Hi Phil,
On Wed, Jul 10, 2019 at 4:00 AM Phil Reid <preid@xxxxxxxxxxxxxxxxx> wrote:
> On 6/07/2019 00:05, Geert Uytterhoeven wrote:
> > GPIO controllers are exported to userspace using /dev/gpiochip*
> > character devices. Access control to these devices is provided by
> > standard UNIX file system permissions, on an all-or-nothing basis:
> > either a GPIO controller is accessible for a user, or it is not.
> > Currently no mechanism exists to control access to individual GPIOs.
> >
> > Hence add a virtual GPIO driver to aggregate existing GPIOs (up to 32),
> > and expose them as a new gpiochip. This is useful for implementing
> > access control, and assigning a set of GPIOs to a specific user.
> > Furthermore, it would simplify and harden exporting GPIOs to a virtual
> > machine, as the VM can just grab the full virtual GPIO controller, and
> > no longer needs to care about which GPIOs to grab and which not,
> > reducing the attack surface.
> >
> > Virtual GPIO controllers are instantiated by writing to the "new_device"
> > attribute file in sysfs:
> >
> > $ echo "<gpiochipA> <gpioA1> [<gpioA2> ...]"
> > "[, <gpiochipB> <gpioB1> [<gpioB2> ...]] ...]"
> > > /sys/bus/platform/drivers/gpio-virt-agg/new_device
> >
> > Likewise, virtual GPIO controllers can be destroyed after use:
> >
> > $ echo gpio-virt-agg.<N> \
> > > /sys/bus/platform/drivers/gpio-virt-agg/delete_device
> >
>
> Nice.
> This provides similar functionality to the "gpio inverter" driver currently on the list.
> Other than being just a buffer.
Indeed, both drivers forward GPIO calls, but the gpio inverter modifies
some parameters passed.
The way the drivers obtain references to GPIOs is different, though: the
inverter driver obtains a fixed description from DT, while the virtual
aggregator receives the description at runtime, from sysfs.
But perhaps both drivers could share some code?
> Would it be possible to do the lookup via line names?
Doesn't the fact that a GPIO has a line name means that it is in use, and
thus cannot be aggregated and exported to another user?
Thanks!
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
- Date: Wed, 10 Jul 2019 12:21:35 +0200
- In-reply-to: <8500a069-9e29-d6ad-e5e4-22d5a3eead59@electromag.com.au>
- References: <20190705160536.12047-1-geert+renesas@glider.be> <8500a069-9e29-d6ad-e5e4-22d5a3eead59@electromag.com.au>
- Follow-Ups:
- Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- From: Phil Reid
- Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- References:
- [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- From: Geert Uytterhoeven
- Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- From: Phil Reid
- [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- Prev by Date: Re: [PATCH 1/2] gpio: em: remove the gpiochip before removing the irq domain
- Next by Date: WARNING in gpio_to_desc
- Previous by thread: Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- Next by thread: Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
- Index(es):
 |