xorg-server: Changes to 'upstream-unstable'
configure.ac | 14 ++++++----
dix/pixmap.c | 31 +++++++++++++++++------
glamor/glamor_render.c | 4 ++
hw/xfree86/ramdac/xf86HWCurs.c | 55 +++++++++++++++++++++++++++++++----------
hw/xwayland/xwayland-cvt.c | 7 +++++
hw/xwayland/xwayland-input.c | 11 ++++----
hw/xwayland/xwayland-output.c | 37 +++++++++++++++++----------
include/dix-config.h.in | 9 ++++++
include/input.h | 1
include/os.h | 5 +++
miext/damage/damage.c | 10 +++++++
os/auth.c | 14 +++++++---
os/inputthread.c | 8 +++++
os/io.c | 3 ++
os/mitauth.c | 15 -----------
os/osdep.h | 6 ----
os/rpcauth.c | 6 ----
os/timingsafe_memcmp.c | 48 +++++++++++++++++++++++++++++++++++
os/xdmauth.c | 27 --------------------
present/present.c | 4 --
20 files changed, 211 insertions(+), 104 deletions(-)
New commits:
commit f23e65f96365706c69fa781b2c6cbf3203619c9f
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Mar 2 17:53:04 2017 -0500
xserver 1.19.2, no, really
Signed-off-by: Adam Jackson <ajax@redhat.com>
diff --git a/configure.ac b/configure.ac
index 7ca32f0..a265ab5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -26,7 +26,7 @@ dnl
dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
-AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
+AC_INIT([xorg-server], 1.19.2, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
RELEASE_DATE="2017-03-02"
RELEASE_NAME="Clam Chowder"
AC_CONFIG_SRCDIR([Makefile.am])
commit 96d4df934bb4397a251d7d1f2dc0e1296c2e9bb3
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Mar 2 15:07:00 2017 -0500
xserver 1.19.2
Signed-off-by: Adam Jackson <ajax@redhat.com>
diff --git a/configure.ac b/configure.ac
index 292694b..7ca32f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
-RELEASE_DATE="2017-01-11"
-RELEASE_NAME="Maeuntang"
+RELEASE_DATE="2017-03-02"
+RELEASE_NAME="Clam Chowder"
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign dist-bzip2])
commit f4ff7b6b559c3ebf7ec1156d170b3daa0618eec2
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Mar 2 17:20:30 2017 -0500
os: Squash missing declaration warning for timingsafe_memcmp
timingsafe_memcmp.c:21:1: warning: no previous prototype for ‘timingsafe_memcmp’ [-Wmissing-prototypes]
timingsafe_memcmp(const void *b1, const void *b2, size_t len)
Signed-off-by: Adam Jackson <ajax@redhat.com>
(cherry picked from commit 5c44169caed811e59a65ba346de1cadb46d266ec)
diff --git a/os/timingsafe_memcmp.c b/os/timingsafe_memcmp.c
index 36ab362..65679c8 100644
--- a/os/timingsafe_memcmp.c
+++ b/os/timingsafe_memcmp.c
@@ -16,6 +16,9 @@
#include <limits.h>
#include <string.h>
+#include <X11/Xfuncproto.h>
+#include <dix-config.h>
+#include "os.h"
int
timingsafe_memcmp(const void *b1, const void *b2, size_t len)
commit 1aa40b96e2f099eabfeef66e77fff36dbd377aa0
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Mar 2 15:43:15 2017 -0500
Revert "xserver 1.19.2"
Apparently I need to fight make distcheck some more, so let's not
pretend this is released yet.
This reverts commit 0b4112bc753a5bd5306f0c67e13e26e3f1c72211.
diff --git a/configure.ac b/configure.ac
index 7ca32f0..292694b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
-RELEASE_DATE="2017-03-02"
-RELEASE_NAME="Clam Chowder"
+RELEASE_DATE="2017-01-11"
+RELEASE_NAME="Maeuntang"
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign dist-bzip2])
commit 0b4112bc753a5bd5306f0c67e13e26e3f1c72211
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Mar 2 15:07:00 2017 -0500
xserver 1.19.2
Signed-off-by: Adam Jackson <ajax@redhat.com>
diff --git a/configure.ac b/configure.ac
index 292694b..7ca32f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,8 +27,8 @@ dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
AC_INIT([xorg-server], 1.19.1, [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], xorg-server)
-RELEASE_DATE="2017-01-11"
-RELEASE_NAME="Maeuntang"
+RELEASE_DATE="2017-03-02"
+RELEASE_NAME="Clam Chowder"
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign dist-bzip2])
commit e4dd73b242522942d9a5f1c9cada92321710a682
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Wed Mar 1 08:51:31 2017 +0100
xwayland: do not set checkRepeat on master kbd
keyboard_check_repeat() fetches the XWayland seat from the
dev->public.devicePrivate do do its thing.
If a key event is sent programmatically through Xtest, our device is the
virtual core keyboard and that has a dev->public.devicePrivate of NULL,
leading to a segfault in keyboard_check_repeat().
This is the case with "antimicro" which sends key events based on the
joystick buttons.
Don't set the checkRepeat handler on the VCK since it cannot possibly work
anyway and it has no effect on the actual checkRepeat intended functionality.
Bugzilla: https://bugzilla.redhat.com/1416244
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit fe5c340046c8cf755b92763a49b2dc475e856a76)
diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c
index ce0e433..f06e88a 100644
--- a/hw/xwayland/xwayland-input.c
+++ b/hw/xwayland/xwayland-input.c
@@ -1033,8 +1033,6 @@ release_relative_pointer(struct xwl_seat *xwl_seat)
static void
init_keyboard(struct xwl_seat *xwl_seat)
{
- DeviceIntPtr master;
-
xwl_seat->wl_keyboard = wl_seat_get_keyboard(xwl_seat->seat);
wl_keyboard_add_listener(xwl_seat->wl_keyboard,
&keyboard_listener, xwl_seat);
@@ -1046,9 +1044,6 @@ init_keyboard(struct xwl_seat *xwl_seat)
}
EnableDevice(xwl_seat->keyboard, TRUE);
xwl_seat->keyboard->key->xkbInfo->checkRepeat = keyboard_check_repeat;
- master = GetMaster(xwl_seat->keyboard, MASTER_KEYBOARD);
- if (master)
- master->key->xkbInfo->checkRepeat = keyboard_check_repeat;
}
static void
commit c84f5c3dd19ae114da4eb3441b3e4e3a29f195df
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue Feb 28 14:27:52 2017 +0100
xwayland: Make sure we have a focus window
During the InitInput() phase, the wayland events get dequeued so we
can possibly end up calling dispatch_pointer_motion_event().
If this occurs before xwl_seat->focus_window is set, it leads to a NULL
pointer derefence and a segfault.
Check for xwl_seat->focus_window in both pointer_handle_frame() and
relative_pointer_handle_relative_motion() prior to calling
dispatch_pointer_motion_event() like it's done in
pointer_handle_motion().
Bugzilla: https://bugzilla.redhat.com/1410804
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 8c9909a99292b2fb4a86de694bb0029f61e35662)
diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c
index ecf0b7a..ce0e433 100644
--- a/hw/xwayland/xwayland-input.c
+++ b/hw/xwayland/xwayland-input.c
@@ -516,6 +516,9 @@ pointer_handle_frame(void *data, struct wl_pointer *wl_pointer)
{
struct xwl_seat *xwl_seat = data;
+ if (!xwl_seat->focus_window)
+ return;
+
dispatch_pointer_motion_event(xwl_seat);
}
@@ -566,6 +569,9 @@ relative_pointer_handle_relative_motion(void *data,
xwl_seat->pending_pointer_event.dx_unaccel = wl_fixed_to_double(dx_unaccelf);
xwl_seat->pending_pointer_event.dy_unaccel = wl_fixed_to_double(dy_unaccelf);
+ if (!xwl_seat->focus_window)
+ return;
+
if (wl_proxy_get_version((struct wl_proxy *) xwl_seat->wl_pointer) < 5)
dispatch_pointer_motion_event(xwl_seat);
}
commit 94c3454d9fdbcefb01042c5c9d88468d86dd4725
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Wed Mar 1 20:28:34 2017 +0100
Brown bag commit to fix 957e8d (arc4random_buf() support)
- typo in #ifdef check
- also need to add AC_CHECK_FUNCS([arc4random_buf])
Reported-by Eric Engestrom. Thanks
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit 386fbbe410a1168b724136e54cf3bd37fb64ad4e)
diff --git a/configure.ac b/configure.ac
index 610de09..292694b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -226,6 +226,7 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\
AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"])
AC_CHECK_LIB([bsd], [arc4random_buf])
+AC_CHECK_FUNCS([arc4random_buf])
AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]])
diff --git a/os/auth.c b/os/auth.c
index 41b625d..c7b333c 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -305,7 +305,7 @@ GenerateAuthorization(unsigned name_length,
void
GenerateRandomData(int len, char *buf)
{
-#ifdef HAVE_ARC4RANDOMBUF
+#ifdef HAVE_ARC4RANDOM_BUF
arc4random_buf(buf, len);
#else
int fd;
commit b0298c02f0383760be899448fa666d0ea56f5d79
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Tue Feb 28 19:18:56 2017 +0100
auth: remove AuthToIDFunc and associated functions. Not used anymore.
And the current code for MitToId has a use-after-free() issue.
[Also remove the actual implementations - ajax]
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683)
diff --git a/os/auth.c b/os/auth.c
index 81164a2..41b625d 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -55,7 +55,6 @@ struct protocol {
AuthAddCFunc Add; /* new authorization data */
AuthCheckFunc Check; /* verify client authorization data */
AuthRstCFunc Reset; /* delete all authorization data entries */
- AuthToIDFunc ToID; /* convert cookie to ID */
AuthFromIDFunc FromID; /* convert ID to cookie */
AuthRemCFunc Remove; /* remove a specific cookie */
#ifdef XCSECURITY
@@ -66,7 +65,7 @@ struct protocol {
static struct protocol protocols[] = {
{(unsigned short) 18, "MIT-MAGIC-COOKIE-1",
MitAddCookie, MitCheckCookie, MitResetCookie,
- MitToID, MitFromID, MitRemoveCookie,
+ MitFromID, MitRemoveCookie,
#ifdef XCSECURITY
MitGenerateCookie
#endif
@@ -74,7 +73,7 @@ static struct protocol protocols[] = {
#ifdef HASXDMAUTH
{(unsigned short) 19, "XDM-AUTHORIZATION-1",
XdmAddCookie, XdmCheckCookie, XdmResetCookie,
- XdmToID, XdmFromID, XdmRemoveCookie,
+ XdmFromID, XdmRemoveCookie,
#ifdef XCSECURITY
NULL
#endif
@@ -83,7 +82,7 @@ static struct protocol protocols[] = {
#ifdef SECURE_RPC
{(unsigned short) 9, "SUN-DES-1",
SecureRPCAdd, SecureRPCCheck, SecureRPCReset,
- SecureRPCToID, SecureRPCFromID, SecureRPCRemove,
+ SecureRPCFromID, SecureRPCRemove,
#ifdef XCSECURITY
NULL
#endif
diff --git a/os/mitauth.c b/os/mitauth.c
index efae440..e75d700 100644
--- a/os/mitauth.c
+++ b/os/mitauth.c
@@ -97,19 +97,6 @@ MitResetCookie(void)
return 0;
}
-XID
-MitToID(unsigned short data_length, char *data)
-{
- struct auth *auth;
-
- for (auth = mit_auth; auth; auth = auth->next) {
- if (data_length == auth->len &&
- memcmp(data, auth->data, data_length) == 0)
- return auth->id;
- }
- return (XID) -1;
-}
-
int
MitFromID(XID id, unsigned short *data_lenp, char **datap)
{
diff --git a/os/osdep.h b/os/osdep.h
index 90a247f..a0d57b8 100644
--- a/os/osdep.h
+++ b/os/osdep.h
@@ -113,9 +113,6 @@ typedef int (*AuthRemCFunc) (AuthRemCArgs);
#define AuthRstCArgs void
typedef int (*AuthRstCFunc) (AuthRstCArgs);
-#define AuthToIDArgs unsigned short data_length, char *data
-typedef XID (*AuthToIDFunc) (AuthToIDArgs);
-
typedef void (*OsCloseFunc) (ClientPtr);
typedef int (*OsFlushFunc) (ClientPtr who, struct _osComm * oc, char *extraBuf,
@@ -185,7 +182,6 @@ extern void GenerateRandomData(int len, char *buf);
/* in mitauth.c */
extern XID MitCheckCookie(AuthCheckArgs);
extern XID MitGenerateCookie(AuthGenCArgs);
-extern XID MitToID(AuthToIDArgs);
extern int MitAddCookie(AuthAddCArgs);
extern int MitFromID(AuthFromIDArgs);
extern int MitRemoveCookie(AuthRemCArgs);
@@ -194,7 +190,6 @@ extern int MitResetCookie(AuthRstCArgs);
/* in xdmauth.c */
#ifdef HASXDMAUTH
extern XID XdmCheckCookie(AuthCheckArgs);
-extern XID XdmToID(AuthToIDArgs);
extern int XdmAddCookie(AuthAddCArgs);
extern int XdmFromID(AuthFromIDArgs);
extern int XdmRemoveCookie(AuthRemCArgs);
@@ -205,7 +200,6 @@ extern int XdmResetCookie(AuthRstCArgs);
#ifdef SECURE_RPC
extern void SecureRPCInit(AuthInitArgs);
extern XID SecureRPCCheck(AuthCheckArgs);
-extern XID SecureRPCToID(AuthToIDArgs);
extern int SecureRPCAdd(AuthAddCArgs);
extern int SecureRPCFromID(AuthFromIDArgs);
extern int SecureRPCRemove(AuthRemCArgs);
diff --git a/os/rpcauth.c b/os/rpcauth.c
index 5680489..33260db 100644
--- a/os/rpcauth.c
+++ b/os/rpcauth.c
@@ -175,12 +175,6 @@ SecureRPCReset(void)
return 1;
}
-_X_HIDDEN XID
-SecureRPCToID(unsigned short data_length, char *data)
-{
- return rpc_id;
-}
-
_X_HIDDEN int
SecureRPCFromID(XID id, unsigned short *data_lenp, char **datap)
{
diff --git a/os/xdmauth.c b/os/xdmauth.c
index cb2e39e..c35cade 100644
--- a/os/xdmauth.c
+++ b/os/xdmauth.c
@@ -411,33 +411,6 @@ XdmResetCookie(void)
return 1;
}
-XID
-XdmToID(unsigned short cookie_length, char *cookie)
-{
- XdmAuthorizationPtr auth;
- XdmClientAuthPtr client;
- unsigned char *plain;
-
- plain = malloc(cookie_length);
- if (!plain)
- return (XID) -1;
- for (auth = xdmAuth; auth; auth = auth->next) {
- XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key,
- plain, cookie_length);
- if ((client =
- XdmAuthorizationValidate(plain, cookie_length, &auth->rho, NULL,
- NULL)) != NULL) {
- free(client);
- free(cookie);
- free(plain);
- return auth->id;
- }
- }
- free(cookie);
- free(plain);
- return (XID) -1;
-}
-
int
XdmFromID(XID id, unsigned short *data_lenp, char **datap)
{
commit ab15f65fe5d6d50e705c1064a6a5c1a0c2a8e045
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Tue Feb 28 19:18:43 2017 +0100
Use arc4random_buf(3) if available to generate cookies.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
(cherry picked from commit 957e8db38f27932d353e86e9aa69cf16778b18f1)
diff --git a/configure.ac b/configure.ac
index 62cd547..610de09 100644
--- a/configure.ac
+++ b/configure.ac
@@ -225,6 +225,8 @@ AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\
timingsafe_memcmp])
AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"])
+AC_CHECK_LIB([bsd], [arc4random_buf])
+
AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]])
dnl Check for SO_PEERCRED #define
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index 4b86c1a..d357910 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -125,6 +125,9 @@
/* Build a standalone xpbproxy */
#undef STANDALONE_XPBPROXY
+/* Define to 1 if you have the `bsd' library (-lbsd). */
+#undef HAVE_LIBBSD
+
/* Define to 1 if you have the `m' library (-lm). */
#undef HAVE_LIBM
@@ -161,6 +164,9 @@
/* Define to 1 if you have the <rpcsvc/dbm.h> header file. */
#undef HAVE_RPCSVC_DBM_H
+/* Define to 1 if you have the `arc4random_buf' function. */
+#undef HAVE_ARC4RANDOM_BUF
+
/* Define to use libc SHA1 functions */
#undef HAVE_SHA1_IN_LIBC
diff --git a/os/auth.c b/os/auth.c
index 7da6fc6..81164a2 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -45,6 +45,9 @@ from The Open Group.
#ifdef WIN32
#include <X11/Xw32defs.h>
#endif
+#ifdef HAVE_LIBBSD
+#include <bsd/stdlib.h> /* for arc4random_buf() */
+#endif
struct protocol {
unsigned short name_length;
@@ -303,11 +306,15 @@ GenerateAuthorization(unsigned name_length,
void
GenerateRandomData(int len, char *buf)
{
+#ifdef HAVE_ARC4RANDOMBUF
+ arc4random_buf(buf, len);
+#else
int fd;
fd = open("/dev/urandom", O_RDONLY);
read(fd, buf, len);
close(fd);
+#endif
}
#endif /* XCSECURITY */
commit 3f61c7a09b220805ee6778f4bf2f429e3df8e37a
Author: Matthieu Herrb <matthieu@herrb.eu>
Date: Tue Feb 28 19:18:25 2017 +0100
Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624
Provide the function definition for systems that don't have it.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit d7ac755f0b618eb1259d93c8a16ec6e39a18627c)
diff --git a/configure.ac b/configure.ac
index 770c3e6..62cd547 100644
--- a/configure.ac
+++ b/configure.ac
@@ -221,7 +221,8 @@ AC_CHECK_FUNCS([backtrace ffs geteuid getuid issetugid getresuid \
mmap posix_fallocate seteuid shmctl64 strncasecmp vasprintf vsnprintf \
walkcontext setitimer poll epoll_create1])
AC_CONFIG_LIBOBJ_DIR([os])
-AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup])
+AC_REPLACE_FUNCS([reallocarray strcasecmp strcasestr strlcat strlcpy strndup\
+ timingsafe_memcmp])
AM_CONDITIONAL(POLL, [test "x$ac_cv_func_poll" = "xyes"])
AC_CHECK_DECLS([program_invocation_short_name], [], [], [[#include <errno.h>]])
diff --git a/include/dix-config.h.in b/include/dix-config.h.in
index 4f020e5..4b86c1a 100644
--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
@@ -238,6 +238,9 @@
/* Define to 1 if you have the <sys/utsname.h> header file. */
#undef HAVE_SYS_UTSNAME_H
+/* Define to 1 if you have the `timingsafe_memcmp' function. */
+#undef HAVE_TIMINGSAFE_MEMCMP
+
/* Define to 1 if you have the <tslib.h> header file. */
#undef HAVE_TSLIB_H
diff --git a/include/os.h b/include/os.h
index d2c41b4..aa231f5 100644
--- a/include/os.h
+++ b/include/os.h
@@ -590,6 +590,11 @@ extern _X_EXPORT char *
strndup(const char *str, size_t n);
#endif
+#ifndef HAVE_TIMINGSAFE_MEMCMP
+extern _X_EXPORT int
+timingsafe_memcmp(const void *b1, const void *b2, size_t len);
+#endif
+
/* Logging. */
typedef enum _LogParameter {
XLOG_FLUSH,
diff --git a/os/mitauth.c b/os/mitauth.c
index 768a52a..efae440 100644
--- a/os/mitauth.c
+++ b/os/mitauth.c
@@ -76,7 +76,7 @@ MitCheckCookie(unsigned short data_length,
for (auth = mit_auth; auth; auth = auth->next) {
if (data_length == auth->len &&
- memcmp(data, auth->data, (int) data_length) == 0)
+ timingsafe_memcmp(data, auth->data, (int) data_length) == 0)
return auth->id;
}
*reason = "Invalid MIT-MAGIC-COOKIE-1 key";
diff --git a/os/timingsafe_memcmp.c b/os/timingsafe_memcmp.c
new file mode 100644
index 0000000..36ab362
--- /dev/null
+++ b/os/timingsafe_memcmp.c
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2014 Google Inc.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <limits.h>
+#include <string.h>
+
+int
+timingsafe_memcmp(const void *b1, const void *b2, size_t len)
+{
+ const unsigned char *p1 = b1, *p2 = b2;
+ size_t i;
+ int res = 0, done = 0;
+
+ for (i = 0; i < len; i++) {
+ /* lt is -1 if p1[i] < p2[i]; else 0. */
+ int lt = (p1[i] - p2[i]) >> CHAR_BIT;
+
+ /* gt is -1 if p1[i] > p2[i]; else 0. */
+ int gt = (p2[i] - p1[i]) >> CHAR_BIT;
+
+ /* cmp is 1 if p1[i] > p2[i]; -1 if p1[i] < p2[i]; else 0. */
+ int cmp = lt - gt;
+
+ /* set res = cmp if !done. */
+ res |= cmp & ~done;
+
+ /* set done if p1[i] != p2[i]. */
+ done |= lt | gt;
+ }
+
+ return (res);
+}
commit b5c98aa6779b97882246b03c5dea646bd1355991
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu Feb 23 10:21:49 2017 +1000
os: log a bug whenever WriteToClient is called from the input thread
The input thread should generate events, not send them. Make it easier to
find the instances where it's doing so.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Tested-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 1b12249fd6d4d3b566043d556503f3f625b9b4ba)
diff --git a/include/input.h b/include/input.h
index bb58b22..6c9e45d 100644
--- a/include/input.h
+++ b/include/input.h
@@ -722,6 +722,7 @@ extern _X_HIDDEN void input_constrain_cursor(DeviceIntPtr pDev, ScreenPtr screen
extern _X_EXPORT void input_lock(void);
extern _X_EXPORT void input_unlock(void);
extern _X_EXPORT void input_force_unlock(void);
+extern _X_EXPORT int in_input_thread(void);
extern void InputThreadPreInit(void);
extern void InputThreadInit(void);
diff --git a/os/inputthread.c b/os/inputthread.c
index 8e7f2ed..721e863 100644
--- a/os/inputthread.c
+++ b/os/inputthread.c
@@ -90,6 +90,13 @@ static pthread_mutex_t input_mutex;
static Bool input_mutex_initialized;
#endif
+int
+in_input_thread(void)
+{
+ return inputThreadInfo &&
+ pthread_equal(pthread_self(), inputThreadInfo->thread);
+}
+
void
input_lock(void)
{
@@ -529,6 +536,7 @@ void input_force_unlock(void) {}
void InputThreadPreInit(void) {}
void InputThreadInit(void) {}
void InputThreadFini(void) {}
+int in_input_thread(void) { return 0; }
int InputThreadRegisterDev(int fd,
NotifyFdProcPtr readInputProc,
diff --git a/os/io.c b/os/io.c
index 5ba1e86..234c0f3 100644
--- a/os/io.c
+++ b/os/io.c
@@ -652,6 +652,9 @@ WriteToClient(ClientPtr who, int count, const void *__buf)
int padBytes;
const char *buf = __buf;
+ BUG_RETURN_VAL_MSG(in_input_thread(), 0,
+ "******** %s called from input thread *********\n", __func__);
+
#ifdef DEBUG_COMMUNICATION
Bool multicount = FALSE;
#endif
commit 04c72d3c30623e360fd0bd37ed559915b93467f4
Author: Michel Dänzer <michel.daenzer@amd.com>
Date: Tue Feb 7 17:38:23 2017 +0900
damage: Validate source pictures bound to windows before unwrapping
The lower layers also do this, but no damage may be reported there,
since we unwrap before calling down.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=99220
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
(cherry picked from commit 38696ea56854e055c31bd2730adfc7c39aa115b0)
diff --git a/configure.ac b/configure.ac
index b0daff9..770c3e6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1844,7 +1844,7 @@ if test "x$XNEST" = xyes; then
if test "x$have_xnest" = xno; then
AC_MSG_ERROR([Xnest build explicitly requested, but required modules not found.])
fi
- XNEST_LIBS="$FB_LIB $FIXES_LIB $MI_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB $DIX_LIB $OS_LIB"
+ XNEST_LIBS="$FB_LIB $FIXES_LIB $MI_LIB $XEXT_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $RENDER_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB $DIX_LIB $OS_LIB"
XNEST_SYS_LIBS="$XNESTMODULES_LIBS $GLX_SYS_LIBS"
AC_SUBST([XNEST_LIBS])
AC_SUBST([XNEST_SYS_LIBS])
diff --git a/miext/damage/damage.c b/miext/damage/damage.c
index d6a3614..2fae03f 100644
--- a/miext/damage/damage.c
+++ b/miext/damage/damage.c
@@ -34,6 +34,7 @@
#include <X11/fonts/fontstruct.h>
#include <X11/fonts/libxfont2.h>
#include "mi.h"
+#include "mipict.h"
#include "regionstr.h"
#include "globals.h"
#include "gcstruct.h"
@@ -499,6 +500,15 @@ damageComposite(CARD8 op,
if (BOX_NOT_EMPTY(box))
damageDamageBox(pDst->pDrawable, &box, pDst->subWindowMode);
}
+ /*
+ * Validating a source picture bound to a window may trigger other
+ * composite operations. Do it before unwrapping to make sure damage
+ * is reported correctly.
+ */
+ if (pSrc->pDrawable && WindowDrawable(pSrc->pDrawable->type))
+ miCompositeSourceValidate(pSrc);
+ if (pMask && pMask->pDrawable && WindowDrawable(pMask->pDrawable->type))
+ miCompositeSourceValidate(pMask);
unwrap(pScrPriv, ps, Composite);
(*ps->Composite) (op,
pSrc,
commit 5c1dd4eba833ecf4ea789c8319b4e25ea1e1fab9
Author: Michel Dänzer <michel.daenzer@amd.com>
Date: Wed Feb 1 18:35:57 2017 +0900
present: Allow flipping with PRIME slave outputs
Works fine now.
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
(cherry picked from commit 542d9f6807ac06b70f564ccab10af69fa21a1221)
diff --git a/present/present.c b/present/present.c
index ef89045..aa9c041 100644
--- a/present/present.c
+++ b/present/present.c
@@ -144,10 +144,6 @@ present_check_flip(RRCrtcPtr crtc,
if (!screen_priv->info->flip)
return FALSE;
- /* Fail to flip if we have slave outputs */
- if (screen->output_slaves)
- return FALSE;
-
/* Make sure the window hasn't been redirected with Composite */
window_pixmap = screen->GetWindowPixmap(window);
if (window_pixmap != screen->GetScreenPixmap(screen) &&
commit 10f8cf3572297764c6b50ac1f01b3ee195b1a453
Author: Michel Dänzer <michel.daenzer@amd.com>
Date: Wed Feb 1 18:35:56 2017 +0900
prime: Sync shared pixmap from root window instead of screen pixmap
The screen pixmap doesn't receive updates while there's a Present flip
window.
[1.19: Squashed in a6566f9e to avoid intermediate regression - ajax]
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
(cherry picked from commit b5b292896f647c85f03f53b20b2f03c0e94de428)
(cherry picked from commit a6566f9e4dbf9ea9568a14e22cb5d004e10dbd4d)
diff --git a/dix/pixmap.c b/dix/pixmap.c
index 49267a1..b67a2e8 100644
--- a/dix/pixmap.c
+++ b/dix/pixmap.c
@@ -172,6 +172,14 @@ PixmapPtr PixmapShareToSlave(PixmapPtr pixmap, ScreenPtr slave)
return spix;
}
+static void
+PixmapDirtyDamageDestroy(DamagePtr damage, void *closure)
+{
+ PixmapDirtyUpdatePtr dirty = closure;
+
+ dirty->damage = NULL;
+}
+
Bool
PixmapStartDirtyTracking(PixmapPtr src,
PixmapPtr slave_dst,
@@ -195,10 +203,10 @@ PixmapStartDirtyTracking(PixmapPtr src,
dirty_update->dst_x = dst_x;
dirty_update->dst_y = dst_y;
dirty_update->rotation = rotation;
- dirty_update->damage = DamageCreate(NULL, NULL,
+ dirty_update->damage = DamageCreate(NULL, PixmapDirtyDamageDestroy,
DamageReportNone,
TRUE, src->drawable.pScreen,
- src->drawable.pScreen);
+ dirty_update);
if (rotation != RR_Rotate_0) {
RRTransformCompute(x, y,
@@ -233,7 +241,8 @@ PixmapStartDirtyTracking(PixmapPtr src,
RegionUnion(damageregion, damageregion, &dstregion);
RegionUninit(&dstregion);
- DamageRegister(&src->drawable, dirty_update->damage);
+ DamageRegister(screen->root ? &screen->root->drawable : &src->drawable,
+ dirty_update->damage);
xorg_list_add(&dirty_update->ent, &screen->pixmap_dirty_list);
return TRUE;
}
@@ -246,7 +255,8 @@ PixmapStopDirtyTracking(PixmapPtr src, PixmapPtr slave_dst)
xorg_list_for_each_entry_safe(ent, safe, &screen->pixmap_dirty_list, ent) {
if (ent->src == src && ent->slave_dst == slave_dst) {
- DamageDestroy(ent->damage);
+ if (ent->damage)
+ DamageDestroy(ent->damage);
xorg_list_del(&ent->ent);
free(ent);
}
@@ -260,6 +270,7 @@ PixmapDirtyCopyArea(PixmapPtr dst,
RegionPtr dirty_region)
{
ScreenPtr pScreen = dirty->src->drawable.pScreen;
+ DrawablePtr src = pScreen->root ? &pScreen->root->drawable : &dirty->src->drawable;
int n;
BoxPtr b;
GCPtr pGC;
@@ -267,7 +278,13 @@ PixmapDirtyCopyArea(PixmapPtr dst,
n = RegionNumRects(dirty_region);
b = RegionRects(dirty_region);
- pGC = GetScratchGC(dirty->src->drawable.depth, pScreen);
+ pGC = GetScratchGC(src->depth, pScreen);
+ if (pScreen->root) {
+ ChangeGCVal subWindowMode;
+
+ subWindowMode.val = IncludeInferiors;
+ ChangeGC(NullClient, pGC, GCSubwindowMode, &subWindowMode);
+ }
ValidateGC(&dst->drawable, pGC);
while (n--) {
@@ -278,7 +295,7 @@ PixmapDirtyCopyArea(PixmapPtr dst,
w = dst_box.x2 - dst_box.x1;
h = dst_box.y2 - dst_box.y1;
- pGC->ops->CopyArea(&dirty->src->drawable, &dst->drawable, pGC,
+ pGC->ops->CopyArea(src, &dst->drawable, pGC,
dirty->x + dst_box.x1, dirty->y + dst_box.y1, w, h,
dirty->dst_x + dst_box.x1,
dirty->dst_y + dst_box.y1);
@@ -301,7 +318,7 @@ PixmapDirtyCompositeRotate(PixmapPtr dst_pixmap,
int error;
src = CreatePicture(None,
- &dirty->src->drawable,
+ &pScreen->root->drawable,
format,
CPSubwindowMode,
&include_inferiors, serverClient, &error);
commit e2243e5b805df387cb3881b2298bffaac4f02942
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue Jan 24 18:08:30 2017 +0100
glamor: Two pass won't work on memory pixmaps
When selecting "CA_TWO_PASS" in glamor_composite_clipped_region() when
the hardware does not support "GL_ARB_blend_func_extended", we call
glamor_composite_choose_shader() twice in a row, which in turn calls
glamor_pixmap_ensure_fbo().
On memory pixmaps, the first call will set the FBO and the second one
will fail an assertion in glamor_upload_picture_to_texture() because
the FBO is already set.
Bail out earlier when the mask pixmap is in memory and the hardware
capabilities would require to use two pass, so that the assertion is not
failed and the rendering is correct.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=99346
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Eric Anholt <eric@anholt.net>
(cherry picked from commit 86463981361064dd0352ec215abf1696ce7fc5ea)
diff --git a/glamor/glamor_render.c b/glamor/glamor_render.c
index e04dd21..52f073d 100644
--- a/glamor/glamor_render.c
+++ b/glamor/glamor_render.c
@@ -1494,6 +1494,10 @@ glamor_composite_clipped_region(CARD8 op,
ca_state = CA_DUAL_BLEND;
} else {
if (op == PictOpOver) {
+ if (glamor_pixmap_is_memory(mask_pixmap)) {
+ glamor_fallback("two pass not supported on memory pximaps\n");
+ goto out;
+ }
ca_state = CA_TWO_PASS;
op = PictOpOutReverse;
}
commit ada5328290f444e3fc0e6a05557d5963dec626e5
Author: Svitozar Cherepii <razotivs@gmail.com>
Date: Fri Feb 3 01:49:04 2017 +0200
xwayland: Add hack for FWXGA resolution #99574
For some applications (like fullscreen games) it matters for XRandr
resolution to be correctly set and equal to root window resolution.
In XServer there is already hack for this, adapted it for XWayland.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=99574
Signed-off-by: Svitozar Cherepii <razotivs@gmail.com>
Tested-by: Svitozar Cherepii <razotivs@gmail.com>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 1c78bec9ca3cd1975a38bf5ebdba7dea65b309ab)
diff --git a/hw/xwayland/xwayland-cvt.c b/hw/xwayland/xwayland-cvt.c
index 9655e10..8564fdb 100644
--- a/hw/xwayland/xwayland-cvt.c
+++ b/hw/xwayland/xwayland-cvt.c
@@ -296,6 +296,13 @@ xwayland_cvt(int HDisplay, int VDisplay, float VRefresh, Bool Reduced,
if (Interlaced)
modeinfo.modeFlags |= RR_Interlace;
+ /* FWXGA hack adapted from hw/xfree86/modes/xf86EdidModes.c, because you can't say 1366 */
+ if (HDisplay == 1366 && VDisplay == 768) {
+ modeinfo.width = 1366;
+ modeinfo.hSyncStart--;
+ modeinfo.hSyncEnd--;
+ }
+
snprintf(name, sizeof name, "%dx%d",
modeinfo.width, modeinfo.height);
modeinfo.nameLength = strlen(name);
commit abf3bc68db579eb524c2eb5786daa5a00957a2f8
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue Feb 7 15:31:22 2017 +0100
xwayland: CRTC should support all rotations
Reply to: