[Intel-gfx] [PATCH] drm/i915: Possible security hole in command parsing

[Rebecca N. Palmer]

I've now done some testing (on an i5-3230M, in Debian 8), and this patch 
doesn't *appear* to break anything: both with and without it (starting 
from linux-next 20150430 (fa94df1) + commit 245054a drm/i915: Enable cmd 
parser to do secure batch promotion for aliasing ppgtt),

-libva (said in earlier discussion to use chained batches): all basic 
tests pass except test_07 (which doesn't work under 3.16 either); 
putsurface works
-video (file playback and live camera) in vlc works
-beignet (OpenCL) test suite: all pass except builtin_powr_* 
(long-standing known issue) and builtin_tgamma (it appears that 
linux-next puts the *C*PU in denormals-flushed-to-0 floating point mode, 
which breaks this test's checking mechanism: not sure if that's a bug or 
just a difference between Debian's and your defaults, but as it happens 
both with and without the patch, it's nothing to do with this)

The one problem I did see only with the patch was that one session had 
all its windows open in the top left of the screen, un-movable, and 
missing their title bar, but this was not reproducible, so I can't tell 
if it was a result of the patch or a coincidence.

However, plain linux-next 20150430 (without 245054a) has a lot of 
problems ("GPU HANG" in the kernel log on startup but the Xfce desktop 
does come up), glxgears segfaults, beignet gives a few wrong (all-0) 
results then throws CL_OUT_OF_RESOURCES, video doesn't play; probably 
https://bugs.freedesktop.org/show_bug.cgi?id=90190), and given that all 
245054a does is enable secure batch promotion, that suggests that the 
driver no longer handles non-promoted batches properly, making this 
patch a risky move.

I tried the intel-gpu-tools tests (1.10, running in recovery mode to 
avoid loading X), but found that most (not all) of the tests reported 
"GPU HANG" in all three linux-next cases (but worked under 3.16).

Note that I will be away from email for the next few days.