Hello development folks,
recently, it has been flagged to me that we ship our kernels with CONFIG_DRM_LEGACY enabled.
The documentation to this reads:
Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous APIs to user-space, which can be used to circumvent access restrictions and other security measures. For backwards compatibility those drivers are still available, but their use is highly inadvisable and might harm your system.
You are recommended to use the safe modeset-only drivers instead, and perform 3D emulation in user-space.
Unless you have strong reasons to go rogue, say "N".
Because of the kernel released on July 7 and its fixes to ASIX USB-to-Ethernet adapters, I am currently working on that sector of IPFire 2.x anyway. Unless somebody of you can recall why we really need to have CONFIG_DRM_LEGACY enabled, I would submit a patch disabling it - its documentation does not inspire confidence at all. :-)
Thanks, and best regards, Peter Müller