[EMAIL PROTECTED] wrote:
having had a gander at the 3.9 song, which is quite amusing, i had an idea that
might be useful and i suspect it is ill-conceived. i have the utmost confidence
that readers of misc@ can quickly elucidate why it is a stupid idea.
if the integrity of closed-source binary blob drivers is questionable, is it
possible to effect something like a systrace-ing of those blobs to prevent them
from running amok? i would imagine this is not possible if the driver were a
kernel, not userland, thing.
not possible. a hardware driver, no matter if running in kernel or
in userspace, always has to access kernel memory.
further explanation of why this wouldn't work or would be a bad idea if it would
work is appreciated.
it is stupid.
you should read the comments in lyrics.html:
* Blobs can be 'de-supported' by vendors at any time.
* Blobs cannot be supported by developers.
* Blobs cannot be fixed by developers.
* Blobs cannot be improved.
* Blobs cannot be audited.
* Blobs are specific to an architecture, thus less portable.
* Blobs are quite often massively bloated.
how do you want to fix that with a jail?
adding interfaces and wrappers for easy loading of BLOBs
is definitely the WRONG way.
reyk
