Re: RFC: banning device driver reserved resources from /dev/mem

[Alan Cox]

> I'll add a "share resource with userland" option to allow us to make
> this desire explicit for the cases we want this (and can tolerate
> concurrent accesses)

For debug tools that would be almost all drivers, and for distribution
use that needs to be a runtime selection.

For the non share-resource-with case what occurs if /dev/mem is active
when the driver is loaded ?

> for me it is a goal to have /dev/mem do as little as possible while
> allowing the "normal" uses. This is to help SELinux to have sane policy
> rather than "X still has perms to own the whole box" etc.

Then it should be runtime configurable

> it came out of chasing e1000e with the "eh who maps our e1000e bar from
> userspace" scare. Followed by thinking "if the driver requests
> exclusivity the kernel should try to grant that".

Only if you can then configure that *policy* decision at runtime in user
space. Otherwise you create shackles that simply harm debug work and make
it harder for distributions to ship the feature enabled by default (which
is the ideal case).

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/