lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a75782218f34ae3cff725cbcfb321527f6aa2e14.camel@HansenPartnership.com>
Date: Wed, 24 Jul 2024 16:37:21 -0400
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: Laurent Pinchart <laurent.pinchart@...asonboard.com>
Cc: Jiri Kosina <jikos@...nel.org>, Dan Williams <dan.j.williams@...el.com>,
  ksummit@...ts.linux.dev, linux-cxl@...r.kernel.org,
 linux-rdma@...r.kernel.org,  netdev@...r.kernel.org, jgg@...dia.com
Subject: Re: [MAINTAINERS SUMMIT] Device Passthrough Considered Harmful?

On Wed, 2024-07-24 at 23:00 +0300, Laurent Pinchart wrote:
[...]
> What I get from the discussions I've followed or partcipated in over
> the years is that the main worry of free software communities is
> being forced to use closed-source userspace components, whether that
> would be to make the device usable at all, or to achieve decent level
> of performance or full feature set. We've been through years of
> mostly closed-source GPU support, of printer "windrivers", and quite
> a few other horrors. The good news is that we've so far overcome lots
> (most) of those challenges. Reverse engineering projects paid off,
> and so did working hand-in-hand with industry actors in multiple ways
> (both openly and behind the scenes). One could then legitimately ask
> why we're still scared.

I don't think I am.  We're mostly fully capable of expounding at length
on the business rationale for being open if the thing they're hiding
isn't much of a differentiator anyway (or they're simply hiding it to
try to retain some illusion of control), so we shouldn't have any fear
of being able to make our case in language business people understand.

I also think this fear is partly a mindset problem on our part.  We
came out of the real fight for openness and we do embrace things like a
licence that forces open code (GPL) and symbols that discourage
proprietary drivers (EXPORT_SYMBOL_GPL), so we've somewhat drunk the
FSF coolaid that if we don't stand over manufacturers every second and
force them they'll slide back to their old proprietary ways.  However,
if you look at the entirely permissive ecosystem that grew up after we
did (openstack, docker, kubernetes, etc.) they don't have any such fear
and yet they still have large amounts of uncompelled openness and give
back.

> I can't fully answer that question, but there are two points that I
> think are relevant. Note that due to my background and experience,
> this will be heavily biased towards consumer and embedded hardware,
> not data centre-grade devices. Some technologies from the latter
> however have a tendency to migrate to the former over time, so the
> distinction isn't necessarily as relevant as one may consider.
> 
> The first point is that hardware gets more complicated over time, and
> in some markets there's also an increase in the number of vendors and
> devices. There's a perceived (whether true or not) danger that we
> won't be able to keep up with just reverse engineering and a
> development model relying on hobyists. Getting vendors involved is
> important if we want to scale.

Yes, but there are lots of not very useful complex devices being
produced every day that fail to capture market share.  Not having
reverse engineered drivers for them is no real loss.  If a device does
gain market share, it gains a huge pool of users some of whom become
interested in reverse engineering, so I think market forces actually
work in our favour: we get reverse engineering mostly where the devices
are actually interesting and capture market share.  It's self scaling.

> Second, I think there's a fear of regression. For some categories of
> devices, we have made slow but real progress to try and convince the
> industry to be more open. This sometimes took a decade of work,
> patiently building bridges and creating ecosystems brick by brick.
> Some of those ecosystems are sturdy, some not so. Giving pass-through
> a blank check will likely have very different effects in different
> areas. I don't personally believe it will shatter everything, but I'm
> convinced it carries risk in areas where cooperation with vendors is
> in its infancy or is fragile for any other reason.

I also think we're on the rise in this space.  Since most cloud
workloads are on Linux, there's huge market pressure on most "found in
the cloud" devices (like accelerators and GPUs) to have an easy to
consume Linux story.  Nvidia is a case in point.  When it only cared
about fast games on some other OS, we get shafted with a proprietary
graphics drivers.  Now it's under pressure to be the number one AI
accelerator provider for the cloud it's suddenly wondering about open
source drivers to make adoption easier.

> Finally, let's not forget that pass-through APIs are not an all or
> nothing option. To cite that example only, DRM requires GPU drivers
> to have an open-source userspace implementation to merge the kernel
> driver, and the same subsystems strongly pushes for API
> standardization for display controllers. We can set different rules
> for different cases.

I certainly think we can afford to experiment here, yes.

James


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ