lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 3 Aug 2018 18:03:50 +0100
From:   Emil Velikov <emil.l.velikov@...il.com>
To:     Martin Fuzzey <martin.fuzzey@...wbird.group>
Cc:     Robert Foss <robert.foss@...labora.com>,
        David Airlie <airlied@...ux.ie>,
        Brian Paul <brianp@...are.com>,
        ML dri-devel <dri-devel@...ts.freedesktop.org>,
        Eric Engestrom <eric.engestrom@...el.com>,
        Gustavo Padovan <gustavo@...ovan.org>,
        "Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>,
        Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
        Nicolas Norvez <norvez@...omium.org>,
        Rob Herring <robh@...nel.org>,
        Sean Paul <seanpaul@...omium.org>,
        Tomasz Figa <tfiga@...omium.org>,
        Tomeu Vizoso <tomeu.vizoso@...labora.com>
Subject: Re: [RFC] drm: Allow DRM_IOCTL_MODE_MAP_DUMB for render nodes

On 3 August 2018 at 16:06, Martin Fuzzey <martin.fuzzey@...wbird.group> wrote:
> Hi Emil,
>
> On 03/08/18 14:35, Emil Velikov wrote:
>>
>> Hi Martin,
>>
>> On 1 August 2018 at 15:24, Martin Fuzzey <martin.fuzzey@...wbird.group>
>> wrote:
>>
>> Let's start with the not-so obvious question:
>> Why does one open the imx as render node?
>>
>> Of the top of my head:
>> There is nothing in egl/android that should require an authenticated
>> device.
>> Hence, using a card node should be fine - the etnaviv code opens the
>> render node it needs.
>
>
> Yes, the problem is not in egl/android but in the scanout buffer allocation
> code.
>
> etnaviv opens the render node on the *GPU* (for submitting GPU commands),
> that part is fine.
>
> But scanout buffers need to be allocated from imx-drm not etnaviv.
>
> This done by renderonly_create_kms_dumb_buffer_for_resource()
> [src/gallium/auxiliary/renderonly/renderonly.c]
> Which uses DRM_IOCTL_MODE_CREATE_DUMB followed by
> DRM_IOCTL_PRIME_FD_TO_HANDLE
> on the "kms_fd" (probably poorly named because it's not actually used for
> modesetting)
> see imx_drm_screen_create()[ src/gallium/winsys/imx/drm/imx_drm_winsys.c]
>
>
> If the card node is used DRM_IOCTL_MODE_CREATE_DUMB works but
> DRM_IOCTL_PRIME_FD_TO_HANDLE fails, because the permissions are
> DRM_AUTH|DRM_UNLOCKED|DRM_RENDER_ALLOW
>
Right I missed the DRM_AUTH, in the fd <> handle IOCTLs.
So in order for things to work, we'd need to either:
 - allow dumb buffers for render nodes, or
 - drop the DRM_AUTH for fd <> handle imports

Pointing an alternative solution, for kernel developers to analyse and
make a decision.

>
> In android 8.1 the hardware composer runs in a seperate process and it has
> to use the card node and be drm master (to use the KMS API),
> therefore, when the surface flinger calls
> renderonly_create_kms_dumb_buffer_for_resource() it is not authenticated.
>
> Making surface flinger use a render node fixes the problem for
> DRM_IOCTL_PRIME_FD_TO_HANDLE (because that already has DRM_RENDER_ALLOW),
> but DRM_IOCTL_MODE_CREATE_DUMB now fails without the patch.
>
>
> This probably worked in previous versions of Android where surface flinger
> and hwc were all in the same process.
>
There has been varying hacks for Android through the years. Bringing
details into the discussion will result in a significant diversion.
Something we could avoid, for the time being ;-)

Thanks
Emil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ