20

What ways are there available, for exclusively opening a device file (say, the display frame buffer)?

[Info: I already know about flock() & friends, which have an effect only when the other applications are also using it (in other words: open() will succeed but flock() will fail if already locked) --> but still the device handle retrieved from open() can be used to write to the display..]

What about cases when I want to enforce such an exclusive access on a device files? How would such an enforcement be possible?

Robert Siemer
  • 32,405
  • 11
  • 84
  • 94
user2075654
  • 201
  • 2
  • 4
  • 1
    Google for `mandatory locking linux` which has many issues... – Basile Starynkevitch Apr 02 '13 at 11:35
  • 1
    here is link on mandatory and advisory locking in linux.... http://www.thegeekstuff.com/2012/04/linux-file-locking-types/ – Kinjal Patel Apr 02 '13 at 11:52
  • @KinjalPatel That will only work if you are using `flock()`, otherwise it doesn't prevent writing. The only way to restrict exclusive opens on devices automatically is to have the device driver perform `open` reference counts itself. – Anya Shenanigans Apr 02 '13 at 13:07
  • Does the (effective UID of the) first process to open the modem become the owner of the device for the duration? If so, can your first-to-open process then set the permissions on the modem device to 000 so no-one can open it from there on? There's a race condition, of course, between opening the device and changing its mode, but if the system automatically reverts the ownership back to the system when the process finishes, it might give more-or-less the right effect. A sufficiently privileged user, or another process by the same user, could dink with the permissions before opening it too. – Jonathan Leffler Feb 18 '19 at 22:22
  • @jww Is it at all an option to use cgroups, perhaps through systemd? There is a `device` controller in cgroups you should be able to use to block by default access to a device, but permit it for your specific process. `device` controllers can block `mknod`, `read` and `write` on the indicated devices. – Iwillnotexist Idonotexist Feb 19 '19 at 02:08
  • So in other words, a locking system that prevents other programs (that don't implement / care about it) to access a certain resource. – CristiFati Feb 19 '19 at 13:35
  • If it is a device file you can try approaching the question as a concurrency problem wanting to starve other processes to access the device. In order to do that you might have to write a device driver with a mutex associate to the file. the DD can have two functions called excl_open and excl_close. the first could lock the access to the file and return you the descriptor as if a normal open() call was made. excl_close.. well you imagine. – Tretorn Feb 21 '19 at 14:59
  • 1
    What about creating a login user for your application and set the device file permissions to allow to be read/written only by that user? – Fusho Feb 23 '19 at 19:43

4 Answers4

8

From fcntl(2):

To make use of mandatory locks, mandatory locking must be enabled both on the filesystem that contains the file to be locked, and on the file itself.

...also, you need to enable CONFIG_MANDATORY_FILE_LOCKING in the kernel.

Mandatory locking is enabled on a filesystem using the "-o mand" option to mount(8), or the MS_MANDLOCK flag for mount(2). Mandatory locking is enabled on a file by disabling group execute permission on the file and enabling the set-group-ID permis‐ sion bit (see chmod(1) and chmod(2)).

Mandatory locking is not specified by POSIX. Some other systems also support mandatory locking, although the details of how to enable it vary across systems.

So, as you request a posix-compliant solution, the answer is: no, there is not such a feature in the POSIX standard.

Edit: see comment below.

Fusho
  • 1,469
  • 1
  • 10
  • 22
  • 1
    From the man page: "Warning: the Linux implementation of mandatory locking is unreliable. See BUGS below. Because of these bugs, and the fact that the feature is believed to be little used, since Linux 4.5, mandatory locking has been made an optional feature, governed by a configuration option (CONFIG_MANDATORY_FILE_LOCKING). This feature is no longer supported at all in Linux 5.15 and above." – MAChitgarha Jul 24 '23 at 06:57
0

try lockf() : apply, test or remove a POSIX lock on an open file

sailfish009
  • 2,561
  • 1
  • 24
  • 31
-1

If you want to get exclusive access to a device, create a lock file in /var/lock. The process that can create the lock file with open("my_device.lock", O_CREAT|O_EXCL, 0777) gets access to the device, the other processes have to wait. After the process is done using the device, it closes the file.

Such a lock is only advisory and doesn't guarantee that no other process (that you are not aware of) accesses the device.

Frode Akselsen
  • 616
  • 2
  • 8
  • 23
  • 1
    What happens when multiple unrelated programs attempt to open the device? – jww Feb 17 '19 at 15:25
  • @jww other processes can of course still open the device and do nasty stuff. The trick is that they should try opening the lock file with O_EXCL first before doing something. Best is you write a library that provides e.g. a write() function which handles opening and closing the lock file. Each process would then use this library to interact with the device. – Frode Akselsen Feb 18 '19 at 03:35
-2

To open a device you should use open system call in linux and check the list of available devices for example /dev/ttyUSB0 or /dev/ttyS0 etc. and open it and you will get a descriptor to write and read on to the device is you open a device to communicate. To know the further details follow the link : http://www.firmcodes.com/lower-level-file-handling-in-linux/

Mohit Rohilla
  • 98
  • 3