From patchwork Mon May 27 08:17:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962229 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0271213AD for ; Mon, 27 May 2019 08:19:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E89C428A05 for ; Mon, 27 May 2019 08:19:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DCE1628AB7; Mon, 27 May 2019 08:19:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 45D0E28A05 for ; Mon, 27 May 2019 08:19:19 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id C1D9089831; Mon, 27 May 2019 08:19:15 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by gabe.freedesktop.org (Postfix) with ESMTPS id DA93289791; Mon, 27 May 2019 08:19:14 +0000 (UTC) Received: by mail-wm1-x342.google.com with SMTP id t5so14877215wmh.3; Mon, 27 May 2019 01:19:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=4VoQ1zIsBrLpc/Iweg3AnxDqnQQ32BWk7DUxP8iFack=; b=ocYwLOIuqu6G3r8pkXEreyMkj0VryS8B526M6dQqpECBvUsmHSzVYivVxRXUbXPHAd LJag2r+6WdpJAGkp/NBKl7iGXlS8ewLYFrqrZYlpW+T+qic6RQaWYk8xHRz63q8+HkE7 Heydzzn/7yRTtX7Q2eu6j3GZvcHxDgm5e9EyKrhCQnj89k0OYI+u9zZu1QRLLH44C7YR QyfX1kRuNxKpFJOFW4G9CSJDo6eVHGj3y5y9FHqB8QhHx0q1+sk1U1EAFDUD/c464piL 8aWvmrrBq1Q1bUucyIqLcIQ8D4up0nNSpw2fy0zOU4FIpkQlLf0uTLA5nLy2SfhsSm/I VW1g== X-Gm-Message-State: APjAAAV6Zj5xy9HhD1W7Z7gPP+fQ6ECeQvWIB5IXX7rzgrd65nSI0SlZ SgbPTa7LiVrF8lU54iXowCpQHTYg X-Google-Smtp-Source: APXvYqxAj7R3cd6JOPhNZoFWxIyP6rneBrfg50I65SKdPfA+ycRMrnHgRK2ei6xXj6siX7OTBxgVqw== X-Received: by 2002:a1c:9c8c:: with SMTP id f134mr9129478wme.95.1558945153256; Mon, 27 May 2019 01:19:13 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:12 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 01/13] drm/amdgpu: introduce and honour DRM_FORCE_AUTH workaround Date: Mon, 27 May 2019 09:17:29 +0100 Message-Id: <20190527081741.14235-1-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=4VoQ1zIsBrLpc/Iweg3AnxDqnQQ32BWk7DUxP8iFack=; b=oGvE1p0J0Egq3p74gmZugfdomaGEhOCqtbkZ7yfLSq/8b5oxpu5T+mypYxkQDnHSPR kh8tzr+Umo20IkdQhIsqX4M80PKgzR20MWNooOPAkke7YLN5d9BLjpHXb9P8JjafuOsW niGM3oDOB4G5HSm70e3zMfzgGrrbNtx+YNKJprB0MvOVERmHuqOWItbWzaADpwK/+aD6 gYZyF2tMGXFjftn9NtZr9EODhOaqDiYcIUylN7W24zPC8mK/HmRohw4SmkPxS0LMNVGm YU3Q5oIQriSVHSceWGC/KVnyPehaHXsZPktXOUO+I4u3L8rHv1WfikylAw7aJ4zh5ka4 tipw== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, amd-gfx@lists.freedesktop.org, Alex Deucher , =?utf-8?q?Christian_K=C3=B6nig?= Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov Currently one can circumvent DRM_AUTH, when the ioctl is exposed via the render node. A seemingly deliberate design decision. Hence we can drop the DRM_AUTH all together (details in follow-up patch) yet not all userspace checks if it's authenticated, but instead uses uncommon assumptions. After days of digging through git log and testing, only a single (ab)use was spotted - the Mesa RADV driver, using the AMDGPU_INFO ioctl and assuming that failure implies lack of authentication. Affected versions are: - the whole 18.2.x series, which is EOL - the whole 18.3.x series, which is EOL - the 19.0.x series, prior to 19.0.4 Add a special quirk for that case, thus we can drop DRM_AUTH bits as mentioned earlier. Since all the affected userspace is EOL, we also add a kconfig option to disable this quirk. The whole approach is inspired by DRIVER_KMS_LEGACY_CONTEXT Cc: Alex Deucher Cc: Christian König Cc: amd-gfx@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/amd/amdgpu/Kconfig | 16 ++++++++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 12 +++++++++++- drivers/gpu/drm/drm_ioctl.c | 5 +++++ include/drm/drm_ioctl.h | 17 +++++++++++++++++ 4 files changed, 49 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/amdgpu/Kconfig b/drivers/gpu/drm/amd/amdgpu/Kconfig index 9221e5489069..da415f445187 100644 --- a/drivers/gpu/drm/amd/amdgpu/Kconfig +++ b/drivers/gpu/drm/amd/amdgpu/Kconfig @@ -40,6 +40,22 @@ config DRM_AMDGPU_GART_DEBUGFS Selecting this option creates a debugfs file to inspect the mapped pages. Uses more memory for housekeeping, enable only for debugging. +config DRM_AMDGPU_FORCE_AUTH + bool "Force authentication check on AMDGPU_INFO ioctl" + default y + help + There were some version of the Mesa RADV drivers, which relied on + the ioctl failing, if the client is not authenticated. + + Namely, the following versions are affected: + - the whole 18.2.x series, which is EOL + - the whole 18.3.x series, which is EOL + - the 19.0.x series, prior to 19.0.4 + + Modern distributions, should disable this. That will allow various + other clients to work, that would otherwise require root privileges. + + source "drivers/gpu/drm/amd/acp/Kconfig" source "drivers/gpu/drm/amd/display/Kconfig" source "drivers/gpu/drm/amd/amdkfd/Kconfig" diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c index b17d0545728e..b8076929440b 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c @@ -1214,7 +1214,17 @@ const struct drm_ioctl_desc amdgpu_ioctls_kms[] = { DRM_IOCTL_DEF_DRV(AMDGPU_GEM_MMAP, amdgpu_gem_mmap_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_GEM_WAIT_IDLE, amdgpu_gem_wait_idle_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_CS, amdgpu_cs_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_INFO, amdgpu_info_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + /* The DRM_FORCE_AUTH is effectively a workaround for the RADV Mesa driver. + * This is required for Mesa: + * - the whole 18.2.x series, which is EOL + * - the whole 18.3.x series, which is EOL + * - the 19.0.x series, prior to 19.0.4 + */ + DRM_IOCTL_DEF_DRV(AMDGPU_INFO, amdgpu_info_ioctl, +#if defined(DRM_AMDGPU_FORCE_AUTH) + DRM_FORCE_AUTH| +#endif + DRM_AUTH|DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_CS, amdgpu_cs_wait_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_FENCES, amdgpu_cs_wait_fences_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_GEM_METADATA, amdgpu_gem_metadata_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index 2263e3ddd822..9841c0076f02 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c @@ -544,6 +544,11 @@ int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) drm_is_render_client(file_priv))) return -EACCES; + /* FORCE_AUTH is only for authenticated or render client */ + if (unlikely((flags & DRM_FORCE_AUTH) && !drm_is_render_client(file_priv) && + !file_priv->authenticated)) + return -EACCES; + return 0; } EXPORT_SYMBOL(drm_ioctl_permit); diff --git a/include/drm/drm_ioctl.h b/include/drm/drm_ioctl.h index fafb6f592c4b..6084ee32043d 100644 --- a/include/drm/drm_ioctl.h +++ b/include/drm/drm_ioctl.h @@ -126,6 +126,23 @@ enum drm_ioctl_flags { * not set DRM_AUTH because they do not require authentication. */ DRM_RENDER_ALLOW = BIT(5), + /** + * @DRM_FORCE_AUTH: + * + * Authentication of the primary node is mandatory. Regardless that the + * user can usually circumvent that by using the render node with exact + * same ioctl. + * + * Note: this is effectively a workaround for AMDGPU AMDGPU_INFO ioctl + * and the RADV Mesa driver. This is required for Mesa: + * - the whole 18.2.x series, which is EOL + * - the whole 18.3.x series, which is EOL + * - the 19.0.x series, prior to 19.0.4 + * + * Note: later patch will effectively drop the DRM_AUTH for ioctls + * annotated as DRM_AUTH | DRM_RENDER_ALLOW. + */ + DRM_FORCE_AUTH = BIT(6), }; /** From patchwork Mon May 27 08:17:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962231 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CA69F13AD for ; Mon, 27 May 2019 08:19:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BD1CA28A05 for ; Mon, 27 May 2019 08:19:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B1B7D28AB7; Mon, 27 May 2019 08:19:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4FB7E28A05 for ; Mon, 27 May 2019 08:19:23 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 46E9689838; Mon, 27 May 2019 08:19:19 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by gabe.freedesktop.org (Postfix) with ESMTPS id F283889838; Mon, 27 May 2019 08:19:15 +0000 (UTC) Received: by mail-wm1-x342.google.com with SMTP id 7so14871589wmo.2; Mon, 27 May 2019 01:19:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EEx6GLpwpLMrac0KUjPwNfuGxGJ+ZiB6i/lfUJyv/bs=; b=KfmlHBCeUoh4YpwHOQLpR3SqSPgafAPw1qJG14ERJ3m7QL/b/fdGTD4VFOaX0a5Rvf Ih+1RaUZzHMDiZ1CpVKkrKfn/ZVNbWzTUMFe7tE6pAKCCb7EQMmVhJoXLaDuPFIQgJQj ebQ6Zo+5YSiDMhnBBweZ97BlaxVFDljTzDH9fJiaySA0EfeZ+HbudxApIJh7g1a4r2ea 02oCBh69SIoxNvE5iuPSp0yohQfKoEmvqYiUNDDG6To/WobDWTqo69qViUZ2DaWPQ3b5 Ht8Muw9hTw0oGBd9U4RlY6tWrN23bFiI2t1qgirMCXl+NiSnM+23z4xqzKXCoIQ8N+lj 1DIw== X-Gm-Message-State: APjAAAUPkxW5VG42p82TJGXKwgdzKiemNoVZxjDpuECc791q11WCYxbZ U4yna1q/FxBLO+7/H8zQ71QesC/p X-Google-Smtp-Source: APXvYqztdcYb6dYrvIiP7iPDiHMBcRtL24XZSdZG0bG7lFg82wfrRbPMW3vqKfyjnFZfln4HfoDJKA== X-Received: by 2002:a1c:51:: with SMTP id 78mr17639098wma.9.1558945154450; Mon, 27 May 2019 01:19:14 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:13 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 02/13] drm/amdgpu: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:30 +0100 Message-Id: <20190527081741.14235-2-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=EEx6GLpwpLMrac0KUjPwNfuGxGJ+ZiB6i/lfUJyv/bs=; b=jpo+cYb/q6T0xMm4JQtyPM4NYhQroYKHXJEe81Gi7Z5Hek4YfzDqkMoaGfhzZyt92s 8hq1tENOGEI31sj8ZgFbUG+PkmJgW2d6g/HlTGAKBR1P0y/+5NIHA2phSfKlLf+e9Hpe XtilhFHRz6400gKprYQiIH8gH6hexe8bt8qCcdvIlNIuIQS4OGrlFMRlatx1WPnVg66H buMQwGLFYkaR5oBhlEGwwmAiYxoujddnKGmHJk1YaghTtj3abVU8FDGh9vAOfUyHNoBj 93KeyEExH2p22shKVlbraQNwRI3MXTvYTHR7buB6vYD93PqDJzDqJFxFuueHQnGqncHb 4uxw== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, amd-gfx@lists.freedesktop.org, Alex Deucher , =?utf-8?q?Christian_K=C3=B6nig?= Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV htere is no distinction between primary and render nodes, thus we can drop the token. Note: authentication is required on a single ioctl, due to a bug in userspace. The issue has been fixed recently, but as an interim solution we're using DRM_FORCE_AUTH for the ioctl. Cc: Alex Deucher Cc: Christian König Cc: amd-gfx@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 31 +++++++++++++------------ 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c index b8076929440b..6c2ba38a33ff 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c @@ -1204,16 +1204,16 @@ void amdgpu_disable_vblank_kms(struct drm_device *dev, unsigned int pipe) } const struct drm_ioctl_desc amdgpu_ioctls_kms[] = { - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_CREATE, amdgpu_gem_create_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_CTX, amdgpu_ctx_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_VM, amdgpu_vm_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_CREATE, amdgpu_gem_create_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_CTX, amdgpu_ctx_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_VM, amdgpu_vm_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(AMDGPU_SCHED, amdgpu_sched_ioctl, DRM_MASTER), - DRM_IOCTL_DEF_DRV(AMDGPU_BO_LIST, amdgpu_bo_list_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_FENCE_TO_HANDLE, amdgpu_cs_fence_to_handle_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_BO_LIST, amdgpu_bo_list_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_FENCE_TO_HANDLE, amdgpu_cs_fence_to_handle_ioctl, DRM_RENDER_ALLOW), /* KMS */ - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_MMAP, amdgpu_gem_mmap_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_WAIT_IDLE, amdgpu_gem_wait_idle_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_CS, amdgpu_cs_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_MMAP, amdgpu_gem_mmap_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_WAIT_IDLE, amdgpu_gem_wait_idle_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_CS, amdgpu_cs_ioctl, DRM_RENDER_ALLOW), /* The DRM_FORCE_AUTH is effectively a workaround for the RADV Mesa driver. * This is required for Mesa: * - the whole 18.2.x series, which is EOL @@ -1224,13 +1224,14 @@ const struct drm_ioctl_desc amdgpu_ioctls_kms[] = { #if defined(DRM_AMDGPU_FORCE_AUTH) DRM_FORCE_AUTH| #endif - DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_CS, amdgpu_cs_wait_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_FENCES, amdgpu_cs_wait_fences_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_METADATA, amdgpu_gem_metadata_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_VA, amdgpu_gem_va_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_OP, amdgpu_gem_op_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(AMDGPU_GEM_USERPTR, amdgpu_gem_userptr_ioctl, DRM_AUTH|DRM_RENDER_ALLOW) + DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_INFO, amdgpu_info_ioctl, DRM_FORCE_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_CS, amdgpu_cs_wait_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_WAIT_FENCES, amdgpu_cs_wait_fences_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_METADATA, amdgpu_gem_metadata_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_VA, amdgpu_gem_va_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_OP, amdgpu_gem_op_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(AMDGPU_GEM_USERPTR, amdgpu_gem_userptr_ioctl, DRM_RENDER_ALLOW) }; const int amdgpu_max_kms_ioctl = ARRAY_SIZE(amdgpu_ioctls_kms); From patchwork Mon May 27 08:17:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962233 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AA54A1390 for ; Mon, 27 May 2019 08:19:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9DC3628A05 for ; Mon, 27 May 2019 08:19:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9230C28A49; Mon, 27 May 2019 08:19:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 44B6D28AEC for ; Mon, 27 May 2019 08:19:25 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 95CF58994D; Mon, 27 May 2019 08:19:19 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by gabe.freedesktop.org (Postfix) with ESMTPS id 03D3289838; Mon, 27 May 2019 08:19:17 +0000 (UTC) Received: by mail-wm1-x344.google.com with SMTP id y3so15204705wmm.2; Mon, 27 May 2019 01:19:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YqbHVq5QUABl2P9Yv89r7+mrOBqsSmMjqGDxZ3MKSaI=; b=Mft8WsZYYYDr/jJFAV/mAkmTCg6pA3LY6TVP0fYyM1Ul1frZmwr/6BuWpRMwfi24MQ W25ktC/4SYYQbuZMzgiSG4XDISvpVtEtMvnJAr/kTCcgbRhiIbcVe0+hKJbIvUsKApJI B4rAFdpxtiIBgxZJvh+f0PIl7VWh7/Qu3q4L3E6h1dCm28cmTVVSo/8sSysxV8L86VQs 7axYEsu2qvZ5xaRxaEkMrOaR8r75ZF/Dt04YAsMZaxplAStrBwhyC8cNMeM6h3Ik4/8U y0ZkzAdFT3jiU4BOJ1tYiuZius+/ffeOd96l71XceQouFkzEhUKNHynWmEREGBfiXkhY p+MA== X-Gm-Message-State: APjAAAXvmh8WKbxPOJprr03pLgIa0pn4kaNnymABe8ZiU5K/yLv8lRt2 BgwAhFKSHF2mrZyg1iu95DE9/CRk X-Google-Smtp-Source: APXvYqzMAY82FdaZxpr6+J+7Ij1Skdd4lNvE7yNQY8NWQEUaVDaszF01tPS0FeXynIxWoQkhOX5FgA== X-Received: by 2002:a1c:ca0b:: with SMTP id a11mr26365524wmg.52.1558945155520; Mon, 27 May 2019 01:19:15 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:15 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 03/13] drm/etnaviv: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:31 +0100 Message-Id: <20190527081741.14235-3-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=YqbHVq5QUABl2P9Yv89r7+mrOBqsSmMjqGDxZ3MKSaI=; b=hqrH1vmVkL61um7n9rCaWixSzOmReSb23vvnn7yiOxnRwZV8GjqD7b7mq9JHRc+iyz d3I8SLBssTPML6Zm+wKV7W42uPcF1446L6Kq9T6IxYO30ZaSHw/FA7i7tFyHOi5Kcpfx xAEJT6eIFFzDFw5NPplvkwDAK39xQXK3E9PrLyIrrA9khSqrIn/7678SFCkxOiTM5Nvn coMccJnsityP1ZVyPCGq6CDHv0kxPrtjs0BtIlMzJXiX0oVfvuzjexzBAT+JKruHcJg8 4ZIzoHqlEIK4oO/2L0WexcjKbCdbItBTw3o2CHhbwaUBTEaEJIR9iBjBMoYt+ImZ0ASY Z23g== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, etnaviv@lists.freedesktop.org Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: Lucas Stach Cc: Christian Gmeiner Cc: etnaviv@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov Reviewed-by: Christian Gmeiner --- drivers/gpu/drm/etnaviv/etnaviv_drv.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/drivers/gpu/drm/etnaviv/etnaviv_drv.c b/drivers/gpu/drm/etnaviv/etnaviv_drv.c index 7eb7cf9c3fa8..a3076704ba4f 100644 --- a/drivers/gpu/drm/etnaviv/etnaviv_drv.c +++ b/drivers/gpu/drm/etnaviv/etnaviv_drv.c @@ -430,17 +430,17 @@ static int etnaviv_ioctl_pm_query_sig(struct drm_device *dev, void *data, static const struct drm_ioctl_desc etnaviv_ioctls[] = { #define ETNA_IOCTL(n, func, flags) \ DRM_IOCTL_DEF_DRV(ETNAVIV_##n, etnaviv_ioctl_##func, flags) - ETNA_IOCTL(GET_PARAM, get_param, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_NEW, gem_new, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_INFO, gem_info, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_CPU_PREP, gem_cpu_prep, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_CPU_FINI, gem_cpu_fini, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_SUBMIT, gem_submit, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(WAIT_FENCE, wait_fence, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_USERPTR, gem_userptr, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(GEM_WAIT, gem_wait, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(PM_QUERY_DOM, pm_query_dom, DRM_AUTH|DRM_RENDER_ALLOW), - ETNA_IOCTL(PM_QUERY_SIG, pm_query_sig, DRM_AUTH|DRM_RENDER_ALLOW), + ETNA_IOCTL(GET_PARAM, get_param, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_NEW, gem_new, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_INFO, gem_info, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_CPU_PREP, gem_cpu_prep, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_CPU_FINI, gem_cpu_fini, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_SUBMIT, gem_submit, DRM_RENDER_ALLOW), + ETNA_IOCTL(WAIT_FENCE, wait_fence, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_USERPTR, gem_userptr, DRM_RENDER_ALLOW), + ETNA_IOCTL(GEM_WAIT, gem_wait, DRM_RENDER_ALLOW), + ETNA_IOCTL(PM_QUERY_DOM, pm_query_dom, DRM_RENDER_ALLOW), + ETNA_IOCTL(PM_QUERY_SIG, pm_query_sig, DRM_RENDER_ALLOW), }; static const struct vm_operations_struct vm_ops = { From patchwork Mon May 27 08:17:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962235 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A9F9B13AD for ; Mon, 27 May 2019 08:19:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9C68928A05 for ; Mon, 27 May 2019 08:19:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 90D5C28AB9; Mon, 27 May 2019 08:19:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1D7BF28A05 for ; Mon, 27 May 2019 08:19:27 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 0993C89954; Mon, 27 May 2019 08:19:21 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by gabe.freedesktop.org (Postfix) with ESMTPS id 2124189838 for ; Mon, 27 May 2019 08:19:18 +0000 (UTC) Received: by mail-wm1-x341.google.com with SMTP id y3so15204745wmm.2 for ; Mon, 27 May 2019 01:19:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3ohXizjfAaR462L3eOhvMCvBzEMDgTc7BEV6UBo4dGE=; b=LYt6+pCY+4mQGQltHZwS1IXeF/12PWuHQbDbOAVfmoDthq5MNz33eO8u79QObfOBYb 7UmeEq4RGjag6RNr+1JSLEjKIs9ZjexLlod7ZxEpy2PADOQ21laSxvmlBVK30FCMS/OA DYQhZe9vtwWrf55Vs+jFg0dhGlEa6RHXieb0hSiiqlTh8dCkyLV/g1livsOXAxRe7eML 38ayMFtXiJuqw8Nb1M7bVdbtcpIqhbNEOLwUZrodp3KFgCbaPdKXvHg9k9CplU2tmM61 321VxFNzML8Lo9yzyKctiP4JOYptcN/GqwXz7XP/8oYJPzCucDvL2AsBWyiBcisBt34K grRw== X-Gm-Message-State: APjAAAVVr8n8SgK3xC2rQniRXhxDIA3L/WiqIWkMhvNlC+E1I67xxdI2 dFcndEltRh8WbM7DyiOu6Y8HUB2L X-Google-Smtp-Source: APXvYqwM7nYzliBoIjpj58mCPP/+W/58TrYzTpfoxNejsGEBc3js5DryEqMOVBbs2kTJ3p7CLvVQ2w== X-Received: by 2002:a7b:c3c3:: with SMTP id t3mr26065327wmj.88.1558945156587; Mon, 27 May 2019 01:19:16 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:16 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 04/13] drm/exynos: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls Date: Mon, 27 May 2019 09:17:32 +0100 Message-Id: <20190527081741.14235-4-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3ohXizjfAaR462L3eOhvMCvBzEMDgTc7BEV6UBo4dGE=; b=rmw4CxgmbUUZCVNJPr2fRPED5on9xKPuk91IF6HnoRTBX4k7DWvoaef+lOv5fkJVKG MRZVEjpKMnWv/O/qUKjnuH9zrJ6CWyr9GhrMyQGwfLOS22FGYGKaP5OQ4rhBCqJj7vcY t4v8R2e0dVLI6b5evLtAl2xBGeQqyHOdTEMTPxInrwAsm1ki+f/SSgVB9Sbmk9Sksg0F KZMnh5GO1dEoRFKgR9ha90drp3eiBrFaRR/8zIhjT6cqtAW16+LQiTUGtUD1IKgZn3Sr yncUJN1CVNivZTTSFeeMe/xsWvxfZsBf13nHUrQ1HuXxl1rXfEZMHI7pjULXVgBrf4hA 9OKA== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: emil.l.velikov@gmail.com, Seung-Woo Kim , Tobias Jakobi , Kyungmin Park Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: Inki Dae Cc: Joonyoung Shim Cc: Seung-Woo Kim Cc: Kyungmin Park Cc: Tobias Jakobi Signed-off-by: Emil Velikov Acked-by: Inki Dae --- Gents, I've looked around for userspace and found only libdrm - the exynos library + simple apps and the X driver. All of which are safe with this patch. Please have a look through other some open-source userspace that you have around. Tobias, you mentioned userspace projects (mpv, libretro, other) where you've added exynos backend. Can you please check they work fine with this patch? Thanks Emil --- drivers/gpu/drm/exynos/exynos_drm_drv.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c index e1ef9dc9ebf3..b461d89accff 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c @@ -81,29 +81,29 @@ static const struct vm_operations_struct exynos_drm_gem_vm_ops = { static const struct drm_ioctl_desc exynos_ioctls[] = { DRM_IOCTL_DEF_DRV(EXYNOS_GEM_CREATE, exynos_drm_gem_create_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_GEM_MAP, exynos_drm_gem_map_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_GEM_GET, exynos_drm_gem_get_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_VIDI_CONNECTION, vidi_connection_ioctl, DRM_AUTH), DRM_IOCTL_DEF_DRV(EXYNOS_G2D_GET_VER, exynos_g2d_get_ver_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_G2D_SET_CMDLIST, exynos_g2d_set_cmdlist_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_G2D_EXEC, exynos_g2d_exec_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_IPP_GET_RESOURCES, exynos_drm_ipp_get_res_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_IPP_GET_CAPS, exynos_drm_ipp_get_caps_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_IPP_GET_LIMITS, exynos_drm_ipp_get_limits_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(EXYNOS_IPP_COMMIT, exynos_drm_ipp_commit_ioctl, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), }; static const struct file_operations exynos_drm_driver_fops = { From patchwork Mon May 27 08:17:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962245 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6189513AD for ; Mon, 27 May 2019 08:19:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5441D289A6 for ; Mon, 27 May 2019 08:19:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 48D3828A05; Mon, 27 May 2019 08:19:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,UPPERCASE_50_75 autolearn=unavailable version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id EF66828A49 for ; Mon, 27 May 2019 08:19:40 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 0FFF6899A5; Mon, 27 May 2019 08:19:28 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by gabe.freedesktop.org (Postfix) with ESMTPS id 873C189948; Mon, 27 May 2019 08:19:19 +0000 (UTC) Received: by mail-wm1-x342.google.com with SMTP id z23so10813091wma.4; Mon, 27 May 2019 01:19:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EzMIqXAbWE/gV2RBZB2W7ChrFwajusw59ENhgOUcS9g=; b=qozXh27R1298w18vqvIFfd9X31p3iMTwdIXt0aWt+/LM5rtkXi0dJ3ZlyGu2Zzzxry Htt6h/FEyjN19R8qoahdY/AXRcVrhs160rctUE8J2AalBeqMra/2jomqy7qhJsr/ILQo E7chGnlKoDU020SSetXSNY3OvDuXEBlhK9q6bWZDS61ISqr7FrpFtwTOukw0tdlSeUIw XdENcbwtYFxXLrhkmD02NJp1k7pYanQxLGr0S/HckDcILAPlgDWUhj/08qQ58W5Zyyzc RqKgdHAw6a6OsiVPUdA8KmHZux0IIZcFA05xHy+lKqtUd1EB4AIBWfNWkpQHIqV97gcs 5rng== X-Gm-Message-State: APjAAAUSRvbkuSkfwHd8FPD4VmsYi1ykmwsRNaIpASI0dtmEag6OQjmK eFB3FUI6Y0ErJV6ASpzn/GycPjpr X-Google-Smtp-Source: APXvYqy5Rb1kFc9bSW+4KL4fMfAezb7U2gFr8cBAZrQL/4xzr4/MlMs0qVCPdz5OBrB7LV05aZB4SA== X-Received: by 2002:a05:600c:28d:: with SMTP id 13mr25092545wmk.15.1558945157803; Mon, 27 May 2019 01:19:17 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:17 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 05/13] drm/i915: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls Date: Mon, 27 May 2019 09:17:33 +0100 Message-Id: <20190527081741.14235-5-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=EzMIqXAbWE/gV2RBZB2W7ChrFwajusw59ENhgOUcS9g=; b=VcdmQu9oP0Ss2g8SfVsbR9yf4amDDkNVfF4myeZnx1DaKG2doBgAO1bKjJ7xfdhamw woW63VLm2VHnZd5O38aFzWujFn6Lee+WmhZOPkbpxOJSd2wj0ckpOAPCDOaa0nLrIrh4 9jNjho7gl5tf1Jg086OXfP+xAD0qkjyCFX0Ab6+mCLGt28pPcoaz0eHCdkFC6TYDbOVl YPbxnQ55VR7RjiqVWjfQFctP5rEUloHReYWDc4EqzWjjC2bqE5hkuESnl8fkUWRXpnCI kTnMw4q0W7a1ZpSibxFhbaWy/jTAY/OB6aaLRk9rTFpaJS76+8yLL9+XGGm1x+I5/Fyl XeuQ== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , intel-gfx@lists.freedesktop.org, emil.l.velikov@gmail.com, Rodrigo Vivi Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Note: the outstanding DRM_AUTH instances are: - legacy DRI1 ioctls, which are already neutered - modern but deprecated ioctls Cc: Jani Nikula Cc: Joonas Lahtinen Cc: Rodrigo Vivi Cc: intel-gfx@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/i915/i915_drv.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c index 1ad88e6d7c04..ea7a713654dd 100644 --- a/drivers/gpu/drm/i915/i915_drv.c +++ b/drivers/gpu/drm/i915/i915_drv.c @@ -3098,7 +3098,7 @@ static const struct drm_ioctl_desc i915_ioctls[] = { DRM_IOCTL_DEF_DRV(I915_BATCHBUFFER, drm_noop, DRM_AUTH), DRM_IOCTL_DEF_DRV(I915_IRQ_EMIT, drm_noop, DRM_AUTH), DRM_IOCTL_DEF_DRV(I915_IRQ_WAIT, drm_noop, DRM_AUTH), - DRM_IOCTL_DEF_DRV(I915_GETPARAM, i915_getparam_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(I915_GETPARAM, i915_getparam_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_SETPARAM, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_ALLOC, drm_noop, DRM_AUTH), DRM_IOCTL_DEF_DRV(I915_FREE, drm_noop, DRM_AUTH), @@ -3111,13 +3111,13 @@ static const struct drm_ioctl_desc i915_ioctls[] = { DRM_IOCTL_DEF_DRV(I915_HWS_ADDR, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_GEM_INIT, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_GEM_EXECBUFFER, i915_gem_execbuffer_ioctl, DRM_AUTH), - DRM_IOCTL_DEF_DRV(I915_GEM_EXECBUFFER2_WR, i915_gem_execbuffer2_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(I915_GEM_EXECBUFFER2_WR, i915_gem_execbuffer2_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_PIN, i915_gem_reject_pin_ioctl, DRM_AUTH|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_GEM_UNPIN, i915_gem_reject_pin_ioctl, DRM_AUTH|DRM_ROOT_ONLY), - DRM_IOCTL_DEF_DRV(I915_GEM_BUSY, i915_gem_busy_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(I915_GEM_BUSY, i915_gem_busy_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_SET_CACHING, i915_gem_set_caching_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_GET_CACHING, i915_gem_get_caching_ioctl, DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(I915_GEM_THROTTLE, i915_gem_throttle_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(I915_GEM_THROTTLE, i915_gem_throttle_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_ENTERVT, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_GEM_LEAVEVT, drm_noop, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(I915_GEM_CREATE, i915_gem_create_ioctl, DRM_RENDER_ALLOW), @@ -3136,7 +3136,7 @@ static const struct drm_ioctl_desc i915_ioctls[] = { DRM_IOCTL_DEF_DRV(I915_OVERLAY_ATTRS, intel_overlay_attrs_ioctl, DRM_MASTER), DRM_IOCTL_DEF_DRV(I915_SET_SPRITE_COLORKEY, intel_sprite_set_colorkey_ioctl, DRM_MASTER), DRM_IOCTL_DEF_DRV(I915_GET_SPRITE_COLORKEY, drm_noop, DRM_MASTER), - DRM_IOCTL_DEF_DRV(I915_GEM_WAIT, i915_gem_wait_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(I915_GEM_WAIT, i915_gem_wait_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_CONTEXT_CREATE_EXT, i915_gem_context_create_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_GEM_CONTEXT_DESTROY, i915_gem_context_destroy_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(I915_REG_READ, i915_reg_read_ioctl, DRM_RENDER_ALLOW), From patchwork Mon May 27 08:17:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962239 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 939631390 for ; Mon, 27 May 2019 08:19:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84B5A28A05 for ; Mon, 27 May 2019 08:19:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 75B132899B; Mon, 27 May 2019 08:19:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 181B82899B for ; Mon, 27 May 2019 08:19:35 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 6189389958; Mon, 27 May 2019 08:19:28 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by gabe.freedesktop.org (Postfix) with ESMTPS id C8DCC89948; Mon, 27 May 2019 08:19:20 +0000 (UTC) Received: by mail-wm1-x344.google.com with SMTP id u78so2331505wmu.5; Mon, 27 May 2019 01:19:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7/ikaNXVp9+PnAgzUDoGM6SIYABdB5AKJ9WaI3xbsPs=; b=OMThtahmznxUdhVk+WfjINKhEo6oZdbYj/CyN5AA1nY8D+I5Y/UhK/D3CFLkT2dv8b 3dT3ch4/8aRApFUeEiQfM5YdWG3T5ApPEIrQVW3su8P8RsKEMHBAtKHCXrVi0BuUlCJl FKeS92Q2cT+LXkXttJ+NU5K+R9/H5hHKdItLZXg+kFA9F+LJJSqdcBvZ7X48DQmEwJFH vIYoKjg4JVF0kkCEJ2bTiQHRZeJPdfyq4lk5gNjWJGJ9xmPIrBgMczKAm7VYaq6C/uAu 3aboK69uFmEZu1xXdPkuY3s3FqbhAkP6MRfTdlvNNKSDMEIvjjeAAbDv2m22cvI6k8wE yJPA== X-Gm-Message-State: APjAAAXm+Yyix3Y54QwAOkn9Osh9ZZqM0n4jZ8glOTd42tjy4aeXhi7p JruPCZ/pXTXyzhgRUe01TNIjNKmh X-Google-Smtp-Source: APXvYqxxyufUr+1P1rzDjlqqBfe0aHFQnFeAScxLcRVmKXa1ob7YcZ+JyMWG9/yb7YasxbvKFqUQ3A== X-Received: by 2002:a1c:c5cf:: with SMTP id v198mr9030487wmf.84.1558945158972; Mon, 27 May 2019 01:19:18 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:18 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 06/13] drm/lima: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:34 +0100 Message-Id: <20190527081741.14235-6-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7/ikaNXVp9+PnAgzUDoGM6SIYABdB5AKJ9WaI3xbsPs=; b=bh/V93i84OIw+2V7Fi881TJbgdGVrsAvj+y3rpLV9EhmlQE85gVYeOvGH0DtHb/SPH jzRbGWQI7iu39VAwJEfFIq/1GpjFjPPDC3G41rF94h/2BTFB2BAzH+s7Nq2WmMHUPH4h nca5JJ0MTNKSemqeU10G1N/tbQMpTv14qkLRs+mPBjpin5FsURpRp2vJrVXuq7zH22Dz eYqki4AvHHAlcMgMky0d4onHp1qClWjkdKZVvMyaGprFqxfUcspNYy34vi63Am6thRtH aMCajH2S26/mY63ViIbmZNuqxfzcjsM0ZOCc5ZLvLiP0NhtL/jFeEXjBb8JwteoSI1ho DzGQ== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, Qiang Yu , lima@lists.freedesktop.org Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: Qiang Yu Cc: lima@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov Reviewed-by: Qiang Yu --- drivers/gpu/drm/lima/lima_drv.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/gpu/drm/lima/lima_drv.c b/drivers/gpu/drm/lima/lima_drv.c index b29c26cd13b2..ae89938c63b1 100644 --- a/drivers/gpu/drm/lima/lima_drv.c +++ b/drivers/gpu/drm/lima/lima_drv.c @@ -231,13 +231,13 @@ static void lima_drm_driver_postclose(struct drm_device *dev, struct drm_file *f } static const struct drm_ioctl_desc lima_drm_driver_ioctls[] = { - DRM_IOCTL_DEF_DRV(LIMA_GET_PARAM, lima_ioctl_get_param, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_GEM_CREATE, lima_ioctl_gem_create, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_GEM_INFO, lima_ioctl_gem_info, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_GEM_SUBMIT, lima_ioctl_gem_submit, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_GEM_WAIT, lima_ioctl_gem_wait, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_CTX_CREATE, lima_ioctl_ctx_create, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(LIMA_CTX_FREE, lima_ioctl_ctx_free, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_GET_PARAM, lima_ioctl_get_param, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_GEM_CREATE, lima_ioctl_gem_create, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_GEM_INFO, lima_ioctl_gem_info, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_GEM_SUBMIT, lima_ioctl_gem_submit, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_GEM_WAIT, lima_ioctl_gem_wait, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_CTX_CREATE, lima_ioctl_ctx_create, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(LIMA_CTX_FREE, lima_ioctl_ctx_free, DRM_RENDER_ALLOW), }; static const struct file_operations lima_drm_driver_fops = { From patchwork Mon May 27 08:17:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962243 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7407B13AD for ; Mon, 27 May 2019 08:19:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 66099289A6 for ; Mon, 27 May 2019 08:19:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5AA3028A05; Mon, 27 May 2019 08:19:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 076332898D for ; Mon, 27 May 2019 08:19:39 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 7928289951; Mon, 27 May 2019 08:19:27 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by gabe.freedesktop.org (Postfix) with ESMTPS id 997C989958; Mon, 27 May 2019 08:19:21 +0000 (UTC) Received: by mail-wm1-x341.google.com with SMTP id e19so6599511wme.1; Mon, 27 May 2019 01:19:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hJ0Q/F3ivyczd2SCCwAuk/1JuA4pK8OQ1/4ZOXtfZSI=; b=hFRRl+r9uOwpttNk8UiDcPPRGw+IoATMOc8Q1CvDCJgefYuQeTjgJkN5vujOHsGTT5 Xi7Z1x5vp/QhtvfLCoM6tRducbP1+czWf2xafA88NSGLWpvcfFRMbObh7mLKxHigNn+x pjUfxkxi+AKaerpfE1rX77/nTM7h9XKjBscHZEy5pZ0MHAOZ2CkPoJEMkDKvhyX0lrkK ofoK58xzfgYMcRHhN9V/0HzcGayERHueNRQo6hEbkR2koLfi6X//oABAqgL/aMdqwasK H9QlkazFCXTxS3G5R/YiCAcytCeDT5KPnOi1F8dWyl8IyqqzgJWa3xNfjb4H35/NxeXU PyEw== X-Gm-Message-State: APjAAAXzSD17HuDuaNATpSn2+FXMLh5V2bPCssK9x+aUfNagZyRn3RsN yCKjq6fWZHi0NVDgh4XeC1SZ/oSY X-Google-Smtp-Source: APXvYqzRwajEzWcrZu406SRgKi029gr68gkFAe8r1wkBPUJDAke/kxtLo9TB11/yQZOMBs8CE1a9wg== X-Received: by 2002:a7b:cd0e:: with SMTP id f14mr25189688wmj.127.1558945160094; Mon, 27 May 2019 01:19:20 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:19 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 07/13] drm/msm: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:35 +0100 Message-Id: <20190527081741.14235-7-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hJ0Q/F3ivyczd2SCCwAuk/1JuA4pK8OQ1/4ZOXtfZSI=; b=AhaDtaOGQ4qr2iA6Ghx896z5xeaplQDwuJrVor5NcPLmuX3xDeGFQyuqTjG0GnJoa5 fxmYYrpI0CINiW3yCBqrFkQ5ama4ZLF3VgIWSic57KfQWpH1cPZlMa0nnxtcMuGttm/v l5o5Y2Gnj0QSfTpNUZV9OAP/z+R6+pc3bL+Tfq2tUFJVjQpVN3DMEe77d9BztiJ32DMG BsK6VRbgEEjyzVlTqsb426iF4/ptOezXBbKAQBgYEMENtg318NPUbm/cU3/OtEuK7GJT AlEcTckcHPIhFhMh2hOXWpF3JlnCgZDKh8NLxEQ3E2aMJrJ5AUGR11BAPENbQK3axAro Nbkw== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , freedreno@lists.freedesktop.org, emil.l.velikov@gmail.com, Sean Paul Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: Rob Clark Cc: Sean Paul Cc: freedreno@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/msm/msm_drv.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/drivers/gpu/drm/msm/msm_drv.c b/drivers/gpu/drm/msm/msm_drv.c index 31deb87abfc6..ac1c7a8a85d0 100644 --- a/drivers/gpu/drm/msm/msm_drv.c +++ b/drivers/gpu/drm/msm/msm_drv.c @@ -983,17 +983,17 @@ static int msm_ioctl_submitqueue_close(struct drm_device *dev, void *data, } static const struct drm_ioctl_desc msm_ioctls[] = { - DRM_IOCTL_DEF_DRV(MSM_GET_PARAM, msm_ioctl_get_param, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_NEW, msm_ioctl_gem_new, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_INFO, msm_ioctl_gem_info, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_CPU_PREP, msm_ioctl_gem_cpu_prep, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_CPU_FINI, msm_ioctl_gem_cpu_fini, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_SUBMIT, msm_ioctl_gem_submit, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_WAIT_FENCE, msm_ioctl_wait_fence, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_GEM_MADVISE, msm_ioctl_gem_madvise, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_NEW, msm_ioctl_submitqueue_new, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_CLOSE, msm_ioctl_submitqueue_close, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_QUERY, msm_ioctl_submitqueue_query, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GET_PARAM, msm_ioctl_get_param, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_NEW, msm_ioctl_gem_new, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_INFO, msm_ioctl_gem_info, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_CPU_PREP, msm_ioctl_gem_cpu_prep, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_CPU_FINI, msm_ioctl_gem_cpu_fini, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_SUBMIT, msm_ioctl_gem_submit, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_WAIT_FENCE, msm_ioctl_wait_fence, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_GEM_MADVISE, msm_ioctl_gem_madvise, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_NEW, msm_ioctl_submitqueue_new, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_CLOSE, msm_ioctl_submitqueue_close, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MSM_SUBMITQUEUE_QUERY, msm_ioctl_submitqueue_query, DRM_RENDER_ALLOW), }; static const struct vm_operations_struct vm_ops = { From patchwork Mon May 27 08:17:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962247 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 85B221390 for ; Mon, 27 May 2019 08:19:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 77660287E3 for ; Mon, 27 May 2019 08:19:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6BBE928A05; Mon, 27 May 2019 08:19:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,UPPERCASE_50_75 autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 062772899B for ; Mon, 27 May 2019 08:19:43 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 3CA6C899AB; Mon, 27 May 2019 08:19:29 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by gabe.freedesktop.org (Postfix) with ESMTPS id 1315A89958; Mon, 27 May 2019 08:19:23 +0000 (UTC) Received: by mail-wm1-x342.google.com with SMTP id u78so2331603wmu.5; Mon, 27 May 2019 01:19:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/JsV1CfjvQsXIt3CjDtihtQxDPv/gSvS7soU+hPJ21M=; b=J3S0L68RlAMUpoSXBeiLZ9MPrupovBsiW6QByJF9kNR3lKM9Ak4tB4USHC9XuEweAR jdRsf6y5DAnqpD1Znl47jgVEDOeGFBgL3s1f84WVq9hhqF2WWQa5yqR60k6RZ+vqefjc 1FuwgMpRPOFchzX4j78fEMHkZUT55lL1xExWGXAad9JSvrHDEGP++xnSwOm6phQip+zO uvPwM804X7miJ/rTpxK78r/lrPi7Zaw2C1/6VGWYLAV6LplEpV6TlIV7+G45tnbNyJ+3 Cgz7QlQ7qMTPHrT6OA7WRgF1ZkWL2BLAPUuZxTMKPfpUsTtc2qHVcFBTUeiPsaZvsnIc Tjxw== X-Gm-Message-State: APjAAAU95lAOocRfCN6lomc1ACyMpcb/3kCCFsj8ZM8PhW7i4wnzuc9z cm5tqLhRW8Nk8vlFicy7u9yRIH6p X-Google-Smtp-Source: APXvYqy6JXBPG1aWy/0H5RgMeppZSIKLNy+g6AYcDfm9Mc67bj8dt/jQulvnuiXXNmLGeBCnQiBbzA== X-Received: by 2002:a1c:ce:: with SMTP id 197mr9300885wma.48.1558945161174; Mon, 27 May 2019 01:19:21 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:20 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 08/13] drm/nouveau: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls Date: Mon, 27 May 2019 09:17:36 +0100 Message-Id: <20190527081741.14235-8-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/JsV1CfjvQsXIt3CjDtihtQxDPv/gSvS7soU+hPJ21M=; b=YS4zruWdhKRGYY7H772PcWoYll+5wC+oEdAruotkE2Fv7dwqFWVDzr11FTF20HopP1 mK9Ne2EvomzSHhBOKlLn5xv1LZ/aXPVlhDolMqmFnUUpErXkTw8Xo7y74TDzV9If8sAP 5UYabrS9LxLH54G1mLgzK9/fpfYI498vq/TKa1m5Dvq4Ics5Im5uPJfvdX0uy5F48ICI eaGV4YoyoJ4nW1T8NgZLzfJbZK7nVM41j/AtFiBX1q1jlJJyuwZFGcRLg3og5+Hs6FFo b7Qfpt390aSo+paNEMNz20zsnx63f0FA5rsf6hZRd/4yhkyRpn7VGmxyjQLefExUA5GS MzEA== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , nouveau@lists.freedesktop.org, emil.l.velikov@gmail.com, Ben Skeggs Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Note: the outstanding DRM_AUTH instance is: - legacy DRI1 ioctl, which is already neutered Cc: Ben Skeggs Cc: nouveau@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov Reviewed-by: Ben Skeggs --- drivers/gpu/drm/nouveau/nouveau_drm.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 22cd45845e07..ff5994c0d429 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -1045,20 +1045,20 @@ nouveau_drm_postclose(struct drm_device *dev, struct drm_file *fpriv) static const struct drm_ioctl_desc nouveau_ioctls[] = { - DRM_IOCTL_DEF_DRV(NOUVEAU_GETPARAM, nouveau_abi16_ioctl_getparam, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GETPARAM, nouveau_abi16_ioctl_getparam, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(NOUVEAU_SETPARAM, nouveau_abi16_ioctl_setparam, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY), - DRM_IOCTL_DEF_DRV(NOUVEAU_CHANNEL_ALLOC, nouveau_abi16_ioctl_channel_alloc, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_CHANNEL_FREE, nouveau_abi16_ioctl_channel_free, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GROBJ_ALLOC, nouveau_abi16_ioctl_grobj_alloc, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_NOTIFIEROBJ_ALLOC, nouveau_abi16_ioctl_notifierobj_alloc, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GPUOBJ_FREE, nouveau_abi16_ioctl_gpuobj_free, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_SVM_INIT, nouveau_svmm_init, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_SVM_BIND, nouveau_svmm_bind, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_NEW, nouveau_gem_ioctl_new, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_PUSHBUF, nouveau_gem_ioctl_pushbuf, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_CPU_PREP, nouveau_gem_ioctl_cpu_prep, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_CPU_FINI, nouveau_gem_ioctl_cpu_fini, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_INFO, nouveau_gem_ioctl_info, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_CHANNEL_ALLOC, nouveau_abi16_ioctl_channel_alloc, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_CHANNEL_FREE, nouveau_abi16_ioctl_channel_free, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GROBJ_ALLOC, nouveau_abi16_ioctl_grobj_alloc, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_NOTIFIEROBJ_ALLOC, nouveau_abi16_ioctl_notifierobj_alloc, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GPUOBJ_FREE, nouveau_abi16_ioctl_gpuobj_free, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_SVM_INIT, nouveau_svmm_init, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_SVM_BIND, nouveau_svmm_bind, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_NEW, nouveau_gem_ioctl_new, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_PUSHBUF, nouveau_gem_ioctl_pushbuf, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_CPU_PREP, nouveau_gem_ioctl_cpu_prep, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_CPU_FINI, nouveau_gem_ioctl_cpu_fini, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(NOUVEAU_GEM_INFO, nouveau_gem_ioctl_info, DRM_RENDER_ALLOW), }; long From patchwork Mon May 27 08:17:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962249 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D8AD913AD for ; Mon, 27 May 2019 08:19:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CAC3D28A49 for ; Mon, 27 May 2019 08:19:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BF45528AB9; Mon, 27 May 2019 08:19:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 7033E28AB7 for ; Mon, 27 May 2019 08:19:44 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 87F2C899B0; Mon, 27 May 2019 08:19:29 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) by gabe.freedesktop.org (Postfix) with ESMTPS id 02A4689958 for ; Mon, 27 May 2019 08:19:24 +0000 (UTC) Received: by mail-wr1-x444.google.com with SMTP id e2so7204024wrv.6 for ; Mon, 27 May 2019 01:19:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VQ7eNjW/2eOkTuLgrwZ0jTTijZuZ5pGFb5qu5RgXgtQ=; b=G7IUZgYve5g22Rknbc+6oE6Xmxpmf//ZpM6IGw5M+mmmbwtBl+yuQ2N+uy7EZISZLI +t0luCRZieNRbPa/0WNWtDKQePz4rWOehAx+w1ShKMsi4u57yEJq7ZmYhs19osmSL+2T aYHhv942+x8dJVDpHkuuRl4cY+S5Gk8Efm+pDWwLQE7bX75PfzF+JG6BhRQ7wQNGwgA9 2ZN7oY8K9t+Lh5YRuLy9YgyaX4F2r2ARrs//YjLOjjYALTJq+zMfKRnO339t+XfObTxM U3YiAwY7CxgzFEh43WnRjZBqxA5rLDpQ6rII95TRj2vpIAVNYwklp9RuHwQGuXXwtEYm 7rlg== X-Gm-Message-State: APjAAAUU2CxRkAEmvp1M8SkYxmDHBStMEnk5w6yCxsurEqFNehsnttnL gK6/JUQbjG/o9FWI0Btxrbl9uyhG X-Google-Smtp-Source: APXvYqx8Jlz3e+GrwlaEmXL39uXAWQV83oL1FGbdAbGNYw7J7Iqa+/zm6t8CN9vSGQhpFwGVvSiXxA== X-Received: by 2002:adf:dfd0:: with SMTP id q16mr18498160wrn.235.1558945162311; Mon, 27 May 2019 01:19:22 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:21 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 09/13] drm/omap: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls Date: Mon, 27 May 2019 09:17:37 +0100 Message-Id: <20190527081741.14235-9-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=VQ7eNjW/2eOkTuLgrwZ0jTTijZuZ5pGFb5qu5RgXgtQ=; b=QYwxU7yBZpfo+MdjjN/v6g6EdqzyX9xFdQBfUpSIqEsXKyNKuLGW/4YRk3T0gpxkyY J0V+9O57ahcIfmvAz68K78eVA+5wQHy2NLxbB7K6xBmPQ8pDoNAlozfytMRg7xWIe6Dv W6jTEdNHrvbGvPRItASSBdaSk5WQl2m/aUpCU1wRCRQcpzB6AWvZ/9F1qCB6VWQh6Dgo fTwXPjDM/vUw+whQzMG+MaWtJOUK+hM4MwX+ItLN/2+rCoHqZSqjtHD75KAcgiWK0opE bTMqiYmSOqjpStmtpYkyRtyBetbf1W2gsHfAPgdoloTItIiaKgf3hUUR5zPq0D4jdawi oqBw== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , Tomi Valkeinen , emil.l.velikov@gmail.com Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Note: the outstanding DRM_AUTH instance is: - (badly coped) legacy DRI1 ioctl, which is a noop Cc: Tomi Valkeinen Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov Signed-off-by: Emil Velikov Acked-by: Tomi Valkeinen --- drivers/gpu/drm/omapdrm/omap_drv.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/drm/omapdrm/omap_drv.c b/drivers/gpu/drm/omapdrm/omap_drv.c index 1b9b6f5e48e1..f97781f9d936 100644 --- a/drivers/gpu/drm/omapdrm/omap_drv.c +++ b/drivers/gpu/drm/omapdrm/omap_drv.c @@ -491,19 +491,19 @@ static int ioctl_gem_info(struct drm_device *dev, void *data, static const struct drm_ioctl_desc ioctls[DRM_COMMAND_END - DRM_COMMAND_BASE] = { DRM_IOCTL_DEF_DRV(OMAP_GET_PARAM, ioctl_get_param, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(OMAP_SET_PARAM, ioctl_set_param, DRM_AUTH | DRM_MASTER | DRM_ROOT_ONLY), DRM_IOCTL_DEF_DRV(OMAP_GEM_NEW, ioctl_gem_new, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), /* Deprecated, to be removed. */ DRM_IOCTL_DEF_DRV(OMAP_GEM_CPU_PREP, drm_noop, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), /* Deprecated, to be removed. */ DRM_IOCTL_DEF_DRV(OMAP_GEM_CPU_FINI, drm_noop, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(OMAP_GEM_INFO, ioctl_gem_info, - DRM_AUTH | DRM_RENDER_ALLOW), + DRM_RENDER_ALLOW), }; /* From patchwork Mon May 27 08:17:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962251 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A860D13AD for ; Mon, 27 May 2019 08:19:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B0A2287E3 for ; Mon, 27 May 2019 08:19:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8F97C28AB7; Mon, 27 May 2019 08:19:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,UPPERCASE_50_75 autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 282D0287E3 for ; Mon, 27 May 2019 08:19:46 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id E4932899DE; Mon, 27 May 2019 08:19:32 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) by gabe.freedesktop.org (Postfix) with ESMTPS id F0E8189958; Mon, 27 May 2019 08:19:24 +0000 (UTC) Received: by mail-wr1-x441.google.com with SMTP id b18so15943957wrq.12; Mon, 27 May 2019 01:19:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KwWDFnKy2aAXu3HClzrTfHohiLgzdugViH4Mkqzff2Q=; b=hTwBaLfcKNNOUPokYfCqvhSAzWBgM13O6z+4SSyKo2f63PduADH/+9ZnfHpmksV1l6 OGdy/KT07/5K99nJSOcw2W75ERdnfz5vGBvrN1Xf6almfSGdvslWUDChxv1n5UAumhKr dYd/Xq/zsZUMxSCbipFk6+3ab9IsT8ZK3AZAfDhvOHAEgqfwqkVnnyFkWHsQBc3iKgU7 FuK9GSsvbGluY7GfGL9CfBRghuaq33s2LZIyxbhCcMiTPFEm3xMh+5Mv2UdGrNL7ZkeY PjEs5bQ8k7VPKepdS+WIZ9T/r0simN1V2BNtrJ4a6DfO0Ne9e2ayjLfRwpU/zlTkOXxk 4bnQ== X-Gm-Message-State: APjAAAXBI6A3C88Xg8rw0VHRNiz/Aqb0i0RdPkSi4gF/Ne7yJBIfZ9zs JbEBOX5P/L/tgUBWzo1L8QbMZO6g X-Google-Smtp-Source: APXvYqz1edhdfJ1wQnf/CkZ0A/Wcmf+ALqXpBN0cSPF8cvpVjvO5VWLNLYac3OlOQC5T0pdWOwQnXQ== X-Received: by 2002:a5d:54c2:: with SMTP id x2mr12419800wrv.214.1558945163310; Mon, 27 May 2019 01:19:23 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:22 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 10/13] drm/radeon: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls Date: Mon, 27 May 2019 09:17:38 +0100 Message-Id: <20190527081741.14235-10-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KwWDFnKy2aAXu3HClzrTfHohiLgzdugViH4Mkqzff2Q=; b=XTo/9xksUswhm70L8r0eTPp7bMK+AziC+Ji1JC4O3ePJmS+Tczx9P57xXy/c9WvWiV SRtzOkk2YqXi0XFO0ARA4ccMBHPEpk/+kWMcxlf0v74339bkb0J8T+0S9GuDnb7bjyW8 KkJ9q/OmlfwiI1wSNU2bHhF4R4LHQvpYU0R4zLPT1Zy8GVgyttC+WAxGUSMPUhnTIxv9 0k6Xq96Y/AKMgXO5Y4JhTCXYzOntdNObGIzJuC16k6jcMij8sdTJA1HjIJptDQzfSJkj 8OTVPFTuEvbaCDm6EVp744FAxPNEvPCmFWEUTgv8zePqJpCuRqNQf7q6DnQaGHm/1UV5 CTKQ== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, amd-gfx@lists.freedesktop.org, Alex Deucher , =?utf-8?q?Christian_K=C3=B6nig?= Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Note: the outstanding DRM_AUTH instances are: - legacy DRI1 ioctls, which are already neutered - modern but deprecated ioctls Cc: Alex Deucher Cc: Christian König Cc: amd-gfx@lists.freedesktop.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/radeon/radeon_kms.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/radeon/radeon_kms.c b/drivers/gpu/drm/radeon/radeon_kms.c index 6a8fb6fd183c..c010b8a88b8a 100644 --- a/drivers/gpu/drm/radeon/radeon_kms.c +++ b/drivers/gpu/drm/radeon/radeon_kms.c @@ -905,20 +905,20 @@ const struct drm_ioctl_desc radeon_ioctls_kms[] = { DRM_IOCTL_DEF_DRV(RADEON_SURF_ALLOC, drm_invalid_op, DRM_AUTH), DRM_IOCTL_DEF_DRV(RADEON_SURF_FREE, drm_invalid_op, DRM_AUTH), /* KMS */ - DRM_IOCTL_DEF_DRV(RADEON_GEM_INFO, radeon_gem_info_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_CREATE, radeon_gem_create_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_MMAP, radeon_gem_mmap_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_SET_DOMAIN, radeon_gem_set_domain_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_INFO, radeon_gem_info_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_CREATE, radeon_gem_create_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_MMAP, radeon_gem_mmap_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_SET_DOMAIN, radeon_gem_set_domain_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(RADEON_GEM_PREAD, radeon_gem_pread_ioctl, DRM_AUTH), DRM_IOCTL_DEF_DRV(RADEON_GEM_PWRITE, radeon_gem_pwrite_ioctl, DRM_AUTH), - DRM_IOCTL_DEF_DRV(RADEON_GEM_WAIT_IDLE, radeon_gem_wait_idle_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_CS, radeon_cs_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_INFO, radeon_info_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_SET_TILING, radeon_gem_set_tiling_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_GET_TILING, radeon_gem_get_tiling_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_BUSY, radeon_gem_busy_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_VA, radeon_gem_va_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_OP, radeon_gem_op_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(RADEON_GEM_USERPTR, radeon_gem_userptr_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_WAIT_IDLE, radeon_gem_wait_idle_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_CS, radeon_cs_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_INFO, radeon_info_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_SET_TILING, radeon_gem_set_tiling_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_GET_TILING, radeon_gem_get_tiling_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_BUSY, radeon_gem_busy_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_VA, radeon_gem_va_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_OP, radeon_gem_op_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(RADEON_GEM_USERPTR, radeon_gem_userptr_ioctl, DRM_RENDER_ALLOW), }; int radeon_max_kms_ioctl = ARRAY_SIZE(radeon_ioctls_kms); From patchwork Mon May 27 08:17:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962241 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B13271390 for ; Mon, 27 May 2019 08:19:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A030B28A05 for ; Mon, 27 May 2019 08:19:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9253728AB9; Mon, 27 May 2019 08:19:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4F4C1289A6 for ; Mon, 27 May 2019 08:19:37 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id E5E758991C; Mon, 27 May 2019 08:19:29 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) by gabe.freedesktop.org (Postfix) with ESMTPS id 494F689951 for ; Mon, 27 May 2019 08:19:26 +0000 (UTC) Received: by mail-wr1-x444.google.com with SMTP id s17so15993312wru.3 for ; Mon, 27 May 2019 01:19:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=DZcPJUtjgv9EKQIqfc2FSo+GKmCjWmQE5625uXYlrlA=; b=n0ilZVNC9nsS35ooVsCyjWX5rM+uNhoBj5gez1zhunAvftSxgNeN44i1+KSXG6+Uc7 NsLyczpfoUvUAsMO1v33O4nLYLA7YEUj6wwojctF8nwUHCUoXCRy7A0GEjc+v56bFsEd mBbI0yEb4X2UdR1M0uJJLTEWYB11+x2gI4OVX9SWPs0BrE0Mud3In3NmlXILYg7805uB 6PEvL4BRetXxdxL30qLiZStU7h1VXZIRQQ5FXXq5g3CSxeQvIZcVTJTo1gUwU3P3JDLt JG6KDF87yLbJzzpQbSwrIW3pE4bPajH74fQSUpyphjg+OgYY+uXzM3KEkNKy2FTlUrf+ N+yA== X-Gm-Message-State: APjAAAWPgppUPjMsdsO7RldKm+roaINLUAXnkt6YMA7gtjiDyjzepXD2 6eLuyHwUbV1c+PkOgWCsm1+C6pY+ X-Google-Smtp-Source: APXvYqzMUlVUW1Fwkfu+vXmFld07AUFTq1e+L/MqAXuH3JsdS1HFlDTJU4RcRBYJ6EAhvXmA9RkgZQ== X-Received: by 2002:adf:c601:: with SMTP id n1mr67879516wrg.49.1558945164454; Mon, 27 May 2019 01:19:24 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:23 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 11/13] drm/vgem: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:39 +0100 Message-Id: <20190527081741.14235-11-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=DZcPJUtjgv9EKQIqfc2FSo+GKmCjWmQE5625uXYlrlA=; b=h4xR1VSZE1+WbCvh2FlqTbo5Ulw13wVRkWOiMgc+L0GFvU5NHF8UQDFYpbKPKEGjVf kOxwB5Rj9k5vg6Lo6V8uWvD0ZTFmYmxFf9CpNlLRndLawPyytMOK8pdL5Kb28vBZbycv koR6wDWBJuf0XnVF09praX9lQ/GdOWxGY7NwkbGAiW57cprdN4Mp+Ewk6r0OBbeKqyV7 EvfQZp/mblPS38RTmRB92JhTgp5DVLjUbVOL5j9JWDPuWaha0vNs2ghvIZEsTDLVCb2g /135Va/9sYrZuPgib9i476nrYZkznv0QdcxTUQG/Bb/YSxHipWEFeUUOZzqbNOoY15PU UTyg== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov --- drivers/gpu/drm/vgem/vgem_drv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/vgem/vgem_drv.c b/drivers/gpu/drm/vgem/vgem_drv.c index 11a8f99ba18c..0ba079f1b302 100644 --- a/drivers/gpu/drm/vgem/vgem_drv.c +++ b/drivers/gpu/drm/vgem/vgem_drv.c @@ -246,8 +246,8 @@ static int vgem_gem_dumb_map(struct drm_file *file, struct drm_device *dev, } static struct drm_ioctl_desc vgem_ioctls[] = { - DRM_IOCTL_DEF_DRV(VGEM_FENCE_ATTACH, vgem_fence_attach_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), - DRM_IOCTL_DEF_DRV(VGEM_FENCE_SIGNAL, vgem_fence_signal_ioctl, DRM_AUTH|DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(VGEM_FENCE_ATTACH, vgem_fence_attach_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(VGEM_FENCE_SIGNAL, vgem_fence_signal_ioctl, DRM_RENDER_ALLOW), }; static int vgem_mmap(struct file *filp, struct vm_area_struct *vma) From patchwork Mon May 27 08:17:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962255 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A01D51390 for ; Mon, 27 May 2019 08:19:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 91FFA2899B for ; Mon, 27 May 2019 08:19:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 865D128A05; Mon, 27 May 2019 08:19:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 321C2289A6 for ; Mon, 27 May 2019 08:19:49 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 6F8FE899FF; Mon, 27 May 2019 08:19:45 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by gabe.freedesktop.org (Postfix) with ESMTPS id EBCF68999E for ; Mon, 27 May 2019 08:19:27 +0000 (UTC) Received: by mail-wm1-x344.google.com with SMTP id f10so7752466wmb.1 for ; Mon, 27 May 2019 01:19:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=bGo+wmfdMFNtr1n5PzMjqu4298v/kiu+NsJd7STGsfY=; b=XMx7C2dnltk5ljq3qCcdQ8ZxvATcqb+QuQAKci4b+HCmPnEqlKTKPLwqt8v00yQaFV oBSj5CLc3CnbQNH1TZCkAsivJ3lu+FgraiwQK/JKp8kssAGdHgaKyAHVr2vMr0PdBZrm bQ07ijuIXCMBC8HRu6AYRXxN7C+kaKJmrNrGfk6IQFkwPf4cmgMkgVXfESalkFWNGwI+ +7bzwhuYYqhaa0eLjG3N1MOlgnaB0UmWF+kWgVTtNJLV/fFV3cIXnbtjEWjQ9T2MfS0N rAtEkWtrf1GK2rqMsJKSwBDLTMU5d/e4muuV1P76tTEBnXqO65ND7cqKCDMglqwaBTPm fT5A== X-Gm-Message-State: APjAAAXyu4LYL1AsN++JhYKyFZK+/Ec69BQQHy3N82fhks8zeinHcUrf OwHGvYIp9FVhUG8QXe0DcDvbcg3/ X-Google-Smtp-Source: APXvYqyZVD1u2Fprbi2Z46JCYije7AL8+ij7toiPDQdPSpMZTCv+CcxCCjDpsyk8zbY545OC02G0Vg== X-Received: by 2002:a05:600c:114f:: with SMTP id z15mr9265708wmz.104.1558945165520; Mon, 27 May 2019 01:19:25 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:25 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:40 +0100 Message-Id: <20190527081741.14235-12-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bGo+wmfdMFNtr1n5PzMjqu4298v/kiu+NsJd7STGsfY=; b=DEgdxNrKgBZYo//4TQnq9pRScePESu2k3EUK0vCL8OX9uFkHxxyLMmFWVrm5bp+dMw O1id/TRhkXrvWY9eieCmsrcQkuIuxx5KtNLxBUb4Efgm9x1UJPxxg1eldOHI/FD862L/ x5fnlCAsHz67w8TCF7oh/AL0cTIrGSTkvu/yuOJwoHQC0wfaiSTQ1vgGOFXt5/DJTaoD C+p5teDn921KesiinoYqauVHXG3ehpt6KyMDd6vAU6LzXM9Hot1nNAGq6lgdyBEPSPbn par945U0E6VLbpvKpdDSmg4HckQbpRd+ailTV0zvlVSkVTPqk5aN2rGz0zKrg5VNPfbs BZYA== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Airlie , emil.l.velikov@gmail.com, Gerd Hoffmann , virtualization@lists.linux-foundation.org Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov The authentication can be circumvented, by design, by using the render node. From the driver POV there is no distinction between primary and render nodes, thus we can drop the token. Cc: Gerd Hoffmann Cc: virtualization@lists.linux-foundation.org Cc: David Airlie Cc: Daniel Vetter Signed-off-by: Emil Velikov Acked-by: Gerd Hoffmann --- drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c index 949a264985fc..e72626faba52 100644 --- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c +++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c @@ -553,34 +553,34 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev, struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = { DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE, virtio_gpu_resource_create_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), /* make transfer async to the main ring? - no sure, can we * thread these in the underlying GL */ DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST, virtio_gpu_transfer_from_host_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST, virtio_gpu_transfer_to_host_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), }; From patchwork Mon May 27 08:17:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Emil Velikov X-Patchwork-Id: 10962257 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6ED4F1390 for ; Mon, 27 May 2019 08:19:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 602DC28A49 for ; Mon, 27 May 2019 08:19:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 54F4B28AB9; Mon, 27 May 2019 08:19:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=unavailable version=3.3.1 Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0A5EB28A49 for ; Mon, 27 May 2019 08:19:51 +0000 (UTC) Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 6FDB789A16; Mon, 27 May 2019 08:19:46 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by gabe.freedesktop.org (Postfix) with ESMTPS id EF220899BB; Mon, 27 May 2019 08:19:29 +0000 (UTC) Received: by mail-wm1-x344.google.com with SMTP id y3so15205298wmm.2; Mon, 27 May 2019 01:19:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uK0Mrs5yWSzGtug9DHyijgzhxVTAvc037nQIpG9DVsU=; b=Hwvq1JR1OuAhBYZnDG+r2feyZocx0IR23oktV893dJswgvTaqtePAgu1wn2WpWK1M5 cOcWKnLot80b9fxKCqdw/A4xEv98A6dzdo/IL+rLUB+X5HMqLT+UGoihueN/Yws1iXSX T3E34leLxqV7Z9Jf5rMi45wXRyo7/9CX+A1ZNkhkDn1IQQ4R5e2MklTSD909gWqimsMS Uvn4qF2guZfH2ZYBR0jF6rKcGeaLzuCJcUdR6IhMVcGNENEgT2rp93T7KLtzA6KD//cY x17WAehOvAV4POlPZXeL2Cgwd0aVpx7bEq73i6KCofCy0egQk3s8fboINs+Dkbjkd7V5 C8Cg== X-Gm-Message-State: APjAAAWZueg7YRBzZ5bl9PtNpLRBtktK/Jym7osMadE1jO1EQkNaXjLP YO9C3WI0WFtt3+LmQTjbyG5WkoXp X-Google-Smtp-Source: APXvYqy0KYaQV6ceZRbELAzrsy48kV+QfK5k8O8N9uv+oqEU/kdKZCQzDSD+1/X6Anx3klvI3KiSBw== X-Received: by 2002:a1c:e914:: with SMTP id q20mr4521586wmc.55.1558945166643; Mon, 27 May 2019 01:19:26 -0700 (PDT) Received: from localhost.localdomain (cpc91192-cmbg18-2-0-cust374.5-4.cable.virginm.net. [80.6.113.119]) by smtp.gmail.com with ESMTPSA id a124sm7511876wmh.3.2019.05.27.01.19.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 May 2019 01:19:26 -0700 (PDT) From: Emil Velikov To: dri-devel@lists.freedesktop.org Subject: [PATCH 13/13] drm: allow render capable master with DRM_AUTH ioctls Date: Mon, 27 May 2019 09:17:41 +0100 Message-Id: <20190527081741.14235-13-emil.l.velikov@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uK0Mrs5yWSzGtug9DHyijgzhxVTAvc037nQIpG9DVsU=; b=XZOQd6jw3swVOGIb7VG9lqItTEU5XjDJHCBlSdXY3uUncfZPpZfk+92/OdCFsRHxa4 ymetwPK+DjT2JFi/HfriliO/xHKvTzXr4z+GmW+3D81jD06LMjmqmc+K4pAKINaj7qkm SGErI2NglyZHd0lbkxUIfxNPyMO9M+YX26YBgwAZ4wA02rlgd88nI5VzkbZczdfiisH6 e4d3VIp3qJziCMiBFAxPiFda8dAq/nPhlxbv9x3SB8VPdt3M/EYwiAKnleEHBayl13VW HtqUy92O/eEtrSUE+8Edj9t+Yha7FuLiISv6THN1p9qi9uJT08gEgcumyPfufoYDsS8l AmDA== X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: intel-gfx@lists.freedesktop.org, emil.l.velikov@gmail.com Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Emil Velikov There are cases (in mesa and applications) where one would open the primary node without properly authenticating the client. Sometimes we don't check if the authentication succeeds, but there's also cases we simply forget to do it. The former was a case for Mesa where it did not not check the return value of drmGetMagic() [1]. That was fixed recently although, there's the question of older drivers or other apps that exbibit this behaviour. While omitting the call results in issues as seen in [2] and [3]. In the libva case, libva itself doesn't authenticate the DRM client and the vaGetDisplayDRM documentation doesn't mention if the app should either. As of today, the official vainfo utility doesn't authenticate. To workaround issues like these, some users resort to running their apps under sudo. Which admittedly isn't always a good idea. Since any DRIVER_RENDER driver has sufficient isolation between clients, we can use that, for unauthenticated [primary node] ioctls that require DRM_AUTH. But only if the respective ioctl is tagged as DRM_RENDER_ALLOW. v2: - Rework/simplify if check (Daniel V) - Add examples to commit messages, elaborate. (Daniel V) v3: - Use single unlikely (Daniel V) v4: - Patch was reverted because it broke AMDGPU, apply again. The AMDGPU issue is fixed with earlier patch. [1] https://gitlab.freedesktop.org/mesa/mesa/blob/2bc1f5c2e70fe3b4d41f060af9859bc2a94c5b62/src/egl/drivers/dri2/platform_wayland.c#L1136 [2] https://lists.freedesktop.org/archives/libva/2016-July/004185.html [3] https://gitlab.freedesktop.org/mesa/kmscube/issues/1 Testcase: igt/core_unauth_vs_render Cc: intel-gfx@lists.freedesktop.org Signed-off-by: Emil Velikov Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20190114085408.15933-2-emil.l.velikov@gmail.com --- drivers/gpu/drm/drm_ioctl.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index 9841c0076f02..b64b022a2b29 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c @@ -511,6 +511,13 @@ int drm_version(struct drm_device *dev, void *data, return err; } +static inline bool +drm_render_driver_and_ioctl(const struct drm_device *dev, u32 flags) +{ + return drm_core_check_feature(dev, DRIVER_RENDER) && + (flags & DRM_RENDER_ALLOW); +} + /** * drm_ioctl_permit - Check ioctl permissions against caller * @@ -525,14 +532,19 @@ int drm_version(struct drm_device *dev, void *data, */ int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) { + const struct drm_device *dev = file_priv->minor->dev; + /* ROOT_ONLY is only for CAP_SYS_ADMIN */ if (unlikely((flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN))) return -EACCES; - /* AUTH is only for authenticated or render client */ - if (unlikely((flags & DRM_AUTH) && !drm_is_render_client(file_priv) && - !file_priv->authenticated)) - return -EACCES; + /* AUTH is only for master ... */ + if (unlikely((flags & DRM_AUTH) && drm_is_primary_client(file_priv))) { + /* authenticated ones, or render capable on DRM_RENDER_ALLOW. */ + if (!file_priv->authenticated && + !drm_render_driver_and_ioctl(dev, flags)) + return -EACCES; + } /* MASTER is only for master or control clients */ if (unlikely((flags & DRM_MASTER) &&