tech-x11: Re: libpciaccess for Xorg

Subject: Re: libpciaccess for Xorg
To: Martin Husemann <martin@duskware.de>
From: Eric Anholt <eric@anholt.net>
List: tech-x11
Date: 05/15/2007 10:41:19
--=-+ZLFgayXx0cFo/2mcVaN
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Mon, 2007-05-14 at 22:35 +0200, Martin Husemann wrote:=20
> On Mon, May 14, 2007 at 02:16:51PM -0400, Blair Sadewitz wrote:
> > Has anyone looked at this?  I think Xorg is going to switch to using
> > this in the future (makes sense).
>=20
> Is that one more reason to keep X INSECURE forever?
> (Besides other new "goodies" like dbus and friends)

(I'm assuming the "X INSECURE" there is about X running as root, rather
than about X server security in general.  On all my systems running X,
if you've compromised my one user, you might as well have compromised my
whole system anyway, so I don't care too much about getting non-root X,
personally.)

There is active research going on into creating an appropriate kernel
modesetting interface.  Once that and the DRM memory manager are ready,
it should be "just" a matter of building an appropriate command
validation layer in each driver to get to the point of having
unprivileged user applications able to take advantage of the GPU without
authenticating with the X Server.  If you've got that, you could build
an X server on top of that infrastructure which could run as an
unprivileged user while allowing acceleration.

However, as far as I know, nobody in the BSDs is working on creating the
necessary BSD code for the DRM memory manager support or the modesetting
support in the DRM drivers.  So, right now the BSDs are definitely
trailing in terms of getting to the point of having non-root X.

None of this is related to libpciaccess.  dbus is even less related to
any of this.

--=20
Eric Anholt                             anholt@FreeBSD.org
eric@anholt.net                         eric.anholt@intel.com


--=-+ZLFgayXx0cFo/2mcVaN
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)

iD8DBQBGSfC/HUdvYGzw6vcRAizaAJ9by9ZfkkM9/n4Pw4Athg2+ndvA8wCfesGA
vw+iytlcE3ADl7MOcP5zJII=
=mDh1
-----END PGP SIGNATURE-----

--=-+ZLFgayXx0cFo/2mcVaN--