|
|
Subscribe / Log in / New account

userspace drivers

userspace drivers

Posted Nov 5, 2015 12:37 UTC (Thu) by Zolko (guest, #99166)
In reply to: Kernel security: beyond bug fixing by mjthayer
Parent article: Kernel security: beyond bug fixing

This performance -vs- speed is also the argument to not have drivers in userspace. Which means that there is kernel code running that is completely unknown to the developers. We are not talking about bugs or security flaws, but built-in backdoors by the manufacturer. For example, Broadcom is a US company, who wants to bet that their closed binary drivers contain backdoors requested by the NSA under gagging legislation ?

What use is there for a firewall if the first line of defense is a traitor ? What use is there for sandboxing if the X driver installs keyloggers and then phones home ?

Talking about kernel security with a monolithical kernel and binary drivers is pointless crap (TM Linus) !!!

to post comments

userspace drivers

Posted Nov 8, 2015 12:43 UTC (Sun) by JanC_ (guest, #34940) [Link] (2 responses)

I don't see how those binary drivers being in userspace would help against an NSA backdoor at all (especially in case of e.g. network drivers)?

And I think you are wrong in case of most Broadcom drivers, which are open source but have to upload a closed source firmware into the network hardware, because they don't have a closed source firmware in ROM/flash like some others do. Both uploaded & saved in ROM/flash firmwares could contain a backdoor, so kernel vs. userspace doesn't even come into play there.

userspace drivers

Posted Dec 18, 2015 4:22 UTC (Fri) by Rudd-O (guest, #61155) [Link] (1 responses)

There's this thing called "Direct Memory Access" in modern computers. Drivers can use that to access any sort of main memory or other devices in the same bus.

Thus, while you think your (possibly compromised) network driver is oblivious to your password keystrokes because your connection to this site is SSL, your (possibly compromised) network driver is in fact stealing your keystrokes as you go.

(I say possibly compromised, but with DMA, it's a juicy target for a compromise. There are videos of people doing this sort of thing, by the way. It's not something esoteric.)

userspace drivers

Posted Dec 18, 2015 4:29 UTC (Fri) by Cyberax (✭ supporter ✭, #52523) [Link]

> There's this thing called "Direct Memory Access" in modern computers. Drivers can use that to access any sort of main memory or other devices in the same bus.
Not anymore: https://en.wikipedia.org/wiki/Input%E2%80%93output_memory...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds