[Intel-gfx] [PATCH] drm/i915: allow root to submit secure buffers even if !master
Jesse Barnes
jbarnes at virtuousgeek.org
Wed Jul 17 22:26:34 CEST 2013
On Wed, 17 Jul 2013 21:20:07 +0100
Chris Wilson <chris at chris-wilson.co.uk> wrote:
> On Wed, Jul 17, 2013 at 09:45:30AM -0700, Jesse Barnes wrote:
> > This should allow userland tools running under X to submit secure
> > batches for various things. This gives master DRM clients slightly more
> > permissions, but doesn't give regular processes any more, since a root
> > process can already map the registers directly and poke at hw.
> >
> > Signed-off-by: Jesse Barnes <jbarnes at virtuousgeek.org>
> > ---
> > drivers/gpu/drm/i915/i915_gem_execbuffer.c | 8 ++++----
> > 1 file changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> > index 1b58694..377aa1f 100644
> > --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> > +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> > @@ -858,10 +858,10 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data,
> >
> > flags = 0;
> > if (args->flags & I915_EXEC_SECURE) {
> > - if (!file->is_master || !capable(CAP_SYS_ADMIN))
> > + if (!f(ile->is_master || capable(CAP_SYS_ADMIN)))
> > return -EPERM;
>
> Would have made for a much smaller patch.
And maybe without the typo? :)
--
Jesse Barnes, Intel Open Source Technology Center
More information about the Intel-gfx
mailing list