From: Rebecca N. Palmer <rebecca_palmer@zoho.com>
Date: Fri, 8 May 2015 13:26:50 +0000 (+0100)
Subject: drm/i915: Fix possible security hole in command parsing
X-Git-Tag: omap-for-v4.2/fixes-rc1^2~17^2~54^2~2
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c7c7372edc4ebc173ad359aeb5752e9ce09f2741;p=pandora-kernel.git

drm/i915: Fix possible security hole in command parsing

i915_parse_cmds returns -EACCES on chained batches, which "tells the
caller to abort and dispatch the workload as a non-secure batch",
but the mechanism implementing that was broken when
flags |= I915_DISPATCH_SECURE was moved from i915_gem_execbuffer_parse
to i915_gem_do_execbuffer (17cabf571e50677d980e9ab2a43c5f11213003ae):
i915_gem_execbuffer_parse returns the original batch_obj in this case,
and i915_gem_do_execbuffer doesn't check for that.

Don't set the secure bit in this case to make sure such batches don't
run with elevated priviledges.

Signed-off-by: Rebecca Palmer <rebecca_palmer@zoho.com>
Reviewed-by: Mika Kuoppala <mika.kuoppala@intel.com>
[danvet: Stitch together commit message. Also remove a comment as
suggested by Mika. And style-align the comment while at it.]
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
---

Reading git-diff-tree failed