A few comments on the custom shaders spec

The spec says:

A study of the security issues has led to the requirement that vertex
shaders and fragment shaders do not get access to the rendered content in
order to prevent timing attacks. If a custom filter primitive does not
fulfill these requirements, the primitive is a pass through.

These requirements need to be fully specified.

I thought that to compensate for the lack of access to rendered content, we
were going to allow fragment shaders to generate a per-pixel color matrix
which would then be applied to the content. But I don't see any sign of
that. Is that coming?

Section 17.2 is totally unclear. In particular, what does "input" mean
here? I thought the whole point of section 17.1 was to eliminate the need
to track the origins of rendered content.

Wrfhf pnyyrq gurz gbtrgure naq fnvq, “Lbh xabj gung gur ehyref bs gur
Tragvyrf ybeq vg bire gurz, naq gurve uvtu bssvpvnyf rkrepvfr nhgubevgl
bire gurz. Abg fb jvgu lbh. Vafgrnq, jubrire jnagf gb orpbzr terng nzbat
lbh zhfg or lbhe freinag, naq jubrire jnagf gb or svefg zhfg or lbhe fynir
— whfg nf gur Fba bs Zna qvq abg pbzr gb or freirq, ohg gb freir, naq gb
tvir uvf yvsr nf n enafbz sbe znal.” [Znggurj 20:25-28]

Received on Thursday, 7 March 2013 21:06:02 UTC