[Libva] [PATCH] drm: remove va_drm_is_authenticated check
Sean V Kelley
seanvk at posteo.de
Thu Nov 17 16:39:40 UTC 2016
On Thu, 2016-11-17 at 15:38 +0000, Xiang, Haihao wrote:
> > From: Libva [mailto:libva-bounces at lists.freedesktop.org] On Behalf
> > Of Emil
> > Velikov
> > Sent: Tuesday, November 15, 2016 11:24 PM
> > To: libva at lists.freedesktop.org
> > Cc: Daniel Vetter <daniel.vetter at ffwll.ch>; David Herrmann
> > <dh.herrmann at gmail.com>
> > Subject: [Libva] [PATCH] drm: remove va_drm_is_authenticated check
> >
> > If we do not use a render node we must authenticate.
>
> It is not true. A root or master user can access /dev/dri/card0
> without authentication in drm.
> va_drm_is_authenticated() is used to check for this cases.
That's true but that is also not a recommended use case, root user
accessing card0 for video playback/encode.
Sean
>
> > Doing the extra
> > GetClient calls/ioctls does not help much, so don't bother.
> >
> > Cc: David Herrmann <dh.herrmann at gmail.com>
> > Cc: Daniel Vetter <daniel.vetter at ffwll.ch>
> > Signed-off-by: Emil Velikov <emil.l.velikov at gmail.com>
> > ---
> > David, Daniel, I believe things are perfectly reasonable on kernel
> > side.
> > If not please shout.
> > ---
> > va/drm/va_drm.c | 8 ++------
> > va/drm/va_drm_auth.c | 35 -----------------------------------
> > va/drm/va_drm_auth.h | 4 ----
> > 3 files changed, 2 insertions(+), 45 deletions(-)
> >
> > diff --git a/va/drm/va_drm.c b/va/drm/va_drm.c
> > index 08071cf..59e33fa 100644
> > --- a/va/drm/va_drm.c
> > +++ b/va/drm/va_drm.c
> > @@ -74,12 +74,8 @@ va_DisplayContextGetDriverName(
> > if (ret < 0)
> > return VA_STATUS_ERROR_OPERATION_FAILED;
> >
> > - if (!va_drm_is_authenticated(drm_state->fd)) {
> > - if (!va_drm_authenticate(drm_state->fd, magic))
> > - return VA_STATUS_ERROR_OPERATION_FAILED;
> > - if (!va_drm_is_authenticated(drm_state->fd))
> > - return VA_STATUS_ERROR_OPERATION_FAILED;
> > - }
> > + if (!va_drm_authenticate(drm_state->fd, magic))
> > + return VA_STATUS_ERROR_OPERATION_FAILED;
> > }
> >
> > drm_state->auth_type = VA_DRM_AUTH_CUSTOM;
> > diff --git a/va/drm/va_drm_auth.c b/va/drm/va_drm_auth.c
> > index 53794d3..592381d 100644
> > --- a/va/drm/va_drm_auth.c
> > +++ b/va/drm/va_drm_auth.c
> > @@ -28,41 +28,6 @@
> > #include "va_drm_auth.h"
> > #include "va_drm_auth_x11.h"
> >
> > -#if defined __linux__
> > -# include <sys/syscall.h>
> > -#endif
> > -
> > -/* Checks whether the thread id is the current thread */
> > -static bool
> > -is_local_tid(pid_t tid)
> > -{
> > -#if defined __linux__
> > - /* On Linux systems, drmGetClient() would return the thread ID
> > - instead of the actual process ID */
> > - return syscall(SYS_gettid) == tid;
> > -#else
> > - return false;
> > -#endif
> > -}
> > -
> > -/* Checks whether DRM connection is authenticated */
> > -bool
> > -va_drm_is_authenticated(int fd)
> > -{
> > - pid_t client_pid;
> > - int i, auth, pid, uid;
> > - unsigned long magic, iocs;
> > - bool is_authenticated = false;
> > -
> > - client_pid = getpid();
> > - for (i = 0; !is_authenticated; i++) {
> > - if (drmGetClient(fd, i, &auth, &pid, &uid, &magic, &iocs)
> > != 0)
> > - break;
> > - is_authenticated = auth && (pid == client_pid ||
> > is_local_tid(pid));
> > - }
> > - return is_authenticated;
> > -}
> > -
> > /* Try to authenticate the DRM connection with the supplied magic
> > id */
> > bool
> > va_drm_authenticate(int fd, uint32_t magic)
> > diff --git a/va/drm/va_drm_auth.h b/va/drm/va_drm_auth.h
> > index 1aa6989..a8ca794 100644
> > --- a/va/drm/va_drm_auth.h
> > +++ b/va/drm/va_drm_auth.h
> > @@ -30,10 +30,6 @@
> >
> > DLL_HIDDEN
> > bool
> > -va_drm_is_authenticated(int fd);
> > -
> > -DLL_HIDDEN
> > -bool
> > va_drm_authenticate(int fd, uint32_t magic);
> >
> > #endif /* VA_DRM_AUTH_H */
> > --
> > 2.10.2
> >
> > _______________________________________________
> > Libva mailing list
> > Libva at lists.freedesktop.org
> > https://lists.freedesktop.org/mailman/listinfo/libva
>
> _______________________________________________
> Libva mailing list
> Libva at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/libva
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <https://lists.freedesktop.org/archives/libva/attachments/20161117/c0fc5952/attachment.sig>
More information about the Libva
mailing list