Marc Boucher wrote:Giuliano Colla wrote:Can you honestly tell apart the two cases, if you don't make a it a case ofOn Thu, Apr 29, 2004 at 11:15:13AM -0400, Timothy Miller answered:
"religion war"?Firmware downloaded into a piece of hardware can't corrupt the kernel in theand unless it's a card with binary-only, proprietary BIOS code called at
host.
(Unless it's a bus master which writes to random memory, which might be
possible, but there is hardware you can buy to watch PCI transactions.)
runtime by the kernel, for example by the vesafb.c video driver,
which despite this has a MODULE_LICENSE("GPL").
Could someone explain why such execution of evil proprietary binary-only
code on the host CPU should not also "taint" the kernel? ;-)
That's a good question, but the BIOS code you're talking about is not part of the kernel. Sure, it's possible that it might still corrupt the kernel, but it's not being loaded into it as a module. The developer of the BIOS code never intended for their code to be run by the Linux kernel.
Is it still dangerous? Yes. Is it a violation of the GPL? No.
Also, developers of modules which thunk to BIOS code are aware of the potential problems and are typically willing to take responsibility for investigating bugs in their own code. (Bugs in the BIOS means you're screwed and need to get new hardware.) Developers of proprietary drivers are notoriously unhelpful when it comes to fixing bugs in their code.