mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-30 16:51:41 +00:00
Switch prison check from PROV_DRIVER to PRIV_KMEM_WRITE (like /dev/mem).
Access to the dri device gives effectively access to the entire memory of the machine (you can program the graphic card to do DMA). For current/stable/release this is a NOP, as access to memory is not allowed in a jail. This puts the dri device into the same (in)security class than /dev/mem for future use. Discussed with: anholt(?) several years ago Sponsored by: Hackathon Essen 2017
This commit is contained in:
Alexander Leidinger
parent
03af441cb0
commit
3ddbb27c55
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=320827
@ -220,7 +220,7 @@ enum {
|
||||
|
||||
#define PAGE_ALIGN(addr) round_page(addr)
|
||||
/* DRM_SUSER returns true if the user is superuser */
|
||||
#define DRM_SUSER(p) (priv_check(p, PRIV_DRIVER) == 0)
|
||||
#define DRM_SUSER(p) (priv_check(p, PRIV_KMEM_WRITE) == 0)
|
||||
#define DRM_AGP_FIND_DEVICE() agp_find_device()
|
||||
#define DRM_MTRR_WC MDF_WRITECOMBINE
|
||||
#define jiffies ticks
|
||||
|
||||
Loading…
Reference in New Issue
Block a user