Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 649678 - x11-base/xorg-server-1.19.99.901: suid wrapper doesn't work with DRM drivers (Intel)
Summary: x11-base/xorg-server-1.19.99.901: suid wrapper doesn't work with DRM drivers ...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo X packagers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-05 18:50 UTC by manwe
Modified: 2018-06-08 05:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description manwe 2018-03-05 18:50:03 UTC 
It might be duplicate of ticket #450364 but that one is dead since november, despite comment #5. 

After upgrading from x11-base/xorg-server-1.19.5-r1[suid] to x11-base/xorg-server-1.19.99.901 I also have permission denied to DRM_IOCTL_SET_MASTER, therefore I'm unable to run X as user.

[  1478.094] (II) modeset(0): using drv /dev/dri/card0
[  1478.094] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card support
[  1478.094] (II) modeset(0): Creating default Display subsection in Screen section
        "Default Screen Section" for depth/fbbpp 24/32
[  1478.094] (==) modeset(0): Depth 24, (==) framebuffer bpp 32
[  1478.094] (==) modeset(0): RGB weight 888
[  1478.094] (==) modeset(0): Default visual is TrueColor
...
[  1478.297] (II) Loading sub module "fb"
[  1478.297] (II) LoadModule: "fb"
[  1478.297] (II) Loading /usr/lib64/xorg/modules/libfb.so
[  1478.298] (II) Module fb: vendor="X.Org Foundation"
[  1478.298]    compiled for 1.19.99.901, module version = 1.0.0
[  1478.298]    ABI class: X.Org ANSI C Emulation, version 0.4
[  1478.298] (EE) modeset(0): drmSetMaster failed: Permission denied
[  1478.298] (EE) 
Fatal server error:
[  1478.298] (EE) AddScreen/ScreenInit failed for driver 0

User is in video group and has access to /dev/dri/card0 (root:video 660). 

Reproducible: Always

Steps to Reproduce:
1. startx
Comment 1 Amadeusz Sławiński 2018-03-11 17:10:34 UTC 
I commented here: https://bugs.gentoo.org/635102#c18 but this bug is better place for this:

So I figured why it doesn't work on my desktop, apparently modesetting driver calls SetMaster() and if it fails it exits 
https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/drivers/modesetting/driver.c#n1540

if I make it nonfailing it works similarly to my laptop, ie, I need to give it permissions to access input devices.
-rwxr-sr-x 1 root input 2573800 Mar  9 00:30 /usr/libexec/Xorg


Xorg.wrap, should probably be improved to check if it can call DRM_IOCTL_SET_MASTER for modesetting cards, as it is one that requires root rights
drivers/gpu/drm/drm_ioctl.c:    DRM_IOCTL_DEF(DRM_IOCTL_SET_MASTER, drm_setmaster_ioctl, DRM_UNLOCKED|DRM_ROOT_ONLY),

in contrast to the one it checks (https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/xorg-wrapper.c#n245)
ddrivers/gpu/drm/rm_ioctl.c:    DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETRESOURCES, drm_mode_getresources, DRM_CONTROL_ALLOW|DRM_UNLOCKED),


anyway it's probably for upstream to decide.
Comment 2 Matt Turner gentoo-dev 2018-04-15 23:45:44 UTC 
Please try version 1.19.99.904.
Comment 3 Matt Turner gentoo-dev 2018-05-10 18:12:09 UTC 
Please try 1.20.0. I'm going to have to unmask this version at some point...
Comment 4 manwe 2018-05-11 16:14:59 UTC 
1.12.0 starts fine (sorry, I've missed your post #2) from non-root's account. Although it still breaks xfwm4 with --composite=on.
Comment 5 Matt Turner gentoo-dev 2018-06-08 05:09:53 UTC 
Thanks for testing!