Re: [gentoo-dev] Access to DRM render nodes from portage sandbox?

[Dennis Schridde <devurandom@gmx.net>]

[-- Attachment #1: Type: text/plain, Size: 2165 bytes --]

On Wednesday, 9 May 2018 09:34:43 CEST Michał Górny wrote:
> W dniu śro, 09.05.2018 o godzinie 08∶51 +0200, użytkownik Dennis
> 
> Schridde napisał:
> > I see sandbox violations similar to "ACCESS DENIED: open_wr: /dev/dri/
> > renderD128" pop up for more and more packages, probably since OpenCL
> > becomes used more widely.  Hence I would like to ask: Could we in Gentoo
> > treat GPUs just like CPUs and allow any process to access render nodes
> > (i.e. the GPUs compute capabilities via the specific interface the Linux
> > kernel's DRM offers for that purpose) without sandbox restrictions?
> > 
> > See-Also: https://bugs.gentoo.org/654216
> 
> Doesn't accessing those nodes involve a risk of programs being able to
> crash your system (or xorg)?  Or cause on-screen artifacts?

Well, in the presence of Linux kernel bugs, programs could crash the whole 
system.  But I believe this is also true for all other drivers and compute 
devices, including CPUs.

I assume an application using render nodes could crash X by e.g. consuming all 
memory.  But then this is also true for all applications using the CPU and its 
attached memory for computations.

On-screen artifacts as in resolution switching and other KMS operations is 
explicitly prohibited.  Insecure access (using GEM FLINK) to the memory of 
other applications (which could cause broken textures / windows with broken 
content) is also explicitly prohibited.  So my understanding is that the 
answer is: No, using render nodes cannot cause on-screen artifacts (modulo the 
presence of Linux kernel bugs, s.a.).

DRM render nodes were specifically introduced to allow GPGPU applications to 
run without impacting the security of the system (and without X).

The Linux kernel documentation contains some information on the concept:
* https://www.kernel.org/doc/html/v4.16/gpu/drm-uapi.html#render-nodes

As well as an older blog post by David Herrmann:
* https://dvdhrm.wordpress.com/2013/09/01/splitting-drm-and-kms-device-nodes/

And the Wikipedia article on DRM:
* https://en.wikipedia.org/wiki/Direct_Rendering_Manager#Render_nodes

--Dennis

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 659 bytes --]