From: Jacob Moody <firstname.lastname@example.org> To: email@example.com Subject: Re: [9front] [PATCH] Unmount to remove sharp devices. Date: Wed, 25 May 2022 13:03:21 -0600 [thread overview] Message-ID: <firstname.lastname@example.org> (raw) In-Reply-To: <email@example.com> On 5/23/22 11:37, Jacob Moody wrote: > There was some followup discussion for this on irc that I want to > make sure is captured here: > > The command written to /dev/drivers will change to be one of: > chdev DEVS > chdev -DEVS I am having some second thoughts about this. While this syntax does replicate chmod, I am not entirely convinced that is what we want. When being added to /sys/src/libauth/newns:/^nsop/ you have to special case around the ARGBEGIN block. Combine that with the fact that this decision would lock chdev(1) from ever accepting it's own flags, it felt like this was introducing special case cruft. Another consideration was what the syntax would be for removing all drivers, currently it would just be chdev '' or something similar. Which is fine but fat fingering that would be an annoying way to kill your current namespace. These caveats may be entirely acceptable, but I was bothered enough to attempt to find another way. Instead, I thought perhaps a rune prefix might be best. So you end up with: chdev ∅ for removing all drivers. chdev ∉DEVS For removing just the specified drivers. chdev ∈DEVS For removing access to all but the specified drivers. If a prefix is not given, ∈ is assumed. I did implement this idea, to field it for quirks, but wanted to get some feedback before redoing man page changes. The downsides I see here are: 1. Deviation from chmod 2. This steals three runes that could have otherwise been used for drivers 3. ∉ is a bit more involved to type then '-' With that said, I do much prefer this interface. Another option may be to use rune prefixes, but also provide flag synonyms to the prefixes in chdev(1). There is also an unrelated quirk I stumbled across when reviewing changes. As is currently, devshr checks for if the noattach has been set before allowing a process to post a fd. I have changed this to check for access to devmnt/'#M', which is what replicates the 'can mount' knob that RFNOMNT tweaks. This seems fine to me, but should we also replicate this check over in to devsrv for consistency? Thanks, moody
next prev parent reply other threads:[~2022-05-25 19:05 UTC|newest] Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-05-04 14:09 Jacob Moody 2022-05-04 15:05 ` ori 2022-05-04 15:31 ` ori 2022-05-04 16:15 ` Stanley Lieber 2022-05-04 17:41 ` Lyndon Nerenberg (VE7TFX/VE6BBM) 2022-05-04 17:55 ` Jacob Moody 2022-05-05 1:59 ` Alex Musolino 2022-05-05 16:07 ` Jacob Moody 2022-05-08 2:55 ` Jacob Moody 2022-05-11 14:47 ` Jacob Moody 2022-05-11 16:11 ` Stanley Lieber 2022-05-12 4:29 ` Jacob Moody 2022-05-12 3:18 ` ori 2022-05-12 5:10 ` Jacob Moody 2022-05-12 14:21 ` ori 2022-05-23 5:42 ` Jacob Moody 2022-05-23 17:06 ` cinap_lenrek 2022-05-23 17:37 ` Jacob Moody 2022-05-25 19:03 ` Jacob Moody [this message] 2022-05-25 20:53 ` hiro 2022-05-25 21:20 ` Jacob Moody 2022-05-26 5:55 ` Jacob Moody 2022-05-26 23:36 ` unobe 2022-05-27 0:33 ` Jacob Moody 2022-05-27 3:25 ` unobe 2022-05-26 3:13 ` ori 2022-05-27 1:11 ` Lyndon Nerenberg (VE7TFX/VE6BBM) 2022-05-27 2:25 ` Frank D. Engel, Jr.
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --subject='Re: [9front] [PATCH] Unmount to remove sharp devices.' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).