From: Chris Wilson <chris@chris-wilson.co.uk>
To: intel-gfx@lists.freedesktop.org
Subject: [PATCH 3/5] drm/i915: Prevent writing into a read-only object via a GGTT mmap
Date: Thu, 31 May 2018 12:35:50 +0100 [thread overview]
Message-ID: <20180531113552.13152-3-chris@chris-wilson.co.uk> (raw)
In-Reply-To: <20180531113552.13152-1-chris@chris-wilson.co.uk>
If the user has created a read-only object, they should not be allowed
to circumvent the write protection by using a GGTT mmapping. Deny it.
Also most machines do not support read-only GGTT PTEs, so again we have
to reject attempted writes. Fortunately, this is known a priori, so we
can at least reject in the call to create the mmap with backup in the
fault handler. This is a little draconian as we could blatantly ignore
the write protection on the pages, but it is far simply to keep the
readonly object pure. (It is easier to lift a restriction than to impose
it later!)
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Jon Bloomfield <jon.bloomfield@intel.com>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Cc: Matthew Auld <matthew.william.auld@gmail.com>
---
drivers/gpu/drm/i915/i915_gem.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/drivers/gpu/drm/i915/i915_gem.c b/drivers/gpu/drm/i915/i915_gem.c
index 530d6d0109b4..e55278fadf9c 100644
--- a/drivers/gpu/drm/i915/i915_gem.c
+++ b/drivers/gpu/drm/i915/i915_gem.c
@@ -2005,6 +2005,10 @@ int i915_gem_fault(struct vm_fault *vmf)
unsigned int flags;
int ret;
+ /* Sanity check that we allow writing into this object */
+ if (obj->gt_ro && (write || !ggtt->base.has_read_only))
+ return VM_FAULT_SIGBUS;
+
/* We don't use vmf->pgoff since that has the fake offset */
page_offset = (vmf->address - area->vm_start) >> PAGE_SHIFT;
@@ -2291,10 +2295,17 @@ i915_gem_mmap_gtt(struct drm_file *file,
if (!obj)
return -ENOENT;
+ /* If we will not be able to create the GGTT vma, reject it early. */
+ if (obj->gt_ro && !to_i915(dev)->ggtt.base.has_read_only) {
+ ret = -ENODEV;
+ goto out;
+ }
+
ret = i915_gem_object_create_mmap_offset(obj);
if (ret == 0)
*offset = drm_vma_node_offset_addr(&obj->base.vma_node);
+out:
i915_gem_object_put(obj);
return ret;
}
--
2.17.1
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2018-05-31 11:36 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-31 11:35 [PATCH 1/5] drm/i915/gtt: Add read only pages to gen8_pte_encode Chris Wilson
2018-05-31 11:35 ` [PATCH 2/5] drm/i915/gtt: Read-only pages for insert_entries on bdw+ Chris Wilson
2018-05-31 11:35 ` Chris Wilson [this message]
2018-06-01 10:17 ` [PATCH 3/5] drm/i915: Prevent writing into a read-only object via a GGTT mmap Joonas Lahtinen
2018-05-31 11:35 ` [PATCH 4/5] drm/i915: Reject attempted pwrites into a read-only object Chris Wilson
2018-06-01 10:19 ` Joonas Lahtinen
2018-06-01 10:33 ` Chris Wilson
2018-05-31 11:35 ` [PATCH 5/5] drm/i915/userptr: Enable read-only support on gen8+ Chris Wilson
2018-06-01 10:21 ` Joonas Lahtinen
2018-06-01 10:28 ` Chris Wilson
2018-05-31 12:34 ` ✗ Fi.CI.CHECKPATCH: warning for series starting with [1/5] drm/i915/gtt: Add read only pages to gen8_pte_encode Patchwork
2018-05-31 12:50 ` ✗ Fi.CI.BAT: failure " Patchwork
2018-05-31 14:43 ` [PATCH 1/5] " Matthew Auld
2018-05-31 15:00 ` Chris Wilson
2018-06-14 11:59 Chris Wilson
2018-06-14 11:59 ` [PATCH 3/5] drm/i915: Prevent writing into a read-only object via a GGTT mmap Chris Wilson
2018-06-14 14:53 ` Bloomfield, Jon
2018-06-14 15:00 ` Chris Wilson
2018-06-14 15:06 ` Bloomfield, Jon
2018-06-14 15:21 ` Chris Wilson
2018-06-14 15:33 ` Bloomfield, Jon
2018-06-14 19:24 [PATCH 1/5] drm/i915/gtt: Add read only pages to gen8_pte_encode Chris Wilson
2018-06-14 19:24 ` [PATCH 3/5] drm/i915: Prevent writing into a read-only object via a GGTT mmap Chris Wilson
2018-06-15 8:08 ` Joonas Lahtinen
2018-06-15 8:33 ` Chris Wilson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180531113552.13152-3-chris@chris-wilson.co.uk \
--to=chris@chris-wilson.co.uk \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.