diff options
author | mperes <mperes@web> | 2013-09-23 14:07:48 -0700 |
---|---|---|
committer | xorg <iki-xorg@freedesktop.org> | 2013-09-23 14:07:48 -0700 |
commit | 32866189c92ff21a2799f8b22c40a966efca8176 (patch) | |
tree | a84861de3cce4fcb297a51a5afe2391943540626 | |
parent | f4cf10c9208eb084e6851242dca1a20bcc82e7f6 (diff) |
-rw-r--r-- | Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn index a1471b04..ab05a59f 100644 --- a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn +++ b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn @@ -2,10 +2,24 @@ #### Abstract +During the last few years, users of the DRM API have increased significantly. +Aside from the X-Server different parts of the linux desktop stack use the DRM +API directly. This includes Plymouth, Weston, Mir, kmscon and more. +While the DRM and KMS APIs could mostly withstand the strain, the lack of a sole +user-space DRM user showed several shortcomings in the design. We cannot rely +on X-Server or DDX fixes to work around kernel API deficiencies, anymore. We +have to carefully take all the different DRM applications into account while +changing or improving the DRM API. +By opening /dev/dri/ to more applications than the X-Server, we also open it for +spoofing attacks. In this talk I want to built on the results of last year's +DRM2 talk (XDC-2012) and address the GEM-Flink, DRM-mmap() and DRM-Master +related spoofing attacks. I developed several examples that reveal how easy it +is to misuse these and will discuss the fixes that were introduced to DRM during +the last year. + #### Links * [[Paper|DRM_SECURITY]] * [[Slides|slides.pdf]] * Video: youtube, webm - |