[PATCH 0/3] [RFC] DRM Render Nodes

Laurent Pinchart laurent.pinchart at ideasonboard.com
Thu Oct 11 04:10:45 PDT 2012

Hi Kristian,

Could you please update Documentation/DocBook/drm.tmpl with render nodes 
documentation ?

On Friday 28 September 2012 12:35:56 Kristian Høgsberg wrote:
> Here's the patch to implement render nodes as discussed in the "DRM2"
> talk at XDC:
>   http://wiki.x.org/wiki/Events/XDC2012/Proceedings#DRM2
> The core problem is that DRM security is compromised in the face of
> VT switching and multiple DRM masters.  Any local user can access all
> shared buffers from within any X server on the system, even when that
> user doesn't have access to any of those X servers.
> The fix for this is to use dmabuf/prime and fd passing for buffer sharing.
> That infrastructure is already in place and we need to start using that in
> user space.  Once we're passing buffers between display servers and clients
> in a point-to-point fashion, we no longer need to authenticate clients.  We
> just need to make sure they can only render and import/export buffers to
> fds.  That's what this patch does, by creating a new type of drm device
> node.  Accessing this node doesn't require authentication (and as such
> can be used without a master, ie headless), but will only expose the safe,
> modern (DRI2ish) rendering ioctls.
> Once userspace is sharing buffers through fd passing, the legacy card0 node
> can be locked down by unix permissions, for example in a drm-master group,
> so that only setgid binaries (X, weston, other KMS apps) can access it.
> Kristian
> See also:
> http://wiki.x.org/wiki/Events/XDC2012/Proceedings#Graphics_stack_security
> https://lwn.net/Articles/517375/


Laurent Pinchart

More information about the dri-devel mailing list