> This is also because communication with the device uses ASN.1-like > structures, and that complexity should maybe not be part of the kernel.
I actually think this should all be in the driver. I think the wrong decision was made of turning this into a /dev/ interface. In the end, the object parser has to be correct against busted records (from the driver) whether it is in a device driver in the kernel, or in userland running as root. If the parsing code is buggy, it makes little difference for an attacking-device whether he manages to escalate into kernel or userland root.
