#include #include #include #include extern int nodev(); extern int mmopen(); extern int mem_no; #define VD_MAJOR 57 #define OE_MAJOR 70 /* * Known memory device minors: * 0 mem 5 vme16d16 10 vme32d32 32 sbus0 * 1 kmem 6 vme24d16 11 eeprom 33 sbus1 * 2 null 7 vme32d16 12 zero 34 sbus2 * 3 mbmem 8 vme16d32 35 sbus3 * 4 mbio 9 vme24d32 * When security is on, /dev/null and /dev/zero are untouched, * /dev/eeprom is completely disabled, and the rest are read-only. */ /* from: der Mouse */ /* Here's what I found. It's fairly close to what I posted, though I'd have to dig out a bugtraq archive to be sure. This assumes you're used to adding device drivers; this is installed as device driver with just an open routine (read, write, close, etc, can all be nodev/nulldev). Don't forget to check that VD_MAJOR is the correct major number for /dev/vd in your kernel. It also wouldn't hurt to check the "Known memory device minors" against what you have in /dev. Once installed, just attempt to open the newly-added device. The attempt will fail, but in the process of doing so it will disable /dev/vd and much of the memory devices - see the comments. I hope this is small enough to be read and understood in its entirety. */ static int mmopen_wrapper(dev,flag) dev_t dev; int flag; { switch (minor(dev)) { case 2: /* /dev/null */ case 12: /* /dev/zero */ break; case 11: /* /dev/eeprom */ return(EPERM); break; default: if (flag & FWRITE) return(EPERM); break; } return(mmopen(dev,flag)); } int security_open(dev,flag) dev_t dev; int flag; { cdevsw[VD_MAJOR].d_open = nodev; cdevsw[VD_MAJOR].d_ioctl = nodev; cdevsw[OE_MAJOR].d_open = nodev; cdevsw[OE_MAJOR].d_ioctl = nodev; cdevsw[mem_no].d_open = mmopen_wrapper; return(ENODEV); }