leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
acb4652703
linux/drivers/gpu/drm
History
David Herrmann acb4652703 drm: verify vma access in TTM+GEM drivers 
GEM does already a good job in tracking access to gem buffers via handles
and drm_vma access management. However, TTM drivers currently do not
verify this during mmap().

TTM provides the verify_access() callback to test this. So fix all drivers
to actually call into gem+vma to verify access instead of always returning
0.

All drivers assume that user-space can only get access to TTM buffers via
GEM handles. So whenever the verify_access() callback is called from
ttm_bo_mmap(), the buffer must have a valid embedded gem object. This is
true for all TTM+GEM drivers. But that's why this patch doesn't touch pure
TTM drivers (ie, vmwgfx).

v2: Switch to drm_vma_node_verify_access() to correctly return -EACCES if
    access was denied.

Cc: Dave Airlie <airlied@redhat.com>
Cc: Alex Deucher <alexander.deucher@amd.com>
Cc: Ben Skeggs <bskeggs@redhat.com>
Cc: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Cc: Jerome Glisse <jglisse@redhat.com>
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2013-08-27 11:54:58 +10:00
..
ast drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
cirrus drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
exynos drm/gem: fix up flink name create race 2013-08-21 12:53:45 +10:00
gma500 Merge branch 'gma500-next' of git://github.com/patjak/drm-gma500 into drm-next 2013-08-22 10:38:28 +10:00
i2c drm/i2c: tda998x: prepare for broken sync workaround 2013-08-19 09:10:48 +10:00
i810 drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
i915 Merge tag 'drm-intel-next-2013-08-09' of git://people.freedesktop.org/~danvet/drm-intel into drm-next 2013-08-21 12:48:59 +10:00
mga drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
mgag200 drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
nouveau drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
omapdrm drm/omap: kill omap_gem_helpers.c 2013-08-19 10:36:16 +10:00
qxl drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
r128 drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
radeon drm: verify vma access in TTM+GEM drivers 2013-08-27 11:54:58 +10:00
rcar-du drm: remove FASYNC support 2013-08-19 10:05:17 +10:00
savage drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
shmobile drm: remove FASYNC support 2013-08-19 10:05:17 +10:00
sis drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
tdfx drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
tilcdc drm/tilcdc: use flip-work helper 2013-08-19 10:33:36 +10:00
ttm drm/ttm: kill unused functions 2013-08-19 09:36:12 +10:00
udl drm/udl: use gem get/put page helpers 2013-08-19 10:36:12 +10:00
via drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
vmwgfx drm/vmwgfx: remove ->firstopen callback 2013-08-19 14:28:07 +10:00
ati_pcigart.c
drm_agpsupport.c drm/agp: move AGP cleanup paths to drm_agpsupport.c 2013-08-07 10:14:24 +10:00
drm_auth.c
drm_buffer.c
drm_bufs.c drm: remove the dma_ioctl special-case 2013-08-19 14:15:50 +10:00
drm_cache.c lib/scatterlist: sg_page_iter: support sg lists w/o backing pages 2013-03-27 17:13:44 +01:00
drm_context.c drm: mark context support as a legacy subsystem 2013-08-19 10:04:48 +10:00
drm_crtc_helper.c drm/crtc-helper: explicit DPMS on after modeset 2013-07-22 09:55:17 +10:00
drm_crtc.c drm: Make drm_mode_remove() static 2013-08-21 12:47:29 +10:00
drm_debugfs.c
drm_dma.c drm: mark dma setup/teardown as legacy systems 2013-08-19 10:04:21 +10:00
drm_dp_helper.c
drm_drv.c drm: move dev data clearing from drm_setup to lastclose 2013-08-19 14:29:41 +10:00
drm_edid_load.c drm: avoid warning in drm_load_edid_firmware() 2013-07-10 14:21:46 -07:00
drm_edid.c drm: Set aspect ratio fields in the AVI infoframe even for non CEA modes 2013-08-08 14:04:51 +02:00
drm_encoder_slave.c drm: refactor call to request_module 2013-05-10 14:46:03 +10:00
drm_fb_cma_helper.c drm: Make drm_fb_cma_describe() static 2013-08-21 12:47:41 +10:00
drm_fb_helper.c drm/fb-helper: Make load_lut and gamma_set/gamma_get hooks optional 2013-06-17 19:42:47 +10:00
drm_flip_work.c drm: add flip-work helper 2013-08-19 10:32:26 +10:00
drm_fops.c drm/prime: proper locking+refcounting for obj->dma_buf link 2013-08-21 12:58:17 +10:00
drm_gem_cma_helper.c drm/gem: create drm_gem_dumb_destroy 2013-08-07 09:59:24 +10:00
drm_gem.c drm/gem: implement vma access management 2013-08-27 11:54:56 +10:00
drm_global.c
drm_hashtab.c
drm_info.c drm/gem: switch dev->object_name_lock to a mutex 2013-08-21 12:58:01 +10:00
drm_ioc32.c
drm_ioctl.c drm: no-op out GET_STATS ioctl 2013-08-19 10:06:24 +10:00
drm_irq.c drm: fix a use-after-free when GPU acceleration disabled 2013-06-03 19:12:04 +10:00
drm_lock.c
drm_memory.c drm/memory: don't export agp helpers 2013-08-19 10:05:53 +10:00
drm_mm.c drm/mm: remove unused API 2013-08-07 10:16:50 +10:00
drm_modes.c drm: Remove drm_mode_list_concat() 2013-08-21 12:47:24 +10:00
drm_pci.c drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
drm_platform.c drm: Make drm_get_platform_dev() static 2013-08-21 12:47:56 +10:00
drm_prime.c drm/prime: Always add exported buffers to the handle cache 2013-08-21 13:05:03 +10:00
drm_rect.c drm: Add drm_rect_debug_print() 2013-04-30 22:20:00 +02:00
drm_scatter.c drm: disallow legacy sg ioctls for modesetting drivers 2013-08-19 10:04:06 +10:00
drm_stub.c drm: remove procfs code, take 2 2013-08-19 14:29:24 +10:00
drm_sysfs.c drm: Convert drm class driver from legacy pm ops to dev_pm_ops 2013-07-04 10:50:26 +10:00
drm_trace_points.c
drm_trace.h drm: fix print format of sequence in trace point 2013-07-04 10:55:27 +10:00
drm_usb.c
drm_vm.c drm: rip out drm_core_has_MTRR checks 2013-08-19 14:11:44 +10:00
drm_vma_manager.c drm/vma: add access management helpers 2013-08-27 11:54:54 +10:00
Kconfig drm: DRM should depend on HAS_DMA 2013-08-19 09:09:10 +10:00
Makefile drm: remove procfs code, take 2 2013-08-19 14:29:24 +10:00
README.drm

README.drm 

************************************************************
* For the very latest on DRI development, please see:      *
*     http://dri.freedesktop.org/                          *
************************************************************

The Direct Rendering Manager (drm) is a device-independent kernel-level
device driver that provides support for the XFree86 Direct Rendering
Infrastructure (DRI).

The DRM supports the Direct Rendering Infrastructure (DRI) in four major
ways:

    1. The DRM provides synchronized access to the graphics hardware via
       the use of an optimized two-tiered lock.

    2. The DRM enforces the DRI security policy for access to the graphics
       hardware by only allowing authenticated X11 clients access to
       restricted regions of memory.

    3. The DRM provides a generic DMA engine, complete with multiple
       queues and the ability to detect the need for an OpenGL context
       switch.

    4. The DRM is extensible via the use of small device-specific modules
       that rely extensively on the API exported by the DRM module.


Documentation on the DRI is available from:
    http://dri.freedesktop.org/wiki/Documentation
    http://sourceforge.net/project/showfiles.php?group_id=387
    http://dri.sourceforge.net/doc/

For specific information about kernel-level support, see:

    The Direct Rendering Manager, Kernel Support for the Direct Rendering
    Infrastructure
    http://dri.sourceforge.net/doc/drm_low_level.html

    Hardware Locking for the Direct Rendering Infrastructure
    http://dri.sourceforge.net/doc/hardware_locking_low_level.html

    A Security Analysis of the Direct Rendering Infrastructure
    http://dri.sourceforge.net/doc/security_low_level.html