diff options
author | Emil Velikov <emil.velikov@collabora.com> | 2019-11-01 16:03:10 +0300 |
---|---|---|
committer | Thomas Hellstrom <thellstrom@vmware.com> | 2020-01-15 13:46:58 +0300 |
commit | 4872e6aa217fbb475ffa0ad7bda0d9acff543f2c (patch) | |
tree | 7f650ab5af837ac4d1e4702015836c6be844ffe5 /drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | |
parent | 8815a94f27d2f30fe1216ce10c7da0f6ae69ca0f (diff) | |
download | linux-4872e6aa217fbb475ffa0ad7bda0d9acff543f2c.tar.xz |
drm/vmwgfx: check master authentication in surface_ref ioctls
With later commit we'll rework DRM authentication handling. Namely
DRM_AUTH will not be a requirement for DRM_RENDER_ALLOW ioctls.
Since vmwgfx does isolation for primary clients in different master
realms, the DRM_AUTH can be dropped.
The only place where authentication matters, is surface_reference ioctls
whenever a legacy (non-prime) handle is used. For those ioctls we call
vmw_surface_handle_reference(), where we explicitly check if the client
is both a) master and b) unauthenticated - bailing out as result.
Otherwise the usual isolation path kicks in and we're all good.
v2: Reword commit message, since the isolation work has landed.
Cc: VMware Graphics <linux-graphics-maintainer@vmware.com>
Cc: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Diffstat (limited to 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c')
-rw-r--r-- | drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c index 590bde993946..3ce630aa4fde 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c @@ -961,6 +961,13 @@ vmw_surface_handle_reference(struct vmw_private *dev_priv, user_srf = container_of(base, struct vmw_user_surface, prime.base); + /* Error out if we are unauthenticated primary */ + if (drm_is_primary_client(file_priv) && + !file_priv->authenticated) { + ret = -EACCES; + goto out_bad_resource; + } + /* * Make sure the surface creator has the same * authenticating master, or is already registered with us. |