3

I'm trying to learn low level graphics programming on linux using C. I'm fairly new to both linux and C. I'm trying to figure out the most responsible way to manage permissions for /dev/fb0 in my code.

my code:

#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <fcntl.h>
#include <linux/fb.h>
#include <sys/mman.h>
#include <sys/ioctl.h>

int main(){

    int fb_fd = 0;
    // Open the file for reading and writing
    fb_fd = open("/dev/fb0", O_RDWR);
    if (fb_fd == -1) {
    perror("Error: cannot open framebuffer device");
    exit(1);
    }
    printf("The framebuffer device was opened successfully.\n");

    struct fb_fix_screeninfo finfo;
    struct fb_var_screeninfo vinfo; 
    //Get variable screen information
    ioctl(fb_fd, FBIOGET_VSCREENINFO, &vinfo);

    //Get fixed screen information
    ioctl(fb_fd, FBIOGET_FSCREENINFO, &finfo);

    printf("vinfo.bits_per-pixel: %d\n",vinfo.bits_per_pixel);
    close(fb_fd);
    return(0);
}

My issue: the program only runs using sudo ./my_program, otherwise it fails to open the frame buffer (permission denied). I'm not sure how permissions for /dev/fb0 are typically managed when writing software that is meant to draw to the frame buffer. How do I "give permission" to my program , to be run by a normal user without special permissions?

Edit: as requested, some console output: setting mode and permisions

~/learning_c/game_0$ ls -l /dev/fb0
crw-rw---- 1 root video 29, 0 Oct 28 08:01 /dev/fb0
~/learning_c/game_0$ ls -l ./bin/game
-rwxrwxr-x 1 logan logan 15160 Oct 29 21:12 ./bin/game
~/learning_c/game_0$ chgrp video ./bin/game
chgrp: changing group of './bin/game': Operation not permitted
~/learning_c/game_0$ sudo chgrp video ./bin/game
[sudo] password for logan:
~/learning_c/game_0$ ls -l ./bin/game
-rwxrwxr-x 1 logan video 15160 Oct 29 21:12 ./bin/game
~/learning_c/game_0$ sudo chmod -v  g+s ./bin/game
mode of './bin/game' changed from 0775 (rwxrwxr-x) to 2775 (rwxrwsr-x)
~/learning_c/game_0$ ls -l ./bin/game
-rwxrwsr-x 1 logan video 15160 Oct 29 21:12 ./bin/game

try to run ./bin/game

~/learning_c/game_0$ ./bin/game
Error: cannot open framebuffer device: Permission denied
logan@logan-Aspire-5560:~/learning_c/game_0$ sudo ./bin/game
[sudo] password for logan:
The framebuffer device was opened successfully
Logan Bender
  • 31
  • 1
  • 3

1 Answers1

1

/dev/fb0 is usually read-writable for group video:

$ ls -la /dev/fb0

crw-rw---- 1 root video 29, 0 Oct 11 12:40 /dev/fb0

You could have your program owned by group video:

chgrp video my_program

and set the sgid-bit on it:

chmod g+s my_program

This sets the so-called effective gid (egid) of your process, while the real gid is inherited from the parent. Now your program should have the permission to open the framebuffer device even if not run as root.

For security reasons you could (should?) drop these additional privileges after opening the device file by setting the effective gid to the real gid:

fb_fd = open("/dev/fb0", O_RDWR);
setegid(getgid());

This way it should work as you want it to.

Ctx
  • 18,090
  • 24
  • 36
  • 51
  • Thank you for your help. Assuming your suggestions for `chgrp` and `chmod` are meant to be run via the command line, I do not seem to be getting the expected result. I ran them in verbose mode to verify they were changing the group & file mode bits, but still the program is denied permission without `sudo`. Are command line scripts the typical way that programmers acquire permission to access the frame buffer? – Logan Bender Oct 30 '18 at 01:27
  • scrutinizing the mode with `ls -l` I see `-rwxr-xr-x` which indicates the group has `xr-` permission (no `w` permission). The code is opening the file in `O_RDWR` mode. Could it be that the video group needs write permission too? – Logan Bender Oct 30 '18 at 01:52
  • @LoganBender Which file has this mode? /dev/fb0? Please show the complete output of `ls -l /dev/fb0` and `ls -l my_program`. – Ctx Oct 30 '18 at 18:46
  • added comments to the OP – Logan Bender Nov 01 '18 at 01:31