EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
<== Date ==> <== Thread ==>

Subject: Re: setcap and nosuid
From: "Siddons, David via Tech-talk" <tech-talk at aps.anl.gov>
To: Michael Davidsaver <mdavidsaver at gmail.com>
Cc: EPICS Tech-Talk <tech-talk at aps.anl.gov>
Date: Tue, 2 Feb 2021 19:42:50 +0000
At least I still have the root fallback 😉 But I'll try the gpio driver approach.
Do you have any feeling about the relative speed of mmap and ioctl?
Pete.



From: Michael Davidsaver <mdavidsaver at gmail.com>
Sent: Tuesday, February 2, 2021 2:39 PM
To: Siddons, David <siddons at bnl.gov>
Cc: EPICS Tech-Talk <tech-talk at aps.anl.gov>
Subject: Re: setcap and nosuid
 
On 2/2/21 10:49 AM, Siddons, David wrote:
> Well, everything works fine when running as root.

Ah, this is an important data point.  This brings us around to Linux capabilities.
It might be sufficient if you were able to set a file capability of CAP_SYS_RAWIO.

> I am just being encouraged to stop doing that 🙂

Sage advice.  And I should probably stop encouraging you to keep trying with /dev/mem then :)


> Pete.
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> *From:* Michael Davidsaver <mdavidsaver at gmail.com>
> *Sent:* Tuesday, February 2, 2021 1:48 PM
> *To:* Siddons, David <siddons at bnl.gov>
> *Cc:* EPICS Tech-Talk <tech-talk at aps.anl.gov>
> *Subject:* Re: setcap and nosuid
>  
> On 2/2/21 10:09 AM, Siddons, David wrote:
>> Hi Michael,
>>    Setting 0666 doesn't help.
>
> Maybe your kernel doesn't have /dev/mem enabled either?
>
>> $ grep DEVMEM /boot/config-5.9.0-0.bpo.5-amd64
>> CONFIG_DEVMEM=y
>> CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
>> CONFIG_STRICT_DEVMEM=y
>> CONFIG_IO_STRICT_DEVMEM=y
>
>
>
>> THanks for the link. I missed that before. It looks like the right way to go. I'll dig into it.
>>
>> Pete.
>>
>>
>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>> *From:* Michael Davidsaver <mdavidsaver at gmail.com>
>> *Sent:* Tuesday, February 2, 2021 12:13 PM
>> *To:* Siddons, David <siddons at bnl.gov>
>> *Cc:* EPICS Tech-Talk <tech-talk at aps.anl.gov>
>> *Subject:* Re: setcap and nosuid
>>  
>> On 2/2/21 8:57 AM, Siddons, David wrote:
>>> Hi David,
>>> Yes, I saw that. Changing it doesn't seem to help:
>>>
>>> sudo chmod g+w /dev/mem                                                  
>>> ls -l /dev/mem                                                      
>>> crw-rw---- 1 root kmem 1, 1 Feb  1 21:05 /dev/mem
>>>
>>> ./regrw R 1   ( a program which maps the FPGA registers to userspace)
>>> Reading Register 1                                                             
>>> Can't open /dev/mem
>>
>> Have you tried chmod 0666 to make sure this is really a permission problem?
>> The "Can't open" could also print 'errno'.
>>
>> Also, I feel obligated to repeat myself in recommending against using
>> /dev/mem in any kind of long term solution.  There are safer ways
>> to grant access to specific MMIO ranges.
>>
>> https://epics.anl.gov/tech-talk/2020/msg02201.php <https://epics.anl.gov/tech-talk/2020/msg02201.php> <https://epics.anl.gov/tech-talk/2020/msg02201.php <https://epics.anl.gov/tech-talk/2020/msg02201.php>>
>


Replies:
Re: setcap and nosuid Michael Davidsaver via Tech-talk
References:
setcap and nosuid Michael Davidsaver via Tech-talk
Re: setcap and nosuid Siddons, David via Tech-talk
Re: setcap and nosuid Michael Davidsaver via Tech-talk
Re: setcap and nosuid Siddons, David via Tech-talk
Re: setcap and nosuid Michael Davidsaver via Tech-talk
Re: setcap and nosuid Siddons, David via Tech-talk
Re: setcap and nosuid Michael Davidsaver via Tech-talk
Re: setcap and nosuid Siddons, David via Tech-talk
Re: setcap and nosuid Michael Davidsaver via Tech-talk

Navigate by Date:
Prev: Re: setcap and nosuid Michael Davidsaver via Tech-talk
Next: Re: setcap and nosuid Michael Davidsaver via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
Navigate by Thread:
Prev: Re: setcap and nosuid Michael Davidsaver via Tech-talk
Next: Re: setcap and nosuid Michael Davidsaver via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
ANJ, 02 Feb 2021 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·