| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Jul 2019 17:24:40 +0800
From: Phil Reid <preid@...ctromag.com.au>
To: Geert Uytterhoeven <geert@...ux-m68k.org>
Cc: Geert Uytterhoeven <geert+renesas@...der.be>,
Linus Walleij <linus.walleij@...aro.org>,
Bartosz Golaszewski <bgolaszewski@...libre.com>,
Alexander Graf <agraf@...e.de>,
Peter Maydell <peter.maydell@...aro.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Magnus Damm <magnus.damm@...il.com>,
"open list:GPIO SUBSYSTEM" <linux-gpio@...r.kernel.org>,
QEMU Developers <qemu-devel@...gnu.org>,
Linux-Renesas <linux-renesas-soc@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH RFC] gpio: Add Virtual Aggregator GPIO Driver
On 10/07/2019 18:21, Geert Uytterhoeven wrote:
> Hi Phil,
>
> On Wed, Jul 10, 2019 at 4:00 AM Phil Reid <preid@...ctromag.com.au> wrote:
>> On 6/07/2019 00:05, Geert Uytterhoeven wrote:
>>> GPIO controllers are exported to userspace using /dev/gpiochip*
>>> character devices. Access control to these devices is provided by
>>> standard UNIX file system permissions, on an all-or-nothing basis:
>>> either a GPIO controller is accessible for a user, or it is not.
>>> Currently no mechanism exists to control access to individual GPIOs.
>>>
>>> Hence add a virtual GPIO driver to aggregate existing GPIOs (up to 32),
>>> and expose them as a new gpiochip. This is useful for implementing
>>> access control, and assigning a set of GPIOs to a specific user.
>>> Furthermore, it would simplify and harden exporting GPIOs to a virtual
>>> machine, as the VM can just grab the full virtual GPIO controller, and
>>> no longer needs to care about which GPIOs to grab and which not,
>>> reducing the attack surface.
>>>
>>> Virtual GPIO controllers are instantiated by writing to the "new_device"
>>> attribute file in sysfs:
>>>
>>> $ echo "<gpiochipA> <gpioA1> [<gpioA2> ...]"
>>> "[, <gpiochipB> <gpioB1> [<gpioB2> ...]] ...]"
>>> > /sys/bus/platform/drivers/gpio-virt-agg/new_device
>>>
>>> Likewise, virtual GPIO controllers can be destroyed after use:
>>>
>>> $ echo gpio-virt-agg.<N> \
>>> > /sys/bus/platform/drivers/gpio-virt-agg/delete_device
>>>
>>
>> Nice.
>> This provides similar functionality to the "gpio inverter" driver currently on the list.
>> Other than being just a buffer.
>
> Indeed, both drivers forward GPIO calls, but the gpio inverter modifies
> some parameters passed.
>
> The way the drivers obtain references to GPIOs is different, though: the
> inverter driver obtains a fixed description from DT, while the virtual
> aggregator receives the description at runtime, from sysfs.
>
> But perhaps both drivers could share some code?
Other than probing they're almost the same, except the inversion.
This one's more complete for set / get multiple etc.
>
>> Would it be possible to do the lookup via line names?
>
> Doesn't the fact that a GPIO has a line name means that it is in use, and
> thus cannot be aggregated and exported to another user?
>
They can be given line names via the dt property gpio-line-names.
Which can be used by user space to find a gpio. Not sure if there's an equivalent api inkerenl.
But it looks like we can find the info via struct gpiochip_info / gpioline_info linfo and work
out the chip name and line offsets. So probably not required.
Find the right gpio always seems tricky.
We have systems with multiple i2c gpio behind muxes that may or may not be present.
So i2c bus numbers are never consistent. And then different board revisions move the
same gpio line to a different pin (or cahnge the gpio chip type completely) to make routing easier etc.
--
Regards
Phil Reid
Powered by blists - more mailing lists