From: Mauro Carvalho Chehab <mchehab@redhat.com>
To: Jidong Xiao <jidong.xiao@gmail.com>
Cc: david@lang.hm, Cong Wang <xiyou.wangcong@gmail.com>,
Kernel development list <linux-kernel@vger.kernel.org>
Subject: Re: Can we move device drivers into user-space?
Date: Fri, 24 Feb 2012 16:21:09 -0200 [thread overview]
Message-ID: <20120224162109.1bbf157b@redhat.com> (raw)
In-Reply-To: <CAG4AFWbfrTtq2OCrkrXfF-VV1+80oUE1Nfaxg5US3hNX3AiQ6A@mail.gmail.com>
Em Thu, 23 Feb 2012 16:01:56 -0500
Jidong Xiao <jidong.xiao@gmail.com> escreveu:
> On Thu, Feb 23, 2012 at 3:48 PM, <david@lang.hm> wrote:
> > On Thu, 23 Feb 2012, Jidong Xiao wrote:
> >
> >>>
> >>> At least UIO drivers are already in Linux kernel, see drivers/uio/.
> >>>
> >>
> >> Oh, so does it make sense to move existing device drivers into user
> >> space? For example, move most of the stuff located under drivers/usb
> >> into user-space?
> >
> >
> > Why would you want to? What advantage are you looking to gain from all the
> > effort?
> >
> Since device drivers are a significant source of bugs in OS. Moving
> them to user space can reduce the impact of these bugs. Otherwise, why
> UIO, or drivers/uio, is accepted by mainstream Linux kernel.
Moving a buggy driver to userspace won't fix the bug. You're just moving
it from one place to another place. Also, the code will likely require changes
to work on userspace, so, the chances are that you're actually introducing more
bugs.
The impact of the bug won't also reduce, on most cases, as the userspace driver
will very likely require root capabilities.
Also, as driver talks directly with the hardware, an userspace block driver
would have access to the raw disk data. So, even if you find a way for it to
run unprivileged, it can still mangle the data written on the disk, and
even have a malicious code there that adds or allows to add a malware at the
disk partitions.
That's said, there are much more eyes inspecting the kernel sources than on any
other userspace project. So, the risk of a bad code to be inserted unnoticed at
the Linux kernel is degrees of magnitude lower than on an userspace driver.
So, I can't see any advantage on doing something like that.
>
> -Jidong
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
Cheers,
Mauro
---
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
next prev parent reply other threads:[~2012-02-24 18:21 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-23 4:56 Can we move device drivers into user-space? Jidong Xiao
2012-02-23 15:57 ` Cong Wang
2012-02-23 16:34 ` Jidong Xiao
2012-02-23 20:48 ` david
2012-02-23 21:01 ` Jidong Xiao
2012-02-24 18:21 ` Mauro Carvalho Chehab [this message]
2012-02-25 15:10 ` Eduard - Gabriel Munteanu
2012-02-26 0:06 ` Mauro Carvalho Chehab
2012-02-26 0:29 ` Richard Yao
2012-02-27 11:31 ` Mauro Carvalho Chehab
2012-02-26 1:58 ` Dr. David Alan Gilbert
2012-02-26 3:34 ` arts zhao
2012-02-27 11:29 ` Mauro Carvalho Chehab
2012-02-25 15:31 ` Richard Yao
2012-02-23 21:18 ` Roland Dreier
2012-02-24 15:19 ` Jidong Xiao
2012-02-24 15:38 ` Greg KH
2012-02-24 16:38 ` Jidong Xiao
2012-02-24 16:54 ` Greg KH
2012-02-24 17:06 ` Jidong Xiao
2012-02-24 17:13 ` Greg KH
2012-02-24 17:21 ` Jidong Xiao
2012-02-24 17:31 ` Greg KH
2012-02-25 2:33 ` Richard Yao
2012-02-25 4:28 ` Jidong Xiao
2012-02-24 17:10 ` Al Viro
2012-02-25 19:23 ` Jidong Xiao
2012-02-25 20:55 ` Greg KH
2012-02-25 23:43 ` Jidong Xiao
2012-02-26 17:40 ` Greg KH
2012-02-26 22:46 ` Greg KH
2012-02-27 11:17 ` Bernd Petrovitsch
2012-02-24 17:07 ` Guenter Roeck
2012-02-24 17:17 ` Greg KH
2012-02-24 17:47 ` Guenter Roeck
2012-02-24 18:34 ` Greg KH
2012-02-24 19:15 ` Henrik Rydberg
2012-02-24 19:26 ` Greg KH
2012-02-24 20:10 ` Henrik Rydberg
2012-02-24 20:16 ` Greg KH
2012-02-24 20:37 ` Henrik Rydberg
2012-02-24 20:56 ` Greg KH
2012-02-24 21:22 ` Henrik Rydberg
2012-02-24 21:30 ` Ted Ts'o
2012-02-24 22:14 ` Henrik Rydberg
2012-02-24 22:20 ` Greg KH
2012-02-24 22:49 ` Henrik Rydberg
2012-02-24 22:54 ` Greg KH
2012-02-24 23:14 ` Henrik Rydberg
2012-02-25 12:15 ` Theodore Tso
2012-02-26 9:54 ` Henrik Rydberg
2012-02-26 4:56 ` Bobby Powers
2012-02-26 10:47 ` Henrik Rydberg
2012-02-26 12:26 ` Richard Yao
2012-02-26 14:23 ` Bernd Petrovitsch
2012-02-26 15:29 ` Henrik Rydberg
[not found] ` <365b85cee33d4f1aadc31336663de21c@HUBCAS2.cs.stonybrook.edu>
2012-02-26 15:05 ` Richard Yao
2012-02-26 20:30 ` Ted Ts'o
[not found] ` <09a5cca9cffb4300843f682be529e8ca@HUBCAS2.cs.stonybrook.edu>
2012-02-26 21:25 ` Richard Yao
2012-02-26 21:35 ` Theodore Tso
[not found] ` <10de0ef9fb5d44c08669191e12343a97@HUBCAS2.cs.stonybrook.edu>
2012-02-26 22:03 ` Richard Yao
2012-02-27 11:17 ` Bernd Petrovitsch
2012-02-26 23:08 ` david
2012-02-27 0:01 ` Henrik Rydberg
2012-02-27 0:53 ` david
2012-02-27 9:07 ` Henrik Rydberg
2012-03-01 9:54 ` Thomas Gleixner
2012-02-24 15:58 ` Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120224162109.1bbf157b@redhat.com \
--to=mchehab@redhat.com \
--cc=david@lang.hm \
--cc=jidong.xiao@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).