Bug 2119 - via: insufficient security checks on DMA init IOCTL
Summary: via: insufficient security checks on DMA init IOCTL
Status: RESOLVED FIXED
Alias: None
Product: DRI
Classification: Unclassified
Component: DRM/other (show other bugs)
Version: DRI git
Hardware: x86 (IA32) Linux (All)
: highest major
Assignee: Default DRI bug account
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-12-20 12:09 UTC by Thomas Hellström
Modified: 2004-12-20 14:13 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Thomas Hellström 2004-12-20 12:09:51 UTC 
The DRM_IOCTL_VIA_DMA_INIT can be called as a normal user. 
This is of course easy to change, but Mesa 3D uses it to check whether AGP DMA
has been initialized and if  not, uses the PCI path. 

Either a separate user-callable IOCTL that checks wether AGP DMA has been
initialized is needed or a check for caller privileges is needed for
VIA_INIT_DMA and VIA_CLEANUP_DMA functions, whereas VIA_DMA_INITIALIZED should
be allowed as normal user.

Suggestions are appreciated.

/Thomas
Comment 1 Thomas Hellström 2004-12-21 09:13:34 UTC 
Fixed in CVS as of 20041222, by means of extra security checks within the IOCTL
main.
/Thomas

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.