path: root/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
diff options
authormperes <mperes@web>2013-09-23 14:07:48 -0700
committerxorg <>2013-09-23 14:07:48 -0700
commit32866189c92ff21a2799f8b22c40a966efca8176 (patch)
treea84861de3cce4fcb297a51a5afe2391943540626 /Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
parentf4cf10c9208eb084e6851242dca1a20bcc82e7f6 (diff)
Diffstat (limited to 'Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn')
1 files changed, 15 insertions, 1 deletions
diff --git a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
index a1471b04..ab05a59f 100644
--- a/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
+++ b/Events/XDC2013/XDC2013DavidHerrmannDRMSecurity.mdwn
@@ -2,10 +2,24 @@
#### Abstract
+During the last few years, users of the DRM API have increased significantly.
+Aside from the X-Server different parts of the linux desktop stack use the DRM
+API directly. This includes Plymouth, Weston, Mir, kmscon and more.
+While the DRM and KMS APIs could mostly withstand the strain, the lack of a sole
+user-space DRM user showed several shortcomings in the design. We cannot rely
+on X-Server or DDX fixes to work around kernel API deficiencies, anymore. We
+have to carefully take all the different DRM applications into account while
+changing or improving the DRM API.
+By opening /dev/dri/ to more applications than the X-Server, we also open it for
+spoofing attacks. In this talk I want to built on the results of last year's
+DRM2 talk (XDC-2012) and address the GEM-Flink, DRM-mmap() and DRM-Master
+related spoofing attacks. I developed several examples that reveal how easy it
+is to misuse these and will discuss the fixes that were introduced to DRM during
+the last year.
#### Links
* [[Paper|DRM_SECURITY]]
* [[Slides|slides.pdf]]
* Video: youtube, webm