From: Alec Warner <antarus@gentoo.org>
To: Gentoo Dev <gentoo-dev@lists.gentoo.org>
Subject: Re: [gentoo-dev] Access to DRM render nodes from portage sandbox?
Date: Wed, 9 May 2018 13:19:43 -0400 [thread overview]
Message-ID: <CAAr7Pr82JCwoffbhQPayz5A9xQQZ_VJEqzbr_tA5zpho+C-w-Q@mail.gmail.com> (raw)
In-Reply-To: <CAEdQ38FjzZNFKrHhOjqu=NnZ3SXnVkJ2osuhxx0MA6HMp0S9Fw@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1366 bytes --]
On Wed, May 9, 2018 at 12:34 PM, Matt Turner <mattst88@gentoo.org> wrote:
> On Tue, May 8, 2018 at 11:51 PM, Dennis Schridde <devurandom@gmx.net>
> wrote:
> > Hello!
> >
> > I see sandbox violations similar to "ACCESS DENIED: open_wr: /dev/dri/
> > renderD128" pop up for more and more packages, probably since OpenCL
> becomes
> > used more widely. Hence I would like to ask: Could we in Gentoo treat
> GPUs
> > just like CPUs and allow any process to access render nodes (i.e. the
> GPUs
> > compute capabilities via the specific interface the Linux kernel's DRM
> offers
> > for that purpose) without sandbox restrictions?
> >
> > --Dennis
> >
> > See-Also: https://bugs.gentoo.org/654216
>
> This seems like a bad idea. With CPUs we've had decades to work out
> how to isolate processes and prevent them from taking down the system.
>
> GPUs are not there yet. It's simple to trigger an unrecoverable GPU
> hang and not much harder to turn it into a full system lock up.
>
> This is not safe.
>
>
Is the sandbox considered a security boundary? Certainly in earlier
(LD_PRELOAD based) implementation it was not.
Instead it was intended to protect the build environment from leaks (e.g.
accessing unwanted host state in the build env.)
Sure it also in theory prevented build environments from writing to the
host; but it didn't do a very secure job of it.
-A
[-- Attachment #2: Type: text/html, Size: 2142 bytes --]
next prev parent reply other threads:[~2018-05-09 17:19 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-09 6:51 [gentoo-dev] Access to DRM render nodes from portage sandbox? Dennis Schridde
2018-05-09 7:34 ` Michał Górny
2018-05-09 7:56 ` Dennis Schridde
2018-05-09 8:16 ` Michał Górny
2018-05-09 16:34 ` Matt Turner
2018-05-09 17:10 ` Mike Gilbert
2018-05-09 17:12 ` M. J. Everitt
2018-05-09 18:50 ` Kent Fredric
2018-05-09 18:54 ` M. J. Everitt
2018-05-09 19:13 ` Kent Fredric
2018-05-09 19:31 ` William Hubbs
2018-05-09 19:36 ` M. J. Everitt
2018-05-10 7:17 ` Dennis Schridde
2018-05-09 17:19 ` Alec Warner [this message]
2018-05-09 18:43 ` Matt Turner
2018-05-09 18:46 ` Matt Turner
2018-05-09 18:41 ` Matt Turner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAAr7Pr82JCwoffbhQPayz5A9xQQZ_VJEqzbr_tA5zpho+C-w-Q@mail.gmail.com \
--to=antarus@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox