All of lore.kernel.org
 help / color / mirror / Atom feed
* FAILED: patch "[PATCH] drm: Fix FD ownership check in drm_master_check_perm()" failed to apply to 6.6-stable tree
@ 2023-12-18  7:19 gregkh
  2023-12-19 15:51 ` [PATCH 6.6.y] drm: Fix FD ownership check in drm_master_check_perm() Lingkai Dong
  0 siblings, 1 reply; 2+ messages in thread
From: gregkh @ 2023-12-18  7:19 UTC (permalink / raw)
  To: Lingkai.Dong, christian.koenig, lingkai.dong, stable, tvrtko.ursulin
  Cc: stable


The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@vger.kernel.org>.

To reproduce the conflict and resubmit, you may use the following commands:

git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 5a6c9a05e55cb2972396cc991af9d74c8c15029a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable@vger.kernel.org>' --in-reply-to '2023121851-roamer-gravel-ddbe@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..

Possible dependencies:

5a6c9a05e55c ("drm: Fix FD ownership check in drm_master_check_perm()")
1c7a387ffef8 ("drm: Update file owner during use")

thanks,

greg k-h

------------------ original commit in Linus's tree ------------------

From 5a6c9a05e55cb2972396cc991af9d74c8c15029a Mon Sep 17 00:00:00 2001
From: Lingkai Dong <Lingkai.Dong@arm.com>
Date: Wed, 6 Dec 2023 13:51:58 +0000
Subject: [PATCH] drm: Fix FD ownership check in drm_master_check_perm()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The DRM subsystem keeps a record of the owner of a DRM device file
descriptor using thread group ID (TGID) instead of process ID (PID), to
ensures all threads within the same userspace process are considered the
owner. However, the DRM master ownership check compares the current
thread's PID against the record, so the thread is incorrectly considered to
be not the FD owner if the PID is not equal to the TGID. This causes DRM
ioctls to be denied master privileges, even if the same thread that opened
the FD performs an ioctl. Fix this by checking TGID.

Fixes: 4230cea89cafb ("drm: Track clients by tgid and not tid")
Signed-off-by: Lingkai Dong <lingkai.dong@arm.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: <stable@vger.kernel.org> # v6.4+
Link: https://patchwork.freedesktop.org/patch/msgid/PA6PR08MB107665920BE9A96658CDA04CE8884A@PA6PR08MB10766.eurprd08.prod.outlook.com
Signed-off-by: Christian König <christian.koenig@amd.com>

diff --git a/drivers/gpu/drm/drm_auth.c b/drivers/gpu/drm/drm_auth.c
index 2ed2585ded37..6899b3dc1f12 100644
--- a/drivers/gpu/drm/drm_auth.c
+++ b/drivers/gpu/drm/drm_auth.c
@@ -236,7 +236,7 @@ static int
 drm_master_check_perm(struct drm_device *dev, struct drm_file *file_priv)
 {
 	if (file_priv->was_master &&
-	    rcu_access_pointer(file_priv->pid) == task_pid(current))
+	    rcu_access_pointer(file_priv->pid) == task_tgid(current))
 		return 0;
 
 	if (!capable(CAP_SYS_ADMIN))


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [PATCH 6.6.y] drm: Fix FD ownership check in drm_master_check_perm()
  2023-12-18  7:19 FAILED: patch "[PATCH] drm: Fix FD ownership check in drm_master_check_perm()" failed to apply to 6.6-stable tree gregkh
@ 2023-12-19 15:51 ` Lingkai Dong
  0 siblings, 0 replies; 2+ messages in thread
From: Lingkai Dong @ 2023-12-19 15:51 UTC (permalink / raw)
  To: stable; +Cc: nd, Lingkai Dong, Christian König, Tvrtko Ursulin

From: Lingkai Dong <Lingkai.Dong@arm.com>

The DRM subsystem keeps a record of the owner of a DRM device file
descriptor using thread group ID (TGID) instead of process ID (PID), to
ensures all threads within the same userspace process are considered the
owner. However, the DRM master ownership check compares the current
thread's PID against the record, so the thread is incorrectly considered to
be not the FD owner if the PID is not equal to the TGID. This causes DRM
ioctls to be denied master privileges, even if the same thread that opened
the FD performs an ioctl. Fix this by checking TGID.

Fixes: 4230cea89cafb ("drm: Track clients by tgid and not tid")
Signed-off-by: Lingkai Dong <lingkai.dong@arm.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: <stable@vger.kernel.org> # v6.4+
Link: https://patchwork.freedesktop.org/patch/msgid/PA6PR08MB107665920BE9A96658CDA04CE8884A@PA6PR08MB10766.eurprd08.prod.outlook.com
Signed-off-by: Christian König <christian.koenig@amd.com>
(cherry picked from commit 5a6c9a05e55cb2972396cc991af9d74c8c15029a)
---
 drivers/gpu/drm/drm_auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/drm_auth.c b/drivers/gpu/drm/drm_auth.c
index cf92a9ae8034c..7ef8a2762e818 100644
--- a/drivers/gpu/drm/drm_auth.c
+++ b/drivers/gpu/drm/drm_auth.c
@@ -235,7 +235,7 @@ static int drm_new_set_master(struct drm_device *dev, struct drm_file *fpriv)
 static int
 drm_master_check_perm(struct drm_device *dev, struct drm_file *file_priv)
 {
-	if (file_priv->pid == task_pid(current) && file_priv->was_master)
+	if (file_priv->pid == task_tgid(current) && file_priv->was_master)
 		return 0;
 
 	if (!capable(CAP_SYS_ADMIN))
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-12-19 18:48 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-18  7:19 FAILED: patch "[PATCH] drm: Fix FD ownership check in drm_master_check_perm()" failed to apply to 6.6-stable tree gregkh
2023-12-19 15:51 ` [PATCH 6.6.y] drm: Fix FD ownership check in drm_master_check_perm() Lingkai Dong

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.