On Tue, Jun 11, 2019 at 7:40 PM Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > On Tue, Jun 11, 2019 at 07:33:16PM +0200, Daniel Vetter wrote: > > On Tue, Jun 11, 2019 at 5:37 PM Greg Kroah-Hartman > > <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > On Tue, Jun 11, 2019 at 03:56:35PM +0200, Sven Joachim wrote: > > > > Commit 1e07d63749 ("drm/nouveau: add kconfig option to turn off nouveau > > > > legacy contexts. (v3)") has caused a build failure for me when I > > > > actually tried that option (CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=n): > > > > > > > > ,---- > > > > | Kernel: arch/x86/boot/bzImage is ready (#1) > > > > | Building modules, stage 2. > > > > | MODPOST 290 modules > > > > | ERROR: "drm_legacy_mmap" [drivers/gpu/drm/nouveau/nouveau.ko] undefined! > > > > | scripts/Makefile.modpost:91: recipe for target '__modpost' failed > > > > `---- > > > > Calling drm_legacy_mmap is definitely not a great idea. I think either > > we need a custom patch to remove that out on older kernels, or maybe > > even #ifdef if you want to be super paranoid about breaking stuff ... > > > > > > Upstream does not have that problem, as commit bed2dd8421 ("drm/ttm: > > > > Quick-test mmap offset in ttm_bo_mmap()") has removed the use of > > > > drm_legacy_mmap from nouveau_ttm.c. Unfortunately that commit does not > > > > apply in 5.1.9. > > > > > > > > Most likely 4.19.50 and 4.14.125 are also affected, I haven't tested > > > > them yet. > > > > > > They probably are. > > > > > > Should I just revert this patch in the stable tree, or add some other > > > patch (like the one pointed out here, which seems an odd patch for > > > stable...) > > > > ... or backport the above patch, that should be save to do too. Not > > sure what stable folks prefer? > > The above patch does not apply to all of the stable branches, so how > about I just revert this? People can live with this option not able to > turn off for now, and if they really want it, they can use a newer > kernel, right? Lots of people can live with root holes in their kernels, it's still not a great idea :-) Plan B would be to fix all the legacy ioctls and close all the exploits in there, which absolutely no one wants to spend time on. This way the only people who'll suffer are the ones with horribly outdated userspace (and at that point who cares about a few more exploits). We should maybe update the help text to tell people they really shouldn't enable this, the default y is really just to avoid regression reports :-) -Daniel -- Daniel Vetter Software Engineer, Intel Corporation +41 (0) 79 365 57 48 - http://blog.ffwll.ch