Add device scope actions for rnd(4) and use them.

Mailing list reference:

	http://mail-index.netbsd.org/tech-kern/2009/04/27/msg004953.html

share/man/man9/kauth.9

@@ -1,4 +1,4 @@
-.\" $NetBSD: kauth.9,v 1.78 2009/05/03 19:25:39 wiz Exp $
+.\" $NetBSD: kauth.9,v 1.79 2009/05/05 21:03:28 elad Exp $
 .\"
 .\" Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
 .\" All rights reserved.
@@ -25,7 +25,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd May 3, 2009
+.Dd May 5, 2009
 .Dt KAUTH 9
 .Os
 .Sh NAME
@@ -883,6 +883,20 @@ is a
 .Ft u_long
 describing the command.
 .El
+.Pp
+.Sy Kernel random device
+Authorization actions relevant to the kernel random device,
+.Xr rnd 4 ,
+is done using the standard authorization wrapper, with the following actions:
+.Pp
+.Bl -tag -width compact
+.It KAUTH_DEVICE_RND_ADDDATA
+Check if adding data to the entropy pool is allowed.
+.It KAUTH_DEVICE_RND_GETPRIV
+Check if privileged settings and information can be retrieved.
+.It KAUTH_DEVICE_RND_SETPRIV
+Check if privileged settings can be changed.
+.El
 .Ss Credentials Scope
 The credentials scope,
 .Dq org.netbsd.kauth.cred ,

sys/dev/rnd.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: rnd.c,v 1.71 2008/08/16 13:07:30 dan Exp $	*/
+/*	$NetBSD: rnd.c,v 1.72 2009/05/05 21:03:29 elad Exp $	*/
 
 /*-
  * Copyright (c) 1997 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.71 2008/08/16 13:07:30 dan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.72 2009/05/05 21:03:29 elad Exp $");
 
 #include <sys/param.h>
 #include <sys/ioctl.h>
@@ -496,16 +496,30 @@ rndioctl(dev_t dev, u_long cmd, void *addr, int flag,
 	case FIOASYNC:
 	case RNDGETENTCNT:
 		break;
+
 	case RNDGETPOOLSTAT:
 	case RNDGETSRCNUM:
 	case RNDGETSRCNAME:
-	case RNDCTL:
-	case RNDADDDATA:
-		ret = kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER,
-		    NULL);
+		ret = kauth_authorize_device(l->l_cred,
+		    KAUTH_DEVICE_RND_GETPRIV, NULL, NULL, NULL, NULL);
 		if (ret)
 			return (ret);
 		break;
+
+	case RNDCTL:
+		ret = kauth_authorize_device(l->l_cred,
+		    KAUTH_DEVICE_RND_SETPRIV, NULL, NULL, NULL, NULL);
+		if (ret)
+			return (ret);
+		break;
+
+	case RNDADDDATA:
+		ret = kauth_authorize_device(l->l_cred,
+		    KAUTH_DEVICE_RND_ADDDATA, NULL, NULL, NULL, NULL);
+		if (ret)
+			return (ret);
+		break;
+
 	default:
 		return (EINVAL);
 	}

sys/secmodel/bsd44/secmodel_bsd44_suser.c

@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_bsd44_suser.c,v 1.63 2009/05/03 17:21:13 elad Exp $ */
+/* $NetBSD: secmodel_bsd44_suser.c,v 1.64 2009/05/05 21:03:28 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
@@ -38,7 +38,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.63 2009/05/03 17:21:13 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.64 2009/05/05 21:03:28 elad Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -1051,6 +1051,13 @@ secmodel_bsd44_suser_device_cb(kauth_cred_t cred, kauth_action_t action,
 
 		break;
 
+	case KAUTH_DEVICE_RND_ADDDATA:
+	case KAUTH_DEVICE_RND_GETPRIV:
+	case KAUTH_DEVICE_RND_SETPRIV:
+		if (isroot)
+			result = KAUTH_RESULT_ALLOW;
+		break;
+
 	default:
 		result = KAUTH_RESULT_DEFER;
 		break;

sys/sys/kauth.h

@@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.55 2009/05/03 17:21:12 elad Exp $ */
+/* $NetBSD: kauth.h,v 1.56 2009/05/05 21:03:28 elad Exp $ */
 
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>  
@@ -239,6 +239,9 @@ enum {
 	KAUTH_DEVICE_RAWIO_SPEC,
 	KAUTH_DEVICE_RAWIO_PASSTHRU,
 	KAUTH_DEVICE_BLUETOOTH_SETPRIV,
+	KAUTH_DEVICE_RND_ADDDATA,
+	KAUTH_DEVICE_RND_GETPRIV,
+	KAUTH_DEVICE_RND_SETPRIV,
 };
 
 /*