blob: e7c2fb845ad38648e11730f576c1d2ce785075dc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
### David Herrmann - DRM Security
#### Abstract
During the last few years, users of the DRM API have increased significantly.
Aside from the X-Server different parts of the linux desktop stack use the DRM
API directly. This includes Plymouth, Weston, Mir, kmscon and more.
While the DRM and KMS APIs could mostly withstand the strain, the lack of a sole
user-space DRM user showed several shortcomings in the design. We cannot rely
on X-Server or DDX fixes to work around kernel API deficiencies, anymore. We
have to carefully take all the different DRM applications into account while
changing or improving the DRM API.
By opening /dev/dri/ to more applications than the X-Server, we also open it for
spoofing attacks. In this talk I want to built on the results of last year's
DRM2 talk (XDC-2012) and address the GEM-Flink, DRM-mmap() and DRM-Master
related spoofing attacks. I developed several examples that reveal how easy it
is to misuse these and will discuss the fixes that were introduced to DRM during
the last year.
#### Links
* [[Paper|DRM_SECURITY]]
* [[Slides|slides.pdf]]
* Video: [[youtube|https://www.youtube.com/watch?v=Lo_jZYDzek8]], [[webm|http://www.x.org/videos/XDC2013/david_herrmann_render_nodes.webm]]
|
