Re: [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 27 May 2019 at 09:19, Emil Velikov <emil.l.velikov@xxxxxxxxx> wrote:
>
> From: Emil Velikov <emil.velikov@xxxxxxxxxxxxx>
>
> The authentication can be circumvented, by design, by using the render
> node.
>
> From the driver POV there is no distinction between primary and render
> nodes, thus we can drop the token.
>
> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx>
> Cc: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
> Cc: David Airlie <airlied@xxxxxxxx>
> Cc: Daniel Vetter <daniel@xxxxxxxx>
> Signed-off-by: Emil Velikov <emil.velikov@xxxxxxxxxxxxx>
> ---
>  drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++---------
>  1 file changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> index 949a264985fc..e72626faba52 100644
> --- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> +++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> @@ -553,34 +553,34 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev,
>
>  struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = {
>         DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE,
>                           virtio_gpu_resource_create_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         /* make transfer async to the main ring? - no sure, can we
>          * thread these in the underlying GL
>          */
>         DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST,
>                           virtio_gpu_transfer_from_host_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>         DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST,
>                           virtio_gpu_transfer_to_host_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>  };
> --
> 2.21.0
>

Humble poke?

Thanks,
Emil
_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization



[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux