diff options
| author |   Rebecca N. Palmer <rebecca_palmer@zoho.com> | 2015-05-08 14:26:50 +0100 |
|---|---|---|
| committer |   Daniel Vetter <daniel.vetter@ffwll.ch> | 2015-05-08 17:26:01 +0200 |
| commit | c7c7372edc4ebc173ad359aeb5752e9ce09f2741 (patch) | |
| tree | 7e75f95061a4bfcc4d6cf1958334e2d16f7907a3 /tools/perf/scripts/python/call-graph-from-postgresql.py | |
| parent | drm/edid: Kerneldoc for newly added edid_corrupt (diff) | |
| download | wireguard-linux-c7c7372edc4ebc173ad359aeb5752e9ce09f2741.tar.xz wireguard-linux-c7c7372edc4ebc173ad359aeb5752e9ce09f2741.zip | |
drm/i915: Fix possible security hole in command parsing
i915_parse_cmds returns -EACCES on chained batches, which "tells the
caller to abort and dispatch the workload as a non-secure batch",
but the mechanism implementing that was broken when
flags |= I915_DISPATCH_SECURE was moved from i915_gem_execbuffer_parse
to i915_gem_do_execbuffer (17cabf571e50677d980e9ab2a43c5f11213003ae):
i915_gem_execbuffer_parse returns the original batch_obj in this case,
and i915_gem_do_execbuffer doesn't check for that.
Don't set the secure bit in this case to make sure such batches don't
run with elevated priviledges.
Signed-off-by: Rebecca Palmer <rebecca_palmer@zoho.com>
Reviewed-by: Mika Kuoppala <mika.kuoppala@intel.com>
[danvet: Stitch together commit message. Also remove a comment as
suggested by Mika. And style-align the comment while at it.]
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Diffstat (limited to 'tools/perf/scripts/python/call-graph-from-postgresql.py')
0 files changed, 0 insertions, 0 deletions