On Fri, Sep 14, 2007 at 08:56:40PM +0400, Manu Abraham wrote: > > I do understand that (an earlier reply from Grant Grundler on the same > [1], while working on something else), but that wasn't exactly what i > was getting at. The bridges are in fact tied up with a certain CPU class. > > Though your argument holds true: "secure userpsace device drivers can be > implemented with modern hardware" There is a large flaw in it. (From an > academic POV, you are correct) > > Now, if all the drivers were to depend on that certain feature, what > happens to all other CPU class users ? Looking at a pile of CPU's being > used, also not to forget that devices such as STB's use even very small > embedded CPU's such as the PPC405 Vulcan based [2] to mobile devices > such as mobile phones using ARM, Xtensa [3], OMAP CPU's/platforms, which > do not in any way use the bridges nor the CPU class which you however > mention. This is true. These platforms do not (and afaik will not) have an IOMMU and thus its impossible to implement a secure userspace driver interface that supports DMA. In general, IOMMUs are only expected on platforms which implement virtualization, have a processor address space larger than the io address space or both. > So .. we are looking at a small segment, ie. a subset of the PC users > even, even if the larger segments like STB's can be ignored. This would > mean that only a small subset of users using a certain CPU class can use > those drivers (eventhough the devices themselves don't have that > limitation, the limitation being the implementation of the driver > alone), which is absurd. This is also true. But looking at the current development of virtualization in hardware on the PC market (and also the increasing amount of main memory) makes me sure that in a few years every new sold _PC_ will haven an IOMMU inside. But the problems with the other platforms or older hardware will certainly remain. Joerg _______________________________________________ linux-dvb mailing list linux-dvb@xxxxxxxxxxx http://www.linuxtv.org/cgi-bin/mailman/listinfo/linux-dvb