Menu
▾
▴
root priv and DRM
|
From: Jon S. <jon...@gm...> - 2005-06-18 02:40:10
|
I'm working on making EGL run non-root. Now I'm up against the IOCTLs
in DRM marked root only. DRM is a master/slave model, so this is
really a list of the master only calls.
With EGL the first app to open the DRI device is master, and later
openers are slaves. To make EGL work PAM assigns you ownership of the
DRI device so that you can open it.
Does anyone know if there are reasons why you really have to have root
priv to make any of these calls?
Can you help with the converse and tell me which ones you are sure
don't need root priv?
What is the status of the various command verifiers?
If we agree that it is safe I'd like to remove the general
capable(CAP_SYS_ADMIN) check when making DRM IOCTL calls. If some
drivers still need it we can make it a per driver option.
These are the ones marked root.
=09[DRM_IOCTL_NR(DRM_IOCTL_IRQ_BUSID)] =3D {drm_irq_by_busid, 0, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SET_VERSION)] =3D {drm_setversion, 0, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SET_UNIQUE)] =3D {drm_setunique, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_BLOCK)] =3D {drm_noop, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_UNBLOCK)] =3D {drm_noop, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AUTH_MAGIC)] =3D {drm_authmagic, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_ADD_MAP)] =3D {drm_addmap_ioctl, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SET_SAREA_CTX)] =3D {drm_setsareactx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_ADD_CTX)] =3D {drm_addctx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_RM_CTX)] =3D {drm_rmctx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_MOD_CTX)] =3D {drm_modctx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SWITCH_CTX)] =3D {drm_switchctx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_NEW_CTX)] =3D {drm_newctx, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_ADD_DRAW)] =3D {drm_adddraw, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_RM_DRAW)] =3D {drm_rmdraw, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_ADD_BUFS)] =3D {drm_addbufs, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_MARK_BUFS)] =3D {drm_markbufs, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_CONTROL)] =3D {drm_control, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_ACQUIRE)] =3D {drm_agp_acquire_ioctl, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_RELEASE)] =3D {drm_agp_release_ioctl, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_ENABLE)] =3D {drm_agp_enable_ioctl, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_ALLOC)] =3D {drm_agp_alloc, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_FREE)] =3D {drm_agp_free, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_BIND)] =3D {drm_agp_bind, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_AGP_UNBIND)] =3D {drm_agp_unbind, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SG_ALLOC)] =3D {drm_sg_alloc, 1, 1},
=09[DRM_IOCTL_NR(DRM_IOCTL_SG_FREE)] =3D {drm_sg_free, 1, 1},
--=20
Jon Smirl
jon...@gm...
|