xorg-server: Changes to 'debian-unstable'
debian/changelog | 9 +++
dix/grabs.c | 112 ----------------------------------------
hw/xfree86/dixmods/xkbPrivate.c | 15 -----
include/dixgrabs.h | 3 -
4 files changed, 9 insertions(+), 130 deletions(-)
New commits:
commit 0b63406149375bd4abcfc1e48b9eb71a64a417e1
Author: Cyril Brulebois <kibi@debian.org>
Date: Thu Jan 19 10:47:58 2012 +0100
Upload to unstable.
diff --git a/debian/changelog b/debian/changelog
index 7b5b71d..3319a15 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,11 +1,11 @@
-xorg-server (2:1.11.3.901-2) UNRELEASED; urgency=high
+xorg-server (2:1.11.3.901-2) unstable; urgency=high
* Revert "XKB: Add debug key actions for grabs & window tree" to stop
making it possible to bypass X screen locking programs. This is
CVE-2012-0064 (Closes: #656410).
* Set urgency to “high” accordingly.
- -- Cyril Brulebois <kibi@debian.org> Thu, 19 Jan 2012 10:34:53 +0100
+ -- Cyril Brulebois <kibi@debian.org> Thu, 19 Jan 2012 10:47:49 +0100
xorg-server (2:1.11.3.901-1) unstable; urgency=low
commit dd323cd2d32f497aa73e4bd073c77ffad361e1f5
Author: Cyril Brulebois <kibi@debian.org>
Date: Thu Jan 19 10:47:46 2012 +0100
Set urgency to “high” accordingly.
diff --git a/debian/changelog b/debian/changelog
index c6c4666..7b5b71d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,9 @@
-xorg-server (2:1.11.3.901-2) UNRELEASED; urgency=low
+xorg-server (2:1.11.3.901-2) UNRELEASED; urgency=high
* Revert "XKB: Add debug key actions for grabs & window tree" to stop
making it possible to bypass X screen locking programs. This is
CVE-2012-0064 (Closes: #656410).
+ * Set urgency to “high” accordingly.
-- Cyril Brulebois <kibi@debian.org> Thu, 19 Jan 2012 10:34:53 +0100
commit 4ede15d4170bf3108ae3f5b19bc0d980bde1f725
Author: Cyril Brulebois <kibi@debian.org>
Date: Thu Jan 19 10:41:38 2012 +0100
Bump changelog, close #656410 aka. CVE-2012-0064.
diff --git a/debian/changelog b/debian/changelog
index e6a5e4a..c6c4666 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+xorg-server (2:1.11.3.901-2) UNRELEASED; urgency=low
+
+ * Revert "XKB: Add debug key actions for grabs & window tree" to stop
+ making it possible to bypass X screen locking programs. This is
+ CVE-2012-0064 (Closes: #656410).
+
+ -- Cyril Brulebois <kibi@debian.org> Thu, 19 Jan 2012 10:34:53 +0100
+
xorg-server (2:1.11.3.901-1) unstable; urgency=low
* New upstream release candidate (1.11.4 RC1):
commit 663e92e660a15548f68a764479d7d59ed5c9af64
Author: Cyril Brulebois <kibi@debian.org>
Date: Thu Jan 19 10:32:28 2012 +0100
Revert "XKB: Add debug key actions for grabs & window tree"
This reverts commit 7d2543a3cb3089241982ce4f8984fd723d5312a1.
Ctrl-Alt-Multiply would kill potentially any X screen locking program.
Revert the offending commit for now, fixing CVE-2012-0064.
Signed-off-by: Cyril Brulebois <kibi@debian.org>
diff --git a/dix/grabs.c b/dix/grabs.c
index c28356d..5e61d25 100644
--- a/dix/grabs.c
+++ b/dix/grabs.c
@@ -68,118 +68,6 @@ SOFTWARE.
#define BITCLEAR(buf, i) MASKWORD(buf, i) &= ~BITMASK(i)
#define GETBIT(buf, i) (MASKWORD(buf, i) & BITMASK(i))
-void
-PrintDeviceGrabInfo(DeviceIntPtr dev)
-{
- ClientPtr client;
- LocalClientCredRec *lcc;
- int i, j;
- GrabInfoPtr devGrab = &dev->deviceGrab;
- GrabPtr grab = devGrab->grab;
-
- ErrorF("Active grab 0x%lx (%s) on device '%s' (%d):",
- (unsigned long) grab->resource,
- (grab->grabtype == GRABTYPE_XI2) ? "xi2" :
- ((grab->grabtype == GRABTYPE_CORE) ? "core" : "xi1"),
- dev->name, dev->id);
-
- client = clients[CLIENT_ID(grab->resource)];
- if (client && GetLocalClientCreds(client, &lcc) != -1)
- {
- ErrorF(" client pid %ld uid %ld gid %ld\n",
- (lcc->fieldsSet & LCC_PID_SET) ? (long) lcc->pid : 0,
- (lcc->fieldsSet & LCC_UID_SET) ? (long) lcc->euid : 0,
- (lcc->fieldsSet & LCC_GID_SET) ? (long) lcc->egid : 0);
- FreeLocalClientCreds(lcc);
- }
- else
- {
- ErrorF(" (no client information available)\n");
- }
-
- /* XXX is this even correct? */
- if (devGrab->sync.other)
- ErrorF(" grab ID 0x%lx from paired device\n",
- (unsigned long) devGrab->sync.other->resource);
-
- ErrorF(" at %ld (from %s grab)%s (device %s, state %d)\n",
- (unsigned long) devGrab->grabTime.milliseconds,
- devGrab->fromPassiveGrab ? "passive" : "active",
- devGrab->implicitGrab ? " (implicit)" : "",
- devGrab->sync.frozen ? "frozen" : "thawed",
- devGrab->sync.state);
-
- if (grab->grabtype == GRABTYPE_CORE)
- {
- ErrorF(" core event mask 0x%lx\n",
- (unsigned long) grab->eventMask);
- }
- else if (grab->grabtype == GRABTYPE_XI)
- {
- ErrorF(" xi1 event mask 0x%lx\n",
- devGrab->implicitGrab ? (unsigned long) grab->deviceMask :
- (unsigned long) grab->eventMask);
- }
- else if (grab->grabtype == GRABTYPE_XI2)
- {
- for (i = 0; i < EMASKSIZE; i++)
- {
- int print;
- print = 0;
- for (j = 0; j < XI2MASKSIZE; j++)
- {
- if (grab->xi2mask[i][j])
- {
- print = 1;
- break;
- }
- }
- if (!print)
- continue;
- ErrorF(" xi2 event mask for device %d: 0x", dev->id);
- for (j = 0; j < XI2MASKSIZE; j++)
- ErrorF("%x", grab->xi2mask[i][j]);
- ErrorF("\n");
- }
- }
-
- if (devGrab->fromPassiveGrab)
- {
- ErrorF(" passive grab type %d, detail 0x%x, "
- "activating key %d\n", grab->type, grab->detail.exact,
- devGrab->activatingKey);
- }
-
- ErrorF(" owner-events %s, kb %d ptr %d, confine %lx, cursor 0x%lx\n",
- grab->ownerEvents ? "true" : "false",
- grab->keyboardMode, grab->pointerMode,
- grab->confineTo ? (unsigned long) grab->confineTo->drawable.id : 0,
- grab->cursor ? (unsigned long) grab->cursor->id : 0);
-}
-
-void
-UngrabAllDevices(Bool kill_client)
-{
- DeviceIntPtr dev;
- ClientPtr client;
-
- ErrorF("Ungrabbing all devices%s; grabs listed below:\n",
- kill_client ? " and killing their owners" : "");
-
- for (dev = inputInfo.devices; dev; dev = dev->next)
- {
- if (!dev->deviceGrab.grab)
- continue;
- PrintDeviceGrabInfo(dev);
- client = clients[CLIENT_ID(dev->deviceGrab.grab->resource)];
- if (!client || client->clientGone)
- dev->deviceGrab.DeactivateGrab(dev);
- CloseDownClient(client);
- }
-
- ErrorF("End list of ungrabbed devices\n");
-}
-
GrabPtr
CreateGrab(
int client,
diff --git a/hw/xfree86/dixmods/xkbPrivate.c b/hw/xfree86/dixmods/xkbPrivate.c
index 06d1c2b..9742eaf 100644
--- a/hw/xfree86/dixmods/xkbPrivate.c
+++ b/hw/xfree86/dixmods/xkbPrivate.c
@@ -13,7 +13,6 @@
#define XKBSRV_NEED_FILE_FUNCS
#include <xkbsrv.h>
-#include "dixgrabs.h"
#include "os.h"
#include "xf86.h"
@@ -30,20 +29,6 @@ XkbDDXPrivate(DeviceIntPtr dev,KeyCode key,XkbAction *act)
xf86ProcessActionEvent(ACTION_PREV_MODE, NULL);
else if (strcasecmp(msgbuf, "+vmode")==0)
xf86ProcessActionEvent(ACTION_NEXT_MODE, NULL);
- else if (strcasecmp(msgbuf, "prgrbs")==0) {
- DeviceIntPtr tmp;
- xf86Msg(X_INFO, "Printing all currently active device grabs:\n");
- for (tmp = inputInfo.devices; tmp; tmp = tmp->next)
- if (tmp->deviceGrab.grab)
- PrintDeviceGrabInfo(tmp);
- xf86Msg(X_INFO, "End list of active device grabs\n");
- }
- else if (strcasecmp(msgbuf, "ungrab")==0)
- UngrabAllDevices(FALSE);
- else if (strcasecmp(msgbuf, "clsgrb")==0)
- UngrabAllDevices(TRUE);
- else if (strcasecmp(msgbuf, "prwins")==0)
- PrintWindowTree();
}
return 0;
diff --git a/include/dixgrabs.h b/include/dixgrabs.h
index 229c8bb..3b2a46d 100644
--- a/include/dixgrabs.h
+++ b/include/dixgrabs.h
@@ -28,9 +28,6 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
struct _GrabParameters;
-extern void PrintDeviceGrabInfo(DeviceIntPtr dev);
-extern void UngrabAllDevices(Bool kill_client);
-
extern GrabPtr CreateGrab(
int /* client */,
DeviceIntPtr /* device */,
Reply to: