When is the Last Time You Booted to Windows?
Guy Fraser
guy at incentre.net
Fri Feb 17 16:58:53 UTC 2006
On Thu, 2006-16-02 at 15:24 -0600, Les Mikesell wrote:
> On Thu, 2006-02-16 at 15:07, Dave Jones wrote:
>
> > > There is a cisco vpn client for linux. Run that for work all the time.
> > >
> > > Check their web site for the software or ask you IT group for it.
> >
> > It uses a binary only kernel module that frequently causes problems
> > judging by the number of reports I've seen in bugzilla tainted by it,
> > which magically 'go away' when the user switches to using vpnc.
> >
> > One of the horrors of binary kernel modules is they don't keep up
> > with the steady release of upstream kernels, so what might work
> > fine on one release might break horribly in next weeks updates,
> > sometimes in particularly drastic ways like memory corruption
> > when then finds its way written out to disk.
>
> That's one way of thinking about it. The other is that one of
> the horrors of running Linux is that every kernel release may
> break previously used interfaces and force you to replace all
> your tested modules.
I will second that.
If the binary module has a static API to connect with, and
problems occur it is the part that changed that has failed
not the part that didn't. If the API is not static, it is by
choice of the developers to make it so. That is why Nvidia
has wrappers for its binary modules, although the wrapper
needs to be recompiled for every new kernel, the binary
component does not.
As far as I can tell "the horrors of binary kernel modules"
may have some validity, but is mostly generic fear mongering.
Not all binary modules are made equal, just as developers are
not made equal. I personally have never had any corruption
problems with the binary drivers from Nvidia, but that is the
only binary component I currently use.
Rather than promote fear, why not lobby to get the dbkm or dkbm
what ever it is that will make dynamic binary kernel module
system available. If developers have a static API to design
there modules, there could be more drivers available. Some
devices manufacturers have secrets they are legal bound to
protect, that prohibit them from releasing source, and it is
a fact of life. If you keep kicking the manufactures in the
balls when they suggest a binary module, they are no more
likely to cave in and give you the source, as they are to
completely turn there back on you and not help you at all.
More information about the fedora-list
mailing list