can only be changed if the keylock state is OPEN. See
! 28: {{src|secmodel_keylock.c|sys/secmodel/keylock/secmodel_keylock.c}}.
! 29:
! 30: The security model is started when a keylock driver registers and
! 31: stopped when there is no more keylock driver. The keylock security
! 32: model is optional, keylock support can be used without the security
! 33: model as well (e.g. to provide keylock state to a userland applications.
! 34: Useful e.g. for POS applications).
! 35:
! 36: The keylock state interpretation is done in
! 37: {{src|keylock.c|sys/dev/keylock.c}} and not in the driver itself. This
! 38: allows for adding support for multiple keylocks in the future. The
! 39: hw.keylock.pos and hw.keylock.npos sysctl variable have debugging
! 40: character, the hw.keylock.state variable reflects the state and should
! 41: be used.
! 42:
! 43: Currently, the keylock positions are interpreted as follows: There are
! 44: maximum four positions, OPEN, SEMIOPEN, SEMICLOSE, CLOSE. What exactly
! 45: that means leaves room for interpretation right now.... (experience will
! 46: show what makes sense in the end).
! 47:
! 48: To enable the keylock support, the keylock security model, and the
! 49: {{manual page|gpiolock|4|}} driver, add the following lines to your
! 50: kernel configuration file:
! 51:
! 52: options KEYLOCK
! 53: options secmodel_keylock
! 54: gpiolock* at gpio?
! 55:
! 56: Of course you must have at least one GPIO device in your system for the
! 57: {{manual page|gpiolock|4|}} driver to work and the lock must be
! 58: connected properly.
! 59:
! 60: Please keep in mind that this is an experimental feature...
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb