> -----Original Message----- > From: Chris Wilson <[email protected]> > Sent: Thursday, June 14, 2018 5:00 AM > To: [email protected] > Cc: Chris Wilson <[email protected]>; Bloomfield, Jon > <[email protected]>; Joonas Lahtinen > <[email protected]>; Matthew Auld > <[email protected]> > Subject: [PATCH 3/5] drm/i915: Prevent writing into a read-only object via a > GGTT mmap > > If the user has created a read-only object, they should not be allowed > to circumvent the write protection by using a GGTT mmapping. Deny it. > > Also most machines do not support read-only GGTT PTEs, so again we have > to reject attempted writes. Fortunately, this is known a priori, so we > can at least reject in the call to create the mmap with backup in the > fault handler. This is a little draconian as we could blatantly ignore > the write protection on the pages, but it is far simply to keep the > readonly object pure. (It is easier to lift a restriction than to impose > it later!) Are you sure this is necessary? I assumed you would just create a ro IA mapping to the page, irrespective of the ability of ggtt. It feels wrong to disallow mapping a read-only object to the CPU as read-only. With ppgtt the presence of an unprotected mapping in the ggtt should be immune from tampering in the GT, so only the cpu mapping should really matter.
> > Signed-off-by: Chris Wilson <[email protected]> > Cc: Jon Bloomfield <[email protected]> > Cc: Joonas Lahtinen <[email protected]> > Cc: Matthew Auld <[email protected]> > --- _______________________________________________ Intel-gfx mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/intel-gfx
