Re: [PATCH 5/5] drm: drop DRM_AUTH from PRIME_TO/FROM_HANDLE ioctls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 27 Nov 2019 at 18:37, Daniel Vetter <daniel@xxxxxxxx> wrote:
>
> On Wed, Nov 27, 2019 at 06:32:56PM +0000, Emil Velikov wrote:
> > On Wed, 27 Nov 2019 at 18:04, Daniel Vetter <daniel@xxxxxxxx> wrote:
> > >
> > > On Wed, Nov 27, 2019 at 04:27:29PM +0000, Emil Velikov wrote:
> > > > On Wed, 27 Nov 2019 at 07:41, Boris Brezillon
> > > > <boris.brezillon@xxxxxxxxxxxxx> wrote:
> > > > >
> > > > > Hi Emil,
> > > > >
> > > > > On Fri,  1 Nov 2019 13:03:13 +0000
> > > > > Emil Velikov <emil.l.velikov@xxxxxxxxx> wrote:
> > > > >
> > > > > > From: Emil Velikov <emil.velikov@xxxxxxxxxxxxx>
> > > > > >
> > > > > > As mentioned by Christian, for drivers which support only primary nodes
> > > > > > this changes the returned error from -EACCES into -EOPNOTSUPP/-ENOSYS.
> > > > >
> > > > > Are you sure this is true for MODESET-only nodes (those that do not
> > > > > have the RENDER cap set) implementing ->{fd_to_handle,handle_to_fd}()?
> > > > > Shouldn't the is_authenticated() check still be done in that case?
> > > > >
> > > > Thanks for catching this. Just sent out v2, which I should address the concern.
> > >
> > > Why do we need this additional check in v2? What can go wrong on modeset
> > > drivers if non-authenticated legacy things can use this? modeset-only
> > > drivers have all their resources segregated by the drm core (drm_fb,
> > > mmaps, buffer lists), so there's really no access limitations that can go
> > > wrong here.
> >
> > Welcome back Daniel.
> >
> > I haven't audited the core drm code, so wasn't sure if there's any
> > issues that may arise.
> > Hence the conservative approach in v2.
> >
> > If you think this is fine as-is a formal Reviewed-by would be highly
> > appreciated.
>
> I think there's a non-zero chance I'll have to eat a few hats on this, but
> I think v1 is solid.
>
> Reviewed-by: Daniel Vetter <daniel.vetter@xxxxxxxx>
>
Thanks. I've just re-read the DIM instructions and pushed this to drm-misc-next.
Fingers crossed, I did not butcher it this time around.

-Emil
_______________________________________________
amd-gfx mailing list
amd-gfx@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/amd-gfx




[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux