The new lsm-based cgroup device access control provides an equivalent hook to check device permission. Thus, switch to the more generic security hook security_dev_permission() instead of directly calling devcgroup_check_permission(). Signed-off-by: Michael Weiß <michael.weiss@xxxxxxxxxxxxxxxxxxx> --- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_priv.h b/drivers/gpu/drm/amd/amdkfd/kfd_priv.h index fa24e1852493..50979f332e38 100644 --- a/drivers/gpu/drm/amd/amdkfd/kfd_priv.h +++ b/drivers/gpu/drm/amd/amdkfd/kfd_priv.h @@ -38,7 +38,7 @@ #include <linux/seq_file.h> #include <linux/kref.h> #include <linux/sysfs.h> -#include <linux/device_cgroup.h> +#include <linux/security.h> #include <drm/drm_file.h> #include <drm/drm_drv.h> #include <drm/drm_device.h> @@ -1487,9 +1487,8 @@ static inline int kfd_devcgroup_check_permission(struct kfd_node *kfd) #if defined(CONFIG_CGROUP_DEVICE) || defined(CONFIG_CGROUP_BPF) struct drm_device *ddev = adev_to_drm(kfd->adev); - return devcgroup_check_permission(DEVCG_DEV_CHAR, DRM_MAJOR, - ddev->render->index, - DEVCG_ACC_WRITE | DEVCG_ACC_READ); + return security_dev_permission(S_IFCHR, MKDEV(DRM_MAJOR, ddev->render->index), + MAY_WRITE | MAY_READ); #else return 0; #endif -- 2.30.2
