make sure even root can't open a drive that was not fully qualified

SCCS-vsn: sys/hp300/dev/sd.c 8.4

diff --git a/usr/src/sys/hp300/dev/sd.c b/usr/src/sys/hp300/dev/sd.c
index 373011f..7d57bb3 100644 (file)
--- a/usr/src/sys/hp300/dev/sd.c
+++ b/usr/src/sys/hp300/dev/sd.c
@@ -7,7 +7,7 @@
  *
  * %sccs.include.redist.c%
  *
  *
  * %sccs.include.redist.c%
  *

- *     @(#)sd.c        8.3 (Berkeley) %G%
+ *     @(#)sd.c        8.4 (Berkeley) %G%

  */
 
 /*
  */
 
 /*


@@ -475,7 +475,16 @@ sdopen(dev, flags, mode, p)
 
        if (unit >= NSD)
                return(ENXIO);
 
        if (unit >= NSD)
                return(ENXIO);

-       if ((sc->sc_flags & SDF_ALIVE) == 0 && suser(p->p_ucred, &p->p_acflag))
+       /*
+        * If a drive's position was fully qualified (i.e. not wildcarded in
+        * any way, we allow root to open the device even though it wasn't
+        * found at autoconfig time.  This allows initial formatting of disks.
+        * However, if any part of the specification was wildcarded, we won't
+        * be able to locate the drive so there is nothing we can do.
+        */
+       if ((sc->sc_flags & SDF_ALIVE) == 0 &&
+           (suser(p->p_ucred, &p->p_acflag) ||
+            sc->sc_hd->hp_ctlr < 0 || sc->sc_hd->hp_slave < 0))

                return(ENXIO);
        if (sc->sc_flags & SDF_ERROR)
                return(EIO);
                return(ENXIO);
        if (sc->sc_flags & SDF_ERROR)
                return(EIO);