Originally posted by mSparks
View Post
No you need to learn X11 architecture. There is 4 key time frames.
1) The early UMS drivers. Yes User Mode Setting drivers this are the early X11 graphics drivers. Requirement full access to /dev/mem these are levels of isnane you need root to use them and no security from Posix because basically nothing is a file. When I say insane early X11 servers have user space x86 emulators to run graphical card include firmware/rom to control the graphics card for these early UMS drivers.
2) DRI1 Still UMS still basically nothing is a file so not secure not using posix. Lot of totally insane stuff like platform emulators has been removed..
3) DRI2 Start of KMS so somethings are a file. But your graphics card memory is like GEM where nothing is a file. Wayland developers against gem proved that you could basically guess GEM handles and access other data. This is the level of current day closed source Nvidia graphics drivers.
4) DRI3 that Wayland after 2013 requires and this only comes into existence in 2013. Yes early version of Wayland uses insecure DRI2/GEM. This has DMABUF for userspace to request memory allocations on the GPU and due to DMABUF being a file handle POSIX permissions apply.
Fun point the OS that X11 was first developed for was not a POSIX architecture and it basically taken until 2013/DRI3 to make X11 protocol in fact conform to POSIX architecture. Yes the fact that Nvidia closed source driver userspace X11 driver need deprecated not POSIX compadible interfaces that are DRI2 and earlier to function should have alarm bells running.
When I say Nvidia driver is broken I am not kidding. It broken in so many ways it not funny.
Please note this is not a Linux permission problem this is a problem for every OS using X11 that has not upgraded to DRI3.
By the way the performance issue where you don't want to run a X11 compositor is simple really.
You look at you swapchain counts. X11 bare metal good driver for bare metal swapchain count =2 without compositor. You start compositor its Nvidia bad driver under wayland so this is +4 to your swapchain count when you start a compositor a good driver this will be +2.
Latency 99% of the graphical output system aligns swapchain count.
Now lets do a Wayland compositor.
Bare metal wayland compositor good driver swapchain count 2 bad driver swapchain count 4. Start xwayland swapchain count +0 that right +0 does not increase at all. Start another wayland compositor on top swapchain count +0.
Using buffers in userspace that have posix security the way Wayland does you don't need to increase swapchain count to create secure separation.
The reason why Linux/Freebsd Nvidia closed source drivers is so much trouble with Wayland compositors is that the Nvidia closed source drivers are an insecure mess because they are based on deprecated X11 API/ABI and ideas where making graphics stack incompatible with posix for so called performance was called acceptable.
Please note I said so called performance 2013 different graphics driver developers benchmark all the different claimed reasons for not integrating with the OS posix security and memory sharing items the result was all the other methods resulted in poorer performance as well as being totally insecure.
Comment