On Wed, 2005-08-03 at 12:58 -0400, Jon Smirl wrote:
> This patch removes the need for root to run DRM. It is attached too in
> case gmail destroys the formatting.
>
> Major highlights:
> 1) removal of the general root check on the IOCTLs, added root check in AddMap
> 1) permanent SAREA map
I like that the SAREA setup was in the setup hook. Thanks.
> 2) user space can AddMap AGP maps, AGP maps are restricted to creation
> in AGP space.
> 3) Deprecation of some radeon variables now calculated by the driver
>
> I haven't converted PCI GART support. You still need to be root for it to
> work.
>
> Please look it over and tell me if I have created any security holes.
>
> --
> Jon Smirl
> [EMAIL PROTECTED]
> @@ -163,6 +164,19 @@ int drm_addmap(drm_device_t * dev, unsig
> map->handle = drm_ioremap(map->offset, map->size, dev);
> break;
> case _DRM_SHM:
> + found_map = drm_find_matching_map(dev, map);
> + if (found_map != NULL) {
> + if (found_map->size != map->size) {
> + DRM_DEBUG("Matching maps of type %d with "
> + "mismatched sizes, (%ld vs %ld)\n",
> + map->type, map->size, found_map->size);
> + found_map->size = map->size;
> + }
> +
> + drm_free(map, sizeof(*map), DRM_MEM_MAPS);
> + *map_ptr = found_map;
> + return 0;
> + }
I'm uncomfortable with this "matching maps with mismatched sizes" code
that now exists in 2 places, and would like to see what the reasoning is
behind it.
> diff --git a/shared-core/radeon_cp.c b/shared-core/radeon_cp.c
> --- a/shared-core/radeon_cp.c
> +++ b/shared-core/radeon_cp.c
> @@ -1245,7 +1245,7 @@ static void radeon_set_pciegart(drm_rade
> u32 tmp = RADEON_READ_PCIE(dev_priv, RADEON_PCIE_TX_GART_CNTL);
> if (on) {
>
> - DRM_DEBUG("programming pcie %08X %08lX %08X\n",
> dev_priv->gart_vm_start, dev_priv->bus_pci_gart,dev_priv->gart_size);
> + DRM_DEBUG("programming pcie %08X %08X %08X\n",
> dev_priv->gart_vm_start, dev_priv->bus_pci_gart,dev_priv->gart_size);
> RADEON_WRITE_PCIE(RADEON_PCIE_TX_DISCARD_RD_ADDR_LO,
> dev_priv->gart_vm_start);
> RADEON_WRITE_PCIE(RADEON_PCIE_TX_GART_BASE,
> dev_priv->bus_pci_gart);
> RADEON_WRITE_PCIE(RADEON_PCIE_TX_GART_START_LO,
> dev_priv->gart_vm_start);
A dma_addr_t (dev_priv->bus_pci_gart) is a long on at least some
systems. While we may know that it's 32 bits here, a cast will be
needed to avoid warnings.
ioctls where removing the root check introduces privelege escalation for
users with read access to the DRM device (at least):
- DRM_R128_INDIRECT
- DRM_RADEON_INDIRECT
--
Eric Anholt [EMAIL PROTECTED]
http://people.freebsd.org/~anholt/ [EMAIL PROTECTED]
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
--
_______________________________________________
Dri-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dri-devel
