drm: make DRI1 drivers depend on BROKEN
The legacy DRI1 drivers expose highly broken interfaces to user-space. No modern system should enable them, or you will effectively allow user-space to circumvent most of your kernel security measures. The DRI1 kernel APIs are simply broken. User-space can always use vesafb/efifb/simplefb and friends to get working graphics. Lets hide the old drivers behind CONFIG_BROKEN. In case they turn out to be still used (really?), we can easily revert this and figure out a way to move them out of sight (e.g., moving all DRI1 drivers to drivers/gpu/dri1/). Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Chris Wilson <chris@chris-wilson.co.uk> Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> Link: http://patchwork.freedesktop.org/patch/msgid/20160804080657.9664-2-dh.herrmann@gmail.com
This commit is contained in:
Родитель
d92d9c3a14
Коммит
d10571fc4f
|
@ -231,6 +231,7 @@ source "drivers/gpu/drm/mediatek/Kconfig"
|
|||
menuconfig DRM_LEGACY
|
||||
bool "Enable legacy drivers (DANGEROUS)"
|
||||
depends on DRM
|
||||
depends on BROKEN
|
||||
help
|
||||
Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous
|
||||
APIs to user-space, which can be used to circumvent access
|
||||
|
|
Загрузка…
Ссылка в новой задаче