From patchwork Tue Jul 20 20:57:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Brost X-Patchwork-Id: 12389399 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 27326C636C8 for ; Tue, 20 Jul 2021 20:41:53 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F080860FF3 for ; Tue, 20 Jul 2021 20:41:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F080860FF3 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=dri-devel-bounces@lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id C49C96E50D; Tue, 20 Jul 2021 20:41:03 +0000 (UTC) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by gabe.freedesktop.org (Postfix) with ESMTPS id AFE556E530; Tue, 20 Jul 2021 20:40:18 +0000 (UTC) X-IronPort-AV: E=McAfee;i="6200,9189,10051"; a="190909014" X-IronPort-AV: E=Sophos;i="5.84,256,1620716400"; d="scan'208";a="190909014" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jul 2021 13:40:17 -0700 X-IronPort-AV: E=Sophos;i="5.84,256,1620716400"; d="scan'208";a="414906089" Received: from dhiatt-server.jf.intel.com ([10.54.81.3]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jul 2021 13:40:16 -0700 From: Matthew Brost To: , Subject: [RFC PATCH 30/42] i915/drm: Move secure execbuf check to execbuf2 Date: Tue, 20 Jul 2021 13:57:50 -0700 Message-Id: <20210720205802.39610-31-matthew.brost@intel.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20210720205802.39610-1-matthew.brost@intel.com> References: <20210720205802.39610-1-matthew.brost@intel.com> MIME-Version: 1.0 X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" Goal is to remove all input sanity checks from the core submission. Signed-off-by: Tvrtko Ursulin Signed-off-by: Matthew Brost --- .../gpu/drm/i915/gem/i915_gem_execbuffer.c | 35 +++++++++++-------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c index 1ed7475de454..70d352fc543f 100644 --- a/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/gem/i915_gem_execbuffer.c @@ -3184,19 +3184,8 @@ i915_gem_do_execbuffer(struct drm_device *dev, eb.num_fences = 0; eb.batch_flags = 0; - if (args->flags & I915_EXEC_SECURE) { - if (GRAPHICS_VER(i915) >= 11) - return -ENODEV; - - /* Return -EPERM to trigger fallback code on old binaries. */ - if (!HAS_SECURE_BATCHES(i915)) - return -EPERM; - - if (!drm_is_current_master(file) || !capable(CAP_SYS_ADMIN)) - return -EPERM; - + if (args->flags & I915_EXEC_SECURE) eb.batch_flags |= I915_DISPATCH_SECURE; - } if (args->flags & I915_EXEC_IS_PINNED) eb.batch_flags |= I915_DISPATCH_PINNED; @@ -3414,6 +3403,18 @@ i915_gem_execbuffer2_ioctl(struct drm_device *dev, void *data, return -EINVAL; } + if (args->flags & I915_EXEC_SECURE) { + if (GRAPHICS_VER(i915) >= 11) + return -ENODEV; + + /* Return -EPERM to trigger fallback code on old binaries. */ + if (!HAS_SECURE_BATCHES(i915)) + return -EPERM; + + if (!drm_is_current_master(file) || !capable(CAP_SYS_ADMIN)) + return -EPERM; + } + err = i915_gem_check_execbuffer(args); if (err) return err; @@ -3430,8 +3431,8 @@ i915_gem_execbuffer2_ioctl(struct drm_device *dev, void *data, u64_to_user_ptr(args->buffers_ptr), sizeof(*exec2_list) * count)) { drm_dbg(&i915->drm, "copy %zd exec entries failed\n", count); - kvfree(exec2_list); - return -EFAULT; + err = -EFAULT; + goto err_copy; } err = i915_gem_do_execbuffer(dev, file, args, exec2_list); @@ -3476,6 +3477,12 @@ end:; args->flags &= ~__I915_EXEC_UNKNOWN_FLAGS; kvfree(exec2_list); + + return err; + +err_copy: + kvfree(exec2_list); + return err; }