Re: WMI and Kernel:User interface

[Pali RohÃr]

On Tuesday 13 June 2017 19:40:27 Darren Hart wrote:
> On Tue, Jun 13, 2017 at 07:16:11PM +0200, Pali RohÃr wrote:
> > On Tuesday 13 June 2017 17:38:57 Darren Hart wrote:
> > > I'll mention this again I suspect in this thread, but rather than
> > > a "WMI filter" we can implement a "WMI proxy". If a kernel
> > > driver needs to own certain WMI calls for LED or Radio
> > > management, for example, all such calls can be proxied through
> > > that driver. It can do the necessary work to update its own
> > > state, and still perform the requested funtion, transparent to
> > > the userspace caller. This should accommodate the addition of
> > > new drivers and features to kernel drivers, without precluding
> > > the development of userspace management or platform daemons.
> > 
> > Such WMI proxy implemented in every WMI driver has one design
> > problem:
> > 
> > There would be two different kernel APIs to configure some firmware
> > settings. E.g. if particular WMI method implements turning on/off
> > radio devices, then functionality would be exported to userspace
> > via:
> > 
> > 1) standard kernel rfkill interface which is device/driver/firmware
> > neutral (and any rfkill application can control it)
> > 
> > 2) platform/firmware specific WMI method via newly standard
> > /dev/wmi* interface -- and only vendor specific application could
> > do that and it would work only for this one specific WMI GUID
> > device
> 
> Yes, platform specific control is what WMI is for.
> 
> > I do not like idea to have two kernel <--> userspace interfaces to
> > control one thing, plus one interface would be platform dependent.
> > 
> > In my opinion any management application which want to control
> > radio switches should use option 1) rfkill interface.
> 
> Agreed, they should.
> 
> > And I do not see reason for exporting same duplicate, but platform
> > dependent interface from kernel to userspace.
> 
> So this question boils down to: do we export WMI to userspace or not?
> 
> The WMI GUIDs and methods will not be divided across convenient Linux
> subsystem boundaries allowing us to pick and choose what we export.
> If we export WMI to userspace, we will be providing another means of
> access. Sometimes, this may cause conflict, and the answer may just
> be "don't do that".
> 
> There are plenty of other examples of things you can do to screw up
> the state of your system if you have the right permissions for which
> the answer is "don't do that". Consider MEM(4), SETPCI(8), ...
> /dev/sda ... for example.

I know. There is also iopl(3). But this nor above examples are not tools 
for such activity. (Yes, there is e.g. lspci which can be switched to 
use iopl(3), but also it is not for normal usage.)

But on the other hand proposed WMI API designed are for such usage and 
developers are directly motivated to use it.

> So we can either export them and possibly offer some means of
> proxying where necessary, or we can not export them.

I just tried to show that proposed proxy has above problem and looks 
like anti-pattern for linux kernel. As this should be evaluated when 
going to accept or reject it.

-- 
Pali RohÃr
pali.rohar@xxxxxxxxx

Attachment: signature.asc
Description: This is a digitally signed message part.