> >> Are these new programable cards capable of reading main memory, which > >> OpenBSD would not be able to prevent if machdep.allowaperture were > >> set to something other than 0? > > > > Yes, they have DMA engines. If the privilege seperate X server has a > > bug, it can still wiggle the IO registers of the card to do DMA to > > physical addresses, entirely bypassing system security. > > Wow. As if running a binary blob was not bad enough, video card > binary blobs are suddenly found to be all-powerful.
This issue is not about binary blobs for video cards.