| Message ID | 1434721949-25732-2-git-send-email-daniel.thompson@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Fri, Jun 19, 2015 at 02:52:28PM +0100, Daniel Thompson wrote: > Currently DRM_IOCTL_PRIME_HANDLE_TO_FD rejects all flags except > (DRM|O)_CLOEXEC making it difficult (maybe impossible) for userspace > to mmap() the resulting dma-buf even when this is supported by the > DRM driver. > > It is trivial to relax the restriction and permit read/write access. > This is safe because the flags are seldom touched by drm; mostly they > are passed verbatim to dma_buf calls. > > Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> > --- > drivers/gpu/drm/drm_prime.c | 9 +++------ > include/uapi/drm/drm.h | 1 + > 2 files changed, 4 insertions(+), 6 deletions(-) > > diff --git a/drivers/gpu/drm/drm_prime.c b/drivers/gpu/drm/drm_prime.c > index 7fec191b45f7..6d2cf4fb4038 100644 > --- a/drivers/gpu/drm/drm_prime.c > +++ b/drivers/gpu/drm/drm_prime.c > @@ -331,7 +331,7 @@ static const struct dma_buf_ops drm_gem_prime_dmabuf_ops = { > * drm_gem_prime_export - helper library implementation of the export callback > * @dev: drm_device to export from > * @obj: GEM object to export > - * @flags: flags like DRM_CLOEXEC > + * @flags: flags like DRM_CLOEXEC and DRM_RDWR > * > * This is the implementation of the gem_prime_export functions for GEM drivers > * using the PRIME helpers. > @@ -639,14 +639,11 @@ int drm_prime_handle_to_fd_ioctl(struct drm_device *dev, void *data, > return -ENOSYS; > > /* check flags are valid */ > - if (args->flags & ~DRM_CLOEXEC) > + if (args->flags & ~(DRM_CLOEXEC | DRM_RDWR)) > return -EINVAL; I think we should reject DRM_RDWR if there's no mmap implementation in the underlying dma-buf vfunc table. Or in the gem version of those. Otherwise looks ok to me, if we first resolve the dma-buf userspace mmap coherency issue. -Daniel > > - /* we only want to pass DRM_CLOEXEC which is == O_CLOEXEC */ > - flags = args->flags & DRM_CLOEXEC; > - > return dev->driver->prime_handle_to_fd(dev, file_priv, > - args->handle, flags, &args->fd); > + args->handle, args->flags, &args->fd); > } > > int drm_prime_fd_to_handle_ioctl(struct drm_device *dev, void *data, > diff --git a/include/uapi/drm/drm.h b/include/uapi/drm/drm.h > index ff6ef62d084b..092fe3fa8ec0 100644 > --- a/include/uapi/drm/drm.h > +++ b/include/uapi/drm/drm.h > @@ -668,6 +668,7 @@ struct drm_set_client_cap { > __u64 value; > }; > > +#define DRM_RDWR O_RDWR > #define DRM_CLOEXEC O_CLOEXEC > struct drm_prime_handle { > __u32 handle; > -- > 2.4.3 > > _______________________________________________ > dri-devel mailing list > dri-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/dri-devel
diff --git a/drivers/gpu/drm/drm_prime.c b/drivers/gpu/drm/drm_prime.c index 7fec191b45f7..6d2cf4fb4038 100644 --- a/drivers/gpu/drm/drm_prime.c +++ b/drivers/gpu/drm/drm_prime.c @@ -331,7 +331,7 @@ static const struct dma_buf_ops drm_gem_prime_dmabuf_ops = { * drm_gem_prime_export - helper library implementation of the export callback * @dev: drm_device to export from * @obj: GEM object to export - * @flags: flags like DRM_CLOEXEC + * @flags: flags like DRM_CLOEXEC and DRM_RDWR * * This is the implementation of the gem_prime_export functions for GEM drivers * using the PRIME helpers. @@ -639,14 +639,11 @@ int drm_prime_handle_to_fd_ioctl(struct drm_device *dev, void *data, return -ENOSYS; /* check flags are valid */ - if (args->flags & ~DRM_CLOEXEC) + if (args->flags & ~(DRM_CLOEXEC | DRM_RDWR)) return -EINVAL; - /* we only want to pass DRM_CLOEXEC which is == O_CLOEXEC */ - flags = args->flags & DRM_CLOEXEC; - return dev->driver->prime_handle_to_fd(dev, file_priv, - args->handle, flags, &args->fd); + args->handle, args->flags, &args->fd); } int drm_prime_fd_to_handle_ioctl(struct drm_device *dev, void *data, diff --git a/include/uapi/drm/drm.h b/include/uapi/drm/drm.h index ff6ef62d084b..092fe3fa8ec0 100644 --- a/include/uapi/drm/drm.h +++ b/include/uapi/drm/drm.h @@ -668,6 +668,7 @@ struct drm_set_client_cap { __u64 value; }; +#define DRM_RDWR O_RDWR #define DRM_CLOEXEC O_CLOEXEC struct drm_prime_handle { __u32 handle;
Currently DRM_IOCTL_PRIME_HANDLE_TO_FD rejects all flags except (DRM|O)_CLOEXEC making it difficult (maybe impossible) for userspace to mmap() the resulting dma-buf even when this is supported by the DRM driver. It is trivial to relax the restriction and permit read/write access. This is safe because the flags are seldom touched by drm; mostly they are passed verbatim to dma_buf calls. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> --- drivers/gpu/drm/drm_prime.c | 9 +++------ include/uapi/drm/drm.h | 1 + 2 files changed, 4 insertions(+), 6 deletions(-)