tech-kern: Re: wpi0: Full open source driver at openbsd

Subject: Re: wpi0: Full open source driver at openbsd
To: None <tech-kern@NetBSD.org>
From: David Young <dyoung@pobox.com>
List: tech-kern
Date: 10/07/2007 21:07:33
On Fri, Oct 05, 2007 at 07:11:10PM +0200, Joerg Sonnenberger wrote:
> On Fri, Oct 05, 2007 at 12:51:56PM -0400, der Mouse wrote:
> > I do, however, know that it's not going to be used on *my* systems.  (I
> > won't use an ath either, because of the lack of source to the HAL.)
> 
> Sorry, but this is completely bull shit. This "blob" is exactly the same
> as a ROM image with the only difference that it is uploaded by the
> driver to the card. Do you remove all ROM chips from the hardware you
> own? Do you write your own microcode patches for the CPUs?

Joerg,

You are mistaken when you put WiFi firmware in the same category as ROM
chips, microcode, and ASICs.

An ASIC is designed and tested with a lot higher standards than a firmware
is.  You cannot fundamentally change an ASIC's role or performance,
not even temporarily, by exploiting its defects to rewire the gates; you
can exploit a defective firmware to introduce new program instructions.
Firmwares ordinarily add complexity to a microcontroller-based WiFi
that is way out of proportion to what is necessary to use the chip.
Bugs accompany that complexity, but documentation does not.

A ROM BIOS ordinarily has to meet some industry standard, such as
compatibility with the IBM PC and a panoply of extensions (PCI BIOS,
APM, ACPI, ...).  The host side of a WiFi interface needs to meet
PCI standards, but that's all.  There are no objective standards
of interface quality, so anything goes: if the programmer of the
Linux/Windows device driver and the programmer of the firmware can produce
something that works together through a thousand half-measures and some
mutual accomodation---the documentation and the 3rd-party drivers be
damned---then the quality of the firmware will be very low.

Microcode is similar in some respects to ROM BIOS (microcode for IEEE
floating-point math, say, has to meet standards in paper doco) and to
ASICs (low complexity compared to a WiFi firmware).

> How do you know that a vendor doesn't have the same backdoors you seem
> to fear so much in the ASIC?

We do not know, but I think that it is prudent to regard an opaque
WiFi firmware that is operating with a 3rd-party device driver as less
trustworthy than either a ROM implementing industry standards or an ASIC.

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933 ext 24