drm: Break out ioctl permission check to a separate function v2

Helps reviewing and understanding these checks. v2: Remove misplaced newlines. Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com> Reviewed-by: David Herrmann <dh.herrmann@gmail.com>

drm: Break out ioctl permission check to a separate function v2
Helps reviewing and understanding these checks. v2: Remove misplaced newlines. Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com> Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
c2667355 · Thomas Hellstrom · 09f308f7 · c2667355
Commit c2667355 authored Mar 13, 2014 by Thomas Hellstrom
Show whitespace changes
Inline Side-by-side

Showing with 75 additions and 38 deletions

drivers/gpu/drm/drm_drv.c drivers/gpu/drm/drm_drv.c +75 -38

No files found.
--- a/drivers/gpu/drm/drm_drv.c
+++ b/drivers/gpu/drm/drm_drv.c
@@ -285,6 +285,44 @@ static int drm_version(struct drm_device *dev, void *data,
 	return err;
 }
+/**
+ * drm_ioctl_permit - Check ioctl permissions against caller
+ *
+ * @flags: ioctl permission flags.
+ * @file_priv: Pointer to struct drm_file identifying the caller.
+ *
+ * Checks whether the caller is allowed to run an ioctl with the
+ * indicated permissions. If so, returns zero. Otherwise returns an
+ * error code suitable for ioctl return.
+ */
+static int drm_ioctl_permit(u32 flags, struct drm_file *file_priv)
+{
+	/* ROOT_ONLY is only for CAP_SYS_ADMIN */
+	if (unlikely((flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN)))
+		return -EACCES;
+	/* AUTH is only for authenticated or render client */
+	if (unlikely((flags & DRM_AUTH) && !drm_is_render_client(file_priv) &&
+		     !file_priv->authenticated))
+		return -EACCES;
+	/* MASTER is only for master */
+	if (unlikely((flags & DRM_MASTER) && !file_priv->is_master))
+		return -EACCES;
+	/* Control clients must be explicitly allowed */
+	if (unlikely(!(flags & DRM_CONTROL_ALLOW) &&
+		     file_priv->minor->type == DRM_MINOR_CONTROL))
+		return -EACCES;
+	/* Render clients must be explicitly allowed */
+	if (unlikely(!(flags & DRM_RENDER_ALLOW) &&
+		     drm_is_render_client(file_priv)))
+		return -EACCES;
+	return 0;
+}
 /**
 * Called whenever a process performs an ioctl on /dev/drm.
 *
@@ -350,16 +388,16 @@ long drm_ioctl(struct file *filp,
 	/* Do not trust userspace, use our own definition */
 	func = ioctl->func;
-	if (!func) {
+	if (unlikely(!func)) {
 		DRM_DEBUG("no function\n");
 		retcode = -EINVAL;
-	} else if (((ioctl->flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN)) ||
+		goto err_i1;
-		   ((ioctl->flags & DRM_AUTH) && !drm_is_render_client(file_priv) && !file_priv->authenticated) ||
+	}
-		   ((ioctl->flags & DRM_MASTER) && !file_priv->is_master) ||
-		   (!(ioctl->flags & DRM_CONTROL_ALLOW) && (file_priv->minor->type == DRM_MINOR_CONTROL)) ||
+	retcode = drm_ioctl_permit(ioctl->flags, file_priv);
-		   (!(ioctl->flags & DRM_RENDER_ALLOW) && drm_is_render_client(file_priv))) {
+	if (unlikely(retcode))
-		retcode = -EACCES;
+		goto err_i1;
-	} else {
 	if (cmd & (IOC_IN | IOC_OUT)) {
 		if (asize <= sizeof(stack_kdata)) {
 			kdata = stack_kdata;
@@ -396,7 +434,6 @@ long drm_ioctl(struct file *filp,
 				 usize) != 0)
 			retcode = -EFAULT;
 	}
-	}
      err_i1:
 	if (!ioctl)