Maxim Cournoyer <maxim.courno...@gmail.com> writes: >> An example would be to switch from linux-libre to some 100% free linux >> kernel that doesn't block nonfree firmware, so if users reluctantly >> need nonfree firmware they would, on their own, add them. > > I thought I'd mention that technically, making it impossible to load any > firmware in linux-libre is considered a bug, and someone could > contribute a fix. > > Last time I discussed it with the linux-libre, the reason loading > non-free firmware is outright disabled is because it'd be trivial for > any privileged (or maybe that's not even a condition?) processes to make > a system call to Linux to load non-free firmware, which would make it > difficult to control for users.
Oh, is that really the case? I had assumed that this was a policy decision, that linux-libre didn't want to allow users to have the ability to load non-free firmware, to make sure the goals of linux-libre aren't compromised. If the reason isn't policy, I don't really understand the privilege objection. If you would agree that 'root' should be able to load and run non-free code (which can be rejected on policy grounds), why would linux-libre prevent that? Is the syscall available for non-root users? If so isn't that a linux kernel bug, surely non-privileged users shouldn't be allowed to load firmware that can modify hardware behaviour? I am personally torn between use of Guix on some machines, where linux-libre doesn't work, and the alternatives. I've never really liked the non-guix installation flow (it seems so complicated). I think it is reasonable in these situations to use a linux-libre kernel but that it allows loading of non-free blobs, only that I have to do this manually or specify it separately, and it doesn't happen automatically by default. This could be part of Guix proper. I have thought that a middle ground project like 'linux-free' would be possible: it would be identical to linux-libre but re-add the hooks to allow root to load non-free firmware, if they so chose to do it. I'm more comfortable with this approach than using linux upstream, since I think that linux-libre improves more than just non-free firmware loading. I don't think a strict kernel policy to disallow users to run non-free code serves user freedom: it would prevent running a binary that I build using GCC built on a 5 lines C code that doesn't have a license (such a program would also be non-free). Preventing a program like that from being run is an interesting approach, but that functionality can just as easily be used as full DRM sword to prevent me from running free binaries. So it is problematic to work on these mechanisms. Maybe this topic could be brought up again on the linux-libre list, I don't recall any recent discussion about this... /Simon
signature.asc
Description: PGP signature
