From: Christoph Hellwig <hch@infradead.org>
To: Brian Swetland <swetland@google.com>
Cc: Christoph Hellwig <hch@infradead.org>,
James Bottomley <James.Bottomley@suse.de>,
Thomas Gleixner <tglx@linutronix.de>,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
Florian Mickler <florian@mickler.org>,
Vitaly Wool <vitalywool@gmail.com>,
Arve Hj?nnev?g <arve@android.com>,
Arjan van de Ven <arjan@infradead.org>,
tytso@mit.edu, Peter Zijlstra <peterz@infradead.org>,
"H. Peter Anvin" <hpa@zytor.com>,
LKML <linux-kernel@vger.kernel.org>, Neil Brown <neilb@suse.de>,
Linux PM <linux-pm@lists.linux-foundation.org>,
Ingo Molnar <mingo@elte.hu>,
Linux OMAP Mailing List <linux-omap@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Felipe Balbi <felipe.balbi@nokia.com>
Subject: Re: [linux-pm] suspend blockers & Android integration
Date: Mon, 7 Jun 2010 04:03:57 -0400 [thread overview]
Message-ID: <20100607080357.GB15851@infradead.org> (raw)
In-Reply-To: <AANLkTikA0ihlbehyyN-zQ3mN4WmlZJYBSRTYV8SbDhSr@mail.gmail.com>
On Sun, Jun 06, 2010 at 12:58:10PM -0700, Brian Swetland wrote:
> Somebody will have to broker a deal with the frameworks/apps folks to
> get rid of the binder. They like it a lot. Of course if somebody
> built a drop-in replacement for the userspace side that didn't require
> a kernel driver, had the same performance characteristics, solved the
> same problems, etc, they could probably make an argument for it (or
> just provide it as a drop-in replacement for people who want a more
> "pure" linux underneath Android, even if we didn't pick it up).
This wasn't really directed at you, but rather about people talking
about running a mainline kernel on Android in this thread. As I said
this is a lot more work then sorting out the drivers - with or without
suspend blockers.
> The group ID stuff works incredibly well for gating device access --
> we ensure that devices that need access from various processes end up
> with perms like 0660 root audio (say for a raw audio interface), and
> then we assure that processes which have the "may use audio hardware"
> permission are executed with audio as an additional group. We ended
> up using the same model to control socket, raw socket, and bt socket
> access because at the time we could not find a reasonable way to grant
> or exclude such permissions on a process by process basis.
> Maintaining about 20-30 lines of diffs to make that work was not a bad
> tradeoff (and we don't expect those patches to go upstream). If
> there's a way to accomplish this without patching the kernel, we're
> all ears.
I'd have to take a look again on how this is implemented in details.
If it's just overriding the capabilities it's really hard to do in
the current model as the capabilities aren't fine grained enough
currently, even with the existing per-file and per-process capabilities.
If it's mostly overriding regular unix file permissions it's easily
doable with ACLs, or in fact just with group ownership at the filesystem
level, without kernel hacks.
next prev parent reply other threads:[~2010-06-07 8:03 UTC|newest]
Thread overview: 195+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-03 19:30 suspend blockers & Android integration Ingo Molnar
2010-06-03 19:50 ` Brian Swetland
2010-06-04 7:57 ` Ingo Molnar
2010-06-04 8:29 ` Brian Swetland
2010-06-04 8:55 ` Ingo Molnar
2010-06-04 9:03 ` Pekka Enberg
2010-06-04 9:08 ` Brian Swetland
2010-06-04 9:59 ` Ingo Molnar
2010-06-04 10:09 ` Brian Swetland
2010-06-04 14:24 ` James Bottomley
2010-06-04 15:07 ` Florian Mickler
2010-06-06 8:04 ` david
2010-06-10 13:58 ` Pavel Machek
2010-06-11 4:21 ` [linux-pm] " David Brownell
2010-06-11 14:28 ` James Bottomley
2010-06-11 14:46 ` Alan Stern
2010-06-11 15:01 ` Mark Brown
2010-06-11 15:02 ` James Bottomley
2010-06-11 20:48 ` Alan Stern
2010-06-11 21:04 ` James Bottomley
2010-06-12 17:10 ` Mark Brown
2010-06-12 2:43 ` David Brownell
2010-06-11 14:42 ` Alan Stern
[not found] ` <20100603231153.GA11302@elte.hu>
2010-06-03 23:23 ` Ingo Molnar
2010-06-03 23:37 ` Linus Torvalds
2010-06-03 23:46 ` Ingo Molnar
2010-06-04 2:16 ` Linus Torvalds
2010-06-04 2:26 ` Linus Torvalds
2010-06-04 3:45 ` Arjan van de Ven
2010-06-04 4:46 ` Linus Torvalds
2010-06-04 10:42 ` Andi Kleen
2010-06-04 8:15 ` Ingo Molnar
2010-06-06 8:16 ` david
2010-06-06 8:23 ` david
2010-06-04 3:45 ` Arve Hjønnevåg
2010-06-04 6:22 ` Ingo Molnar
2010-06-04 8:11 ` Ingo Molnar
2010-06-05 20:37 ` Florian Mickler
2010-06-04 0:39 ` Ingo Molnar
2010-06-04 14:50 ` Alan Stern
2010-06-04 4:38 ` Neil Brown
2010-06-04 4:54 ` Arve Hjønnevåg
2010-06-04 7:13 ` Ingo Molnar
2010-06-04 7:37 ` Arve Hjønnevåg
2010-06-04 8:34 ` Ingo Molnar
2010-06-04 8:56 ` Arve Hjønnevåg
2010-06-04 12:06 ` Peter Zijlstra
2010-06-05 0:10 ` Arve Hjønnevåg
2010-06-05 9:54 ` Peter Zijlstra
2010-06-05 16:28 ` Arjan van de Ven
2010-06-05 21:26 ` Arve Hjønnevåg
2010-06-05 22:23 ` Arjan van de Ven
2010-06-05 22:26 ` Brian Swetland
2010-06-05 22:48 ` Arjan van de Ven
2010-06-05 23:45 ` Thomas Gleixner
2010-06-06 0:34 ` Arve Hjønnevåg
2010-06-05 22:52 ` Rafael J. Wysocki
2010-06-05 22:39 ` Arve Hjønnevåg
2010-06-05 23:34 ` Arjan van de Ven
2010-06-06 0:02 ` Arve Hjønnevåg
2010-06-06 11:18 ` Felipe Contreras
2010-06-06 11:26 ` david
2010-06-06 7:52 ` [linux-pm] " Vitaly Wool
2010-06-06 8:20 ` Brian Swetland
2010-06-06 8:32 ` Vitaly Wool
2010-06-06 9:21 ` Brian Swetland
2010-06-06 9:56 ` david
2010-06-06 11:11 ` Felipe Contreras
2010-06-06 10:00 ` Vitaly Wool
2010-06-06 10:12 ` david
2010-06-06 10:19 ` [linux-pm] " Vitaly Wool
2010-06-06 10:49 ` Florian Mickler
2010-06-06 10:57 ` Vitaly Wool
2010-06-06 11:14 ` [linux-pm] " david
2010-06-07 12:16 ` Florian Mickler
2010-06-09 1:14 ` david
2010-06-09 3:46 ` Linus Torvalds
2010-06-09 7:43 ` [linux-pm] " Felipe Contreras
2010-06-09 9:40 ` Rafael J. Wysocki
2010-06-09 22:04 ` Neil Brown
2010-06-10 8:59 ` Rafael J. Wysocki
2010-06-10 12:00 ` Neil Brown
2010-06-10 16:06 ` Rafael J. Wysocki
2010-06-10 13:57 ` Mark Brown
2010-06-10 15:46 ` Rafael J. Wysocki
2010-06-10 19:01 ` Mark Brown
2010-06-10 14:47 ` Alan Stern
2010-06-10 15:44 ` Rafael J. Wysocki
2010-06-06 10:46 ` Florian Mickler
2010-06-06 11:05 ` Alan Cox
2010-06-06 13:34 ` Matthew Garrett
2010-06-06 14:31 ` James Bottomley
2010-06-06 15:46 ` [linux-pm] " Thomas Gleixner
2010-06-06 17:08 ` James Bottomley
2010-06-06 18:04 ` Thomas Gleixner
2010-06-06 18:44 ` Brian Swetland
2010-06-06 19:26 ` Thomas Gleixner
2010-06-06 19:05 ` [linux-pm] " Christoph Hellwig
2010-06-06 19:15 ` Brian Swetland
2010-06-06 19:24 ` [linux-pm] " Christoph Hellwig
2010-06-06 19:58 ` Brian Swetland
2010-06-06 22:26 ` Thomas Gleixner
2010-06-07 8:00 ` Christoph Hellwig
2010-06-07 8:03 ` Christoph Hellwig [this message]
2010-06-07 8:16 ` Brian Swetland
2010-06-07 13:20 ` Peter Zijlstra
2010-06-07 18:40 ` David Brownell
2010-06-07 23:17 ` Linus Walleij
2010-06-07 23:37 ` Brian Swetland
2010-06-08 2:15 ` Valdis.Kletnieks
2010-06-09 12:33 ` [linux-pm] " Mark Brown
2010-07-09 19:11 ` HTC Dream drivers was " Pavel Machek
2010-06-06 13:31 ` Matthew Garrett
2010-06-06 15:26 ` Vitaly Wool
2010-06-06 15:29 ` Matthew Garrett
2010-06-06 15:47 ` Vitaly Wool
2010-06-06 16:43 ` Matthew Garrett
2010-06-06 17:21 ` Vitaly Wool
2010-06-06 17:31 ` Matthew Garrett
2010-06-06 19:01 ` Rafael J. Wysocki
2010-06-07 10:25 ` Felipe Contreras
2010-06-07 13:01 ` Florian Mickler
2010-06-07 0:01 ` Alan Stern
2010-06-07 1:07 ` [linux-pm] suspend blockers & Android integrationy Thomas Gleixner
2010-06-07 14:42 ` Alan Stern
2010-06-07 15:49 ` Thomas Gleixner
2010-06-07 15:56 ` [linux-pm] suspend blockers & Android integration Florian Mickler
2010-06-08 0:57 ` Arve Hjønnevåg
2010-06-08 1:13 ` Alan Stern
2010-06-04 9:43 ` Peter Zijlstra
2010-06-04 9:54 ` Peter Zijlstra
2010-06-04 10:03 ` Ingo Molnar
2010-06-04 10:08 ` Peter Zijlstra
2010-06-04 10:11 ` Brian Swetland
2010-06-04 10:11 ` Thomas Gleixner
2010-06-04 10:13 ` Peter Zijlstra
2010-06-04 23:38 ` Rafael J. Wysocki
2010-06-05 0:05 ` Thomas Gleixner
2010-06-05 0:39 ` Arve Hjønnevåg
2010-06-05 1:18 ` Matt Helsley
2010-06-05 5:35 ` Arve Hjønnevåg
2010-06-05 18:25 ` Rafael J. Wysocki
2010-06-05 22:10 ` Arve Hjønnevåg
2010-06-05 23:03 ` Rafael J. Wysocki
2010-06-06 1:03 ` Arve Hjønnevåg
2010-06-06 2:49 ` Alan Stern
2010-06-06 11:09 ` [linux-pm] " Alan Stern
2010-06-08 0:23 ` Arve Hjønnevåg
2010-06-08 1:09 ` Alan Stern
2010-06-08 1:31 ` Arve Hjønnevåg
2010-06-08 2:32 ` Alan Stern
2010-06-08 3:05 ` Arve Hjønnevåg
2010-06-08 10:19 ` Florian Mickler
2010-06-08 14:50 ` Alan Stern
2010-06-09 1:48 ` Arve Hjønnevåg
2010-06-09 15:29 ` Alan Stern
2010-06-09 23:42 ` Arve Hjønnevåg
2010-06-10 4:21 ` david
2010-06-10 4:51 ` Arve Hjønnevåg
2010-06-10 5:10 ` Neil Brown
2010-06-10 14:39 ` Alan Stern
2010-06-10 14:28 ` Alan Stern
2010-06-10 23:02 ` Arve Hjønnevåg
2010-06-11 1:44 ` Alan Stern
2010-06-11 3:16 ` Arve Hjønnevåg
2010-06-11 14:33 ` Alan Stern
2010-06-11 22:18 ` Arve Hjønnevåg
2010-06-12 15:22 ` [linux-pm] " Alan Stern
2010-06-07 23:16 ` Arve Hjønnevåg
2010-06-06 13:29 ` Rafael J. Wysocki
2010-06-05 1:33 ` Thomas Gleixner
2010-06-05 5:23 ` Arve Hjønnevåg
2010-06-05 16:47 ` Thomas Gleixner
2010-06-05 21:47 ` Arve Hjønnevåg
2010-06-05 22:11 ` Thomas Gleixner
2010-06-05 23:21 ` Arve Hjønnevåg
2010-06-05 23:39 ` Rafael J. Wysocki
2010-06-06 0:04 ` Thomas Gleixner
2010-06-06 1:16 ` Arve Hjønnevåg
2010-06-06 10:36 ` Thomas Gleixner
2010-06-06 14:43 ` Matt Helsley
2010-06-08 0:45 ` Arve Hjønnevåg
2010-06-07 23:34 ` Arve Hjønnevåg
2010-06-06 10:56 ` Thomas Gleixner
2010-06-08 0:05 ` Arve Hjønnevåg
2010-06-06 0:19 ` Thomas Gleixner
2010-06-06 1:24 ` Arve Hjønnevåg
2010-06-06 0:32 ` Thomas Gleixner
2010-06-06 1:45 ` Arve Hjønnevåg
2010-06-06 10:01 ` Thomas Gleixner
2010-06-05 22:44 ` Rafael J. Wysocki
2010-06-05 23:56 ` Arve Hjønnevåg
2010-06-06 13:55 ` Rafael J. Wysocki
2010-06-08 0:39 ` Arve Hjønnevåg
2010-06-08 9:11 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100607080357.GB15851@infradead.org \
--to=hch@infradead.org \
--cc=James.Bottomley@suse.de \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=arve@android.com \
--cc=felipe.balbi@nokia.com \
--cc=florian@mickler.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-omap@vger.kernel.org \
--cc=linux-pm@lists.linux-foundation.org \
--cc=mingo@elte.hu \
--cc=neilb@suse.de \
--cc=peterz@infradead.org \
--cc=swetland@google.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=vitalywool@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).