[Libva] [PATCH v2 1/7] API: add support for raw DRM.

Yuan, Shengquan shengquan.yuan at gmail.com
Wed Aug 1 00:15:09 PDT 2012 

On Tue, Jul 31, 2012 at 4:17 PM, Gwenole Beauchesne <gb.devel at gmail.com> wrote:
> Hi,
>
> 2012/7/30 Yuan, Shengquan <shengquan.yuan at gmail.com>:
>> On Sat, Jul 28, 2012 at 12:21 AM, Gwenole Beauchesne <gb.devel at gmail.com> wrote:
> Actually, you get authenticated if you are the first and only user, no
> matter you are root or not. However, if you need another client to be
> authenticated, you need someone (a third-party) that owns and controls
> access to graphics memory. Typically, this is the display server (X11,
> Wayland, etc.) that has this role and can get this call to succeed.
>
> Another thing, you only need to be authenticated to submit commands,
> i.e. you don't really need to be "master" for that.
>
> For console apps, and probably others in Android context (should you
> use this API), I wanted to create a standalone library (e.g.
> libdrm_auth) that would manage authentication. Basically, you'd need a
> third-party app (setuid root) that says "hey, you are a good guy and I
> accept to authenticate you". Something similar to the Weston startup
> helper actually. I didn't implement this yet as I didn't come yet to a
> point I actually need this functionality.

There are multiple clients in Android environment, e.g. thumbnail
threads in background,
video playback through wireless display. I don't know how other
vendors solve this issue,
perhaps they don't use DRM, so that they don't need this
authentication mechanism.

Because of multiple clients, does it mean we must develop a separate
authentication application
if we want to go through DRM authentication path?
>
> Do you need this soon? In terms of security, there are also ways to
It is not urgent. I saw your headless backend, just thinking if we can
simply use it for Android.

Thanks
-Austin

> deprivilege root and also grant specific rights to specific users,
> should this be required in a self-contained environment. e.g. with an
> RSBAC-enabled environment, but I don't know if you want to get extreme
> and enable this in Android :)


>
> Kristian also suggested other means in the past, but this would need
> further changes to DRM. The point is to fulfill the following model:
> user A should not see graphics memory of user B, unless user B allows
> it.
>
> Regards,
> Gwenole.

More information about the Libva mailing list