Re: [PATCH 2/2] drm: make DRI1 drivers depend on BROKEN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4 August 2016 at 18:06, David Herrmann <dh.herrmann@xxxxxxxxx> wrote:
> The legacy DRI1 drivers expose highly broken interfaces to user-space. No
> modern system should enable them, or you will effectively allow user-space
> to circumvent most of your kernel security measures. The DRI1 kernel APIs
> are simply broken.
>
> User-space can always use vesafb/efifb/simplefb and friends to get working
> graphics.
>
> Lets hide the old drivers behind CONFIG_BROKEN. In case they turn out to
> be still used (really?), we can easily revert this and figure out a way to
> move them out of sight (e.g., moving all DRI1 drivers to
> drivers/gpu/dri1/).
>
> Signed-off-by: David Herrmann <dh.herrmann@xxxxxxxxx>

So my opinion is that no modern system enables them in practice.

You can only load dri1 drivers on dri1 hardware, so you aren't exactly leaving
yourself open to root holes here. If you mean the fact that we keep leaving the
ioctls answering when dri2 drivers are loaded due to errors, then I hope we've
figured all those out by now.

Dave.
_______________________________________________
dri-devel mailing list
dri-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/dri-devel




[Index of Archives]     [Linux DRI Users]     [Linux Intel Graphics]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux