Re: [linux-pm] suspend blockers & Android integration

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Brian Swetland

Subject: Re: [linux-pm] suspend blockers & Android integration

Date: Monday, June 7, 2010 - 1:16 am

On Mon, Jun 7, 2010 at 1:03 AM, Christoph Hellwig <hch@infradead.org> wrote:
quoted text> On Sun, Jun 06, 2010 at 12:58:10PM -0700, Brian Swetland wrote:
>> The group ID stuff works incredibly well for gating device access --
>> we ensure that devices that need access from various processes end up
>> with perms like 0660 root audio (say for a raw audio interface), and
>> then we assure that processes which have the "may use audio hardware"
>> permission are executed with audio as an additional group.  We ended
>> up using the same model to control socket, raw socket, and bt socket
>> access because at the time we could not find a reasonable way to grant
>> or exclude such permissions on a process by process basis.
>> Maintaining about 20-30 lines of diffs to make that work was not a bad
>> tradeoff (and we don't expect those patches to go upstream).  If
>> there's a way to accomplish this without patching the kernel, we're
>> all ears.
>
> I'd have to take a look again on how this is implemented in details.
> If it's just overriding the capabilities it's really hard to do in
> the current model as the capabilities aren't fine grained enough
> currently, even with the existing per-file and per-process capabilities.
> If it's mostly overriding regular unix file permissions it's easily
> doable with ACLs, or in fact just with group ownership at the filesystem
> level, without kernel hacks.

For device nodes, we just use group ownership and it works fine with
no kernel modifications.  For the "can create socket", "can create bt
socket", and "can create raw socket" permissions we ended up throwing
together a patch tying those operations to being in the appropriate
group.  Obviously a hack, but it was the most straightforward solution
we could find at the time.

Brian
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

suspend blockers & Android integration, Ingo Molnar, (Thu Jun 3, 12:30 pm)

Re: suspend blockers & Android integration, Brian Swetland, (Thu Jun 3, 12:50 pm)

Re: suspend blockers & Android integration, Ingo Molnar, (Thu Jun 3, 4:23 pm)

Re: suspend blockers & Android integration, Linus Torvalds, (Thu Jun 3, 4:37 pm)

Re: suspend blockers & Android integration, Ingo Molnar, (Thu Jun 3, 4:46 pm)

Re: suspend blockers & Android integration, Ingo Molnar, (Thu Jun 3, 5:39 pm)

Re: suspend blockers & Android integration, Linus Torvalds, (Thu Jun 3, 7:16 pm)

Re: suspend blockers & Android integration, Linus Torvalds, (Thu Jun 3, 7:26 pm)

Re: suspend blockers & Android integration, Arjan van de Ven, (Thu Jun 3, 8:45 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Thu Jun 3, 8:45 pm)

Re: suspend blockers & Android integration, Neil Brown, (Thu Jun 3, 9:38 pm)

Re: suspend blockers & Android integration, Linus Torvalds, (Thu Jun 3, 9:46 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Thu Jun 3, 9:54 pm)

Re: suspend blockers & Android integration, Ingo Molnar, (Thu Jun 3, 11:22 pm)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 12:13 am)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 12:37 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 12:57 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 1:11 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 1:15 am)

Re: suspend blockers & Android integration, Brian Swetland, (Fri Jun 4, 1:29 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 1:34 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 1:55 am)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 1:56 am)

Re: suspend blockers & Android integration, Pekka Enberg, (Fri Jun 4, 2:03 am)

Re: suspend blockers & Android integration, Brian Swetland, (Fri Jun 4, 2:08 am)

Re: suspend blockers & Android integration, Peter Zijlstra, (Fri Jun 4, 2:43 am)

Re: suspend blockers & Android integration, Peter Zijlstra, (Fri Jun 4, 2:54 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 2:59 am)

Re: suspend blockers & Android integration, Ingo Molnar, (Fri Jun 4, 3:03 am)

Re: suspend blockers & Android integration, Peter Zijlstra, (Fri Jun 4, 3:08 am)

Re: suspend blockers & Android integration, Brian Swetland, (Fri Jun 4, 3:09 am)

Re: suspend blockers & Android integration, Brian Swetland, (Fri Jun 4, 3:11 am)

Re: suspend blockers & Android integration, Thomas Gleixner, (Fri Jun 4, 3:11 am)

Re: suspend blockers & Android integration, Peter Zijlstra, (Fri Jun 4, 3:13 am)

Re: suspend blockers & Android integration, Andi Kleen, (Fri Jun 4, 3:42 am)

Re: suspend blockers & Android integration, Peter Zijlstra, (Fri Jun 4, 5:06 am)

Re: suspend blockers & Android integration, James Bottomley, (Fri Jun 4, 7:24 am)

Re: suspend blockers & Android integration, Florian Mickler, (Fri Jun 4, 8:07 am)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Fri Jun 4, 4:38 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Fri Jun 4, 5:05 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 5:10 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 5:39 pm)

Re: suspend blockers & Android integration, Matt Helsley, (Fri Jun 4, 6:18 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Fri Jun 4, 6:33 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 10:23 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Fri Jun 4, 10:35 pm)

Re: suspend blockers & Android integration, Peter Zijlstra, (Sat Jun 5, 2:54 am)

Re: suspend blockers & Android integration, Arjan van de Ven, (Sat Jun 5, 9:28 am)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 9:47 am)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sat Jun 5, 11:25 am)

Re: suspend blockers & Android integration, Florian Mickler, (Sat Jun 5, 1:37 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 2:26 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 2:47 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 3:10 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 3:11 pm)

Re: suspend blockers & Android integration, Arjan van de Ven, (Sat Jun 5, 3:23 pm)

Re: suspend blockers & Android integration, Brian Swetland, (Sat Jun 5, 3:26 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 3:39 pm)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sat Jun 5, 3:44 pm)

Re: suspend blockers & Android integration, Arjan van de Ven, (Sat Jun 5, 3:48 pm)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sat Jun 5, 3:52 pm)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sat Jun 5, 4:03 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 4:21 pm)

Re: suspend blockers & Android integration, Arjan van de Ven, (Sat Jun 5, 4:34 pm)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sat Jun 5, 4:39 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 4:45 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 4:56 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 5:02 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 5:04 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 5:19 pm)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sat Jun 5, 5:32 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 5:34 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 6:03 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 6:16 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 6:24 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Sat Jun 5, 6:45 pm)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 12:52 am)

Re: suspend blockers & Android integration, david, (Sun Jun 6, 1:04 am)

Re: suspend blockers & Android integration, david, (Sun Jun 6, 1:16 am)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Sun Jun 6, 1:20 am)

Re: suspend blockers & Android integration, david, (Sun Jun 6, 1:23 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 1:32 am)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Sun Jun 6, 2:21 am)

Re: [linux-pm] suspend blockers & Android integration, david, (Sun Jun 6, 2:56 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 3:00 am)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 3:01 am)

Re: [linux-pm] suspend blockers & Android integration, david, (Sun Jun 6, 3:12 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 3:19 am)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 3:36 am)

Re: [linux-pm] suspend blockers & Android integration, Florian Mickler, (Sun Jun 6, 3:46 am)

Re: [linux-pm] suspend blockers & Android integration, Florian Mickler, (Sun Jun 6, 3:49 am)

Re: suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 3:56 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 3:57 am)

Re: [linux-pm] suspend blockers & Android integration, Alan Cox, (Sun Jun 6, 4:05 am)

Re: [linux-pm] suspend blockers & Android integration, Felipe Contreras, (Sun Jun 6, 4:11 am)

Re: [linux-pm] suspend blockers & Android integration, david, (Sun Jun 6, 4:14 am)

Re: suspend blockers & Android integration, Felipe Contreras, (Sun Jun 6, 4:18 am)

Re: suspend blockers & Android integration, david, (Sun Jun 6, 4:26 am)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sun Jun 6, 6:29 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 6:31 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 6:34 am)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Sun Jun 6, 6:55 am)

Re: [linux-pm] suspend blockers & Android integration, James Bottomley, (Sun Jun 6, 7:31 am)

Re: suspend blockers & Android integration, Matt Helsley, (Sun Jun 6, 7:43 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 8:26 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 8:29 am)

Re: [linux-pm] suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 8:46 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 8:47 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 9:43 am)

Re: [linux-pm] suspend blockers & Android integration, James Bottomley, (Sun Jun 6, 10:08 am)

Re: [linux-pm] suspend blockers & Android integration, Vitaly Wool, (Sun Jun 6, 10:21 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 10:31 am)

Re: [linux-pm] suspend blockers & Android integration, Matthew Garrett, (Sun Jun 6, 10:48 am)

Re: [linux-pm] suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 11:04 am)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Sun Jun 6, 11:44 am)

Re: [linux-pm] suspend blockers & Android integration, Rafael J. Wysocki, (Sun Jun 6, 12:01 pm)

Re: [linux-pm] suspend blockers & Android integration, Christoph Hellwig, (Sun Jun 6, 12:05 pm)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Sun Jun 6, 12:15 pm)

Re: [linux-pm] suspend blockers & Android integration, Christoph Hellwig, (Sun Jun 6, 12:24 pm)

Re: [linux-pm] suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 12:26 pm)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Sun Jun 6, 12:58 pm)

Re: [linux-pm] suspend blockers & Android integration, Thomas Gleixner, (Sun Jun 6, 3:26 pm)

Re: [linux-pm] suspend blockers & Android integration, Christoph Hellwig, (Mon Jun 7, 1:00 am)

Re: [linux-pm] suspend blockers & Android integration, Christoph Hellwig, (Mon Jun 7, 1:03 am)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Mon Jun 7, 1:16 am)

Re: [linux-pm] suspend blockers & Android integration, Felipe Contreras, (Mon Jun 7, 3:25 am)

Re: [linux-pm] suspend blockers & Android integration, Florian Mickler, (Mon Jun 7, 5:16 am)

Re: [linux-pm] suspend blockers & Android integration, Florian Mickler, (Mon Jun 7, 6:01 am)

Re: [linux-pm] suspend blockers & Android integration, Peter Zijlstra, (Mon Jun 7, 6:20 am)

Re: [linux-pm] suspend blockers & Android integration, Linus Walleij, (Mon Jun 7, 4:17 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Mon Jun 7, 4:34 pm)

Re: [linux-pm] suspend blockers & Android integration, Brian Swetland, (Mon Jun 7, 4:37 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Mon Jun 7, 5:05 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Mon Jun 7, 5:39 pm)

Re: suspend blockers & Android integration, Arve Hjønnevåg, (Mon Jun 7, 5:45 pm)

Re: [linux-pm] suspend blockers & Android integration, Valdis.Kletnieks, (Mon Jun 7, 7:15 pm)

Re: suspend blockers & Android integration, Rafael J. Wysocki, (Tue Jun 8, 2:11 am)

Re: [linux-pm] suspend blockers & Android integration, david, (Tue Jun 8, 6:14 pm)

Re: [linux-pm] suspend blockers & Android integration, Linus Torvalds, (Tue Jun 8, 8:46 pm)

Re: [linux-pm] suspend blockers & Android integration, Felipe Contreras, (Wed Jun 9, 12:43 am)

Re: [linux-pm] suspend blockers & Android integration, Rafael J. Wysocki, (Wed Jun 9, 2:40 am)

Re: [linux-pm] suspend blockers & Android integration, Mark Brown, (Wed Jun 9, 5:33 am)

Re: [linux-pm] suspend blockers & Android integration, Neil Brown, (Wed Jun 9, 3:04 pm)

Re: [linux-pm] suspend blockers & Android integration, Rafael J. Wysocki, (Thu Jun 10, 1:59 am)

Re: [linux-pm] suspend blockers & Android integration, Neil Brown, (Thu Jun 10, 5:00 am)

Re: [linux-pm] suspend blockers & Android integration, Mark Brown, (Thu Jun 10, 6:57 am)

Re: suspend blockers & Android integration, Pavel Machek, (Thu Jun 10, 6:58 am)

Re: [linux-pm] suspend blockers & Android integration, Rafael J. Wysocki, (Thu Jun 10, 8:46 am)

Re: [linux-pm] suspend blockers & Android integration, Rafael J. Wysocki, (Thu Jun 10, 9:06 am)

Re: [linux-pm] suspend blockers & Android integration, Mark Brown, (Thu Jun 10, 12:01 pm)

HTC Dream drivers was Re: [linux-pm] suspend blockers & An ..., Pavel Machek, (Fri Jul 9, 12:11 pm)

Navigation

Popular discussions


linux-kernel:
Greg KH	Og dreams of kernels
Jens Axboe	[PATCH 31/33] Fusion: sg chaining support
Arnd Bergmann	Re: finding your own dead "CONFIG_" variables
Mark Brown	[PATCH 2/2] Subject: natsemi: Allow users to disable workaround for DspCfg reset
Tony Breeds	[LGUEST] Look in object dir for .config
git:
Brian Downing	Re: Git in a Nutshell guide
John Benes	Re: master has some toys