[12/13] drm/virtio: drop DRM_AUTH usage from the driver

Message ID	20190527081741.14235-12-emil.l.velikov@gmail.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <dri-devel-bounces@lists.freedesktop.org> From: Emil Velikov <emil.l.velikov@gmail.com> To: dri-devel@lists.freedesktop.org Subject: [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver Date: Mon, 27 May 2019 09:17:40 +0100 Message-Id: <20190527081741.14235-12-emil.l.velikov@gmail.com> In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com> References: <20190527081741.14235-1-emil.l.velikov@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bGo+wmfdMFNtr1n5PzMjqu4298v/kiu+NsJd7STGsfY=; b=DEgdxNrKgBZYo//4TQnq9pRScePESu2k3EUK0vCL8OX9uFkHxxyLMmFWVrm5bp+dMw O1id/TRhkXrvWY9eieCmsrcQkuIuxx5KtNLxBUb4Efgm9x1UJPxxg1eldOHI/FD862L/ x5fnlCAsHz67w8TCF7oh/AL0cTIrGSTkvu/yuOJwoHQC0wfaiSTQ1vgGOFXt5/DJTaoD C+p5teDn921KesiinoYqauVHXG3ehpt6KyMDd6vAU6LzXM9Hot1nNAGq6lgdyBEPSPbn par945U0E6VLbpvKpdDSmg4HckQbpRd+ailTV0zvlVSkVTPqk5aN2rGz0zKrg5VNPfbs BZYA== Precedence: list Cc: David Airlie <airlied@linux.ie>, emil.l.velikov@gmail.com, Gerd Hoffmann <kraxel@redhat.com>, virtualization@lists.linux-foundation.org Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>
Series	[01/13] drm/amdgpu: introduce and honour DRM_FORCE_AUTH workaround \| expand [01/13] drm/amdgpu: introduce and honour DRM_FORCE_AUTH workaround [02/13] drm/amdgpu: drop DRM_AUTH usage from the driver [03/13] drm/etnaviv: drop DRM_AUTH usage from the driver [04/13] drm/exynos: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls [05/13] drm/i915: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls [06/13] drm/lima: drop DRM_AUTH usage from the driver [07/13] drm/msm: drop DRM_AUTH usage from the driver [08/13] drm/nouveau: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls [09/13] drm/omap: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls [10/13] drm/radeon: drop DRM_AUTH from DRM_RENDER_ALLOW ioctls [11/13] drm/vgem: drop DRM_AUTH usage from the driver [12/13] drm/virtio: drop DRM_AUTH usage from the driver [13/13] drm: allow render capable master with DRM_AUTH ioctls

Message ID

20190527081741.14235-12-emil.l.velikov@gmail.com (mailing list archive)

State

New, archived

Headers

From: Emil Velikov <emil.l.velikov@gmail.com>
To: dri-devel@lists.freedesktop.org
Subject: [PATCH 12/13] drm/virtio: drop DRM_AUTH usage from the driver
Date: Mon, 27 May 2019 09:17:40 +0100
Message-Id: <20190527081741.14235-12-emil.l.velikov@gmail.com>
In-Reply-To: <20190527081741.14235-1-emil.l.velikov@gmail.com>
References: <20190527081741.14235-1-emil.l.velikov@gmail.com>
MIME-Version: 1.0
Precedence: list
Cc: David Airlie <airlied@linux.ie>, emil.l.velikov@gmail.com,
 Gerd Hoffmann <kraxel@redhat.com>, virtualization@lists.linux-foundation.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: dri-devel-bounces@lists.freedesktop.org
Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>

Series

[01/13] drm/amdgpu: introduce and honour DRM_FORCE_AUTH workaround | expand

Commit Message

Emil Velikov May 27, 2019, 8:17 a.m. UTC

From: Emil Velikov <emil.velikov@collabora.com>

The authentication can be circumvented, by design, by using the render
node.

From the driver POV there is no distinction between primary and render
nodes, thus we can drop the token.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: virtualization@lists.linux-foundation.org
Cc: David Airlie <airlied@linux.ie>
Cc: Daniel Vetter <daniel@ffwll.ch>
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
---
 drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

Comments

Emil Velikov June 6, 2019, 10:59 a.m. UTC | #1

On Mon, 27 May 2019 at 09:19, Emil Velikov <emil.l.velikov@gmail.com> wrote:
>
> From: Emil Velikov <emil.velikov@collabora.com>
>
> The authentication can be circumvented, by design, by using the render
> node.
>
> From the driver POV there is no distinction between primary and render
> nodes, thus we can drop the token.
>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: virtualization@lists.linux-foundation.org
> Cc: David Airlie <airlied@linux.ie>
> Cc: Daniel Vetter <daniel@ffwll.ch>
> Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
> ---
>  drivers/gpu/drm/virtio/virtgpu_ioctl.c | 18 +++++++++---------
>  1 file changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> index 949a264985fc..e72626faba52 100644
> --- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> +++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
> @@ -553,34 +553,34 @@ static int virtio_gpu_get_caps_ioctl(struct drm_device *dev,
>
>  struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = {
>         DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE,
>                           virtio_gpu_resource_create_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         /* make transfer async to the main ring? - no sure, can we
>          * thread these in the underlying GL
>          */
>         DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST,
>                           virtio_gpu_transfer_from_host_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>         DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST,
>                           virtio_gpu_transfer_to_host_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>
>         DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl,
> -                         DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
> +                         DRM_UNLOCKED | DRM_RENDER_ALLOW),
>  };
> --
> 2.21.0
>

Humble poke?

Thanks,
Emil

Gerd Hoffmann June 13, 2019, 7 a.m. UTC | #2

On Thu, Jun 06, 2019 at 11:59:15AM +0100, Emil Velikov wrote:
> On Mon, 27 May 2019 at 09:19, Emil Velikov <emil.l.velikov@gmail.com> wrote:
> >
> > From: Emil Velikov <emil.velikov@collabora.com>
> >
> > The authentication can be circumvented, by design, by using the render
> > node.
> >
> > From the driver POV there is no distinction between primary and render
> > nodes, thus we can drop the token.
> >
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: virtualization@lists.linux-foundation.org
> > Cc: David Airlie <airlied@linux.ie>
> > Cc: Daniel Vetter <daniel@ffwll.ch>
> > Signed-off-by: Emil Velikov <emil.velikov@collabora.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>

diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
index 949a264985fc..e72626faba52 100644
--- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
+++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
@@ -553,34 +553,34 @@  static int virtio_gpu_get_caps_ioctl(struct drm_device *dev,
 
 struct drm_ioctl_desc virtio_gpu_ioctls[DRM_VIRTIO_NUM_IOCTLS] = {
 	DRM_IOCTL_DEF_DRV(VIRTGPU_MAP, virtio_gpu_map_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_EXECBUFFER, virtio_gpu_execbuffer_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_GETPARAM, virtio_gpu_getparam_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_CREATE,
 			  virtio_gpu_resource_create_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_RESOURCE_INFO, virtio_gpu_resource_info_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	/* make transfer async to the main ring? - no sure, can we
 	 * thread these in the underlying GL
 	 */
 	DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_FROM_HOST,
 			  virtio_gpu_transfer_from_host_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 	DRM_IOCTL_DEF_DRV(VIRTGPU_TRANSFER_TO_HOST,
 			  virtio_gpu_transfer_to_host_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_WAIT, virtio_gpu_wait_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 
 	DRM_IOCTL_DEF_DRV(VIRTGPU_GET_CAPS, virtio_gpu_get_caps_ioctl,
-			  DRM_AUTH | DRM_UNLOCKED | DRM_RENDER_ALLOW),
+			  DRM_UNLOCKED | DRM_RENDER_ALLOW),
 };

[12/13] drm/virtio: drop DRM_AUTH usage from the driver

Commit Message

Comments

Patch