[PATCH] drm/panthor: Enforce DRM_PANTHOR_BO_NO_MMAP
Boris Brezillon
boris.brezillon at collabora.com
Tue Apr 15 11:18:42 UTC 2025
On Tue, 15 Apr 2025 12:57:10 +0200
Boris Brezillon <boris.brezillon at collabora.com> wrote:
> Right now the DRM_PANTHOR_BO_NO_MMAP flag is ignored by
> panthor_ioctl_bo_mmap_offset(), meaning BOs with this flag set can
> still be mmap-ed.
>
> Fortunately, this bug only impacts user BOs, because kernel BOs are not
> exposed to userspace (they don't have a BO handle), so they can't
> be mmap-ed anyway. Given all user BOs setting this flag are private
> anyway (not shareable), there's no potential data leak.
>
> Fixes: 4bdca1150792 ("drm/panthor: Add the driver frontend block")
> Signed-off-by: Boris Brezillon <boris.brezillon at collabora.com>
> ---
> drivers/gpu/drm/panthor/panthor_drv.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
> index 15d8e2bcf6ad..1499df07f512 100644
> --- a/drivers/gpu/drm/panthor/panthor_drv.c
> +++ b/drivers/gpu/drm/panthor/panthor_drv.c
> @@ -940,6 +940,7 @@ static int panthor_ioctl_bo_mmap_offset(struct drm_device *ddev, void *data,
> struct drm_file *file)
> {
> struct drm_panthor_bo_mmap_offset *args = data;
> + struct panthor_gem_object *bo;
> struct drm_gem_object *obj;
> int ret;
>
> @@ -950,6 +951,10 @@ static int panthor_ioctl_bo_mmap_offset(struct drm_device *ddev, void *data,
> if (!obj)
> return -ENOENT;
>
> + bo = to_panthor_bo(obj);
> + if (bo->flags & DRM_PANTHOR_BO_NO_MMAP)
> + return -EINVAL;
Maybe it should be EPERM instead of EINVAL here.
> +
> ret = drm_gem_create_mmap_offset(obj);
> if (ret)
> goto out;
More information about the dri-devel
mailing list