On 21/06/2016 01:26, Michel Dänzer wrote:
On 20.06.2016 20:06, Frank Binns wrote:
On 20/06/16 10:48, Michel Dänzer wrote:
On 18.06.2016 02:41, Frank Binns wrote:
Up until now, DRI3 was only used for devices that have render nodes,
unless
overridden via an environment variable, with it falling back to DRI2
otherwise.
This limitation was there in order to support WL_bind_wayland_display
as it
requires client opened device node fds to be authenticated, which
isn't possible
when using DRI3. This is an unfortunate compromise as DRI3 provides
security
benefits over DRI2.
What exactly is it that works with render nodes but not with
unauthenticated non-render nodes? Isn't that a kernel bug?
The problem isn't that something doesn't work with unauthenticated
non-render nodes (wouldn't that be the kernel bug?) but that if a
client opens the primary/legacy node it needs the resulting fd to
be authenticated, which isn't supported by the X11 DRI3 protocol.
Authentication is required for using certain ioctls of non-render nodes.
It sounds like some ioctls are allowed to be used with render nodes but
not with unauthenticated non-render nodes, which seems like a kernel bug
— why would an ioctl be safe to use without authentication via a render
node but not via a non-render node?
So, which ioctls required by WL_bind_wayland_display don't work with an
unauthenticated non-render node?
The ioctl to authenticate is possible only when you have the master node
(owned by the DDX when using X, or by the wayland compositor when using
Wayland). There is only one master node.
On of the motives of render-nodes is precisely to fix these limitations.
Axel
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/mesa-dev
