Slashdot Mirror
Linux Kernel To Have Stable Userspace Drive
liquidat writes "Linus Torvalds has included patches into the mainline tree which implement a stable userspace driver API into the Linux kernel. The stable driver API was already announced a year ago by Greg Kroah-Hartman. The last patch to Linus' tree included the new API elements. The idea is to make life easier for driver developers: 'This interface allows the ability to write the majority of a driver in userspace with only a very small shell of a driver in the kernel itself. It uses a char device and sysfs to interact with a userspace process to process interrupts and control memory accesses.'"
A stable kernel api for drivers is what linux needs as proprietary driver writers make poor quality and buggy implementations. While this is not a kernel one its a good compromise as proprietary drivers are here to stay as much as it would be great if we had free gnu ones inside the kernel.
I wonder if it would be easy to port it to windows and macosx? IT would be cool for hardware makers to have a driver that works with all operating systems with minimal effort in porting. Costs are one of the issues besides the difficulty in porting windows drivers to linux which many makers do not bother doing.
http://saveie6.com/
Perhaps in ten years time Linux will be a microkernel
http://michaelsmith.id.au
Wouldn't implementing this in userspace drastically lack in performance compared to kernelspace drivers?
would be a world where you didn't ever have to RECOM-FUCKING-PILE the kernel to install major drivers.
No, it's not that bad any more, especially in User-oriented distros like Ubuntu. There are quite a few user-space drivers out there, especially for non-hardware related tasks like filesystems (as opposed to disk IO). There are still times when, to get something to work properly, you simply have to recompile the kernel. This is especially true for 'nonstandard' hardware that likes direct IO, like disk-arrays.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
So I immediately thought of a spaceship running Linux... I mean, could it really be otherwise?
A stable API is great because it means that code written against it will continue to work for future versions of the kernel.
Out of curiousity, what is the guarantee (or intention)? Is it expected that API won't change again for 2.6, or is it more "we're going to try really hard not to change it unless we have to" kind of thing?
The lack of a stable userspace driver api was that last thing stopping soccer moms and grandmothers from running Linux on the desktop.
My sarcasm is so extreme, I think what I said above may have actually been true.
Maybe this path will ultimately bring proprietary drivers to Linux in force, but I think Linus has made the right decision. We should start looking for other ways to convince companies to write open, GPL drivers.
In Soviet America the banks rob you!
Design an API that will be transparent to the execution context. Drivers that are proven to be stable over time can be moved from user space to kernel space at the flick of a root command (no re-compilation of driver code or adaptation required).
QNX has had user space drivers along somewhat similar lines for many years. In QNX, all the drivers are in user space, which makes for a much smaller kernel. Here's a simplified article on QNX driver writing.
The Linux approach has the problem that Linux doesn't have the message passing primitives that QNX does. So there's a special purpose mechanism to hook up these new user-space drivers to the I/O system calls. In QNX, "open", "close", "read", and "write" are actually C library functions that call MsgSend to do the work. (System V IPC isn't really suitable; it's asynchronous, which means a few extra scheduler events for every message pass when you try to use it for something that works like a subroutine call. Long story.)
Unfortunately, on x86 hardware, you can't protect the system from a user level driver and still give the driver direct hardware access. IBM VM mainframes get this right, but x86 does not. On the other hand, you can have channel drivers for the various types of x86 channels (SCSI, FireWire, USB, etc.) and make other drivers work through them.
User-level drivers cost you at least one extra memory copy of the data. That's not too bad in practice. I did a FireWire video camera driver for QNX, and when transmitting 640x480 24 bit images at 15fps, it took about 3% of a Pentium 4 CPU.
If this brings us closer to using (possibly unreliable) windows drivers, a major reason for using windows will be gone.
I wonder if this compromise is worth it. I'd much rather have stable kernel drivers than unstable userspace drivers.
If a driver is buggy and in userspace, its possible that the system could recover from the error, however you could still end up in some unstable state that would potentially end up requiring a reboot (depending on the driver in question).
Also, there is a higher cost of running a driver in userspace (ring 3) than kernel space (ring 0). As mentioned by the article, high traffic drivers (requiring DMA) are not supported.
The reasoning for this seems to be due to unstable proprietary kernel drivers. IMO, the solution to solving this problem is driver signing and certification. Don't use a driver unless its been signed and certified.
Just because some code controls a piece of hardware doesn't mean that a runaway pointer in it should cause a panic or even corrupt files by messing up filesystem buffers. This will also enable device drivers to make use of all available userspace libraries, with sophisticated algorithms that would never be used if all code had to be written from scratch and non-pagable.
FWIW, not trying to troll, but thought I would point out that this feature is one of Vista's improvements over XP, and simultaneously the primary reason why Vista's compatibility isn't that great right now, and thus the primary reason why many people don't switch to Vista yet. Most of the hardware vendors have to make big changes to their drivers in order to accommodate this, especially nvidia who has to make about 4 different user space drivers (one for d3d, one for opengl, and an SLI version of both of those.) This is a good thing to have for both security and stability reasons, and I was waiting for when somebody would add this to the Linux kernel.
Linux has the advantage in that with Linux you can use both the old "kernel only" drivers, and the user space drivers at the same time. Vista could have done this as well, however Microsoft felt that if they allowed this to happen, then most hardware vendors would be lazy and continue to use their old kernel mode drivers, thus defeating the purpose. And to be honest, I agree with them. Linux doesn't need this on the other hand, as eventually somebody who is interested will make these kinds of changes to all of the open source drivers anyways as needed, which can't really happen because most windows drivers are binary only, so Linux can more or less take the "phased change" approach.
Disclaimer: I use both Vista and Linux (gentoo is my preferred distribution,) and am not afraid to say that I don't hate either of them, and rather like both of them.
Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
I think someone needs a nap. =)
It's not offtopic, dumbass. It's orthogonal.
From TFA there is no DMA access to kernelspace. So other than keyboards and mice I don't see how this can be practical for anything, other than embedded applications as the article alludes to.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
2.6.20 ? dude !!!
:p
:D :D The lists are full of different proposals and attempts over different times, but it's really nice to see that this thing finally got rolling, this may open a lot of closed-source drivers for usage for linux people (a lot of those fancy windows toys).
;)
I know i'm hopelessy outdated and my machine shows:
martin@hope ~ $ uname -a
Linux hope 2.6.21-gentoo-r4 #1 Sat Jul 21 22:18:42 EEST 2007 i686 AMD Turion(tm) 64 Mobile Technology MT-30 AuthenticAMD GNU/Linux
Remove that gentoo notice quickly from your slashdot sig. A man using kernel 0.0.02 versions old is a stable version pimp not a gentoo roller...
As for the article
Userspace drivers are not really a new groundbreaking idea now are they
Thumbs up Linus
I'd tell you the chances of this story being a dupe, but you wouldn't like it.
well i remember Linus comparing microkernels to 'masturbating' sometime back. It seems as h/w continues to grow in power and several other factors contributing, pushing more stuff to userspace will now look a better idea after all.
Which led me to the conclusion that this patch set is worthless. It allows remapping of memory-mapped I/Os to a userspace app, and allows a thread to "wait" on an interrupt. Both are nice ideas, and it would be very easy to implement a nice serial port driver with the new APIs. (As any kernel hacker knows, serial port is one of the simplest device drivers; it's easy.)
The new API is completely useless for binary-only drivers. I/Os / IRQs are enough for extremely simple devices - these are, after all, the primitives for talking to hardware. But if this were all a driver needed, don't you think Nvidia / ATI would have used this model for shim drivers a long time ago? Simple things like DMA and PCI configuration access are not present - but to be fair, those are implementable with these primitives. Reality check: real world drivers are a lot more complicated. What is impossible is fast thread switching, kernel synchronization primitives, access to the network stack (wireless!), ring-0 CPU instructions, real-time timing access, and the huge reduction in context switches / cache flushes that comes from running within the kernel (moving code to user-mode increases latency by a factor of 3, roughly). Kiss the lag-free desktop goodbye as hard drive latency skyrockets, watch your 3D framerate drop by 70%, see your webcam stutter into unusability.
The kinds of drivers this API can support are the simplistic ones, the kind that are already GPLed and are already in the kernel, the 80% of devices in this world Linux has always had good support for. The kinds of drivers this API cannot support are 3D graphics, high-performance disk or networking, wireless networking, latency-sensitive USB or Firewire, the virtual devices (VMware, KVM, Xen, even /dev/tty) - notice that most of the devices Linux supports poorly (and all the common binary-only drivers) fall into this list.
To be fair, the official (e.g. from Linus) announcements I've seen only claim this interface is useful for embedded devices (which tend to code for a specific kernel, and not get updated). No official announcement claims the new API will help binary-only drivers. It's just the OSS-zealot crowd making unwarranted assumptions. Yes, this is the bad news: the stable userspace driver API will do nothing to solve binary-only driver dilemmas. Sorry.
A witty [sig] proves nothing. --Voltaire
Since this is GPL then neither MS or Apple would dare touch it. If it was BSD then it might be possible that Apple might adopt it but they are not going to put something into their kernel that they don't own. The same goes for MS with the added difficulty of their operating system not being POSIX compliant.
This is why I am prefer BSD license over GPL. Though, I am sure the majority of the readers on here would disagree with me. Anytime I look at open software I always check if there is a BSD licensed equivalent as compared to GPL. Just in case I want to develop it into a commercial application and all. That way I don't have to distribute a license that passes rights onto the users. I can simply take the BSD license version make my modifications and slap a (C) on it. I know the GPL advocates would argue that is what makes GPL good, keeping people like me from doing just that but Apple and MS are people like me. That is why Darwin was derived from BSD not because they were so hot on the Mach kernel but because of it's license. If MS ever goes to a POSIX based UNIX type OS with a Windows GUI, just like Apple did, they would do the same thing but they wouldn't be nice enough to maintain an open source version like Apple has done with Darwin.
My 2 cents and change!
Nick Powers
Encryption: I may not agree with what you say, but I will defend your right to encrypt it...
> Linux should absolutely never become a microkernel
Religion notwithstanding, it will become microkernel-like, because a monolithic kernel just doesn't scale. It's as simple as that.
Monolithic kernels don't scale as the number of CPUs rises, nor as the number of drivers and other logical components goes up.
Because of the need to scale, in time Linux will partition itself into independent subsystems, and slowly but surely will become a microkernel-type design, because the alternative to that would be to suffer astronomic bug rates from combinatorial complexity explosion and very poor performance from CPU contention compared to a decoupled, decentralized design.
That microkernel future is 100% inevitable, because fighting growth is like trying to sweep back the tide. In due course, the debate will just fade away, and engineering will take over. And engineers always decouple.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I think someone needs to install git! 2.6.20? psssh.
This seems to be an on-going trend in the kernel: FUSE, libusb, libraw1394 and ALSA all (to a certain extent) export what were traditionally kernel-bound services/drivers to user-space, while leaving the minimum necessary kernel-side mechanism, such as VFS redirection, and low-level I/O and interrupt handling. However they all do this in different ways according to the needs of the hardware. So while a generic API may be a good for unusual pieces of hardware, might it not be a good idea to develop application-specific subsystems that hook the kernel's existing ABIs (as used by current kernel-space drivers)? For example, we could have something specific for networking devices that does all the necessary set-up on the kernel side (establishing device name, wireless extensions, etc.) and communicates with a user-space driver (a bit like ALSA), which could be anything from a specific Free-Software driver to a proprietary modem driver or a wrapper for something like NDIS. Similarly with network protocols, although this might look more like FUSE.
this has always been is an incredibly brain-damaged concept on several bases.
drivers are hard to write for a reason. they require a detailed understanding of the physical actions of the device being driven (does it interrupt, and if so, under what circumstances, and how is the interrupt from the device mapped to the CPU(s), for example, or, if it does DMA/memory mastering, what are its limitations such as alignment) and what amounts to an embedded operating environment, with necessarily very different abilities and restrictions. while there are features in the kernel to map common features with different implementations, such as managed memory, to regularize the implementations, those features have little in common with the needs of user-space applications. devices are asynchronous from the CPU in ways that user-space applications can never be. the few people who write drivers well have a different view of the system than application programmers, regardless of their competence, and even many of the best of the latter are utterly incapable of the former (and vice-versa, sometimes).
the loss of security means that Linux is headed the way of M$-Windows, which can never be secured, short of unplugging the power lead. the blurring of boundaries in the cause of "ease of use" is completely contradictory to good security practice. remember the DX9 "bug" that allowed execution of properly crafted DirectMusic streams. welcome that to the Linux world when this idiocy spreads.
thirdly, this will mean even less ability to get information from device manufacturers that would enable us to create secure and fast drivers. Linux will become a bog-slow piece of junk burdened with crapware written by programmers who have every disincentive to craft good drivers (ones that don't do things like busy-wait for ridiculously long periods). after all, once Linux is bogged down worse than M$-Windows, all the companies have to say is "it's Linux' fault; our Windows drivers work just fine, so use that".
the comment about application programmers not making the transition to driver programming is based on extensive personal observation (decades across multiple companies). very few schools teach anything like the theory, much less require the practice, of understanding how hardware works, so they simply don't know how. most hardware companies don't charge for the device drivers, so they see that as purely a cost burden, and therefore don't have any incentive to have good in-house training. when I've watched application-trained programmers try to write drivers, they don't actually think in terms of the physical time and sequence in which device events occur, and then spend ridiculous amounts of effort trying to "tune" that improperly designed code, which of course breaks with every little change in the platform.
BTW, not all driver writers make good decisions all of the time, either. some idiot decided to piss away CPU cycles shifting the SCSI STATUS byte returned for every transaction, for example.
It would be great if dists would support an ABI and produce some dist neutral packaging system that allowed drivers to be installed / uninstalled easily by mere mortals no matter what dist they had.
Linux esperto 2.6.22-8-generic #1 SMP Thu Jul 12 15:59:45 GMT 2007 i686 GNU/Linux Ubuntu user, One who only compile when he need it.
a systems with really really slow context switches -- compared to a kernel running typesafe code
Type safety does not ensure general operational safety. There are 1001 other sources of trouble in an OS kernel, and a good kernel keeps them all at bay.
The MMU delivers hard protection guarantees that no language can provide, so your focus on type safety just shows lack of understanding of the role of operating systems and context switching.
Are doomed.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I'm pretty sure I've HURD of this userland driver idea before.
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
A microkernel. What, like this? :-)
Stick Men
I agree with the closed driver thing, i strongly believe that many companies are never going to GPL their drivers, or even open source them at all, and user space drivers solves the majority of that problem.
Sometimes there may be a performance hit but it will be worth the stability and the (hopefully) easier installation and removal of drivers.
Have trailing 'r's become redundant now?
Kudos to all Linux kernel developers, documenters and testers for their truly prodigious efforts!
As a token of our appreciation, let's all recite the following mantra together:
"Every day...in every way...Linux keeps getting...better and better."
Am I missing something here?
Let's take a wireless cards for example. There are many companies that know how to make wireless cards, so how does locking down the driver prevent cloning of a particular card?
It's because without knowledge of how the driver communicates with the card, the best a knock-off competitor could do is to make a functionally similar card with a driver of its own. They can NOT make a card that will work with the same drivers as the original one. (i.e. is "pin compatible").
This gives the manufacturer with existing market share a big advantage, because if a competitor comes along later and says "look, ours does the same thing!" then the OEM or embedded systems engineer (people who buy thousands of these things) will say "yes the specs are similar but it doesn't work with our supported drivers. It's not worth it to us to qualify a new driver even if we can save a few cents per unit."
However, there is a secondary concern that knowledge of the driver interface actually helps a lot for someone to learn how to implement a competing technology even if it doesn't use the same driver. It's not like the data sheets just say "the magic numbers are 0x5724 and 0x3217 etc." You actually need to reveal quite a lot about how the device works in order for someone to be able to write a driver for it.
The demand for linux drivers needs to reach the point at which a given manufacturer perceives that whatever IP they might expose by releasing Linux drivers is less of an impact than losing out on those sales. We are almost certainly at that point already, but most manufacturers don't realize it.
Wow, the kernel's been mainlining drivers without my knowledge? This is serious...
Userspace drivers are not really a new groundbreaking idea now are they
I can make a case for deja-vu 1968: SDS Sigma 7 BPM.
I'm a Programmer. That's one level above Software Engineer and one level below Engineer.
Surely this has security implications - know that you can always become root but with this someone could craft a driver that does evil things and spread it around.
M-
The kernel won't help you do DMA nicely, but it can't stop you. Anything with control over a PCI device can set off a DMA operation, which the PCI device will then perform. PCI DMA is done from the device, not the motherboard.
This is a massive security hole. One of these drivers can use DMA to read your kernel memory. It can then send this over the network. It can look for data structures in the kernel, then DMA some code and function pointers into the kernel. It's trivial to take control of the system.
2.6.22-8? Ubuntu is cutting edge considering the latest is 2.6.22-1
http://www.kernel.org/pub/linux/kernel/v2.6/
So what about wireless drivers? What about winmodems? What about gigabit ethernet cards? What about RAID? What about scanners? What about printers? What about digital cameras and music players? What about sound cards? What about syncing with your PDA? What about every single piece of hardware out there besides video cards?
Yes, and no. Ubuntu gutsy is in alfa.;)
No? Too bad. Let me know when Linux is ready to be relevant again.
"Yes, and no. Ubuntu gutsy is in alfa.;)"
it's alfalfa not alfa.
It looks like Linus has finally realized that Tannenbaum was right.
Ubuntu = 2.6.22.0 Ubuntu rev 8
Kernel.org = 2.6.22.1
Different, but thanks for playing the Smartass Game! You lose, play again soon!
The preceding comment is my own, and in no way construes an opinon of the Emperor of Mankind.
Keep in mind how much of a modern graphics card's abilities are now located in software.
... which has completely free drivers.
Yep, especially built-in graphics chips like the Intel GMA950 line
More than once, a driver update has come out that has *massively* boosted graphics card speed.
Sure, because they used a generic software renderer, and then added driver code to do it on the GPU. When you add SIMD support to your compiler, other things get faster, too. This really doesn't have anything to do with whether it can be open-source or not.
To make it even worse, I'm told that many wifi cards are only legal because they're not open-source. Sound bizarre? When they're sold, they're sold with certain restrictions on frequency and power. These restrictions are located entirely within the drivers.
This is, of course, complete bullshit. There are plenty of illegal things you can do with the source code. I could add a kernel function to DDOS the Pentagon to my NIC driver. That doesn't mean my gigabit ethernet driver can't be open-source. It just means if you modify it to do something illegal, well, then it's illegal.
We're well past the point where hardware interfaces can be described in half a dozen pages. We're well past the point where "hardware devices" even exist entirely in hardware.
We've already got people working on a fully open-source graphics card. If knowing how to build a complete graphics card, plus knowing how to write accelerated 3d drivers for existing graphics cards, plus knowing how to write software fallbacks for this, isn't enough, then what's left?
The excuse "they're violating all kinds of patents in their drivers" is actually plausible. The reasons you listed aren't.
Always happy to play.
...I see a first post modded "Redundant". Is there some kind of tradition around here that I'm not aware of?
Linux Kernel Still Has Unstable Users
Schematics are nice, but there is a small problem though - I doubt that your house is big enough for the schematics of the north bridge, never mind the processor...
Excuse me, but please get off my Pennisetum Clandestinum, eh!
But what happens if you do this right? Sure, most single drives can't handle that kind of throughput right now, but scalability and future-proofing are important. There's no point in having a mechanism which is OK for today but useless three weeks from now.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Since the Windows GDI (Graphical Device Interface) has been doing the EXACT same thing which Lunix is making a "new and magical feature" of Lunix, Windows doesn't need it. They've been doing the same thing since at LEAST Windows 95.
Once again, Slashdot fails to understand the multitude of ways in which Lunis is constantly chasing Windows 95's tail lights. Lunis isn't doing anything new or revolutionary, and never has been. And that, dear FOSSies, is why Lunix remains a third-tier OS, and will never be anything more.
Wow, Linus's great idea sounds exactly like the Windows GDI ( Graphics Device Interface).
Is there ANY aspect of Windows FOSSies aren't willing to steal and call "new"? It seems not.
No you don't get how things work around here, when Microsoft does something it is bad. When Linus does something similar it is good.
Well he already caught up to and surpassed a 37 year old operating system. Actually, user mode drivers seem to be new to VISTA, although I think there is something similar in earlier NT kernels.
Its called cross pollination btw. I'd like Linus to go stealing all the good ideas from the non unix OSes.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
In practice, where are you going to get a fully capable IOMMU?
The one on AMD64 chips, intended to be just an AGP-GART, does not protect the full address space.
Intel has documented the functionality of an IOMMU for the Linux kernel developers, but makes no mention of actual or even proposed chipsets with the feature.
To protect devices from being used to attack other devices, they can't share busses as is normal for standard PCI. You need one IOMMU per bus.
In other news, MINUX developers have recently announced that MINUX has been rewritten to now focus on having all the device drivers in Kernel Land. Andy Tanenbaum made the decision to make MINUX become LINUX when he was bitten by a raccoon in his garbage can that he was sleeping in outside.
I use the UIO framework for half an year now - starting with patches, and lately from the main release. I had not used Linux a year ago, let alone program for it. In the moment I have completed two drivers, and await green light for the third. Yes, they are embedded drivers, and yes, they are simple. But they work and get the job done, allowing my company to migrate to Linux and sell cheap and working custom devices. I for one welcome our Usersapce masters...
Is this similar to the way video drivers in vista have been moved into user space? At least according to microsoft- this will actually speed up the drivers if implemented right, as opposed to slowing it down. Something about the cpu switching from protected mode to user mode or something. I do not know the details. If someone does- please contribute.
Always happy to play