diff options
author | David Herrmann <dh.herrmann@gmail.com> | 2016-08-04 10:06:57 +0200 |
---|---|---|
committer | Daniel Vetter <daniel.vetter@ffwll.ch> | 2016-08-25 13:10:36 +0200 |
commit | d10571fc4fba7d57fb8157f0be61dcbe4a7965ca (patch) | |
tree | 76a7b1400d6fb12f04bdc4c99179c5780426a104 /drivers/gpu/drm/Kconfig | |
parent | d92d9c3a14488e5af9d7015189f50e02346950f2 (diff) | |
download | op-kernel-dev-d10571fc4fba7d57fb8157f0be61dcbe4a7965ca.zip op-kernel-dev-d10571fc4fba7d57fb8157f0be61dcbe4a7965ca.tar.gz |
drm: make DRI1 drivers depend on BROKEN
The legacy DRI1 drivers expose highly broken interfaces to user-space. No
modern system should enable them, or you will effectively allow user-space
to circumvent most of your kernel security measures. The DRI1 kernel APIs
are simply broken.
User-space can always use vesafb/efifb/simplefb and friends to get working
graphics.
Lets hide the old drivers behind CONFIG_BROKEN. In case they turn out to
be still used (really?), we can easily revert this and figure out a way to
move them out of sight (e.g., moving all DRI1 drivers to
drivers/gpu/dri1/).
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: http://patchwork.freedesktop.org/patch/msgid/20160804080657.9664-2-dh.herrmann@gmail.com
Diffstat (limited to 'drivers/gpu/drm/Kconfig')
-rw-r--r-- | drivers/gpu/drm/Kconfig | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/gpu/drm/Kconfig b/drivers/gpu/drm/Kconfig index cf1609b..c02be6a 100644 --- a/drivers/gpu/drm/Kconfig +++ b/drivers/gpu/drm/Kconfig @@ -231,6 +231,7 @@ source "drivers/gpu/drm/mediatek/Kconfig" menuconfig DRM_LEGACY bool "Enable legacy drivers (DANGEROUS)" depends on DRM + depends on BROKEN help Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous APIs to user-space, which can be used to circumvent access |