[PATCH 01/13] drm/amdgpu: introduce and honour DRM_FORCE_AUTH workaround
Koenig, Christian
Christian.Koenig at amd.com
Mon May 27 12:20:49 UTC 2019
Am 27.05.19 um 14:05 schrieb Emil Velikov:
> On 2019/05/27, Koenig, Christian wrote:
>> Am 27.05.19 um 10:17 schrieb Emil Velikov:
>>> From: Emil Velikov <emil.velikov at collabora.com>
>>>
>>> Currently one can circumvent DRM_AUTH, when the ioctl is exposed via the
>>> render node. A seemingly deliberate design decision.
>>>
>>> Hence we can drop the DRM_AUTH all together (details in follow-up patch)
>>> yet not all userspace checks if it's authenticated, but instead uses
>>> uncommon assumptions.
>>>
>>> After days of digging through git log and testing, only a single (ab)use
>>> was spotted - the Mesa RADV driver, using the AMDGPU_INFO ioctl and
>>> assuming that failure implies lack of authentication.
>>>
>>> Affected versions are:
>>> - the whole 18.2.x series, which is EOL
>>> - the whole 18.3.x series, which is EOL
>>> - the 19.0.x series, prior to 19.0.4
>> Well you could have saved your time, cause this is still a NAK.
>>
> Did I mention that I've spent quite a bit of time in AMDVLK? Even fixed
> a bug while I was there :-)
Yeah, thanks for doing this.
But we have done so much stuff with customers which can't be audited
this way, that I still have a really bad feeling about this :/
>> For the record: I strongly think that we don't want to expose any render
>> functionality on the primary node.
>>
>> To even go a step further I would say that at least on AMD hardware we
>> should completely disable DRI2 for one of the next generations.
>>
> It's doable and overall pretty neat idea.
>
> There is a consern that this approach may cause far more regressions
> that this series. We are talking about years worth of Mesa drivers (et
> al) that depend on render functionality exposed via the primary node.
Yeah, that's I'm perfectly aware of. It's the reason why I said we
should only do it for new hardware generations.
But at some point I think we should do this and get rid of
authentication/flink/DRI2/....
> I'm OK with writing the patches, but it'll be up-to the AMDGPU team to
> follow-up with any regressions. Are you ok with that?
As long as we have a check like adev->family_id >
WHATEVER_IS_THE_CURRENT_LATEST_UPSTREAM_HW, I think we are fine with that.
If I understood Michel correctly xf86-video-amdgpu should work, but
modeset might break and needs a patch.
> Fwiw I could also move the FORCE_AUTH hack to core drm, if you prefer.
Well, the hack is the least of my concerns.
Thanks,
Christian.
>
> Thanks
> Emil
More information about the amd-gfx
mailing list