Graphics Driver Frameworks and Security
Matthieu Herrb
matthieu.herrb at laas.fr
Mon May 15 23:24:00 PDT 2006
Rogelio Serrano wrote:
> On 5/16/06, olafBuddenhagen at gmx.net <olafBuddenhagen at gmx.net> wrote:
>> Hi,
>>
>> For those who haven't seen it yet, there is a nice new flame by Theo de
>> Raadt:
>>
>> http://marc.theaimsgroup.com/?l=openbsd-misc&m=114738577123893
>>
>> While I don't like Theo's tone and assigning blame etc., on the actual
>> issue I couldn't agree more.
The original author (Loic Dufflot) also posted an article here last
month. <http://lists.freedesktop.org/archives/xorg/2006-April/014874.html>
>>
>> There are a lot more reasons why the KGI approach makes a lot of sense,
>> but IMHO the security issue is a very convincing one by itself...
>>
>> -antrik-
>> _______________________________________________
>> xorg mailing list
>> xorg at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/xorg
>>
>
> Is the openbsd project aware of kgi? And does it work with openbsd?
Yes, and yes they had an OpenBSD port at some point. I'm not sure of the
current status.
The general approach to solve this problem is indeed to move some more
things in the kernel, but very hard part is to design the interface
between kernel and userland to preserve performance.
But KGI doesn't have significant results with accelerated drivers afaik.
This problem is still a challenge for systems that want to separate root
and kernel privileges. There are ideas floating around, but they still
need to be implemented.
It would also be interesting to see how Mac OS X on intel hardware
behaves wrt this issue.
--
Matthieu Herrb
More information about the xorg
mailing list