[PATCH 1/2] drm: Do not drop root privileges for a fancier younger process

David Herrmann dh.herrmann at gmail.com
Wed Oct 30 08:22:39 CET 2013 

Hi

On Tue, Oct 29, 2013 at 9:55 AM, Chris Wilson <chris at chris-wilson.co.uk> wrote:
> When a second process opens the device and master transferrence is
> complete, we walk the list of open devices and remove their
> authentication. This also revokes our root privilege. Instead of simply
> dropping the authentication, this patch reverts the authenticated state
> back to its original value.
>
> Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
> ---
>  drivers/gpu/drm/drm_fops.c | 5 +++--
>  include/drm/drmP.h         | 1 +
>  2 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c
> index da1940ae9a2d..2f8b41c58d02 100644
> --- a/drivers/gpu/drm/drm_fops.c
> +++ b/drivers/gpu/drm/drm_fops.c
> @@ -239,7 +239,8 @@ static int drm_open_helper(struct inode *inode, struct file *filp,
>
>         priv->ioctl_count = 0;
>         /* for compatibility root is always authenticated */
> -       priv->authenticated = capable(CAP_SYS_ADMIN);
> +       priv->always_authenticated = capable(CAP_SYS_ADMIN);
> +       priv->authenticated = priv->always_authenticated;
>         priv->lock_count = 0;
>
>         INIT_LIST_HEAD(&priv->lhead);
> @@ -523,7 +524,7 @@ int drm_release(struct inode *inode, struct file *filp)
>                 list_for_each_entry(temp, &dev->filelist, lhead) {
>                         if ((temp->master == file_priv->master) &&
>                             (temp != file_priv))
> -                               temp->authenticated = 0;
> +                               temp->authenticated = temp->always_authenticated;
>                 }
>
>                 /**
> diff --git a/include/drm/drmP.h b/include/drm/drmP.h
> index 490534c990b7..3a90857bd0ee 100644
> --- a/include/drm/drmP.h
> +++ b/include/drm/drmP.h
> @@ -412,6 +412,7 @@ struct drm_prime_file_private {
>
>  /** File private data */
>  struct drm_file {
> +       int always_authenticated;
>         int authenticated;

I was going to say you can reuse "authenticated" here as it's an
"int". But your follow-up fixes this I think. Apart from that:
Reviewed-by: David Herrmann <dh.herrmann at gmail.com>

Please also tag this for stable via: Cc: <stable at vger.kernel.org>
Thanks
David

>         struct pid *pid;
>         kuid_t uid;
> --
> 1.8.4.rc3
>
> _______________________________________________
> dri-devel mailing list
> dri-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/dri-devel

More information about the dri-devel mailing list