On 11/1/19 2:05 PM, Emil Velikov wrote:
> From: Emil Velikov
>
> With later commit we'll rework DRM authentication handling. Namely
> DRM_AUTH will not be a requirement for DRM_RENDER_ALLOW ioctls.
>
> Since vmwgfx does isolation for primary clients in different master
> realms, the DRM_AUTH can be dropped.
>
> The only place where authentication matters, is surface_reference ioctls
> whenever a legacy (non-prime) handle is used. For those ioctls we call
> vmw_surface_handle_reference(), where we explicitly check if the client
> is both a) master and b) unauthenticated - bailing out as result.
>
> Otherwise the usual isolation path kicks in and we're all good.
>
> v2: Reword commit message, since the isolation work has landed.
>
> Cc: VMware Graphics
> Cc: Thomas Hellstrom
> Signed-off-by: Emil Velikov
> ---
> drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | 7 +++
> 1 file changed, 7 insertions(+)
>
> diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
> b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
> index 1f989f3605c8..596e5c1bc2c1 100644
> --- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
> +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
> @@ -936,6 +936,13 @@ vmw_surface_handle_reference(struct vmw_private
> *dev_priv,
> user_srf = container_of(base, struct vmw_user_surface,
> prime.base);
>
> + /* Error out if we are unauthenticated master */
Shouldn't this be "Error out if we are unauthenticated primary" ?
Otherwise
Reviewed-by: Thomas Hellstrom
> + if (drm_is_primary_client(file_priv) &&
> + !file_priv->authenticated) {
> + ret = -EACCES;
> + goto out_bad_resource;
> + }
> +
> /*
>* Make sure the surface creator has the same
>* authenticating master, or is already registered with us.
___
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel
