From: Emil Velikov emil.velikov@collabora.com
With later commit we'll rework DRM core authentication handling.
Namely unauthenticated master will be allowed with, DRM_AUTH ioctls. Since vmwgfx does additional master locking and DRM_AUTH handling, this will not matter almost all cases.
The only exception being using the legacy handle type in the family of surface_reference iocts - all handled by vmw_surface_handle_reference(). Add the check to ensure such clients do not access more than they should
Cc: VMware Graphics linux-graphics-maintainer@vmware.com Cc: Thomas Hellstrom thellstrom@vmware.com Signed-off-by: Emil Velikov emil.velikov@collabora.com --- I'd like to merge this through the drm-misc tree. Ack and rb are appreciated.
Thanks Emil
Unrelated: worth moving the is_render_client check alongside the is_primary_client one. --- drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | 7 +++++++ 1 file changed, 7 insertions(+)
diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c index 219471903bc1..1f5146c95785 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c @@ -940,6 +940,13 @@ vmw_surface_handle_reference(struct vmw_private *dev_priv, user_srf = container_of(base, struct vmw_user_surface, prime.base);
+ /* Error out if we are unauthenticated master */ + if (drm_is_primary_client(file_priv) && + !file_priv->authenticated) { + ret = -EACCES; + goto out_bad_resource; + } + /* * Make sure the surface creator has the same * authenticating master, or is already registered with us.