From 1020dc6990168a5081ffad620c440e220f05b460 Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Tue, 29 Oct 2013 08:55:57 +0000 Subject: [PATCH] drm: Do not drop root privileges for a fancier younger process When a second process opens the device and master transferrence is complete, we walk the list of open devices and remove their authentication. This also revokes our root privilege. Instead of simply dropping the authentication, this patch reverts the authenticated state back to its original value. Signed-off-by: Chris Wilson Reviewed-by: David Herrmann Signed-off-by: Dave Airlie --- drivers/gpu/drm/drm_fops.c | 5 +++-- include/drm/drmP.h | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c index ee2d330..3a7176c 100644 --- a/drivers/gpu/drm/drm_fops.c +++ b/drivers/gpu/drm/drm_fops.c @@ -239,7 +239,8 @@ static int drm_open_helper(struct inode *inode, struct file *filp, priv->ioctl_count = 0; /* for compatibility root is always authenticated */ - priv->authenticated = capable(CAP_SYS_ADMIN); + priv->always_authenticated = capable(CAP_SYS_ADMIN); + priv->authenticated = priv->always_authenticated; priv->lock_count = 0; INIT_LIST_HEAD(&priv->lhead); @@ -533,7 +534,7 @@ int drm_release(struct inode *inode, struct file *filp) list_for_each_entry(temp, &dev->filelist, lhead) { if ((temp->master == file_priv->master) && (temp != file_priv)) - temp->authenticated = 0; + temp->authenticated = temp->always_authenticated; } /** diff --git a/include/drm/drmP.h b/include/drm/drmP.h index 444751b..ea8bff3 100644 --- a/include/drm/drmP.h +++ b/include/drm/drmP.h @@ -413,6 +413,7 @@ struct drm_prime_file_private { /** File private data */ struct drm_file { + int always_authenticated; int authenticated; struct pid *pid; kuid_t uid; -- 2.7.4