Annotation of wikisrc/users/mbalmer/keylock.mdwn, revision 1.6

1.2       mbalmer     1: [[!meta title="A Keylock Security Model for kauth(9)"]]
1.1       mbalmer     2: 
                      3: Recently, generic support for electro-mechanical multi-position keylocks
                      4: in the kernel has been added to NetBSD.  Such locks can be turned into
                      5: various positions, usually up to three or four position.  They come with
                      6: a set of keys that are different in so far as not all positions can be
                      7: reached with all keys (which key can go up to which position is called
                      8: the "locking program").  With the new keylock support, such locks can be
                      9: used to tinker with the kernel security, much like the traditional
                     10: securelevel variable...
                     11: 
                     12: The number of keylock positions, the current keylock position, and the
                     13: overall keylock state can be read within the kernel using a set of
1.2       mbalmer    14: functions defined in
                     15: [keylock.h](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/keylock.h?rev=HEAD)
                     16: and userland
1.3       mbalmer    17: can access them through the <b>hw.keylock</b> sysctl hierarchy.
1.1       mbalmer    18: 
                     19: The following components have been added:
                     20: 
1.5       mbalmer    21: * <b>[gpiolock(4)](http://netbsd.gw.com/cgi-bin/man-cgi?gpiolock+4+NetBSD-current)</b>
                     22: a driver for GPIO attached keylocks.
1.1       mbalmer    23:  The driver registers with the in-kernel keylock "subsystem". See
1.3       mbalmer    24: [gpiolock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/gpio/gpiolock.c?rev=HEAD).
1.1       mbalmer    25: 
1.6     ! mbalmer    26: * <b>secmodel_keylock</b>, a
        !            27: [kauth(9)](http://netbsd.gw.com/cgi-bin/man-cgi?kauth+9+NetBSD-current)
        !            28: security model that
1.1       mbalmer    29: authorizes based on the keylock "closedness".  Wheter the rightmost
                     30: (default) or leftmost position of the keylock means open can be
1.6     ! mbalmer    31: controlled using the <b>hw.keylock.order</b> sysctl variable. This
1.1       mbalmer    32: variable can only be changed if the keylock state is OPEN. See
1.3       mbalmer    33: [secmodel_keylock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/secmodel/keylock/secmodel_keylock.c?rev=HEAD).
1.1       mbalmer    34: 
                     35: The security model is started when a keylock driver registers and
                     36: stopped when there is no more keylock driver.  The keylock security
                     37: model is optional, keylock support can be used without the security
                     38: model as well (e.g. to provide keylock state to a userland applications.
                     39: Useful e.g. for POS applications).
                     40: 
                     41: The keylock state interpretation is done in
1.4       mbalmer    42: [keylock.c](http://cvsweb.de.netbsd.org/cgi-bin/cvsweb.cgi/src/sys/dev/keylock.c?rev=HEAD)
1.3       mbalmer    43: and not in the driver itself.  This
1.1       mbalmer    44: allows for adding support for multiple keylocks in the future.  The
                     45: hw.keylock.pos and hw.keylock.npos sysctl variable have debugging
                     46: character, the hw.keylock.state variable reflects the state and should
                     47: be used.
                     48: 
                     49: Currently, the keylock positions are interpreted as follows:  There are
                     50: maximum four positions, OPEN, SEMIOPEN, SEMICLOSE, CLOSE.  What exactly
                     51: that means leaves room for interpretation right now.... (experience will
                     52: show what makes sense in the end).
                     53: 
                     54: To enable the keylock support, the keylock security model, and the
1.6     ! mbalmer    55: [gpiolock(4)](http://netbsd.gw.com/cgi-bin/man-cgi?gpiolock+4+NetBSD-current)
        !            56: driver, add the following lines to your
1.1       mbalmer    57: kernel configuration file:
                     58: 
                     59:        options KEYLOCK
                     60:        options secmodel_keylock
                     61:        gpiolock* at gpio?
                     62: 
                     63: Of course you must have at least one GPIO device in your system for the
1.6     ! mbalmer    64: [gpiolock(4)](http://netbsd.gw.com/cgi-bin/man-cgi?gpiolock+4+NetBSD-current)
        !            65: driver to work and the lock must be
1.1       mbalmer    66: connected properly.
                     67: 
1.3       mbalmer    68: <b>Please keep in mind that this is an experimental feature...</b>

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb