On Fri, Sep 14, 2007 at 08:56:40PM +0400, Manu Abraham wrote:
>
> I do understand that (an earlier reply from Grant Grundler on the same
> [1], while working on something else), but that wasn't exactly what i
> was getting at. The bridges are in fact tied up with a certain CPU class.
>
> Though your argument holds true: "secure userpsace device drivers can be
> implemented with modern hardware" There is a large flaw in it. (From an
> academic POV, you are correct)
>
> Now, if all the drivers were to depend on that certain feature, what
> happens to all other CPU class users ? Looking at a pile of CPU's being
> used, also not to forget that devices such as STB's use even very small
> embedded CPU's such as the PPC405 Vulcan based [2] to mobile devices
> such as mobile phones using ARM, Xtensa [3], OMAP CPU's/platforms, which
> do not in any way use the bridges nor the CPU class which you however
> mention.
This is true. These platforms do not (and afaik will not) have an
IOMMU and thus its impossible to implement a secure userspace driver
interface that supports DMA. In general, IOMMUs are only expected on
platforms which implement virtualization, have a processor address space
larger than the io address space or both.
> So .. we are looking at a small segment, ie. a subset of the PC users
> even, even if the larger segments like STB's can be ignored. This would
> mean that only a small subset of users using a certain CPU class can use
> those drivers (eventhough the devices themselves don't have that
> limitation, the limitation being the implementation of the driver
> alone), which is absurd.
This is also true. But looking at the current development of
virtualization in hardware on the PC market (and also the increasing
amount of main memory) makes me sure that in a few years every new sold
_PC_ will haven an IOMMU inside. But the problems with the other
platforms or older hardware will certainly remain.
Joerg
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]