From: <uni...@sh...> - 2004-10-07 13:04:40
|
Hi! Attached is a patch, that based on the info I have should make the via DRM ok to go into the mainstream kernel, (save 64-bit problems in the memory manager?) It implements a simple command verifier for agp and pci writes to the MMIO area. Currently no 3D commands are implemented, but since the unichrome Mesa driver does not yet use these IOCTLS, it should be OK. When it does, the pci command parser and the command verifier needs to be updated or even replaced. In combination with this, the MMIO drmAddMap in the DDX needs modification to export read-only. I believe this should provide enough security. Implications for clients is that XvMC will work as before, since it uses the new IOCTLS, Current 3D OpenGL will segfault when run as a normal user, since MMIO mapping fails. It will work when run as root. I think this is the best to do until someone has time to update the 3D driver to use the AGP ring-buffer. Comments would be welcome. Erdi, Alan, Dave? /Thomas |