[PATCH v2] xf86drm: Add drmIsMaster()

Emil Velikov emil.l.velikov at gmail.com
Wed Jan 23 17:18:32 UTC 2019 

On Wed, 23 Jan 2019 at 04:39, Christopher James Halse Rogers
<christopher.halse.rogers at canonical.com> wrote:
>
> We can't use drmSetMaster to query whether or not a drm fd is master
> because it requires CAP_SYS_ADMIN, even if the fd *is* a master fd.
>
> Pick DRM_IOCTL_MODE_ATTACHMODE as a long-deprecated ioctl that is
> DRM_MASTER but not DRM_ROOT_ONLY as the probe by which we can detect
> whether or not the fd is master.
>
> This is useful for code that might get master by open()ing the drm device
> while no other master exists, but can't call drmSetMaster itself because
> it's not running as root or is in a container, where container-root isn't
> real-root.
>
> v2: Use the AUTH_MAGIC request rather than MODE_ATTACHMODE, as it's more
>     clearly related to master status.
>
> Signed-off-by: Christopher James Halse Rogers <christopher.halse.rogers at canonical.com>
> ---
>  xf86drm.c | 15 +++++++++++++++
>  xf86drm.h |  2 ++
>  2 files changed, 17 insertions(+)
>
> diff --git a/xf86drm.c b/xf86drm.c
> index 10df682b..adee5bd9 100644
> --- a/xf86drm.c
> +++ b/xf86drm.c
> @@ -2741,6 +2741,21 @@ drm_public int drmDropMaster(int fd)
>          return drmIoctl(fd, DRM_IOCTL_DROP_MASTER, NULL);
>  }
>
> +drm_public bool drmIsMaster(int fd)
> +{
> +        /* Detect master by attempting something that requires master.
> +         *
> +         * Authenticating magic tokens requires master and 0 is
> +         * guaranteed to be an invalid magic number. Attempting this on
> +         * a master fd will fail therefore fail with EINVAL because 0 is
> +         * invalid.
> +         *
> +         * A non-master fd will fail with EACCESS, as the kernel checks for
> +         * master before attempting to do anything else.
> +         */
> +        return drmAuthMagic(fd, 0) == EINVAL;
What magic value is valid, is a DRM implementation detail, which we
don't need to depend upon.

Instead we can check for EACCES, since we care if we have permissions
- aka are we master.
The function returns a negative errno, so I'd make this a:

        return drmAuthMagic(fd, 0) != -EACCES;

If you and Daniel agree, I'll squash this locally and push.

-Emil

More information about the dri-devel mailing list