[PATCH 1/2] drm: vc4: set permissions for ioctls

Eric Anholt eric at anholt.net
Fri Jun 10 20:08:38 UTC 2016


Emil Velikov <emil.l.velikov at gmail.com> writes:

> On 10 June 2016 at 00:42, Eric Anholt <eric at anholt.net> wrote:
>> Rob Herring <robh at kernel.org> writes:
>>
>>> Ioctls generally have DRM_AUTH and DRM_RENDER_ALLOW set to restrict them
>>> to authorized clients and render nodes. Without this, access from render
>>> nodes fails.
>>
>> We've already got a fix to add RENDER_ALLOW submitted in the latest
>> drm-vc4-fixes.  There's no reason to require auth on this
>> implementation, though.
>>
> Not 100% sure but I think you do. At least every other driver does...
>
> Why: I'm thinking that without DRM_AUTH one will be able to open the
> card# node and issue the said IOCTLs even if the client is not
> authenticated. Which, obviously isn't a huge deal, but doesn't sound
> right.
>
> Then again, my knowledge of vc4 is virtually non-existent, so there
> might be something special happening here ?

Let's flip this around: What is the problem you see with calling any of
the ioctls without having gone through the auth dance?  I don't believe
there's any reason to require auth, since you only have access to the
buffers you create or import.

Basically, auth was created a stopgap solution for "but if anyone had
access to the DRM device, they could scrape the X frontbuffer!"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/dri-devel/attachments/20160610/f9faf757/attachment.sig>


More information about the dri-devel mailing list