[PATCH] drm: Fix FD ownership check in drm_master_check_perm()
Christian König
christian.koenig at amd.com
Thu Dec 7 13:55:19 UTC 2023
Am 07.12.23 um 11:22 schrieb Tvrtko Ursulin:
>
>
> On 07/12/2023 10:18, Christian König wrote:
>> Am 07.12.23 um 11:12 schrieb Linus Walleij:
>>> On Wed, Dec 6, 2023 at 2:52 PM Lingkai Dong <Lingkai.Dong at arm.com>
>>> wrote:
>>>
>>>> The DRM subsystem keeps a record of the owner of a DRM device file
>>>> descriptor using thread group ID (TGID) instead of process ID
>>>> (PID), to
>>>> ensures all threads within the same userspace process are
>>>> considered the
>>>> owner. However, the DRM master ownership check compares the current
>>>> thread's PID against the record, so the thread is incorrectly
>>>> considered to
>>>> be not the FD owner if the PID is not equal to the TGID. This
>>>> causes DRM
>>>> ioctls to be denied master privileges, even if the same thread that
>>>> opened
>>>> the FD performs an ioctl. Fix this by checking TGID.
>>>>
>>>> Fixes: 4230cea89cafb ("drm: Track clients by tgid and not tid")
>>>> Signed-off-by: Lingkai Dong <lingkai.dong at arm.com>
>>> Paging the patch author (Tvrko) and committer (Christian).
>>> Here is the patch if you don't have it in your mailbox:
>>> https://lore.kernel.org/dri-devel/PA6PR08MB107665920BE9A96658CDA04CE8884A@PA6PR08MB10766.eurprd08.prod.outlook.com/
>>>
>>>
>>> I'm seeing this as well (on Android).
>>>
>>> Tvrko, Christian: can you look at this?
>>
>> Good catch, looks like we missed this occasion while switching from
>> PID to TGID.
>
> Oops, yes..
>
> Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin at intel.com>
>
>>> Will you apply it to the AMD tree for fixes if it looks OK
>>> or does it go elsewhere?
>>
>> I can push this to drm-misc-fixes as long as nobody objects in the
>> next hour or so.
>>
>> CC: stable? If yes which versions?
>
> Cc: <stable at vger.kernel.org> # v6.4+
And pushed to drm-misc-fixes.
Thanks,
Christian.
>
> Regards,
>
> Tvrtko
More information about the dri-devel
mailing list