[Mesa-dev] [PATCH 1/3] egl/x11_dri3: disable WL_bind_wayland_display for devices without render nodes

Michel Dänzer michel at daenzer.net
Mon Jun 20 23:26:54 UTC 2016


On 20.06.2016 20:06, Frank Binns wrote:
> On 20/06/16 10:48, Michel Dänzer wrote:
>> On 18.06.2016 02:41, Frank Binns wrote:
>>> Up until now, DRI3 was only used for devices that have render nodes,
>>> unless
>>> overridden via an environment variable, with it falling back to DRI2
>>> otherwise.
>>> This limitation was there in order to support WL_bind_wayland_display
>>> as it
>>> requires client opened device node fds to be authenticated, which
>>> isn't possible
>>> when using DRI3. This is an unfortunate compromise as DRI3 provides
>>> security
>>> benefits over DRI2.
>> What exactly is it that works with render nodes but not with
>> unauthenticated non-render nodes? Isn't that a kernel bug?
> 
> The problem isn't that something doesn't work with unauthenticated
> non-render nodes (wouldn't that be the kernel bug?) but that if a
> client opens the primary/legacy node it needs the resulting fd to
> be authenticated, which isn't supported by the X11 DRI3 protocol.

Authentication is required for using certain ioctls of non-render nodes.
It sounds like some ioctls are allowed to be used with render nodes but
not with unauthenticated non-render nodes, which seems like a kernel bug
— why would an ioctl be safe to use without authentication via a render
node but not via a non-render node?

So, which ioctls required by WL_bind_wayland_display don't work with an
unauthenticated non-render node?


-- 
Earthling Michel Dänzer               |               http://www.amd.com
Libre software enthusiast             |             Mesa and X developer


More information about the mesa-dev mailing list