Emil Velikov
2019-May-27 08:17 UTC
[PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
From: Emil Velikov <emil.velikov at collabora.com> The authentication can be circumvented, by design, by using the render node.>From the driver POV there is no distinction between primary and rendernodes, thus we can drop the token. Cc: Gerd Hoffmann <kraxel at redhat.com> Cc: virtualization at lists.linux-foundation.org Cc: David Airlie <airlied at linux.ie> Cc: Daniel Vetter <daniel at ffwll.ch> Signed-off-by: Emil Velikov <emil.velikov at collabora.com> --- drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c index 949a264985fc..e72626faba52 100644 --- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c +++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c @@ -553,34 +553,34 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev, struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = { DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE, virtio_gpu_resource_create_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), /* make transfer async to the main ring? - no sure, can we * thread these in the underlying GL */ DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST, virtio_gpu_transfer_from_host_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST, virtio_gpu_transfer_to_host_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl, - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), + DRM_UNLOCKED | DRM_RENDER_ALLOW), }; -- 2.21.0
Emil Velikov
2019-Jun-06 10:59 UTC
[PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
On Mon, 27 May 2019 at 09:19, Emil Velikov <emil.l.velikov at gmail.com> wrote:> > From: Emil Velikov <emil.velikov at collabora.com> > > The authentication can be circumvented, by design, by using the render > node. > > From the driver POV there is no distinction between primary and render > nodes, thus we can drop the token. > > Cc: Gerd Hoffmann <kraxel at redhat.com> > Cc: virtualization at lists.linux-foundation.org > Cc: David Airlie <airlied at linux.ie> > Cc: Daniel Vetter <daniel at ffwll.ch> > Signed-off-by: Emil Velikov <emil.velikov at collabora.com> > --- > drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++--------- > 1 file changed, 9 insertions(+), 9 deletions(-) > > diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c > index 949a264985fc..e72626faba52 100644 > --- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c > +++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c > @@ -553,34 +553,34 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev, > > struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = { > DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE, > virtio_gpu_resource_create_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > /* make transfer async to the main ring? - no sure, can we > * thread these in the underlying GL > */ > DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST, > virtio_gpu_transfer_from_host_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST, > virtio_gpu_transfer_to_host_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > > DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl, > - DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW), > + DRM_UNLOCKED | DRM_RENDER_ALLOW), > }; > -- > 2.21.0 >Humble poke? Thanks, Emil
Gerd Hoffmann
2019-Jun-13 07:00 UTC
[PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
On Thu, Jun 06, 2019 at 11:59:15AM +0100, Emil Velikov wrote:> On Mon, 27 May 2019 at 09:19, Emil Velikov <emil.l.velikov at gmail.com> wrote: > > > > From: Emil Velikov <emil.velikov at collabora.com> > > > > The authentication can be circumvented, by design, by using the render > > node. > > > > From the driver POV there is no distinction between primary and render > > nodes, thus we can drop the token. > > > > Cc: Gerd Hoffmann <kraxel at redhat.com> > > Cc: virtualization at lists.linux-foundation.org > > Cc: David Airlie <airlied at linux.ie> > > Cc: Daniel Vetter <daniel at ffwll.ch> > > Signed-off-by: Emil Velikov <emil.velikov at collabora.com>Acked-by: Gerd Hoffmann <kraxel at redhat.com>
Maybe Matching Threads
- [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
- [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
- [PATCH 2/4] drm/virtio: remove irrelevant DRM_UNLOCKED flag
- [PATCH 08/13] drm/nouveau: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls
- [PATCH 1/2] drm/nouveau: add staging module option