Commit 1020dc69 authored by Chris Wilson's avatar Chris Wilson Committed by Dave Airlie

drm: Do not drop root privileges for a fancier younger process

When a second process opens the device and master transferrence is
complete, we walk the list of open devices and remove their
authentication. This also revokes our root privilege. Instead of simply
dropping the authentication, this patch reverts the authenticated state
back to its original value.
Signed-off-by: default avatarChris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: default avatarDavid Herrmann <dh.herrmann@gmail.com>
Signed-off-by: default avatarDave Airlie <airlied@redhat.com>
parent 33e3fd55
...@@ -239,7 +239,8 @@ static int drm_open_helper(struct inode *inode, struct file *filp, ...@@ -239,7 +239,8 @@ static int drm_open_helper(struct inode *inode, struct file *filp,
priv->ioctl_count = 0; priv->ioctl_count = 0;
/* for compatibility root is always authenticated */ /* for compatibility root is always authenticated */
priv->authenticated = capable(CAP_SYS_ADMIN); priv->always_authenticated = capable(CAP_SYS_ADMIN);
priv->authenticated = priv->always_authenticated;
priv->lock_count = 0; priv->lock_count = 0;
INIT_LIST_HEAD(&priv->lhead); INIT_LIST_HEAD(&priv->lhead);
...@@ -533,7 +534,7 @@ int drm_release(struct inode *inode, struct file *filp) ...@@ -533,7 +534,7 @@ int drm_release(struct inode *inode, struct file *filp)
list_for_each_entry(temp, &dev->filelist, lhead) { list_for_each_entry(temp, &dev->filelist, lhead) {
if ((temp->master == file_priv->master) && if ((temp->master == file_priv->master) &&
(temp != file_priv)) (temp != file_priv))
temp->authenticated = 0; temp->authenticated = temp->always_authenticated;
} }
/** /**
......
...@@ -413,6 +413,7 @@ struct drm_prime_file_private { ...@@ -413,6 +413,7 @@ struct drm_prime_file_private {
/** File private data */ /** File private data */
struct drm_file { struct drm_file {
int always_authenticated;
int authenticated; int authenticated;
struct pid *pid; struct pid *pid;
kuid_t uid; kuid_t uid;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment