drm/tegra: Don't leak kernel pointer to userspace

Each open file descriptor can have any number of contexts associated with it. To differentiate between these contexts a unique ID is required and back when these userspace interfaces were introduced, in commit d43f81cbaf43 ("drm/tegra: Add gr2d device"), the pointer to the context structure was deemed adequate. However, this leaks information about kernel internal memory to userspace, which can potentially be exploited. Switch the context parameter to be allocated from an IDR, which has the added benefit of providing an easy way to look up a context from its ID. Signed-off-by: Thierry Reding <treding@nvidia.com>
author: Thierry Reding <treding@nvidia.com> 2017-03-09 22:04:55 +0300
committer: Thierry Reding <treding@nvidia.com> 2017-04-05 19:11:45 +0300
commit: bdd2f9cd10eb842be96418cc226bc33744d358b0 (patch)
tree: 2c7218a91db7e0fc7327fcd60be1417529f8cc96 /drivers/gpu/drm/tegra/drm.h
parent: 347ad49d35a1c65d509e7ef5b0760e97ede41ec2 (diff)
download: linux-bdd2f9cd10eb842be96418cc226bc33744d358b0.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/gpu/drm/tegra/drm.h b/drivers/gpu/drm/tegra/drm.h
index d168beaf13ef..368dde1bed18 100644
--- a/drivers/gpu/drm/tegra/drm.h
+++ b/drivers/gpu/drm/tegra/drm.h
@@ -68,7 +68,7 @@ struct tegra_drm_client;
 struct tegra_drm_context {
 	struct tegra_drm_client *client;
 	struct host1x_channel *channel;
-	struct list_head list;
+	unsigned int id;
 };
 
 struct tegra_drm_client_ops {
author	Thierry Reding <treding@nvidia.com>	2017-03-09 22:04:55 +0300
committer	Thierry Reding <treding@nvidia.com>	2017-04-05 19:11:45 +0300
commit	bdd2f9cd10eb842be96418cc226bc33744d358b0 (patch)
tree	2c7218a91db7e0fc7327fcd60be1417529f8cc96 /drivers/gpu/drm/tegra/drm.h
parent	347ad49d35a1c65d509e7ef5b0760e97ede41ec2 (diff)
download	linux-bdd2f9cd10eb842be96418cc226bc33744d358b0.tar.xz