[PATCH v2] xf86drm: Add drmIsMaster()

Christopher James Halse Rogers chris at cooperteam.net
Wed Jan 23 20:56:51 UTC 2019 

On 24 January 2019 6:18:32 am NZDT, Emil Velikov <emil.l.velikov at gmail.com> wrote:
>On Wed, 23 Jan 2019 at 04:39, Christopher James Halse Rogers
><christopher.halse.rogers at canonical.com> wrote:
>>
>> We can't use drmSetMaster to query whether or not a drm fd is master
>> because it requires CAP_SYS_ADMIN, even if the fd *is* a master fd.
>>
>> Pick DRM_IOCTL_MODE_ATTACHMODE as a long-deprecated ioctl that is
>> DRM_MASTER but not DRM_ROOT_ONLY as the probe by which we can detect
>> whether or not the fd is master.
>>
>> This is useful for code that might get master by open()ing the drm
>device
>> while no other master exists, but can't call drmSetMaster itself
>because
>> it's not running as root or is in a container, where container-root
>isn't
>> real-root.
>>
>> v2: Use the AUTH_MAGIC request rather than MODE_ATTACHMODE, as it's
>more
>>     clearly related to master status.
>>
>> Signed-off-by: Christopher James Halse Rogers
><christopher.halse.rogers at canonical.com>
>> ---
>>  xf86drm.c | 15 +++++++++++++++
>>  xf86drm.h |  2 ++
>>  2 files changed, 17 insertions(+)
>>
>> diff --git a/xf86drm.c b/xf86drm.c
>> index 10df682b..adee5bd9 100644
>> --- a/xf86drm.c
>> +++ b/xf86drm.c
>> @@ -2741,6 +2741,21 @@ drm_public int drmDropMaster(int fd)
>>          return drmIoctl(fd, DRM_IOCTL_DROP_MASTER, NULL);
>>  }
>>
>> +drm_public bool drmIsMaster(int fd)
>> +{
>> +        /* Detect master by attempting something that requires
>master.
>> +         *
>> +         * Authenticating magic tokens requires master and 0 is
>> +         * guaranteed to be an invalid magic number. Attempting this
>on
>> +         * a master fd will fail therefore fail with EINVAL because
>0 is
>> +         * invalid.
>> +         *
>> +         * A non-master fd will fail with EACCESS, as the kernel
>checks for
>> +         * master before attempting to do anything else.
>> +         */
>> +        return drmAuthMagic(fd, 0) == EINVAL;
>What magic value is valid, is a DRM implementation detail, which we
>don't need to depend upon.
>
>Instead we can check for EACCES, since we care if we have permissions
>- aka are we master.
>The function returns a negative errno, so I'd make this a:
>
>        return drmAuthMagic(fd, 0) != -EACCES;
>
>If you and Daniel agree, I'll squash this locally and push.

That's a much better idea, thanks!

More information about the dri-devel mailing list