<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/drivers/gpu/drm/drm_auth.c, branch linux-5.14.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>drm: protect drm_master pointers in drm_lease.c</title>
<updated>2021-09-18T11:43:38+00:00</updated>
<author>
<name>Desmond Cheong Zhi Xi</name>
<email>desmondcheongzx@gmail.com</email>
</author>
<published>2021-07-12T04:35:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=121ca0abd9001c2ef527808b77f282590faf145d'/>
<id>121ca0abd9001c2ef527808b77f282590faf145d</id>
<content type='text'>
[ Upstream commit 56f0729a510f92151682ff6c89f69724d5595d6e ]

drm_file-&gt;master pointers should be protected by
drm_device.master_mutex or drm_file.master_lookup_lock when being
dereferenced.

However, in drm_lease.c, there are multiple instances where
drm_file-&gt;master is accessed and dereferenced while neither lock is
held. This makes drm_lease.c vulnerable to use-after-free bugs.

We address this issue in 2 ways:

1. Add a new drm_file_get_master() function that calls drm_master_get
on drm_file-&gt;master while holding on to
drm_file.master_lookup_lock. Since drm_master_get increments the
reference count of master, this prevents master from being freed until
we unreference it with drm_master_put.

2. In each case where drm_file-&gt;master is directly accessed and
eventually dereferenced in drm_lease.c, we wrap the access in a call
to the new drm_file_get_master function, then unreference the master
pointer once we are done using it.

Reported-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Reviewed-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210712043508.11584-6-desmondcheongzx@gmail.com
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 56f0729a510f92151682ff6c89f69724d5595d6e ]

drm_file-&gt;master pointers should be protected by
drm_device.master_mutex or drm_file.master_lookup_lock when being
dereferenced.

However, in drm_lease.c, there are multiple instances where
drm_file-&gt;master is accessed and dereferenced while neither lock is
held. This makes drm_lease.c vulnerable to use-after-free bugs.

We address this issue in 2 ways:

1. Add a new drm_file_get_master() function that calls drm_master_get
on drm_file-&gt;master while holding on to
drm_file.master_lookup_lock. Since drm_master_get increments the
reference count of master, this prevents master from being freed until
we unreference it with drm_master_put.

2. In each case where drm_file-&gt;master is directly accessed and
eventually dereferenced in drm_lease.c, we wrap the access in a call
to the new drm_file_get_master function, then unreference the master
pointer once we are done using it.

Reported-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Reviewed-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210712043508.11584-6-desmondcheongzx@gmail.com
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: serialize drm_file.master with a new spinlock</title>
<updated>2021-09-18T11:43:38+00:00</updated>
<author>
<name>Desmond Cheong Zhi Xi</name>
<email>desmondcheongzx@gmail.com</email>
</author>
<published>2021-07-12T04:35:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=fa8634b165bba1a256c6d8b0d6e4382e8861830b'/>
<id>fa8634b165bba1a256c6d8b0d6e4382e8861830b</id>
<content type='text'>
[ Upstream commit 0b0860a3cf5eccf183760b1177a1dcdb821b0b66 ]

Currently, drm_file.master pointers should be protected by
drm_device.master_mutex when being dereferenced. This is because
drm_file.master is not invariant for the lifetime of drm_file. If
drm_file is not the creator of master, then drm_file.is_master is
false, and a call to drm_setmaster_ioctl will invoke
drm_new_set_master, which then allocates a new master for drm_file and
puts the old master.

Thus, without holding drm_device.master_mutex, the old value of
drm_file.master could be freed while it is being used by another
concurrent process.

However, it is not always possible to lock drm_device.master_mutex to
dereference drm_file.master. Through the fbdev emulation code, this
might occur in a deep nest of other locks. But drm_device.master_mutex
is also the outermost lock in the nesting hierarchy, so this leads to
potential deadlocks.

To address this, we introduce a new spin lock at the bottom of the
lock hierarchy that only serializes drm_file.master. With this change,
the value of drm_file.master changes only when both
drm_device.master_mutex and drm_file.master_lookup_lock are
held. Hence, any process holding either of those locks can ensure that
the value of drm_file.master will not change concurrently.

Since no lock depends on the new drm_file.master_lookup_lock, when
drm_file.master is dereferenced, but drm_device.master_mutex cannot be
held, we can safely protect the master pointer with
drm_file.master_lookup_lock.

Reported-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210712043508.11584-5-desmondcheongzx@gmail.com
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 0b0860a3cf5eccf183760b1177a1dcdb821b0b66 ]

Currently, drm_file.master pointers should be protected by
drm_device.master_mutex when being dereferenced. This is because
drm_file.master is not invariant for the lifetime of drm_file. If
drm_file is not the creator of master, then drm_file.is_master is
false, and a call to drm_setmaster_ioctl will invoke
drm_new_set_master, which then allocates a new master for drm_file and
puts the old master.

Thus, without holding drm_device.master_mutex, the old value of
drm_file.master could be freed while it is being used by another
concurrent process.

However, it is not always possible to lock drm_device.master_mutex to
dereference drm_file.master. Through the fbdev emulation code, this
might occur in a deep nest of other locks. But drm_device.master_mutex
is also the outermost lock in the nesting hierarchy, so this leads to
potential deadlocks.

To address this, we introduce a new spin lock at the bottom of the
lock hierarchy that only serializes drm_file.master. With this change,
the value of drm_file.master changes only when both
drm_device.master_mutex and drm_file.master_lookup_lock are
held. Hence, any process holding either of those locks can ensure that
the value of drm_file.master will not change concurrently.

Since no lock depends on the new drm_file.master_lookup_lock, when
drm_file.master is dereferenced, but drm_device.master_mutex cannot be
held, we can safely protect the master pointer with
drm_file.master_lookup_lock.

Reported-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210712043508.11584-5-desmondcheongzx@gmail.com
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Backmerge tag 'v5.13-rc7' into drm-next</title>
<updated>2021-06-23T00:07:48+00:00</updated>
<author>
<name>Dave Airlie</name>
<email>airlied@redhat.com</email>
</author>
<published>2021-06-23T00:07:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f45fbbb6d5cff29ddfc708676ec1c2496eed3a07'/>
<id>f45fbbb6d5cff29ddfc708676ec1c2496eed3a07</id>
<content type='text'>
Backmerge Linux 5.13-rc7 to make some pulls from later bases apply,
and to bake in the conflicts so far.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Backmerge Linux 5.13-rc7 to make some pulls from later bases apply,
and to bake in the conflicts so far.
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: Lock pointer access in drm_master_release()</title>
<updated>2021-06-10T10:22:02+00:00</updated>
<author>
<name>Desmond Cheong Zhi Xi</name>
<email>desmondcheongzx@gmail.com</email>
</author>
<published>2021-06-09T09:21:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c336a5ee984708db4826ef9e47d184e638e29717'/>
<id>c336a5ee984708db4826ef9e47d184e638e29717</id>
<content type='text'>
This patch eliminates the following smatch warning:
drivers/gpu/drm/drm_auth.c:320 drm_master_release() warn: unlocked access 'master' (line 318) expected lock '&amp;dev-&gt;master_mutex'

The 'file_priv-&gt;master' field should be protected by the mutex lock to
'&amp;dev-&gt;master_mutex'. This is because other processes can concurrently
modify this field and free the current 'file_priv-&gt;master'
pointer. This could result in a use-after-free error when 'master' is
dereferenced in subsequent function calls to
'drm_legacy_lock_master_cleanup()' or to 'drm_lease_revoke()'.

An example of a scenario that would produce this error can be seen
from a similar bug in 'drm_getunique()' that was reported by Syzbot:
https://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803

In the Syzbot report, another process concurrently acquired the
device's master mutex in 'drm_setmaster_ioctl()', then overwrote
'fpriv-&gt;master' in 'drm_new_set_master()'. The old value of
'fpriv-&gt;master' was subsequently freed before the mutex was unlocked.

Reported-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210609092119.173590-1-desmondcheongzx@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch eliminates the following smatch warning:
drivers/gpu/drm/drm_auth.c:320 drm_master_release() warn: unlocked access 'master' (line 318) expected lock '&amp;dev-&gt;master_mutex'

The 'file_priv-&gt;master' field should be protected by the mutex lock to
'&amp;dev-&gt;master_mutex'. This is because other processes can concurrently
modify this field and free the current 'file_priv-&gt;master'
pointer. This could result in a use-after-free error when 'master' is
dereferenced in subsequent function calls to
'drm_legacy_lock_master_cleanup()' or to 'drm_lease_revoke()'.

An example of a scenario that would produce this error can be seen
from a similar bug in 'drm_getunique()' that was reported by Syzbot:
https://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803

In the Syzbot report, another process concurrently acquired the
device's master mutex in 'drm_setmaster_ioctl()', then overwrote
'fpriv-&gt;master' in 'drm_new_set_master()'. The old value of
'fpriv-&gt;master' was subsequently freed before the mutex was unlocked.

Reported-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Signed-off-by: Desmond Cheong Zhi Xi &lt;desmondcheongzx@gmail.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20210609092119.173590-1-desmondcheongzx@gmail.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: drm_auth.c: Adjust end of block comment</title>
<updated>2021-04-22T08:26:35+00:00</updated>
<author>
<name>Beatriz Martins de Carvalho</name>
<email>martinsdecarvalhobeatriz@gmail.com</email>
</author>
<published>2021-04-18T14:48:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=d00e3d9e0fdcb83d55f49d669b752c6c01fe99e8'/>
<id>d00e3d9e0fdcb83d55f49d669b752c6c01fe99e8</id>
<content type='text'>
Add a new line with */ on the last line of a block comment to follow the
Linux kernel coding conventions.
Problem found by checkpatch.

Signed-off-by: Beatriz Martins de Carvalho &lt;martinsdecarvalhobeatriz@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/cd1e8f6637b914825ee4b9643a4e9d9eba49f276.1618756333.git.martinsdecarvalhobeatriz@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add a new line with */ on the last line of a block comment to follow the
Linux kernel coding conventions.
Problem found by checkpatch.

Signed-off-by: Beatriz Martins de Carvalho &lt;martinsdecarvalhobeatriz@gmail.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/cd1e8f6637b914825ee4b9643a4e9d9eba49f276.1618756333.git.martinsdecarvalhobeatriz@gmail.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm/auth: make drm_{set,drop}master_ioctl symmetrical</title>
<updated>2020-06-15T13:49:50+00:00</updated>
<author>
<name>Emil Velikov</name>
<email>emil.l.velikov@gmail.com</email>
</author>
<published>2020-05-30T12:46:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=264ddd077c72092178153fc32d510dcecff32eeb'/>
<id>264ddd077c72092178153fc32d510dcecff32eeb</id>
<content type='text'>
Currently the ret handling is all over the place - with two redundant
assignments and another one addressed earlier.

Use the exact same flow in both functions.

v2: straighten the code flow, instead of just removing the assignments

Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Daniel Vetter &lt;daniel@ffwll.ch&gt;
Cc: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Cc: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Reviewed-by: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200530124640.4176323-2-emil.l.velikov@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently the ret handling is all over the place - with two redundant
assignments and another one addressed earlier.

Use the exact same flow in both functions.

v2: straighten the code flow, instead of just removing the assignments

Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Daniel Vetter &lt;daniel@ffwll.ch&gt;
Cc: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Cc: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Reviewed-by: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200530124640.4176323-2-emil.l.velikov@gmail.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: vmwgfx: remove drm_driver::master_set() return type</title>
<updated>2020-06-15T13:48:20+00:00</updated>
<author>
<name>Emil Velikov</name>
<email>emil.l.velikov@gmail.com</email>
</author>
<published>2020-05-30T12:46:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=907f53200f982cd377e75abbc1b18ed624d7ae66'/>
<id>907f53200f982cd377e75abbc1b18ed624d7ae66</id>
<content type='text'>
The function always returns zero (success). Ideally we'll remove it all
together - although that's requires a little more work.

For now, we can drop the return type and simplify the drm core code
surrounding it.

v2: remove redundant assignment (Sam)

Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Daniel Vetter &lt;daniel@ffwll.ch&gt;
Cc: VMware Graphics &lt;linux-graphics-maintainer@vmware.com&gt;
Cc: Roland Scheidegger &lt;sroland@vmware.com&gt;
Signed-off-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Cc: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Reviewed-by: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Reviewed-by: Roland Scheidegger &lt;sroland@vmware.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200530124640.4176323-1-emil.l.velikov@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The function always returns zero (success). Ideally we'll remove it all
together - although that's requires a little more work.

For now, we can drop the return type and simplify the drm core code
surrounding it.

v2: remove redundant assignment (Sam)

Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Daniel Vetter &lt;daniel@ffwll.ch&gt;
Cc: VMware Graphics &lt;linux-graphics-maintainer@vmware.com&gt;
Cc: Roland Scheidegger &lt;sroland@vmware.com&gt;
Signed-off-by: Emil Velikov &lt;emil.l.velikov@gmail.com&gt;
Cc: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Reviewed-by: Sam Ravnborg &lt;sam@ravnborg.org&gt;
Reviewed-by: Roland Scheidegger &lt;sroland@vmware.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200530124640.4176323-1-emil.l.velikov@gmail.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm/auth: remove redundant assignment to variable ret</title>
<updated>2020-05-25T14:35:52+00:00</updated>
<author>
<name>Colin Ian King</name>
<email>colin.king@canonical.com</email>
</author>
<published>2020-05-24T22:27:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=2217d3bc39b49ad8a64bb3f021e8a6ed253c0d8a'/>
<id>2217d3bc39b49ad8a64bb3f021e8a6ed253c0d8a</id>
<content type='text'>
The variable ret is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.

Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200524222715.27305-1-colin.king@canonical.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The variable ret is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.

Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200524222715.27305-1-colin.king@canonical.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: error out with EBUSY when device has existing master</title>
<updated>2020-03-30T11:20:41+00:00</updated>
<author>
<name>Emil Velikov</name>
<email>emil.velikov@collabora.com</email>
</author>
<published>2020-03-19T17:29:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=2bf99b22beff545d360fb0cc3a977add147713b6'/>
<id>2bf99b22beff545d360fb0cc3a977add147713b6</id>
<content type='text'>
As requested by Adam, provide different error message for when the
device has an existing master. An audit of the following projects, shows
that the errno is used only for printf() purposes.

xorg/xserver
xorg/drivers/xf86-video-ati
xorg/drivers/xf86-video-amdgpu
xorg/drivers/xf86-video-intel
xorg/drivers/xf86-video-tegra
xorg/drivers/xf86-video-freedreno
xorg/drivers/xf86-video-nouveau
xorg/drivers/xf86-video-vmwgfx

qt/kwin/plasma
gtk/mutter/gnomeshell
efl/enlightment

Cc: Adam Jackson &lt;ajax@redhat.com&gt;
Suggested-by: Adam Jackson &lt;ajax@redhat.com&gt;
Signed-off-by: Emil Velikov &lt;emil.velikov@collabora.com&gt;
Reviewed-by: Adam Jackson &lt;ajax@redhat.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200319172930.230583-2-emil.l.velikov@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
As requested by Adam, provide different error message for when the
device has an existing master. An audit of the following projects, shows
that the errno is used only for printf() purposes.

xorg/xserver
xorg/drivers/xf86-video-ati
xorg/drivers/xf86-video-amdgpu
xorg/drivers/xf86-video-intel
xorg/drivers/xf86-video-tegra
xorg/drivers/xf86-video-freedreno
xorg/drivers/xf86-video-nouveau
xorg/drivers/xf86-video-vmwgfx

qt/kwin/plasma
gtk/mutter/gnomeshell
efl/enlightment

Cc: Adam Jackson &lt;ajax@redhat.com&gt;
Suggested-by: Adam Jackson &lt;ajax@redhat.com&gt;
Signed-off-by: Emil Velikov &lt;emil.velikov@collabora.com&gt;
Reviewed-by: Adam Jackson &lt;ajax@redhat.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200319172930.230583-2-emil.l.velikov@gmail.com
</pre>
</div>
</content>
</entry>
<entry>
<title>drm: rework SET_MASTER and DROP_MASTER perm handling</title>
<updated>2020-03-30T11:20:32+00:00</updated>
<author>
<name>Emil Velikov</name>
<email>emil.velikov@collabora.com</email>
</author>
<published>2020-03-19T17:29:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=45bc3d26c95a8fc63a7d8668ca9e57ef0883351c'/>
<id>45bc3d26c95a8fc63a7d8668ca9e57ef0883351c</id>
<content type='text'>
This commit reworks the permission handling of the two ioctls. In
particular it enforced the CAP_SYS_ADMIN check only, if:
 - we're issuing the ioctl from process other than the one which opened
the node, and
 - we are, or were master in the past

This ensures that we:
 - do not regress the systemd-logind style of DRM_MASTER arbitrator
 - allow applications which do not use systemd-logind to drop their
master capabilities (and regain them at later point) ... w/o running as
root.

See the comment above drm_master_check_perm() for more details.

v1:
 - Tweak wording, fixup all checks, add igt test

v2:
 - Add a few more comments, grammar nitpicks.

Cc: Adam Jackson &lt;ajax@redhat.com&gt;
Cc: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Cc: Pekka Paalanen &lt;ppaalanen@gmail.com&gt;
Testcase: igt/core_setmaster/master-drop-set-user
Signed-off-by: Emil Velikov &lt;emil.velikov@collabora.com&gt;
Reviewed-by: Adam Jackson &lt;ajax@redhat.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200319172930.230583-1-emil.l.velikov@gmail.com
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This commit reworks the permission handling of the two ioctls. In
particular it enforced the CAP_SYS_ADMIN check only, if:
 - we're issuing the ioctl from process other than the one which opened
the node, and
 - we are, or were master in the past

This ensures that we:
 - do not regress the systemd-logind style of DRM_MASTER arbitrator
 - allow applications which do not use systemd-logind to drop their
master capabilities (and regain them at later point) ... w/o running as
root.

See the comment above drm_master_check_perm() for more details.

v1:
 - Tweak wording, fixup all checks, add igt test

v2:
 - Add a few more comments, grammar nitpicks.

Cc: Adam Jackson &lt;ajax@redhat.com&gt;
Cc: Daniel Vetter &lt;daniel.vetter@ffwll.ch&gt;
Cc: Pekka Paalanen &lt;ppaalanen@gmail.com&gt;
Testcase: igt/core_setmaster/master-drop-set-user
Signed-off-by: Emil Velikov &lt;emil.velikov@collabora.com&gt;
Reviewed-by: Adam Jackson &lt;ajax@redhat.com&gt;
Link: https://patchwork.freedesktop.org/patch/msgid/20200319172930.230583-1-emil.l.velikov@gmail.com
</pre>
</div>
</content>
</entry>
</feed>
