Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

update_drv(8)

Name

update_drv - modify device driver attributes

Synopsis

update_drv [-f | -v] [-n] driver_module
update_drv [-b basedir] [-f | -v] [-n] -a [-m 'permission'] 
     [-i 'identify-name'] [-P 'privilege'] [-p 'policy'] driver_module
update_drv [-b basedir] [-f | -v] [-n] -d [-m 'permission'] 
     [-i 'identify-name'] [-P 'privilege'] [-p 'policy'] driver_module

Description

The update_drv command informs the system about attribute changes to an installed device driver. It can be used to re-read the driver.conf(5) file, or to add, modify, or delete a driver's minor node permissions or aliases.

Without options, update_drv reloads the driver.conf file.

Upon successfully updating the aliases, the driver binding takes effect upon reconfig boot or hotplug of the device.

Upon successfully updating the permissions, only the new driver minor nodes get created with the modified set of file permissions. Existing driver minor nodes do not get modified.

Options

The following options are supported:

–a

Add a permission, aliases, privilege or policy entry.

With the –a option specified, a permission entry (using the –m option), or a driver's aliases entry (using the –i option), a device privilege (using the –P option) or a a device policy (using the –p option), can be added or updated. If a matching minor node permissions entry is encountered (having the same driver name and the minor node), it is replaced. If a matching aliases entry is encountered (having a different driver name and the same alias), an error is reported.

The –a and –d options are mutually exclusive.

–b basedir

Installs or modifies the driver on the system with a root directory of basedir rather than installing on the system executing update_drv.


Note - The root file system of any non-global zones must not be referenced with the –b option. Doing so might damage the global zone's file system, might compromise the security of the global zone, and might damage the non-global zone's file system. See zones(7).
–d

Delete a permission, aliases, privilege or policy entry.

The –m permission, –i identify-name, –P privilege or the –p policy option needs to be specified with the –d option.

The –d and –a options are mutually exclusive.

If the entry doesn't exist update_drv returns an error.

–f

Force the system to reread the driver.conf file even if the driver module cannot be unloaded. See NOTES section for details.

Without this option, when removing an alias for a driver, update_drv updates the binding files for the next boot, but returns an error if one or more devices that reference the driver-alias binding remains. With the –f option, update_drv does not return an error if such devices remain.

–i 'identify-name'

A white-space separated list of aliases for the driver. If –a or –d option is not specified then this option is ignored. The identify-name string is mandatory. If all aliases need to be removed, rem_drv(8) is recommended.

–m 'permission'

Specify a white-space separated list of file system permissions for the device node of the device driver. If –a or –d option is not specified then, this option is ignored. The permission string is mandatory.

–n

Do not try to load and attach device_driver, just modify the system configuration files for that driver.

–p 'policy'

With the –a option, policy is a white-space separated list of complete device policies. For the –d option, policy is a white space separated list of minor device specifications. The minor device specifications are matched exactly against the entries in /etc/security/device_policy, that is., no wildcard matching is performed.

–P 'privilege'

With the –a option, privilege is a comma separated list of additional driver privileges. For the –d option, privilege is a single privilege. The privileges are added to or removed from the /etc/security/extra_privs file.

–v

Verbose.

Examples

Example 1 Adding or Modifying an Existing Minor Permissions Entry

The following command adds or modifies the existing minor permissions entry of the clone driver:


example# update_drv -a -m 'llc1 777 joe staff' clone

Example 2 Removing All Minor Permissions Entries

The following command removes all minor permission entries of the usbprn driver, the USB printer driver:


example# update_drv -d -m '* 0666 root sys' usbprn

Example 3 Adding a Driver Aliases Entry

The following command adds a driver aliases entry of the ugen driver with the identity string of usb459,20:


example# update_drv -a -i '"usb459,20"' ugen

Example 4 Re-reading the driver.conf File For the ohci Driver

The following command re-reads the driver.conf(5) file.


 example# update_drv ohci

Example 5 Requiring a Self-defined Privilege to Open a tcp Socket

The following command requires a self-defined privilege to open a tcp socket:


example#   update_drv -a -P net_tcp -p \
     'write_priv_set=net_tcp read_priv_set=net_tcp' tcp

Example 6 Establishing a Path-oriented Alias

The following command establishes a path-oriented alias to force a specific driver, qlt, to be used for a particular device path:


example#   update_drv -a -i '"/pci@8,600000/SUNW,qlc@4"' qlt

Example 7 Restricting Access to Kernel Memory

The following command sets the access policy for /dev/kmem so that a process must have a clearance of ADMIN_HIGH to read kernel memory, and both ADMIN_HIGH and all privileges to get write access. In addition if the zone is immutable then the process or its ancestor must have been started from the Trusted Path (with PRIV_PROC_TPD) to get write access.

example#   update_drv -a -p 'kmem read_priv_set=none \
    write_priv_set=all admin_high=true tpd_member=true' mm

Exit Status

The following exit values are returned:

0

Successful completion.

>0

An error occurred.

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/device-administration

See Also

driver.conf(5), attributes(7), privileges(7), add_drv(8), modunload(8), rem_drv(8)

Notes

If –a or –d options are specified, update_drv does not reread the driver.conf file.

A forced update of the driver.conf file reloads the driver.conf file without reloading the driver binary module. In this case, devices which cannot be detached reference driver global properties from the old driver.conf file, while the remaining driver instances reference global properties in the new driver.conf file.

It is possible to add an alias , which changes the driver binding of a device already being managed by a different driver. A force update with the –a option tries to bind to the new driver and report error if it cannot. If you specify more than one of the –m, –i, –P or –p options, a force flag tries to modify aliases or permissions. This is done even if the other operation fails and vice-versa.