Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp380951imm; Wed, 22 Aug 2018 05:59:27 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxm6+Q4kmXkE8pFgIfmLgdWfn7pF4ZJzT9Rt5ULe/y9ArT5Fzt37T+aa+5BRqZqYn0TNClb X-Received: by 2002:a63:5d4b:: with SMTP id o11-v6mr14865563pgm.349.1534942767128; Wed, 22 Aug 2018 05:59:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534942767; cv=none; d=google.com; s=arc-20160816; b=j/K1iCsyr6hDVr00z3mePAC/7OybqgbDZT6EFmFUrpsMhL1h0Zci7RuH5jQc5DpmM+ D5yUNMWbyU3LdVltRsNLhPphmzBtHD2Kx2Wb6Rf3dYtABBHvFA8FIH9t9R2tmF48/RNS 3azHCINReebWo28uhXF5J2iCBlboAhs+UjCrtGcbXKSdetuS6GBvEPGpEsjXMApk+ZjV fGSBlvqg4JS8fqncdiIHx0Sm35DdP06Z8ha6wMBd8W/ctpdJqLd2skK+N4MYqKlxDyl0 PSHq0+ROhW/vf7SMjHohycRJYI2325BtWVXJ7Th5AYNdbvakk28Uk/GvAFz9bOcLUAx4 xD/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=jzz5lqyzj9c66rnltmG2lL1I83fDrpeSSVojr+t8KIY=; b=JCOZ9pl01ZBtGrBPYebazzXqlhaamCYBqKbMzPjg5u4bFq3Az1NR+Fzw8tOxlxh0hA 5rGeQ0Qh4H9GYFLUwe6tsICd/jd99TI6R6eGtRwWasSdv8ZhU8wWMGP/6sI+R3rt7l5J ppXrGWfqUElDtoBkKs/GdXQKBf6CUrvdfv8siFzeCej7zWAoNgDs8NtUw4/dACqWSlLx 14PAb5lio+NCU/RdbnJDrC12wDIk0VvheSLc14fAiKuxZTzeK9Ookse1FFKYxYOn31jH VaHt6jNNMUAEwXaUJbg68swVXGgO9mFoVTIw+yBl+beBi5gz1Zrh8SEaoXA884t0u6hr ib8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@poorly.run header.s=google header.b=RAJshmTB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o66-v6si1793433pfb.125.2018.08.22.05.59.10; Wed, 22 Aug 2018 05:59:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@poorly.run header.s=google header.b=RAJshmTB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728818AbeHVQW1 (ORCPT + 99 others); Wed, 22 Aug 2018 12:22:27 -0400 Received: from mail-yb0-f196.google.com ([209.85.213.196]:35946 "EHLO mail-yb0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728057AbeHVQW1 (ORCPT ); Wed, 22 Aug 2018 12:22:27 -0400 Received: by mail-yb0-f196.google.com with SMTP id d34-v6so614345yba.3 for ; Wed, 22 Aug 2018 05:57:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=poorly.run; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=jzz5lqyzj9c66rnltmG2lL1I83fDrpeSSVojr+t8KIY=; b=RAJshmTBtHkHOrCsM0T6NgGJLXlMeg/LV+LUKitK3b70S+Z3V8XryfDr/4tjVJ0pHw qHqUrRjga6kJ38/TeaIpLSKlTYNIWhIqtXz9wtmQLsD60fdZMpLpTUqJg3tUtDJiVznx Mvr1BC5Q8SEtlBzqtjk0H936wTQF7HLq0rhYDhv9+81BVOpWhG4mSPr7mgCIgiRN1ZfC 7w0Glk3GaEBBmtjk+Rjd3QSi16oh2tx7w4yhZgfYsTV/sy7l1NV13xn5b15r6mEmi9P2 b/IxKCxjdigHcThRt/+E2njMJnlaXtvxJeo6PQpwHOAwesj2Vbi2v3YrjuUWM6KTbgs8 AWmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=jzz5lqyzj9c66rnltmG2lL1I83fDrpeSSVojr+t8KIY=; b=rCqgAsTA0Q5Qg0mSz9cPX3m/KCpoWysClp4XqFpc0QgXNmEXEm11Za9/euTExvIAZ9 Y3Ior/CEaU7IZmFTU2Rs7c/5qIy5UrLHZXMLjiQQP1KqdpLPOlDb6mTEJ+YdaGHB9uJ2 YIYGtcxkC6/Qa7udAIQC9fbgDpqQziHjqVRwNc/GH0Rs8dbAliKra962OVHBqzZcmDy8 cNhafoZhc4nnjlB5VFrJVGjqTGO5oYfaa4NN+E1gK07Za0qPfnNKCL4Xa0r7LZswQYiI qRKTixjVFijXIyVHImUsq9DE7/LOAbGj/TfSzbaxRVIWTaSNsqyVcMMxrRBPXF42oGtt Jr9Q== X-Gm-Message-State: AOUpUlEWaI8dmF8pIMsZrng+YTN4+npQYh0SfvnfKSnCKLfYb7u6e9hR U2ZNsK/rqv62mn1HeQ91WIX5qw== X-Received: by 2002:a25:e482:: with SMTP id b124-v6mr28577302ybh.127.1534942657469; Wed, 22 Aug 2018 05:57:37 -0700 (PDT) Received: from localhost ([2620:0:1013:11:ad55:b1db:adfe:3b9f]) by smtp.gmail.com with ESMTPSA id w6-v6sm713420ywg.3.2018.08.22.05.57.37 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 22 Aug 2018 05:57:37 -0700 (PDT) Date: Wed, 22 Aug 2018 08:57:36 -0400 From: Sean Paul To: Daniel Vetter Cc: DRI Development , Intel Graphics Development , LKML , Gustavo Padovan , Maarten Lankhorst , Sean Paul , David Airlie , John Stultz , Noralf =?iso-8859-1?Q?Tr=F8nnes?= , Daniel Vetter Subject: Re: [PATCH 4/4] drm/fb: Stop leaking physical address Message-ID: <20180822125736.GV164269@art_vandelay> References: <20180822085405.10787-1-daniel.vetter@ffwll.ch> <20180822085405.10787-4-daniel.vetter@ffwll.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20180822085405.10787-4-daniel.vetter@ffwll.ch> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 22, 2018 at 10:54:05AM +0200, Daniel Vetter wrote: > For buffer sharing, use dma-buf instead. We can't set smem_start to 0 > unconditionally since that's used by the fbdev mmap default > implementation. And we have plenty of userspace which would like to > keep that working. > > This might break legit userspace - if it does we need to look at a > case-by-cases basis how to handle that. Worst case I expect overrides > for only specific drivers, since anything remotely modern should be > using dma-buf/prime now (which is about 7 years old now for DRM > drivers). > > This issue was uncovered because Noralf's rework to implement a > generic fb_probe also implements it's own fb_mmap callback. Which > means smem_start didn't have to be set anymore, which blew up some > blob in userspace rather badly. > > Cc: Gustavo Padovan > Cc: Maarten Lankhorst > Cc: Sean Paul > Cc: David Airlie > Cc: John Stultz > Cc: Noralf Tr?nnes > Signed-off-by: Daniel Vetter After clarifying on IRC, I think this makes sense. The chance to break userspace requires a very specific configuration that I don't expect will be common. Acked-by: Sean Paul > --- > drivers/gpu/drm/drm_fb_helper.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c > index 4b0dd20bccb8..bcb78693c4f7 100644 > --- a/drivers/gpu/drm/drm_fb_helper.c > +++ b/drivers/gpu/drm/drm_fb_helper.c > @@ -2673,6 +2673,8 @@ __drm_fb_helper_initial_config_and_unlock(struct drm_fb_helper *fb_helper, > > info = fb_helper->fbdev; > info->var.pixclock = 0; > + /* don't leak any physical addresses to userspace */ > + info->flags |= FBINFO_HIDE_SMEM_START; > > /* Need to drop locks to avoid recursive deadlock in > * register_framebuffer. This is ok because the only thing left to do is > -- > 2.18.0 > -- Sean Paul, Software Engineer, Google / Chromium OS