Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp7078219ybi; Thu, 13 Jun 2019 09:11:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqweLLBP4jPAE1jLqeSQBtmgJeGtKVl4XU8Hu6xeAyhf1FXmrlC1uRf8dGYtSR7HHJvx5ysg X-Received: by 2002:a63:ec42:: with SMTP id r2mr32218959pgj.262.1560442297745; Thu, 13 Jun 2019 09:11:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560442297; cv=none; d=google.com; s=arc-20160816; b=OqV6xZY/bgAxyZ4MnVM7tVZngTilWCiFbpx961v++kfHx9hMxzRd+AogzFJZZwGyCU q6gYnNt2BLXP9gWkpubpzrgHS8sMgQ9BrELnEoIjHrSwWZOejyix1M7SBqNH4ohUBcA6 1N5Jnz4gWhnxd7UCX8Z25I7UV3H4+H/MWlABPBXdt0jL8Vct4YtbZE6vB+inHWfg+cvP LRCcrYGbnrskqrPSPt/I/K0lM9tWMYwWvfUNNzCnG91jrbq+hBu0XE6ekkVaQE8Ns0zR aPhk2c/ycHoodB8DGxRJJKoj03brucSGf09JGK8itDB13ubBbEVuvX/vvEFw4hoWyz8s pslg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=J0pDwJin4Ce5smQLHoU21b4dDTDHBRVG6KTDjja0llQ=; b=zKHYLz/xWDywm9oLNkUIGSHq1QmLBCyqUknAM1rMvOmb01a+X5/n32oZzAAWXNAV8k JAxwsdSP+lxT5P3gmxzHeYWWNZ5PzDIjw+wcHd0dHQ9KpJ9pss1FBDC4mlqpT3bKOklC PSbWELi1njlSqBpG1y67HZ8X3pTFupN2SfHESe5jO0OhxTNUeWPm/6SfkbqVaK4AW9Mc kUaPs6JjnoZr2UidTae6MLnaWtrWezeqfmcMi/cuXpfqds0mjL78mdPbL+8iV025/qMx xC7lK4hN4XGm3GtaVmpYNBzGJb+YcWLQcr1yE1xh7aNLBshPbbzKiHpk9ndvMs9RbJwf VtZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=N+T1BDjR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u23si101421pgm.140.2019.06.13.09.11.22; Thu, 13 Jun 2019 09:11:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=N+T1BDjR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391313AbfFMQJ7 (ORCPT + 99 others); Thu, 13 Jun 2019 12:09:59 -0400 Received: from mail.kernel.org ([198.145.29.99]:33102 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731257AbfFMIoN (ORCPT ); Thu, 13 Jun 2019 04:44:13 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 3ADAA2147A; Thu, 13 Jun 2019 08:44:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1560415452; bh=r9PVd2oBi+l5mmfgbA2673gCPPqo7CsSezjV9vr1aHE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=N+T1BDjRxrjulRcaKhwTKtA+IFiPk0DQwYmBEWK2Kgcqjdxs9qbdYMIq/fvCW17nC /+8ZweSZko1sxllSVOS0m6RsL5w6EHa+AKG1+k8pMDlauOWUFZhzgpOFO90Y6vGpi+ G7tpf61UiNT7xJTh7z7CzuGXv8Sm5M1UIBz3M9tA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Dave Airlie , Sasha Levin Subject: [PATCH 5.1 001/155] Revert "drm: allow render capable master with DRM_AUTH ioctls" Date: Thu, 13 Jun 2019 10:31:53 +0200 Message-Id: <20190613075652.777739182@linuxfoundation.org> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20190613075652.691765927@linuxfoundation.org> References: <20190613075652.691765927@linuxfoundation.org> User-Agent: quilt/0.66 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [ Upstream commit dbb92471674a48892f5e50779425e03388073ab9 ] This reverts commit 8059add0478e29cb641936011a8fcc9ce9fd80be. This commit while seemingly a good idea, breaks a radv check, for a node being master because something succeeds where it failed before now. Apply the Linus rule, revert early and try again, we don't break userspace. Signed-off-by: Dave Airlie Signed-off-by: Sasha Levin --- drivers/gpu/drm/drm_ioctl.c | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index 687943df58e1..ab5692104ea0 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c @@ -508,13 +508,6 @@ int drm_version(struct drm_device *dev, void *data, return err; } -static inline bool -drm_render_driver_and_ioctl(const struct drm_device *dev, u32 flags) -{ - return drm_core_check_feature(dev, DRIVER_RENDER) && - (flags & DRM_RENDER_ALLOW); -} - /** * drm_ioctl_permit - Check ioctl permissions against caller * @@ -529,19 +522,14 @@ drm_render_driver_and_ioctl(const struct drm_device *dev, u32 flags) */ int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) { - const struct drm_device *dev = file_priv->minor->dev; - /* ROOT_ONLY is only for CAP_SYS_ADMIN */ if (unlikely((flags & DRM_ROOT_ONLY) && !capable(CAP_SYS_ADMIN))) return -EACCES; - /* AUTH is only for master ... */ - if (unlikely((flags & DRM_AUTH) && drm_is_primary_client(file_priv))) { - /* authenticated ones, or render capable on DRM_RENDER_ALLOW. */ - if (!file_priv->authenticated && - !drm_render_driver_and_ioctl(dev, flags)) - return -EACCES; - } + /* AUTH is only for authenticated or render client */ + if (unlikely((flags & DRM_AUTH) && !drm_is_render_client(file_priv) && + !file_priv->authenticated)) + return -EACCES; /* MASTER is only for master or control clients */ if (unlikely((flags & DRM_MASTER) && -- 2.20.1