update_drv - modify device driver attributes
update_drv [-f | -v] [-n] driver_module
update_drv [-b basedir] [-f | -v] [-n] -a [-m 'permission'] [-i 'identify-name'] [-P 'privilege'] [-p 'policy'] driver_module
update_drv [-b basedir] [-f | -v] [-n] -d [-m 'permission'] [-i 'identify-name'] [-P 'privilege'] [-p 'policy'] driver_module
The update_drv command informs the system about attribute changes to an installed device driver. It can be used to re-read the driver.conf(5) file, or to add, modify, or delete a driver's minor node permissions or aliases.
Without options, update_drv reloads the driver.conf file.
Upon successfully updating the aliases, the driver binding takes effect upon reconfig boot or hotplug of the device.
Upon successfully updating the permissions, only the new driver minor nodes get created with the modified set of file permissions. Existing driver minor nodes do not get modified.
The following options are supported:
Add a permission, aliases, privilege or policy entry.
With the –a option specified, a permission entry (using the –m option), or a driver's aliases entry (using the –i option), a device privilege (using the –P option) or a a device policy (using the –p option), can be added or updated. If a matching minor node permissions entry is encountered (having the same driver name and the minor node), it is replaced. If a matching aliases entry is encountered (having a different driver name and the same alias), an error is reported.
The –a and –d options are mutually exclusive.
Installs or modifies the driver on the system with a root directory of basedir rather than installing on the system executing update_drv.
Delete a permission, aliases, privilege or policy entry.
The –m permission, –i identify-name, –P privilege or the –p policy option needs to be specified with the –d option.
The –d and –a options are mutually exclusive.
If the entry doesn't exist update_drv returns an error.
Force the system to reread the driver.conf file even if the driver module cannot be unloaded. See NOTES section for details.
Without this option, when removing an alias for a driver, update_drv updates the binding files for the next boot, but returns an error if one or more devices that reference the driver-alias binding remains. With the –f option, update_drv does not return an error if such devices remain.
A white-space separated list of aliases for the driver. If –a or –d option is not specified then this option is ignored. The identify-name string is mandatory. If all aliases need to be removed, rem_drv(8) is recommended.
Specify a white-space separated list of file system permissions for the device node of the device driver. If –a or –d option is not specified then, this option is ignored. The permission string is mandatory.
Do not try to load and attach device_driver, just modify the system configuration files for that driver.
With the –a option, policy is a white-space separated list of complete device policies. For the –d option, policy is a white space separated list of minor device specifications. The minor device specifications are matched exactly against the entries in /etc/security/device_policy, that is., no wildcard matching is performed.
With the –a option, privilege is a comma separated list of additional driver privileges. For the –d option, privilege is a single privilege. The privileges are added to or removed from the /etc/security/extra_privs file.
The following command adds or modifies the existing minor permissions entry of the clone driver:
example# update_drv -a -m 'llc1 777 joe staff' cloneExample 2 Removing All Minor Permissions Entries
The following command removes all minor permission entries of the usbprn driver, the USB printer driver:
example# update_drv -d -m '* 0666 root sys' usbprnExample 3 Adding a Driver Aliases Entry
The following command adds a driver aliases entry of the ugen driver with the identity string of usb459,20:
example# update_drv -a -i '"usb459,20"' ugenExample 4 Re-reading the driver.conf File For the ohci Driver
The following command re-reads the driver.conf(5) file.
example# update_drv ohciExample 5 Requiring a Self-defined Privilege to Open a tcp Socket
The following command requires a self-defined privilege to open a tcp socket:
example# update_drv -a -P net_tcp -p \ 'write_priv_set=net_tcp read_priv_set=net_tcp' tcpExample 6 Establishing a Path-oriented Alias
The following command establishes a path-oriented alias to force a specific driver, qlt, to be used for a particular device path:
example# update_drv -a -i '"/pci@8,600000/SUNW,qlc@4"' qltExample 7 Restricting Access to Kernel Memory
The following command sets the access policy for /dev/kmem so that a process must have a clearance of ADMIN_HIGH to read kernel memory, and both ADMIN_HIGH and all privileges to get write access. In addition if the zone is immutable then the process or its ancestor must have been started from the Trusted Path (with PRIV_PROC_TPD) to get write access.
example# update_drv -a -p 'kmem read_priv_set=none \ write_priv_set=all admin_high=true tpd_member=true' mm
The following exit values are returned:
An error occurred.
See attributes(7) for descriptions of the following attributes:
If –a or –d options are specified, update_drv does not reread the driver.conf file.
A forced update of the driver.conf file reloads the driver.conf file without reloading the driver binary module. In this case, devices which cannot be detached reference driver global properties from the old driver.conf file, while the remaining driver instances reference global properties in the new driver.conf file.
It is possible to add an alias , which changes the driver binding of a device already being managed by a different driver. A force update with the –a option tries to bind to the new driver and report error if it cannot. If you specify more than one of the –m, –i, –P or –p options, a force flag tries to modify aliases or permissions. This is done even if the other operation fails and vice-versa.