cvs commit: src/sys/dev/io iodev.c

Peter Jeremy peterjeremy at
Sat Aug 9 11:43:13 UTC 2008

On 2008-Aug-09 12:08:42 +0100, Robert Watson <rwatson at> wrote:
>While /dev/io appeals to the UNIX "everything is a file" sensibility, I think 
>the system calls we have for this on i386 are more conceptually coherent.

IMO, /dev/io is inherently a kludge - it's really more a MAC issue
than anything like a file.  Whilst you get a FD by opening /dev/io,
you never use that FD for anything other than passing to close(2).
Instead, you are using a magic side-effect that allows you to execute
'in' and 'out' instructions whilst you hold that FD open.  AFAIK, the
sole reason for having it appear as a file is that (in the absence of
a MAC framework), the filesystem provides the only mechanism for
access control.  IMHO, /dev/io should be deprecated in favour of
something like the MAC framework.  (Note that i386_{g,s}et_ioperm(2)
are nor suitable in their current form because there is no mechanism
for the system administrator to define access controls).

Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url :

More information about the cvs-all mailing list