summaryrefslogtreecommitdiffstats
path: root/include/drm/drm_file.h
diff options
context:
space:
mode:
authorEmil Velikov <emil.velikov@collabora.com>2020-03-19 18:29:29 +0100
committerEmil Velikov <emil.l.velikov@gmail.com>2020-03-30 13:20:32 +0200
commit45bc3d26c95a8fc63a7d8668ca9e57ef0883351c (patch)
tree2b8b7a32df9762d6a9025fd4ab6d9d6f7c920358 /include/drm/drm_file.h
parentdrm/radeon: convert to use i2c_new_client_device() (diff)
downloadlinux-45bc3d26c95a8fc63a7d8668ca9e57ef0883351c.tar.xz
linux-45bc3d26c95a8fc63a7d8668ca9e57ef0883351c.zip
drm: rework SET_MASTER and DROP_MASTER perm handling
This commit reworks the permission handling of the two ioctls. In particular it enforced the CAP_SYS_ADMIN check only, if: - we're issuing the ioctl from process other than the one which opened the node, and - we are, or were master in the past This ensures that we: - do not regress the systemd-logind style of DRM_MASTER arbitrator - allow applications which do not use systemd-logind to drop their master capabilities (and regain them at later point) ... w/o running as root. See the comment above drm_master_check_perm() for more details. v1: - Tweak wording, fixup all checks, add igt test v2: - Add a few more comments, grammar nitpicks. Cc: Adam Jackson <ajax@redhat.com> Cc: Daniel Vetter <daniel.vetter@ffwll.ch> Cc: Pekka Paalanen <ppaalanen@gmail.com> Testcase: igt/core_setmaster/master-drop-set-user Signed-off-by: Emil Velikov <emil.velikov@collabora.com> Reviewed-by: Adam Jackson <ajax@redhat.com> Link: https://patchwork.freedesktop.org/patch/msgid/20200319172930.230583-1-emil.l.velikov@gmail.com
Diffstat (limited to 'include/drm/drm_file.h')
-rw-r--r--include/drm/drm_file.h11
1 files changed, 11 insertions, 0 deletions
diff --git a/include/drm/drm_file.h b/include/drm/drm_file.h
index 19df8028a6c4..c4746c9d3619 100644
--- a/include/drm/drm_file.h
+++ b/include/drm/drm_file.h
@@ -202,6 +202,17 @@ struct drm_file {
bool writeback_connectors;
/**
+ * @was_master:
+ *
+ * This client has or had, master capability. Protected by struct
+ * &drm_device.master_mutex.
+ *
+ * This is used to ensure that CAP_SYS_ADMIN is not enforced, if the
+ * client is or was master in the past.
+ */
+ bool was_master;
+
+ /**
* @is_master:
*
* This client is the creator of @master. Protected by struct