[PATCH] drm: Fix FD ownership check in drm_master_check_perm()
Tvrtko Ursulin
tvrtko.ursulin at linux.intel.com
Thu Dec 7 10:22:00 UTC 2023
On 07/12/2023 10:18, Christian König wrote:
> Am 07.12.23 um 11:12 schrieb Linus Walleij:
>> On Wed, Dec 6, 2023 at 2:52 PM Lingkai Dong <Lingkai.Dong at arm.com> wrote:
>>
>>> The DRM subsystem keeps a record of the owner of a DRM device file
>>> descriptor using thread group ID (TGID) instead of process ID (PID), to
>>> ensures all threads within the same userspace process are considered the
>>> owner. However, the DRM master ownership check compares the current
>>> thread's PID against the record, so the thread is incorrectly
>>> considered to
>>> be not the FD owner if the PID is not equal to the TGID. This causes DRM
>>> ioctls to be denied master privileges, even if the same thread that
>>> opened
>>> the FD performs an ioctl. Fix this by checking TGID.
>>>
>>> Fixes: 4230cea89cafb ("drm: Track clients by tgid and not tid")
>>> Signed-off-by: Lingkai Dong <lingkai.dong at arm.com>
>> Paging the patch author (Tvrko) and committer (Christian).
>> Here is the patch if you don't have it in your mailbox:
>> https://lore.kernel.org/dri-devel/PA6PR08MB107665920BE9A96658CDA04CE8884A@PA6PR08MB10766.eurprd08.prod.outlook.com/
>>
>> I'm seeing this as well (on Android).
>>
>> Tvrko, Christian: can you look at this?
>
> Good catch, looks like we missed this occasion while switching from PID
> to TGID.
Oops, yes..
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin at intel.com>
>> Will you apply it to the AMD tree for fixes if it looks OK
>> or does it go elsewhere?
>
> I can push this to drm-misc-fixes as long as nobody objects in the next
> hour or so.
>
> CC: stable? If yes which versions?
Cc: <stable at vger.kernel.org> # v6.4+
Regards,
Tvrtko
More information about the dri-devel
mailing list