lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4067f57b-f229-24c7-5a92-030fb67bd785@codeaurora.org>
Date:   Wed, 10 Feb 2021 12:18:37 -0700
From:   Jeffrey Hugo <jhugo@...eaurora.org>
To:     Jakub Kicinski <kuba@...nel.org>,
        Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>
Cc:     Aleksander Morgado <aleksander@...ksander.es>,
        Loic Poulain <loic.poulain@...aro.org>,
        Greg KH <gregkh@...uxfoundation.org>,
        David Miller <davem@...emloft.net>,
        linux-arm-msm <linux-arm-msm@...r.kernel.org>,
        open list <linux-kernel@...r.kernel.org>,
        Bhaumik Bhatt <bbhatt@...eaurora.org>,
        Network Development <netdev@...r.kernel.org>
Subject: Re: [RESEND PATCH v18 0/3] userspace MHI client interface driver

On 2/10/2021 11:41 AM, Jakub Kicinski wrote:
> On Wed, 10 Feb 2021 11:55:31 +0530 Manivannan Sadhasivam wrote:
>> On Tue, Feb 09, 2021 at 08:17:44AM -0800, Jakub Kicinski wrote:
>>> On Tue, 9 Feb 2021 10:20:30 +0100 Aleksander Morgado wrote:
>>>> This may be a stupid suggestion, but would the integration look less a
>>>> backdoor if it would have been named "mhi_wwan" and it exposed already
>>>> all the AT+DIAG+QMI+MBIM+NMEA possible channels as chardevs, not just
>>>> QMI?
>>>
>>> What's DIAG? Who's going to remember that this is a backdoor driver
>>> a year from now when Qualcomm sends a one liner patches which just
>>> adds a single ID to open another channel?
>>
>> I really appreciate your feedback on this driver eventhough I'm not
>> inclined with you calling this driver a "backdoor interface". But can
>> you please propose a solution on how to make this driver a good one as
>> per your thoughts?
>>
>> I really don't know what bothers you even if the userspace tools making
>> use of these chardevs are available openly (you can do the audit and see
>> if anything wrong we are doing).
> 
> What bothers me is maintaining shim drivers which just shuttle opaque
> messages between user space and firmware. One of which definitely is,
> and the other may well be, proprietary. This is an open source project,
> users are supposed to be able to meaningfully change the behavior of
> the system.

Interesting.  So, based on that, the TCP/IP stack is going to be ripped 
out of Linux?  I can write a proprietary userspace application which 
uses the TCP/IP stack to shuttle opaque messages through the kernel to a 
remote system, which could be running Windows (a proprietary OS with 
typically proprietary applications).  I've infact done that in another 
life.  Proprietary talking to proprietary with the Linux kernel in the 
middle.  I suspect you'll have an aggressively different opinion, but at 
this simplified level, it's really no different from the proposed 
mhi_uci driver here, or any of the numerous other examples provided.

The Linux kernel does not get to say everything must be open.  There is 
an explicit license stating that - 
LICENSES/exceptions/Linux-syscall-note  Yes, it's ideal if things are 
open, but it seems contradictory to espouse wanting choice, but then 
denying certain choices.
Frankly, folks have pointed out open source applications that wish to 
use this, so no, it's not all closed.

Put another way, you keep going in circles (I know you've argued the 
same for others in the discussion) - why is this specifically different 
from the other "shim drivers" which "shuttle proprietary messages" which 
already exist and are maintained in Linus' tree today?  All I'm seeing 
is "I don't like it" which is not a technical reason, and "proprietary 
is bad" which frankly, I think the horses were let out of the barn back 
in 1991 when Linus first created Linux.

> 
> What bothers me is that we have 3 WWAN vendors all doing their own
> thing and no common Linux API for WWAN. It may have been fine 10 years
> ago, but WWAN is increasingly complex and important.
> 
>> And exposing the raw access to the
>> hardware is not a new thing in kernel. There are several existing
>> subsystems/drivers does this as pointed out by Bjorn. Moreover we don't
>> have in-kernel APIs for the functionalities exposed by this driver and
>> creating one is not feasible as explained by many.
>>
>> So please let us know the path forward on this series. We are open to
>> any suggestions but you haven't provided one till now.
> 
> Well. You sure know how to aggravate people. I said clearly that you
> can move forward on purpose build drivers (e.g. for WWAN). There is no
> way forward on this common shim driver as far as I'm concerned.
> 


-- 
Jeffrey Hugo
Qualcomm Technologies, Inc. is a member of the
Code Aurora Forum, a Linux Foundation Collaborative Project.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ