On Wednesday, December 13th, 2023 at 15:16, Pekka Paalanen <ppaalanen@xxxxxxxxx> wrote: > > > It is protected/shielded/fortified from all the kernel and userspace, > > > but a more familiar word to describe that is inaccessible. > > > "Inaccessible buffer" per se OTOH sounds like a useless concept. > > > > > > It is not secure, because it does not involve security in any way. In > > > fact, given it's so fragile, I'd classify it as mildly opposite of > > > secure, as e.g. clients of a Wayland compositor can potentially DoS the > > > compositor with it by simply sending such a dmabuf. Or DoS the whole > > > system. > > > > I hear what you are saying and DoS is a known problem and attack vector, > > but regardless, we have use cases where we don't want to expose > > information in the clear and where we also would like to have some > > guarantees about correctness. That is where various secure elements and > > more generally security is needed. > > > > So, it sounds like we have two things here, the first is the naming and > > the meaning behind it. I'm pretty sure the people following and > > contributing to this thread can agree on a name that makes sense. Would > > you personally be OK with "restricted" as the name? It sounds like that. > > I would. I'm also just a by-stander, not a maintainer of kernel > anything. I have no power to accept nor reject anything here. I'd also personally be OK with "restricted", I think it's a lot better than "secure". In general I agree with everything Pekka said.
