On 03/21/2014 08:10 AM, Daniel Vetter wrote: > On Thu, Mar 20, 2014 at 10:13 PM, Rob Clark <robdclark at gmail.com> wrote: >>>> Ie. an app that was using the gpu for something secure could >>>> simply choose not to if the hw/driver could not guarantee that another >>>> process using the gpu could not get access to the buffers.. >>> IMO that should work fine, but we need to provide a way for user-space >>> to determine whether >>> the render node is secure or not. Perhaps a sysfs attribute and / or a >>> drm getparam() parameter? >> I'd *assume* that that sort of thing would just be some sort of CL extension? >> >> But no objection to exposing it in a more common way. >> >> I guess it is also an option to keep the bootarg to override default >> (with the default being 'enabled' for hw w/ per-context/process vm and >> 'disabled' otherwise). > Imo if we expose this through sysfs we should always enable > rendernodes. The udev scripts can then decide what permissions to set > on them.
Agreed. Thomas > -Daniel
