On 2011-08-02 12:28, Rafał Miłecki wrote:
2011/8/2 Alan Coxalan@lxorguk.ukuu.org.uk:
But I believe this is a problem of all approaches which provide multiple hardware-accelerated (or Xv-enabled) seats on a single GPU, no matter if based on multiple DRM devices, on Xephyr or Xnest with some kind of OpenGL or DRI passthrough, or on Wayland: If one has direct access to the graphics engine, he also can access any video memory he wants.
Not always. It's a bit more complicated than that. Some hardware supports write only memory spaces, some hardware supports contexts in the GTT). On other cards you need some kind of security model and verifier to handle this. I don't think reloading the GTT is enough on most of the cards because the display scanout for all the framebuffers is needed all the time.
I believe you respond to Klaus Kusche here?
Klaus: please, CC mailing list so everyone can see your messages.
My mail Alan cited above was CC'd to the list. No idea where it got eaten. Is there some spam filter filtering list postings?