From: Pascal Vincent <pvincent00@ya...> - 2007-11-22 23:27:33
can you please indicate the current ATI mach64 DRI status.
In fact, http://dri.freedesktop.org/wiki/ATIMach64 page is not so clear
so i don't have the clear responses to
- is mach64 is now secure ? this means :
- is it now included in DRI and Mesa ? (the response seems to be yes)
- is mach64 module is now included in kernel ? (it seems not)
and if not why ?
Tks a lot for clarification
On Fri, 23 Nov 2007 00:27:37 +0100, Pascal Vincent wrote:
> can you please indicate the current ATI mach64 DRI status. In fact,
> http://dri.freedesktop.org/wiki/ATIMach64 page is not so clear so i
> don't have the clear responses to - is mach64 is now secure ? this means
> - is it now included in DRI and Mesa ? (the response seems to be yes)
> - is mach64 module is now included in kernel ? (it seems not)
> and if not why ?
> Tks a lot for clarification
Pascal, I wrote that wiki page several years ago. I never got around to
do it, because it involved a non trivial amount of work, and I approached
in a naive way (trying to do too many things at the same time, instead of
doing gradual changes).
I need to reevaluate those statements, especially, concerning the
security, and the best way to do it.
The mach64 driver has three parts: one in Xorg, another in Mesa, another
in the kernel. The unsafe part is the kernel part. And that's probably
why is not included in the stock kernel.
The reason the mach64 kernel module is unsafe is because it allows an
OpenGL application to send malicious commands interspersed with the
vertex data. Those malicious commands could give control over the
physical memory, and therefore be used to obtain root privileges in
The mach64 kernel needs to be changed to verify and copy the data to
private memory. Or at least unmap the memory from the client before
verifying it and handing to the hardware.
Or so I though... I need to verify how much control over the physical
memory the client can actually get. As I'm unsure if it is just the
memory in the AGP aperture, or the whole memory. If it is just the AGP
memory, then there is no risk.