From: "Sverdlin, Alexander" <alexander.sverdlin@siemens.com>
To: "thiago@kde.org" <thiago@kde.org>, "brgl@bgdev.pl" <brgl@bgdev.pl>
Cc: "viresh.kumar@linaro.org" <viresh.kumar@linaro.org>,
"warthog618@gmail.com" <warthog618@gmail.com>,
"phil@gadgetoid.com" <phil@gadgetoid.com>,
"dan.carpenter@linaro.org" <dan.carpenter@linaro.org>,
"erik.schilling@linaro.org" <erik.schilling@linaro.org>,
"andriy.shevchenko@linux.intel.com"
<andriy.shevchenko@linux.intel.com>,
"linux-gpio@vger.kernel.org" <linux-gpio@vger.kernel.org>,
"linus.walleij@linaro.org" <linus.walleij@linaro.org>,
"dbus@lists.freedesktop.org" <dbus@lists.freedesktop.org>,
"bartosz.golaszewski@linaro.org" <bartosz.golaszewski@linaro.org>
Subject: Re: [PATCH RESEND libgpiod v2 10/18] dbus: add the API definitions
Date: Tue, 2 Jul 2024 10:35:40 +0000 [thread overview]
Message-ID: <398ba49ba14f78b2a582f52b60b4ca6a616ae4c0.camel@siemens.com> (raw)
In-Reply-To: <CAMRc=McaFTy+csg+1McRjMNDkYond74VSrJsQ3mETp7dJoNtnQ@mail.gmail.com>
Hi Bartosz, Thiago!
On Tue, 2024-07-02 at 11:15 +0200, Bartosz Golaszewski wrote:
> > > > What's the point of this property? It looks racy, as the user (whichever
> > > > it
> > > > is) can stop using it soon after a true read, or the line can become used
> > > > right after a false read? The latter could lead to TOCTOU problems.
Actually I don't think those users who are going to request the line will
look into "busy" flag, they just need to request directly and [possibly] fail.
But for displaying the status the racy flag is perfectly fine, because the
information is anyway outdated by the time it appears on the terminal.
> > > > Wouldn't it be better to force users to RequestLine and get an error if
> > > > the
> > > > line is busy? Because if it wasn't busy, now the calling application knows
> > > > nothing else can grab it.
> > >
> > > this approach would make the inspection itself racy, isn't it?
> > > I'm thinking about two instances of "gpiocli info" running in parallel, they
> > > would display GPIO lines randomly "busy" even in case none of them actually
> > > is?
> >
> > Correct, but the race time would be very small. The status application need
> > not keep the line requested for long, only enough to get the current state.
> >
> > In any case, my argument is for everything *except* for the status / info
> > application. That's an outlier application, of which there's likely to be a
> > single one in the system. However, there will likely be multiple applications
> > that need lines for actual uses. The argument is that the presence of the
> > property can lead application authors to check before RequestLine in order to
> > present a message to their users, possibly because their code is simpler for
> > reading a property than dealing with an error.
> >
> > Therefore, my advice is to not have the API that can lead to TOCTOU, even if
> > by accident.
>
> Unfortunately there's one issue with the above: requesting a line
> (even as input) may result in the kernel driver triggering a physical
> change in hardware which may be undesirable. Inspecting the "Used"
> property only results in fetching a flag from the kernel and will
> never make the driver act upon HW.
And this is very true, barely anyone wants their "input pull-up" or
"input pull-down" to become simply "input" just by observing the status.
--
Alexander Sverdlin
Siemens AG
www.siemens.com
next prev parent reply other threads:[~2024-07-02 10:35 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-28 18:58 [PATCH RESEND libgpiod v2 00/18] dbus: add GLib-based DBus daemon and command-line client Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 01/18] tests: split out reusable test code into a local static library Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 02/18] tests: split out the common test code for bash scripts Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 03/18] bindings: glib: add build files Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 04/18] bindings: glib: add public headers Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 05/18] bindings: glib: add core code Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 06/18] bindings: glib: add examples Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 07/18] bindings: glib: add tests Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 08/18] README: document GLib bindings Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 09/18] dbus: add build files Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 10/18] dbus: add the API definitions Bartosz Golaszewski
2024-06-30 16:49 ` Thiago Macieira
2024-07-01 8:40 ` Bartosz Golaszewski
2024-07-02 6:48 ` Sverdlin, Alexander
2024-07-02 9:06 ` Thiago Macieira
2024-07-02 9:15 ` Bartosz Golaszewski
2024-07-02 10:35 ` Sverdlin, Alexander [this message]
2024-07-03 10:53 ` Thiago Macieira
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 11/18] dbus: add a wrapper around the gdbus-codegen generated header Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 12/18] dbus: add data files Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 13/18] dbus: add gpio-manager code Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 14/18] dbus: add tests Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 15/18] dbus: add a command-line client Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 16/18] dbus: client: add tests Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 17/18] README: document the DBus API Bartosz Golaszewski
2024-06-28 18:58 ` [PATCH RESEND libgpiod v2 18/18] TODO: drop the DBus daemon from the list Bartosz Golaszewski
2024-07-02 6:59 ` [PATCH RESEND libgpiod v2 00/18] dbus: add GLib-based DBus daemon and command-line client Sverdlin, Alexander
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=398ba49ba14f78b2a582f52b60b4ca6a616ae4c0.camel@siemens.com \
--to=alexander.sverdlin@siemens.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bartosz.golaszewski@linaro.org \
--cc=brgl@bgdev.pl \
--cc=dan.carpenter@linaro.org \
--cc=dbus@lists.freedesktop.org \
--cc=erik.schilling@linaro.org \
--cc=linus.walleij@linaro.org \
--cc=linux-gpio@vger.kernel.org \
--cc=phil@gadgetoid.com \
--cc=thiago@kde.org \
--cc=viresh.kumar@linaro.org \
--cc=warthog618@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).