Skip to content

Prevent fb leak during vt session switch

Robert Beckett requested to merge bbeckett/weston:vt_fb_rm_v2 into main

Upon vt switch, the new drm master is able to open and map our fbs, and potentially hold on to those mapping even after we return to our vt where we are drm master. This could either be a deliberate attempt to snoop by untrusted sw running on another vt, or via another drm master owning sw being compromised.

To prevent this information leak, we can work with the shell to render a privacy safe image to a temporary fb, and remove all other fbs while we are switched away. On return, we destroy the temp fb and restore the previous ones. This means that the only information a new drm master can acquire is a safe visual that will not be updated again.

Merge request reports

Loading