Kay Sievers wrote:
On Thu, May 21, 2009 at 21:43, Stefan Richter <stefanr@xxxxxxxxxxxxxxxxx> wrote:
BTW, the possible (but luckily highly improbable) case of devices with
several units of different type poses the question which policy to follow:
Paranoid = deny access unless all units are of a known good type? Or
comfortable = grant access if at least one unit is of known good type? (My
PROGRAM based patch actually implements the comfortable policy, in case that
wasn't obvious.) The paranoid case may have the serious drawback that
unknown types would prevent access to known types even if the unknown ones
are actually harmless to expose.
Yeah, the "comfortable" sounds fine and most useful as a default to me.
If we keep it that way that udev has to look at children attributes (if this
is feasible at all), then the policy for this mixed type case would remain
entirely in userspace. But if we go the route of the 1st variant, i.e. copy
children properties into parent's attributes, then we need to be either very
careful to solve it without hard-wiring policy into the kernel, or end up
with a bias of the kernel part towards one or the other policy.
For USB, we read the raw "descriptor", find all possible interfaces,
get class/subclass/protocol byte values from it, remove the
duplicates, and add the values to colon enclosed strings:
$ /lib/udev/usb_id -x /bus/usb/devices/2-1.1.2 | grep INTER
ID_USB_INTERFACES=:030101:030000:
That way we can easily match on "*:030101:*". Maybe that's an option,
if such information is available at the fw_device, at the time it is
created. That would be the simplest solution for userspace.
OK, an equivalent to this could be done in two ways:
a) firewire-core is changed to defer an fw_device's add uevent until the
child devices are populated. A userland helper program is introduced
which walks the subdirectories and constructs information to the effect
of "this device has IIDC or AV/C or whatever else known interesting units".
b) firewire-core is changed to provide a new fw_device attribute which
contains a concatenation of the specifier_id/version tuples of all units
of the fw_device. This attribute will be there before the "add" uevent
of the fw_device. Udev rules based on this new attribute will be
trivial in the "comfortable" scheme; the "paranoid" scheme can also be
served by this new attribute but would apparently need a tiny helper again.
I think I'll start with b) and see how it works out.
Also, since uevent deferral looks cheap & safe, we could implement this
in addition to b) to expand userland's options in dealing with
firewire-core's sysfs interface.
--
Stefan Richter
-=====-==--= -=-= =-==-
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-hotplug" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
