On Fri, Jan 30, 2015 at 09:55:30AM +0100, Jacek Anaszewski wrote: > Hi Pavel, > > On 01/29/2015 10:14 PM, Pavel Machek wrote: > >Hi! > > > >>>>+ - flash_fault - list of flash faults that may have occurred: > >>>>+ * led-over-voltage - flash controller voltage to the flash LED > >>>>+ has exceededthe limit specific to the flash controller > >>>>+ * flash-timeout-exceeded - the flash strobe was still on when > >>>>+ the timeout set by the user has expired; not all flash > >>>>+ controllers may set this in all such conditions > >>>>+ * controller-over-temperature - the flash controller has > >>>>+ overheated > >>>>+ * controller-short-circuit - the short circuit protection > >>>>+ of the flash controller has been triggered > >>>>+ * led-power-supply-over-current - current in the LED power > >>>>+ supply has exceeded the limit specific to the flash > >>>>+ controller > >>>>+ * indicator-led-fault - the flash controller has detected > >>>>+ a short or open circuit condition on the indicator LED > >>>>+ * led-under-voltage - flash controller voltage to the flash > >>>>+ LED has been below the minimum limit specific to > >>>>+ the flash > >>>>+ * controller-under-voltage - the input voltage of the flash > >>>>+ controller is below the limit under which strobing the > >>>>+ flash at full current will not be possible. The condition > >>>>+ persists until this flag is no longer set > >>>>+ * led-over-temperature - the temperature of the LED has exceeded > >>>>+ its allowed upper limit > >>>>+ > >>>>+ Flash faults are cleared, if possible, by reading the attribute. > >>> > >>>That's bad. Now you can no longer present flash_fault file as readable > >>>to non-root users, and grep -ri foo /sys will interfere with your > >>>camera application. > >>> > >>>Bad interface, just fix it. > >> > >>In my opinion it isn't crucial for the user to be aware of the > >>fact that some non-persistent fault happened right after strobing the > >>flash (e.g. over temperature). > >> > >>I cannot see anything harmful in the situation when someone does grep > >>on /sys and clears non-persistent fault on a flash LED device. > > > >So why export the faults at all? > > Faults may prevent strobing the flash in case of some devices. > The example of such a device is ADP1663 (drivers/media/i2c/adp1653.c). > This driver reads the faults before strobing the flash and if a > fault preventing strobing has occurred it returns -EBUSY. > > If this driver was made a LED Flash class driver, then it would > expose flash_faults attribute. The driver would probably need > redesigning - checking the faults before strobing would have to be > avoided and it should be left to the userspace. That's fine, but Pavel's point is that you shouldn't "clear a fault" by reading a sysfs file as you don't control who reads all sysfs files (hint, libudev might cache all attributes when they are found / change, which could prevent anyone else from seeing that fault.) So please fix this, make a write to clear a fault or some other such explicit action, not a simple read. That's not an acceptable api. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe devicetree" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html