Re: SANE standard,

becka@rz.uni-duesseldorf.de
Mon, 7 Dec 1998 16:51:14 +0100 (MET)

Hi !

> SANE hides out scsi interface. You should use sanei_scsi routines and
> not direct scsi calls. Unfortunately this isn't true for other kind of
> interfaces.

Yes. However I would suggest to try the same for other interfaces.
Parallel and serial ports are available on more than one platform, so this
might be reasonable.

> Especially for the scanners that have a proprietary ISA card
> one should use direct hardware port access giving up both compatibility
> (PC only) and security (SANE should be setuid root).

I have a few comments to that:

1. There are only few ISA cards that are content with just IO access. Most
of those also require DMA and/or IRQ (otherwise they would be CPU hogs),
what makes it impossible to do a usermode driver, at least under Linux.
For the handscanners one can use LHII as an intermediate layer. The bridge
to SANE should be pretty trivial. For more advanced scanners, maybe someone
could make LHII.V2, maybe making it a little more like SANE.
I will gladly give advice on that topic, as well as an LHII->SANE bridge,
if someone finally takes the challenge.

2. For those that can do IO-port-only access, abstraction is as simple as
sanei_io_[in/out][b/w/l](IO_address[,data_out]);. Due to the suid-stuff
below, it might as well be a good idea to add sanei_io_[claim/release]()
which would eventually call ioperm/iopl as required in Linux.

3. Installing SANE suid root is no good idea. I would thus prefer to go via
/dev/port on Linux, which can be given appropriate permissions.

However someone (I'll do if required) should check, what happens to word and
long accesses there, as some cards do not like "emulated" 16 and 32 bit
accesses by multiple 8 bit accesses.

Another possible solution to lessen the security threat a setuid SANE
installation _might_ (noone checked thoroughly AFAIK) be, would be to
use saned() to separate the memory spaces of the front- and the backend.
However we should really do a thorough check for common loopholes like
buffer overruns and such, then.

> >Am I simply allowed to access hardware
> > ports from my backend and are there any guidelines dealing with
> > compatiblity (what system libraries am I allowed to use) and
> > portability?
> Give some more info (Hardware, interface, libraries) for a more proper
> advise and not a general conversation...

Well - anything that is ANSI-C should usually be o.k. . Everything else
should only be used with care and eventually protected by autoconf.

CU, Andy

-- 
Andreas Beck              |  Email :  <Andreas.Beck@ggi-project.org>

--
Source code, list archive, and docs: http://www.mostang.com/sane/
To unsubscribe: echo unsubscribe sane-devel | mail majordomo@mostang.com