Hacker News new | ask | show | jobs
by dmm 517 days ago
> dropped it because of bad graphics performance (only software rendering supported, many frame drops when watching HD videos on YT)

Around Firefox 92 or 93 the new GPU-based renderer ported from Servo was made default and performance under Qubes became much worse. Unfortunately, it seems applications increasingly assume the presence of video acceleration and don't prioritize software rendering.
1 comments
josephcsible 517 days ago
Isn't it reasonable for applications to assume that, now that virtually all hardware has it, even super-cheap computers like the Raspberry Pi?
link
adastra22 517 days ago
The issue for Qubes is security. GPUs can be used to subvert basically all the otherwise hardware-enforced security protections.
link
creole_wither 516 days ago
In a desktop, couldn't you assign a GPU to one video machine and in that scenario would there still be a security problem when there is only one VM using it?
link
adastra22 516 days ago
It’s not about virtual machines. GPUs typically have direct memory access to pretty much all system RAM. There exist PCIe mitigations, but the review does not meet up to Qubes security standards.
link
halJordan 515 days ago
Yes, this is what qubes would probably suggest as the solution.
link
Narishma 517 days ago
The hardware may be there, but not necessarily the drivers.
link
zamadatix 517 days ago
The drivers are fine for GPU accelerated rendering of the app surfaces, even on the Pi. Hell, the drivers are even there >98% of the time for accelerated decode of the video format itself to boot.

Qube's unique choice in software only rendering for user applications is one born out of the isolation goals for security, not what the software/drivers/hardware could do.

link
fsflover 516 days ago
> even on the Pi

Only proprietary ones, so not for everyone...

link
zamadatix 516 days ago
Pi 1-3 https://docs.mesa3d.org/drivers/vc4.html

Pi 4-5 https://docs.mesa3d.org/drivers/v3d.html

link
fsflover 516 days ago
> Broadcom never released a public specification for the V3D 3.x or 4.x series.

So the support must be worse if you prefer free drivers?

link
fulafel 517 days ago
Yes. Besides Qubes users, a big population of software rendering users is people who have old and/or buggy drivers that are blacklisted by Firefox.
link
usr1106 517 days ago
I understand GPUs are a security nightmare. If you want to have some understanding of your security, don't use a GPU.
link
irundebian 515 days ago
Yeah, if you really care about security, only use computer which use line printers as output mechanisms.
link
dmm 516 days ago
It's totally reasonable, just unfortunate for this use-case.
link