diff options
author | Dave Airlie <airlied@redhat.com> | 2019-04-18 06:46:33 +1000 |
---|---|---|
committer | Dave Airlie <airlied@redhat.com> | 2019-04-18 06:46:33 +1000 |
commit | dbb92471674a48892f5e50779425e03388073ab9 (patch) | |
tree | d2b625469c550fc9a864469eefa67a80cc455b6c /drivers/gpu/drm | |
parent | bd53280ef042301ea9663824568ecba5a88b2f9d (diff) |
Revert "drm: allow render capable master with DRM_AUTH ioctls"
This reverts commit 8059add0478e29cb641936011a8fcc9ce9fd80be.
This commit while seemingly a good idea, breaks a radv check,
for a node being master because something succeeds where it failed
before now.
Apply the Linus rule, revert early and try again, we don't break
userspace.
Signed-off-by: Dave Airlie <airlied@redhat.com>
Diffstat (limited to 'drivers/gpu/drm')
-rw-r--r-- | drivers/gpu/drm/drm_ioctl.c | 20 |
1 files changed, 4 insertions, 16 deletions
diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index d337f161909c..ce8a70875bd5 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c @@ -508,13 +508,6 @@ int drm_version(struct drm_device *dev, void *data, return err; } -static inline bool -drm_render_driver_and_ioctl(const struct drm_device *dev, u32 flags) -{ - return drm_core_check_feature(dev, DRIVER_RENDER) && - (flags & DRM_RENDER_ALLOW); -} - /** * drm_ioctl_permit - Check ioctl permissions against caller * @@ -529,19 +522,14 @@ drm_render_driver_and_ioctl(const struct drm_device *dev, u32 flags) */ int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) { - const struct drm_device *dev = file_priv->minor->dev; - /* ROOT_ONLY is only for CAP_SYS_ADMIN */ if (unlikely((flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN))) return -EACCES; - /* AUTH is only for master ... */ - if (unlikely((flags & DRM_AUTH) && drm_is_primary_client(file_priv))) { - /* authenticated ones, or render capable on DRM_RENDER_ALLOW. */ - if (!file_priv->authenticated && - !drm_render_driver_and_ioctl(dev, flags)) - return -EACCES; - } + /* AUTH is only for authenticated or render client */ + if (unlikely((flags & DRM_AUTH) && !drm_is_render_client(file_priv) && + !file_priv->authenticated)) + return -EACCES; /* MASTER is only for master or control clients */ if (unlikely((flags & DRM_MASTER) && |