changeset 176:fb2f6497ba53 default tip

doc/Linux-DTR-RTS-flaw: point to new location of this article
author Mychaela Falconia <falcon@freecalypso.org>
date Mon, 11 Dec 2023 19:37:20 +0000
parents b8473892b0ce
children
files doc/Linux-DTR-RTS-flaw
diffstat 1 files changed, 2 insertions(+), 171 deletions(-) [+]
line wrap: on
line diff
--- a/doc/Linux-DTR-RTS-flaw	Mon Dec 11 19:30:21 2023 +0000
+++ b/doc/Linux-DTR-RTS-flaw	Mon Dec 11 19:37:20 2023 +0000
@@ -1,172 +1,3 @@
-There is a fundamental flaw in the Linux kernel serial port handling subsystem
-that affects anyone who builds special hardware in which DTR and/or RTS modem
-control lines are repurposed for some non-traditional functions.  The flaw is
-that whenever a serial port is opened under Linux, the kernel immediately and
-unstoppably asserts DTR and RTS (their initial power-up state prior to software
-action is negated on every sane serial port hardware implementation), *without*
-giving userspace applications any ability to say "no, please don't do it".
-
-As long as DTR and RTS modem control outputs from the DTE are used for their
-original RS-232 functions, automatically raising both signals on serial port
-open is harmless - and because these signals often need to be asserted in order
-for serial communication to take place, having them raised automatically on
-open (without requiring an explicit TIOCMBIS ioctl) is a convenience which many
-applications rely on - if this standard kernel behaviour were to be changed
-for the general case (outside of special quirk configurations), a lot of
-applications will break.  Linux implements this standard behaviour as mandated
-by POSIX and other similar standards, and those standards are in turn based on
-the original 1970s UNIX where this architectural design originates.
-
-However, this standard Linux behaviour (and going all the way back to 1970s in
-the greater UNIX family) is a total killer for custom hardware designs in which
-DTR and/or RTS outputs from the UART are repurposed for some totally different
-functions.  Suppose that the hardware is wired in such a way that asserting the
-control output causes an explosive charge to be set off, or causes a radio
-transmitter to turn on (perhaps operating on some tightly regulated frequency
-supporting mission-critical services, where spurious out-of-protocol
-transmissions are not permissible), or applies a hard reset to some other
-component that may be part of a live production system that must not be casually
-reset - in all listed examples having such hardware wiring would be perfectly
-safe in an OS-less environment where the custom application controls the custom
-hardware as desired, without any OS inserting its own mind: the hardware design
-of most serial ports (both traditional and USB-serial) guarantees that the
-initial power-up state of both DTR and RTS outputs prior to software action will
-always be negated, and the custom application thus gets to decide if and when
-each of the two signals (independent of each other) should be asserted.
-
-Everything works great if the application runs on the bare metal and directly
-controls the hardware (or runs under something like DOS, which is the same as
-running on bare metal for the present purpose of operating serial ports), but
-add Linux into the equation, and things quickly begin to break.  The problem is
-that the moment you open a serial port under Linux (and sadly, the same thing
-happens under most other current OSes too), the kernel automatically asserts
-both DTR and RTS immediately on the open operation itself, without giving
-userspace applications any way to say "no, please don't do it".  Some people
-have been proposing new termios flags that would suppress this auto-assertion
-on subsequent opens, but you have to open the port first in order to do termios
-or other ioctls on it, and if the auto-assertion of DTR and RTS on that initial
-open causes irreparable damage, then you are screwed no matter what you do.
-
-The only currently possible solution to this madness is to patch the kernel to
-suppress this automatic assertion of DTR & RTS upon serial port open.  But one
-cannot simply change the standard behaviour for all serial ports, as lots of
-standard applications for classic serial communication (where DTR and RTS do
-need to be asserted) will break in that case.  Instead the suppression of
-automatic assertion of DTR & RTS on open needs to be conditionalized in some
-way, so that the modified against-standards serial port open behaviour is
-applied ONLY when special modem-control-repurposed hardware is being operated
-on, and not for ordinary applications operating on ordinary serial ports.
-
-Given the current state of Linux and what is possible in the current reality,
-if a patch is to be applied to the kernel, creating the ability to exempt
-certain serial port open operations from the standard POSIX requirement of
-automatically asserting DTR & RTS, there are only 3 practically feasible ways
-to communicate to the kernel that a given serial port (or a given individual
-open operation on a serial port) should be exempt from automatic assertion of
-DTR & RTS:
-
-1) Create a new open flag like O_NODTR, or reuse/abuse some existing open flag
-   like O_DIRECT which currently has no effect on serial ports.
-
-2) Create a sysfs attribute that is attached to every serial port, controlling
-   whether or not DTR & RTS should be automatically asserted on open, with the
-   default being standards-mandated traditional UNIX behaviour of
-   auto-assertion.
-
-3) In special cases where the custom DTR/RTS-repurposed hardware is inseparably
-   integrated (on the same custom PCB) with a USB-serial chip, such that the
-   EEPROM controlling the USB VID:PID of the USB-serial device identifies not
-   just the USB-serial converter part, but the entire product board as a whole,
-   including the circuits that repurpose DTR and RTS for non-serial purposes,
-   then the most sensible approach is to mark the USB-serial device as special
-   and disable auto-assertion of DTR & RTS on this special device when the
-   custom USB VID:PID is detected.
+This article has moved; the new location is:
 
-As it happens, our own FreeCalypso hardware gadget with repurposed DTR & RTS
-that requires suppression of auto-assertion of these signals (the optional boot
-control feature of our DUART28 adapter) falls into the last special category
-above (custom USB-serial device unambiguously distinguished by a custom USB ID),
-hence this special case is the one that I (Mother Mychaela) have been focusing
-on the most - as humans, we all have a natural right to put our own self-
-interest first.
-
-I (Mother Mychaela) have no way of knowing whether or not there is even one
-person alive on Earth today who has an active use case where a need exists to
-suppress automatic assertion of DTR & RTS for some serial device, but that
-device does not have the same quality of being inseparably integrated with a
-custom USB ID as our DUART28C, i.e., an active use case where a need exists to
-signal to the kernel "please don't auto-assert DTR & RTS on this serial port"
-and moreover do this special signaling for "any" serial port, rather than one
-identified by a custom USB VID:PID.  For all I know, I may very well be the
-only person alive on Earth today who has an active need for auto-DTR/RTS
-suppression - but I need it ONLY for a device that has a unique distinctive USB
-VID:PID, not for "any" serial port.
-
-I currently run Slackware Linux 14.2 as my personal OS, running Linux kernel
-version 4.4.14 around which this version of Slackware was built - when I tried
-running newer 4.4.x kernels, I was getting crashes which I could not debug.  I
-currently run this elderly Linux kernel version with my own custom patch applied
-to the ftdi_sio driver, a patch that adds support for FreeCalypso DUART28C
-(custom USB ID) and applies the appropriate special quirk just for this USB ID,
-not affecting any other devices - a quirk that suppresses automatic DTR & RTS
-assertion on FT2232D Channel B, the UART channel on which these signals are
-repurposed on DUART28 hardware.  Several different versions of this patch (made
-to apply cleanly to several different kernel versions) can be found in the
-linux-patch directory in the present source repository.
-
-In 2020-09 I made a good-faith, due-diligence attempt to get the hardware
-support patch for DUART28C (a patch to ftdi_sio driver that recognizes the new
-USB ID and applies the necessary quirk, entirely contained inside this driver)
-mainlined - I submitted the patch to ftdi_sio maintainer Johan Hovold.  I was
-quickly met with hostility, with Johan telling me to redesign my hardware (he
-was basically telling me to throw away 20 perfectly good boards) in some
-different way that would be more in line with the 1970s UNIX worldview for DTR
-and RTS, which is what Linux currently implements.
-
-Some time later I was able to kinda-somewhat-partially convince Johan that the
-current handling of DTR and RTS is a serious problem for some users, and he was
-a little more agreeable to my patch - but instead of merging it as-is, he
-proposed an expanded patch (getting into the tty subsystem, outside of just
-USB-serial) that solves a more general problem.  Johan's proposed patch
-introduced an internal flag telling the tty layer to suppress DTR & RTS
-assertion on open, and a sysfs attribute (added to all classic serial and USB-
-serial ports) that exposes this flag.  A patch to ftdi_sio that recognizes my
-custom USB ID and sets this flag in the quirk function was still included in
-that proposed patch series, so I was happy with the proposal.
-
-However, Johan's sysfs proposal was quickly shot down by other kernel
-maintainers who didn't like the sysfs approach, and Johan himself was not too
-interested in defending his sysfs proposal either - instead he favors a termios
-flag that would only affect second and subsequent repeated opens of a device,
-after the initial open to set that flag.  Of course this termios flag idea does
-not help at all, given that the very first open of the serial port would still
-unstoppably assert DTR & RTS, causing irreparable damage - if these control
-signals are wired to set off explosives, for example, the user's house would be
-up in flames the moment he issues that magic stty command to set the new termios
-flag, and Johan's assurances that second and subsequent opens of the same
-serial port would not auto-assert DTR & RTS would be of little help to the poor
-guy who just lost his house.
-
-By the end of 2021-01 I realized that my battle against Johan and Greg K-H is
-hopeless, so I give up.  The only workable solution at this point is for all
-affected people to stop running unpatched mainline kernels and to apply our own
-local patches instead, preferably with our own coordination amongst ourselves
-so we have some degree of standardization among our kind.  The whole discussion
-is archived here:
-
-https://lore.kernel.org/linux-serial/X8iuCXYhOBVMGvXv@localhost/T/
-
-I shall indefinitely, for as long as I am alive, maintain my ftdi_sio driver
-patch that adds support for FreeCalypso DUART28C hardware.  And because I do
-not know whether or not there exists even one person on Earth who would benefit
-from an ability to suppress DTR & RTS assertion under Linux on "any" serial
-port, outside of tightly integrated USB-based devices with custom USB IDs, I
-also make the following conditional offer: *if* at least one person comes
-forward to me and demonstrates that he or she has an active use case of the
-kind I am talking about, *then* I will also dig up Johan's patch (the one
-rejected by other maintainers) adding a sysfs attribute, providing a working
-solution for "any" serial port, start actively supporting that sysfs patch, and
-maybe even make another attempt at convincing kernel maintainers to mainline it.
-But I will go down that path *only* if there is at least one person alive on
-Earth (just one person would be enough) who would actively benefit from this
-feature - otherwise there is no point.
+https://www.freecalypso.org/hg/freecalypso-docs/file/tip/Linux-DTR-RTS-flaw