[PATCH v2] drm/i915: Prevent writing into a read-only object via a GGTT mmap
Bloomfield, Jon
jon.bloomfield at intel.com
Thu Jun 14 16:36:29 UTC 2018
> -----Original Message-----
> From: Chris Wilson <chris at chris-wilson.co.uk>
> Sent: Thursday, June 14, 2018 9:07 AM
> To: intel-gfx at lists.freedesktop.org
> Cc: dri-devel at lists.freedesktop.org; Chris Wilson <chris at chris-wilson.co.uk>;
> Bloomfield, Jon <jon.bloomfield at intel.com>; Joonas Lahtinen
> <joonas.lahtinen at linux.intel.com>; Matthew Auld
> <matthew.william.auld at gmail.com>; David Herrmann
> <dh.herrmann at gmail.com>
> Subject: [PATCH v2] drm/i915: Prevent writing into a read-only object via a
> GGTT mmap
>
> If the user has created a read-only object, they should not be allowed
> to circumvent the write protection by using a GGTT mmapping. Deny it.
>
> Also most machines do not support read-only GGTT PTEs, so again we have
> to reject attempted writes. Fortunately, this is known a priori, so we
> can at least reject in the call to create the mmap (with a sanity check
> in the fault handler).
>
> v2: Check the vma->vm_flags during mmap() to allow readonly access.
>
> Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
> Cc: Jon Bloomfield <jon.bloomfield at intel.com>
> Cc: Joonas Lahtinen <joonas.lahtinen at linux.intel.com>
> Cc: Matthew Auld <matthew.william.auld at gmail.com>
> Cc: David Herrmann <dh.herrmann at gmail.com>
Shame about the BUG_ON, but probably overkill to add code to suppress
the RO flag just for mmap.
Reviewed-by: Jon Bloomfield <jon.bloomfield at intel.com>
More information about the dri-devel
mailing list