The render-node manipulation ioctls are supposed to be
issued through control node only. Add a check and return
-EPERM to user space if access is attempted through a
node other than a control node.
Signed-off-by: Ilija Hadzic <ihadzic at research.bell-labs.com>
---
drivers/gpu/drm/drm_stub.c | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/drivers/gpu/drm/drm_stub.c b/drivers/gpu/drm/drm_stub.c
index 12260f0..fb241e6 100644
--- a/drivers/gpu/drm/drm_stub.c
+++ b/drivers/gpu/drm/drm_stub.c
@@ -552,6 +552,10 @@ int drm_render_node_create_ioctl(struct drm_device *dev,
void *data,
int total_ids, i;
uint32_t __user *ids_ptr;
+ /* allow access through control node only */
+ if (file_priv->minor != dev->control)
+ return -EPERM;
+
/* trivial case: render node with no display resources */
if (args->num_crtc == 0 &&
args->num_encoder == 0 &&
@@ -602,6 +606,10 @@ int drm_render_node_remove_ioctl(struct drm_device *dev,
void *data,
struct drm_render_node_remove *args = data;
int ret;
+ /* allow access through control node only */
+ if (file_priv->minor != dev->control)
+ return -EPERM;
+
ret = drm_destroy_render_node(dev, args->node_minor_id);
return ret;
}
--
1.7.8.5
