On Tue, Jun 13, 2017 at 07:16:11PM +0200, Pali Rohár wrote: > On Tuesday 13 June 2017 17:38:57 Darren Hart wrote: > > I'll mention this again I suspect in this thread, but rather than a > > "WMI filter" we can implement a "WMI proxy". If a kernel driver > > needs to own certain WMI calls for LED or Radio management, for > > example, all such calls can be proxied through that driver. It can > > do the necessary work to update its own state, and still perform the > > requested funtion, transparent to the userspace caller. This should > > accommodate the addition of new drivers and features to kernel > > drivers, without precluding the development of userspace management > > or platform daemons. > > Such WMI proxy implemented in every WMI driver has one design problem: > > There would be two different kernel APIs to configure some firmware > settings. E.g. if particular WMI method implements turning on/off radio > devices, then functionality would be exported to userspace via: > > 1) standard kernel rfkill interface which is device/driver/firmware > neutral (and any rfkill application can control it) > > 2) platform/firmware specific WMI method via newly standard /dev/wmi* > interface -- and only vendor specific application could do that and it > would work only for this one specific WMI GUID device Yes, platform specific control is what WMI is for. > I do not like idea to have two kernel <--> userspace interfaces to > control one thing, plus one interface would be platform dependent. > > In my opinion any management application which want to control radio > switches should use option 1) rfkill interface. Agreed, they should. > And I do not see reason for exporting same duplicate, but platform > dependent interface from kernel to userspace. > So this question boils down to: do we export WMI to userspace or not? The WMI GUIDs and methods will not be divided across convenient Linux subsystem boundaries allowing us to pick and choose what we export. If we export WMI to userspace, we will be providing another means of access. Sometimes, this may cause conflict, and the answer may just be "don't do that". There are plenty of other examples of things you can do to screw up the state of your system if you have the right permissions for which the answer is "don't do that". Consider MEM(4), SETPCI(8), ... /dev/sda ... for example. So we can either export them and possibly offer some means of proxying where necessary, or we can not export them. -- Darren Hart VMware Open Source Technology Center
