[Libva] [PATCH] drm: remove va_drm_is_authenticated check

Sean V Kelley seanvk at posteo.de
Thu Nov 17 06:14:04 UTC 2016 

> On 15 Samh 2016, at 09:44, Emil Velikov <emil.l.velikov at gmail.com> wrote:
> 
> On 15 November 2016 at 15:42, David Herrmann <dh.herrmann at gmail.com <mailto:dh.herrmann at gmail.com>> wrote:
>> Hi
>> 
>> On Tue, Nov 15, 2016 at 4:24 PM, Emil Velikov <emil.l.velikov at gmail.com <mailto:emil.l.velikov at gmail.com>> wrote:
>>> If we do not use a render node we must authenticate. Doing the extra
>>> GetClient calls/ioctls does not help much, so don't bother.
>>> 
>>> Cc: David Herrmann <dh.herrmann at gmail.com>
>>> Cc: Daniel Vetter <daniel.vetter at ffwll.ch>
>>> Signed-off-by: Emil Velikov <emil.l.velikov at gmail.com>
>>> ---
>>> David, Daniel, I believe things are perfectly reasonable on kernel side.
>>> If not please shout.
>>> ---
>>> va/drm/va_drm.c      |  8 ++------
>>> va/drm/va_drm_auth.c | 35 -----------------------------------
>>> va/drm/va_drm_auth.h |  4 ----
>>> 3 files changed, 2 insertions(+), 45 deletions(-)
>>> 
>>> diff --git a/va/drm/va_drm.c b/va/drm/va_drm.c
>>> index 08071cf..59e33fa 100644
>>> --- a/va/drm/va_drm.c
>>> +++ b/va/drm/va_drm.c
>>> @@ -74,12 +74,8 @@ va_DisplayContextGetDriverName(
>>>         if (ret < 0)
>>>             return VA_STATUS_ERROR_OPERATION_FAILED;
>>> 
>>> -        if (!va_drm_is_authenticated(drm_state->fd)) {
>>> -            if (!va_drm_authenticate(drm_state->fd, magic))
>>> -                return VA_STATUS_ERROR_OPERATION_FAILED;
>>> -            if (!va_drm_is_authenticated(drm_state->fd))
>>> -                return VA_STATUS_ERROR_OPERATION_FAILED;
>>> -        }
>>> +        if (!va_drm_authenticate(drm_state->fd, magic))
>>> +            return VA_STATUS_ERROR_OPERATION_FAILED;
>> 
>> va_drm_authenticate() on native DRM returns EINVAL (via
>> drmAuthMagic()) if already authenticated. Hence, this solution only
>> works if you can guarantee that @drm_state->fd is not already
>> authenticated.
>> 
>> I don't know the VA internals, so cannot see whether this matters.
>> 
> The API (vaGetDisplayDRM) isn't explicit if the device has to be auth.
> yet I'm leaning towards no. Not to mention that every user of vaapi
> [that I know of] does not do auth.

Indeed the intent has been to allow vaGetDisplayDRM() to accept DRM Render-Nodes bypassing authentication to facilitate headless or remote based modes, e.g., ssh remotely with no auth on system display.  We really don’t do auth at all.  Auth has always been a byproduct of what ever backend we needed to support, or work around, e.g., Android.  I’m inclined to be okay with this patch.

Thanks,

Sean

> On the libva side, it's done once during vaInitialize and only when
> using the DRM display (vaGetDisplayDRM).
> 
> -Emil
> _______________________________________________
> Libva mailing list
> Libva at lists.freedesktop.org <mailto:Libva at lists.freedesktop.org>
> https://lists.freedesktop.org/mailman/listinfo/libva <https://lists.freedesktop.org/mailman/listinfo/libva>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libva/attachments/20161116/682523d8/attachment.html>

More information about the Libva mailing list