On Fri, 07.03.14 21:51, Lukasz Pawelczyk (havner(a)gmail.com) wrote:
>> Problem:
>> Has anyone thought about a mechanism to limit/remove an access to a
>> device during an application runtime? Meaning we have an
>> application that has an open file descriptor to some /dev/node and
>> depending on *something* it gains or looses the access to it
>> gracefully (with or without a notification, but without any fatal
>> consequences).
>
> logind can mute input devices as sessions are switched, to enable
> unpriviliged X11 and wayland compositors.
Would you please elaborate on this? Where is this mechanism? How does
it work without kernel space support? Is there some kernel space
support I’m not aware of?
There's EVIOCREVOKE for input devices and
DRM_IOCTL_SET_MASTER/DRM_IOCTL_DROP_MASTER for DRM devices. See logind
sources.
> Before you think about doing something like this, you need to
fix the
> kernel to provide namespaced devices (good luck!)
Precisly! That’s the generic idea. I’m not for implementing it though
at this moment. I just wanted to know whether anybody actually though
about it or maybe someone is interested in starting such a work, etc.
It's not just about turning on and turning off access to the event
stream. It's mostly about enumeration and probing which doesn't work in
containers, and is particularly messy if you intend to share devices
between containers.
> logind can do this for you between sessions. But such a
container setup
> will never work without proper device namespacing.
So how can it do it when there is no kernel support? You mean it could
be doing this if the support were there?
EVIOCREVOKE and the DRM ioctls are pretty real...
Lennart
--
Lennart Poettering, Red Hat