Announcement

**bug77** · 26 July 2017, 11:47 AM

Originally posted by You- View Post

It is not a kernel problem.

A simple thing like taking a screenshot has been identified as a security problem.

If one app can take a screenshot, why can't another malicious one do the same? (This is a real problem. An Activist's computer was found out to be taking screen shots and uploading them to an intelligence agency's servers that was spying on him).
If one app can see all the keys pressed, another malicious once can do the same and record all key presses under the x server. (No passwords will be secure if the key strokes are read.)
If one app can control the video card, another malicious one can do the same... (DDOS, or read another used graphics data)
If one app can manipulate a file, what is preventing another from doing the same...
Add a thousand more security questions which are not even considered in the world of Xserver etc.

These are hard problems that are more serious now with current hardware than they were with older hardware in a time when such a thing would be impractical across the internet.

Now with Wayland the developers had a choice - either implement a "workaround" so things worked the old way that would then stay around forever keeping the same insecurity, or implement a safe interface to allow the action to be carried out securely.

The concept of portals has been introduced to do thing securely, with the idea that the UI can be done natively by each desktop environment. Gnome is ahead of the curve in implementing these. Others will catch up or can use the Gnome technologies for now, until they have implemented the same interfaces.

This is not Gnome trying to embrace everything, but simply having more manower. These portals etc have been agreed upon between various desktops and it is a matter of time until they are implemented (and expanded to add other use cases).

I'm not sure I follow. If an app needs to take a screen shot, the protocol needs to offer the necessary support to take a screen shot. How you take a screen shot securely? Enforce Android-style permissions on every app?

**aufkrawall** · 26 July 2017, 11:55 AM

Originally posted by cj.wijtmans View Post

No, but the graphics stack on linux based OSes are a mess. The monolithic approach doesnt work here.

Isn't that why Intel evaluates to shift more functionality into userspace?

**RahulSundaram** · 26 July 2017, 11:57 AM

Originally posted by bug77 View Post

I'm not sure I follow. If an app needs to take a screen shot, the protocol needs to offer the necessary support to take a screen shot. How you take a screen shot securely? Enforce Android-style permissions on every app?

Compositor is the only application that can take a screenshot in Wayland world. Rest of them have to go through some permission model. Refer to flatpak portals for one implementation of a permission mechanism.

**microcode** · 26 July 2017, 12:00 PM

Originally posted by cj.wijtmans View Post

the problem runs deeper at kernel level. the drivers are huge and complex and should not even exist in kernel space. Besides the very basic graphics to get a functioning TTY and booting screen ofcourse. But there is no stable kernel api for it.

I'm wondering why you think the part of the driver that's in the kernel shouldn't be there. You still need to centralize access to the PCIe device even if the driver is in userspace, and if you move it into userspace you end up with two context switches per submission rather than one, and you *still* need most of the kernel driver to stay in the kernel to handle your "very basic graphics" use case, because modesetting is the single largest and most complex component of most kernel GPU drivers. The largest overall driver components are already in userspace (the shader compiler, command stream generation, context management).

**You-** · 26 July 2017, 12:10 PM

Originally posted by bug77 View Post

I'm not sure I follow. If an app needs to take a screen shot, the protocol needs to offer the necessary support to take a screen shot. How you take a screen shot securely? Enforce Android-style permissions on every app?

The app cant take the screenshot (of the wider desktop?) as it is only aware of its own window. It can only make a request that the screenshot be taken. Other policy/portals etc then implement a method to allow/deny that request. Gnome/GTK are ahead of other desktops for providing these methods.

**You-** · 26 July 2017, 01:03 PM

The portal stuff has been done n a desktop agnostic manner and any desktop can provice an implementation.

I am pretty sure that many smaller DE's will simply leverage the GTK/Gnome technologies. Others might wait for the Qt/KDE versions to mature. It wont prevent other desktops from existing, but it may stop them from constantly forking everything to their own name version as that might be too much work.

**Azrael5** · 26 July 2017, 02:07 PM

So the problem of wayland implementation is the security concerns?

**franglais125** · 26 July 2017, 02:10 PM

Personally, I find this useless, as Nvidia doesn't plan to implement Xwayland support for EGLstreams.

Source: https://devtalk.nvidia.com/default/t...88874/#5188874

**bug77** · 26 July 2017, 02:26 PM

Originally posted by GhostOfFunkS View Post

More like re-implement all the features in a safe way. X proved to be bad design and the desktop suffered from its flaws rather than benefitted from transparency.

The hard truth is that desktops on X is horrible.

The hard truth is also that to this day X lets you do things and Wayland doesn't.

So while I appreciate the fresh, open approach, I do not understand the apparent urgency to migrate just yet.

**aufkrawall** · 26 July 2017, 03:05 PM

Originally posted by franglais125 View Post

Personally, I find this useless, as Nvidia doesn't plan to implement Xwayland support for EGLstreams.

Does this mean X apps will never work with OGL in a Wayland EGLStream session?

Announcement

NVIDIA Makes It Easier On Fedora To Try GNOME With EGLStreams On Wayland

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment