Commit d10571fc authored by David Herrmann's avatar David Herrmann Committed by Daniel Vetter

drm: make DRI1 drivers depend on BROKEN

The legacy DRI1 drivers expose highly broken interfaces to user-space. No
modern system should enable them, or you will effectively allow user-space
to circumvent most of your kernel security measures. The DRI1 kernel APIs
are simply broken.

User-space can always use vesafb/efifb/simplefb and friends to get working
graphics.

Lets hide the old drivers behind CONFIG_BROKEN. In case they turn out to
be still used (really?), we can easily revert this and figure out a way to
move them out of sight (e.g., moving all DRI1 drivers to
drivers/gpu/dri1/).
Signed-off-by: default avatarDavid Herrmann <dh.herrmann@gmail.com>
Acked-by: default avatarChris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: default avatarDaniel Vetter <daniel.vetter@ffwll.ch>
Link: http://patchwork.freedesktop.org/patch/msgid/20160804080657.9664-2-dh.herrmann@gmail.com
parent d92d9c3a
...@@ -231,6 +231,7 @@ source "drivers/gpu/drm/mediatek/Kconfig" ...@@ -231,6 +231,7 @@ source "drivers/gpu/drm/mediatek/Kconfig"
menuconfig DRM_LEGACY menuconfig DRM_LEGACY
bool "Enable legacy drivers (DANGEROUS)" bool "Enable legacy drivers (DANGEROUS)"
depends on DRM depends on DRM
depends on BROKEN
help help
Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous
APIs to user-space, which can be used to circumvent access APIs to user-space, which can be used to circumvent access
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment