From patchwork Fri Nov  1 13:03:10 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emil Velikov <emil.l.velikov@gmail.com>
X-Patchwork-Id: 11223105
Return-Path: <SRS0=WY+K=YZ=lists.freedesktop.org=dri-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 237FB1747
	for <patchwork-dri-devel@patchwork.kernel.org>;
 Fri,  1 Nov 2019 13:05:18 +0000 (UTC)
Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 0B0B3217D9
	for <patchwork-dri-devel@patchwork.kernel.org>;
 Fri,  1 Nov 2019 13:05:18 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0B0B3217D9
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=dri-devel-bounces@lists.freedesktop.org
Received: from gabe.freedesktop.org (localhost [127.0.0.1])
	by gabe.freedesktop.org (Postfix) with ESMTP id 5D5A66E21F;
	Fri,  1 Nov 2019 13:05:13 +0000 (UTC)
X-Original-To: dri-devel@lists.freedesktop.org
Delivered-To: dri-devel@lists.freedesktop.org
Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com
 [IPv6:2a00:1450:4864:20::344])
 by gabe.freedesktop.org (Postfix) with ESMTPS id 435D96E21E
 for <dri-devel@lists.freedesktop.org>; Fri,  1 Nov 2019 13:05:11 +0000 (UTC)
Received: by mail-wm1-x344.google.com with SMTP id 11so9299552wmk.0
 for <dri-devel@lists.freedesktop.org>; Fri, 01 Nov 2019 06:05:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=ll9eeyCkfU/EMzR1UDcgIxHkDALIOtrpeq3qFTQ/A3g=;
 b=hnfGKIIKuDRMW9jabp7F3b1HSJcOHvcxFx7eLl14MBGgk07RjxbCICdLSaryaHRzjt
 XlLqWmS2me2ZGJpAHfHKwDPEK/hqBAmh7WhxpzCBt68lyjz5t9PKVuir9w/FqupC+ikg
 C0MBnO6aE1AIqaGSVodsrpoleSkVNteWw7B5rvkaYxGU7SEMH9aSvtIvzKYskoZMuwZd
 61GSkUQ9MqCkEHt2ToqgIw2t4/p1t2TThYGNfy+h48aoh8cOEe9T60p8OuMWamWicg3d
 E62Xhm2Api7lMCGb9frh2uQ/yRyj1zlHUzAmT+eEZ9TEQ9r0FuNTMHiU6XOcWXtgfPgB
 GzzA==
X-Gm-Message-State: APjAAAVKAN4697Rl7kHXcAY5MnaF77SpegkrJKGeOrHlvDMi0Kc0gWxW
 +RmcIsnFs5Vm9PwwZRfrmeKwUhWC
X-Google-Smtp-Source: 
 APXvYqw9ZK4XM7bgq9LfycVRO4MO2UCIUO/mA3mwniyNaY/oO5tCz3U3jcF1s2XUnCgOcgEKVRkgdQ==
X-Received: by 2002:a7b:cb89:: with SMTP id m9mr8250573wmi.141.1572613508560;
 Fri, 01 Nov 2019 06:05:08 -0700 (PDT)
Received: from arch-x1c3.cbg.collabora.co.uk
 ([2a00:5f00:102:0:9665:9cff:feee:aa4d])
 by smtp.gmail.com with ESMTPSA id a15sm2450562wmm.12.2019.11.01.06.05.07
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 01 Nov 2019 06:05:07 -0700 (PDT)
From: Emil Velikov <emil.l.velikov@gmail.com>
To: dri-devel@lists.freedesktop.org
Subject: [PATCH 2/5] drm/vmwgfx: check master authentication in surface_ref
 ioctls
Date: Fri,  1 Nov 2019 13:03:10 +0000
Message-Id: <20191101130313.8862-2-emil.l.velikov@gmail.com>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20191101130313.8862-1-emil.l.velikov@gmail.com>
References: <20191101130313.8862-1-emil.l.velikov@gmail.com>
MIME-Version: 1.0
X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=ll9eeyCkfU/EMzR1UDcgIxHkDALIOtrpeq3qFTQ/A3g=;
 b=YqJMzMQkn6Gci/rGM1NxNVkt6VenoqsAhC27NhEKC43F4CJ9Fo3EKnhfqpsHeHah/H
 W8bpTl4Wysl5b6LcxKHOT+SSxP3EtqbPsoPr+wAo8PM2L1Px/inxLY62k094Xf3uEMxZ
 c0V6STJmAYeeJfUykl9/npyUKyR9In5oLvTfPCXJHqNrGWAov+s+v5Ns18CRJrT1/ip/
 O/NVISvqyEJVmDXSd7qp7ObqylXnqc/yhYdndPQUBsIdKueiTrpxq4DO/Sx2J6CrhRSk
 pwUSMdqFI4FhjV7Vq3HEC/rHYKNQZPVvVVoV43ywxqF4/6Un6sRZumURr9erci579odo
 qUIg==
X-BeenThere: dri-devel@lists.freedesktop.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Direct Rendering Infrastructure - Development
 <dri-devel.lists.freedesktop.org>
List-Unsubscribe: <https://lists.freedesktop.org/mailman/options/dri-devel>,
 <mailto:dri-devel-request@lists.freedesktop.org?subject=unsubscribe>
List-Archive: <https://lists.freedesktop.org/archives/dri-devel>
List-Post: <mailto:dri-devel@lists.freedesktop.org>
List-Help: <mailto:dri-devel-request@lists.freedesktop.org?subject=help>
List-Subscribe: <https://lists.freedesktop.org/mailman/listinfo/dri-devel>,
 <mailto:dri-devel-request@lists.freedesktop.org?subject=subscribe>
Cc: VMware Graphics <linux-graphics-maintainer@vmware.com>,
 Thomas Hellstrom <thellstrom@vmware.com>, emil.l.velikov@gmail.com
Errors-To: dri-devel-bounces@lists.freedesktop.org
Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>

From: Emil Velikov <emil.velikov@collabora.com>

With later commit we'll rework DRM authentication handling. Namely
DRM_AUTH will not be a requirement for DRM_RENDER_ALLOW ioctls.

Since vmwgfx does isolation for primary clients in different master
realms, the DRM_AUTH can be dropped.

The only place where authentication matters, is surface_reference ioctls
whenever a legacy (non-prime) handle is used. For those ioctls we call
vmw_surface_handle_reference(), where we explicitly check if the client
is both a) master and b) unauthenticated - bailing out as result.

Otherwise the usual isolation path kicks in and we're all good.

v2: Reword commit message, since the isolation work has landed.

Cc: VMware Graphics <linux-graphics-maintainer@vmware.com>
Cc: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
---
 drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
index 1f989f3605c8..596e5c1bc2c1 100644
--- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
@@ -936,6 +936,13 @@ vmw_surface_handle_reference(struct vmw_private *dev_priv,
 		user_srf = container_of(base, struct vmw_user_surface,
 					prime.base);
 
+		/* Error out if we are unauthenticated master */
+		if (drm_is_primary_client(file_priv) &&
+		    !file_priv->authenticated) {
+			ret = -EACCES;
+			goto out_bad_resource;
+		}
+
 		/*
 		 * Make sure the surface creator has the same
 		 * authenticating master, or is already registered with us.