Hi, I'm not completely sure that many drivers except vmwgfx care about inter-master DRM information leaks, of which this is one. (For example I think most drivers allow a bo flinked by a driver in one master realm (one user) to be opened by a client in another master realm (another user)). I think the common opinion is to ignore this and push for general render-node usage. Should that not be the case, we can always forward this. Note, however, that the impact for this particular issue should be quite low because it requires the cooperation of a user-space client with root privileges that is sloppy with timing.... /Thomas On 11/30/2015 08:53 PM, Lukas Wunner wrote: > Hi, > > On Mon, Nov 30, 2015 at 04:27:50PM +0100, Thomas Hellstrom wrote: >> while probably all other drivers don't care, except that it's a security >> issue > Hm, I don't know what the security policy is for DRM-related issues > but shouldn't this be cc'ed to security@xxxxxxxxxx so that it gets the > attention of security folks at distro vendors and is assigned a CVE? > > Best regards, > > Lukas _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel
