From: David Herrmann Date: Thu, 4 Aug 2016 08:06:57 +0000 (+0200) Subject: drm: make DRI1 drivers depend on BROKEN X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=d10571fc4fba7d57fb8157f0be61dcbe4a7965ca;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git drm: make DRI1 drivers depend on BROKEN The legacy DRI1 drivers expose highly broken interfaces to user-space. No modern system should enable them, or you will effectively allow user-space to circumvent most of your kernel security measures. The DRI1 kernel APIs are simply broken. User-space can always use vesafb/efifb/simplefb and friends to get working graphics. Lets hide the old drivers behind CONFIG_BROKEN. In case they turn out to be still used (really?), we can easily revert this and figure out a way to move them out of sight (e.g., moving all DRI1 drivers to drivers/gpu/dri1/). Signed-off-by: David Herrmann Acked-by: Chris Wilson Signed-off-by: Daniel Vetter Link: http://patchwork.freedesktop.org/patch/msgid/20160804080657.9664-2-dh.herrmann@gmail.com --- diff --git a/drivers/gpu/drm/Kconfig b/drivers/gpu/drm/Kconfig index cf1609be73fb..c02be6a24c47 100644 --- a/drivers/gpu/drm/Kconfig +++ b/drivers/gpu/drm/Kconfig @@ -231,6 +231,7 @@ source "drivers/gpu/drm/mediatek/Kconfig" menuconfig DRM_LEGACY bool "Enable legacy drivers (DANGEROUS)" depends on DRM + depends on BROKEN help Enable legacy DRI1 drivers. Those drivers expose unsafe and dangerous APIs to user-space, which can be used to circumvent access