[Mesa-dev] [PATCH 1/3] egl/x11_dri3: disable WL_bind_wayland_display for devices without render nodes
Frank Binns
frank.binns at imgtec.com
Tue Jun 21 08:46:16 UTC 2016
On 21/06/16 07:39, Michel Dänzer wrote:
> On 21.06.2016 15:24, Axel Davy wrote:
>> On 21/06/2016 01:26, Michel Dänzer wrote:
>>> On 20.06.2016 20:06, Frank Binns wrote:
>>>> On 20/06/16 10:48, Michel Dänzer wrote:
>>>>> On 18.06.2016 02:41, Frank Binns wrote:
>>>>>> Up until now, DRI3 was only used for devices that have render nodes,
>>>>>> unless
>>>>>> overridden via an environment variable, with it falling back to DRI2
>>>>>> otherwise.
>>>>>> This limitation was there in order to support WL_bind_wayland_display
>>>>>> as it
>>>>>> requires client opened device node fds to be authenticated, which
>>>>>> isn't possible
>>>>>> when using DRI3. This is an unfortunate compromise as DRI3 provides
>>>>>> security
>>>>>> benefits over DRI2.
>>>>> What exactly is it that works with render nodes but not with
>>>>> unauthenticated non-render nodes? Isn't that a kernel bug?
>>>> The problem isn't that something doesn't work with unauthenticated
>>>> non-render nodes (wouldn't that be the kernel bug?) but that if a
>>>> client opens the primary/legacy node it needs the resulting fd to
>>>> be authenticated, which isn't supported by the X11 DRI3 protocol.
>>> Authentication is required for using certain ioctls of non-render nodes.
>>> It sounds like some ioctls are allowed to be used with render nodes but
>>> not with unauthenticated non-render nodes, which seems like a kernel bug
>>> — why would an ioctl be safe to use without authentication via a render
>>> node but not via a non-render node?
>>>
>>> So, which ioctls required by WL_bind_wayland_display don't work with an
>>> unauthenticated non-render node?
>>>
>>>
>> The ioctl to authenticate is possible only when you have the master node
>> (owned by the DDX when using X, or by the wayland compositor when using
>> Wayland). There is only one master node.
>>
>>
>> On of the motives of render-nodes is precisely to fix these limitations.
> I understand all of that, but it doesn't answer my question. :)
>
> Since WL_bind_wayland_display works with a render node, it means that
> all ioctls it needs work without authentication when using a render
> node. The question is, why do the same ioctls require authentication
> when using a non-render node?
I didn't write all the kernel drivers so I can't possibly answer that :)
To answer your earlier question, I915_GEM_EXECBUFFER2 and AMDGPU_CS ioctls
both work with render nodes but not with unauthenticated non-render nodes.
(I assume both these ioctls submit commands to the HW so are needed for
WL_bind_wayland_display.)
Even if there is a kernel bug, it doesn't really make a difference as,
authentication will still be needed on older kernels.
More information about the mesa-dev
mailing list