Which is why the kernel folks' insistence on keeping drivers in the kernel rather than sandboxed user processes is so backwards...https://twitter.com/CopperheadOS/status/863454511674871808 …
If drivers ran in full-nobody-container with full seccomp and only got mmap (and from hardware side, iommu) access to their declared mem...
-
-
...you could run the obfuscated Android SoC driver shit, or even outright proprietary blobs, without even having to care what they do.
- 2 more replies
New conversation -
-
-
Pity iommu seems so buggy and underused. At least on Intel, not sure about arm situation
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.