From f5bff4606924f7bfd322e93578cf5103cb362b2e Mon Sep 17 00:00:00 2001 From: Hidetoshi Shimokawa Date: Wed, 12 Feb 2003 06:48:45 +0000 Subject: [PATCH] Add description about kldload and security note. --- share/man/man4/firewire.4 | 8 ++++++++ share/man/man4/fwe.4 | 6 ++++++ share/man/man4/fwohci.4 | 13 +++++++++++++ share/man/man4/sbp.4 | 7 +++++++ 4 files changed, 34 insertions(+) diff --git a/share/man/man4/firewire.4 b/share/man/man4/firewire.4 index cfe4d38003a4..1683e06dd884 100644 --- a/share/man/man4/firewire.4 +++ b/share/man/man4/firewire.4 @@ -38,6 +38,10 @@ .Nm firewire .Nd IEEE1394 High-performance Serial Bus .Sh SYNOPSIS +.Cd "kldload firewire" +.Pp +or +.Pp .Cd "device firewire" .Cd "device fwohci" .Pp @@ -82,6 +86,7 @@ bus, every device is identified with EUI 64 address. .Xr fwcontrol 8 , .Xr fwe 4 , .Xr fwohci 4 , +.Xr kldload 8 , .Xr pci 4 , .Xr sbp 4 , .Xr sysctl 8 @@ -101,3 +106,6 @@ and for the .Fx project. +.Pp +.Sh BUGS +See fwohci(4) for security note. diff --git a/share/man/man4/fwe.4 b/share/man/man4/fwe.4 index c2d7c126cb75..939e168d3e05 100644 --- a/share/man/man4/fwe.4 +++ b/share/man/man4/fwe.4 @@ -32,6 +32,11 @@ .Nm fwe .Nd Ethernet emulation driver for FireWire .Sh SYNOPSIS +.Cd "kldload firewire" +.Cd "kldload if_fwe" +.Pp +or +.Pp .Cd "device fwe" .Cd "device firewire" .Cd "device fwohci" @@ -69,6 +74,7 @@ Note this driver uses very different protocol from RFC 2734 .Xr arp 4 , .Xr firewire 4 , .Xr fwohci 4 , +.Xr kldload 8 , .Xr netintro 4 , .Xr ng_ether 4 , .Xr polling 4 , diff --git a/share/man/man4/fwohci.4 b/share/man/man4/fwohci.4 index 63939f1fc532..a85a43c7797d 100644 --- a/share/man/man4/fwohci.4 +++ b/share/man/man4/fwohci.4 @@ -39,6 +39,10 @@ .Nm fwohci .Nd OHCI firewire chipset device driver .Sh SYNOPSIS +.Cd "kldload firewire" +.Pp +or +.Pp .Cd "device fwohci" .Cd "device firewire" .Sh DESCRIPTION @@ -63,6 +67,7 @@ Ricoh R5C552 .Xr firewire 4 , .Xr fwcontrol 8 , .Xr fwe 4 , +.Xr kldload 8 , .Xr sbp 4 .Sh HISTORY The @@ -76,3 +81,11 @@ device driver was written by .An Katsushi Kobayashi and .An Hidetoshi Shimokawa . +.Pp +.Sh BUGS +The driver allows physical access from any nodes on the bus by default. +This means that any devices on the bus can read and modify any memory space +which can be accessed by IEEE 1394 OHCI chip. It is allowed mostly +for sbp(4) devices. This should be changed to allow it only for specific +devices. Anyway FireWire is a bus and not expected to be connected with +un-trustable devices because a node can monitor all the traffic. diff --git a/share/man/man4/sbp.4 b/share/man/man4/sbp.4 index ec8aa57c3eec..72d9241cdbe1 100644 --- a/share/man/man4/sbp.4 +++ b/share/man/man4/sbp.4 @@ -38,6 +38,12 @@ .Nm sbp .Nd Serial Bus Protocol 2 (SBP-2) Mass Storage Devices driver .Sh SYNOPSIS +.Cd "kldload firewire" +.Cd "kldload cam" +.Cd "kldload sbp" +.Pp +or +.Pp .Cd "device sbp" .Cd "device firewire" .Cd "device scbus" @@ -56,6 +62,7 @@ HDD, CDROM drive and DVD drive. .Xr camcontrol 8 , .Xr firewire 4 , .Xr fwcontrol 8 , +.Xr kldload 8 , .Xr sysctl 8 .Sh AUTHORS .An -nosplit